Shield Security for WordPress - Version 15.1.4

Version Description

Download this release

Release Info

Developer paultgoodchild
Plugin Icon 128x128 Shield Security for WordPress
Version 15.1.4
Comparing to
See all releases

Code changes from version 15.1.3 to 15.1.4

Files changed (13) hide show
  1. cl.json +2 -2
  2. config/deprecated/data.php +1 -1
  3. config/deprecated/ips.php +162 -10
  4. config/deprecated/plugin.php +7 -0
  5. icwp-wpsf.php +1 -1
  6. plugin-spec.php +3 -3
  7. plugin.json +3 -3
  8. readme.txt +1 -1
  9. src/lib/src/Modules/IPs/Lib/Bots/BotSignalsController.php +14 -10
  10. src/lib/src/Modules/IPs/Lib/ProcessOffenses.php +4 -0
  11. src/lib/src/Modules/IPs/ModCon.php +1 -3
  12. src/lib/src/Modules/Traffic/ModCon.php +1 -2
  13. src/lib/src/Request/ThisRequest.php +1 -0
cl.json CHANGED
@@ -56,8 +56,8 @@
56
  ],
57
  "patches": [
58
  {
59
- "version": "3",
60
- "released_at": 1655108600,
61
  "items": [
62
  {
63
  "title": "Yet another complete rewrite of the Shield Cache Dir builder to work around restrictive web hosts.",
56
  ],
57
  "patches": [
58
  {
59
+ "version": "4",
60
+ "released_at": 1655195000,
61
  "items": [
62
  {
63
  "title": "Yet another complete rewrite of the Shield Cache Dir builder to work around restrictive web hosts.",
config/deprecated/data.php CHANGED
@@ -54,7 +54,7 @@
54
  "has_deleted_at": false,
55
  "cols_custom": {
56
  "req_id": {
57
- "macro_type": "varchar",
58
  "length": 10,
59
  "attr": [
60
  "UNIQUE"
54
  "has_deleted_at": false,
55
  "cols_custom": {
56
  "req_id": {
57
+ "macro_type": "scenario",
58
  "length": 10,
59
  "attr": [
60
  "UNIQUE"
config/deprecated/ips.php CHANGED
@@ -71,6 +71,11 @@
71
  "title": "AntiBot System",
72
  "title_short": "AntiBot System"
73
  },
 
 
 
 
 
74
  {
75
  "slug": "section_logins",
76
  "title": "Capture Login Bots",
@@ -264,6 +269,47 @@
264
  "summary": "Request Path Whitelist",
265
  "description": "Request Path Whitelist."
266
  },
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
267
  {
268
  "key": "text_loginfailed",
269
  "section": "section_user_messages",
@@ -570,10 +616,28 @@
570
  "transferable": false,
571
  "type": "array",
572
  "default": []
 
 
 
 
 
 
 
573
  }
574
  ],
575
  "definitions": {
576
- "rest_api": {
 
 
 
 
 
 
 
 
 
 
 
577
  "publish": true,
578
  "pro_only": true,
579
  "route_defs": {
@@ -587,7 +651,7 @@
587
  }
588
  }
589
  },
590
- "allowable_ext_404s": [
591
  "js",
592
  "css",
593
  "gif",
@@ -599,10 +663,12 @@
599
  "woff",
600
  "woff2"
601
  ],
602
- "db_handler_classes": {
603
- "botsignal": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\DB\\BotSignal\\Ops\\Handler"
 
 
604
  },
605
- "db_table_botsignal": {
606
  "autoexpire": 0,
607
  "slug": "botsignal",
608
  "has_updated_at": true,
@@ -720,11 +786,60 @@
720
  }
721
  }
722
  },
723
- "db_classes": {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
724
  "ip_lists": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Handler"
725
  },
726
- "ip_lists_table_name": "ip_lists",
727
- "db_table_ip_lists": {
728
  "slug": "ip_lists",
729
  "cols_custom": {
730
  "ip": "varchar(60) NOT NULL DEFAULT '' COMMENT 'Human readable IP address or range'",
@@ -739,7 +854,7 @@
739
  "blocked_at": "IP Blocked"
740
  }
741
  },
742
- "events": {
743
  "custom_offense": {
744
  "audit_params": [
745
  "message"
@@ -750,6 +865,10 @@
750
  "level": "warning",
751
  "audit_countable": true
752
  },
 
 
 
 
753
  "conn_not_kill_high_rep": {
754
  "level": "debug"
755
  },
@@ -856,7 +975,7 @@
856
  },
857
  "bottrack_invalidscript": {
858
  "audit_params": [
859
- "script"
860
  ],
861
  "offense": true
862
  },
@@ -868,6 +987,39 @@
868
  "level": "info",
869
  "offense": false,
870
  "stat": false
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
871
  }
872
  }
873
  }
71
  "title": "AntiBot System",
72
  "title_short": "AntiBot System"
73
  },
74
+ {
75
+ "slug": "section_crowdsec",
76
+ "title": "CrowdSec",
77
+ "title_short": "CrowdSec"
78
+ },
79
  {
80
  "slug": "section_logins",
81
  "title": "Capture Login Bots",
269
  "summary": "Request Path Whitelist",
270
  "description": "Request Path Whitelist."
271
  },
272
+ {
273
+ "key": "cs_block",
274
+ "section": "section_crowdsec",
275
+ "advanced": true,
276
+ "default": "block_with_unblock",
277
+ "type": "select",
278
+ "value_options": [
279
+ {
280
+ "value_key": "disabled",
281
+ "text": "Disabled"
282
+ },
283
+ {
284
+ "value_key": "block_with_unblock",
285
+ "text": "Block Request With Ability To Auto-Unblock"
286
+ },
287
+ {
288
+ "value_key": "block",
289
+ "text": "Block Request"
290
+ }
291
+ ],
292
+ "link_info": "",
293
+ "link_blog": "",
294
+ "beacon_id": 0,
295
+ "name": "CrowdSec IP Blocking",
296
+ "summary": "How To Handle Requests From IPs Found On CrowdSec Blocklist",
297
+ "description": "How should Shield block requests from IP address that are found on CrowdSec's list of malicious IP addresses."
298
+ },
299
+ {
300
+ "key": "cs_enroll_id",
301
+ "section": "section_crowdsec",
302
+ "sensitive": true,
303
+ "premium": false,
304
+ "default": "",
305
+ "type": "text",
306
+ "link_info": "",
307
+ "link_blog": "",
308
+ "beacon_id": 0,
309
+ "name": "Enroll ID",
310
+ "summary": "CrowdSec Enroll ID",
311
+ "description": "CrowdSec Enroll ID."
312
+ },
313
  {
314
  "key": "text_loginfailed",
315
  "section": "section_user_messages",
616
  "transferable": false,
617
  "type": "array",
618
  "default": []
619
+ },
620
+ {
621
+ "key": "crowdsec_cfg",
622
+ "section": "section_non_ui",
623
+ "transferable": false,
624
+ "type": "array",
625
+ "default": []
626
  }
627
  ],
628
  "definitions": {
629
+ "crowdsec": {
630
+ "scenarios": {
631
+ "free": [
632
+ "crowdsecurity/http-bf-wordpress_bf",
633
+ "crowdsecurity/http-wordpress_wpconfig",
634
+ "crowdsecurity/http-wordpress_user-enum"
635
+ ],
636
+ "pro": [
637
+ ]
638
+ }
639
+ },
640
+ "rest_api": {
641
  "publish": true,
642
  "pro_only": true,
643
  "route_defs": {
651
  }
652
  }
653
  },
654
+ "allowable_ext_404s": [
655
  "js",
656
  "css",
657
  "gif",
663
  "woff",
664
  "woff2"
665
  ],
666
+ "db_handler_classes": {
667
+ "botsignal": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\DB\\BotSignal\\Ops\\Handler",
668
+ "crowdsec_decisions": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\DB\\CrowdSecDecisions\\Ops\\Handler",
669
+ "crowdsec_signals": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\DB\\CrowdSecSignals\\Ops\\Handler"
670
  },
671
+ "db_table_botsignal": {
672
  "autoexpire": 0,
673
  "slug": "botsignal",
674
  "has_updated_at": true,
786
  }
787
  }
788
  },
789
+ "db_table_crowdsec_decisions": {
790
+ "autoexpire": 0,
791
+ "slug": "crowdsec_decisions",
792
+ "has_updated_at": true,
793
+ "col_older_than": "updated_at",
794
+ "cols_custom": {
795
+ "ip_ref": {
796
+ "macro_type": "foreign_key_id",
797
+ "foreign_key": {
798
+ "ref_table": "icwp_wpsf_ips"
799
+ }
800
+ }
801
+ },
802
+ "cols_timestamps": {
803
+ "auto_unblock_at": {
804
+ "comment": "Visitor Requested Unblock"
805
+ },
806
+ "expires_at": {
807
+ "comment": "Record Expires At"
808
+ }
809
+ }
810
+ },
811
+ "db_table_crowdsec_signals": {
812
+ "autoexpire": 0,
813
+ "slug": "crowdsec_signals",
814
+ "has_updated_at": false,
815
+ "has_created_at": true,
816
+ "has_deleted_at": false,
817
+ "col_older_than": "created_at",
818
+ "cols_custom": {
819
+ "scenario": {
820
+ "macro_type": "varchar",
821
+ "length": 32,
822
+ "attr": []
823
+ },
824
+ "scope": {
825
+ "macro_type": "varchar",
826
+ "length": 16,
827
+ "attr": []
828
+ },
829
+ "value": {
830
+ "macro_type": "varchar",
831
+ "length": 256,
832
+ "attr": []
833
+ }
834
+ },
835
+ "cols_timestamps": {
836
+ }
837
+ },
838
+ "db_classes": {
839
  "ip_lists": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Handler"
840
  },
841
+ "ip_lists_table_name": "ip_lists",
842
+ "db_table_ip_lists": {
843
  "slug": "ip_lists",
844
  "cols_custom": {
845
  "ip": "varchar(60) NOT NULL DEFAULT '' COMMENT 'Human readable IP address or range'",
854
  "blocked_at": "IP Blocked"
855
  }
856
  },
857
+ "events": {
858
  "custom_offense": {
859
  "audit_params": [
860
  "message"
865
  "level": "warning",
866
  "audit_countable": true
867
  },
868
+ "conn_kill_crowdsec": {
869
+ "level": "warning",
870
+ "audit_countable": true
871
+ },
872
  "conn_not_kill_high_rep": {
873
  "level": "debug"
874
  },
975
  },
976
  "bottrack_invalidscript": {
977
  "audit_params": [
978
+ "machine_id"
979
  ],
980
  "offense": true
981
  },
987
  "level": "info",
988
  "offense": false,
989
  "stat": false
990
+ },
991
+ "crowdsec_decisions_acquired": {
992
+ "level": "info",
993
+ "audit_params": [
994
+ "count_new",
995
+ "count_deleted"
996
+ ]
997
+ },
998
+ "crowdsec_signals_pushed": {
999
+ "level": "info",
1000
+ "audit_params": [
1001
+ "count"
1002
+ ]
1003
+ },
1004
+ "crowdsec_mach_register": {
1005
+ "level": "info",
1006
+ "audit_params": [
1007
+ "machine_id",
1008
+ "url"
1009
+ ]
1010
+ },
1011
+ "crowdsec_auth_acquire": {
1012
+ "level": "info",
1013
+ "audit_params": [
1014
+ "expiration"
1015
+ ]
1016
+ },
1017
+ "crowdsec_mach_enroll": {
1018
+ "level": "info",
1019
+ "audit_params": [
1020
+ "id",
1021
+ "name"
1022
+ ]
1023
  }
1024
  }
1025
  }
config/deprecated/plugin.php CHANGED
@@ -541,6 +541,13 @@
541
  "type": "array",
542
  "default": []
543
  },
 
 
 
 
 
 
 
544
  {
545
  "key": "ipdetect_at",
546
  "transferable": false,
541
  "type": "array",
542
  "default": []
543
  },
544
+ {
545
+ "key": "last_known_cache_basedirs",
546
+ "transferable": false,
547
+ "section": "section_non_ui",
548
+ "type": "array",
549
+ "default": []
550
+ },
551
  {
552
  "key": "ipdetect_at",
553
  "transferable": false,
icwp-wpsf.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: Shield Security
4
  * Plugin URI: https://shsec.io/2f
5
  * Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6
- * Version: 15.1.3
7
  * Text Domain: wp-simple-firewall
8
  * Domain Path: /languages
9
  * Author: Shield Security
3
  * Plugin Name: Shield Security
4
  * Plugin URI: https://shsec.io/2f
5
  * Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6
+ * Version: 15.1.4
7
  * Text Domain: wp-simple-firewall
8
  * Domain Path: /languages
9
  * Author: Shield Security
plugin-spec.php CHANGED
@@ -1,8 +1,8 @@
1
  {
2
  "properties": {
3
- "version": "15.1.3",
4
- "release_timestamp": 1655108600,
5
- "build": "202206.1301",
6
  "slug_parent": "icwp",
7
  "slug_plugin": "wpsf",
8
  "text_domain": "wp-simple-firewall",
1
  {
2
  "properties": {
3
+ "version": "15.1.4",
4
+ "release_timestamp": 1655195000,
5
+ "build": "202206.1401",
6
  "slug_parent": "icwp",
7
  "slug_plugin": "wpsf",
8
  "text_domain": "wp-simple-firewall",
plugin.json CHANGED
@@ -1,8 +1,8 @@
1
  {
2
  "properties": {
3
- "version": "15.1.3",
4
- "release_timestamp": 1655108600,
5
- "build": "202206.1301",
6
  "slug_parent": "icwp",
7
  "slug_plugin": "wpsf",
8
  "text_domain": "wp-simple-firewall",
1
  {
2
  "properties": {
3
+ "version": "15.1.4",
4
+ "release_timestamp": 1655195000,
5
+ "build": "202206.1401",
6
  "slug_parent": "icwp",
7
  "slug_plugin": "wpsf",
8
  "text_domain": "wp-simple-firewall",
readme.txt CHANGED
@@ -8,7 +8,7 @@ Requires at least: 3.7
8
  Requires PHP: 7.0
9
  Recommended PHP: 7.4
10
  Tested up to: 6.0
11
- Stable tag: 15.1.3
12
 
13
  Bad Bots Are Your #1 Security Risk. Malware is a symptom of poor security, not the cause. Discover the advantage of powerful security over marketing.
14
 
8
  Requires PHP: 7.0
9
  Recommended PHP: 7.4
10
  Tested up to: 6.0
11
+ Stable tag: 15.1.4
12
 
13
  Bad Bots Are Your #1 Security Risk. Malware is a symptom of poor security, not the cause. Discover the advantage of powerful security over marketing.
14
 
src/lib/src/Modules/IPs/Lib/Bots/BotSignalsController.php CHANGED
@@ -22,6 +22,20 @@ class BotSignalsController extends ExecOnceModConsumer {
22
  */
23
  private $eventListener;
24
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
25
  public function isBot( string $IP = '', bool $allowEventFire = true ) :bool {
26
  /** @var Options $opts */
27
  $opts = $this->getOptions();
@@ -68,16 +82,6 @@ class BotSignalsController extends ExecOnceModConsumer {
68
  return $this->eventListener;
69
  }
70
 
71
- protected function run() {
72
- $this->getEventListener()->execute();
73
- add_action( 'init', function () {
74
- foreach ( $this->enumerateBotTrackers() as $botTrackerClass ) {
75
- ( new $botTrackerClass() )->setMod( $this->getMod() )->execute();
76
- }
77
- } );
78
- $this->getHandlerNotBot()->execute();
79
- }
80
-
81
  /**
82
  * @return string[]
83
  */
22
  */
23
  private $eventListener;
24
 
25
+ protected function canRun() :bool {
26
+ return $this->getCon()->this_req->ip_is_public;
27
+ }
28
+
29
+ protected function run() {
30
+ $this->getEventListener()->execute();
31
+ add_action( 'init', function () {
32
+ foreach ( $this->enumerateBotTrackers() as $botTrackerClass ) {
33
+ ( new $botTrackerClass() )->setMod( $this->getMod() )->execute();
34
+ }
35
+ } );
36
+ $this->getHandlerNotBot()->execute();
37
+ }
38
+
39
  public function isBot( string $IP = '', bool $allowEventFire = true ) :bool {
40
  /** @var Options $opts */
41
  $opts = $this->getOptions();
82
  return $this->eventListener;
83
  }
84
 
 
 
 
 
 
 
 
 
 
 
85
  /**
86
  * @return string[]
87
  */
src/lib/src/Modules/IPs/Lib/ProcessOffenses.php CHANGED
@@ -8,6 +8,10 @@ use FernleafSystems\Wordpress\Services\Services;
8
 
9
  class ProcessOffenses extends ExecOnceModConsumer {
10
 
 
 
 
 
11
  protected function run() {
12
  /** @var IPs\ModCon $mod */
13
  $mod = $this->getMod();
8
 
9
  class ProcessOffenses extends ExecOnceModConsumer {
10
 
11
+ protected function canRun() :bool {
12
+ return $this->getCon()->this_req->ip_is_public;
13
+ }
14
+
15
  protected function run() {
16
  /** @var IPs\ModCon $mod */
17
  $mod = $this->getMod();
src/lib/src/Modules/IPs/ModCon.php CHANGED
@@ -70,9 +70,7 @@ class ModCon extends BaseShield\ModCon {
70
  * @throws \Exception
71
  */
72
  protected function isReadyToExecute() :bool {
73
- $con = $this->getCon();
74
- return $con->this_req->ip_is_public
75
- && ( $this->getDbHandler_IPs() instanceof Shield\Databases\IPs\Handler )
76
  && $this->getDbHandler_IPs()->isReady()
77
  && parent::isReadyToExecute();
78
  }
70
  * @throws \Exception
71
  */
72
  protected function isReadyToExecute() :bool {
73
+ return ( $this->getDbHandler_IPs() instanceof Shield\Databases\IPs\Handler )
 
 
74
  && $this->getDbHandler_IPs()->isReady()
75
  && parent::isReadyToExecute();
76
  }
src/lib/src/Modules/Traffic/ModCon.php CHANGED
@@ -51,8 +51,7 @@ class ModCon extends BaseShield\ModCon {
51
 
52
  protected function isReadyToExecute() :bool {
53
  $con = $this->getCon();
54
- return $con->this_req->ip_is_public
55
- && $con->getModule_Data()->getDbH_ReqLogs()->isReady()
56
  && parent::isReadyToExecute();
57
  }
58
  }
51
 
52
  protected function isReadyToExecute() :bool {
53
  $con = $this->getCon();
54
+ return $con->getModule_Data()->getDbH_ReqLogs()->isReady()
 
55
  && parent::isReadyToExecute();
56
  }
57
  }
src/lib/src/Request/ThisRequest.php CHANGED
@@ -58,6 +58,7 @@ class ThisRequest extends DynPropertiesClass {
58
  case 'request_bypasses_all_restrictions':
59
  case 'is_security_admin':
60
  case 'is_trusted_bot':
 
61
  $value = (bool)$value;
62
  break;
63
 
58
  case 'request_bypasses_all_restrictions':
59
  case 'is_security_admin':
60
  case 'is_trusted_bot':
61
+ case 'ip_is_public':
62
  $value = (bool)$value;
63
  break;
64