Shield Security for WordPress

Version Description

Current Release = Released: 1st February January, 2018 - Release Notes
(v.1) FIXED: Bug where administrator login email notification setting is not being honoured.
(v.1) IMPROVED: If a site is having trouble with database creation, User Sessions wont lock you out.
(v.0) IMPROVED: Major overhaul of the Shield User Sessions system.
(v.0) IMPROVED: Link the Security Admin authentication with the new Sessions system.
(v.0) IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.
(v.0) ADDED: [PRO] Ability to increase frequency of file system scans up to once every hour.
(v.0) ADDED: [PRO] Add a remember me option, allowing users to skip Multi-factor authentication for a set number of days.

Release Info

Developer	paultgoodchild
Plugin	Shield Security for WordPress
Version	6.2.1
Comparing to
See all releases

Code changes from version 6.2.0 to 6.2.1

Files changed (7) hide show

icwp-wpsf.php +1 -1
plugin-spec.php +2 -2
readme.txt +7 -3
src/features/user_management.php +9 -1
src/processors/login_protect.php +0 -20
src/processors/user_management.php +12 -8
src/processors/usermanagement_sessions.php +3 -5

icwp-wpsf.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Shield Security
4	* Plugin URI: http://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	- * Version: 6.2.0
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages/
9	* Author: iControlWP


3	* Plugin Name: Shield Security
4	* Plugin URI: http://icwp.io/2f
5	* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
6	+ * Version: 6.2.1
7	* Text Domain: wp-simple-firewall
8	* Domain Path: /languages/
9	* Author: iControlWP

plugin-spec.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	{
2	"properties": {
3	- "version": "6.2.0",
4	- "release_timestamp": ~~1517390273~~,
5	"slug_parent": "icwp",
6	"slug_plugin": "wpsf",
7	"human_name": "Shield",


1	{
2	"properties": {
3	+ "version": "6.2.1",
4	+ "release_timestamp": 1517486400,
5	"slug_parent": "icwp",
6	"slug_plugin": "wpsf",
7	"human_name": "Shield",

readme.txt CHANGED Viewed

	@@ -6,7 +6,7 @@ License URI: http://www.gnu.org/licenses/gpl.html
6	Tags: security, all in one, protect, spam, scan, recaptcha, two-factor authentication, login, 2FA, ithemes, wordfence, better wp security, all-in-one, lockdown, hack
7	Requires at least: 3.5.0
8	Tested up to: 4.9
9	- Stable tag: 6.2.0
10
11	Free All-In-One Protection for your data, reputation, and users on your WordPress sites - the Highest-Rated Security Plugin for WordPress
12
	@@ -356,9 +356,11 @@ Technical support, and some newer options and features will not be available to
356
357	You can [go Pro for just $1/month](http://icwp.io/aa). Technical support is available to premium clients only.
358
359	- = 6.2.0 - Current Release =
360	- Released: ~~31st~~ January, 2018 - [Release Notes](http://icwp.io/b6)
361


362	* (v.0) IMPROVED: Major overhaul of the Shield User Sessions system.
363	* (v.0) IMPROVED: Link the Security Admin authentication with the new Sessions system.
364	* (v.0) IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.
	@@ -368,6 +370,8 @@ You can [go Pro for just $1/month](http://icwp.io/aa). Technical support is avai
368	= 6.2 Series =
369	Released: 31st January, 2018 - [Release Notes](http://icwp.io/b6)
370


371	* (v.0) IMPROVED: Major overhaul of the Shield User Sessions system.
372	* (v.0) IMPROVED: Link the Security Admin authentication with the new Sessions system.
373	* (v.0) IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.


6	Tags: security, all in one, protect, spam, scan, recaptcha, two-factor authentication, login, 2FA, ithemes, wordfence, better wp security, all-in-one, lockdown, hack
7	Requires at least: 3.5.0
8	Tested up to: 4.9
9	+ Stable tag: 6.2.1
10
11	Free All-In-One Protection for your data, reputation, and users on your WordPress sites - the Highest-Rated Security Plugin for WordPress
12

356
357	You can [go Pro for just $1/month](http://icwp.io/aa). Technical support is available to premium clients only.
358
359	+ = 6.2.1 - Current Release =
360	+ Released: 1st February January, 2018 - [Release Notes](http://icwp.io/b6)
361
362	+ * (v.1) FIXED: Bug where administrator login email notification setting is not being honoured.
363	+ * (v.1) IMPROVED: If a site is having trouble with database creation, User Sessions wont lock you out.
364	* (v.0) IMPROVED: Major overhaul of the Shield User Sessions system.
365	* (v.0) IMPROVED: Link the Security Admin authentication with the new Sessions system.
366	* (v.0) IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.

370	= 6.2 Series =
371	Released: 31st January, 2018 - [Release Notes](http://icwp.io/b6)
372
373	+ * (v.1) FIXED: Bug where administrator login email notification setting is not being honoured.
374	+ * (v.1) IMPROVED: If a site is having trouble with database creation, User Sessions wont lock you out.
375	* (v.0) IMPROVED: Major overhaul of the Shield User Sessions system.
376	* (v.0) IMPROVED: Link the Security Admin authentication with the new Sessions system.
377	* (v.0) IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.

src/features/user_management.php CHANGED Viewed

	@@ -110,7 +110,8 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends ICWP_WPSF_FeatureHandler_B
110	* @return bool
111	*/
112	public function getIsUserSessionsManagementEnabled() {
113	- return $this->getOptIs( 'enable_user_management', 'Y' );

114	}
115
116	/**
	@@ -143,6 +144,13 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends ICWP_WPSF_FeatureHandler_B
143	return ( $this->loadDP()->time() - $nStartedAt ) < 20;
144	}
145







146	/**
147	* @param array $aOptionsParams
148	* @return array


110	* @return bool
111	*/
112	public function getIsUserSessionsManagementEnabled() {
113	+ return $this->getOptIs( 'enable_user_management', 'Y' )
114	+ && $this->getSessionsProcessor()->getTableExists();
115	}
116
117	/**

144	return ( $this->loadDP()->time() - $nStartedAt ) < 20;
145	}
146
147	+ /**
148	+ * @return bool
149	+ */
150	+ public function isSendEmailLoginNotification() {
151	+ return $this->loadDP()->validEmail( $this->getOpt( 'enable_admin_login_email_notification' ) );
152	+ }
153	+
154	/**
155	* @param array $aOptionsParams
156	* @return array

src/processors/login_protect.php CHANGED Viewed

	@@ -38,8 +38,6 @@ class ICWP_WPSF_Processor_LoginProtect extends ICWP_WPSF_Processor_BaseWpsf {
38	}
39
40	$this->getProcessorLoginIntent()->run();
41	-
42	- add_filter( 'wp_login_errors', array( $this, 'addLoginMessage' ) );
43	}
44
45	/**
	@@ -82,24 +80,6 @@ class ICWP_WPSF_Processor_LoginProtect extends ICWP_WPSF_Processor_BaseWpsf {
82	}
83	}
84
85	- /**
86	- * @param WP_Error $oError
87	- * @return WP_Error
88	- */
89	- public function addLoginMessage( $oError ) {
90	-
91	- if ( !$oError instanceof WP_Error ) {
92	- $oError = new WP_Error();
93	- }
94	-
95	- $oDp = $this->loadDataProcessor();
96	- $sForceLogout = $oDp->FetchGet( 'wpsf-forcelogout' );
97	- if ( $sForceLogout == 6 ) {
98	- $oError->add( 'wpsf-forcelogout', _wpsf__( 'Your Two-Factor Authentication was un-verified or invalidated by a login from another location or browser.' ).'<br />'._wpsf__( 'Please login again.' ) );
99	- }
100	- return $oError;
101	- }
102	-
103	/**
104	* @return ICWP_WPSF_Processor_LoginProtect_Intent
105	*/


38	}
39
40	$this->getProcessorLoginIntent()->run();


41	}
42
43	/**

80	}
81	}
82


















83	/**
84	* @return ICWP_WPSF_Processor_LoginProtect_Intent
85	*/

src/processors/user_management.php CHANGED Viewed

	@@ -14,9 +14,10 @@ class ICWP_WPSF_Processor_UserManagement extends ICWP_WPSF_Processor_BaseWpsf {
14	protected $oProcessorSessions;
15
16	/**
17	- * @return bool
18	*/
19	public function run() {


20
21	// Adds last login indicator column to all plugins in plugin listing.
22	add_filter( 'manage_users_columns', array( $this, 'fAddUserListLastLoginColumn' ) );
	@@ -27,14 +28,13 @@ class ICWP_WPSF_Processor_UserManagement extends ICWP_WPSF_Processor_BaseWpsf {
27
28	// XML-RPC Compatibility
29	if ( $this->loadWp()->getIsXmlrpc() && $this->getIsOption( 'enable_xmlrpc_compatibility', 'Y' ) ) {
30	- return ~~true~~;
31	}
32
33	/ Everything from this point on must consider XMLRPC compatibility /
34	-
35	- $this->getProcessorSessions()->run();
36	-
37	- return true;
38	}
39
40	/**
	@@ -44,7 +44,11 @@ class ICWP_WPSF_Processor_UserManagement extends ICWP_WPSF_Processor_BaseWpsf {
44	public function onWpLogin( $sUsername ) {
45	$oUser = $this->loadWpUsers()->getUserByUsername( $sUsername );
46	if ( $oUser instanceof WP_User ) {
47	- ~~$this->sendLoginEmailNotification(~~ $~~oUser~~ );




48	$this->setUserLastLoginTime( $oUser );
49	}
50	}
	@@ -169,7 +173,7 @@ class ICWP_WPSF_Processor_UserManagement extends ICWP_WPSF_Processor_BaseWpsf {
169	*/
170	protected function getProcessorSessions() {
171	if ( !isset( $this->oProcessorSessions ) ) {
172	- require_once( dirname( __FILE__ ).~~DIRECTORY_SEPARATOR.~~'usermanagement_sessions.php' );
173	/** @var ICWP_WPSF_FeatureHandler_UserManagement $oFO */
174	$oFO = $this->getFeature();
175	$this->oProcessorSessions = new ICWP_WPSF_Processor_UserManagement_Sessions( $oFO );


14	protected $oProcessorSessions;
15
16	/**

17	*/
18	public function run() {
19	+ /** @var ICWP_WPSF_FeatureHandler_UserManagement $oFO */
20	+ $oFO = $this->getFeature();
21
22	// Adds last login indicator column to all plugins in plugin listing.
23	add_filter( 'manage_users_columns', array( $this, 'fAddUserListLastLoginColumn' ) );

28
29	// XML-RPC Compatibility
30	if ( $this->loadWp()->getIsXmlrpc() && $this->getIsOption( 'enable_xmlrpc_compatibility', 'Y' ) ) {
31	+ return;
32	}
33
34	/ Everything from this point on must consider XMLRPC compatibility /
35	+ if ( $oFO->getIsUserSessionsManagementEnabled() ) {
36	+ $this->getProcessorSessions()->run();
37	+ }

38	}
39
40	/**

44	public function onWpLogin( $sUsername ) {
45	$oUser = $this->loadWpUsers()->getUserByUsername( $sUsername );
46	if ( $oUser instanceof WP_User ) {
47	+ /** @var ICWP_WPSF_FeatureHandler_UserManagement $oFO */
48	+ $oFO = $this->getFeature();
49	+ if ( $oFO->isSendEmailLoginNotification() ) {
50	+ $this->sendLoginEmailNotification( $oUser );
51	+ }
52	$this->setUserLastLoginTime( $oUser );
53	}
54	}

173	*/
174	protected function getProcessorSessions() {
175	if ( !isset( $this->oProcessorSessions ) ) {
176	+ require_once( dirname( __FILE__ ).'/usermanagement_sessions.php' );
177	/** @var ICWP_WPSF_FeatureHandler_UserManagement $oFO */
178	$oFO = $this->getFeature();
179	$this->oProcessorSessions = new ICWP_WPSF_Processor_UserManagement_Sessions( $oFO );

src/processors/usermanagement_sessions.php CHANGED Viewed

	@@ -94,7 +94,7 @@ class ICWP_WPSF_Processor_UserManagement_Sessions extends ICWP_WPSF_Processor_Ba
94	$oFO = $this->getFeature();
95
96	if ( !$oFO->hasSession() ) {
97	- $nForceLogOutCode = 6;
98	}
99	else {
100	$oSess = $oFO->getSession();
	@@ -104,10 +104,8 @@ class ICWP_WPSF_Processor_UserManagement_Sessions extends ICWP_WPSF_Processor_Ba
104
105	$nForceLogOutCode = 0; // when it's == 0 it's a valid session
106
107	- if ( ~~empty( $oSess ) ) {~~
108	- $~~nForceLogOutCode~~ = 4;
109	- } // timeout interval
110	- else if ( $nTimeout > 0 && ( $nTime - $oSess->getLoggedInAt() > $nTimeout ) ) {
111	$nForceLogOutCode = 1;
112	} // idle timeout interval
113	else if ( $nIdleTimeout > 0 && ( ( $nTime - $oSess->getLastActivityAt() ) > $nIdleTimeout ) ) {


94	$oFO = $this->getFeature();
95
96	if ( !$oFO->hasSession() ) {
97	+ $nForceLogOutCode = 4;
98	}
99	else {
100	$oSess = $oFO->getSession();

104
105	$nForceLogOutCode = 0; // when it's == 0 it's a valid session
106
107	+ // timeout interval
108	+ if ( $nTimeout > 0 && ( $nTime - $oSess->getLoggedInAt() > $nTimeout ) ) {


109	$nForceLogOutCode = 1;
110	} // idle timeout interval
111	else if ( $nIdleTimeout > 0 && ( ( $nTime - $oSess->getLastActivityAt() ) > $nIdleTimeout ) ) {

Shield Security for WordPress - Version 6.2.1

Version Description

Release Info

Code changes from version 6.2.0 to 6.2.1