PluginProbe ʕ •ᴥ•ʔ
Wordfence Security – Firewall, Malware Scan, and Login Security / 2.1.0
Wordfence Security – Firewall, Malware Scan, and Login Security v2.1.0
8.2.2 8.2.1 8.2.0 3.7.1 3.7.2 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.8.6 3.8.7 3.8.8 3.8.9 3.9.1 4.0.1 4.0.2 4.0.3 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.0.9 5.1.1 5.1.2 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.1 5.3.10 5.3.11 5.3.12 5.3.2 5.3.3 5.3.4 5.3.5 5.3.6 5.3.7 5.3.8 5.3.9 6.0.1 6.0.10 6.0.11 6.0.12 6.0.14 6.0.15 6.0.16 6.0.17 6.0.18 6.0.19 6.0.2 6.0.20 6.0.21 6.0.22 6.0.23 6.0.24 6.0.25 6.0.3 6.0.4 6.0.5 6.0.6 6.0.7 6.0.8 6.0.9 6.1.1 6.1.10 6.1.11 6.1.12 6.1.14 6.1.15 6.1.16 6.1.17 6.1.2 6.1.3 6.1.4 6.1.5 6.1.6 6.1.7 6.1.8 6.1.9 6.2.0 6.2.1 6.2.10 6.2.2 6.2.3 6.2.4 6.2.5 6.2.6 6.2.7 6.2.8 6.2.9 6.3.0 6.3.1 6.3.10 6.3.11 6.3.12 6.3.14 6.3.15 6.3.16 6.3.17 6.3.18 6.3.19 6.3.2 6.3.20 6.3.21 6.3.22 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.3.8 6.3.9 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1.0 7.1.1 7.1.10 7.1.11 7.1.12 7.1.14 7.1.15 7.1.16 7.1.17 7.1.18 7.1.19 7.1.2 7.1.20 7.1.3 7.1.4 7.1.5 7.1.6 7.1.7 7.1.8 7.1.9 7.10.0 7.10.1 7.10.2 7.10.3 7.10.4 7.10.5 7.10.6 7.10.7 7.11.0 7.11.1 7.11.2 7.11.3 7.11.4 7.11.5 7.11.6 7.11.7 7.2.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3.1 7.3.2 7.3.3 7.3.4 7.3.5 7.3.6 7.4.0 7.4.1 7.4.10 7.4.11 7.4.12 7.4.14 7.4.2 7.4.3 trunk 7.4.4 1.1 7.4.5 1.2 7.4.6 1.3 7.4.7 1.3.1 7.4.8 1.3.2 7.4.9 1.3.3 7.5.0 1.4.2 7.5.1 1.4.3 7.5.10 1.4.4 7.5.11 1.4.5 7.5.2 1.4.6 7.5.3 1.4.7 7.5.4 1.4.8 7.5.5 1.5.1 7.5.6 1.5.2 7.5.7 1.5.3 7.5.8 1.5.4 7.5.9 1.5.5 7.6.0 1.5.6 7.6.1 2.0.1 7.6.2 2.0.2 7.7.0 2.0.3 7.7.1 2.0.5 7.8.0 2.0.6 7.8.1 2.0.7 7.8.2 2.1.0 7.9.0 2.1.1 7.9.1 2.1.2 7.9.2 2.1.3 7.9.3 2.1.4 8.0.0 2.1.5 8.0.1 3.0.2 8.0.2 3.0.3 8.0.3 3.0.4 8.0.4 3.0.5 8.0.5 3.0.6 8.1.0 3.0.7 8.1.1 3.0.8 8.1.2 3.0.9 8.1.3 3.1.0 8.1.4 3.1.1 v1.4.1 3.1.2 3.1.4 3.1.6 3.2.1 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.4.1 3.4.4 3.4.5 3.5.1 3.5.2 3.6.1 3.6.3 3.6.4 3.6.5 3.6.6 3.6.7 3.6.8 3.6.9
wordfence / wfscan.php
wordfence Last commit date
css 14 years ago images 14 years ago js 14 years ago lib 14 years ago .htaccess 14 years ago readme.txt 14 years ago screenshot-1.png 14 years ago screenshot-2.png 14 years ago screenshot-3.png 14 years ago screenshot-4.png 14 years ago screenshot-5.png 14 years ago visitor.php 14 years ago wfscan.php 14 years ago wordfence.php 14 years ago
wfscan.php
143 lines
1 <?php
2 /* Don't remove this line. WFSOURCEVISIBLE */
3 ignore_user_abort(true);
4 $wordfence_wp_version = false;
5 if ( !defined('ABSPATH') ) {
6 /** Set up WordPress environment */
7 if($_SERVER['SCRIPT_FILENAME']){
8 $wfBaseDir = preg_replace('/[^\/]+\/[^\/]+\/[^\/]+\/wfscan\.php$/', '', $_SERVER['SCRIPT_FILENAME']);
9 require_once($wfBaseDir . 'wp-load.php');
10 global $wp_version;
11 global $wordfence_wp_version;
12 require($wfBaseDir . 'wp-includes/version.php');
13 $wordfence_wp_version = $wp_version;
14 } else {
15 require_once('../../../wp-load.php');
16 require_once('../../../wp-includes/version.php');
17 }
18 }
19 require_once('lib/wordfenceConstants.php');
20 require_once('lib/wfScanEngine.php');
21
22 class wfScan {
23 public static $debugMode = false;
24 public static function wfScanMain(){
25 $db = new wfDB();
26 if($db->errorMsg){
27 self::errorExit("Could not connect to database to start scan: " . $db->errorMsg);
28 }
29 if(! wordfence::wfSchemaExists()){
30 self::errorExit("Looks like the Wordfence database tables have been deleted. You can fix this by de-activating and re-activating the Wordfence plugin from your Plugins menu.");
31 }
32 if(wfUtils::isAdmin() && $_GET['debugMode'] == '1'){
33 header('Content-type: text/plain');
34 wordfence::status(1, 'info', "Running in debug mode and writing directly to browser.");
35 if(! wp_verify_nonce($_GET['nonce'], 'wp-ajax')){
36 echo("The security key (nonce) provided for this debug scan is invalid. Please close this window, refresh your options page and try again.");
37 exit();
38 }
39 self::$debugMode = true;
40 wordfence::$printStatus = true;
41 } else {
42 wordfence::status(4, 'info', "Scan engine received request.");
43 wordfence::status(4, 'info', "Checking cronkey header");
44 if(! $_SERVER['HTTP_X_WORDFENCE_CRONKEY']){
45 self::errorExit("The Wordfence scanner did not receive the x_wordfence_cronkey secure header.");
46 }
47 wordfence::status(4, 'info', "Fetching stored cronkey for comparison.");
48 $currentCronKey = wfConfig::get('currentCronKey', false);
49 if(! $currentCronKey){
50 self::errorExit("Wordfence could not find a saved cron key to start the scan.");
51 }
52
53 wordfence::status(4, 'info', "Exploding stored cronkey");
54 $savedKey = explode(',',$currentCronKey);
55 if(time() - $savedKey[0] > 60){
56 self::errorExit("The key used to start a scan has expired.");
57 } //keys only last 60 seconds and are used within milliseconds of creation
58 wordfence::status(4, 'info', "Checking saved cronkey against cronkey header");
59 if($savedKey[1] != $_SERVER['HTTP_X_WORDFENCE_CRONKEY']){
60 self::errorExit("Wordfence could not start a scan because the cron key does not match the saved key.");
61 }
62 wordfence::status(4, 'info', "Deleting stored cronkey");
63 wfConfig::set('currentCronKey', '');
64 }
65
66 ini_set('max_execution_time', 1800); //30 mins
67 wordfence::status(4, 'info', "Becoming admin for scan");
68 self::becomeAdmin();
69
70 wordfence::status(4, 'info', "Checking if scan is already running");
71 if(! wfUtils::getScanLock()){
72 self::errorExit("There is already a scan running.");
73 }
74 wordfence::status(4, 'info', "Requesting max memory");
75 wfUtils::requestMaxMemory();
76 wordfence::status(4, 'info', "Setting up error handling environment");
77 set_error_handler('wfScan::error_handler', E_ALL);
78 register_shutdown_function('wfScan::shutdown');
79 if(! self::$debugMode){
80 ob_start('wfScan::obHandler');
81 }
82 @error_reporting(E_ALL);
83 @ini_set('display_errors','On');
84 wordfence::status(4, 'info', "Setting up scanRunning and starting scan");
85 $isFork = ($_GET['isFork'] == '1' ? true : false);
86 $scan = wfConfig::get_ser('wfsd_engine', false);
87 if($scan){
88 //Set false so that we don't get stuck in a loop where we're repeating scan stages.
89 wfConfig::set('wfsd_engine', '');
90 } else {
91 if($isFork){ //We encountered an error so blank scan and exit
92 wordfence::status(2, 'error', "Scan could not continue because the stored data could not be retrieved after a fork.");
93 //wfConfig::set('wfsd_engine', '');
94 exit();
95 } else {
96 wordfence::statusPrep(); //Re-initializes all status counters
97 $scan = new wfScanEngine();
98 }
99 }
100 $scan->go();
101 wfUtils::clearScanLock();
102 }
103 public static function obHandler($buf){
104 if(strlen($buf) > 1000){
105 $buf = substr($buf, 0, 255);
106 }
107 if(empty($buf) === false && preg_match('/[a-zA-Z0-9]+/', $buf)){
108 wordfence::status(1, 'error', $buf);
109 }
110 }
111 public static function error_handler($errno, $errstr, $errfile, $errline){
112 wordfence::status(1, 'error', "$errstr ($errno) File: $errfile Line: $errline");
113 }
114 public static function shutdown(){
115 wfUtils::clearScanLock();
116 }
117 private static function errorExit($msg){
118 echo json_encode(array('errorMsg' => $msg));
119 exit();
120 }
121 public static function becomeAdmin(){
122 global $wpdb;
123 $ws = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users");
124 $users = array();
125 foreach($ws as $user){
126 $userDat = get_userdata($user->ID);
127 array_push($users, array(
128 'id' => $user->ID,
129 'user_login' => $user->user_login,
130 'level' => $userDat->user_level
131 ));
132 }
133 usort($users, 'wfScan::usort');
134 wp_set_current_user($users[0]['id'], $users[0]['user_login']);
135 }
136 public static function usort($b, $a){
137 if($a['level'] == $b['level']){ return 0; }
138 return ($a['level'] < $b['level']) ? -1 : 1;
139 }
140 }
141 wfScan::wfScanMain();
142 ?>
143