WP fail2ban - Version 4.2.7

Version Description

  • Fix error when blocking user enumeration via REST.
  • Fix buttons on Settings tabs.
Download this release

Release Info

Developer invisnet
Plugin Icon 128x128 WP fail2ban
Version 4.2.7
Comparing to
See all releases

Code changes from version 4.2.6 to 4.2.7

Files changed (9) hide show
  1. admin/config.php +1 -5
  2. admin/lib/about.php +11 -0
  3. feature/lib.php +5 -12
  4. feature/user-enum.php +4 -5
  5. filters.d/wordpress-extra.conf +1 -1
  6. filters.d/wordpress-hard.conf +1 -1
  7. filters.d/wordpress-soft.conf +1 -1
  8. readme.txt +8 -1
  9. wp-fail2ban.php +2 -2
admin/config.php CHANGED
@@ -108,7 +108,7 @@ function render_tabs( array $tabs, $default, $menu )
108
  ?>" method="post">
109
  <?php
110
  settings_fields( 'wp-fail2ban' );
111
- $rendered = $active_tab->render();
112
  echo '<hr><p>' . __( '<strong>Note:</strong> The Free version of <em>WP fail2ban</em> is configured by defining constants in <tt>wp-config.php</tt>; these tabs display those values.' ) . '<br>' . __( 'Upgrade to the Premium version to enable this interface.' ) . '</p>' ;
113
  ?>
114
  </form>
@@ -131,10 +131,6 @@ function remote_tools()
131
  <?php
132
 
133
  if ( function_exists( '\\org\\lecklider\\charles\\wordpress\\wp_fail2ban\\addons\\remote_tools\\tab' ) ) {
134
- //delete_user_meta($current_user->ID, 'wp-fail2ban-tools-notice-ignore');
135
- if ( !get_user_meta( $current_user->ID, 'wp-fail2ban-tools-notice-ignore' ) ) {
136
- echo '<div class="notice notice-info"><p><strong>N.B.</strong> These tools are provided from a remote server. <a href="?page=wp-fail2ban-tools&wp-fail2ban-tools-dismiss-notice">Dismiss</a></p></div>' ;
137
- }
138
  \org\lecklider\charles\wordpress\wp_fail2ban\addons\remote_tools\tab();
139
  } else {
140
  ?>
108
  ?>" method="post">
109
  <?php
110
  settings_fields( 'wp-fail2ban' );
111
+ $active_tab->render();
112
  echo '<hr><p>' . __( '<strong>Note:</strong> The Free version of <em>WP fail2ban</em> is configured by defining constants in <tt>wp-config.php</tt>; these tabs display those values.' ) . '<br>' . __( 'Upgrade to the Premium version to enable this interface.' ) . '</p>' ;
113
  ?>
114
  </form>
131
  <?php
132
 
133
  if ( function_exists( '\\org\\lecklider\\charles\\wordpress\\wp_fail2ban\\addons\\remote_tools\\tab' ) ) {
 
 
 
 
134
  \org\lecklider\charles\wordpress\wp_fail2ban\addons\remote_tools\tab();
135
  } else {
136
  ?>
admin/lib/about.php CHANGED
@@ -39,6 +39,17 @@ function about( $hide_title = false )
39
  <div id="poststuff">
40
  <div id="post-body" class="metabox-holder columns-2">
41
  <div id="post-body-content">
 
 
 
 
 
 
 
 
 
 
 
42
  <div class="meta-box-sortables ui-sortable">
43
  <div class="postbox">
44
  <h2>Version 4.2.6</h2>
39
  <div id="poststuff">
40
  <div id="post-body" class="metabox-holder columns-2">
41
  <div id="post-body-content">
42
+ <div class="meta-box-sortables ui-sortable">
43
+ <div class="postbox">
44
+ <h2>Version 4.2.7</h2>
45
+ <div class="inside">
46
+ <ul>
47
+ <li>Fix error when blocking user enumeration via REST.</li>
48
+ <li>Fix buttons on Settings tabs.</li>
49
+ </ul>
50
+ </div>
51
+ </div>
52
+ </div>
53
  <div class="meta-box-sortables ui-sortable">
54
  <div class="postbox">
55
  <h2>Version 4.2.6</h2>
feature/lib.php CHANGED
@@ -71,22 +71,15 @@ function syslog( $level, $msg, $remote_addr = null )
71
  /**
72
  * Graceful immediate exit
73
  *
 
74
  * @since 4.0.5 Add JSON support
75
  * @since 3.5.0 Refactored for unit testing
76
- *
77
- * @param bool $is_json
78
  */
79
- function bail( $is_json = false )
80
  {
81
-
82
- if ( $is_json ) {
83
- return new \WP_Error( 403, 'Forbidden' );
84
- } else {
85
- wp_die( 'Forbidden', 'Forbidden', array(
86
- 'response' => 403,
87
- ) );
88
- }
89
-
90
  }
91
 
92
  /**
71
  /**
72
  * Graceful immediate exit
73
  *
74
+ * @since 4.2.7 Remove JSON support
75
  * @since 4.0.5 Add JSON support
76
  * @since 3.5.0 Refactored for unit testing
 
 
77
  */
78
+ function bail()
79
  {
80
+ wp_die( 'Forbidden', 'Forbidden', array(
81
+ 'response' => 403,
82
+ ) );
 
 
 
 
 
 
83
  }
84
 
85
  /**
feature/user-enum.php CHANGED
@@ -18,22 +18,21 @@ if ( !function_exists( __NAMESPACE__ . '\\_log_bail_user_enum' ) ) {
18
  /**
19
  * Common enumeration handling
20
  *
 
21
  * @since 4.1.0 Add JSON support
22
  * @since 4.0.0
23
  *
24
- * @param bool $is_json
25
- *
26
  * @return \WP_Error
27
  *
28
  * @wp-f2b-hard Blocked user enumeration attempt
29
  */
30
- function _log_bail_user_enum( $is_json = false )
31
  {
32
  openlog();
33
  syslog( LOG_NOTICE, 'Blocked user enumeration attempt' );
34
  closelog();
35
  // @codeCoverageIgnoreEnd
36
- return bail( $is_json );
37
  }
38
 
39
  }
@@ -90,7 +89,7 @@ if ( !function_exists( __NAMESPACE__ . '\\rest_user_query' ) ) {
90
  function rest_user_query( $prepared_args, $request )
91
  {
92
  if ( !current_user_can( 'list_users' ) ) {
93
- return _log_bail_user_enum( true );
94
  }
95
  return $prepared_args;
96
  }
18
  /**
19
  * Common enumeration handling
20
  *
21
+ * @since 4.2.7 Remove JSON support
22
  * @since 4.1.0 Add JSON support
23
  * @since 4.0.0
24
  *
 
 
25
  * @return \WP_Error
26
  *
27
  * @wp-f2b-hard Blocked user enumeration attempt
28
  */
29
+ function _log_bail_user_enum()
30
  {
31
  openlog();
32
  syslog( LOG_NOTICE, 'Blocked user enumeration attempt' );
33
  closelog();
34
  // @codeCoverageIgnoreEnd
35
+ return bail();
36
  }
37
 
38
  }
89
  function rest_user_query( $prepared_args, $request )
90
  {
91
  if ( !current_user_can( 'list_users' ) ) {
92
+ return _log_bail_user_enum();
93
  }
94
  return $prepared_args;
95
  }
filters.d/wordpress-extra.conf CHANGED
@@ -1,5 +1,5 @@
1
  # Fail2Ban filter for WordPress extra failures
2
- # Auto-generated: 2019-09-23T21:28:58+00:00
3
  #
4
 
5
  [INCLUDES]
1
  # Fail2Ban filter for WordPress extra failures
2
+ # Auto-generated: 2019-09-24T03:49:49+00:00
3
  #
4
 
5
  [INCLUDES]
filters.d/wordpress-hard.conf CHANGED
@@ -1,5 +1,5 @@
1
  # Fail2Ban filter for WordPress hard failures
2
- # Auto-generated: 2019-09-23T21:28:58+00:00
3
  #
4
 
5
  [INCLUDES]
1
  # Fail2Ban filter for WordPress hard failures
2
+ # Auto-generated: 2019-09-24T03:49:49+00:00
3
  #
4
 
5
  [INCLUDES]
filters.d/wordpress-soft.conf CHANGED
@@ -1,5 +1,5 @@
1
  # Fail2Ban filter for WordPress soft failures
2
- # Auto-generated: 2019-09-23T21:28:58+00:00
3
  #
4
 
5
  [INCLUDES]
1
  # Fail2Ban filter for WordPress soft failures
2
+ # Auto-generated: 2019-09-24T03:49:49+00:00
3
  #
4
 
5
  [INCLUDES]
readme.txt CHANGED
@@ -6,7 +6,7 @@ Plugin URI: https://wp-fail2ban.com/
6
  Tags: fail2ban, login, security, syslog
7
  Requires at least: 4.2
8
  Tested up to: 5.2
9
- Stable tag: 4.2.6
10
  Requires PHP: 5.3
11
  License: GPLv2 or later
12
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -70,6 +70,10 @@ Write a myriad of WordPress events to syslog for integration with fail2ban.
70
 
71
  == Changelog ==
72
 
 
 
 
 
73
  = 4.2.6 =
74
  * Add support for [Remote Tools](https://wp-fail2ban.com/add-ons/remote-tools/) add-on.
75
  * Add support for the new ClassicPress security page.
@@ -221,6 +225,9 @@ Write a myriad of WordPress events to syslog for integration with fail2ban.
221
 
222
  == Upgrade Notice ==
223
 
 
 
 
224
  = 4.2.6 =
225
  This is a minor release. You do not need to update your filters from 4.1.0.
226
 
6
  Tags: fail2ban, login, security, syslog
7
  Requires at least: 4.2
8
  Tested up to: 5.2
9
+ Stable tag: 4.2.7
10
  Requires PHP: 5.3
11
  License: GPLv2 or later
12
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
70
 
71
  == Changelog ==
72
 
73
+ = 4.2.7 =
74
+ * Fix error when blocking user enumeration via REST.
75
+ * Fix buttons on Settings tabs.
76
+
77
  = 4.2.6 =
78
  * Add support for [Remote Tools](https://wp-fail2ban.com/add-ons/remote-tools/) add-on.
79
  * Add support for the new ClassicPress security page.
225
 
226
  == Upgrade Notice ==
227
 
228
+ = 4.2.7 =
229
+ This is a bugfix release. You do not need to update your filters from 4.1.0.
230
+
231
  = 4.2.6 =
232
  This is a minor release. You do not need to update your filters from 4.1.0.
233
 
wp-fail2ban.php CHANGED
@@ -5,7 +5,7 @@
5
  * Plugin URI: https://wp-fail2ban.com/
6
  * Description: Write a myriad of WordPress events to syslog for integration with fail2ban.
7
  * Text Domain: wp-fail2ban
8
- * Version: 4.2.6
9
  * Author: Charles Lecklider
10
  * Author URI: https://charles.lecklider.org/
11
  * License: GPLv2
@@ -39,7 +39,7 @@ namespace org\lecklider\charles\wordpress\wp_fail2ban;
39
  /**
40
  * @since 4.0.5
41
  */
42
- define( 'WP_FAIL2BAN_VER', '4.2.6' );
43
  define( 'WP_FAIL2BAN_FILE', __FILE__ );
44
 
45
  if ( defined( 'ABSPATH' ) ) {
5
  * Plugin URI: https://wp-fail2ban.com/
6
  * Description: Write a myriad of WordPress events to syslog for integration with fail2ban.
7
  * Text Domain: wp-fail2ban
8
+ * Version: 4.2.7
9
  * Author: Charles Lecklider
10
  * Author URI: https://charles.lecklider.org/
11
  * License: GPLv2
39
  /**
40
  * @since 4.0.5
41
  */
42
+ define( 'WP_FAIL2BAN_VER', '4.2.7' );
43
  define( 'WP_FAIL2BAN_FILE', __FILE__ );
44
 
45
  if ( defined( 'ABSPATH' ) ) {