Linux 软件免费装
Banner图

Anti-Malware Security and Brute-Force Firewall

开发者 scheeeli
gotmls
更新时间 2024年12月5日 00:56
捐献地址: 去捐款
PHP版本: 3.3 及以上
WordPress版本: 6.7.1
版权: GPLv3 or later
版权网址: 版权信息

标签

security firewall scanner brute-force anti-malware

下载

4.23.56 4.23.68 4.15.27 4.15.42 4.16.48 4.15.17 4.15.20 4.15.21 4.15.22 4.15.23 4.15.24 4.15.25 4.15.26 4.15.28 4.15.29 4.15.30 4.15.40 4.15.41 4.15.43 4.15.44 4.15.45 4.15.46 4.15.49 4.16.26 4.16.38 4.16.39 4.16.47 4.16.49 4.16.53 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.21.93 1.2.03.23 4.23.69 4.23.71 3.07.06 4.16.17 4.18.52 4.20.72 4.21.91 4.23.73 4.15.16 4.17.28 4.17.29 4.20.92 4.20.94 4.20.95 4.20.96 4.17.58 4.18.69 4.23.57 1.3.02.15 4.14.47 4.17.44 4.17.57 4.18.62 4.20.59 4.20.93 4.21.74 4.21.84 4.17.68 4.21.83 4.21.85 4.21.86 4.21.87 4.17.69 4.21.88 4.18.63 4.21.92 4.21.96 4.23.67 4.21.89 4.21.90 4.21.94 4.21.95

详情介绍:

Features: Premium Features: Register this plugin at GOTMLS.NET and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones. NOTICE: This plugin make call to GOTMLS.NET to check for updates not unlike what WordPress does when checking your plugins and themes for new versions. Staying up-to-date is an essential part of any security plugin and this plugin can let you know when there are new plugin and definition update available. If you're allergic to "phone home" scripts then don't use this plugin (or WordPress at all for that matter). Special thanks to:

安装:

  1. Download and unzip the plugin into your WordPress plugins directory (usually /wp-content/plugins/).
  2. Activate the plugin through the 'Plugins' menu in your WordPress Admin.
  3. Register on gotmls.net and download the newest definition updates to scan for Known Threats.

屏幕截图:

  • The Scan Setting page in the admin.
  • An example scan that found some threats.
  • The results window when "Automatic Repair" fixes threats.
  • The Quarantine showing threats that have been fix already.

升级注意事项:

4.23.73
  • Added cleanup for old _session files, fxed hidden files exception to the skip by extention option and updates to manual session files when PHP sessions are not saves, and checked code for compatibility with WordPress 6.7.1.
4.23.71 Set autoload to false on the large values in wp_option, added exception to never skip hidden files, and checked code for compatibility with WordPress 6.6.2. 4.23.69 Updated Brute-Force Login Protection to integrate better with login forms from other plugins, added option to hide the Brute-Force Login Protection logo on the login page, and checked code for compatibility with WordPress 6.6. 4.23.68 Updated Brute-Force Login Protection to integrate better with login forms from other plugins, fixed static wp_posts table name in whitelist query, and checked code for compatibility with WordPress 6.5.5 and ClassicPress 2.1.1. 4.23.67 Upgraded Brute-Force Login Protection and the Quick Scan of Core Files, added custom Whitelist, fixed session conflict with REST API, and checked code for compatibility with WordPress 6.5.4 and ClassicPress 2.1.0. 4.23.57 Removed session incompatibilities within the Brute-Force Login Protection that failed when other plugins had already output page headers. 4.23.56 Upgraded Brute-Force Login Protection, restricted definition updates to admin users, improved the Nonce tokens for better security (thanks to Patchstack), and a few other minor code changes for servers using reverse proxy and code compatibility for WordPress 6.4.3 and ClassicPress 1.7.2. 4.21.96 Fixed another Undefined Index Warning, improved timing of registration check, and added an option to manually recheck the registration status. 4.21.95 Fixed the Undefined Index Warning created in the last release. 4.21.94 Improved error handling for better scan completion and checked code for compatibility with WordPress 6.3 and ClassicPress 1.6.0. 4.21.93 Fixed the Undefined Index Warning when the Brute-Force Login Protection is invoked in certain situations and checked code for compatibility with WordPress 6.2.2 and ClassicPress 1.5.3. 4.21.92 Fixed the Uncaught Value Error in mb_regex_encoding, and other minor PHP Warnings about Undefined Indexes. 4.21.91 Fixed some HTML formatting issues and a JavaScript error in the scan engine. 4.21.90 Fixed array compatibility with older versions of PHP. 4.21.89 Added more late escapes and sanitizated all _SERVER variables and checked code for compatibility with ClassicPress 1.5.0. 4.21.88 Added late escapes to variables that were already escaped as requested by Code review team and fixed a PHP warning about is_dir. 4.21.87 Code review and cleanup, added more sanitization and fixed an error when attempting to unserialize an array. 4.21.86 Improved the removal of database injections when values are serialized, and fixed a vulnerability in using unserialize with Class Objects, as well as some other PHP warnings about undefined indexes. 4.21.85 Prevented infinite looping on recursive sub-directories and checked code for compatibility with WordPress 6.1.1 and ClassicPress 1.4.4. 4.21.84 Removed the no_error_reporting debug option and checked compatibility with WordPress 6.0.2 and ClassicPress 1.4.2. 4.21.83 Fixed XSS vulnerability, plus other minor improvements and compatibility with WordPress 6.0.1 and ClassicPress 1.4.2. 4.21.74 Updated code with various minor improvements to efficiency and compatibility with WordPress 6.0. 4.20.96 Fixed XSS vulnerability by removing unsanitized QUERY_STRING, cleaned up Quarantine code, and checked code for compatibility with WordPress 5.9.2. 4.20.95 Added more sanitization and validation to all user data entered for better security and checked code for compatibility with WordPress 5.9. 4.20.94 Fixed an XSS vulnerability and checked code for compatibility with WordPress 5.8.3. 4.20.93 Fixed undefined variable warning and updated code for compatibility with PHP version 8.0. 4.20.92 Added German translation, improved firewall compatibility with Apache, fixed session check in Site Health for REST API compatibility, and checked code compatibility with WordPress 5.8.1 and ClassicPress 1.3.1. 4.20.72 Updated registration form, fixed session check, and removed older code from WordPress Repository. 4.20.59 Various minor bug fixes, added Core Files Definitions for ClassicPress, and tweaked code for better compatibility with WordPress 5.7.2 and ClassicPress 1.2.0. 4.19.69 Fixed a JavaScript error caused by a new French translation and checked code for compatibility with WordPress 5.4.1. 4.19.68 Updated some external links and tweaked code for better compatibility with PHP 7.4 and WordPress 5.4. 4.19.50 Added even more error handling to the DB Scan for low memory_limit, modified the Directory Scan Depth to accept 0 as way to skip the Directory Scan, and added some Help tips to some of the options on the Settings page. 4.19.44 Updated links, added more error handling to the DB Scan, various performance improvements, fixed path to work on Windows servers and a few minor bugs causing PHP Notices, and weaked code for compatibility with WP 5.3 (latest release). 4.18.76 Cleaned up the Nonce Token code and Quarantine page, fixed recovery link, and added debugging for login errors plus WP head and footer Hooks. 4.18.74 Fixed a bug in the Nonce Token Errors that was created by changes in the last release. 4.18.71 Added wp_options table to the db_scan and fixed a few minor bugs in the quarantine view, and changed some wording and checked code for compatibility with WP 5.2.1 (latest release). 4.18.69 Added warning message about vulnerability in yuzo-related-post plugin, updated Quarantine interface with re-scan/re-clean feature, fixed bug in scan depth array that produced PHP Notices, changed some wording and other minor fomatting issues, and checked code for compatibility with WP 5.2. 4.18.63 Fixed a major bug in the Firewall updates that could cause a False Positive lockout. 4.18.62 Fixed a few minor bugs and updated code for compatibility with WP 5.1.1 (latest release). 4.18.52 Added a whole new DB Scan category, updated Firewall landing page, removed some old code that was no longer needed, clear cache files before running the Complete Scan,, and updated code for compatibility with WP 5.0.2 (latest release). 4.17.69 Updated code for compatibility with WP 4.9.8, fixed PHP Notice and escaped single-quotes in translated strings. 4.17.68 Updated code for compatibility with WP 4.9.7, removed dashicon from Settings link and the broken vote WORKS link, and reordered priorety on fixing Known Threats. 4.17.58 Updated code for compatibility with WP 4.9.4, fixed dashicons sizing in css, add ability to update registration email from within the plugin settings, and cleaned up expired nonce tokens left behind from an older version. 4.17.57 Updated code for compatibility with WP 4.9.3, fixed registration form and alternate domain for definition updates to work on HTTPS, and fixed the wording on the Title Check error message. 4.17.44 Added Title check to make sure it does say you were hacked, updated code for compatibility with WP 4.8.3 and fixed Undefined variable error in Quarantine and an XSS vulnerability in nonce error output. 4.17.29 Changed the definition update URL to only use SSL when required, and updated PayPal form for better domestic IPN compatibility. 4.17.28 Added the Turkish translation thanks to Umut Can Alparslan, improved the auto update feature, and fixed the admin username change feature on multisite installs (Plus many other improvement from v4.16.X: see Changelog for details). 4.16.17 Removed Menu Item Placement Options that were deprecated in WP 4.5, Added firewall options for better compatibility with WP Firewall 2, and fixed an XSS vulnerability in the debug output of the nonce token (Plus many other improvement from v4.15.X: see Changelog for details). 4.15.16 Created automatic definition updates that include WordPress Core files, more improvements to the Brute-Force protection patch (Plus many other improvement from v4.14.X: see Changelog for details). 4.14.47 Major upgrade to the protection for Brute-Force attempts, and a bug fix for resetting the permissions of read-only files (Plus many other improvement from v3.X: see Changelog for details). 3.07.06 Added SSL support for definition updates and upgraded the Whitelist feature (Plus many other improvement from v1.3.X: see Changelog for details). 1.3.02.15 Improved security on the Quarantine directory to fix the 500 error on some servers (Plus many other improvement from v1.2.X: see Changelog for details). 1.2.03.23 First versions available for WordPress (code removed, no longer compatible).

常见问题:

Why should I register?

If you register on GOTMLS.NET you will have access to download definitions of New Threats and added features like automatic removal of "Known Threats" and patches for specific security issues like old versions of timthumb and brute-force attacks on wp-login.php. Otherwise, this plugin only scans for "Potential Threats" on your site, it would then be up to you to identify the good from the bad and remove them accordingly.

How do I patch the Revolution Slider vulnerability?

Easy, if you have installed and activated my this Anti-Malware plugin on your site then it will automatically block attempts to exploit the Revolution Slider vulnerability.

How do I patch the wp-login vulnerability?

The WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. This plugin can apply a patch that will block access to the WordPress Login page whenever this type of attack is detected. Just click the Install Patch button under Brute-force Protection on the Anti-Malware Setting page. For more information on this subject read my blog.

Why can't I automatically remove the "Potential Threats" in yellow?

Many of these files may use eval and other powerful PHP function for perfectly legitimate reasons and removing that code from the files would likely cripple or even break your site so I have only enabled the Auto remove feature for "Know Threats".

How do I know if any of the "Potential Threats" are dangerous?

Click on the linked filename to examine it, then click each numbered link above the file content box to highlight the suspicious code. If you cannot tell whether or not the code is malicious just leave it alone or ask someone else to look at it for you. If you find that it is malicious please send me a copy of the file so that I can add it to my definition update as a "Know Threat", then it can be automatically removed.

What if the scan gets stuck part way through?

First just leave it for a while. If there are a lot of files on your server it could take quite a while and could sometimes appear to not be moving along at all even if it really is working. If it still seems stuck after a while then try running the scan again, be sure you try both the Complete Scan and the Quick scan.

How did I get hacked in the first place?

First, don't take the attack personally. Lots of hackers routinely run automated script that crawl the internet looking for easy targets. Your site probably got hacked because you are unknowingly an easy target. This might be because you are running an older version of WordPress or have installed a Plugin or Theme with a backdoor or known security vulnerability. However, the most common type of infection I see is cross-contamination. This can happen when your site is on a shared server with other exploitable sites that got infected. In most shared hosting environments it's possible for hackers to use an one infected site to infect other sites on the same server, sometimes even if the sites are on different accounts.

What can I do to prevent it from happening again?

There is no sure way to protect your site from every kind of hack attempt. That said, don't be an easy target. Some basic steps should include: hardening your password, keeping all your sites up-to-date, and run regular scans with Anti-Malware software like GOTMLS.NET

Why does sucuri.net or the Google Safe Browsing Diagnostic page still say my site is infected after I have removed the malicious code?

sucuri.net caches their scan results and will not refresh the scan until you click the small link near the bottom of the page that says "Force a Re-scan" to clear the cache. Google also caches your infected pages and usually takes some time before crawling your site again, but you can speed up that process by Requesting a Review in the Malware or Security section of Google Webmaster Tools. It is a good idea to have a Webmaster Tools account for your site anyway as it can provide lots of other helpful information about your site.

How can I report security bugs?

You can report security bugs through the Patchstack Vulnerability Disclosure Program. The Patchstack team help validate, triage and handle any security vulnerabilities. Report a security vulnerability.

更新日志:

4.23.73 4.23.71 4.23.69 4.23.68 4.23.67 4.23.57 4.23.56 4.21.96 4.21.95 4.21.94 4.21.93 4.21.92 4.21.91 4.21.90 4.21.89 4.21.88 4.21.87 4.21.86 4.21.85 4.21.84 4.21.83 4.21.74 4.20.96 4.20.95 4.20.94 4.20.93 4.20.92 4.20.72 4.20.59 4.19.69 4.19.68 4.19.50 4.19.44 4.18.76 4.18.74 4.18.71 4.18.69 4.18.63 4.18.62 4.18.52 4.17.69 4.17.68 4.17.58 4.17.57 4.17.44 4.17.29 4.17.28 4.16.17 4.15.16 4.14.47 3.07.06 1.3.02.15 1.2.03.23