| Oct 12 2023 |
|
Productive |
* New. Skip status 99 for included networks.
* New. Changing admin password logic implemented.
* Mod. Scanner. Work with signatures body via base64 to prevent third-party malware scanners warns.
* Mod. Trusted networks has the highest priority on FW check.
* Mod. Installing. Updating latest version is duplicated from cron to the installing process.
* Mod. ScannerController.php -> action__scanner__signature_analysis. Moved signatures object creation out from cycle.
* Fix. Bad code viewing fixed.
* Fix. WAF signatures check fixed.
* Fix. FW logs files array statement check.
* Fix. Scanner. Large file size checking.
* Fix. FW update. Skip ivp6 networks.
* Fix. Helper. HTTP request. Try to connect via HTTP 2.0 if 1.0 has been failed.
* Fix. Show error if key is not valid.
* Fix. Cron tasks init on install fixed.
* Fix. Get hashes of approved files. Fix URL and version.
* Fix. Firewall. Add missing statuses. 15.12.2022 18:05
* Fix. FW check. Trusted networks now gain highest priority, more thatn personal records.
* Fix. Duplicated script adding.
* Fix. Empty page on main during BFP work.
* Fix. Scanner. View bad code (modal dialog)
* Fix. SecFW. Updater fixed - preventing several update process running.
* Fix. Server variables getting from $_SERVER instead of filter_input.
* Fix. SecFW. Writing fs stats sleep implemented.
* Fix. Amazon URLs.
* Fix. WAF. Now correctly extract and handle WAF rules.
* Fix. Signatures get. Show alert if can not connect signatures source.
* Fix. FW and BFP logs sending. Timestamp fix. Fix. FW and BFP logs sending. Formatting of log file to log data for API call refactored.
* Fix. usp_settings__plugin_state. Version comparison exception.
* Fix. ScannerController.php -> action__scanner__signature_analysis. Output the error if can\\\'t get signatures list.
* Fix: Fixed notice about undefined in Cron::class |
| Aug 15 2022 |
|
Archive |
New: Variables\\SuperGlobalVariables::sanitize - Runs sanitizing process for input parameter.
New: Variables\\SuperGlobalVariables::validation - Runs validation for input parameter.
New: Variables\\SuperVariables::get(). Implementation of validation and sanitizing.
Mod: spbc_scanner_file_*() validating input parameters.
New: Sanitizing filters.
New: Applying new sanitizing filters.
Fix: Sanitizing filters.
Fix. Code. DS constant defining fixed.
Mod: Added checking of strings and regular expressions in WAF
Fixed empty auth_ip in BFP::class
Added datetime_gmt to FW, changed datetime
Added datetime_gmt to BFP, changed datetime
Fixed different format datetime in BFP
Fix: FireWall. Updating fixed.
Datetime gmt in logs aa
Fixed bfp->logs_sent_time and bfp->logs_sent_amount
Mod: Added checking of strings and regular expressions in WAF |
| Feb 13 2022 |
|
Archive |
New: Scanner.Search regexp signatures.
- Scanner\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Helper::file__get_string_number_with_needle() - modified
- Scanner\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Scanner::file__scan__for_signatures() - modified
New: Firewall update.
- Using multi curl to download files
- Storing temporary firewall *.csv.zg files locally
- Helper class extended
Fix: if real ip is not defined.
Fix: notice send logs if ip is empty.
Fix: Firewall. Brute force protection module.
Fix: From test. Typo in settings.
Fix: From test. Malware signatures downloading and processing.
Fix: Send file for analysis.
- Empty dangerous code.
- PHP Warning.
Fix: Actions with files.
- Resetting actions and view handlers after an action performed.
- Hiding spinner after an action performed.
Fix: Common\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Storage::get(). PHP Warning: fgetcsv().
Fix: Helper::http__request(). File downloading. |
| Oct 19 2021 |
|
Archive |
Mod: Security Firewall. Exclusions for test domains.
Mod: Security Firewall. Result handling.
Mod: Stable BTree with unique keys.
Mod: Btree improvements.
Mod: BTreeLeaf. Nodes always have left link now.
Mod: BTreeLeafNode. New constructor.
New: FileDB, BTree, BTreeLeaf classes now are working with multiple values in BTree result. (non-unique keys)
Fix: File/Storage::put result.
Fix: File/Storage::getDataFromBufferToOutput empty start variable.
Fix: BTreeLeaf::unserialize() possible wrong offset.
Fix: BTree and BtreeLeaf classes.
Fix: Helper UA.
Fix: FileDB::setWhat().
Upd: FileDB meta data structure.
Del: FileStorage class.
Del: StorageRow class. |
| Sep 03 2021 |
|
Archive |
New: Apache rule to access index.php.
Mod: Firewall. Update delay for fast servers.
Mod: Scanner. Heuristic class updated to 2.1
Mod: Updater. Improvements. No useless requests.
Fix: Firewall. Multiple database results for IPs
Fix: PHP Warnings.
Fix: File::copy() fixed.
Fix: Security. Issue with non HTTPS resources download.
Fix: Check file descriptor before actions with file.
Fix: BFP. Logic error in the IP checking logic.
Fix: FileStorage class. get_rows_range__to_buffer() and get_rows__to_buffer() buffer check.
Fix: Cleantalk\\\\USP\\\\File\\\\BTree::getElementFromTree() strict argument type.
Fix: Conflict with DB::query() method inheritance. Method renamed to DB::q() and replaced in most places with DB::execute().
Fix: Firewall\\\\BFP. PHP Notice.
Fix: remove notice Undefined offset: 3 in Updater.php on line 53
Fix: new email template with settings after install plugin
Fix: Error class.
Fix: Updater. PHP Notice.
Fix: Bruteforce module error.
Fix: Setting. PHP Notice.
Fix: DB compatible with new PDO version.
Fix: BTree and BtreeLeaf classes.
Fix: Helper UA.
Added a file access rights check when installing the plugin, as well as a corresponding notification
Review: Added a file access rights check when installing the plugin, as well as a corresponding notification.
Create function is_login_page, add field for name of login form for custom CMS
Update logic of is_login_page() - add pass markers |
| Jan 15 2021 |
|
Archive |
Fix: Firewall local database storage. False positive and false negative triggers.
Fix: Error while cleaning Brute Force Protection log.
Fix: Storage class. PHP Notice.
Fix: Parsing and compiling CSV in Firewall and BFP log.
Fix: phpBB possible autoloader conflict.
Fix: Brute Force Protection statistics layout.
Fix: Scheduled tasks.
Fix: Brute Force Protection for Drupal.
Fix: Scanner. Signatures handling.
New: Update button. Possibility to update to new version from the settings page. |
| Dec 27 2020 |
|
Archive |
New: Installation. Sending password after installation.
New: Ask for email during installation.
New: Storing signatures in CSV format.
Fix: Scanner minor fixes.
Fix: Scanner. Table pagination.
Fix: Scanner. Deleting file from the list.
Fix: Security log. |
| Dec 04 2020 |
|
Archive |
New: Firewall. Notification about the updating with percentages.
New: Protecting UniForce login page.
Fix: Database class for PHP lower then 7.0.
Fix: Signatures statistics and update for no SQL scanner.
Fix: Do not show errors while checking SQL connection.
Fix: Long text displaying in scanner table.
Fix: Writing Security Firewall stats in the separate file.
Fix: Uninstall process.
Fix: Security. Logging login, logout, view, auth_failed.
Fix: Uninstall process. Cleaning up the data. |
| Nov 12 2020 |
|
Archive |
New: Statistics info block for scanner.
New: Checking requirements before installation.
New: Update signatures when saving settings.
New: Scanner. Using cloud Database. Plenty small fixes.
New: Use old version of scanner if OpenSSL is missing.
Fix: Firewall. Operating with IPs on 32 bit systems.
Fix: Firewall update. Consider 501 code as normal.
Fix: Error in login form.
Fix: Error in JS and CSS attachments.
Fix: Minor fixes. |
| Mar 18 2020 |
|
Archive |
Fix: Test IP only we have local DB.
Fix: Regular expression for detecting HTML docs.
Fix: Security issue.
Fix: Scanner results table layout.
New: Brute force protection for login form.
Mod: Updating firewall via scheduled task using remote call.
Plenty of minor fixes and improvements. |
| Mar 12 2020 |
|
Archive |
New: Redisigned settings.
New: Heuristic and signature malware scanner.
Improved perfomance.
Plenty minor fixes and improvments. |
| Feb 04 2020 |
|
Archive |
Security FireWall
WebApplication FireWall
BruteForce Protection |