Shield Security for WordPress - Version 11.4.2

Version Description

Download this release

Release Info

Developer paultgoodchild
Plugin Icon 128x128 Shield Security for WordPress
Version 11.4.2
Comparing to
See all releases

Code changes from version 11.4.1 to 11.4.2

Files changed (19) hide show
  1. cl.json +18 -0
  2. icwp-wpsf.php +1 -1
  3. plugin-spec.php +3 -3
  4. readme.txt +13 -13
  5. src/config/feature-integrations.php +1 -1
  6. src/lib/src/Modules/Base/ModCon.php +1 -2
  7. src/lib/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php +0 -13
  8. src/lib/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForCrowdSource.php +56 -0
  9. src/lib/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php +3 -27
  10. src/lib/src/Modules/HackGuard/Lib/Snapshots/CrowdSourced/SubmitHashes.php +11 -5
  11. src/lib/src/Modules/HackGuard/Lib/Snapshots/Store.php +10 -1
  12. src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/Build.php +6 -6
  13. src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/ScheduleBuildAll.php +7 -7
  14. src/lib/src/Modules/IPs/Lib/Bots/ShieldNET/BuildData.php +20 -5
  15. src/lib/src/Modules/Integrations/ModCon.php +4 -0
  16. src/lib/vendor/composer/autoload_classmap.php +1 -0
  17. src/lib/vendor/composer/autoload_static.php +1 -0
  18. src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/CrowdSourcedHashes/Submit/BaseSubmit.php +0 -1
  19. templates/twig/snippets/login_intent/form.twig +1 -1
cl.json CHANGED
@@ -46,6 +46,24 @@
46
  "pro_only": false,
47
  "title": "Capturing and managing user 2-Factor Authentication is improved.",
48
  "description": []
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
49
  }
50
  ]
51
  },
46
  "pro_only": false,
47
  "title": "Capturing and managing user 2-Factor Authentication is improved.",
48
  "description": []
49
+ },
50
+ {
51
+ "type": "improved",
52
+ "title": "Tweaks and adjustments to crowd-sourced hashing.",
53
+ "description": [],
54
+ "patch": "11.4.2"
55
+ },
56
+ {
57
+ "type": "fixed",
58
+ "title": "Certain modules would still run even though 'forceoff' file was present.",
59
+ "description": [],
60
+ "patch": "11.4.2"
61
+ },
62
+ {
63
+ "type": "fixed",
64
+ "title": "HTML formatting issue with the 2FA Login Page.",
65
+ "description": [],
66
+ "patch": "11.4.2"
67
  }
68
  ]
69
  },
icwp-wpsf.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: Shield Security
4
  * Plugin URI: https://shsec.io/2f
5
  * Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6
- * Version: 11.4.1
7
  * Text Domain: wp-simple-firewall
8
  * Domain Path: /languages
9
  * Author: Shield Security
3
  * Plugin Name: Shield Security
4
  * Plugin URI: https://shsec.io/2f
5
  * Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6
+ * Version: 11.4.2
7
  * Text Domain: wp-simple-firewall
8
  * Domain Path: /languages
9
  * Author: Shield Security
plugin-spec.php CHANGED
@@ -1,8 +1,8 @@
1
  {
2
  "properties": {
3
- "version": "11.4.1",
4
- "release_timestamp": 1625566008,
5
- "build": "202107.0602",
6
  "slug_parent": "icwp",
7
  "slug_plugin": "wpsf",
8
  "human_name": "Shield Security",
1
  {
2
  "properties": {
3
+ "version": "11.4.2",
4
+ "release_timestamp": 1625589161,
5
+ "build": "202107.0604",
6
  "slug_parent": "icwp",
7
  "slug_plugin": "wpsf",
8
  "human_name": "Shield Security",
readme.txt CHANGED
@@ -8,17 +8,17 @@ Requires at least: 3.7
8
  Requires PHP: 7.0
9
  Recommended PHP: 7.4
10
  Tested up to: 5.8
11
- Stable tag: 11.4.1
12
 
13
- No-Nonsense Security Hardening that protects you against hackers, malicious bots, spammers (no captchas!). Now with exclusive ShieldNET Technology.
14
 
15
  == Description ==
16
 
17
- Shield is the only NO-nonsense security solution that defends and protects your WordPress sites against hackers and malicious bots of all types. With our exclusive, *no-need-for-captcha* security technology you can limit login attempts, block brute force attacks and prevent 100% bot comment SPAM.
18
 
19
- Shield Security automatically blocks bad IP addresses while optimising performance so your WordPress site never slows down because of security with large IP lookup tables .
20
 
21
- ShieldNET is our new and exclusive network-based intelligence platform that draws-in information from all around the globe to help Shield Security plugins be smarter when assessing security threats and taking appropriate action.
22
 
23
  #### Get the highest rated 5* Security Plugin for WordPress
24
 
@@ -28,15 +28,15 @@ Per download, Shield Security [has the highest 5* rating](https://shsec.io/jl) i
28
 
29
  Our Security solution isn't designed to scare you and make you feel unsafe.
30
 
31
- Shield simply provide powerful WordPress security without the marketing hype and noise.
32
 
33
- Shield Security makes intelligent decisions to protect your site and maintain your site security and integrity, so you don't have to.
34
 
35
- ## Your Goal: Peace Of Mind and Freedom From Hackers
36
 
37
- To stay protected, your WordPress Security must to be smarter, and uncomplicated. Shield Security is the only WordPress security plugin that can detect the #1 cause of WordPress security hacking - Bad Bots.
38
 
39
- Shield's goal is to help you become free from repetitive and complicated security work, allowing you to *re-focus and re-dedicate yourself to the work you love to do*.
40
 
41
  ### 2 Key WordPress Security Strategies
42
 
@@ -47,11 +47,11 @@ Shield Security uses 2 simple key strategies to protect your WordPress sites:
47
 
48
  #### Key Security Strategy #1: Hacking Prevention
49
 
50
- Bots cause nearly all our security troubles - they're relentless, automatic and powerful.
51
 
52
- Shield Security is the only plugin dedicated to their detection and eradication from your WordPress site.
53
 
54
- Blocking malicious bots before they do damage is the key security strategy to protect and enhance security on a WordPress site.
55
 
56
  Shield detects these malicious visitors, then blocks their access to your site completely. This involves analysing different security bot-signals and combining them to identify a visitor as malicious.
57
 
8
  Requires PHP: 7.0
9
  Recommended PHP: 7.4
10
  Tested up to: 5.8
11
+ Stable tag: 11.4.2
12
 
13
+ No-Nonsense Security Hardening that protects WordPress against hackers, malicious bots, and spammers (no captchas!). Now with exclusive ShieldNET Technology.
14
 
15
  == Description ==
16
 
17
+ **No-Nonsense, No-Hype. Just Security Protection**. Shield is the only NO-nonsense security solution that defends and protects your WordPress sites against hackers and malicious bots, of all types. With our exclusive, *no-need-for-captcha* security technology you can limit login attempts, block brute force attacks and prevent 100% bot comment SPAM.
18
 
19
+ **Performance is critical**. Shield Security automatically blocks bad IP addresses while optimising performance so your WordPress site never slows down because of bloated security, with large IP lookup tables .
20
 
21
+ **Use the power of the network**. ShieldNET is our new and exclusive network-based intelligence platform that draws-in information from all around the globe to help Shield Security plugins be smarter when assessing security threats and taking appropriate action.
22
 
23
  #### Get the highest rated 5* Security Plugin for WordPress
24
 
28
 
29
  Our Security solution isn't designed to scare you and make you feel unsafe.
30
 
31
+ We're all about delivering powerful security without the scary stories and fear-based marketing. We're all about WordPress security without the marketing hype.
32
 
33
+ Shield Security is full of great security tools that let it make intelligent decisions to protect your site and maintain your site security and integrity, so *you* don't have to.
34
 
35
+ ## Your Goal And Ours: Peace Of Mind and Freedom From Hackers
36
 
37
+ Bots are the #1 cause of WordPress security hacking.
38
 
39
+ To stay protected, your WordPress Security must be smarter and remain uncomplicated. Shield Security is the only WordPress security plugin with our exclusive, built-in Bot Detection.
40
 
41
  ### 2 Key WordPress Security Strategies
42
 
47
 
48
  #### Key Security Strategy #1: Hacking Prevention
49
 
50
+ Bad Bots are the primary cause for nearly all our security troubles - they're relentless, automatic and powerful.
51
 
52
+ Shield Security is highly focused on their detection and eradication from your WordPress sites.
53
 
54
+ Blocking malicious bots before they do damage through malware and exploitation of vulnerabilities is the #1 security strategy to protect and enhance security on a WordPress site.
55
 
56
  Shield detects these malicious visitors, then blocks their access to your site completely. This involves analysing different security bot-signals and combining them to identify a visitor as malicious.
57
 
src/config/feature-integrations.php CHANGED
@@ -8,7 +8,7 @@
8
  "sidebar_name": "Integrations",
9
  "show_module_options": true,
10
  "show_module_menu_item": false,
11
- "auto_enabled": true,
12
  "show_central": true,
13
  "premium": false,
14
  "access_restricted": true,
8
  "sidebar_name": "Integrations",
9
  "show_module_options": true,
10
  "show_module_menu_item": false,
11
+ "auto_enabled": false,
12
  "show_central": true,
13
  "premium": false,
14
  "access_restricted": true,
src/lib/src/Modules/Base/ModCon.php CHANGED
@@ -526,8 +526,7 @@ abstract class ModCon {
526
  elseif ( $this->getCon()->getIfForceOffActive() ) {
527
  $enabled = false;
528
  }
529
- elseif ( $this->getOptions()->getFeatureProperty( 'premium' ) === true
530
- && !$this->isPremium() ) {
531
  $enabled = false;
532
  }
533
  else {
526
  elseif ( $this->getCon()->getIfForceOffActive() ) {
527
  $enabled = false;
528
  }
529
+ elseif ( $this->getOptions()->getFeatureProperty( 'premium' ) === true && !$this->isPremium() ) {
 
530
  $enabled = false;
531
  }
532
  else {
src/lib/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php CHANGED
@@ -31,19 +31,6 @@ class BuildHashesForAsset {
31
  ->build( $asset->getInstallDir() );
32
  }
33
 
34
- /**
35
- * All file keys are their normalised file paths, with the ABSPATH stripped from it.
36
- * @param WpPluginVo|WpThemeVo $asset
37
- * @return string[]
38
- */
39
- public function buildNormalised( $asset ) :array {
40
- return ( new BuildHashesFromDir() )
41
- ->setHashAlgo( $this->getHashAlgo() )
42
- ->setDepth( 0 )
43
- ->setFileExts( [] )
44
- ->buildNormalised( $asset->getInstallDir() );
45
- }
46
-
47
  /**
48
  * @return string
49
  */
31
  ->build( $asset->getInstallDir() );
32
  }
33
 
 
 
 
 
 
 
 
 
 
 
 
 
 
34
  /**
35
  * @return string
36
  */
src/lib/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForCrowdSource.php ADDED
@@ -0,0 +1,56 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php declare( strict_types=1 );
2
+
3
+ namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\Snapshots\Build;
4
+
5
+ use FernleafSystems\Wordpress\Plugin\Shield\Scans\Helpers\StandardDirectoryIterator;
6
+ use FernleafSystems\Wordpress\Services\Core\VOs\Assets\{
7
+ WpPluginVo,
8
+ WpThemeVo
9
+ };
10
+ use FernleafSystems\Wordpress\Services\Services;
11
+
12
+ class BuildHashesForCrowdSource {
13
+
14
+ /**
15
+ * All file keys are their normalised file paths, with the asset root dir stripped from it.
16
+ * @param WpPluginVo|WpThemeVo $asset
17
+ * @return string[]
18
+ */
19
+ public function build( $asset ) :array {
20
+ $hashes = [];
21
+ $DM = Services::DataManipulation();
22
+ $dir = wp_normalize_path( $asset->getInstallDir() );
23
+ try {
24
+ $exts = $this->getExtensions();
25
+ foreach ( StandardDirectoryIterator::create( $dir, 0, [] ) as $file ) {
26
+ /** @var \SplFileInfo $file */
27
+ if ( in_array( strtolower( $file->getExtension() ), $exts ) ) {
28
+ $fullPath = $file->getPathname();
29
+ $key = str_replace( $dir, '', wp_normalize_path( $fullPath ) );
30
+ $hashes[ $key ] = hash( 'sha1', $DM->convertLineEndingsDosToLinux( $fullPath ) );
31
+ }
32
+ }
33
+ ksort( $hashes, SORT_NATURAL );
34
+ }
35
+ catch ( \Exception $e ) {
36
+ $hashes = [];
37
+ }
38
+ return $hashes;
39
+ }
40
+
41
+ private function getExtensions() :array {
42
+ return [
43
+ 'php',
44
+ 'php5',
45
+ 'php7',
46
+ 'js',
47
+ 'json',
48
+ 'css',
49
+ 'htm',
50
+ 'html',
51
+ 'svg',
52
+ 'twig',
53
+ 'hbs',
54
+ ];
55
+ }
56
+ }
src/lib/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php CHANGED
@@ -3,7 +3,6 @@
3
  namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\Snapshots\Build;
4
 
5
  use FernleafSystems\Wordpress\Plugin\Shield\Scans\Helpers\StandardDirectoryIterator;
6
- use FernleafSystems\Wordpress\Services\Services;
7
 
8
  /**
9
  * Class BuildHashesFromDir
@@ -32,39 +31,16 @@ class BuildHashesFromDir {
32
  * @return string[]
33
  */
34
  public function build( $dir, bool $binary = false ) {
35
- $aSnaps = [];
36
  try {
37
  $dir = wp_normalize_path( $dir );
38
  $sAlgo = $this->getHashAlgo();
39
  $oDirIt = StandardDirectoryIterator::create( $dir, $this->nDepth, $this->aFileExts );
40
- foreach ( $oDirIt as $oFile ) {
41
- /** @var \SplFileInfo $oFile */
42
- $sFullPath = $oFile->getPathname();
43
- $sKey = str_replace( $dir, '', wp_normalize_path( $sFullPath ) );
44
- $aSnaps[ $sKey ] = hash_file( $sAlgo, $sFullPath, $binary );
45
- }
46
- }
47
- catch ( \Exception $e ) {
48
- }
49
- return $aSnaps;
50
- }
51
-
52
- /**
53
- * All file keys are their normalised file paths, with the ABSPATH stripped from it.
54
- * @param string $dir
55
- * @return string[]
56
- */
57
- public function buildNormalised( string $dir ) :array {
58
- $snaps = [];
59
- $DM = Services::DataManipulation();
60
- try {
61
- $dir = wp_normalize_path( $dir );
62
- $algo = $this->getHashAlgo();
63
- foreach ( StandardDirectoryIterator::create( $dir, $this->nDepth, $this->aFileExts ) as $file ) {
64
  /** @var \SplFileInfo $file */
65
  $fullPath = $file->getPathname();
66
  $key = str_replace( $dir, '', wp_normalize_path( $fullPath ) );
67
- $snaps[ $key ] = hash( $algo, $DM->convertLineEndingsDosToLinux( $fullPath ) );
68
  }
69
  }
70
  catch ( \Exception $e ) {
3
  namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\Snapshots\Build;
4
 
5
  use FernleafSystems\Wordpress\Plugin\Shield\Scans\Helpers\StandardDirectoryIterator;
 
6
 
7
  /**
8
  * Class BuildHashesFromDir
31
  * @return string[]
32
  */
33
  public function build( $dir, bool $binary = false ) {
34
+ $snaps = [];
35
  try {
36
  $dir = wp_normalize_path( $dir );
37
  $sAlgo = $this->getHashAlgo();
38
  $oDirIt = StandardDirectoryIterator::create( $dir, $this->nDepth, $this->aFileExts );
39
+ foreach ( $oDirIt as $file ) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
40
  /** @var \SplFileInfo $file */
41
  $fullPath = $file->getPathname();
42
  $key = str_replace( $dir, '', wp_normalize_path( $fullPath ) );
43
+ $snaps[ $key ] = hash_file( $sAlgo, $fullPath, $binary );
44
  }
45
  }
46
  catch ( \Exception $e ) {
src/lib/src/Modules/HackGuard/Lib/Snapshots/CrowdSourced/SubmitHashes.php CHANGED
@@ -33,15 +33,21 @@ class SubmitHashes {
33
  public function run( $asset ) {
34
  $this->asset = $asset;
35
 
36
- $this->hashes = ( new Build\BuildHashesForAsset() )
37
- ->setHashAlgo( 'sha1' )
38
- ->buildNormalised( $asset );
39
 
40
- if ( $this->isSubmitRequired() ) {
41
- $this->submit();
 
42
  }
43
  }
44
 
 
 
 
 
 
45
  private function isSubmitRequired() :bool {
46
  $response = ( new PreSubmit() )
47
  ->setHashes( $this->hashes )
33
  public function run( $asset ) {
34
  $this->asset = $asset;
35
 
36
+ if ( $this->canSubmitAsset() ) {
37
+ $this->hashes = ( new Build\BuildHashesForCrowdSource() )
38
+ ->build( $asset );
39
 
40
+ if ( !empty( $this->hashes ) && $this->isSubmitRequired() ) {
41
+ $this->submit();
42
+ }
43
  }
44
  }
45
 
46
+ private function canSubmitAsset() :bool {
47
+ return preg_match( '#^[0-9.]$#', $this->asset->Version )
48
+ && preg_match( '#^[0-9a-z]+[0-9a-z_\-]+$#i', $this->asset->slug );
49
+ }
50
+
51
  private function isSubmitRequired() :bool {
52
  $response = ( new PreSubmit() )
53
  ->setHashes( $this->hashes )
src/lib/src/Modules/HackGuard/Lib/Snapshots/Store.php CHANGED
@@ -67,7 +67,16 @@ class Store {
67
  }
68
 
69
  protected function getSlug() :string {
70
- return ( $this->asset->asset_type === 'plugin' ) ? dirname( $this->asset->file ) : $this->asset->stylesheet;
 
 
 
 
 
 
 
 
 
71
  }
72
 
73
  /**
67
  }
68
 
69
  protected function getSlug() :string {
70
+ if ( $this->asset->asset_type === 'plugin' ) {
71
+ $slug = dirname( $this->asset->file );
72
+ if ( empty( $slug ) ) {
73
+ $slug = $this->asset->file;
74
+ }
75
+ }
76
+ else {
77
+ $slug = $this->asset->stylesheet;
78
+ }
79
+ return empty( $slug ) ? '' : $slug;
80
  }
81
 
82
  /**
src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/Build.php CHANGED
@@ -19,24 +19,24 @@ class Build extends BaseAction {
19
  catch ( \Exception $e ) {
20
  }
21
 
22
- $aMeta = $this->generateMeta();
23
  if ( empty( $hashes ) ) {
24
  $hashes = ( new Snapshots\Build\BuildHashesForAsset() )
25
  ->setHashAlgo( 'md5' )
26
  ->build( $asset );
27
- $aMeta[ 'live_hashes' ] = false;
28
  }
29
  else {
30
- $aMeta[ 'live_hashes' ] = true;
31
  }
32
 
33
  if ( !empty( $hashes ) ) {
34
- $oStore = ( new CreateNew() )
35
  ->setMod( $this->getMod() )
36
  ->setAsset( $asset )
37
  ->run();
38
- $oStore->setSnapData( $hashes )
39
- ->setSnapMeta( $aMeta )
40
  ->save();
41
  }
42
  }
19
  catch ( \Exception $e ) {
20
  }
21
 
22
+ $meta = $this->generateMeta();
23
  if ( empty( $hashes ) ) {
24
  $hashes = ( new Snapshots\Build\BuildHashesForAsset() )
25
  ->setHashAlgo( 'md5' )
26
  ->build( $asset );
27
+ $meta[ 'live_hashes' ] = false;
28
  }
29
  else {
30
+ $meta[ 'live_hashes' ] = true;
31
  }
32
 
33
  if ( !empty( $hashes ) ) {
34
+ $store = ( new CreateNew() )
35
  ->setMod( $this->getMod() )
36
  ->setAsset( $asset )
37
  ->run();
38
+ $store->setSnapData( $hashes )
39
+ ->setSnapMeta( $meta )
40
  ->save();
41
  }
42
  }
src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/ScheduleBuildAll.php CHANGED
@@ -19,16 +19,16 @@ class ScheduleBuildAll extends BaseBulk {
19
  ->setMod( $this->getMod() )
20
  ->setAsset( $asset )
21
  ->run();
 
 
 
 
 
 
22
  }
23
  catch ( \Exception $e ) {
24
  error_log( '[Build Asset] Notice: '.$e->getMessage() );
25
  }
26
-
27
- if ( $this->getCon()->isPremiumActive() && ( $asset->asset_type === 'plugin' || !$asset->is_child ) ) {
28
- ( new SubmitHashes() )
29
- ->setMod( $this->getMod() )
30
- ->run( $asset );
31
- }
32
  }
33
  }
34
 
@@ -41,7 +41,7 @@ class ScheduleBuildAll extends BaseBulk {
41
  public function schedule() {
42
  $hook = $this->getCronHook();
43
  if ( wp_next_scheduled( $hook ) === false && count( $this->getAssetsThatNeedBuilt() ) > 0 ) {
44
- wp_schedule_single_event( Services::Request()->ts() + 15, $hook );
45
  }
46
  }
47
 
19
  ->setMod( $this->getMod() )
20
  ->setAsset( $asset )
21
  ->run();
22
+
23
+ if ( $this->getCon()->isPremiumActive() && ( $asset->asset_type === 'plugin' || !$asset->is_child ) ) {
24
+ ( new SubmitHashes() )
25
+ ->setMod( $this->getMod() )
26
+ ->run( $asset );
27
+ }
28
  }
29
  catch ( \Exception $e ) {
30
  error_log( '[Build Asset] Notice: '.$e->getMessage() );
31
  }
 
 
 
 
 
 
32
  }
33
  }
34
 
41
  public function schedule() {
42
  $hook = $this->getCronHook();
43
  if ( wp_next_scheduled( $hook ) === false && count( $this->getAssetsThatNeedBuilt() ) > 0 ) {
44
+ wp_schedule_single_event( Services::Request()->ts() + 60, $hook );
45
  }
46
  }
47
 
src/lib/src/Modules/IPs/Lib/Bots/ShieldNET/BuildData.php CHANGED
@@ -7,6 +7,7 @@ use FernleafSystems\Wordpress\Plugin\Shield\Databases\BotSignals\Select;
7
  use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\ModCon;
8
  use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
9
  use FernleafSystems\Wordpress\Services\Services;
 
10
 
11
  class BuildData {
12
 
@@ -19,7 +20,7 @@ class BuildData {
19
  $this->markRecordsAsSent( $recordsToSend );
20
  }
21
 
22
- $results = array_filter( array_map(
23
  function ( $entryVO ) {
24
  $data = [
25
  'ip' => $entryVO->ip,
@@ -31,14 +32,28 @@ class BuildData {
31
  $data[ 'signals' ][] = str_replace( '_at', '', $col );
32
  }
33
  }
34
- return empty( $data[ 'signals' ] ) ? [] : $data;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
35
  },
36
  $recordsToSend
37
  ) );
38
 
39
  // We order with preference towards IPs with more signals.
40
  // And, if the only signal is "frontpage" we prefer anything else before it.
41
- usort( $results, function ( $a, $b ) {
42
  $countA = count( $a[ 'signals' ] );
43
  $countB = count( $b[ 'signals' ] );
44
 
@@ -61,7 +76,7 @@ class BuildData {
61
  return $order;
62
  } );
63
 
64
- return array_slice( $results, 0, 50 );
65
  }
66
 
67
  /**
@@ -93,7 +108,7 @@ class BuildData {
93
  $mod = $this->getMod();
94
  /** @var Select $select */
95
  $select = $mod->getDbHandler_BotSignals()->getQuerySelector();
96
- $records = $select->setLimit( 150 )
97
  ->setOrderBy( 'updated_at', 'DESC' )
98
  ->addWhereNotIn( 'ip', array_map( 'inet_pton', Services::IP()->getServerPublicIPs() ) )
99
  ->addWhereCompareColumns( 'updated_at', 'snsent_at', '>' )
7
  use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\ModCon;
8
  use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
9
  use FernleafSystems\Wordpress\Services\Services;
10
+ use FernleafSystems\Wordpress\Services\Utilities\Net\IpID;
11
 
12
  class BuildData {
13
 
20
  $this->markRecordsAsSent( $recordsToSend );
21
  }
22
 
23
+ $records = array_filter( array_map(
24
  function ( $entryVO ) {
25
  $data = [
26
  'ip' => $entryVO->ip,
32
  $data[ 'signals' ][] = str_replace( '_at', '', $col );
33
  }
34
  }
35
+
36
+ // Now we remove any "known" bots/crawlers
37
+ $record = [];
38
+ if ( !empty( $data[ 'signals' ] ) ) {
39
+ try {
40
+ list( $id, $name ) = ( new IpID( $data[ 'ip' ] ) )->run();
41
+ if ( $id === IpID::UNKNOWN ) {
42
+ $record = $data;
43
+ }
44
+ }
45
+ catch ( \Exception $e ) {
46
+ }
47
+ }
48
+
49
+ return $record;
50
  },
51
  $recordsToSend
52
  ) );
53
 
54
  // We order with preference towards IPs with more signals.
55
  // And, if the only signal is "frontpage" we prefer anything else before it.
56
+ usort( $records, function ( $a, $b ) {
57
  $countA = count( $a[ 'signals' ] );
58
  $countB = count( $b[ 'signals' ] );
59
 
76
  return $order;
77
  } );
78
 
79
+ return array_slice( $records, 0, 50 );
80
  }
81
 
82
  /**
108
  $mod = $this->getMod();
109
  /** @var Select $select */
110
  $select = $mod->getDbHandler_BotSignals()->getQuerySelector();
111
+ $records = $select->setLimit( 200 )
112
  ->setOrderBy( 'updated_at', 'DESC' )
113
  ->addWhereNotIn( 'ip', array_map( 'inet_pton', Services::IP()->getServerPublicIPs() ) )
114
  ->addWhereCompareColumns( 'updated_at', 'snsent_at', '>' )
src/lib/src/Modules/Integrations/ModCon.php CHANGED
@@ -32,4 +32,8 @@ class ModCon extends BaseShield\ModCon {
32
  }
33
  return $this->userFormsCon;
34
  }
 
 
 
 
35
  }
32
  }
33
  return $this->userFormsCon;
34
  }
35
+
36
+ public function isModOptEnabled() :bool {
37
+ return true;
38
+ }
39
  }
src/lib/vendor/composer/autoload_classmap.php CHANGED
@@ -334,6 +334,7 @@ return array(
334
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\Query\\ScanCounts' => $baseDir . '/src/Modules/HackGuard/Lib/Reports/Query/ScanCounts.php',
335
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\ScanAlerts' => $baseDir . '/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php',
336
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
 
337
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
338
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
339
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\CrowdSourced\\SubmitHashes' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/CrowdSourced/SubmitHashes.php',
334
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\Query\\ScanCounts' => $baseDir . '/src/Modules/HackGuard/Lib/Reports/Query/ScanCounts.php',
335
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\ScanAlerts' => $baseDir . '/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php',
336
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
337
+ 'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForCrowdSource' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForCrowdSource.php',
338
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
339
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
340
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\CrowdSourced\\SubmitHashes' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/CrowdSourced/SubmitHashes.php',
src/lib/vendor/composer/autoload_static.php CHANGED
@@ -507,6 +507,7 @@ class ComposerStaticInit4fc2c6daaffaf40b64b79b6d26830171
507
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\Query\\ScanCounts' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Reports/Query/ScanCounts.php',
508
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\ScanAlerts' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php',
509
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
 
510
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
511
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
512
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\CrowdSourced\\SubmitHashes' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/CrowdSourced/SubmitHashes.php',
507
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\Query\\ScanCounts' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Reports/Query/ScanCounts.php',
508
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\ScanAlerts' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php',
509
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
510
+ 'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForCrowdSource' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForCrowdSource.php',
511
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
512
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
513
  'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\CrowdSourced\\SubmitHashes' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/CrowdSourced/SubmitHashes.php',
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/CrowdSourcedHashes/Submit/BaseSubmit.php CHANGED
@@ -11,7 +11,6 @@ abstract class BaseSubmit extends Services\Utilities\Integrations\WpHashes\Crowd
11
  protected $hashes;
12
 
13
  public function setHashes( array $hashes ) {
14
- ksort( $hashes );
15
  $this->hashes = $hashes;
16
  return $this;
17
  }
11
  protected $hashes;
12
 
13
  public function setHashes( array $hashes ) {
 
14
  $this->hashes = $hashes;
15
  return $this;
16
  }
templates/twig/snippets/login_intent/form.twig CHANGED
@@ -26,7 +26,7 @@
26
  }
27
  </style>
28
 
29
- <div class="alert alert-{{ data.message_type }}" role="alert">{{ strings.message }}</div>
30
 
31
  <form action="{{ hrefs.form_action }}" method="post" class="form-horizontal">
32
  <input type="hidden" name="{{ data.login_intent_flag }}" value="1" />
26
  }
27
  </style>
28
 
29
+ <div class="alert alert-{{ data.message_type }}" role="alert">{{ strings.message|raw }}</div>
30
 
31
  <form action="{{ hrefs.form_action }}" method="post" class="form-horizontal">
32
  <input type="hidden" name="{{ data.login_intent_flag }}" value="1" />