PluginProbe ʕ •ᴥ•ʔ
Wordfence Security – Firewall, Malware Scan, and Login Security / 2.0.5
Wordfence Security – Firewall, Malware Scan, and Login Security v2.0.5
8.2.2 8.2.1 8.2.0 3.7.1 3.7.2 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.8.6 3.8.7 3.8.8 3.8.9 3.9.1 4.0.1 4.0.2 4.0.3 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.0.9 5.1.1 5.1.2 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.1 5.3.10 5.3.11 5.3.12 5.3.2 5.3.3 5.3.4 5.3.5 5.3.6 5.3.7 5.3.8 5.3.9 6.0.1 6.0.10 6.0.11 6.0.12 6.0.14 6.0.15 6.0.16 6.0.17 6.0.18 6.0.19 6.0.2 6.0.20 6.0.21 6.0.22 6.0.23 6.0.24 6.0.25 6.0.3 6.0.4 6.0.5 6.0.6 6.0.7 6.0.8 6.0.9 6.1.1 6.1.10 6.1.11 6.1.12 6.1.14 6.1.15 6.1.16 6.1.17 6.1.2 6.1.3 6.1.4 6.1.5 6.1.6 6.1.7 6.1.8 6.1.9 6.2.0 6.2.1 6.2.10 6.2.2 6.2.3 6.2.4 6.2.5 6.2.6 6.2.7 6.2.8 6.2.9 6.3.0 6.3.1 6.3.10 6.3.11 6.3.12 6.3.14 6.3.15 6.3.16 6.3.17 6.3.18 6.3.19 6.3.2 6.3.20 6.3.21 6.3.22 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.3.8 6.3.9 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1.0 7.1.1 7.1.10 7.1.11 7.1.12 7.1.14 7.1.15 7.1.16 7.1.17 7.1.18 7.1.19 7.1.2 7.1.20 7.1.3 7.1.4 7.1.5 7.1.6 7.1.7 7.1.8 7.1.9 7.10.0 7.10.1 7.10.2 7.10.3 7.10.4 7.10.5 7.10.6 7.10.7 7.11.0 7.11.1 7.11.2 7.11.3 7.11.4 7.11.5 7.11.6 7.11.7 7.2.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3.1 7.3.2 7.3.3 7.3.4 7.3.5 7.3.6 7.4.0 7.4.1 7.4.10 7.4.11 7.4.12 7.4.14 7.4.2 7.4.3 trunk 7.4.4 1.1 7.4.5 1.2 7.4.6 1.3 7.4.7 1.3.1 7.4.8 1.3.2 7.4.9 1.3.3 7.5.0 1.4.2 7.5.1 1.4.3 7.5.10 1.4.4 7.5.11 1.4.5 7.5.2 1.4.6 7.5.3 1.4.7 7.5.4 1.4.8 7.5.5 1.5.1 7.5.6 1.5.2 7.5.7 1.5.3 7.5.8 1.5.4 7.5.9 1.5.5 7.6.0 1.5.6 7.6.1 2.0.1 7.6.2 2.0.2 7.7.0 2.0.3 7.7.1 2.0.5 7.8.0 2.0.6 7.8.1 2.0.7 7.8.2 2.1.0 7.9.0 2.1.1 7.9.1 2.1.2 7.9.2 2.1.3 7.9.3 2.1.4 8.0.0 2.1.5 8.0.1 3.0.2 8.0.2 3.0.3 8.0.3 3.0.4 8.0.4 3.0.5 8.0.5 3.0.6 8.1.0 3.0.7 8.1.1 3.0.8 8.1.2 3.0.9 8.1.3 3.1.0 8.1.4 3.1.1 v1.4.1 3.1.2 3.1.4 3.1.6 3.2.1 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.4.1 3.4.4 3.4.5 3.5.1 3.5.2 3.6.1 3.6.3 3.6.4 3.6.5 3.6.6 3.6.7 3.6.8 3.6.9
wordfence / lib / wfConfig.php
wordfence / lib Last commit date
Diff 14 years ago .htaccess 14 years ago Diff.php 14 years ago IPTraf.php 14 years ago diffResult.php 14 years ago dropAll.php 14 years ago email_genericAlert.php 14 years ago email_newIssues.php 14 years ago email_unlockRequest.php 14 years ago menu_activity.php 14 years ago menu_blockedIPs.php 14 years ago menu_config.php 14 years ago menu_options.php 14 years ago menu_scan.php 14 years ago sysinfo.php 14 years ago viewFullActivityLog.php 14 years ago wf503.php 14 years ago wfAPI.php 14 years ago wfAction.php 14 years ago wfBrowscap.php 14 years ago wfBrowscapCache.php 14 years ago wfConfig.php 14 years ago wfCrawl.php 14 years ago wfDB.php 14 years ago wfDict.php 14 years ago wfIssues.php 14 years ago wfLockedOut.php 14 years ago wfLog.php 14 years ago wfModTracker.php 14 years ago wfRate.php 14 years ago wfScanEngine.php 14 years ago wfSchema.php 14 years ago wfUnlockMsg.php 14 years ago wfUtils.php 14 years ago wfViewResult.php 14 years ago wordfenceClass.php 14 years ago wordfenceConstants.php 14 years ago wordfenceHash.php 14 years ago wordfenceScanner.php 14 years ago wordfenceURLHoover.php 14 years ago
wfConfig.php
459 lines
1 <?php
2 class wfConfig {
3 private static $table = false;
4 private static $cache = array();
5 private static $DB = false;
6 public static $securityLevels = array(
7 array( //level 0
8 "checkboxes" => array(
9 "alertOn_critical" => false,
10 "alertOn_warnings" => false,
11 "alertOn_throttle" => false,
12 "alertOn_block" => false,
13 "alertOn_loginLockout" => false,
14 "alertOn_lostPasswdForm" => false,
15 "alertOn_adminLogin" => false,
16 "alertOn_nonAdminLogin" => false,
17 "liveTrafficEnabled" => true,
18 "liveTraf_ignorePublishers" => true,
19 "scheduledScansEnabled" => false,
20 "scansEnabled_core" => false,
21 "scansEnabled_themes" => false,
22 "scansEnabled_plugins" => false,
23 "scansEnabled_malware" => false,
24 "scansEnabled_fileContents" => false,
25 "scansEnabled_posts" => false,
26 "scansEnabled_comments" => false,
27 "scansEnabled_passwds" => false,
28 "scansEnabled_diskSpace" => false,
29 "scansEnabled_dns" => false,
30 "scansEnabled_oldVersions" => false,
31 "firewallEnabled" => false,
32 "blockFakeBots" => false,
33 "autoBlockScanners" => false,
34 "loginSecurityEnabled" => false,
35 "loginSec_lockInvalidUsers" => false,
36 "loginSec_maskLoginErrors" => false,
37 "other_hideWPVersion" => false,
38 "other_noAnonMemberComments" => false,
39 "other_scanComments" => false,
40 "other_pwStrengthOnUpdate" => false,
41 "other_WFNet" => true,
42 "other_scanOutside" => false,
43 "debugOn" => false
44 ),
45 "otherParams" => array(
46 'securityLevel' => '0',
47 "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
48 "liveTraf_hitsMaxSize" => 10,
49 "neverBlockBG" => "neverBlockVerified",
50 "loginSec_countFailMins" => "5",
51 "loginSec_lockoutMins" => "5",
52 'loginSec_maxFailures' => "500",
53 'loginSec_maxForgotPasswd' => "500",
54 'maxGlobalRequests' => "DISABLED",
55 'maxGlobalRequests_action' => "throttle",
56 'maxRequestsCrawlers' => "DISABLED",
57 'maxRequestsCrawlers_action' => "throttle",
58 'maxRequestsHumans' => "DISABLED",
59 'maxRequestsHumans_action' => "throttle",
60 'max404Crawlers' => "DISABLED",
61 'max404Crawlers_action' => "throttle",
62 'max404Humans' => "DISABLED",
63 'max404Humans_action' => "throttle",
64 'maxScanHits' => "DISABLED",
65 'maxScanHits_action' => "throttle",
66 'blockedTime' => "300"
67 )
68 ),
69 array( //level 1
70 "checkboxes" => array(
71 "alertOn_critical" => true,
72 "alertOn_warnings" => false,
73 "alertOn_throttle" => false,
74 "alertOn_block" => false,
75 "alertOn_loginLockout" => false,
76 "alertOn_lostPasswdForm" => false,
77 "alertOn_adminLogin" => false,
78 "alertOn_nonAdminLogin" => false,
79 "liveTrafficEnabled" => true,
80 "liveTraf_ignorePublishers" => true,
81 "scheduledScansEnabled" => true,
82 "scansEnabled_core" => true,
83 "scansEnabled_themes" => false,
84 "scansEnabled_plugins" => false,
85 "scansEnabled_malware" => true,
86 "scansEnabled_fileContents" => true,
87 "scansEnabled_posts" => true,
88 "scansEnabled_comments" => true,
89 "scansEnabled_passwds" => true,
90 "scansEnabled_diskSpace" => true,
91 "scansEnabled_dns" => true,
92 "scansEnabled_oldVersions" => true,
93 "firewallEnabled" => false,
94 "blockFakeBots" => false,
95 "autoBlockScanners" => true,
96 "loginSecurityEnabled" => true,
97 "loginSec_lockInvalidUsers" => false,
98 "loginSec_maskLoginErrors" => true,
99 "other_hideWPVersion" => true,
100 "other_noAnonMemberComments" => true,
101 "other_scanComments" => true,
102 "other_pwStrengthOnUpdate" => true,
103 "other_WFNet" => true,
104 "other_scanOutside" => false,
105 "debugOn" => false
106 ),
107 "otherParams" => array(
108 'securityLevel' => '1',
109 "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
110 "liveTraf_hitsMaxSize" => 10,
111 "neverBlockBG" => "neverBlockVerified",
112 "loginSec_countFailMins" => "5",
113 "loginSec_lockoutMins" => "5",
114 'loginSec_maxFailures' => "50",
115 'loginSec_maxForgotPasswd' => "50",
116 'maxGlobalRequests' => "960",
117 'maxGlobalRequests_action' => "throttle",
118 'maxRequestsCrawlers' => "960",
119 'maxRequestsCrawlers_action' => "throttle",
120 'maxRequestsHumans' => "60",
121 'maxRequestsHumans_action' => "throttle",
122 'max404Crawlers' => "240",
123 'max404Crawlers_action' => "throttle",
124 'max404Humans' => "60",
125 'max404Humans_action' => "throttle",
126 'maxScanHits' => "60",
127 'maxScanHits_action' => "throttle",
128 'blockedTime' => "3600"
129 )
130 ),
131 array( //level 2
132 "checkboxes" => array(
133 "alertOn_critical" => true,
134 "alertOn_warnings" => true,
135 "alertOn_throttle" => false,
136 "alertOn_block" => false,
137 "alertOn_loginLockout" => false,
138 "alertOn_lostPasswdForm" => false,
139 "alertOn_adminLogin" => false,
140 "alertOn_nonAdminLogin" => false,
141 "liveTrafficEnabled" => true,
142 "liveTraf_ignorePublishers" => true,
143 "scheduledScansEnabled" => true,
144 "scansEnabled_core" => true,
145 "scansEnabled_themes" => false,
146 "scansEnabled_plugins" => false,
147 "scansEnabled_malware" => true,
148 "scansEnabled_fileContents" => true,
149 "scansEnabled_posts" => true,
150 "scansEnabled_comments" => true,
151 "scansEnabled_passwds" => true,
152 "scansEnabled_diskSpace" => true,
153 "scansEnabled_dns" => true,
154 "scansEnabled_oldVersions" => true,
155 "firewallEnabled" => false,
156 "blockFakeBots" => false,
157 "autoBlockScanners" => true,
158 "loginSecurityEnabled" => true,
159 "loginSec_lockInvalidUsers" => false,
160 "loginSec_maskLoginErrors" => true,
161 "other_hideWPVersion" => true,
162 "other_noAnonMemberComments" => true,
163 "other_scanComments" => true,
164 "other_pwStrengthOnUpdate" => true,
165 "other_WFNet" => true,
166 "other_scanOutside" => false,
167 "debugOn" => false
168 ),
169 "otherParams" => array(
170 'securityLevel' => '2',
171 "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
172 "liveTraf_hitsMaxSize" => 10,
173 "neverBlockBG" => "neverBlockVerified",
174 "loginSec_countFailMins" => "240",
175 "loginSec_lockoutMins" => "240",
176 'loginSec_maxFailures' => "20",
177 'loginSec_maxForgotPasswd' => "20",
178 'maxGlobalRequests' => "960",
179 'maxGlobalRequests_action' => "throttle",
180 'maxRequestsCrawlers' => "960",
181 'maxRequestsCrawlers_action' => "throttle",
182 'maxRequestsHumans' => "120",
183 'maxRequestsHumans_action' => "throttle",
184 'max404Crawlers' => "240",
185 'max404Crawlers_action' => "throttle",
186 'max404Humans' => "30",
187 'max404Humans_action' => "throttle",
188 'maxScanHits' => "15",
189 'maxScanHits_action' => "throttle",
190 'blockedTime' => "7200"
191 )
192 ),
193 array( //level 3
194 "checkboxes" => array(
195 "alertOn_critical" => true,
196 "alertOn_warnings" => true,
197 "alertOn_throttle" => false,
198 "alertOn_block" => false,
199 "alertOn_loginLockout" => false,
200 "alertOn_lostPasswdForm" => false,
201 "alertOn_adminLogin" => false,
202 "alertOn_nonAdminLogin" => false,
203 "liveTrafficEnabled" => true,
204 "liveTraf_ignorePublishers" => true,
205 "scheduledScansEnabled" => true,
206 "scansEnabled_core" => true,
207 "scansEnabled_themes" => false,
208 "scansEnabled_plugins" => false,
209 "scansEnabled_malware" => true,
210 "scansEnabled_fileContents" => true,
211 "scansEnabled_posts" => true,
212 "scansEnabled_comments" => true,
213 "scansEnabled_passwds" => true,
214 "scansEnabled_diskSpace" => true,
215 "scansEnabled_dns" => true,
216 "scansEnabled_oldVersions" => true,
217 "firewallEnabled" => true,
218 "blockFakeBots" => false,
219 "autoBlockScanners" => true,
220 "loginSecurityEnabled" => true,
221 "loginSec_lockInvalidUsers" => false,
222 "loginSec_maskLoginErrors" => true,
223 "other_hideWPVersion" => true,
224 "other_noAnonMemberComments" => true,
225 "other_scanComments" => true,
226 "other_pwStrengthOnUpdate" => true,
227 "other_WFNet" => true,
228 "other_scanOutside" => false,
229 "debugOn" => false
230 ),
231 "otherParams" => array(
232 'securityLevel' => '3',
233 "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
234 "liveTraf_hitsMaxSize" => 10,
235 "neverBlockBG" => "neverBlockVerified",
236 "loginSec_countFailMins" => "1440",
237 "loginSec_lockoutMins" => "1440",
238 'loginSec_maxFailures' => "10",
239 'loginSec_maxForgotPasswd' => "10",
240 'maxGlobalRequests' => "960",
241 'maxGlobalRequests_action' => "throttle",
242 'maxRequestsCrawlers' => "960",
243 'maxRequestsCrawlers_action' => "throttle",
244 'maxRequestsHumans' => "60",
245 'maxRequestsHumans_action' => "block",
246 'max404Crawlers' => "60",
247 'max404Crawlers_action' => "block",
248 'max404Humans' => "30",
249 'max404Humans_action' => "block",
250 'maxScanHits' => "10",
251 'maxScanHits_action' => "block",
252 'blockedTime' => "86400"
253 )
254 ),
255 array( //level 4
256 "checkboxes" => array(
257 "alertOn_critical" => true,
258 "alertOn_warnings" => true,
259 "alertOn_throttle" => false,
260 "alertOn_block" => false,
261 "alertOn_loginLockout" => false,
262 "alertOn_lostPasswdForm" => false,
263 "alertOn_adminLogin" => false,
264 "alertOn_nonAdminLogin" => false,
265 "liveTrafficEnabled" => true,
266 "liveTraf_ignorePublishers" => true,
267 "scheduledScansEnabled" => true,
268 "scansEnabled_core" => true,
269 "scansEnabled_themes" => false,
270 "scansEnabled_plugins" => false,
271 "scansEnabled_malware" => true,
272 "scansEnabled_fileContents" => true,
273 "scansEnabled_posts" => true,
274 "scansEnabled_comments" => true,
275 "scansEnabled_passwds" => true,
276 "scansEnabled_diskSpace" => true,
277 "scansEnabled_dns" => true,
278 "scansEnabled_oldVersions" => true,
279 "firewallEnabled" => true,
280 "blockFakeBots" => true,
281 "autoBlockScanners" => true,
282 "loginSecurityEnabled" => true,
283 "loginSec_lockInvalidUsers" => true,
284 "loginSec_maskLoginErrors" => true,
285 "other_hideWPVersion" => true,
286 "other_noAnonMemberComments" => true,
287 "other_scanComments" => true,
288 "other_pwStrengthOnUpdate" => true,
289 "other_WFNet" => true,
290 "other_scanOutside" => false,
291 "debugOn" => false
292 ),
293 "otherParams" => array(
294 'securityLevel' => '4',
295 "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
296 "liveTraf_hitsMaxSize" => 10,
297 "neverBlockBG" => "neverBlockVerified",
298 "loginSec_countFailMins" => "1440",
299 "loginSec_lockoutMins" => "1440",
300 'loginSec_maxFailures' => "5",
301 'loginSec_maxForgotPasswd' => "5",
302 'maxGlobalRequests' => "960",
303 'maxGlobalRequests_action' => "throttle",
304 'maxRequestsCrawlers' => "960",
305 'maxRequestsCrawlers_action' => "throttle",
306 'maxRequestsHumans' => "30",
307 'maxRequestsHumans_action' => "block",
308 'max404Crawlers' => "10",
309 'max404Crawlers_action' => "block",
310 'max404Humans' => "5",
311 'max404Humans_action' => "block",
312 'maxScanHits' => "2",
313 'maxScanHits_action' => "block",
314 'blockedTime' => "86400"
315 )
316 )
317 );
318 public static function setDefaults(){
319 foreach(self::$securityLevels[2]['checkboxes'] as $key => $val){
320 if(self::get($key) === false){
321 self::set($key, $val ? '1' : '0');
322 }
323 }
324 foreach(self::$securityLevels[2]['otherParams'] as $key => $val){
325 if(self::get($key) === false){
326 self::set($key, $val);
327 }
328 }
329 self::set('encKey', substr(wfUtils::bigRandomHex(),0 ,16) );
330 if(! self::get('isPaid', false)){
331 self::set('isPaid', 'free');
332 }
333 if(self::get('maxMem', false) === false ){
334 self::set('maxMem', '256');
335 }
336 if(self::get('other_scanOutside', false) === false){
337 self::set('other_scanOutside', 0);
338 }
339 }
340 public static function parseOptions(){
341 $ret = array();
342 foreach(self::$securityLevels[2]['checkboxes'] as $key => $val){ //value is not used. We just need the keys for validation
343 $ret[$key] = isset($_POST[$key]) ? '1' : '0';
344 }
345 foreach(self::$securityLevels[2]['otherParams'] as $key => $val){
346 if(isset($_POST[$key])){
347 $ret[$key] = $_POST[$key];
348 } else {
349 error_log("Missing options param \"$key\" when parsing parameters.");
350 }
351 }
352 /* for debugging only:
353 foreach($_POST as $key => $val){
354 if($key != 'action' && $key != 'nonce' && (! array_key_exists($key, self::$checkboxes)) && (! array_key_exists($key, self::$otherParams)) ){
355 error_log("Unrecognized option: $key");
356 }
357 }
358 */
359 return $ret;
360 }
361 public static function setArray($arr){
362 foreach($arr as $key => $val){
363 self::set($key, $val);
364 }
365 }
366 public static function clearCache(){
367 self::$cache = array();
368 }
369 public static function set($key, $val){
370 if(is_array($val)){
371 $trace=debug_backtrace(); $caller=array_shift($trace); error_log("wfConfig::set() got array as second param. Please use ser_ser(). " . $caller['file'] . " line " . $caller['line']);
372 }
373
374 self::getDB()->query("insert into " . self::table() . " (name, val) values ('%s', '%s') ON DUPLICATE KEY UPDATE val='%s'", $key, $val, $val);
375 self::$cache[$key] = $val;
376 }
377 public static function getHTML($key){
378 return htmlspecialchars(self::get($key));
379 }
380 public static function get($key, $default = false){
381 if(! isset(self::$cache[$key])){
382 $val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
383 if(isset($val)){
384 self::$cache[$key] = $val;
385 } else {
386 self::$cache[$key] = $default;
387 }
388 }
389 return self::$cache[$key];
390 }
391 public static function get_ser($key, $default){
392 $val = self::get($key, $default);
393 if($val){
394 $val = unserialize($val);
395 }
396 return $val;
397 }
398 public static function set_ser($key, $val){
399 return self::set($key, serialize($val));
400 }
401 public static function f($key){
402 echo esc_attr(self::get($key));
403 }
404 public static function cb($key){
405 if(self::get($key)){
406 echo ' checked ';
407 }
408 }
409 public static function sel($key, $val, $isDefault = false){
410 if((! self::get($key)) && $isDefault){ echo ' selected '; }
411 if(self::get($key) == $val){ echo ' selected '; }
412 }
413 public static function getArray(){
414 $ret = array();
415 $q = self::getDB()->query("select name, val from " . self::table());
416 while($row = mysql_fetch_assoc($q)){
417 self::$cache[$row['name']] = $row['val'];
418 }
419 return self::$cache;
420 }
421 private static function getDB(){
422 if(! self::$DB){
423 self::$DB = new wfDB();
424 }
425 return self::$DB;
426 }
427 private static function table(){
428 if(! self::$table){
429 global $wpdb;
430 self::$table = $wpdb->base_prefix . 'wfConfig';
431 }
432 return self::$table;
433 }
434 public static function haveAlertEmails(){
435 $emails = self::getAlertEmails();
436 return sizeof($emails) > 0 ? true : false;
437 }
438 public static function getAlertEmails(){
439 $dat = explode(',', self::get('alertEmails'));
440 $emails = array();
441 foreach($dat as $email){
442 if(preg_match('/\@/', $email)){
443 $emails[] = trim($email);
444 }
445 }
446 return $emails;
447 }
448 public static function getAlertLevel(){
449 if(self::get('alertOn_warnings')){
450 return 2;
451 } else if(self::get('alertOn_critical')){
452 return 1;
453 } else {
454 return 0;
455 }
456 }
457 }
458 ?>
459