Acunetix WP Security - Version 2.7.2

Version Description

Download this release

Release Info

Developer hallsofmontezuma
Plugin Icon wp plugin Acunetix WP Security
Version 2.7.2
Comparing to
See all releases

Code changes from version 2.7.1.2 to 2.7.2

Files changed (3) hide show
  1. functions.php +27 -4
  2. readme.txt +120 -120
  3. securityscan.php +2 -2
functions.php CHANGED
@@ -102,10 +102,33 @@ global $wp_version;
102
 
103
  function mrt_remove_wp_version()
104
  {
105
- if (!is_admin()) {
106
- global $wp_version;
107
- $wp_version = 'abc';
108
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
109
 
110
  }
111
 
102
 
103
  function mrt_remove_wp_version()
104
  {
105
+
106
+ function filter_generator( $gen, $type ) {
107
+ switch ( $type ) {
108
+ case 'html':
109
+ $gen = '<meta name="generator" content="WordPress">';
110
+ break;
111
+ case 'xhtml':
112
+ $gen = '<meta name="generator" content="WordPress" />';
113
+ break;
114
+ case 'atom':
115
+ $gen = '<generator uri="http://wordpress.org/">WordPress</generator>';
116
+ break;
117
+ case 'rss2':
118
+ $gen = '<generator>http://wordpress.org/?v=</generator>';
119
+ break;
120
+ case 'rdf':
121
+ $gen = '<admin:generatorAgent rdf:resource="http://wordpress.org/?v=" />';
122
+ break;
123
+ case 'comment':
124
+ $gen = '<!-- generator="WordPress" -->';
125
+ break;
126
+ }
127
+ return $gen;
128
+ }
129
+ foreach ( array( 'html', 'xhtml', 'atom', 'rss2', 'rdf', 'comment' ) as $type )
130
+ add_filter( "get_the_generator_$type", 'filter_generator', 10, 2 );
131
+
132
 
133
  }
134
 
readme.txt CHANGED
@@ -1,120 +1,120 @@
1
- === Plugin Name ===
2
- Contributors: hallsofmontezuma
3
- Donate link:https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=mrtorbert%40gmail%2ecom&item_name=Support%20WordPress%20Security%20Scan%20Plugin&no_shipping=0&no_note=1&tax=0&currency_code=USD&lc=US&bn=PP%2dDonationsBF&charset=UTF%2d8
4
- Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts
5
- plugins, private, protection, tracking, wordpress
6
- Requires at least: 2.3
7
- Tested up to: 2.8.4
8
- Stable tag: trunk
9
-
10
- Scans your WordPress installation for security vulnerabilities.
11
-
12
- == Description ==
13
-
14
- Scans your WordPress installation for security vulnerabilities and suggests
15
- corrective actions.
16
-
17
- -passwords<br />
18
- -file permissions<br />
19
- -database security<br />
20
- -version hiding<br />
21
- -WordPress admin protection/security<br />
22
- -removes WP Generator META tag from core code<br />
23
-
24
-
25
- **Future Releases**<br />
26
- *one-click change file/folder permissions<br />
27
- *test for XSS vulnerabilities<br />
28
- *intrusion detection/prevention<br />
29
- *lock out/log incorrect login attempts<br />
30
- *user enumeration protection<br />
31
- *.htaccess verification<br />
32
- *doc links<br />
33
-
34
- [Changelog](http://semperfiwebdesign.com/documentation/wp-security-scan/changelog/ "WP Security Scan Changelog")<br />
35
- [Documentation](http://semperfiwebdesign.com/category/documentation/wp-security-scan/ "WP Security Scan
36
- Documentation")
37
-
38
- == Installation ==
39
-
40
- 1. Create backup.
41
- 2. Upload the zip file to the `/wp-content/plugins/` directory
42
- 3. Unzip.
43
- 4. Activate the plugin through the 'Plugins' menu in WordPress
44
-
45
-
46
- Please let me know any bugs, improvements, comments, suggestions.
47
-
48
- == Frequently Asked Questions ==
49
-
50
- = Can I deactivate WP Security Scan once I've run it once? =
51
-
52
- No. WP Security Scan needs to be left activated to work. Version hiding,
53
- turning off DB errors, removing WP ID META tag from HTML output, and other
54
- functionality will cease if you deactivate the plugin.
55
-
56
- = How do I change the file permissions on my WordPress installation? =
57
-
58
- From the linux command line (for advanced users):
59
- chmod xxx filename.ext
60
- (replace xxx with with the permissions settings for the file or folder)
61
-
62
- From your FTP client:
63
- Most FTP clients, such as filezilla, etc, allow for changing file
64
- permissions. Please consult your clients documentation for your specific
65
- directions.
66
-
67
- For more information, please visit http://codex.wordpress.org/Changing_File_Permissions
68
-
69
- = Why do I need to hide my version of WordPress? =
70
-
71
- Alot of attackers and automated tools will try and determine software versions
72
- before launching exploit code. Removing your WordPress blog version may
73
- discourage some attackers and certainly will mitigate virus and worm programs
74
- that rely on software versions.
75
-
76
- NOTE: Hiding your version of WordPress may break any plugins you have which
77
- are version dependant.
78
-
79
- = How do I make Dagon Design's sitemap generator plugin compatible? =
80
- There is currently a small compatibility issue. This can be temporarily
81
- solved by opening securityscan.php and commenting out the line
82
- `add_action("init",mrt_remove_wp_version,1);`
83
- I have contacted Dagon Designs about creating a solution, which should
84
- hopefully be in a future upgrade to their plugin.
85
-
86
- == Screenshots ==
87
-
88
- 1. file/directories permissions check
89
- 2. password tools
90
-
91
- == WordPress Security ==
92
-
93
- <strong>Plugin currently in BETA version.
94
-
95
- == WordPress Security ==
96
-
97
- Security Scanner:
98
-
99
- 1. Scans Wordpress installation for file/directory permissions vulnerabilites
100
- 1. Recommends corrective actions
101
- 1. Scans for general security vulnerabilities
102
-
103
- Join the BETA testers group if:
104
-
105
- * you have experience as a software tester
106
- * you have no experience as a software tester
107
- * you have a WordPress installation dedicated for testing
108
- * you have a general enthusiasm for WordPress use and/or development
109
-
110
-
111
- Visit our homepage at [Semper Fi Web Design](http://semperfiwebdesign.com/ "Raleigh Web Design") or our plugin page at [Semper Fi Plugins][sf plugins].
112
- We look forward to hearing your comments and suggestions.
113
-
114
- [sf plugins]: http://semperfiwebdesign.com/plugins/
115
- "Raleigh Web Design"
116
-
117
- > WordPress Security Scanner for *2.3, 2.5*. Although if you're using lower
118
- > than 2.3 you should go ahead and install it because of **security**.
119
-
120
- `<?php code(); // backticks ?>`
1
+ === Plugin Name ===
2
+ Contributors: hallsofmontezuma
3
+ Donate link:https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=mrtorbert%40gmail%2ecom&item_name=Support%20WordPress%20Security%20Scan%20Plugin&no_shipping=0&no_note=1&tax=0&currency_code=USD&lc=US&bn=PP%2dDonationsBF&charset=UTF%2d8
4
+ Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts
5
+ plugins, private, protection, tracking, wordpress
6
+ Requires at least: 2.5
7
+ Tested up to: 3.0.1
8
+ Stable tag: trunk
9
+
10
+ Scans your WordPress installation for security vulnerabilities.
11
+
12
+ == Description ==
13
+
14
+ Scans your WordPress installation for security vulnerabilities and suggests
15
+ corrective actions.
16
+
17
+ -passwords<br />
18
+ -file permissions<br />
19
+ -database security<br />
20
+ -version hiding<br />
21
+ -WordPress admin protection/security<br />
22
+ -removes WP Generator META tag from core code<br />
23
+
24
+
25
+ **Future Releases**<br />
26
+ *one-click change file/folder permissions<br />
27
+ *test for XSS vulnerabilities<br />
28
+ *intrusion detection/prevention<br />
29
+ *lock out/log incorrect login attempts<br />
30
+ *user enumeration protection<br />
31
+ *.htaccess verification<br />
32
+ *doc links<br />
33
+
34
+ [Changelog](http://semperfiwebdesign.com/documentation/wp-security-scan/changelog/ "WP Security Scan Changelog")<br />
35
+ [Documentation](http://semperfiwebdesign.com/category/documentation/wp-security-scan/ "WP Security Scan
36
+ Documentation")
37
+
38
+ == Installation ==
39
+
40
+ 1. Create backup.
41
+ 2. Upload the zip file to the `/wp-content/plugins/` directory
42
+ 3. Unzip.
43
+ 4. Activate the plugin through the 'Plugins' menu in WordPress
44
+
45
+
46
+ Please let me know any bugs, improvements, comments, suggestions.
47
+
48
+ == Frequently Asked Questions ==
49
+
50
+ = Can I deactivate WP Security Scan once I've run it once? =
51
+
52
+ No. WP Security Scan needs to be left activated to work. Version hiding,
53
+ turning off DB errors, removing WP ID META tag from HTML output, and other
54
+ functionality will cease if you deactivate the plugin.
55
+
56
+ = How do I change the file permissions on my WordPress installation? =
57
+
58
+ From the linux command line (for advanced users):
59
+ chmod xxx filename.ext
60
+ (replace xxx with with the permissions settings for the file or folder)
61
+
62
+ From your FTP client:
63
+ Most FTP clients, such as filezilla, etc, allow for changing file
64
+ permissions. Please consult your clients documentation for your specific
65
+ directions.
66
+
67
+ For more information, please visit http://codex.wordpress.org/Changing_File_Permissions
68
+
69
+ = Why do I need to hide my version of WordPress? =
70
+
71
+ Alot of attackers and automated tools will try and determine software versions
72
+ before launching exploit code. Removing your WordPress blog version may
73
+ discourage some attackers and certainly will mitigate virus and worm programs
74
+ that rely on software versions.
75
+
76
+ NOTE: Hiding your version of WordPress may break any plugins you have which
77
+ are version dependant.
78
+
79
+ = How do I make Dagon Design's sitemap generator plugin compatible? =
80
+ There is currently a small compatibility issue. This can be temporarily
81
+ solved by opening securityscan.php and commenting out the line
82
+ `add_action("init",mrt_remove_wp_version,1);`
83
+ I have contacted Dagon Designs about creating a solution, which should
84
+ hopefully be in a future upgrade to their plugin.
85
+
86
+ == Screenshots ==
87
+
88
+ 1. file/directories permissions check
89
+ 2. password tools
90
+
91
+ == WordPress Security ==
92
+
93
+ <strong>Plugin currently in BETA version.
94
+
95
+ == WordPress Security ==
96
+
97
+ Security Scanner:
98
+
99
+ 1. Scans Wordpress installation for file/directory permissions vulnerabilites
100
+ 1. Recommends corrective actions
101
+ 1. Scans for general security vulnerabilities
102
+
103
+ Join the BETA testers group if:
104
+
105
+ * you have experience as a software tester
106
+ * you have no experience as a software tester
107
+ * you have a WordPress installation dedicated for testing
108
+ * you have a general enthusiasm for WordPress use and/or development
109
+
110
+
111
+ Visit our homepage at [Semper Fi Web Design](http://semperfiwebdesign.com/ "Raleigh Web Design") or our plugin page at [Semper Fi Plugins][sf plugins].
112
+ We look forward to hearing your comments and suggestions.
113
+
114
+ [sf plugins]: http://semperfiwebdesign.com/plugins/
115
+ "Raleigh Web Design"
116
+
117
+ > WordPress Security Scanner for *2.3, 2.5*. Although if you're using lower
118
+ > than 2.3 you should go ahead and install it because of **security**.
119
+
120
+ `<?php code(); // backticks ?>`
securityscan.php CHANGED
@@ -4,12 +4,12 @@ Plugin Name: WP Security Scan
4
  Plugin URI: http://semperfiwebdesign.com/plugins/wp-security-scan/
5
  Description: Perform security scan of WordPress installation.
6
  Author: Michael Torbert
7
- Version: 2.7.1.2
8
  Author URI: http://semperfiwebdesign.com/
9
  */
10
 
11
  /*
12
- Copyright (C) 2008-2009 Michael Torbert / semperfiwebdesign.com (michael AT semperfiwebdesign DOT com)
13
 
14
  This program is free software; you can redistribute it and/or modify
15
  it under the terms of the GNU General Public License as published by
4
  Plugin URI: http://semperfiwebdesign.com/plugins/wp-security-scan/
5
  Description: Perform security scan of WordPress installation.
6
  Author: Michael Torbert
7
+ Version: 2.7.2
8
  Author URI: http://semperfiwebdesign.com/
9
  */
10
 
11
  /*
12
+ Copyright (C) 2008-2010 Michael Torbert / semperfiwebdesign.com (michael AT semperfiwebdesign DOT com)
13
 
14
  This program is free software; you can redistribute it and/or modify
15
  it under the terms of the GNU General Public License as published by