-
Notifications
You must be signed in to change notification settings - Fork 4
/
readme.txt
579 lines (450 loc) · 36.3 KB
/
readme.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
=== Security & Malware scan by CleanTalk ===
Contributors: glomberg, alexandergull, sergefcleantalk
Tags: security, firewall, malware, wordpress security, brute force
Requires at least: 5.0
Tested up to: 6.7
Requires PHP: 5.6
Stable tag: 2.148.1
License: GPLv2
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Enhance security with Malware & Vulnerabilities scanner, FireWall, Brute protection and Two Factor Authentication (2FA). Security plugin.
== Description ==
= Security features =
* **Security FireWall to filter access to your site by IP, Networks or Countries**
* **Web Application Security Firewall**
* **Security Malware scanner with AntiVirus functions**
* **Daily auto malware scan**
* **Stops brute force attacks to hack passwords (Brute force protection like Fail2ban)**
* **Stops brute force attacks to find WordPress accounts (like Fail2ban)**
* **Limit Login Attempts**
* **Security Protection for WordPress login form**
* **Security Protection for WordPress backend**
* **Security daily report to email**
* **Security audit log**
* **Security Real-time traffic monitor**
* **Checking Outbound Links**
* **Two Factor Authentication (2FA) **
* **No Malware - No Google Penalties. Give your SEO boost.**
* **Custom wp-login URL**
* **Notifications of administrator users authorizations to your website**
* **Backend PHP logs**
* **Hide Login Default Login Page**
* **Known vulnerabilities scanner among installed plugins and themes.**
CleanTalk is a Cloud security service that protects your website from online threats and provides you great security instruments to control your website security. We provide detailed security stats for all of our security features to have a full control of security. All security logs are stored in the cloud for 45 days.
Security FireWall by CleanTalk is a free plugin which works with the premium Cloud security service cleantalk.org. This security plugin as a service https://en.wikipedia.org/wiki/Software_as_a_service.
Malware always becomes a headache for site owners. If you don’t regularly check for malware, it will be able to work insensibly a lot of time and damage your reputation. If you prevent malware attacks before they happen, you will be able to save your resources.
What is malware and why does it matter to your business? Malware is malicious code that performs actions for hackers. If your site has been infected with malware it will be able a problem for customer trust and their personal details. First, you need to scan your site to confirm the malware exists. The next step you should fix all files with malware.
= Limit Login Attempts =
Limit Login Attempts - is a part of brute-force protection and security firewall.
Security Firewall has a limit for requests to your website (by default 1000 requests per hour, so you can change it) and if any IP exceed this threshold it will be added to security firewall for next 24 hours. It allows you to break some of the DDoS attacks.
= Brute Force Protection =
It adds a few seconds delay for any failed attempt to login to WordPress admin area. WordPress Security & Firewall by CleanTalk makes access to your website more secure. Service will check your security log once per hour and if some IP’s have 10 and more attempts to log in per hour, then these IP’s will be banned for next 24 hours.
*Security Audit Log* keeps track of actions in the WP Dashboard to let you know what is happening on your blog.
With the Security Audit Log is very easy to see user activity in order to understand what changes have done and who made them.
Security Audit Log shows who logged in and when and how much time they spent on each page.
= Security Traffic Control =
CleanTalk security Traffic Control will track every single visitor no matter if they are using JavaScript or not and provides many valuable traffic parameters.
Another option in Security Traffic Control - "Block user after requests amounts more than" - blocks access to the site for any IP that has exceeded the number of HTTP requests per hour. If this number of requests will be exceeded, this IP will be added to the Security FireWall Black List for 24 hours.
= Security Firewall =
To enhance the security of your site, you can use the CleanTalk Security FireWall, which will allow you to block access by HTTP/HTTPS to your website for individual IP addresses, IP networks and block access to users from specific countries. Use personal BlackList to block IP addresses with a suspicious activity to enhance the WordPress security.
Security FireWall may significantly reduce the risk of hacking and reduces the load on your web server.
CleanTalk Security is fully compatible with the most popular VPN services.
Also, CleanTalk security supports all search engines Google, Bing, Yahoo, Baidu, MSN, Yandex and etc.
= Security Malware Scanner =
Scans WordPress files for hacker files or code for hacker code.
Security Malware Scanner runs manually in the settings. All of the results will send in your Security CleanTalk Dashboard with the details and you will be able to investigate them and see if that was a legitimate change or some bad code was injected.
CleanTalk Antivirus protects your website from viruses and deletes infected code from files. Antivirus scans not only WP core, it will check all of the files on your WordPress. Heuristics antivirus scan allows finding malware/viruses code by bad php constructions.
CleanTalk Security has a "Feedback System" for analyzing suspicious files. This is the client-server feature in CleanTalk Security that allows sending suspicious files from the WordPress backend to CleanTalk cloud.
Security Malware Scanner shows a list of suspicious files and you can view code that was indicated as bad. If you don’t have programming experience and don’t know, is there security issue or not, you will be able to send some files to CleanTalk and we will check them for malware code. After checking we will send you an email notification with results, is there viruses or not.
Every day, CleanTalk Security Malware Scanner will check new files and files that have been changed from the last scanning.
Please, look at our guide How malware file analysis works.
[About Scanner Feedback System](https://cleantalk.org/help/files-analysis "About Scanner Feedback System")
= Security Malware Heuristic Check =
This option allows you to check files of plugins and themes with heuristic analysis. Probably it will find more than you expect.
= Security Malware scanner to find SQL Injections =
The CleanTalk Security Malware Scanner allows you to find code that allows performing SQL injection. It is this problem that the scanner solves.
= Scanner of known vulnerabilities =
Plugin checks installed plugins and themes for known (published) vulnerabilities. If finds vulnerable plugin/theme, it sends an Email notification and shows data in the WordPress Dashboard.
= Web Application FireWall (WAF) for WordPress Security Plugin =
The main purpose of Web Application FireWall (WAF) is real-time protection from unauthorized access, even if there are critical known/unknown vulnerabilities.
Security Web Application FireWall catches all requests to your website and checks HTTP parameters that include: SQL Injection, Cross Site Scripting (XSS), uploading files from non-authorised users, PHP constructions/code, the presence of malicious code in the downloaded files.
In addition to effective information security and information security applications are required to know what is quality of protection and CleanTalk Security has logged all blocked requests that allow you to know and analyze accurate information. You can see your Cleantalk Security Logs in your Control panel. https://cleantalk.org/my/logs_firewall
CleanTalk's research team updates WAF database each time as we find a vulnerability, it means plugin's users get protection even against unpublished vulnurebilites.
Learn more how to set up and test
[About Security Web Application Firewall](https://cleantalk.org/help/security-waf "About Web Application Firewall")
= Improve your website security with Two Factor Authentication =
It requires a bit of your time but Two Factor (2 Step) Authentication immediately gives a much higher level of security.
With your first authorization, the CleanTalk Security plugin remembers your browser and you won’t have to input your authorization code every time anymore. However, if you started to use a new device or a new browser then you are required to input your security authorization code. CleanTalk security plugin will remember your browser for 30 days.
= Change the URL of the wp-login page =
This option helps you change the default wp-login URL. Hackers use scripts for massive brute-force attacks, and since most sites use a default login page URL, hackers configure scripts for such URLs. When you change the URL of the authorization page, hackers will not have the opportunity to perform brute-force attacks in scripts in automatic mode.
To enable the option, go to the WP Dashboard plugin settings -> Settings -> Security by CleanTalk -> General Settings and check box Change address to login script. Then add a new URL and click Save Settings.
This option does not change files and does not rewrite URLs in system files. To return the address of the default authorization page, it is enough to disable the option in the plugin settings or set a new value.
If you are using caching plugins, then you need to add a new authorization page in the caching exceptions.
= Can I use CleanTalk Security and Wordfence together =
Sure, you can use CleanTalk Security and Wordfence. Quite often we get question from our customers, will there be a conflict between CleanTalk and Wordfence? We tested CleanTalk Security and Wordfence working together and they work without any conflicts.
= Email Notifications when administrators are logged in =
We added this option to our security plugin. Now you can receive notifications if you want to know about an unauthorized entrance to your WP Dashboard.
Notification will be sent only when a user was able to authorize entering login and password. If you are logged into the admin panel from the saved session, then the alert won’t be sent.
You can enable the option “Receive notifications for admin authorizations in your CleanTalk Dashboard. Choose “Site Security” in the “Services” menu, then click “Settings”.
= Can CleanTalk Security protect from DDoS? =
Security FireWall can mitigate HTTP/HTTPS DDoS attacks. When an intruder makes GET requests to attack your website, Security FireWall blocks all requests from bad IP addresses. If your website under DDoS attack you will be able to add IPs to your personal BlackList to block all Post and GET requests.
= `Send additional HTTP headers` option =
There are several additional http-headers which added to the every http-requests by the plugin if this option is enabled:
- "X-Content-Type-Options" improves the security of your site (and your users) against some types of drive-by-downloads.
- "X-XSS-Protection" header improves the security of your site against some types of XSS (cross-site scripting) attacks.
- "Strict-Transport-Security" response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS.
- "Referrer-Policy" make the `Referer` http-header transferring more strictly.
= File System Watcher feature =
File system Watcher monitors changes in the file system. This allows to quickly respond to a site infection by tracking which files were affected. The Watcher makes file system snapshots as often as one hour and show difference up to seven days time frame.
= CleanTalk Research =
Attention! Don't overlook the critical need to fortify your digital defenses. Subscribe to our Telegram channel, "CleanTalk Research" your indispensable source for real-time alerts on plugin vulnerabilities and PSC plugin security certificates. Stay one step ahead of cyber threats.
Learn more: [https://t.me/+EjLvMlhx_S02MmIy](https://t.me/+EjLvMlhx_S02MmIy)
== Frequently Asked Questions ==
= Why are they attacking me? =
Hackers want to get access to your website and use it to get backlinks from your site to improve their site’s PageRank or redirect your visitors to malicious sites or use your website to send spam and viruses or other attacks.These attacks can damage your reputation with readers and commentators if you fail to tackle it. It is not uncommon for some WordPress websites to receive hundreds or even thousands of attacks every week. However, by using the Security CleanTalk plugin, all attacks will be stopped on your WordPress website.
= How to install the plugin? =
Installing the plugin is very simple and does not require much time or special knowledge.
**Manual installation**
1. Download latest version on your computer's hard drive,
<a href="https://downloads.wordpress.org/plugin/security-malware-firewall.zip">https://downloads.wordpress.org/plugin/security-malware-firewall.zip</a>
1. Go to your WordPress Dashboard->Plugins->Add New->Upload CleanTalk zip file.
1. Click Install Now and Activate.
1. After activated, go to plugin settings. Then you will need to create an API key, this is done automatically for you. Just click on "Get access key automatically"
Installation completed successfully.
**Installation from wordpress.org directory**
1. Navigate to Plugins Menu option in your WordPress administration panel and click the button "Add New".
1. Type CleanTalk in the Search box, and click Search plugins.
1. When the results are displayed, click Install Now.
1. Select Install Now.
1. Then choose to Activate the plugin.
1. After activated, go to plugin settings. Then you will need to create an API key, this is done automatically for you. Just click on "Get access key automatically"
Installation completed successfully.
= How to test the security service? =
Please use the wrong username or password to log-in to your WP admin panel to see how the Security Plugin works. Then you may log-in with your correct account name and see the logs for the last actions in the settings or our plugin. Also, Audit Log will display the last visited URL's of the current user.
= Is the plugin compatible with WordPress MultiUser (WPMU or WordPress network)? =
Yes, the plugin is compatible with WordPress MultiUser.
= How to control security activities on your website? =
Go to your CleanTalk account->Log. Use filters to sort data for analyses.
Security logs provide you to receive and keep information for 45 days. You have the following possibilities:
1. Time period for all records you want to see.
2. Website for which you want to see security records. Leave the field empty to see security records for all websites.
3. Choose an event you want to see:
* Authorization Login — all successful logins to your website.
* Authorization Logout — all closed sessions.
* Authorization Invalid username — login attempts with not existing username.
* Authorization Auth failed — wrong password login attempts.
* Audit View — records of actions and events of users in your website backend.
4. Searching records by IP address.
5. Searching records by country.
There are date and time of events for each record, username who performed an action and his IP (country) address. How to use Security Log https://cleantalk.org/help/Security-Log
= Is it possible to set custom email for notification? =
Yes, it is possible. Go to your CleanTalk account->Change email https://cleantalk.org/my/change-email
= Why do you need an access key? =
Access Key allows you to keep statistics up to 45 days in the cloud and different additional settings and has more possibilities to sort the data and analyses. Our plugin evolves to Cloud Technology and all its logs are transferred to Cloud. Cloud Service takes data processing and data storage and allows to reduce your webserver load.
= How to use Security Log =
* First go to your Security Dashboard. Choose "Site Security" in the "Services" menu.
* Then go to your Security Log.
You have the following possibilities:
* Time period for all records you want to see.
* Website for which you want to see security records. Leave the field empty to see security records for all websites.
Choose an event you want to see:
* Authorization Login — all successful logins to your website.
* Authorization Logout — all closed sessions.
* Authorization Invalid username — login attempts with not existing username.
* Authorization Auth failed — wrong password login attempts.
Audit View — records of actions and events of users in your website backend.
* Searching records by IP address.
* Searching records by username.
* Searching records by country.
List of records. Each record has the following columns:
* Date — when the event happened.
* User Log — who performed actions.
* Event — what did he do.
* Status — was he Passed or Banned.
* IP — his IP address.
* Country — what country that IP belongs to.
* Details — some details if they are available.
Please, read more
https://cleantalk.org/help/Security-Log
If you wish to block some countries from visiting your website, please, use this instruction: https://cleantalk.org/help/Security-Firewall
= How to use Security Firewall =
First go to your Security Dashboard. Choose "Site Security" in the "Services" menu. Then press the line "Black&White Lists" under the name of your website.
You can add records of different types to your black list or white list:
* IP-Addresses (For example 10.150.20.250, 10.10.10.10)
* Subnets (For example 10.150.20.250/24, 10.10.10.10/8)
* Countries. Click the line "Add a country" to blacklist or whitelist all IP-addresses of the chosen countries.
The records can be added one by one or all at once using separators: comma, semicolon, space, tab or new line. After filling the field press the button "Whitelist" or "Blacklist". All added records will be displayed in your list below. Please note, all changes will be applied in 5-10 minutes.
Please, read full instruction here
https://cleantalk.org/help/Security-Firewall
= How to test Security Firewall? =
1. Open another browser or enter the incognito mode.
2. Type address YOUR_WEBSITE/?security_test_ip=ANY_IP_FROM_BLACK_LIST
2.1 Address 10.10.10.10 is local address and it's in blacklist constantly. So address YOUR_WEBSITE/?security_test_ip=10.10.10.10 will works everytime.
3. Make sure that you saw page with the blocking message.
4. FireWall works properly, if it is not, see item 4 of the list.
= How does malware scanner work? =
Malware scanner will check and compare with the original WP files and show you what files were changed, deleted or added. Malware scanner could be used to find an added code in WP files. On your Malware Security Log page, you will see the list of all scans that were performed for your website. The CleanTalk Cloud saves the list of the found files for you to know where to look them for.
= How to start malware scanner? =
At the moment malware scanner may be started one time per day and manually.
To start malware scanner go to the WordPress Admin Page —> Settings —> Security by CleanTalk —> "Malware Scanner" tab —> Perform Scan.
Give the Malware Scanner some time to check all necessary files on your website.
= Is it free or paid? =
The plugin is free. But the plugin uses CleanTalk cloud security service. You have to register an account and then you will receive a free trial to test. When the trial (on CleanTalk account) is finished, you can renew the subscription for 1 year or deactivate the Security by CleanTalk plugin.
If you haven’t got access key, the plugin will work and you will have logs only on the plugin settings page for last 20 requests.
= What happens after the end of the trial period? =
The plugin will fully perform its functions after the end of the trial period and will protect your website from brute force attacks and will keep Action Log in your WP Dashboard, but the number of entries in the log will be limited to the last 20 entries/24 hours. Also, you will receive a short daily security report to your email.
Premium version allows to storage all logs for 45 days in the CleanTalk Dashboard for further analysis.
= Brute Force security for Wordpress =
Brute force attack is an exhaustive password search to get full access to an Administrator account. Passwords are not the hard part for hackers taking into account the quantity of sent password variants per second and the big amount of IP-addresses.
Brute force attack is one of the most security issues as an intruder gets full access to your website and can change your code. Consequences of these break-ins might be grievous, your website could be added to the [botnet] and it could participate in attacks to other websites, it could be used to keep hidden links or automatic redirection to a suspicious website. Consequences for your website reputation might be very grievous.
= Why is the CleanTalk Security Plugin Added to the Must Use Section? =
This is required for the Security FireWall to function properly. Plugins that are placed in this section are being launched first, so it is very important that the Security FireWall is launched before any plugins and hooks. Thus, hacker requests will be stopped before they can get access to any site code.
== Screenshots ==
1. **Firewall log tab**. The log includes detailed info about each of visitor that reached the site and his firewall check status. Also show Traffic Control activity for the user.
2. **Critical Updates tab**. Critical Updates interface.
3. **File System Watcher tab**. File System Watcher interface.
4. **Malware scanner tab**. Here you can scan all WordPress files for malicious and suspicious code and see the result.
5. **Security Log tab**. The log includes list of Brute force attacks or failed logins and list of successful logins for up to 45 days. The plugin keeps the log on CleanTalk servers to make the log not accessible for hackers.
6. **General settings tab**. Here you can manage all the plugin settings.
7. **Summary tab**. The general info about the plugin state.
8. **Backups interface**. How the backups interface looks.
9. **General settings - authentication and log in**. Here you can manage Brute-Force protection, 2FA auth and change login URL.
10. **General settings - firewall**. Here you can manage Firewall modules and Traffic Control settings.
11. **General settings - scanner**. Here you can manage automatic scanner start, types of checks, directories exclusions for scanner and enable important files monitoring.
12. **General settings - admin bar**. Here you can set behavior of admin bar module.
13. **Admin bar**. How the admin bar module looks.
14. **General settings - trusted text**. Here you can manage your affiliate links and trusted text shown for visitors.
15. **Trusted text**. How the trusted text looks.
16. **Malware scanner results - critical**. There is a list of files that contains dangerous code or malware signatures.
17. **Malware scanner results - suspicious**. There is a list of files that contains suspicious code.
18. **Malware scanner results - approved**. There is a list of files that were approved by user, Cloud analysis or CleanTalk team.
19. **Malware scanner results - analysis log**. There is a list of files that were sent for Cloud Malware Scanner analysis and their status.
20. **Malware scanner results - unknown**. There is a list of files that contain no malware, but they are not a part of WordPress core or plugins/themes.
21. **Malware scanner results - cured**. There is a list of files that have been automatically cured.
22. **Malware scanner results - frontend malware**. There is a list of frontend pages that contains malicious HTML/JavaScript code.
23. **Malware scanner results - unsafe permissions**. There is a list of files that could be reached by a hacker because of unsafe permission set.
24. **Malware scanner results - PFD report**. How the PDF report of scan results looks.
25. **Templates interface**. Using this interface you can apply the settings from another site of your CleanTalk account or a template saved before.
26. **Example of blocking page - Firewall**. If the visitor IP is in hazardous net list or blacklisted in your personal list, he will see this screen.
27. **Example of blocking page - XSS**. If the visitor attempts to implement XXS, he will see this screen.
28. **Example of blocking page - SQL**. If the visitor attempts to implement SQL injection, he will see this screen.
29. **Example of blocking page - Brute-Force**. If the visitor tried to use wrong credentials for many times, he will see this screen.
30. **Example of blocking page - Traffic Control**. If the visitor has requested site pages too often, he will see this screen.
== Changelog ==
= 2.148.1 Dec 23 2024
* Fix. Vulnerability alarm. False detected vulnerabilities fixed.
= 2.148 Dec 09 2024
* New. Plugin settings. Navigation bar implemented for settings general.
* Upd. Code. Removed the plugin dependency on jQuery for site public pages.
* Fix. Vulnerability Alarm. Fixed the name detection of module being checked.
= 2.147 Nov 25 2024
* New. Admin Banners. Critical files warning banner implemented.
* Upd. Readme. Tagline, description has been updated.
* Upd. Readme. Tested up to: 6.7.
* Upd. Code. Psalm. Checking "prepare" SQL requests handled.
= 2.146 Nov 11 2024
* Upd. Scan. Updated heuristic module.
* Upd. Frontend scanner. Exclusion domains list updated.
* Fix. Security logs. Fixed case when a lot of logs kept unsent.
* Fix. FSWatcher. The huge refactoring has been completed.
* Upd. Settings. Improved UX.
* Upd. Scan. Added scan logs to pdf export file and possibility to copy scan logs to clipboard.
* Fix. Firewall. Brute force protection for xmlrpc requests enabled.
* Upd. Code. Heuristic analyser common lib updated.
* Fix. FSWatcher. Check only for fswatcher actions on checkRateLimit().
* Fix. FSWatcher. Stripping filepath slashes on view action.
* Fix. Remote Calls. Remote calls calling without api key fixed.
* Fix. Vulnerability alarm. New API method `report_vulnerability_in_use` implemented.
* Code. Refactoring. Estimated analysis time updater.
* Fix. Scanner. Restoring quarantine fixed.
* Fix. Scanner. Upload checker module fixed.
= 2.145.1 Nov 01 2024
* Fix. Remote Calls. RC calling without token fixed. (#438)
= 2.145 Oct 28 2024
* Fix. Setting. React components i18n fixed.
* Fix. Code. Frontend malware scanner disabled by default.
* Fix. Code. Frontend malware scanner describe fixed.
* Fix. Code. Frontend malware scanner option name fixed.
* Upd. Scan. Added restore to cure log.
* Fix. Scanner. Sending results. FMS logs. Modified date validation added.
= 2.144 Oct 14 2024
* Fix. PSC. Only PSC will be shown on install plugins/themes screen.
* Fix. Scanner. Manual cure logic fixed - added stage creating a backup.
* Fix. HTTP. Ping. If fsockopen() is unavailable return current server as fastest.
* Fix. Scanner. Cron. Fixed timezone detection on cron jobs.
* Fix. Settings. React components are translate-ready now.
* Upd. Sending for analysis. Long description provided.
* Fix. Backend logs collecting. Fixed option status dependency of account status check.
* Upd. Scanner. Results. Do not show unknown files of zero-byte size if service constant defined.
* Fix. FW update. Do not warn user and do not force direct update if ..fw_files_for_blog_*/index.php cannot be deleted.
* Upd. White label. Hide links to "research.cleantalk.org" and "l.cleantalk.org/website-malware-removal" on plugin settings page if WL mode is enabled.
* Fix. Settings template. Modal window layout and styles fixed.
* Fix. Modal. Modal window max height fixed.
* Fix. Settings. PSC texts fixed.
= 2.143 Sep 30 2024
* Fix. Scanner. JS extension excluded from scanner.
* Fix. Important files monitoring. Do not follow redirects on check.
* Fix. ScannerQueue. Unset CSV parse result after hashes receiving.
* Fix. Firewall. Do not run WAF only case for admin area URI if user is not logged in.
* Fix. Scanner. Counting modules. TypeError case prevented.
= 2.142 Sep 16 2024
* Upd. Settings. Modal window common style updated.
* Mod. Settings. Scanner tab. Quarantine action text updated.
* Mod. Scanner. Accordion actions. Approve action is require active license now. No confirmation requested for restricted actions.
* Fix. Scanner. Accordion actions. Bulk action confirm fixed.
* Upd. Code. Security logs DTO classes implemented.
* Fix. CSS. Adaptive content. Nav wrapper flex direction.
* Fix. CSS. Adaptive content. Long description places.
* Fix. CSS. Adaptive content. Get more details clicks.
* Fix. CSS. Adaptive content. Scanner legend.
* Fix. CSS. Adaptive content. Path full description.
* Upd. SQL schema. The column "view" of spbc_auth_log table set to varchar(16).
* Fix. CSS. Adaptive content. Malware removal top settings banner adapted.
* Upd. Modal window. Support link removed from restricted actions notice.
* Upd. Auth. Open 2fa support link in new page.
* Fix. Code. Get admin email call moved.
* Fix. Security log. Parse URL. Fix for wptexturize.
* Fix. Settings. Unknown accordion description fixed.
* Fix. FSwatcher. Skip init on WP_Estimation_Form
= 2.141 Sep 02 2024
* Upd. Security admin. Adaptive version
* Fix. FSW. Added exclude for ListingPro output hook.
* Fix. FSW. Comparing snapshots when showing a file
* Fix. Vulnerability alarm. Checking vulnerabilities via synchronization implemented
* Upd. BannerLinks. Compiling links to treatment through class LinkConstructor
* Upd. SignatureAnalysis. Removing the link and checking for v0 signatures (#409)
* New. Settings. New option to change and delete the technical support link on the authorization page (#410)
* Fix. Settings. File system watcher settings fixed.
* Fix. Scanner. Timeout increased for the action `delete`.
* Fix. FSW. Updated statement to exclude buffer handler by const.
= 2.140 Aug 19 2024
* Upd. WAR. Analysis php://input
* Fix. FSWatcher. Added exclusion for NotifierForPhone.
* Fix. Phpcs
* Upd. WAF. Exploit check from php://input
* Fix. Typo. Updated warning message.
* Upd. WAF. Error Control Operators
* Fix. Code. Unit tests fixed.
* Fix. FSW. Added exclude for GFForms output hook.
* Upd. Scanner. Trial license not allowed curing malware.
* Upd. Scanner. Trial license not allowed quarantine and delete actions.
* Fix. Code. Code style fixed.
* Fix. Modal window. Error modal title fixed.
* Fix. Scanner. Outbound links page_url parameter fixed.
* Fix. Scanner. Outbound links collecting fixed.
* Fix. ScannerQueue. Checking for the existence of a key when scanning frontend
= 2.139 Aug 05 2024
* Fix. Backups. Backups tab fixed.
* Fix. FSWatcher. Added exclusion for RapidLoad.
* Fix. FSWatcher. Added exclusion for Sendinblue.
* Fix. Heuristic. SQLs. Fixed error on empty request.
* Fix. Settings. Security logs display fixed.
* Fix. Scanner. Cure. Delete the failed cure tries from the cure log on first iteration to avoid files to cure missing.
* Fix. Scanner. Cure. Not cured files selection fixed.
* Fix. Vulnerability Alarm. CVE ID layout fixed.
* Fix. Vulnerability alarm. Display alarms fixed.
* Fix. Vulnerability Alarm. PSC version gathering adapted to new cloud states.
* Mod. Scanner. Cure. Malware replacing now uses block comment instead of row comment.
* Mod. Scanner. Filesystem Analysis. SurfaceNew class implemented to speed up the stage.
* Mod. Scanner. Sending results. Sending unknown files removed.
* Upd. Settings. Critical updates tab. Description and header implemented.
* Upd. Settings. Critical updates tab. Modules name are clickable now and proceeds to the appropriate modules page.
* Upd. Settings. Critical updates tab. Outdated plugins removed. Legend added.
* Upd. Settings. Renewal links. Get premium badge updated using LinkConstructor.
= 2.138.1 July 24 2024
* Fix. Settings. Security logs display fixed.
* Revert "Fix. FS Watcher. Module working only in the admin side."
= 2.138 July 23 2024
* New. Settings. Added alarm to admin menu.
* New. Settings. Added function to upload exclusions.
* Upd. Scan. Updated handler for cloud results method.
* Fix. Deactivation possible notices fixed.
* Fix. Vulnerability Alarm. Installed themes checking fixed.
* Fix. Deactivating. Logging failed deactivation fixed.
* Fix. Deactivating. Tables deleting fixed.
* Fix. Settings. Tabs. Debug tab on local domains revived.
* Fix. FS Watcher. Module working only in the admin side.
* Fix. Scanner. Cure. Not cured files selection fixed.
* Fix. Scanner. Cure. Delete the failed cure tries from the cure log on first iteration to avoid files to cure missing.
* Fix. UpdaterScripts. Fix type on update_option call.
= 2.137 July 09 2024
* New. Settings. Added alarm to admin menu.
* New. Settings. Added function to upload exclusions.
* Upd. Scan. Updated handler for cloud results method.
* Fix. Deactivation possible notices fixed.
* Fix. Vulnerability Alarm. Installed themes checking fixed.
* Fix. Deactivating. Logging failed deactivation fixed.
* Fix. Deactivating. Tables deleting fixed.
* Fix. Settings. Tabs. Debug tab on local domains revived.
* Fix. FS Watcher. Module working only in the admin side.
* Fix. Scanner. Cure. Not cured files selection fixed.
* Fix. Scanner. Cure. Delete the failed cure tries from the cure log on first iteration to avoid files to cure missing.
* Fix. UpdaterScripts. Fix type on update_option call.
= 2.137 July 09 2024
* Fix. Psalm suppress UndefinedMethod
* Fix. Eslint
* Upd. Disabling analyse Long Line
* Upd. Checking memory_limit
* Upd. Scan. Updated flow for upload hashes.
* Fix. Deprecated conversion of false to array in getPluginReportStatic
* Upd. Changes in the operation of modal windows
* Fix. CamelCase attributes for CriticalUpdate
* Fix. Code. Common lib updated.
* Fix. Settings. Visited pages output in security logs fixed.
* New. Scan. Update front estimates time.
* Upd. Local results clearance. Delete backups, cure logs, cured files data.
* Ref. Cure. New CureStage class used to run curing.
* New. AdjustModule. Setup handler to adjust w3tc
* New. Settings. Critical updates tab implemented.
* Upd. VulnerabilityAlarmView.php. Text updates.
* Upd. VulnerabilityAlarm Service. Every vulnerable theme has unique link now.
* Upd. VulnerabilityAlarmView. Padding added for lists of items on the tab.
* Upd. VulnerabilityAlarm Service. Show PSC modules. Other fixes.
* Fix. VulnerabilityAlarmView.php. Text.
* Fix. VulnerabilityAlarmService. Fix logic.
* Upd. VulnerabilityAlarmService. Update SGV on tab.
* Upd. VulnerabilityAlarmService. Fixed versions check on checkModule iteration.
* Fix. Sacnner. Backups. Backup ID fixed.
* New. RemoteCalls. New RC "launch_background_scan" to launch scan in background.
* Fix. VulnerabilityAlarm.php. Themes collecting fixed.
* Ref. VulnerabilityAlarm. Names.
* Fix. VulnerabilityAlarmService. PHP 8.1 compat fix.
* Upd. VulnerabilityAlarmView. Versions added.
* Fix. Call function on null
= 2.136.1 July 02 2024
* Fix. Settings. Visited pages output in security logs fixed.
= 2.136 June 24 2024
* Fix. Settings. Get key auto button depends on agreement.
* Fix. Cookie. Added nofollow attribute.
* Fix. Settings. Updated statement for 2fa.
* Fix. Security. The upload checker used signatures analysis only for now.
* Upd. WAF. Added waf for admin area.
* Fix. Settings. Updated 2fa handler.
* Upd. FW. Send logs. Signature ID added to logs for WAF blocks cases.
* Fix. FW. Update is_admin handler.
* Upd. Firewall. Logging. Do not rewrite records with different signatures but same type.
* Upd. Scanner. Signatures getting. Plugin is ready to version 3.
* Upd. Scan. Refactoring scan send stage.
* Fix. Settings. Updated timezone format for get_api_key.
* New. Scanner. New category Approved By Cloud implemented.
* Fix. FSWatcher. Logs naming fixed.
* Upd. HeuristicAnalyser. CodeStyle. Long lines check enabled.
* Fix. Fixed the changes when installing composer
* Fix. Added index files
* Fix. FSW. Added rate limit.
= 2.135 June 10 2024
* New. Modal window. Confirm action implemented.
* New. List table. Custom confirm window implemented.
* Upd. Recording and displaying an event from wp_spbc_auth_logs
* Fix. Settings. Don't show Frontend scanner results category if this option is disabled
* Fix. Scanner. Scan log details - triggered module name added.
* Fix. Firewall. Updated logging process.
* Upd. SQLSchema. Signature body size extended. Schema updated and updater script ready for v2.135.
* Fix. Scanner. Reset `weak_spot` and `severity` on modified files.
* Upd. Settings. "About" block refactored. Cure services links added.
* Fix. Firewall. Fixed logged admin counting.
* Fix. Login page. Brute force protection description fixed.
* Fix. Scanner. Outbound links actions fixed.
* Fix. Scanner. Show more button fixed.
* Fix. Settings. `2fa` setting long description fixed.
= Early changelogs look in changelog.txt =