Wordfence Security – Firewall & Malware Scan - Version 7.1.6

Version Description

  • Fix: Added a workaround for sites with inaccessible WAF config files when reading php://input
Download this release

Release Info

Developer wfryan
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 7.1.6
Comparing to
See all releases

Code changes from version 7.1.5 to 7.1.6

Files changed (3) hide show
  1. readme.txt +4 -1
  2. vendor/wordfence/wf-waf/src/lib/utils.php +9 -1
  3. wordfence.php +2 -2
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: security, firewall, malware scanner, web application firewall, antivirus,
4
  Requires at least: 3.9
5
  Requires PHP: 5.2
6
  Tested up to: 4.9.6
7
- Stable tag: 7.1.5
8
 
9
  Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
10
 
@@ -172,6 +172,9 @@ Secure your website with Wordfence.
172
 
173
  == Changelog ==
174
 
 
 
 
175
  = 7.1.5 =
176
  * Improvement: GDPR compliance updates.
177
  * Improvement: The list of blocks now shows the most recently-added blocks at the top by default.
4
  Requires at least: 3.9
5
  Requires PHP: 5.2
6
  Tested up to: 4.9.6
7
+ Stable tag: 7.1.6
8
 
9
  Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
10
 
172
 
173
  == Changelog ==
174
 
175
+ = 7.1.6 =
176
+ * Fix: Added a workaround for sites with inaccessible WAF config files when reading php://input
177
+
178
  = 7.1.5 =
179
  * Improvement: GDPR compliance updates.
180
  * Improvement: The list of blocks now shows the most recently-added blocks at the top by default.
vendor/wordfence/wf-waf/src/lib/utils.php CHANGED
@@ -841,7 +841,15 @@ class wfWAFUtils {
841
  public static function rawPOSTBody() {
842
  global $HTTP_RAW_POST_DATA;
843
  if (empty($HTTP_RAW_POST_DATA)) { //Defined if always_populate_raw_post_data is on, PHP < 7, and the encoding type is not multipart/form-data
844
- if (wfWAF::getSharedStorageEngine()->getConfig('avoid_php_input', false)) { //Some custom PHP builds break reading from php://input
 
 
 
 
 
 
 
 
845
  //Reconstruct the best possible approximation of it from $_POST if populated -- won't help JSON or other raw payloads
846
  $data = http_build_query($_POST, '', '&');
847
  }
841
  public static function rawPOSTBody() {
842
  global $HTTP_RAW_POST_DATA;
843
  if (empty($HTTP_RAW_POST_DATA)) { //Defined if always_populate_raw_post_data is on, PHP < 7, and the encoding type is not multipart/form-data
844
+ $avoidPHPInput = false;
845
+ try {
846
+ $avoidPHPInput = wfWAF::getSharedStorageEngine()->getConfig('avoid_php_input', false);
847
+ }
848
+ catch (Exception $e) {
849
+ //Ignore
850
+ }
851
+
852
+ if ($avoidPHPInput) { //Some custom PHP builds break reading from php://input
853
  //Reconstruct the best possible approximation of it from $_POST if populated -- won't help JSON or other raw payloads
854
  $data = http_build_query($_POST, '', '&');
855
  }
wordfence.php CHANGED
@@ -4,14 +4,14 @@ Plugin Name: Wordfence Security
4
  Plugin URI: http://www.wordfence.com/
5
  Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6
  Author: Wordfence
7
- Version: 7.1.5
8
  Author URI: http://www.wordfence.com/
9
  Network: true
10
  */
11
  if(defined('WP_INSTALLING') && WP_INSTALLING){
12
  return;
13
  }
14
- define('WORDFENCE_VERSION', '7.1.5');
15
  define('WORDFENCE_BUILD_NUMBER', '1527005958');
16
  define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
17
  basename(dirname(__FILE__)) . '/' . basename(__FILE__));
4
  Plugin URI: http://www.wordfence.com/
5
  Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6
  Author: Wordfence
7
+ Version: 7.1.6
8
  Author URI: http://www.wordfence.com/
9
  Network: true
10
  */
11
  if(defined('WP_INSTALLING') && WP_INSTALLING){
12
  return;
13
  }
14
+ define('WORDFENCE_VERSION', '7.1.6');
15
  define('WORDFENCE_BUILD_NUMBER', '1527005958');
16
  define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
17
  basename(dirname(__FILE__)) . '/' . basename(__FILE__));