Wordfence Security – Firewall & Malware Scan - Version 6.2.9

Version Description

  • Improvement: Updated internal GeoIP database.
  • Improvement: Better error handling when a site is unreachable publicly.
  • Fix: Fixed a URL in alert emails that did not correctly detect when sent from a multisite installation.
  • Fix: Addressed an issue where the scan did not alert about a new WordPress version.
Download this release

Release Info

Developer wfryan
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 6.2.9
Comparing to
See all releases

Code changes from version 6.2.8 to 6.2.9

js/admin.js CHANGED
@@ -593,6 +593,10 @@
593
msg = item.msg.replace('SUM_ENDERR:', '');
594
jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryErr').html('An error occurred.');
595
summaryUpdated = true;
596
} else if (item.msg.indexOf('SUM_DISABLED:') != -1) {
597
msg = item.msg.replace('SUM_DISABLED:', '');
598
jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult">Disabled [<a href="admin.php?page=WordfenceSecOpt">Visit Options to Enable</a>]</div><div class="wfClear"></div>');
593
msg = item.msg.replace('SUM_ENDERR:', '');
594
jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryErr').html('An error occurred.');
595
summaryUpdated = true;
596
+ } else if (item.msg.indexOf('SUM_ENDSKIPPED') != -1) {
597
+ msg = item.msg.replace('SUM_ENDSKIPPED:', '');
598
+ jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryResult').html('Skipped.');
599
+ summaryUpdated = true;
600
} else if (item.msg.indexOf('SUM_DISABLED:') != -1) {
601
msg = item.msg.replace('SUM_DISABLED:', '');
602
jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult">Disabled [<a href="admin.php?page=WordfenceSecOpt">Visit Options to Enable</a>]</div><div class="wfClear"></div>');
lib/GeoIP.dat CHANGED
Binary file
lib/GeoIPv6.dat CHANGED
Binary file
lib/email_genericAlert.php CHANGED
@@ -1,6 +1,6 @@
1
This email was sent from your website "<?php echo $blogName; ?>" by the Wordfence plugin at <?php echo $date; ?>
2
3
- The Wordfence administrative URL for this site is: <?php echo $adminURL; ?>admin.php?page=Wordfence
4
5
<?php echo $alertMsg; ?>
6
<?php if($IPMsg){ echo "\n$IPMsg\n"; } ?>
1
This email was sent from your website "<?php echo $blogName; ?>" by the Wordfence plugin at <?php echo $date; ?>
2
3
+ The Wordfence administrative URL for this site is: <?php echo network_admin_url('admin.php?page=Wordfence'); ?>
4
5
<?php echo $alertMsg; ?>
6
<?php if($IPMsg){ echo "\n$IPMsg\n"; } ?>
lib/email_newIssues.php CHANGED
@@ -13,7 +13,7 @@
13
14
<?php if ($timeLimitReached): ?>
15
<div style="margin: 12px 0;padding: 8px; background-color: #ffffe0; border: 1px solid #ffd975; border-width: 1px 1px 1px 10px;">
16
- <em>The scan was terminated early because it reached the time limit for scans. If you would like to allow your scans to run longer, you can customize the limit on the options page: <a href="<?php echo $adminURL; ?>admin.php?page=WordfenceSecOpt"><?php echo $adminURL; ?>admin.php?page=WordfenceSecOpt</a> or read more about scan options to improve scan speed here: <a href="https://docs.wordfence.com/en/Scan_time_limit">https://docs.wordfence.com/en/Scan_time_limit</a></em>
17
</div>
18
<?php endif ?>
19
@@ -51,7 +51,7 @@
51
<?php } } } ?>
52
53
<?php if ($issuesNotShown > 0) { ?>
54
- <p><?php echo wfUtils::pluralize($issuesNotShown, 'issue'); ?> were omitted from this email. View every issue: <a href="<?php echo $adminURL; ?>admin.php?page=Wordfence"><?php echo $adminURL; ?>admin.php?page=Wordfence</a></p>
55
<?php } ?>
56
57
13
14
<?php if ($timeLimitReached): ?>
15
<div style="margin: 12px 0;padding: 8px; background-color: #ffffe0; border: 1px solid #ffd975; border-width: 1px 1px 1px 10px;">
16
+ <em>The scan was terminated early because it reached the time limit for scans. If you would like to allow your scans to run longer, you can customize the limit on the options page: <a href="<?php echo esc_attr(network_admin_url('admin.php?page=WordfenceSecOpt')); ?>"><?php echo esc_attr(network_admin_url('admin.php?page=WordfenceSecOpt')); ?></a> or read more about scan options to improve scan speed here: <a href="https://docs.wordfence.com/en/Scan_time_limit">https://docs.wordfence.com/en/Scan_time_limit</a></em>
17
</div>
18
<?php endif ?>
19
51
<?php } } } ?>
52
53
<?php if ($issuesNotShown > 0) { ?>
54
+ <p><?php echo wfUtils::pluralize($issuesNotShown, 'issue'); ?> were omitted from this email. View every issue: <a href="<?php echo esc_attr(network_admin_url('admin.php?page=Wordfence')); ?>"><?php echo esc_html(network_admin_url('admin.php?page=Wordfence')); ?></a></p>
55
<?php } ?>
56
57
lib/wfScanEngine.php CHANGED
@@ -369,8 +369,15 @@ class wfScanEngine {
369
$recommendation = wfConfig::get('detectProxyRecommendation', '');
370
}
371
372
- if ($recommendation == 'DEFERRED' || empty($recommendation)) {
373
//Do nothing
374
}
375
else if ($recommendation == 'UNKNOWN') {
376
$this->addIssue('checkHowGetIPs', 2, 'checkHowGetIPs', 'checkHowGetIPs' . $recommendation . WORDFENCE_VERSION, "Unable to accurately detect IPs", 'Wordfence was unable to validate a test request to your website. This can happen if your website is behind a proxy that does not use one of the standard ways to convey the IP of the request or it is unreachable publicly. IP blocking and live traffic information may not be accurate. <a href="https://docs.wordfence.com/en/Misconfigured_how_get_IPs_notice " target="_blank">Get More Information</a>', array());
@@ -395,7 +402,7 @@ class wfScanEngine {
395
$haveIssues = true;
396
}
397
398
- wordfence::statusEnd($this->statusIDX['checkHowGetIPs'], $haveIssues);
399
}
400
}
401
369
$recommendation = wfConfig::get('detectProxyRecommendation', '');
370
}
371
372
+ $failed = false;
373
+ if ($recommendation == 'DEFERRED') {
374
//Do nothing
375
+ wordfence::statusEnd($this->statusIDX['checkHowGetIPs'], $haveIssues, $failed, true);
376
+ return;
377
+ }
378
+ else if (empty($recommendation)) {
379
+ $failed = true;
380
+ $haveIssues = true;
381
}
382
else if ($recommendation == 'UNKNOWN') {
383
$this->addIssue('checkHowGetIPs', 2, 'checkHowGetIPs', 'checkHowGetIPs' . $recommendation . WORDFENCE_VERSION, "Unable to accurately detect IPs", 'Wordfence was unable to validate a test request to your website. This can happen if your website is behind a proxy that does not use one of the standard ways to convey the IP of the request or it is unreachable publicly. IP blocking and live traffic information may not be accurate. <a href="https://docs.wordfence.com/en/Misconfigured_how_get_IPs_notice " target="_blank">Get More Information</a>', array());
402
$haveIssues = true;
403
}
404
405
+ wordfence::statusEnd($this->statusIDX['checkHowGetIPs'], $haveIssues, $failed);
406
}
407
}
408
lib/wfUpdateCheck.php CHANGED
@@ -47,13 +47,13 @@ class wfUpdateCheck {
47
48
include( ABSPATH . WPINC . '/version.php' ); //defines $wp_version
49
50
- $update_core = get_site_transient('update_core');
51
if ($useCachedValued && isset($update_core->last_checked) && isset($update_core->version_checked) && 12 * HOUR_IN_SECONDS > (time() - $update_core->last_checked) && $update_core->version_checked == $wp_version) { //Duplicate of _maybe_update_core, which is a private call
52
//Do nothing, use cached value
53
}
54
else {
55
wp_version_check();
56
- $update_core = get_site_transient('update_core');
57
}
58
59
if (isset($update_core->response) && $update_core->response == 'upgrade') {
47
48
include( ABSPATH . WPINC . '/version.php' ); //defines $wp_version
49
50
+ $update_core = get_preferred_from_update_core();
51
if ($useCachedValued && isset($update_core->last_checked) && isset($update_core->version_checked) && 12 * HOUR_IN_SECONDS > (time() - $update_core->last_checked) && $update_core->version_checked == $wp_version) { //Duplicate of _maybe_update_core, which is a private call
52
//Do nothing, use cached value
53
}
54
else {
55
wp_version_check();
56
+ $update_core = get_preferred_from_update_core();
57
}
58
59
if (isset($update_core->response) && $update_core->response == 'upgrade') {
lib/wfUtils.php CHANGED
@@ -1420,9 +1420,13 @@ class wfUtils {
1420
}
1421
1422
public static function requestDetectProxyCallback($timeout = 0.01, $blocking = false, $forceCheck = false) {
1423
if (!$forceCheck) {
1424
$detectProxyNextCheck = wfConfig::get('detectProxyNextCheck', false);
1425
if ($detectProxyNextCheck !== false && time() < $detectProxyNextCheck) {
1426
return; //Let it pull the currently-stored value
1427
}
1428
}
@@ -1435,7 +1439,6 @@ class wfUtils {
1435
$response = wp_remote_get(sprintf(WFWAF_API_URL_SEC . "proxy-check/%d.txt", $waf->getStorageEngine()->getConfig('attackDataKey')));
1436
1437
if (!is_wp_error($response)) {
1438
- $currentRecommendation = wfConfig::get('detectProxyRecommendation', '');
1439
$okToSendBody = wp_remote_retrieve_body($response);
1440
if (preg_match('/^(ok|wait),\s*(\d+)#x2F;i', $okToSendBody, $matches)) {
1441
$command = $matches[1];
1420
}
1421
1422
public static function requestDetectProxyCallback($timeout = 0.01, $blocking = false, $forceCheck = false) {
1423
+ $currentRecommendation = wfConfig::get('detectProxyRecommendation', '');
1424
if (!$forceCheck) {
1425
$detectProxyNextCheck = wfConfig::get('detectProxyNextCheck', false);
1426
if ($detectProxyNextCheck !== false && time() < $detectProxyNextCheck) {
1427
+ if (empty($currentRecommendation)) {
1428
+ wfConfig::set('detectProxyRecommendation', 'DEFERRED', wfConfig::DONT_AUTOLOAD);
1429
+ }
1430
return; //Let it pull the currently-stored value
1431
}
1432
}
1439
$response = wp_remote_get(sprintf(WFWAF_API_URL_SEC . "proxy-check/%d.txt", $waf->getStorageEngine()->getConfig('attackDataKey')));
1440
1441
if (!is_wp_error($response)) {
1442
$okToSendBody = wp_remote_retrieve_body($response);
1443
if (preg_match('/^(ok|wait),\s*(\d+)#x2F;i', $okToSendBody, $matches)) {
1444
$command = $matches[1];
lib/wordfenceClass.php CHANGED
@@ -5335,19 +5335,24 @@ HTML
5335
self::status(10, 'info', 'SUM_START:' . $msg);
5336
return sizeof($statusStartMsgs) - 1;
5337
}
5338
- public static function statusEnd($idx, $haveIssues, $successFailed = false){
5339
$statusStartMsgs = wfConfig::get_ser('wfStatusStartMsgs', array());
5340
- if($haveIssues){
5341
- if($successFailed){
5342
- self::status(10, 'info', 'SUM_ENDFAILED:' . $statusStartMsgs[$idx]);
5343
- } else {
5344
- self::status(10, 'info', 'SUM_ENDBAD:' . $statusStartMsgs[$idx]);
5345
- }
5346
- } else {
5347
- if($successFailed){
5348
- self::status(10, 'info', 'SUM_ENDSUCCESS:' . $statusStartMsgs[$idx]);
5349
} else {
5350
- self::status(10, 'info', 'SUM_ENDOK:' . $statusStartMsgs[$idx]);
5351
}
5352
}
5353
$statusStartMsgs[$idx] = '';
5335
self::status(10, 'info', 'SUM_START:' . $msg);
5336
return sizeof($statusStartMsgs) - 1;
5337
}
5338
+ public static function statusEnd($idx, $haveIssues, $successFailed = false, $skipped = false){
5339
$statusStartMsgs = wfConfig::get_ser('wfStatusStartMsgs', array());
5340
+ if ($skipped) {
5341
+ self::status(10, 'info', 'SUM_ENDSKIPPED:' . $statusStartMsgs[$idx]);
5342
+ }
5343
+ else {
5344
+ if($haveIssues){
5345
+ if($successFailed){
5346
+ self::status(10, 'info', 'SUM_ENDFAILED:' . $statusStartMsgs[$idx]);
5347
+ } else {
5348
+ self::status(10, 'info', 'SUM_ENDBAD:' . $statusStartMsgs[$idx]);
5349
+ }
5350
} else {
5351
+ if($successFailed){
5352
+ self::status(10, 'info', 'SUM_ENDSUCCESS:' . $statusStartMsgs[$idx]);
5353
+ } else {
5354
+ self::status(10, 'info', 'SUM_ENDOK:' . $statusStartMsgs[$idx]);
5355
+ }
5356
}
5357
}
5358
$statusStartMsgs[$idx] = '';
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: security, secure, security plugin, wordpress security, login security, firewall, malware, antivirus, web application firewall, block hackers, country blocking
4
Requires at least: 3.9
5
Tested up to: 4.7.0
6
- Stable tag: 6.2.8
7
8
Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
9
@@ -190,6 +190,12 @@ Secure your website with Wordfence.
190
191
== Changelog ==
192
193
= 6.2.8 =
194
* Improvement: Added support for hiding the username information revealed by the WordPress 4.7 REST API. Thanks Vladimir Smitka.
195
* Improvement: Added vulnerability scanning for themes.
3
Tags: security, secure, security plugin, wordpress security, login security, firewall, malware, antivirus, web application firewall, block hackers, country blocking
4
Requires at least: 3.9
5
Tested up to: 4.7.0
6
+ Stable tag: 6.2.9
7
8
Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
9
190
191
== Changelog ==
192
193
+ = 6.2.9 =
194
+ * Improvement: Updated internal GeoIP database.
195
+ * Improvement: Better error handling when a site is unreachable publicly.
196
+ * Fix: Fixed a URL in alert emails that did not correctly detect when sent from a multisite installation.
197
+ * Fix: Addressed an issue where the scan did not alert about a new WordPress version.
198
+
199
= 6.2.8 =
200
* Improvement: Added support for hiding the username information revealed by the WordPress 4.7 REST API. Thanks Vladimir Smitka.
201
* Improvement: Added vulnerability scanning for themes.
views/reports/activity-report-email-inline.php CHANGED
@@ -122,7 +122,7 @@ h6 a:visited { color: purple !important; }
122
<a href="http://www.wordfence.com/zz5/" style="font-size: 100%; vertical-align: baseline; outline: none; color: orange; text-decoration: none; margin: 0; padding: 0; border: 0;"><img src="<?php echo wfUtils::getBaseURL(); ?>images/logo.png" alt="" style="font-size: 100%; vertical-align: baseline; -ms-interpolation-mode: bicubic; outline: none; text-decoration: none; margin: 0; padding: 0; border: 0 none; width: 560px;" /></a>
123
124
<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
125
- This email was sent from your website <a href="<?php echo site_url() ?>"><?php echo site_url() ?></a> and is a summary of security related activity that Wordfence monitors for the period <?php printf('%s to %s', $report_start, $report_end) ?>. <?php if (!wfConfig::get('isPaid')): ?>NOTE: You are using the free version of Wordfence and are missing out on features like cellphone sign-in, country blocking and detecting if your site IP is sending spam. <a href="http://www.wordfence.com/zz6/">Click here to upgrade to Wordfence Premium now</a>.<?php endif ?>
126
</p>
127
128
<h2 style="font-size: 20px; vertical-align: baseline; clear: both; color: #222 !important; margin: 20px 0 4px; padding: 0; border: 0;">
@@ -379,7 +379,7 @@ h6 a:visited { color: purple !important; }
379
<?php endif ?>
380
381
<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
382
- If you would like to sign-in to <a href="<?php echo site_url() ?>"><?php echo site_url() ?></a> please <a href="<?php echo network_admin_url() ?>">click here</a> now. You can change the frequency of this email or turn it on and off by visiting your <a href="<?php echo network_admin_url('admin.php?page=WordfenceSecOpt#wfMarkerEmailSummary') ?>">Wordfence options page</a>.
383
</p>
384
</div>
385
</td>
122
<a href="http://www.wordfence.com/zz5/" style="font-size: 100%; vertical-align: baseline; outline: none; color: orange; text-decoration: none; margin: 0; padding: 0; border: 0;"><img src="<?php echo wfUtils::getBaseURL(); ?>images/logo.png" alt="" style="font-size: 100%; vertical-align: baseline; -ms-interpolation-mode: bicubic; outline: none; text-decoration: none; margin: 0; padding: 0; border: 0 none; width: 560px;" /></a>
123
124
<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
125
+ This email was sent from your website <a href="<?php echo network_site_url() ?>"><?php echo network_site_url() ?></a> and is a summary of security related activity that Wordfence monitors for the period <?php printf('%s to %s', $report_start, $report_end) ?>. <?php if (!wfConfig::get('isPaid')): ?>NOTE: You are using the free version of Wordfence and are missing out on features like cellphone sign-in, country blocking and detecting if your site IP is sending spam. <a href="http://www.wordfence.com/zz6/">Click here to upgrade to Wordfence Premium now</a>.<?php endif ?>
126
</p>
127
128
<h2 style="font-size: 20px; vertical-align: baseline; clear: both; color: #222 !important; margin: 20px 0 4px; padding: 0; border: 0;">
379
<?php endif ?>
380
381
<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
382
+ If you would like to sign-in to <a href="<?php echo network_site_url() ?>"><?php echo network_site_url() ?></a> please <a href="<?php echo network_admin_url() ?>">click here</a> now. You can change the frequency of this email or turn it on and off by visiting your <a href="<?php echo network_admin_url('admin.php?page=WordfenceSecOpt#wfMarkerEmailSummary') ?>">Wordfence options page</a>.
383
</p>
384
</div>
385
</td>
wordfence.php CHANGED
@@ -4,14 +4,14 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6
Author: Wordfence
7
- Version: 6.2.8
8
Author URI: http://www.wordfence.com/
9
Network: true
10
*/
11
if(defined('WP_INSTALLING') && WP_INSTALLING){
12
return;
13
}
14
- define('WORDFENCE_VERSION', '6.2.8');
15
define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
16
basename(dirname(__FILE__)) . '/' . basename(__FILE__));
17
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6
Author: Wordfence
7
+ Version: 6.2.9
8
Author URI: http://www.wordfence.com/
9
Network: true
10
*/
11
if(defined('WP_INSTALLING') && WP_INSTALLING){
12
return;
13
}
14
+ define('WORDFENCE_VERSION', '6.2.9');
15
define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
16
basename(dirname(__FILE__)) . '/' . basename(__FILE__));
17