Wordfence Security – Firewall & Malware Scan - Version 6.3.4

Version Description

  • Improvement: Added a path for people blocked by the IP blacklist (Premium Feature) to report false positives.
Download this release

Release Info

Developer wfryan
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 6.3.4
Comparing to
See all releases

Code changes from version 6.3.3 to 6.3.4

Files changed (5) hide show
  1. readme.txt +4 -1
  2. vendor/wordfence/wf-waf/src/lib/waf.php +10 -7
  3. vendor/wordfence/wf-waf/src/views/403-blacklist.php +183 -0
  4. waf/bootstrap.php +3 -0
  5. wordfence.php +2 -2
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
  Tags: security, secure, security plugin, wordpress security, login security, firewall, malware, antivirus, web application firewall, block hackers, country blocking
4
  Requires at least: 3.9
5
  Tested up to: 4.7.3
6
- Stable tag: 6.3.3
7
 
8
  Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
9
 
@@ -161,6 +161,9 @@ Secure your website with Wordfence.
161
 
162
  == Changelog ==
163
 
 
 
 
164
  = 6.3.3 =
165
  * New: Malicious IPs are now preemptively blocked by a regularly-updated blacklist. [Premium Feature]
166
  * Improvement: Better layout and display for mobile screen sizes.
3
  Tags: security, secure, security plugin, wordpress security, login security, firewall, malware, antivirus, web application firewall, block hackers, country blocking
4
  Requires at least: 3.9
5
  Tested up to: 4.7.3
6
+ Stable tag: 6.3.4
7
 
8
  Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
9
 
161
 
162
  == Changelog ==
163
 
164
+ = 6.3.4 =
165
+ * Improvement: Added a path for people blocked by the IP blacklist (Premium Feature) to report false positives.
166
+
167
  = 6.3.3 =
168
  * New: Malicious IPs are now preemptively blocked by a regularly-updated blacklist. [Premium Feature]
169
  * Improvement: Better layout and display for mobile screen sizes.
vendor/wordfence/wf-waf/src/lib/waf.php CHANGED
@@ -822,7 +822,7 @@ HTML
822
  }
823
 
824
  header('HTTP/1.0 403 Forbidden');
825
- exit($this->getBlockedMessage());
826
  }
827
 
828
  /**
@@ -856,13 +856,16 @@ HTML
856
  /**
857
  * @return string
858
  */
859
- public function getBlockedMessage() {
860
- if ($this->currentUserCanWhitelist()) {
861
- return wfWAFView::create('403-roadblock', array(
862
- 'waf' => $this,
863
- ))->render();
 
 
 
864
  }
865
- return wfWAFView::create('403', array(
866
  'waf' => $this,
867
  ))->render();
868
  }
822
  }
823
 
824
  header('HTTP/1.0 403 Forbidden');
825
+ exit($this->getBlockedMessage($template));
826
  }
827
 
828
  /**
856
  /**
857
  * @return string
858
  */
859
+ public function getBlockedMessage($template = null) {
860
+ if ($template === null) {
861
+ if ($this->currentUserCanWhitelist()) {
862
+ $template = '403-roadblock';
863
+ }
864
+ else {
865
+ $template = '403';
866
+ }
867
  }
868
+ return wfWAFView::create($template, array(
869
  'waf' => $this,
870
  ))->render();
871
  }
vendor/wordfence/wf-waf/src/views/403-blacklist.php ADDED
@@ -0,0 +1,183 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /** @var wfWAF $waf */
4
+ /** @var wfWAFView $this */
5
+
6
+ /*
7
+ * IMPORTANT:
8
+ *
9
+ * If the form variables below change name or format, admin.ajaxWatcher.js in the main plugin also needs changed. It
10
+ * processes these to generate its whitelist button.
11
+ */
12
+
13
+ $request = $waf->getRequest();
14
+ $headerString = '';
15
+ if (is_array($request->getHeaders())) {
16
+ foreach ($request->getHeaders() as $header => $value) {
17
+ switch (wfWAFUtils::strtolower($header)) {
18
+ case 'cookie':
19
+ $headerString .= 'Cookie: ' . trim($request->getCookieString()) . "\n";
20
+ break;
21
+
22
+ case 'host':
23
+ $headerString .= 'Host: ' . $request->getHost() . "\n";
24
+ break;
25
+
26
+ case 'authorization':
27
+ $hasAuth = true;
28
+ if ($request->getAuth()) {
29
+ $headerString .= 'Authorization: Basic <redacted>' . "\n";
30
+ }
31
+ break;
32
+
33
+ default:
34
+ $headerString .= $header . ': ' . $value . "\n";
35
+ break;
36
+ }
37
+ }
38
+ }
39
+
40
+ $payload = array('ip' => $request->getIP(), 'timestamp' => $request->getTimestamp(), 'headers' => $headerString, 'url' => $request->getProtocol() . '://' . $request->getHost() . $request->getPath(), 'home_url' => $waf->getStorageEngine()->getConfig('homeURL', ''));
41
+ $payload = "-----BEGIN REPORT-----\n" . implode("\n", str_split(base64_encode(wfWAFUtils::json_encode($payload)), 60)) . "\n-----END REPORT-----";
42
+
43
+ ?>
44
+ <!DOCTYPE html>
45
+ <html>
46
+ <head>
47
+ <meta charset="UTF-8">
48
+ <title>403 Forbidden</title>
49
+ <style>
50
+ html {
51
+ font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
52
+ font-size: 14px;
53
+ line-height: 1.42857143;
54
+ color: #333;
55
+ background-color: #fff;
56
+ }
57
+
58
+ h1, h2, h3, h4, h45, h6 {
59
+ font-weight: 500;
60
+ line-height: 1.1;
61
+ }
62
+
63
+ h1 { font-size: 36px; }
64
+ h2 { font-size: 30px; }
65
+ h3 { font-size: 24px; }
66
+ h4 { font-size: 18px; }
67
+ h5 { font-size: 14px; }
68
+ h6 { font-size: 12px; }
69
+
70
+ h1, h2, h3 {
71
+ margin-top: 20px;
72
+ margin-bottom: 10px;
73
+ }
74
+ h4, h5, h6 {
75
+ margin-top: 10px;
76
+ margin-bottom: 10px;
77
+ }
78
+
79
+ .btn {
80
+ background-color: #00709e;
81
+ border: 1px solid #09486C;
82
+ border-radius: 4px;
83
+ box-sizing: border-box;
84
+ color: #ffffff;
85
+ cursor: pointer;
86
+ display: inline-block;
87
+ font-size: 14px;
88
+ font-weight: normal;
89
+ letter-spacing: normal;
90
+ line-height: 20px;
91
+ margin: 5px 0px;
92
+ padding: 12px 6px;
93
+ text-align: center;
94
+ text-decoration: none;
95
+ vertical-align: middle;
96
+ white-space: nowrap;
97
+ word-spacing: 0px;
98
+ }
99
+
100
+ textarea {
101
+ display: block;
102
+ height: 48px;
103
+ padding: 6px 12px;
104
+ font-size: 14px;
105
+ line-height: 1.42857143;
106
+ color: #555;
107
+ background-color: #fff;
108
+ background-image: none;
109
+ border: 1px solid #ccc;
110
+ border-radius: 4px;
111
+ -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, .075);
112
+ box-shadow: inset 0 1px 1px rgba(0, 0, 0, .075);
113
+ -webkit-transition: border-color ease-in-out .15s, -webkit-box-shadow ease-in-out .15s;
114
+ -o-transition: border-color ease-in-out .15s, box-shadow ease-in-out .15s;
115
+ transition: border-color ease-in-out .15s, box-shadow ease-in-out .15s;
116
+ font-family: monospace;
117
+ }
118
+
119
+ textarea:focus {
120
+ border-color: #66afe9;
121
+ outline: 0;
122
+ -webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, .075), 0 0 8px rgba(102, 175, 233, .6);
123
+ box-shadow: inset 0 1px 1px rgba(0, 0, 0, .075), 0 0 8px rgba(102, 175, 233, .6);
124
+ }
125
+
126
+ hr {
127
+ margin-top: 20px;
128
+ margin-bottom: 20px;
129
+ border: 0;
130
+ border-top: 1px solid #eee
131
+ }
132
+
133
+ .btn.disabled, .btn[disabled] {
134
+ background-color: #9f9fa0;
135
+ border: 1px solid #7E7E7F;
136
+ cursor: not-allowed;
137
+ filter: alpha(opacity=65);
138
+ -webkit-box-shadow: none;
139
+ box-shadow: none;
140
+ opacity: .65;
141
+ pointer-events: none;
142
+ }
143
+ </style>
144
+ </head>
145
+ <body>
146
+
147
+ <h1>403 Forbidden</h1>
148
+
149
+ <h3>WHAT? Why am I seeing this?</h3>
150
+
151
+ <p>Your access to this site was blocked by Wordfence, a security provider, who protects sites from malicious activity.</p>
152
+
153
+ <p>If you believe Wordfence should be allowing you access to this site, please let them know using the steps below so they can investigate why this is happening.</p>
154
+
155
+ <hr>
156
+
157
+ <h3>Reporting a Problem</h3>
158
+
159
+ <h4>1. Please copy this text. You need to paste it into a form later.</h4>
160
+
161
+ <p><textarea id="payload" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" cols="65"><?php echo htmlspecialchars($payload); ?></textarea></p>
162
+ <script type="application/javascript">
163
+ (function() {
164
+ var textarea = document.getElementById('payload');
165
+ var cs = window.getComputedStyle(textarea);
166
+ var lines = textarea.value.split('\n');
167
+ var height = 1 + lines.length;
168
+ var pixelHeight = Math.min(height * parseInt(cs.getPropertyValue('line-height')), 600);
169
+ textarea.style.height = pixelHeight + 'px';
170
+
171
+ textarea.addEventListener('focus', function() {
172
+ document.getElementById('reportButton').className = document.getElementById('reportButton').className.replace(new RegExp('(?:^|\\s)'+ 'disabled' + '(?:\\s|$)'), ' ');
173
+ document.getElementById('reportButton').href = 'ht' + 'tp:/' + '/user-reports.wordfence' + '.com';
174
+ });
175
+ })();
176
+ </script>
177
+
178
+ <h4>2. Click this button and you will be prompted to paste the text above.</h4>
179
+
180
+ <p><a href="#" id="reportButton" class="btn disabled" target="_blank">Report Problem</a></p>
181
+
182
+ </body>
183
+ </html>
waf/bootstrap.php CHANGED
@@ -368,6 +368,9 @@ class wfWAFWordPress extends wfWAF {
368
  }
369
  }
370
  }
 
 
 
371
 
372
  parent::blockAction($e, $httpCode, $redirect, $template);
373
  }
368
  }
369
  }
370
  }
371
+ else if (array_search('blocked', $failedRules) !== false) {
372
+ parent::blockAction($e, $httpCode, $redirect, '403-blacklist'); //exits
373
+ }
374
 
375
  parent::blockAction($e, $httpCode, $redirect, $template);
376
  }
wordfence.php CHANGED
@@ -4,14 +4,14 @@ Plugin Name: Wordfence Security
4
  Plugin URI: http://www.wordfence.com/
5
  Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6
  Author: Wordfence
7
- Version: 6.3.3
8
  Author URI: http://www.wordfence.com/
9
  Network: true
10
  */
11
  if(defined('WP_INSTALLING') && WP_INSTALLING){
12
  return;
13
  }
14
- define('WORDFENCE_VERSION', '6.3.3');
15
  define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
16
  basename(dirname(__FILE__)) . '/' . basename(__FILE__));
17
 
4
  Plugin URI: http://www.wordfence.com/
5
  Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6
  Author: Wordfence
7
+ Version: 6.3.4
8
  Author URI: http://www.wordfence.com/
9
  Network: true
10
  */
11
  if(defined('WP_INSTALLING') && WP_INSTALLING){
12
  return;
13
  }
14
+ define('WORDFENCE_VERSION', '6.3.4');
15
  define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
16
  basename(dirname(__FILE__)) . '/' . basename(__FILE__));
17