Changeset 580294
- Timestamp:
- 08/01/2012 03:20:03 PM (14 years ago)
- Location:
- 6scan-protection/trunk
- Files:
-
- 6 edited
-
6scan.php (modified) (1 diff)
-
admin/includes/6scan-menu.php (modified) (3 diffs)
-
admin/includes/common.php (modified) (2 diffs)
-
admin/includes/htaccess.php (modified) (1 diff)
-
admin/includes/installation.php (modified) (6 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
6scan-protection/trunk/6scan.php
r578619 r580294 5 5 Description: 6Scan Security provides enterprise-grade security with a firewall, automatic backup, analytics and much more. 6 6 Author: 6Scan 7 Version: 2.2. 77 Version: 2.2.8 8 8 Author URI: http://www.6scan.com 9 9 */ -
6scan-protection/trunk/admin/includes/6scan-menu.php
r579250 r580294 128 128 else 129 129 $result_html .= $custom_form_message; 130 $result_html .= "<form action=\"" . SIXSCAN_BODYGUARD_ERROR_REPORT_FORM_URL . "\" method=POST>\n"; 130 $result_html .= "<script language='Javascript'> function sanity_error_report(){ if (document.getElementById('admin_comments').value ==''){ alert('Please add the error desription into comments field'); return false;} else {return true;} }</script>\n"; 131 $result_html .= "<form action=\"" . SIXSCAN_BODYGUARD_ERROR_REPORT_FORM_URL . "\" method=POST onsubmit='return sanity_error_report();'>\n"; 131 132 $result_html .= "<input type=hidden name=root_url value=\"" . get_option( 'siteurl' ) . "\">\n"; 132 133 $result_html .= "<input type=hidden name=wordpress_version value=\"" . get_bloginfo('version') . "\">\n"; … … 135 136 $result_html .= "<table>\n"; 136 137 $result_html .= "<tr><td width='80'>Email:</td><td><input type=text name=admin_email value=\"" . get_option( "admin_email" ) . "\"></td></tr>\n"; 137 $result_html .= "<tr><td width='80'>Comments (*):</td><td><textarea name=admin_comments cols=60 rows=3></textarea></td></tr>\n";138 $result_html .= "<tr><td width='80'>Comments*:</td><td><textarea name=admin_comments id=admin_comments cols=60 rows=3></textarea></td></tr>\n"; 138 139 $result_html .= "<input type=hidden name=return_url value='" . SERVER_HTTP_PREFIX . $_SERVER[ "SERVER_NAME" ] . $server_request_uri . "&ticket_submitted=1'>\n"; 139 140 $result_html .= "<tr><td width='80'></td><td><input type=submit value='Submit error log'></td>\n"; … … 158 159 return; 159 160 } 161 162 /* Don't show this message to non-admins */ 163 if ( ! current_user_can( 'manage_options' ) ){ 164 return; 165 } 160 166 161 167 $current_vulns_found = intval( get_option( SIXSCAN_OPTION_VULNERABITILY_COUNT ) ); -
6scan-protection/trunk/admin/includes/common.php
r579608 r580294 4 4 die( 'No direct access allowed' ); 5 5 6 define ( 'SIXSCAN_VERSION' , '2.2. 7.1' );6 define ( 'SIXSCAN_VERSION' , '2.2.8.0' ); 7 7 define ( 'SIXSCAN_HTACCESS_VERSION' , '1' ); 8 8 … … 64 64 define ( 'SIXSCAN_LOGIN_LOCKED_OUT_MINUTES' , 'login_locked_out_minutes' ); 65 65 define ( 'SIXSCAN_LOGIN_NOTIFY_ADMIN_EMAIL' , 'login_notify_admin_email' ); 66 67 define ( 'SIXSCAN_ANTISPAM_PROTECTION_ON_OPTION' , 'antispam_protection_on' ); 68 define ( 'SIXSCAN_ANTISPAM_DELETE_OLD_OPTION' , 'antispam_delete_old_spam' ); 66 69 67 70 define ( 'SIXSCAN_UPDATE_OK_RESPONSE_CODE', 200 ); -
6scan-protection/trunk/admin/includes/htaccess.php
r579250 r580294 16 16 17 17 if ( ! $wp_filesystem->copy( SIXSCAN_SIGNATURE_SRC, SIXSCAN_SIGNATURE_DEST , TRUE , 0755 ) ) { 18 19 18 $ret_error[ 'user_message' ] = 'Failed copying ' . SIXSCAN_SIGNATURE_SRC . ' during installation'; 20 19 $ret_error[ 'short_description' ] = 'Failed copying signature during installation'; -
6scan-protection/trunk/admin/includes/installation.php
r579250 r580294 5 5 6 6 function sixscan_installation_manager() 7 { 8 9 /* Start registration process notification */ 10 //sixscan_common_request_network( sixscan_installation_error_link( 'OK' , '' , 'REGISTER_STARTED' ) , "" , "GET" ); 7 { 11 8 12 9 /* If running from partner install, the logic is a bit different */ … … 118 115 return sixscan_menu_wrap_error_msg( $err_message ) . sixscan_installation_error_description( "Multisite install failed" , $current_wp_filesystem ); 119 116 } 120 117 121 118 /* Make sure we can create signature file and update the site's .htaccess file */ 122 119 if ( sixscan_common_test_dir_writable( ABSPATH ) == FALSE ){ … … 186 183 update_option( SIXSCAN_OPTION_STAT_OK_REQ_COUNT , 0); 187 184 update_option( SIXSCAN_OPTION_WAF_REQUESTED , array() ); 188 update_option( SIXSCAN_OPTION_LOGIN_SETTINGS , array() ); 185 update_option( SIXSCAN_OPTION_LOGIN_SETTINGS , array() ); 189 186 update_option( SIXSCAN_VULN_MESSAGE_DISMISSED , FALSE ); 190 187 … … 244 241 delete_option( SIXSCAN_OPTION_COMM_LAST_SIG_UPDATE_NONCE ); 245 242 delete_option( SIXSCAN_OPTION_VULNERABITILY_COUNT ); 246 delete_option( SIXSCAN_OPTION_LOGIN_SETTINGS ); 243 delete_option( SIXSCAN_OPTION_LOGIN_SETTINGS ); 247 244 delete_option( SIXSCAN_LOGIN_LOGS ); 248 245 delete_option( SIXSCAN_OPTION_WPFS_CONFIG ); … … 336 333 /* Returns TRUE if wpfs is already initialized, FALSE if we are waiting for user to enter reg_data */ 337 334 function sixscan_installation_wpfs_init( &$config_key ){ 338 335 /* Wordpress doesn't always detect the fs method correctly. If we detect, that we can write to the filesystem directly - 336 we can force the method to be direct */ 337 $wpfs_detect_try = sixscan_installation_wpfs_detect(); 338 if ( $wpfs_detect_try == 'direct' ) 339 define( 'FS_METHOD' , 'direct' ); 340 else if ( $wpfs_detect_try == 'ftpext' ) 341 define( 'FS_METHOD' , 'ftpext' ); 342 339 343 if ( WP_Filesystem() ){ 340 344 $config_key = ""; … … 363 367 return FALSE; 364 368 } 369 370 /* Since Wordpress FTP method detection is not always correct (The newly created test-file is compared to the owner of Wordpress scrit) 371 We will run the test ourself */ 372 function sixscan_installation_wpfs_detect(){ 373 374 /* First of all - we are checking whether the .htaccess is writable via direct */ 375 if ( file_exists( SIXSCAN_HTACCESS_FILE ) && ( sixscan_installation_try_direct_write_file( SIXSCAN_HTACCESS_FILE , FALSE ) == FALSE ) ){ 376 if ( extension_loaded( 'ftp' ) ){ 377 return 'ftpext'; 378 } 379 return FALSE; 380 } 381 382 /* Taken from Wordpress file.php, with minor changes for our needs, we are testing direct file access */ 383 $context = trailingslashit( $context ); 384 $temp_file_name = WP_CONTENT_DIR . 'temp-write-test-' . time(); 385 if ( sixscan_installation_try_direct_write_file( $temp_file_name , TRUE ) == TRUE ) 386 return 'direct'; 387 388 return FALSE; 389 } 390 391 function sixscan_installation_try_direct_write_file( $fname , $is_to_delete = FALSE ){ 392 393 $temp_handle = @fopen( $fname , 'a+' ); 394 if ( $temp_handle ) { 395 @fclose( $temp_handle ); 396 397 if ( $is_to_delete == TRUE ) 398 @unlink( $fname ); 399 400 return TRUE; 401 } 402 403 return FALSE; 404 } 365 405 366 406 ?> -
6scan-protection/trunk/readme.txt
r579250 r580294 1 1 === 6Scan Security === 2 2 Contributors: 6Scan 3 Version: 2.2. 73 Version: 2.2.8 4 4 Tags: security,secure,wordpress security,firewall,antivirus,security plugin,securty,protection,anti-hack,hack,scan,exploit,anti-virus 5 5 Requires at least: 3.0.0 … … 11 11 == Description == 12 12 13 6Scan Security is the most comprehensive *automatic* protection your Wordpress site can get against hackers. Our security scanner goes beyond the rule-based protection of other Wordpress security plugins, employing active penetration testing algorithms to find security vulnerabilities. These are then automatically fixed before hackers can exploit them. Our team of website security experts ensures your protection is always up-to-date and airtight. 13 6Scan Security is the most comprehensive *automatic* protection your Wordpress site can get against hackers. Our security scanner goes beyond the rule-based protection of other Wordpress security plugins, employing active penetration testing algorithms to find security vulnerabilities. These are then automatically fixed before hackers can exploit them. Our team of website security experts ensures your protection is always up-to-date and airtight. 14 15 6Scan Security provides you with a free scan that will identify security vulnerabilities on your site and provide you with full instructions on how to fix them. You may also purchase a premium subscription, which will automatically fix the vulnerabilities for you and provide you with other premium features, such as an advanced web application firewall, more frequent backups, and more. 14 16 15 17 Our automatic security scanner finds and protects against:
Note: See TracChangeset
for help on using the changeset viewer.