Cerber Security & Antispam - Version 8.5.6

Version Description

  • New: Ability to separately set the number of days of keeping log records in the database for authenticated (logged in) website users and non-authenticated (not logged in) visitors.
  • New: You can completely turn off the Citadel mode feature in the Main Settings
  • Update: When you upload a ZIP archive on the integrity scanner page it processes nested ZIP archives now and writes errors to the diagnostic log if it's enabled
  • Update: The appearance of the Activity log has got small visual improvements
  • Update: If the number of days to keep log records is not set or set to zero, the plugin uses the default setting instead. Previously you can set it to zero and keep log records infinitely.
  • Fixed: The blacklisting buttons on the Activity tab do not work showing "Incorrect IP address or IP range".
  • Fixed: PHP Notice: Trying to get property "ID" of non-object in cerber-load.php on line 1131
Download this release

Release Info

Developer Gioni
Plugin Icon 128x128 Cerber Security & Antispam
Version 8.5.6
Comparing to
See all releases

Code changes from version 8.5.5 to 8.5.6

Files changed (17) hide show
  1. admin/cerber-settings.php +9 -6
  2. assets/admin.css +43 -0
  3. assets/admin.js +1 -7
  4. cerber-lab.php +20 -3
  5. cerber-load.php +54 -20
  6. cerber-news.php +7 -0
  7. cerber-scanner.php +101 -43
  8. changelog.txt +9 -0
  9. common.php +3 -3
  10. dashboard.php +12 -57
  11. languages/wp-cerber-nl_NL.mo +0 -0
  12. languages/wp-cerber-nl_NL.po +8 -8
  13. languages/wp-cerber-sv_SE.mo +0 -0
  14. languages/wp-cerber-sv_SE.po +5 -5
  15. readme.txt +10 -1
  16. settings.php +58 -32
  17. wp-cerber.php +2 -2
admin/cerber-settings.php CHANGED
@@ -342,7 +342,7 @@ function cerber_field_show( $args ) {
342
  case 'citadel':
343
  $html = sprintf( __( 'Enable after %s failed login attempts in last %s minutes', 'wp-cerber' ),
344
  '<input type="text" id="cilimit" name="cerber-' . $args['group'] . '[cilimit]" value="' . $settings['cilimit'] . '" size="3" maxlength="3" />',
345
- '<input type="text" id="ciperiod" name="cerber-' . $args['group'] . '[ciperiod]" value="' . $settings['ciperiod'] . '" size="3" maxlength="3" />' );
346
  break;
347
  case 'checkbox':
348
  $html = '<div style="display: table-cell;"><label class="crb-switch"><input class="screen-reader-text" type="checkbox" id="' . $id . '" name="' . $name . '" value="1" ' . checked( 1, $value, false ) . $atts . ' /><span class="crb-slider round"></span></label></div>';
@@ -624,8 +624,10 @@ add_filter( 'pre_update_option_'.CERBER_OPT, function ($new, $old, $option) {
624
  $new['cilimit'] = '';
625
  }
626
 
627
- if ( absint( $new['keeplog'] ) == 0 ) {
628
- $new['keeplog'] = '';
 
 
629
  }
630
 
631
  if ( $new['cookiepref'] != $old['cookiepref'] ) {
@@ -782,9 +784,10 @@ add_filter( 'pre_update_option_'.CERBER_OPT_T, function ($new, $old, $option) {
782
  if ( $new['tithreshold'] ) {
783
  $new['tithreshold'] = absint( $new['tithreshold'] );
784
  }
785
- $new['tikeeprec'] = absint($new['tikeeprec']);
786
- if ( $new['tikeeprec'] < 1 ) {
787
- $new['tikeeprec'] = $old['tikeeprec'];
 
788
  cerber_admin_notice( 'You may not set <b>Keep records for</b> to 0 days. To completely disable logging set <b>Logging mode</b> to Logging disabled.' );
789
  }
790
 
342
  case 'citadel':
343
  $html = sprintf( __( 'Enable after %s failed login attempts in last %s minutes', 'wp-cerber' ),
344
  '<input type="text" id="cilimit" name="cerber-' . $args['group'] . '[cilimit]" value="' . $settings['cilimit'] . '" size="3" maxlength="3" />',
345
+ '<input type="text" id="ciperiod" name="cerber-' . $args['group'] . '[ciperiod]" value="' . $settings['ciperiod'] . '" size="3" maxlength="3" /><i ' . $data . '></i>' );
346
  break;
347
  case 'checkbox':
348
  $html = '<div style="display: table-cell;"><label class="crb-switch"><input class="screen-reader-text" type="checkbox" id="' . $id . '" name="' . $name . '" value="1" ' . checked( 1, $value, false ) . $atts . ' /><span class="crb-slider round"></span></label></div>';
624
  $new['cilimit'] = '';
625
  }
626
 
627
+ $new['keeplog'] = absint( $new['keeplog'] );
628
+
629
+ if ( $new['keeplog'] == 0 ) {
630
+ $new['keeplog'] = 1;
631
  }
632
 
633
  if ( $new['cookiepref'] != $old['cookiepref'] ) {
784
  if ( $new['tithreshold'] ) {
785
  $new['tithreshold'] = absint( $new['tithreshold'] );
786
  }
787
+
788
+ $new['tikeeprec'] = absint( $new['tikeeprec'] );
789
+ if ( $new['tikeeprec'] == 0 ) {
790
+ $new['tikeeprec'] = 1;
791
  cerber_admin_notice( 'You may not set <b>Keep records for</b> to 0 days. To completely disable logging set <b>Logging mode</b> to Logging disabled.' );
792
  }
793
 
assets/admin.css CHANGED
@@ -589,6 +589,14 @@ td.crb-traffic-details div{
589
  padding-bottom: 10px;
590
  }
591
 
 
 
 
 
 
 
 
 
592
  #activity-filter {
593
  margin-top: 0.5em;
594
  /*vertical-align: top;*/
@@ -633,6 +641,7 @@ p.act-url, .act-role{
633
  }
634
  p.act-url{
635
  margin: 0.3em 0 !important;
 
636
  }
637
  .act-icon {
638
  display: inline-block;
@@ -708,6 +717,40 @@ p.act-url{
708
  white-space: nowrap;
709
  }
710
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
711
  /* Pagination links */
712
 
713
  .pagination {
589
  padding-bottom: 10px;
590
  }
591
 
592
+ #crb-activity td {
593
+ padding-top: 0.5em;
594
+ padding-bottom: 0.5em;
595
+ }
596
+ #crb-activity td.acinfo div {
597
+ padding: 0.1em 0 0.1em 0.7em;
598
+ }
599
+
600
  #activity-filter {
601
  margin-top: 0.5em;
602
  /*vertical-align: top;*/
641
  }
642
  p.act-url{
643
  margin: 0.3em 0 !important;
644
+ font-weight: normal;
645
  }
646
  .act-icon {
647
  display: inline-block;
717
  white-space: nowrap;
718
  }
719
 
720
+ /* Activity - new styles (improvements) */
721
+
722
+ .actv5, .actv10, .actv11, .actv12, .actv16, .actv17, .actv18, .actv19, .actv41, .actv42, .actv53, .actv54, .actv55, .actv56, .actv70, .actv71 {
723
+ padding: 0;
724
+ border-left: none;
725
+ background-color: initial;
726
+ }
727
+ .crb12, .crb16, .crb17, .crb18, .crb19, .crb41, .crb42, .crb50, .crb51, .crb52, .crb53, .crb54, .crb55, .crb56, .crb70, .crb71, .crb72, .crb73, .crb74, .crb75, .crb76, .crb100 {
728
+ /*border-left: 4px solid #FF5733;*/
729
+ /*font-weight: bold;*/
730
+ border-left: 0.4em solid #FF5733;
731
+ padding-bottom: 2px;
732
+ }
733
+ .crb10, .crb11 {
734
+ padding-top: 0 !important;
735
+ padding-bottom: 0 !important;
736
+ }
737
+ .crb10 span, .crb11 span {
738
+ margin-left: -0.7em;
739
+ padding-left: 1.1em; /* 0.7 + 0.4 */
740
+ padding-right: 1em;
741
+ }
742
+ .crb10 span:first-child, .crb11 span:first-child {
743
+ display: inline-block;
744
+ background-color: #FF5733;
745
+ margin-right: 1.5em;
746
+ line-height: 2;
747
+ }
748
+ .crb5 {
749
+ /*border-left: 4px solid #FF5733;*/
750
+ border-left: 0.4em solid #51AE43;
751
+ padding-bottom: 2px;
752
+ }
753
+
754
  /* Pagination links */
755
 
756
  .pagination {
assets/admin.js CHANGED
@@ -126,13 +126,7 @@ jQuery(document).ready(function ($) {
126
  }
127
  }
128
 
129
- //
130
-
131
- /*
132
- $('#add-acl-black').submit(function( event ) {
133
- $(this).find('[name="add_acl_B"]').val($(this).find("button:focus").val());
134
- });
135
- */
136
 
137
  $(".cerber-dismiss").click(function () {
138
  $(this).closest('.cerber-msg').fadeOut(500);
126
  }
127
  }
128
 
129
+ // ----------------------
 
 
 
 
 
 
130
 
131
  $(".cerber-dismiss").click(function () {
132
  $(this).closest('.cerber-msg').fadeOut(500);
cerber-lab.php CHANGED
@@ -637,6 +637,21 @@ function lab_gen_site_id() {
637
  return $site_id;
638
  }
639
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
640
  function lab_get_key( $refresh = false, $nocache = false) {
641
  static $key = null;
642
 
@@ -644,13 +659,15 @@ function lab_get_key( $refresh = false, $nocache = false) {
644
  $key = cerber_get_set( '_cerberkey_' );
645
  }
646
 
647
- if ( $refresh || ! $key || ! is_array( $key ) ) {
 
 
648
 
649
  if ( empty( $key ) || ! is_array( $key ) ) {
650
- $key = array();
651
  }
652
 
653
- if ( empty( $key[0] ) ) {
654
  $key[0] = lab_gen_site_id();
655
  }
656
  else {
637
  return $site_id;
638
  }
639
 
640
+ /**
641
+ * @since 8.5.6
642
+ * @param $site_id string
643
+ *
644
+ * @return bool
645
+ */
646
+ function lab_check_site_id( $site_id ) {
647
+ if ( ! $site_id
648
+ || $site_id != substr( preg_replace( '/[^A-Z0-9]/i', '', $site_id ), 0, 32 ) ) {
649
+ return false;
650
+ }
651
+
652
+ return true;
653
+ }
654
+
655
  function lab_get_key( $refresh = false, $nocache = false) {
656
  static $key = null;
657
 
659
  $key = cerber_get_set( '_cerberkey_' );
660
  }
661
 
662
+ if ( $refresh
663
+ || ! $key
664
+ || ! is_array( $key ) ) {
665
 
666
  if ( empty( $key ) || ! is_array( $key ) ) {
667
+ $key = array( '' );
668
  }
669
 
670
+ if ( ! lab_check_site_id( $key[0] ) ) {
671
  $key[0] = lab_gen_site_id();
672
  }
673
  else {
cerber-load.php CHANGED
@@ -799,7 +799,7 @@ add_action( 'plugins_loaded', function () {
799
 
800
  function cerber_load_admin_code() {
801
 
802
- //cerber_cache_enable(); // TODO: Add "clear the cache" button in admin
803
 
804
  require_once( ABSPATH . 'wp-admin/includes/class-wp-screen.php' );
805
  require_once( ABSPATH . 'wp-admin/includes/screen.php' );
@@ -1108,7 +1108,10 @@ function crb_login_error( $username, $act = null, $status = null ) {
1108
  add_action( 'wp_login', function ( $login, $user ) {
1109
  cerber_user_login( $login, $user );
1110
  }, 0, 2 );
1111
-
 
 
 
1112
  function cerber_user_login( $login, $user ) {
1113
  global $wp_cerber_user_id;
1114
  $wp_cerber_user_id = $user->ID;
@@ -1133,13 +1136,13 @@ function cerber_user_login( $login, $user ) {
1133
  }
1134
 
1135
  /**
1136
- * Catching user switching and authentications without using the login form
1137
  */
1138
  add_action( 'set_auth_cookie', function () {
1139
  add_action( 'set_current_user', function () { // deferred to allow the possible 'wp_login' action to be logged first
1140
  global $current_user;
1141
  if ( $current_user instanceof WP_User ) {
1142
- cerber_user_login( $current_user->user_login, $current_user->ID );
1143
  }
1144
  } );
1145
  } );
@@ -1221,9 +1224,11 @@ function cerber_login_failed( $user_login, $user_id = 0 ) {
1221
  }
1222
 
1223
  // Must the Citadel mode be activated?
1224
- if ( ( $per = crb_get_settings( 'ciperiod' ) ) && ! cerber_is_citadel() ) {
 
 
1225
  $range = time() - $per * 60;
1226
- $lockouts = cerber_db_get_var( 'SELECT count(ip) FROM ' . CERBER_LOG_TABLE . ' WHERE activity IN (7,51,52) AND stamp > ' . $range );
1227
  if ( $lockouts >= crb_get_settings( 'cilimit' ) ) {
1228
  cerber_enable_citadel();
1229
  }
@@ -3934,15 +3939,20 @@ function cerber_forbidden_page() {
3934
  // Citadel mode -------------------------------------------------------------------------------------
3935
 
3936
  function cerber_enable_citadel() {
3937
- global $wp_cerber;
 
 
 
 
3938
  if ( get_transient( 'cerber_citadel' ) ) {
3939
  return;
3940
  }
 
3941
  set_transient( 'cerber_citadel', true, crb_get_settings( 'ciduration' ) * 60 );
3942
  cerber_log( 12 );
3943
 
3944
  // Notify admin
3945
- if ( $wp_cerber->getSettings( 'cinotify' ) ) {
3946
  cerber_send_email( 'citadel' );
3947
  }
3948
  }
@@ -4337,7 +4347,6 @@ function cerber_init_cron(){
4337
 
4338
  add_action( 'cerber_hourly_1', 'cerber_do_hourly' );
4339
  function cerber_do_hourly( $force = false ) {
4340
- global $wpdb, $wp_cerber;
4341
 
4342
  $t = 'cerber_hourly_1';
4343
  $start = time();
@@ -4356,22 +4365,46 @@ function cerber_do_hourly( $force = false ) {
4356
  set_site_transient( 'cerber_multisite', 'executed', 3600 );
4357
  }
4358
 
4359
- $time = time();
4360
- $days = absint( crb_get_settings( 'keeplog' ) );
4361
- if ( $days > 0 ) {
 
 
 
 
 
 
 
 
4362
  cerber_db_query( 'DELETE FROM ' . CERBER_LOG_TABLE . ' WHERE stamp < ' . ( $time - $days * 24 * 3600 ) );
4363
  }
 
 
 
 
 
4364
  $days = absint( crb_get_settings( 'tikeeprec' ) );
4365
- if ( $days > 0 ) {
 
 
 
 
 
 
 
4366
  cerber_db_query( 'DELETE FROM ' . CERBER_TRAF_TABLE . ' WHERE stamp < ' . ( $time - $days * 24 * 3600 ) );
4367
  }
 
 
 
 
4368
 
4369
  cerber_db_query( 'DELETE FROM ' . CERBER_LAB_IP_TABLE . ' WHERE expires < ' . $time );
4370
 
4371
- if ( $wp_cerber->getSettings( 'trashafter-enabled') && absint($wp_cerber->getSettings('trashafter'))) {
4372
  $list = get_comments( array( 'status' => 'spam' ) );
4373
  if ( $list ) {
4374
- $time = time() - DAY_IN_SECONDS * absint($wp_cerber->getSettings( 'trashafter' ));
4375
  foreach ( $list as $item ) {
4376
  if ( $time > strtotime( $item->comment_date_gmt ) ) {
4377
  wp_trash_comment( $item->comment_ID );
@@ -5665,21 +5698,22 @@ function cerber_login_register_stuff() {
5665
  }
5666
 
5667
  /**
5668
- * Inline reCAPTCHA widget
5669
  *
5670
  */
5671
- add_action( 'wp_footer', 'cerber_foo', 1000 );
5672
- function cerber_foo() {
5673
  global $wp_cerber;
5674
 
5675
  if ( is_singular() || is_archive() ) {
5676
  cerber_antibot_code( array( 'botscomm', 'botsany' ) );
5677
  }
5678
 
5679
- if (!$wp_cerber->recaptcha_here) return;
 
 
5680
 
5681
  // jQuery version with support visible and invisible reCAPTCHA
5682
- // TODO: convert it into pure JS
5683
  ?>
5684
  <script type="text/javascript">
5685
 
799
 
800
  function cerber_load_admin_code() {
801
 
802
+ //cerber_cache_enable();
803
 
804
  require_once( ABSPATH . 'wp-admin/includes/class-wp-screen.php' );
805
  require_once( ABSPATH . 'wp-admin/includes/screen.php' );
1108
  add_action( 'wp_login', function ( $login, $user ) {
1109
  cerber_user_login( $login, $user );
1110
  }, 0, 2 );
1111
+ /**
1112
+ * @param $login string
1113
+ * @param $user WP_User
1114
+ */
1115
  function cerber_user_login( $login, $user ) {
1116
  global $wp_cerber_user_id;
1117
  $wp_cerber_user_id = $user->ID;
1136
  }
1137
 
1138
  /**
1139
+ * Catching user switching and authentications without using a login form
1140
  */
1141
  add_action( 'set_auth_cookie', function () {
1142
  add_action( 'set_current_user', function () { // deferred to allow the possible 'wp_login' action to be logged first
1143
  global $current_user;
1144
  if ( $current_user instanceof WP_User ) {
1145
+ cerber_user_login( $current_user->user_login, $current_user );
1146
  }
1147
  } );
1148
  } );
1224
  }
1225
 
1226
  // Must the Citadel mode be activated?
1227
+ if ( crb_get_settings( 'citadel_on' )
1228
+ && ( $per = crb_get_settings( 'ciperiod' ) )
1229
+ && ! cerber_is_citadel() ) {
1230
  $range = time() - $per * 60;
1231
+ $lockouts = cerber_db_get_var( 'SELECT count(ip) FROM ' . CERBER_LOG_TABLE . ' WHERE activity = 7 AND stamp > ' . $range );
1232
  if ( $lockouts >= crb_get_settings( 'cilimit' ) ) {
1233
  cerber_enable_citadel();
1234
  }
3939
  // Citadel mode -------------------------------------------------------------------------------------
3940
 
3941
  function cerber_enable_citadel() {
3942
+
3943
+ if ( ! crb_get_settings( 'citadel_on' ) ) {
3944
+ return;
3945
+ }
3946
+
3947
  if ( get_transient( 'cerber_citadel' ) ) {
3948
  return;
3949
  }
3950
+
3951
  set_transient( 'cerber_citadel', true, crb_get_settings( 'ciduration' ) * 60 );
3952
  cerber_log( 12 );
3953
 
3954
  // Notify admin
3955
+ if ( crb_get_settings( 'cinotify' ) ) {
3956
  cerber_send_email( 'citadel' );
3957
  }
3958
  }
4347
 
4348
  add_action( 'cerber_hourly_1', 'cerber_do_hourly' );
4349
  function cerber_do_hourly( $force = false ) {
 
4350
 
4351
  $t = 'cerber_hourly_1';
4352
  $start = time();
4365
  set_site_transient( 'cerber_multisite', 'executed', 3600 );
4366
  }
4367
 
4368
+ $time = time();
4369
+
4370
+ $days = absint( crb_get_settings( 'keeplog' ) );
4371
+ if ( ! $days ) {
4372
+ $days = cerber_get_defaults( 'keeplog' ); // @since 8.5.6
4373
+ }
4374
+
4375
+ $days_auth = absint( crb_get_settings( 'keeplog_auth' ) );
4376
+ $days_auth = ( ! $days_auth ) ? $days : $days_auth; // It may be not configured by the admin, since it's introduced in 8.5.6
4377
+
4378
+ if ( $days == $days_auth ) {
4379
  cerber_db_query( 'DELETE FROM ' . CERBER_LOG_TABLE . ' WHERE stamp < ' . ( $time - $days * 24 * 3600 ) );
4380
  }
4381
+ else {
4382
+ cerber_db_query( 'DELETE FROM ' . CERBER_LOG_TABLE . ' WHERE user_id =0 AND stamp < ' . ( $time - $days * 24 * 3600 ) );
4383
+ cerber_db_query( 'DELETE FROM ' . CERBER_LOG_TABLE . ' WHERE user_id !=0 AND stamp < ' . ( $time - $days_auth * 24 * 3600 ) );
4384
+ }
4385
+
4386
  $days = absint( crb_get_settings( 'tikeeprec' ) );
4387
+ if ( ! $days ) {
4388
+ $days = cerber_get_defaults( 'tikeeprec' ); // @since 8.5.6
4389
+ }
4390
+
4391
+ $days_auth = absint( crb_get_settings( 'tikeeprec_auth' ) );
4392
+ $days_auth = ( ! $days_auth ) ? $days : $days_auth; // It may be not configured by the admin, since it's introduced in 8.5.6
4393
+
4394
+ if ( $days == $days_auth ) {
4395
  cerber_db_query( 'DELETE FROM ' . CERBER_TRAF_TABLE . ' WHERE stamp < ' . ( $time - $days * 24 * 3600 ) );
4396
  }
4397
+ else {
4398
+ cerber_db_query( 'DELETE FROM ' . CERBER_TRAF_TABLE . ' WHERE user_id =0 AND stamp < ' . ( $time - $days * 24 * 3600 ) );
4399
+ cerber_db_query( 'DELETE FROM ' . CERBER_TRAF_TABLE . ' WHERE user_id !=0 AND stamp < ' . ( $time - $days_auth * 24 * 3600 ) );
4400
+ }
4401
 
4402
  cerber_db_query( 'DELETE FROM ' . CERBER_LAB_IP_TABLE . ' WHERE expires < ' . $time );
4403
 
4404
+ if ( crb_get_settings( 'trashafter-enabled' ) && absint( crb_get_settings( 'trashafter' ) ) ) {
4405
  $list = get_comments( array( 'status' => 'spam' ) );
4406
  if ( $list ) {
4407
+ $time = time() - DAY_IN_SECONDS * absint( crb_get_settings( 'trashafter' ) );
4408
  foreach ( $list as $item ) {
4409
  if ( $time > strtotime( $item->comment_date_gmt ) ) {
4410
  wp_trash_comment( $item->comment_ID );
5698
  }
5699
 
5700
  /**
5701
+ * Add Cerber's JS to the footer on the public pages
5702
  *
5703
  */
5704
+ add_action( 'wp_footer', 'cerber_wp_footer', PHP_INT_MAX );
5705
+ function cerber_wp_footer() {
5706
  global $wp_cerber;
5707
 
5708
  if ( is_singular() || is_archive() ) {
5709
  cerber_antibot_code( array( 'botscomm', 'botsany' ) );
5710
  }
5711
 
5712
+ if ( ! $wp_cerber->recaptcha_here ) {
5713
+ return;
5714
+ }
5715
 
5716
  // jQuery version with support visible and invisible reCAPTCHA
 
5717
  ?>
5718
  <script type="text/javascript">
5719
 
cerber-news.php CHANGED
@@ -144,6 +144,12 @@ function cerber_push_the_news( $version ) {
144
  $news['8.5.5'][] = 'The Cerber.Hub multi-site manager: the server column on the slave websites list page now contains a link to quickly filter out websites on the same server.';
145
  $news['8.5.5'][] = 'The Cerber.Hub multi-site manager: now it remembers the filtered list of slave websites while you’re switching between them and the master.';
146
 
 
 
 
 
 
 
147
  if ( ! empty( $news[ $version ] ) ) {
148
  //$text = '<h3>What\'s new in WP Cerber '.$version.'</h3>';
149
 
@@ -152,6 +158,7 @@ function cerber_push_the_news( $version ) {
152
  $text .= '<ul><li>'.implode('</li><li>', $news[ $version ]).'</li></ul>';
153
 
154
  $text .= ' <p style="margin-top: 18px; font-weight: bold;"><a href="https://wpcerber.com/?plugin_version='.$version.'" target="_blank">Read more on wpcerber.com</a></p>';
 
155
 
156
  $text .= ' <p style="margin-top: 24px;"><span class="dashicons-before dashicons-email-alt"></span> &nbsp; <a href="https://wpcerber.com/subscribe-newsletter/">Subscribe to Cerber\'s newsletter</a></p>
157
  <p><span class="dashicons-before dashicons-twitter"></span> &nbsp; <a href="https://twitter.com/wpcerber">Follow Cerber on Twitter</a></p>
144
  $news['8.5.5'][] = 'The Cerber.Hub multi-site manager: the server column on the slave websites list page now contains a link to quickly filter out websites on the same server.';
145
  $news['8.5.5'][] = 'The Cerber.Hub multi-site manager: now it remembers the filtered list of slave websites while you’re switching between them and the master.';
146
 
147
+ $news['8.5.6'][] = 'Now you can separately set the number of days of keeping log records in the database for authenticated (logged in) website users and non-authenticated (not logged in) visitors. These settings are configured for the activity log and the live traffic log separately.';
148
+ $news['8.5.6'][] = 'You can completely turn off the Citadel mode feature in the Main Settings now.';
149
+ $news['8.5.6'][] = 'The appearance of the Activity log has got small visual improvements.';
150
+ $news['8.5.6'][] = 'When you upload a ZIP archive on the integrity scanner page it processes nested ZIP archives now and writes errors to the diagnostic log if it\'s enabled.';
151
+ $news['8.5.6'][] = 'Fixed: The blacklisting buttons on the Activity tab do not work showing "Incorrect IP address or IP range".';
152
+
153
  if ( ! empty( $news[ $version ] ) ) {
154
  //$text = '<h3>What\'s new in WP Cerber '.$version.'</h3>';
155
 
158
  $text .= '<ul><li>'.implode('</li><li>', $news[ $version ]).'</li></ul>';
159
 
160
  $text .= ' <p style="margin-top: 18px; font-weight: bold;"><a href="https://wpcerber.com/?plugin_version='.$version.'" target="_blank">Read more on wpcerber.com</a></p>';
161
+ $text .= ' <p style="margin-top: 18px; font-weight: bold;"><a href="'.cerber_admin_link('change-log').'">See the whole history in the changelog</a></p>';
162
 
163
  $text .= ' <p style="margin-top: 24px;"><span class="dashicons-before dashicons-email-alt"></span> &nbsp; <a href="https://wpcerber.com/subscribe-newsletter/">Subscribe to Cerber\'s newsletter</a></p>
164
  <p><span class="dashicons-before dashicons-twitter"></span> &nbsp; <a href="https://twitter.com/wpcerber">Follow Cerber on Twitter</a></p>
cerber-scanner.php CHANGED
@@ -508,7 +508,8 @@ function cerber_step_scanning() {
508
  case 4:
509
  if ( crb_get_settings( 'scan_sess' ) ) {
510
  $another_dir = session_save_path();
511
- if ( is_dir( $another_dir ) && $result = cerber_scan_directory( $another_dir, null, '_crb_save_file_names' ) ) {
 
512
  //$update['total']['folders'] += $result[0];
513
  }
514
  $update['total']['files'] = cerber_get_num_files( $scan['id'] );
@@ -4225,7 +4226,8 @@ function cerber_scheduled_hash( $zip_file = '' ) {
4225
  */
4226
  function cerber_need_for_hash( $zip_file = '', $delete = true, $expires = 0 ) {
4227
  $folder = cerber_get_tmp_file_folder();
4228
- $zip_folder = $folder . 'zip' . DIRECTORY_SEPARATOR;
 
4229
 
4230
  if ( ! $zip_file ) {
4231
  if ( ! $files = glob( $folder . '*.zip' ) ) {
@@ -4242,6 +4244,7 @@ function cerber_need_for_hash( $zip_file = '', $delete = true, $expires = 0 ) {
4242
  }
4243
 
4244
  $fs = cerber_init_wp_filesystem();
 
4245
 
4246
  foreach ( $files as $zip_file ) {
4247
 
@@ -4249,68 +4252,123 @@ function cerber_need_for_hash( $zip_file = '', $delete = true, $expires = 0 ) {
4249
  continue;
4250
  }
4251
 
4252
- if ( file_exists( $zip_folder ) && ! $fs->delete( $zip_folder, true ) ) {
4253
- return new WP_Error( 'cerber-zip', 'Unable to clean up temporary zip folder ' . $zip_folder );
4254
- }
 
 
 
 
 
 
 
 
4255
 
4256
- $result = cerber_unzip( $zip_file, $zip_folder );
 
 
 
 
 
 
 
 
 
 
 
 
 
4257
 
4258
  if ( $delete ) {
4259
  unlink( $zip_file );
4260
  }
4261
 
4262
  if ( is_wp_error( $result ) ) {
4263
- return new WP_Error( 'cerber-zip', 'Unable to unzip file ' . $zip_file . ' ' . $result->get_error_message() );
4264
  }
4265
 
4266
- if ( ! $obj = cerber_detect_object( $zip_folder ) ) {
4267
- return new WP_Error( 'cerber-file', 'File ' . basename( $zip_file ) . ' can not be used. Proper program code not found or version mismatch. Please upload another file.' );
4268
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4269
 
4270
- $dir = $obj['src'] . DIRECTORY_SEPARATOR;
4271
- $len = mb_strlen( $dir );
4272
 
 
4273
  global $the_file_list;
4274
- $the_file_list = array();
 
4275
 
4276
- cerber_scan_directory( $dir, null, function ($list){
4277
- global $the_file_list;
4278
- $the_file_list = array_merge( $the_file_list, $list );
4279
- } );
4280
 
4281
- if ( empty( $the_file_list ) ) {
4282
- return new WP_Error( 'cerber-dir', 'No files found in ' . $zip_file );
4283
- }
4284
 
4285
- $hash = array();
 
 
4286
 
4287
- foreach ( $the_file_list as $file_name ) {
4288
- $hash[ mb_substr( $file_name, $len ) ] = hash_file( 'sha256', $file_name );
4289
- }
 
 
 
4290
 
4291
- if ( !$obj['single'] ) {
4292
- $b = $obj['src'];
4293
- }
4294
- else {
4295
- $b = $obj['file'];
4296
- }
4297
 
4298
- //$key = $obj['type'] . sha1( $obj['name'] . basename( $obj['src'] ) );
4299
- $key = $obj['type'] . sha1( $obj['name'] . basename( $b ) );
 
 
 
 
 
 
 
4300
 
4301
- if ( ! cerber_update_set( $key, array(
4302
- 'name' => $obj['name'],
4303
- 'ver' => $obj['ver'],
4304
- 'hash' => $hash,
4305
- 'time' => time()
4306
- ), 0, true, $expires )
4307
- ) {
4308
- return new WP_Error( 'cerber-zip', 'Database error occurred while saving hash' );
4309
- }
4310
  }
4311
 
4312
- $fs->delete( $zip_folder, true );
4313
- unset($the_file_list);
4314
 
4315
  return true;
4316
  }
508
  case 4:
509
  if ( crb_get_settings( 'scan_sess' ) ) {
510
  $another_dir = session_save_path();
511
+ if ( @is_dir( $another_dir )
512
+ && $result = cerber_scan_directory( $another_dir, null, '_crb_save_file_names' ) ) {
513
  //$update['total']['folders'] += $result[0];
514
  }
515
  $update['total']['files'] = cerber_get_num_files( $scan['id'] );
4226
  */
4227
  function cerber_need_for_hash( $zip_file = '', $delete = true, $expires = 0 ) {
4228
  $folder = cerber_get_tmp_file_folder();
4229
+ $tmp_folder1 = $folder . 'zip' . DIRECTORY_SEPARATOR;
4230
+ $tmp_folder2 = $folder . 'nested_zip' . DIRECTORY_SEPARATOR;
4231
 
4232
  if ( ! $zip_file ) {
4233
  if ( ! $files = glob( $folder . '*.zip' ) ) {
4244
  }
4245
 
4246
  $fs = cerber_init_wp_filesystem();
4247
+ $result = true;
4248
 
4249
  foreach ( $files as $zip_file ) {
4250
 
4252
  continue;
4253
  }
4254
 
4255
+ crb_scan_debug( 'Processing ZIP: ' . basename( $zip_file ) );
4256
+
4257
+ $result = crb_hash_maker( $zip_file, $tmp_folder1, false, $expires );
4258
+
4259
+ if ( is_wp_error( $result ) ) {
4260
+
4261
+ crb_scan_debug( 'Processing ZIP: ' . $result->get_error_message() );
4262
+
4263
+ // It's possible that there is a nested ZIP archive
4264
+
4265
+ if ( $nested_zip_list = glob( $tmp_folder1 . '*.zip' ) ) {
4266
 
4267
+ crb_scan_debug( 'Processing ZIP: trying to find the reference code in the nested zip archive' );
4268
+
4269
+ foreach ( $nested_zip_list as $nested_zip ) {
4270
+ $result = crb_hash_maker( $nested_zip, $tmp_folder2, true, $expires );
4271
+ if ( ! is_wp_error( $result ) ) {
4272
+ break; // Yay, we found it!
4273
+ }
4274
+ }
4275
+ }
4276
+
4277
+ }
4278
+ else {
4279
+ crb_scan_debug( 'Processing ZIP: ' . basename( $zip_file ) . ' - OK!' );
4280
+ }
4281
 
4282
  if ( $delete ) {
4283
  unlink( $zip_file );
4284
  }
4285
 
4286
  if ( is_wp_error( $result ) ) {
4287
+ break;
4288
  }
4289
 
4290
+ }
4291
+
4292
+ $fs->delete( $tmp_folder1, true );
4293
+ $fs->delete( $tmp_folder2, true );
4294
+
4295
+ crb_scan_debug( 'Processing ZIP: Completed' );
4296
+
4297
+ return $result;
4298
+ }
4299
+
4300
+ /**
4301
+ * @param string $zip_file ZIP file to process
4302
+ * @param string $zip_folder Temporary folder for unpacking ZIP
4303
+ * @param bool $delete If true, the temp folder will be deleted afterward
4304
+ * @param int $expires HASH expiration time, Unix timestamp, 0 = never
4305
+ *
4306
+ * @return bool|WP_Error
4307
+ */
4308
+ function crb_hash_maker( $zip_file, $zip_folder, $delete = true, $expires = 0 ) {
4309
+
4310
+ $fs = cerber_init_wp_filesystem();
4311
+
4312
+ if ( file_exists( $zip_folder ) && ! $fs->delete( $zip_folder, true ) ) {
4313
+ return new WP_Error( 'cerber-zip', 'Unable to clean up temporary zip folder ' . $zip_folder );
4314
+ }
4315
+
4316
+ $result = cerber_unzip( $zip_file, $zip_folder );
4317
+
4318
+ if ( is_wp_error( $result ) ) {
4319
+ return new WP_Error( 'cerber-zip', 'Unable to unzip file ' . $zip_file . ' ' . $result->get_error_message() );
4320
+ }
4321
+
4322
+ if ( ! $obj = cerber_detect_object( $zip_folder ) ) {
4323
+ return new WP_Error( 'cerber-file', 'File ' . basename( $zip_file ) . ' can not be used. Proper program code not found or version mismatch. Please upload another file.' );
4324
+ }
4325
+
4326
+ $dir = $obj['src'] . DIRECTORY_SEPARATOR;
4327
+ $len = mb_strlen( $dir );
4328
 
4329
+ global $the_file_list;
4330
+ $the_file_list = array();
4331
 
4332
+ cerber_scan_directory( $dir, null, function ($list){
4333
  global $the_file_list;
4334
+ $the_file_list = array_merge( $the_file_list, $list );
4335
+ } );
4336
 
4337
+ if ( empty( $the_file_list ) ) {
4338
+ return new WP_Error( 'cerber-dir', 'No files found in ' . $zip_file );
4339
+ }
 
4340
 
4341
+ $hash = array();
 
 
4342
 
4343
+ foreach ( $the_file_list as $file_name ) {
4344
+ $hash[ mb_substr( $file_name, $len ) ] = hash_file( 'sha256', $file_name );
4345
+ }
4346
 
4347
+ if ( !$obj['single'] ) {
4348
+ $b = $obj['src'];
4349
+ }
4350
+ else {
4351
+ $b = $obj['file'];
4352
+ }
4353
 
4354
+ //$key = $obj['type'] . sha1( $obj['name'] . basename( $obj['src'] ) );
4355
+ $key = $obj['type'] . sha1( $obj['name'] . basename( $b ) );
 
 
 
 
4356
 
4357
+ if ( ! cerber_update_set( $key, array(
4358
+ 'name' => $obj['name'],
4359
+ 'ver' => $obj['ver'],
4360
+ 'hash' => $hash,
4361
+ 'time' => time()
4362
+ ), 0, true, $expires )
4363
+ ) {
4364
+ return new WP_Error( 'cerber-zip', 'Database error occurred while saving hash' );
4365
+ }
4366
 
4367
+ if ( $delete ) {
4368
+ $fs->delete( $zip_folder, true );
 
 
 
 
 
 
 
4369
  }
4370
 
4371
+ unset( $the_file_list );
 
4372
 
4373
  return true;
4374
  }
changelog.txt CHANGED
@@ -1,3 +1,12 @@
 
 
 
 
 
 
 
 
 
1
  = 8.5.5 =
2
  * IP Access Lists now support IPv6 networks, ranges, and wildcards. Add as many IPv6 entries to the access lists as you need. We've developed an extraordinarily fast ACL engine to process them.
3
  * The algorithm of handling consecutive IP address lockouts has been improved: the reason for an existing lockout is updated and its duration is recalculated in real-time now.
1
+ = 8.5.6 =
2
+ * New: Ability to separately set the number of days of keeping log records in the database for authenticated (logged in) website users and non-authenticated (not logged in) visitors.
3
+ * New: Now you can completely turn off the Citadel mode feature in the Main Settings
4
+ * Update: When you upload a ZIP archive on the integrity scanner page it processes nested ZIP archives now and writes errors to the diagnostic log if it's enabled
5
+ * Update: The appearance of the Activity log has got small visual improvements
6
+ * Update: If the number of days to keep log records is not set or set to zero, the plugin uses the default setting instead. Previously you can set it to zero and keep log records infinitely.
7
+ * Fixed: The blacklisting buttons on the Activity tab do not work showing "Incorrect IP address or IP range".
8
+ * Fixed: PHP Notice: Trying to get property "ID" of non-object in cerber-load.php on line 1131
9
+
10
  = 8.5.5 =
11
  * IP Access Lists now support IPv6 networks, ranges, and wildcards. Add as many IPv6 entries to the access lists as you need. We've developed an extraordinarily fast ACL engine to process them.
12
  * The algorithm of handling consecutive IP address lockouts has been improved: the reason for an existing lockout is updated and its duration is recalculated in real-time now.
common.php CHANGED
@@ -3084,8 +3084,8 @@ function cerber_fromcharcode( $str ) {
3084
  */
3085
  function cerber_empty_dir( $dir ) {
3086
  //$trd = rtrim( $dir, '/\\' );
3087
- if ( ! is_dir( $dir )
3088
- || 0 === strpos( $dir, ABSPATH ) ) { // Workaround for non-legitimate using this function
3089
  return new WP_Error( 'no-dir', 'This directory cannot be emptied' );
3090
  }
3091
 
@@ -3103,7 +3103,7 @@ function cerber_empty_dir( $dir ) {
3103
 
3104
  foreach ( $files as $file ) {
3105
  $full = $dir . $file;
3106
- if ( is_file( $full ) ) {
3107
  if ( ! @unlink( $full ) ) {
3108
  $ret = false;
3109
  }
3084
  */
3085
  function cerber_empty_dir( $dir ) {
3086
  //$trd = rtrim( $dir, '/\\' );
3087
+ if ( ! @is_dir( $dir )
3088
+ || 0 === strpos( $dir, ABSPATH ) ) { // Workaround for a non-legitimate use of this function
3089
  return new WP_Error( 'no-dir', 'This directory cannot be emptied' );
3090
  }
3091
 
3103
 
3104
  foreach ( $files as $file ) {
3105
  $full = $dir . $file;
3106
+ if ( @is_file( $full ) ) {
3107
  if ( ! @unlink( $full ) ) {
3108
  $ret = false;
3109
  }
dashboard.php CHANGED
@@ -1373,12 +1373,11 @@ function cerber_ip_extra_view( $ip, $context = 'activity' ) {
1373
  }
1374
 
1375
  $form = '';
1376
- //if (!cerber_is_myip($ip) && !cerber_acl_check($ip)) $form = '<form action="" method="post"><input type="hidden" name="add_acl_B" value="'.$ip.'"><input type="submit" class="button button-primary cerber-button" value="'.__('Add IP to the Black List','wp-cerber').'" >'.wp_nonce_field('cerber_dashboard','cerber_nonce').'</form>';
1377
 
1378
  if ( ! cerber_is_myip( $ip ) && ! cerber_acl_check( $ip ) ) {
1379
 
1380
  if ( $network ) {
1381
- $net_button = '<button type="submit" value="' . $network . '" name="add_acl_B" class="button button-primary cerber-button">';
1382
  }
1383
  else {
1384
  $net_button = '<button disabled="disabled" class="button button-secondary cerber-button">';
@@ -1388,7 +1387,8 @@ function cerber_ip_extra_view( $ip, $context = 'activity' ) {
1388
  $form = '<form id="add-acl-black" action="" method="post">
1389
  <input type="hidden" name="cerber_admin_do" value="add2acl">
1390
  <input type="hidden" name="add_acl_comment" value="">
1391
- <button type="submit" value="' . $ip . '" name="add_acl_B" class="button button-primary cerber-button"><span class="dashicons-before dashicons-desktop"></span> ' . __( 'Add IP to the Black List', 'wp-cerber' ) . '</button> ' .
 
1392
  $net_button .
1393
  cerber_nonce_field( 'control' ) .
1394
  '</form>';
@@ -1655,10 +1655,16 @@ function cerber_quick_w(){
1655
  $w_count = cerber_db_get_var('SELECT count(ip) FROM '. CERBER_ACL_TABLE .' WHERE tag ="W"' );
1656
  $b_count = cerber_db_get_var('SELECT count(ip) FROM '. CERBER_ACL_TABLE .' WHERE tag ="B"' );
1657
 
1658
- if (cerber_is_citadel()) $citadel = '<span style="color:#FF0000;">'.__('active','wp-cerber').'</span> (<a href="'.wp_nonce_url(add_query_arg(array('citadel' => 'deactivate')),'control','cerber_nonce').'">'.__('deactivate','wp-cerber').'</a>)';
 
 
1659
  else {
1660
- if (crb_get_settings('ciperiod')) $citadel = __('not active','wp-cerber');
1661
- else $citadel = __('disabled','wp-cerber');
 
 
 
 
1662
  }
1663
 
1664
  echo '<div class="cerber-widget">';
@@ -2742,57 +2748,6 @@ function cerber_admin_head() {
2742
  <?php
2743
  endif;
2744
 
2745
-
2746
- if (lab_lab()):
2747
- ?>
2748
- <style type="text/css" media="all">
2749
- .actv5, .actv10, .actv11, .actv12, .actv16, .actv17, .actv18, .actv19, .actv41, .actv42, .actv53, .actv54, .actv55, .actv56, .actv70, .actv71 {
2750
- padding: 0;
2751
- border-left: none;
2752
- background-color: initial;
2753
- }
2754
-
2755
- /* New */
2756
- #crb-activity td {
2757
- padding-top: 0.5em;
2758
- padding-bottom: 0.5em;
2759
- }
2760
- #crb-activity td.acinfo div {
2761
- padding: 0.1em 0 0.1em 0.7em;
2762
- }
2763
- .crb12, .crb16, .crb17, .crb18, .crb19, .crb41, .crb42, .crb50, .crb51, .crb52, .crb53, .crb54, .crb55, .crb56, .crb70, .crb71, .crb72, .crb73, .crb74, .crb75, .crb76, .crb100 {
2764
- /*border-left: 4px solid #FF5733;*/
2765
- /*font-weight: bold;*/
2766
- border-left: 0.4em solid #FF5733;
2767
- padding-bottom: 2px;
2768
- }
2769
- .crb10, .crb11 {
2770
- padding-top: 0 !important;
2771
- padding-bottom: 0 !important;
2772
- }
2773
- .crb10 span, .crb11 span {
2774
- margin-left: -0.7em;
2775
- padding-left: 1.1em; /* 0.7 + 0.4 */
2776
- padding-right: 1em;
2777
- }
2778
- .crb10 span:first-child, .crb11 span:first-child {
2779
- display: inline-block;
2780
- background-color: #FF5733;
2781
- margin-right: 1.5em;
2782
- line-height: 2;
2783
- }
2784
- .crb5 {
2785
- /*border-left: 4px solid #FF5733;*/
2786
- border-left: 0.4em solid #51AE43;
2787
- padding-bottom: 2px;
2788
- }
2789
- .act-url{
2790
- font-weight: normal;
2791
- }
2792
- </style>
2793
- <?php
2794
- endif;
2795
-
2796
  if ( ! cerber_is_admin_page() ) {
2797
  return;
2798
  }
1373
  }
1374
 
1375
  $form = '';
 
1376
 
1377
  if ( ! cerber_is_myip( $ip ) && ! cerber_acl_check( $ip ) ) {
1378
 
1379
  if ( $network ) {
1380
+ $net_button = '<button type="submit" value="' . $network . '" name="add_acl" class="button button-primary cerber-button">';
1381
  }
1382
  else {
1383
  $net_button = '<button disabled="disabled" class="button button-secondary cerber-button">';
1387
  $form = '<form id="add-acl-black" action="" method="post">
1388
  <input type="hidden" name="cerber_admin_do" value="add2acl">
1389
  <input type="hidden" name="add_acl_comment" value="">
1390
+ <input type="hidden" name="acl_tag" value="B">
1391
+ <button type="submit" value="' . $ip . '" name="add_acl" class="button button-primary cerber-button"><span class="dashicons-before dashicons-desktop"></span> ' . __( 'Add IP to the Black List', 'wp-cerber' ) . '</button> ' .
1392
  $net_button .
1393
  cerber_nonce_field( 'control' ) .
1394
  '</form>';
1655
  $w_count = cerber_db_get_var('SELECT count(ip) FROM '. CERBER_ACL_TABLE .' WHERE tag ="W"' );
1656
  $b_count = cerber_db_get_var('SELECT count(ip) FROM '. CERBER_ACL_TABLE .' WHERE tag ="B"' );
1657
 
1658
+ if ( cerber_is_citadel() ) {
1659
+ $citadel = '<span style="color:#FF0000;">' . __( 'active', 'wp-cerber' ) . '</span> (<a href="' . wp_nonce_url( add_query_arg( array( 'citadel' => 'deactivate' ) ), 'control', 'cerber_nonce' ) . '">' . __( 'deactivate', 'wp-cerber' ) . '</a>)';
1660
+ }
1661
  else {
1662
+ if ( crb_get_settings( 'citadel_on' ) && crb_get_settings( 'ciperiod' ) ) {
1663
+ $citadel = __( 'not active', 'wp-cerber' );
1664
+ }
1665
+ else {
1666
+ $citadel = __( 'disabled', 'wp-cerber' );
1667
+ }
1668
  }
1669
 
1670
  echo '<div class="cerber-widget">';
2748
  <?php
2749
  endif;
2750
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2751
  if ( ! cerber_is_admin_page() ) {
2752
  return;
2753
  }
languages/wp-cerber-nl_NL.mo CHANGED
Binary file
languages/wp-cerber-nl_NL.po CHANGED
@@ -3421,33 +3421,33 @@ msgstr "Verberg IP-adres server"
3421
 
3422
  #: ../dashboard.php:302
3423
  msgid "IP address, range, wildcard, or CIDR"
3424
- msgstr ""
3425
 
3426
  #: ../dashboard.php:303
3427
  msgid "Add Entry"
3428
- msgstr ""
3429
 
3430
  #: ../dashboard.php:4790
3431
  msgid "The IP address you are trying to add is already in the list"
3432
- msgstr ""
3433
 
3434
  #: ../common.php:1297
3435
  msgid "IP subnet blocked"
3436
- msgstr ""
3437
 
3438
  #: ../common.php:1333
3439
  msgid "User row update denied"
3440
- msgstr ""
3441
 
3442
  #: ../common.php:1336
3443
  msgid "User metadata update denied"
3444
- msgstr ""
3445
 
3446
  #: ../settings.php:1148
3447
  msgid "Any activity"
3448
- msgstr ""
3449
 
3450
  #: ../cerber-tools.php:139
3451
  msgid "A database error occurred while importing access list entries"
3452
- msgstr ""
3453
 
3421
 
3422
  #: ../dashboard.php:302
3423
  msgid "IP address, range, wildcard, or CIDR"
3424
+ msgstr "IP-adres, -reeks, -jokerteken of CIDR"
3425
 
3426
  #: ../dashboard.php:303
3427
  msgid "Add Entry"
3428
+ msgstr "Voeg toe"
3429
 
3430
  #: ../dashboard.php:4790
3431
  msgid "The IP address you are trying to add is already in the list"
3432
+ msgstr "Het IP-adres dat je wilt toevoegen, staat al in de lijst"
3433
 
3434
  #: ../common.php:1297
3435
  msgid "IP subnet blocked"
3436
+ msgstr "IP subnet geblokkeerd"
3437
 
3438
  #: ../common.php:1333
3439
  msgid "User row update denied"
3440
+ msgstr "Aanpassing rij van gebruiker geweigerd"
3441
 
3442
  #: ../common.php:1336
3443
  msgid "User metadata update denied"
3444
+ msgstr "Aanpassing metadata gebruiker geweigerd"
3445
 
3446
  #: ../settings.php:1148
3447
  msgid "Any activity"
3448
+ msgstr "Enige activiteit"
3449
 
3450
  #: ../cerber-tools.php:139
3451
  msgid "A database error occurred while importing access list entries"
3452
+ msgstr "Import van de toegangslijst leidde tot een database-fout"
3453
 
languages/wp-cerber-sv_SE.mo CHANGED
Binary file
languages/wp-cerber-sv_SE.po CHANGED
@@ -3358,7 +3358,7 @@ msgstr "Skyddade inställningar"
3358
 
3359
  #: ../settings.php:478
3360
  msgid "Do not apply these policy to the IP addresses in the White IP Access List"
3361
- msgstr ""
3362
 
3363
  #: ../cerber-ds.php:787
3364
  msgid "Administration Email Address"
@@ -3414,7 +3414,7 @@ msgstr "Dölj serverns IP-adress"
3414
 
3415
  #: ../dashboard.php:302
3416
  msgid "IP address, range, wildcard, or CIDR"
3417
- msgstr ""
3418
 
3419
  #: ../dashboard.php:303
3420
  msgid "Add Entry"
@@ -3422,15 +3422,15 @@ msgstr ""
3422
 
3423
  #: ../dashboard.php:4790
3424
  msgid "The IP address you are trying to add is already in the list"
3425
- msgstr ""
3426
 
3427
  #: ../common.php:1297
3428
  msgid "IP subnet blocked"
3429
- msgstr ""
3430
 
3431
  #: ../common.php:1333
3432
  msgid "User row update denied"
3433
- msgstr ""
3434
 
3435
  #: ../common.php:1336
3436
  msgid "User metadata update denied"
3358
 
3359
  #: ../settings.php:478
3360
  msgid "Do not apply these policy to the IP addresses in the White IP Access List"
3361
+ msgstr "Tillämpa inte denna policy på IP-adresserna i den vita IP-åtkomstlistan"
3362
 
3363
  #: ../cerber-ds.php:787
3364
  msgid "Administration Email Address"
3414
 
3415
  #: ../dashboard.php:302
3416
  msgid "IP address, range, wildcard, or CIDR"
3417
+ msgstr "IP-adress, intervall, jokertecken eller CIDR"
3418
 
3419
  #: ../dashboard.php:303
3420
  msgid "Add Entry"
3422
 
3423
  #: ../dashboard.php:4790
3424
  msgid "The IP address you are trying to add is already in the list"
3425
+ msgstr "IP-adressen som du försöker lägga till finns redan i listan"
3426
 
3427
  #: ../common.php:1297
3428
  msgid "IP subnet blocked"
3429
+ msgstr "IP-undernät blockerat"
3430
 
3431
  #: ../common.php:1333
3432
  msgid "User row update denied"
3433
+ msgstr "Uppdatering av användarrad nekad"
3434
 
3435
  #: ../common.php:1336
3436
  msgid "User metadata update denied"
readme.txt CHANGED
@@ -5,7 +5,7 @@ Tags: security, malware scanner, antispam, firewall, limit login attempts, custo
5
  Requires at least: 4.9
6
  Requires PHP: 5.4
7
  Tested up to: 5.3
8
- Stable tag: 8.5.5
9
  License: GPLv2
10
 
11
  Protection against hacker attacks and bots. Malware scanner & integrity checker. User activity log. Antispam reCAPTCHA. Limit login attempts.
@@ -319,6 +319,15 @@ To get access to your dashboard you need to copy the WP Cerber Reset folder to t
319
 
320
  == Changelog ==
321
 
 
 
 
 
 
 
 
 
 
322
  = 8.5.5 =
323
  * IP Access Lists now support IPv6 networks, ranges, and wildcards. Add as many IPv6 entries to the access lists as you need. We've developed an extraordinarily fast ACL engine to process them.
324
  * The algorithm of handling consecutive IP address lockouts has been improved: the reason for an existing lockout is updated and its duration is recalculated in real-time now.
5
  Requires at least: 4.9
6
  Requires PHP: 5.4
7
  Tested up to: 5.3
8
+ Stable tag: 8.5.6
9
  License: GPLv2
10
 
11
  Protection against hacker attacks and bots. Malware scanner & integrity checker. User activity log. Antispam reCAPTCHA. Limit login attempts.
319
 
320
  == Changelog ==
321
 
322
+ = 8.5.6 =
323
+ * New: Ability to separately set the number of days of keeping log records in the database for authenticated (logged in) website users and non-authenticated (not logged in) visitors.
324
+ * New: You can completely turn off the Citadel mode feature in the Main Settings
325
+ * Update: When you upload a ZIP archive on the integrity scanner page it processes nested ZIP archives now and writes errors to the diagnostic log if it's enabled
326
+ * Update: The appearance of the Activity log has got small visual improvements
327
+ * Update: If the number of days to keep log records is not set or set to zero, the plugin uses the default setting instead. Previously you can set it to zero and keep log records infinitely.
328
+ * Fixed: The blacklisting buttons on the Activity tab do not work showing "Incorrect IP address or IP range".
329
+ * Fixed: PHP Notice: Trying to get property "ID" of non-object in cerber-load.php on line 1131
330
+
331
  = 8.5.5 =
332
  * IP Access Lists now support IPv6 networks, ranges, and wildcards. Add as many IPv6 entries to the access lists as you need. We've developed an extraordinarily fast ACL engine to process them.
333
  * The algorithm of handling consecutive IP address lockouts has been improved: the reason for an existing lockout is updated and its duration is recalculated in real-time now.
settings.php CHANGED
@@ -224,14 +224,22 @@ function cerber_settings_config( $args = array() ) {
224
  'name' => __( 'Citadel mode', 'wp-cerber' ),
225
  'desc' => __( 'In the Citadel mode nobody is able to log in except IPs from the White IP Access List. Active user sessions will not be affected.', 'wp-cerber' ),
226
  'fields' => array(
 
 
 
 
 
 
227
  'citadel' => array(
228
  'title' => __( 'Threshold', 'wp-cerber' ),
229
  'type' => 'citadel',
 
230
  ),
231
  'ciduration' => array(
232
  'title' => __( 'Duration', 'wp-cerber' ),
233
  'label' => __( 'minutes', 'wp-cerber' ),
234
- 'size' => 3
 
235
  ),
236
  'cinotify' => array(
237
  'title' => __( 'Notifications', 'wp-cerber' ),
@@ -240,7 +248,8 @@ function cerber_settings_config( $args = array() ) {
240
  ' [ <a href="' . cerber_admin_link_add( array(
241
  'cerber_admin_do' => 'testnotify',
242
  'type' => 'citadel',
243
- ) ) . '">' . __( 'Click to send test', 'wp-cerber' ) . '</a> ]'
 
244
  ),
245
  ),
246
  ),
@@ -248,16 +257,17 @@ function cerber_settings_config( $args = array() ) {
248
  'name' => __( 'Activity', 'wp-cerber' ),
249
  'fields' => array(
250
  'keeplog' => array(
251
- 'title' => __( 'Keep records for', 'wp-cerber' ),
252
  'label' => __( 'days', 'wp-cerber' ),
253
  //'label' => __( 'days, not logged in visitors', 'wp-cerber' ),
254
  'size' => 3
255
  ),
256
- /*'keeplog_auth' => array(
257
- 'title' => __( 'Keep records for', 'wp-cerber' ),
258
- 'label' => __( 'days, logged in users', 'wp-cerber' ),
 
259
  'size' => 3
260
- ),*/
261
  'cerberlab' => array(
262
  'title' => __( 'Cerber Lab connection', 'wp-cerber' ),
263
  'label' => __( 'Send malicious IP addresses to the Cerber Lab', 'wp-cerber' ) . ' <a target="_blank" href="http://wpcerber.com/cerber-laboratory/">Know more</a>',
@@ -699,7 +709,12 @@ function cerber_settings_config( $args = array() ) {
699
  'size' => 4,
700
  ),
701
  'tikeeprec' => array(
702
- 'title' => __( 'Keep records for', 'wp-cerber' ),
 
 
 
 
 
703
  'label' => __( 'days', 'wp-cerber' ),
704
  'size' => 4,
705
  ),
@@ -1241,7 +1256,7 @@ function cerber_text2array( $text = '', $delimiter = '', $callback = '') {
1241
  * Each setting field must have a default value!
1242
  *
1243
  */
1244
- function cerber_get_defaults() {
1245
  $all_defaults = array(
1246
  CERBER_OPT => array(
1247
  'boot-mode' => 0,
@@ -1265,18 +1280,20 @@ function cerber_get_defaults() {
1265
  'loginpath' => '',
1266
  'loginnowp' => 0,
1267
 
 
1268
  'cilimit' => 200,
1269
- 'ciperiod' => 30,
1270
  'ciduration' => 60,
1271
  'cinotify' => 1,
1272
 
1273
- 'keeplog' => 30,
1274
- 'ip_extra' => 1,
1275
- 'cerberlab' => 0,
1276
- 'cerberproto' => 0,
1277
- 'usefile' => 0,
1278
- 'dateformat' => '',
1279
- 'admin_lang' => 0
 
1280
 
1281
  ),
1282
  CERBER_OPT_H => array(
@@ -1349,21 +1366,22 @@ function cerber_get_defaults() {
1349
  'enable-report' => '1', // workaround, see cerber_upgrade_settings()
1350
  ),
1351
  CERBER_OPT_T => array(
1352
- 'tienabled' => '1',
1353
- 'tiipwhite' => 0,
1354
- 'tiwhite' => '',
1355
- 'tierrmon' => '1',
1356
- 'tierrnoauth' => 0,
1357
- 'timode' => '1',
1358
- 'tinocrabs' => '1',
1359
- 'tifields' => 0,
1360
- 'timask' => '',
1361
- 'tihdrs' => 0,
1362
- 'tisenv' => 0,
1363
- 'ticandy' => 0,
1364
- 'tiphperr' => 0,
1365
- 'tithreshold' => '',
1366
- 'tikeeprec' => 7,
 
1367
  ),
1368
  CERBER_OPT_US => array(
1369
  'ds_4acc' => 0,
@@ -1431,6 +1449,14 @@ function cerber_get_defaults() {
1431
  ),
1432
  );
1433
 
 
 
 
 
 
 
 
 
1434
  return $all_defaults;
1435
  }
1436
 
224
  'name' => __( 'Citadel mode', 'wp-cerber' ),
225
  'desc' => __( 'In the Citadel mode nobody is able to log in except IPs from the White IP Access List. Active user sessions will not be affected.', 'wp-cerber' ),
226
  'fields' => array(
227
+ 'citadel_on' => array(
228
+ 'title' => __( 'Enable authentication log monitoring', 'wp-cerber' ),
229
+ //'doclink' => 'https://wpcerber.com/only-logged-in-wordpress-users/',
230
+ 'type' => 'checkbox',
231
+ 'default' => 0,
232
+ ),
233
  'citadel' => array(
234
  'title' => __( 'Threshold', 'wp-cerber' ),
235
  'type' => 'citadel',
236
+ 'enabler' => array( 'citadel_on' ),
237
  ),
238
  'ciduration' => array(
239
  'title' => __( 'Duration', 'wp-cerber' ),
240
  'label' => __( 'minutes', 'wp-cerber' ),
241
+ 'size' => 3,
242
+ 'enabler' => array( 'citadel_on' ),
243
  ),
244
  'cinotify' => array(
245
  'title' => __( 'Notifications', 'wp-cerber' ),
248
  ' [ <a href="' . cerber_admin_link_add( array(
249
  'cerber_admin_do' => 'testnotify',
250
  'type' => 'citadel',
251
+ ) ) . '">' . __( 'Click to send test', 'wp-cerber' ) . '</a> ]',
252
+ 'enabler' => array( 'citadel_on' ),
253
  ),
254
  ),
255
  ),
257
  'name' => __( 'Activity', 'wp-cerber' ),
258
  'fields' => array(
259
  'keeplog' => array(
260
+ 'title' => __( 'Keep log records of not logged in visitors for', 'wp-cerber' ),
261
  'label' => __( 'days', 'wp-cerber' ),
262
  //'label' => __( 'days, not logged in visitors', 'wp-cerber' ),
263
  'size' => 3
264
  ),
265
+ 'keeplog_auth' => array(
266
+ 'title' => __( 'Keep log records of logged in users for', 'wp-cerber' ),
267
+ 'label' => __( 'days', 'wp-cerber' ),
268
+ //'label' => __( 'days, logged in users', 'wp-cerber' ),
269
  'size' => 3
270
+ ),
271
  'cerberlab' => array(
272
  'title' => __( 'Cerber Lab connection', 'wp-cerber' ),
273
  'label' => __( 'Send malicious IP addresses to the Cerber Lab', 'wp-cerber' ) . ' <a target="_blank" href="http://wpcerber.com/cerber-laboratory/">Know more</a>',
709
  'size' => 4,
710
  ),
711
  'tikeeprec' => array(
712
+ 'title' => __( 'Keep log records of not logged in visitors for', 'wp-cerber' ),
713
+ 'label' => __( 'days', 'wp-cerber' ),
714
+ 'size' => 4,
715
+ ),
716
+ 'tikeeprec_auth' => array(
717
+ 'title' => __( 'Keep log records of logged in users for', 'wp-cerber' ),
718
  'label' => __( 'days', 'wp-cerber' ),
719
  'size' => 4,
720
  ),
1256
  * Each setting field must have a default value!
1257
  *
1258
  */
1259
+ function cerber_get_defaults( $setting = null ) {
1260
  $all_defaults = array(
1261
  CERBER_OPT => array(
1262
  'boot-mode' => 0,
1280
  'loginpath' => '',
1281
  'loginnowp' => 0,
1282
 
1283
+ 'citadel_on' => '1',
1284
  'cilimit' => 200,
1285
+ 'ciperiod' => 15,
1286
  'ciduration' => 60,
1287
  'cinotify' => 1,
1288
 
1289
+ 'keeplog' => 30,
1290
+ 'keeplog_auth' => 30,
1291
+ 'ip_extra' => 1,
1292
+ 'cerberlab' => 0,
1293
+ 'cerberproto' => 0,
1294
+ 'usefile' => 0,
1295
+ 'dateformat' => '',
1296
+ 'admin_lang' => 0
1297
 
1298
  ),
1299
  CERBER_OPT_H => array(
1366
  'enable-report' => '1', // workaround, see cerber_upgrade_settings()
1367
  ),
1368
  CERBER_OPT_T => array(
1369
+ 'tienabled' => '1',
1370
+ 'tiipwhite' => 0,
1371
+ 'tiwhite' => '',
1372
+ 'tierrmon' => '1',
1373
+ 'tierrnoauth' => 0,
1374
+ 'timode' => '1',
1375
+ 'tinocrabs' => '1',
1376
+ 'tifields' => 0,
1377
+ 'timask' => '',
1378
+ 'tihdrs' => 0,
1379
+ 'tisenv' => 0,
1380
+ 'ticandy' => 0,
1381
+ 'tiphperr' => 0,
1382
+ 'tithreshold' => '',
1383
+ 'tikeeprec' => 30,
1384
+ 'tikeeprec_auth' => 30,
1385
  ),
1386
  CERBER_OPT_US => array(
1387
  'ds_4acc' => 0,
1449
  ),
1450
  );
1451
 
1452
+ if ( $setting ) {
1453
+ foreach ( $all_defaults as $section ) {
1454
+ if ( isset( $section[ $setting ] ) ) {
1455
+ return $section[ $setting ];
1456
+ }
1457
+ }
1458
+ }
1459
+
1460
  return $all_defaults;
1461
  }
1462
 
wp-cerber.php CHANGED
@@ -5,7 +5,7 @@
5
  Description: Defends WordPress against hacker attacks, spam, trojans, and viruses. Malware scanner and integrity checker. Hardening WordPress with a set of comprehensive security algorithms. Spam protection with a sophisticated bot detection engine and reCAPTCHA. Tracks user and intruder activity with powerful email, mobile and desktop notifications.
6
  Author: Cerber Tech Inc.
7
  Author URI: https://wpcerber.com
8
- Version: 8.5.5
9
  Text Domain: wp-cerber
10
  Domain Path: /languages
11
  Network: true
@@ -31,7 +31,7 @@
31
 
32
  */
33
 
34
- define( 'CERBER_VER', '8.5.5' );
35
  define( 'CERBER_PLUGIN_ID', 'wp-cerber/wp-cerber.php' );
36
 
37
  function cerber_plugin_file() {
5
  Description: Defends WordPress against hacker attacks, spam, trojans, and viruses. Malware scanner and integrity checker. Hardening WordPress with a set of comprehensive security algorithms. Spam protection with a sophisticated bot detection engine and reCAPTCHA. Tracks user and intruder activity with powerful email, mobile and desktop notifications.
6
  Author: Cerber Tech Inc.
7
  Author URI: https://wpcerber.com
8
+ Version: 8.5.6
9
  Text Domain: wp-cerber
10
  Domain Path: /languages
11
  Network: true
31
 
32
  */
33
 
34
+ define( 'CERBER_VER', '8.5.6' );
35
  define( 'CERBER_PLUGIN_ID', 'wp-cerber/wp-cerber.php' );
36
 
37
  function cerber_plugin_file() {