Wordfence Security – Firewall & Malware Scan - Version 6.1.12

Version Description

  • Fix: Fixed fatal error on sites running Wordfence 6.1.11 in subdirectory and 6.1.10 or lower in parent directory.
  • Fix: Added a few common files to be excluded from unknown WordPress core file scan.
Download this release

Release Info

Developer wfmatt
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 6.1.12
Comparing to
See all releases

Code changes from version 6.1.11 to 6.1.12

lib/menu_options.php CHANGED
@@ -464,6 +464,13 @@ $w = new wfConfig();
464
<td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem"
465
name="scansEnabled_plugins" value="1" <?php $w->cb( 'scansEnabled_plugins' ); ?>/></td>
466
</tr>
467
<tr>
468
<th>Scan for signatures of known malicious files<a
469
href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_signatures_of_known_malicious_files"
464
<td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem"
465
name="scansEnabled_plugins" value="1" <?php $w->cb( 'scansEnabled_plugins' ); ?>/></td>
466
</tr>
467
+ <tr>
468
+ <th>Scan wp-admin and wp-includes for files not bundled with WordPress<a
469
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_wordpress_core_for_unknown_files"
470
+ target="_blank" class="wfhelp"></a></th>
471
+ <td><input type="checkbox" id="scansEnabled_coreUnknown" class="wfConfigElem"
472
+ name="scansEnabled_coreUnknown" value="1" <?php $w->cb( 'scansEnabled_coreUnknown' ); ?>/></td>
473
+ </tr>
474
<tr>
475
<th>Scan for signatures of known malicious files<a
476
href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_signatures_of_known_malicious_files"
lib/wfConfig.php CHANGED
@@ -32,6 +32,7 @@ class wfConfig {
32
"scansEnabled_core" => true,
33
"scansEnabled_themes" => false,
34
"scansEnabled_plugins" => false,
35
"scansEnabled_malware" => true,
36
"scansEnabled_fileContents" => true,
37
"scansEnabled_posts" => true,
32
"scansEnabled_core" => true,
33
"scansEnabled_themes" => false,
34
"scansEnabled_plugins" => false,
35
+ "scansEnabled_coreUnknown" => true,
36
"scansEnabled_malware" => true,
37
"scansEnabled_fileContents" => true,
38
"scansEnabled_posts" => true,
lib/wordfenceClass.php CHANGED
@@ -722,7 +722,7 @@ SQL
722
return $URL;
723
}
724
public static function enqueueAJAXWatcher() {
725
- $wafDisabled = !WFWAF_ENABLED || wfWAFConfig::isDisabled();
726
if (wfUtils::isAdmin() && !$wafDisabled) {
727
wp_enqueue_style('wordfenceAJAXcss', wfUtils::getBaseURL() . 'css/wordfenceBox.css', '', WORDFENCE_VERSION);
728
wp_enqueue_script('wordfenceAJAXjs', wfUtils::getBaseURL() . 'js/admin.ajaxWatcher.js', array('jquery'), WORDFENCE_VERSION);
@@ -2717,7 +2717,9 @@ SQL
2717
foreach (self::$diagnosticParams as $param) {
2718
wfConfig::set($param, array_key_exists($param, $_POST) ? '1' : '0');
2719
}
2720
- wfWAFConfig::set('betaThreatDefenseFeed', wfConfig::get('betaThreatDefenseFeed'));
2721
return array('ok' => 1, 'reload' => false, 'paidKeyMsg' => '');
2722
}
2723
722
return $URL;
723
}
724
public static function enqueueAJAXWatcher() {
725
+ $wafDisabled = !WFWAF_ENABLED || (class_exists('wfWAFConfig') && wfWAFConfig::isDisabled());
726
if (wfUtils::isAdmin() && !$wafDisabled) {
727
wp_enqueue_style('wordfenceAJAXcss', wfUtils::getBaseURL() . 'css/wordfenceBox.css', '', WORDFENCE_VERSION);
728
wp_enqueue_script('wordfenceAJAXjs', wfUtils::getBaseURL() . 'js/admin.ajaxWatcher.js', array('jquery'), WORDFENCE_VERSION);
2717
foreach (self::$diagnosticParams as $param) {
2718
wfConfig::set($param, array_key_exists($param, $_POST) ? '1' : '0');
2719
}
2720
+ if (class_exists('wfWAFConfig')) {
2721
+ wfWAFConfig::set('betaThreatDefenseFeed', wfConfig::get('betaThreatDefenseFeed'));
2722
+ }
2723
return array('ok' => 1, 'reload' => false, 'paidKeyMsg' => '');
2724
}
2725
lib/wordfenceHash.php CHANGED
@@ -17,6 +17,7 @@ class wordfenceHash {
17
private $pluginsEnabled = false;
18
private $themesEnabled = false;
19
private $malwareEnabled = false;
20
private $knownFiles = false;
21
private $malwareData = "";
22
private $haveIssues = array();
@@ -56,6 +57,10 @@ class wordfenceHash {
56
if(wfConfig::get('scansEnabled_malware')){
57
$this->malwareEnabled = true;
58
}
59
$this->db = new wfDB();
60
61
//Doing a delete for now. Later we can optimize this to only scan modified files.
@@ -104,9 +109,10 @@ class wordfenceHash {
104
if($this->themesEnabled){ $this->status['themes'] = wordfence::statusStart("Comparing open source themes against WordPress.org originals"); } else { wordfence::statusDisabled("Skipping theme scan"); }
105
if($this->pluginsEnabled){ $this->status['plugins'] = wordfence::statusStart("Comparing plugins against WordPress.org originals"); } else { wordfence::statusDisabled("Skipping plugin scan"); }
106
if($this->malwareEnabled){ $this->status['malware'] = wordfence::statusStart("Scanning for known malware files"); } else { wordfence::statusDisabled("Skipping malware scan"); }
107
}
108
public function __sleep(){
109
- return array('striplen', 'totalFiles', 'totalDirs', 'totalData', 'linesOfPHP', 'linesOfJCH', 'stoppedOnFile', 'coreEnabled', 'pluginsEnabled', 'themesEnabled', 'malwareEnabled', 'knownFiles', 'malwareData', 'haveIssues', 'status', 'possibleMalware', 'path', 'only', 'totalForks', 'alertedOnUnknownWordPressVersion');
110
}
111
public function __wakeup(){
112
$this->db = new wfDB();
@@ -132,6 +138,7 @@ class wordfenceHash {
132
if($this->coreEnabled){ wordfence::statusEnd($this->status['core'], $this->haveIssues['core']); }
133
if($this->themesEnabled){ wordfence::statusEnd($this->status['themes'], $this->haveIssues['themes']); }
134
if($this->pluginsEnabled){ wordfence::statusEnd($this->status['plugins'], $this->haveIssues['plugins']); }
135
if(sizeof($this->possibleMalware) > 0){
136
$malwareResp = $engine->api->binCall('check_possible_malware', json_encode($this->possibleMalware));
137
if($malwareResp['code'] != 200){
@@ -239,10 +246,10 @@ class wordfenceHash {
239
240
if ($allowKnownFileScan)
241
{
242
- if (!$this->alertedOnUnknownWordPressVersion && empty($this->knownFiles['core'])) {
243
require(ABSPATH . 'wp-includes/version.php'); //defines $wp_version
244
$this->alertedOnUnknownWordPressVersion = true;
245
- $this->haveIssues['core'] = true;
246
$this->engine->addIssue(
247
'coreUnknown',
248
2,
@@ -365,11 +372,11 @@ class wordfenceHash {
365
366
}
367
}
368
- else if (!$this->alertedOnUnknownWordPressVersion) { //Check for unknown files in system directories
369
- $restrictedWordPressFolders = array(ABSPATH . 'wp-admin/', ABSPATH . 'wp-includes/');
370
foreach ($restrictedWordPressFolders as $path) {
371
if (strpos($realFile, $path) === 0) {
372
- $this->haveIssues['core'] = true;
373
$this->engine->addIssue(
374
'file',
375
2,
17
private $pluginsEnabled = false;
18
private $themesEnabled = false;
19
private $malwareEnabled = false;
20
+ private $coreUnknownEnabled = false;
21
private $knownFiles = false;
22
private $malwareData = "";
23
private $haveIssues = array();
57
if(wfConfig::get('scansEnabled_malware')){
58
$this->malwareEnabled = true;
59
}
60
+ if(wfConfig::get('scansEnabled_coreUnknown')){
61
+ $this->coreUnknownEnabled = true;
62
+ }
63
+
64
$this->db = new wfDB();
65
66
//Doing a delete for now. Later we can optimize this to only scan modified files.
109
if($this->themesEnabled){ $this->status['themes'] = wordfence::statusStart("Comparing open source themes against WordPress.org originals"); } else { wordfence::statusDisabled("Skipping theme scan"); }
110
if($this->pluginsEnabled){ $this->status['plugins'] = wordfence::statusStart("Comparing plugins against WordPress.org originals"); } else { wordfence::statusDisabled("Skipping plugin scan"); }
111
if($this->malwareEnabled){ $this->status['malware'] = wordfence::statusStart("Scanning for known malware files"); } else { wordfence::statusDisabled("Skipping malware scan"); }
112
+ if($this->coreUnknownEnabled){ $this->status['coreUnknown'] = wordfence::statusStart("Scanning for unknown files in wp-admin and wp-includes"); } else { wordfence::statusDisabled("Skipping unknown core file scan"); }
113
}
114
public function __sleep(){
115
+ return array('striplen', 'totalFiles', 'totalDirs', 'totalData', 'linesOfPHP', 'linesOfJCH', 'stoppedOnFile', 'coreEnabled', 'pluginsEnabled', 'themesEnabled', 'malwareEnabled', 'coreUnknownEnabled', 'knownFiles', 'malwareData', 'haveIssues', 'status', 'possibleMalware', 'path', 'only', 'totalForks', 'alertedOnUnknownWordPressVersion');
116
}
117
public function __wakeup(){
118
$this->db = new wfDB();
138
if($this->coreEnabled){ wordfence::statusEnd($this->status['core'], $this->haveIssues['core']); }
139
if($this->themesEnabled){ wordfence::statusEnd($this->status['themes'], $this->haveIssues['themes']); }
140
if($this->pluginsEnabled){ wordfence::statusEnd($this->status['plugins'], $this->haveIssues['plugins']); }
141
+ if($this->coreUnknownEnabled){ wordfence::statusEnd($this->status['coreUnknown'], $this->haveIssues['coreUnknown']); }
142
if(sizeof($this->possibleMalware) > 0){
143
$malwareResp = $engine->api->binCall('check_possible_malware', json_encode($this->possibleMalware));
144
if($malwareResp['code'] != 200){
246
247
if ($allowKnownFileScan)
248
{
249
+ if ($this->coreUnknownEnabled && !$this->alertedOnUnknownWordPressVersion && empty($this->knownFiles['core'])) {
250
require(ABSPATH . 'wp-includes/version.php'); //defines $wp_version
251
$this->alertedOnUnknownWordPressVersion = true;
252
+ $this->haveIssues['coreUnknown'] = true;
253
$this->engine->addIssue(
254
'coreUnknown',
255
2,
372
373
}
374
}
375
+ else if ($this->coreUnknownEnabled && !$this->alertedOnUnknownWordPressVersion) { //Check for unknown files in system directories
376
+ $restrictedWordPressFolders = array(ABSPATH . 'wp-admin/', ABSPATH . WPINC . '/');
377
foreach ($restrictedWordPressFolders as $path) {
378
if (strpos($realFile, $path) === 0) {
379
+ $this->haveIssues['coreUnknown'] = true;
380
$this->engine->addIssue(
381
'file',
382
2,
lib/wordfenceScanner.php CHANGED
@@ -35,7 +35,7 @@ class wordfenceScanner {
35
protected static $excludePatterns = array();
36
protected static $builtinExclusions = array(
37
array('pattern' => 'wp\-includes\/version\.php', 'include' => self::EXCLUSION_PATTERNS_KNOWN_FILES), //Excluded from the known files scan because non-en_US installations will have extra content that fails the check, still in malware scan
38
- array('pattern' => '(?:wp\-includes|wp\-admin)\/(?:[^\/]+\/+)*(?:\.htaccess|\.htpasswd|php_errorlog|error_log|[^\/]+?\.log)', 'include' => self::EXCLUSION_PATTERNS_KNOWN_FILES),
39
);
40
/** @var wfScanEngine */
41
protected $scanEngine;
35
protected static $excludePatterns = array();
36
protected static $builtinExclusions = array(
37
array('pattern' => 'wp\-includes\/version\.php', 'include' => self::EXCLUSION_PATTERNS_KNOWN_FILES), //Excluded from the known files scan because non-en_US installations will have extra content that fails the check, still in malware scan
38
+ array('pattern' => '(?:wp\-includes|wp\-admin)\/(?:[^\/]+\/+)*(?:\.htaccess|\.htpasswd|php_errorlog|error_log|[^\/]+?\.log|\._|\.DS_Store|\.listing|dwsync\.xml)', 'include' => self::EXCLUSION_PATTERNS_KNOWN_FILES),
39
);
40
/** @var wfScanEngine */
41
protected $scanEngine;
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: security, secure, security plugin, wordpress security, login security, firewall, malware, antivirus, web application firewall, block hackers, country blocking, block hackers
4
Requires at least: 3.9
5
Tested up to: 4.6.0
6
- Stable tag: 6.1.11
7
8
Secure your website with the Wordfence security plugin for WordPress. Wordfence provides free enterprise-class WordPress security, protecting your website from hacks and malware.
9
@@ -200,6 +200,10 @@ Secure your website with Wordfence.
200
201
== Changelog ==
202
203
= 6.1.11 =
204
* Improvement: Alert on added files to wp-admin, wp-includes.
205
* Improvement: 2FA is now available via any authenticator program that accepts TOTP secrets.
3
Tags: security, secure, security plugin, wordpress security, login security, firewall, malware, antivirus, web application firewall, block hackers, country blocking, block hackers
4
Requires at least: 3.9
5
Tested up to: 4.6.0
6
+ Stable tag: 6.1.12
7
8
Secure your website with the Wordfence security plugin for WordPress. Wordfence provides free enterprise-class WordPress security, protecting your website from hacks and malware.
9
200
201
== Changelog ==
202
203
+ = 6.1.12 =
204
+ * Fix: Fixed fatal error on sites running Wordfence 6.1.11 in subdirectory and 6.1.10 or lower in parent directory.
205
+ * Fix: Added a few common files to be excluded from unknown WordPress core file scan.
206
+
207
= 6.1.11 =
208
* Improvement: Alert on added files to wp-admin, wp-includes.
209
* Improvement: 2FA is now available via any authenticator program that accepts TOTP secrets.
wordfence.php CHANGED
@@ -4,14 +4,14 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
- Version: 6.1.11
8
Author URI: http://www.wordfence.com/
9
Network: true
10
*/
11
if(defined('WP_INSTALLING') && WP_INSTALLING){
12
return;
13
}
14
- define('WORDFENCE_VERSION', '6.1.11');
15
define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
16
basename(dirname(__FILE__)) . '/' . basename(__FILE__));
17
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
+ Version: 6.1.12
8
Author URI: http://www.wordfence.com/
9
Network: true
10
*/
11
if(defined('WP_INSTALLING') && WP_INSTALLING){
12
return;
13
}
14
+ define('WORDFENCE_VERSION', '6.1.12');
15
define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
16
basename(dirname(__FILE__)) . '/' . basename(__FILE__));
17