| Dec 21 2023 |
|
Productive |
= 2.125 Dec 18 2023 =
* New. Activator class implemented.
* New. Deactivator class implemented.
* Upd. Heuristic. Add math module.
* Upd. Code. Common lib (heuristic) updated.
* Fix. Scanner. Undefined data key fixed.
* Fix. Scan. Added check for signatures count.
* Fix. Settings. Getting Access Key message fixed.
* Fix. SecFW. FW results priority fixed.
* Fix. PHP 8.2 deprecated notice fixed (creation of dynamic property ::cookie_domain)
* Fix. PHP 8.2 deprecated notice fixed (creation of dynamic property ::data__set_cookies) |
| Dec 07 2023 |
|
Archive |
* Fix. Table cells popup of hidden long text - CSS fixed.
* Upd. Traffic control. TC logic updated.
* Fix. FireWall. Statuses of the triggered networks displayed.
* Upd. Scanner. Manual cure button implemented. |
| Nov 23 2023 |
|
Archive |
* Fix. Scanner. Files deletion. Comparison of site responses before and after actions added.
* Fix. Heuristic. Command shell detection. Regex fixed.
* Fix. Heuristic. Mathematics module fixed.
* Fix. RenameLoginPage. Skip login renaming process for password-protected pages.
* Fix. Integrations. Add Password-protected compatibility.
* Fix. WafBlocker. Compatible with php8.
* New. Scanner. Analysis bulk actions: deleting implemented.
* Fix. Scan. Excluded invalid index.
* Fix. Scan. Added retry for unstable connection.
* Fix. SecFW. FireWall priority fixed.
* Fix. Settings. Enqueue scanner-plugin.js script fixed.
* Fix. Scan. Increasing amount dynamically.
* Fix. Auth. Removed conflict with password protected pages.
* Fix. Scan. Handling empty signature_found.
* Upd. Settings. Additional headers IP getting option updated.
* Mod. WAF blocker. New reason code \\\"-10\\\". New description for blocking page. |
| Nov 09 2023 |
|
Archive |
* New. Scan. Hashes blacklists.
* New. FireWall. New module added: WAF Blocker.
* Update. Scan. Keep surroundings code of FMS weak in db.
* Fix. SecFW. Updated the launch rule on wpms.
* Fix. RenameLoginPage. Skip login renaming process for password-protected pages.
* Fix. RenameLoginPage. Skip login renaming process for password-protected pages.
* Fix. Heuristic. Command shell detection. Regex fixed. |
| Oct 30 2023 |
|
Archive |
* Update. Common. Getting ip from resource by option.
* Update. Scanner. Hidden the listing backups and quarantine directories.
* Update. Scanner. Added check line length and mark of unreadable.
* Update. Scanner. Shell commands detection updated.
* Fix. Notice. Show review banner only administrator.
* Fix. Helpers. Data. Ignore unlink warnings.
* Fix. Scanner. Delete row from analysis log.
* Fix. Settings. Additional exclusions ruleset fixes. |
| Oct 12 2023 |
|
Archive |
* New. Scanner. Automatic send of critical files.
* New. Scanner. Detecting shell commands into backticks implemented.
* New. Scanner. Allow to send unknown files for analysis.
* New. General. New readme and screenshots.
* Update. Browser sign. Updated sign make logic, and count of remembered devices.
* Update. Scanner. DANGER files moved to SUSPICIOUS accordion.
* Update. Scanner. Improve view of suspicious code.
* Fix. Scanner. Request an audit button fixed.
* Fix. Scanner. Analysis log fixed. |
| Sep 28 2023 |
|
Archive |
* Fix. Scan. Improve directory filter.
* New. Admin. Dashboard widget implemented.
* Fix. Settings. Description about additional headers has been updated.
* Mod. Heuristic package update. System function shell_exec() now gains \"critical\" severity.
* Fix. FireWall. BruteForce protection fixed.
* Fix. Scanner. Ot extensions support added.
* Fix. Scanner results. Approved category updated.
* Fix. System function shell_exec() now gains \"critical\" severity.
* Fix. AMP integration
* Fix. Security log. Security logs description fixed.
* Fix. Scanner. Disapproving files fixed.
* Fix. Scanner. Remove disapproving button for approved by CT. |
| Sep 13 2023 |
|
Archive |
* Upd: Scan. Added .ott files for scanning.
* Fixed spbc_scanner__get_cure_log_data()
* New. Settings. Drop state data to defaults and remove all the cron tasks on empty key entered.
* Fix. Extended search for malware with SQL quotes (``).
* Fix. From heuristic package. Entropy fix.
* Fix to found superglobals in the code without semicolones
* Empty key actions
* Fixed Security Audit Banner, added this to Suspicious
* Update. Firewall. Table save last 20 rows after send logs, instead of delete all.
* Fix. Scanner. Unknown section fixed. |
| Aug 30 2023 |
|
Archive |
New. Settings. Add ability to change admin email.
New. Heuristics. Detect super variables in the system commands.
New. Show different types of weakspots in severity order.
Upd. Scan. Find and show all malwares in Frontend Malware accordion.
Upd. Security. Improve security logs view.
Upd. Scan. Unset approved by ct status if no hash in list.
Upd. Scan. Added .otc files for scanning. |
| Aug 16 2023 |
|
Archive |
New. WL. Added constants for custom description and FAQ link.
Fix. FW. Delete all lines after send fw logs.
Fix. WL. Support link in errors.
Fix. WL.Email 2FA fixed.
Fix. WL. Fixed block pages.
Fix. WL. There is no Templates if WL is active. |
| Aug 02 2023 |
|
Archive |
* New: Firewall. Protect login from brute force even if expired key.
* New: Scanner. Added extensions to find malware.
* Fix: Whitelabel. Added rules for check brand info.
* Fix: Front Scanner. Fixed modal view suspicious code for drive by download malware.
* Fix: General. Check response code on file delete.
* Fix: Scanner. Bulk actions fixed and improved.
* Fix: Scanner. Entropy analyse - Index invalid or out of range.
* Ref: General. WP 6.3 compatibility. Fixed version checking before scanner run.
* Ref: Rename login URl. For new instances default new login page rename.
* Ref: Scanner. Accordeon fields custom length. |
| Jul 19 2023 |
|
Archive |
* New: Scanner. Added pop up with info how to fix file listening and unsafe permissions.
* New: SecFW. Manage Firewall as option and refactored clear scanner logs button for admin access.
* New: User can disable email notification on change login url.
* Ref: General. HTTP lib refactoring.
* Ref: Settings. Added spbc__get_exists_directories().
* Fix: Scan. Fixed count outbound links. |
| Jul 05 2023 |
|
Archive |
* Ref: Update. Scanner. Remove green dot and fix typo.
* Ref: Update. Scanner. Added bulk actions for frontend malware and fix tabs view.
* New: Implemented a file recovery mechanism.
* Ref: Refactoring spbc_settings__field__draw().
* Fix: Scanner. Shuffle salts suggestion after curing fixed.
* Ref: Update. Scan. Removed duplicate of status in quarantine tab.
* New: Scanner. Entropy analysis added. |
| Jun 22 2023 |
|
Archive |
* New: Scanner. Heuristic and signatures scanner libraries implemented.
* Fix: Code. Auto Tests fixed.
* Fix: Code. Auto Tests fixed.
* Fix: Code. Travis config fixed.
* Ref: Refactoring spbc_field_scanner__prepare_data__files().
* Fix: Common. Checking ajax requests improved.
* Fix: Common. Checking ajax requests fixed.
* New: Code. Release notice automation added.
* New: Cure Log - Cure action implemented
* New: Important Files Monitoring.
* Fix: Dashboard. Replaced wp_timezone_string to spbc_wp_timezone_string. |
| Jun 05 2023 |
|
Archive |
* New: PDF report. Cure log support.
* Fix: Fixed trial banner.
* Fix: Scanner PDF report. PHP 8+ compatibility.
* New: Cure log implementation. Cure log PDF updates.
* Mod: Added new Security license status.
* Fix: Code. Code style fixed.
* Fix: Settings. Firewall tab moved to the first spot.
* Fix: Traffic control. Do not log TC records if user is skipped by a role.
* Fix: Cookies. Unset spbc_is_logged_in cookie on logout hook.
* Fix: Security logs. Do not send already sent logs on events.
* Fix: File deletion. Cancel if file is required in PHP ini.
* Mod: Frontend approved pages.
* Fix: File replacement with original fix.
* Mod: Analysis. Handled files can be deleted from analysis log. |
| May 24 2023 |
|
Archive |
= 2.110 May 22 2023 =
* Fix: Scanner. Making verdict fixed.
* Mod: Improved security log
* Fix: MscanFilesDTO. Make weak_spots signs unique.
* Fix: Scanner. Approved files will be check again if they were modified.
* Fix: Settings. List unknown files is active for the new installations.
* Fix: Trial expired. Remove forbidden error message in dashboard if trial expired.
* Fix: File analysis. Approved files shown as approved in abnalysis log.
* New: Firewall. Ipv6 handler implemented.
* Ref: Settings. spbc_seconds_to_human_time refactored and docs added.
* New: Remote calls. update_pscan_statuses |
| May 17 2023 |
|
Archive |
* Fix. Scanner. Heuristic logic fixed. |
| May 15 2023 |
|
Archive |
* Fix. Scanner. Improved heuristic.
* Fix. Code. Created checkingSpecialDecryptedToken().
* Fix. Code. Created FunctionsDecryptorService.
* Fix. Scanner. Modified SQL for SUSPICIOUS results.
* Fix. Firewall. Skip records with foud status 99.
* Update. Whitelabel. Replace brand data to spbc->data.
* Update. Scan. Add frontend malware send method to scanner queue.
* Fix. White label. Some custom brand entries fixed.
* Fix. WL mode. Affiliate section settings disable if the WL mode is active. |
| Apr 30 2023 |
|
Archive |
Fix-release. Fixed error during tries to resend approved files. |
| Apr 27 2023 |
|
Archive |
#### Cloud Malware Scanner (CMwS) implemented. Now suspicious files that sent for analysis will be checked via Cloud logic.
* New. Cloud Malware Scanner (CMwS) implemented.
* Fix. Firewall logs. IPv6 records now adds correct to the local database on feedback. |
| Apr 12 2023 |
|
Archive |
#### Ready to apply settings template from CleanTalk dashboard, uploading files WAF check improved and heuristic scanner fix for Windows systems.
* New. Settings. Plugin is ready to set a preset plugin settings template from the CleanTalk dashboard.
* Mod. WAF. Uploading files. Check files with signature analysis in addition to heuristic analysis.
* Fix. Scanner. Heuristic analysis. Files counting now works correctly on Windows systems. |
| Mar 30 2023 |
|
Archive |
* Fix. TC & BFP database handling fixed. |
| Mar 30 2023 |
|
Archive |
* Mod. Tested WordPress up to: 6.2.
* Mod. Traffic control. Changed time selector options.
* Fix. Do not glue spbc dialog rows on bad code/file content preview.
* Fix. WAF. Upload checker details area fixed.
* Fix. Reduce firewall priority calculation cycle.
* Fix. HTTP lib. WP 6.2+ supporting implemented.
* Fix. Do not skip files analysis if aggregated size overlimited.
* Fix. Do not show suspicious files if they are not sent for analysis.
* Fix. Heuristic. Unsetting verdict removed. |
| Mar 17 2023 |
|
Archive |
* Mod. Post meta. Hide post meta fields to prevent their display.
* Mod. Scanner. Add js files to scan.
* Fix. Lot of changes in timezones layout.
* Fix. BFP. Remove outdated BFP code.
* Fix. Traffic control. Cleaning TC table fixed.
* Fix. Scanner. FilesystemIterator return .. and . begins with php8.2 |
| Mar 06 2023 |
|
Archive |
* Fix: Heuristic. Variables execution fixed.
* Fix: Scanner. Slicing tokens fixed.
* New: Added SPBCT_ALLOW_CURL_SINGLE for frontend analysis.
* Mod: Sending logs. Files curing result now sends to the cloud correctly.
* Fix: Do not clear cured files array.
* Mod: Banner on trial end. Banner is not dismissible on the SPBC settings pages.
* Fix: Scanner. Added handler for errors caused third-party plugins.
* Fix: 2FA. Corrected work to find the user account.
* Fix: Scan. Commented decodeData method in heuristic class, because it\\\\\\\'s unstable.
* Fix: Firewall. Extend Helper\\\\\\\\IP logic for x_real_ip, for handle ipv6 if there is ipv4 with stubs. |
| Feb 13 2023 |
|
Archive |
* Fix: Heuristic. De-obfuscated strings concatenation fixed.
* Fix: TC. Traffic control checking logic simplified.
* Fix: Check php_uname or PHP_OS is available. Prevent fatal error and do not allow start scanner if so.
* Ref: All is_windows checks moved to SpbctWp/State.
* Fix: Apply changes to parent method except WP specific.
* Upd: Firewall. Rename firewall block status.
* Upd: Firewall. Added column \\\\\\\"requests per n minutes\\\\\\\".
* New: Scanner. Able to get a pdf version of scan log.
* Mod: Added clearing of custom message from unallowed tags.
* Fix: Fixed event_runtime.
* Fix: Scanner. Scanner tab content layout fixed.
* Fix: Scanner. Refresh scan info after scanning. |
| Feb 02 2023 |
|
Archive |
* Mod: Improved scan log.
* Mod: Improved the mechanism for adding signatures to the database.
* Fix: Scanner. Fixed final scan log array offset warning.
* Fix: Collecting themes via themes_api instead of plugins_api.
* Fix: Try to get firewall files hashes agagin before throw an error.
* Fix: Scanner. Exclude approved files from send.
* Fix: FW update. Now does not ignore networks with different statuses
* Fix: Generate backups tab and link anyway. |
| Jan 19 2023 |
|
Archive |
#### Improved code style, fixed some bugs, added new functionality
* New: Logging of scanning stages
* New: Settings. Brute force protection settings added.
* New: Malware Scanner. Warn user on settings and admin bar if critical files or frontend malware found.
* New: Malware Scanner. Warn user on settings and admin bar if critical files or frontend malware found.
* Mod: Mscanner. Custom period autostart.
* Mod: Red dot for malware scanner files list and admin bar
* Mod: Log layout refactored.
* Upd: Scanner. Added functionality of description for frontend results.
* Upd: Settings. FW logs tab updated.
* Ref: Log layout refactoring
* Ref: Settings hints refactoring
* Ref: \\\\\\\"users online\\\\\\\" name refactored to admins online
* Fix: Scanner. Compelled refactoring from \\\\\\\"Error Control Operators\\\\\\\" to try-catch.
* Fix: Admins online bar counter now count admin users only.
* Fix: Autocure end condition fix.
* Fix: Reverted previous fix, autocure result data moved to another condition.
* Fix: Settings. Admin bar - extra attention marks removed.
* Fix: Settings. Firewall tab - description updated.
* Fix: Settings. Typo fixed.
* Fix. Errors. Correction for resending to analysis error.
* Fix. Query. WPMS stat.
* Fix. Frontend query change.
* Fix. SecFW. New statuses 99 implemented.
* Fix. Code. Code style fixed.
* Fix. Files listing. Display accessible files fixed.
* Fix. Heuristic. Scanning process modified. |
| Dec 15 2022 |
|
Archive |
* New: Trusted text and affiliate settings.
* New: Remote calls. Private records handler.
* New: TC. New option added - exclude authorized user.
* Mod: Frontend scanner. Getting content for scanning is asynchronous now.
* Mod: Frontend scanner. Scan amount increased to 20.
* Mod: Analysis log. Date format changed.
* Mod: SFW. Checking hashes of uploaded files
* Mod: Added anchors to navigate through the settings sections.
* Fix: Variables. Cookies secure flag fixed.
* Fix: Fixed Unsafe Permissions description
* Fix: Login page. Warnings custom login url on php 8.
* Fix: Zapier works with 2FA
* Mod: Added a description to the analysis results |
| Nov 28 2022 |
|
Archive |
* Fix: WAF logs. Single quote escape during SQL write on WAF logs write.
* Fix: WAF logs. Single quote escape enchance.
* Ref: spbc_get_modules_by_type() - fixed getting Name
* Ref: get_modules_hashes()
* Mod: Admin page. Url is changed when switch tab, and added hotkey Ctrl+F5 for reload current tab.
* Fix: HTTP lib. Response::runCallbacks method fixed.
* Mod: Update. Frontend. Urls in text message render to links. |
| Nov 14 2022 |
|
Archive |
#### Improved code style, fixed some bugs, added new functionality
* Mod: the confirmation code length is 8 digits
* Ref: Updated description for option SEND PHP LOG
* Ref: Removed unused issueHandlers from psalm.xml
* Ref: spbc_PHP_logs__detect_EOL_type()
* Ref: Updated Website total files description
* Ref: Removed HOST checking in spbc_scanner_page_view()
* Fix: Frontend. Tooltip hide when mouseover
* Fix: ScannerQueue. Class usage fixed.
* Mod: Added description for file scan results |
| Oct 31 2022 |
|
Archive |
Mod: Frontend scanner - exclude unmodified pages
Test: Compatibility tested up to WP 6.1
New: MScanFilesDTO class implemented.
Fix: Now correctly transfer number of core files and total count of files.
Fix: Scanner. Now run autocure even if has results of previous heuristic scan.
Fix: Surface scanner. Prevent type error if directory permission is restricted due surface scanning.
Fix: spbc_resend_failed_files_for_analysis. Text fixes. |
| Oct 17 2022 |
|
Archive |
Fix: Improved code style, fixed some bugs
Fix. Use wp_send_json() instead die(json_encode(...))
Mod: Added bulk action for Deleting into Analysis log
Mod: Unsafe Permissions - Checking permission to access important files and folders
Fix: spbc_resend_failed_files_for_analysis()
Fix: RC. Update settings remote call fixed
Fix: Fixed SQL for critical files
Fix: Fixed key_changed after getting template |
| Oct 06 2022 |
|
Archive |
* Fix. spbc_scanner_page_view()
* Fix. Frontend scan. Wordpress postmeta table now selects correctly.
* Fix. Scanner log bulk actions.
* Fix. Critical files log.
* Fix. spbc_scanner_file_check_analysis_status.
* Fix. spbc_scanner_file_send_for_analysis__bulk.
* Mod. Scanner actions. View \\\"bad\\\" code buttons renamed.
* Mod: Removed the ability to send unknown files for analysis
* Mod: Improved functionality of the tab with files sent for analysis |
| Sep 20 2022 |
|
Archive |
New. Frontend scanner. Approving malware implemented.
Fix: Changed captures on banners
Fix: List table. Actions separator displaying fixed.
Fix. spbc_firewall__check(). If module poppyz is active, force new WP
Ref: PSR-12 Standarts
Fix: Fixed the incompatibility of the banner system between antispam
Fix: Fixed the data that the function spbc_get_source_info_of returns
Fix: Fixed spbc_get_source_info_of return data
Fix: Fixed frontend_analysis method
Fix: Fixed Frontend->getPagesUri
Fix: Fixed Frontend::countUncheckedPages
Fix. Settings template. Reset setting fixed. |
| Sep 08 2022 |
|
Archive |
#### Complete deactivation fixed, Frontend scanner improved, WPMS issues fixed and some minor issues fixed.
* New: Backups. Delete when complete deactivation.
* New. Frontend scanner. Re-scan the page during view bad code.
* Fix: Scanner. Heuristic. Add a detected_at for heuristically spotted attachments.
* Fix: Firewall. WPMS. Update on child blogs. Remote calls using its own blog URL.
* Fix: Firewall. WPMS. Update on child blogs. \\\'fw_stats\\\' option loads for each blog separately.
* Fix: Scan logs. Hide last scan log on a new scan process.
* Fix: Removed fw__append_standard_message and server_response_combine
* Fix: Scanner. Sending results fixed.
* Fix. Settings template. Reset setting fixed. |
| Aug 18 2022 |
|
Archive |
#### SecFW updating fixed, scanner cure fixed and some minor issues fixed.
* Mod: HTTP lib. Prepare URLs array in the setURL() method.
* Mod: Security Firewall. Update. Download 20 files by one queue execution.
* Upd: Common. Additional security headers added.
* Fix. Scanner. Cure backups fixed.
* Mod: Exclude files approved by the user from verification
* Fix. Settings template. Reset setting fixed. |
| Jul 27 2022 |
|
Archive |
#### Missed commits implemented. Minor issues fixed.
* New: FW Update. Make dependence for retries related to files count.
* Fix. API request. Do not retry request if error contain CleanTalk prepared server error.
* Fix: Heuristic. Use files paths without root due scan.
* Fix: Queue. Unset error in stage if stage has been retried successfully.
* Fix: Error output. Fix wrong variable name.
* Fix: SpbctWP\\\\Scanner\\\\ScannerQueue::controllerBackground(). Use correct transaction name.
* Fix: Scanner. The file \\\'Detected at\\\' property is set for every file.
* Fix: Common\\\\Sanitize cast integer filter to integer return type. |
| Jul 26 2022 |
|
Archive |
#### Last scan logs now displaying always, a brand new feedback banner added , sending files for analysis interface improved, code quality improved and some minor issues fixed.
* New. Scanner last result log now always visible in the scanner tab.
* New. Sending files for analysis mechanism now works without page reloading.
* New. Admin dashboard feedback banner.
* New: FW Update. Make dependence for retries related to files count.
* Fix: Settings. Scanner tab. Notice layout fix.
* Fix: Remote calls. Run right after plugin started without using any hook.
* Fix: Firewall update. Start checker after 30 seconds. Increase interval to 5 seconds.
* Fix: Firewall update. Using transaction instead of updating_id parameter.
* Fix: SpbctWP\\\\Cron reduce call interval to 90 seconds.
* Fix: Common\\\\Sanitize cast integer filter to integer return type.
* Fix: SpbctWP\\\\Scanner\\\\ScannerQueue::controllerBackground(). Use correct transaction name.
* Fix: spbc_resend_failed_files_for_analysis. Return if no files were sent to analysis.
* Fix: API. Correct comparison of the option of api servers provided in retryRequestToFastestServers()
* Fix: Heuristic. Use files paths without root due scan.
* Fix: FW. Block pages styles fixed.
* Fix: Queue. Unset error in stage if stage has been retried successfully.
* Fix: Error output. Fix wrong variable name.
* Fix. Custom login. Fix redirect while logout.
* Fix: Quarantine and de-quarantine. Notice fixed.
* Fix: Send for analysis. Notice fixed.
* Fix: API. Logic in retrying request to the fastest API-server.
* Fix: Constants. Links logs table name fixed.
* Fix: Settings. Firewall tab. TC link now works correct.
* Fix: 2FA. Do not clean security logs on the general login form submitting if 2FA is enabled.
* Fix: 2FA. Now always sends 6 digits codes.
* Imp: 2FA. Google 2FA description improved. |
| Jul 14 2022 |
|
Archive |
#### Scan process duration displaying, admin banners updated, code quality improved and some minor issues fixed.
* New. Scanner. Scan duration implemented.
* Fix. Rewrite login-url. Does not create new WP_Rewrite if no custom login form is set in the plugin settings.
* Fix. Scanner table actions messages. Improved messages style and logic.
* Fix. TablesAnalyzer.php. Now reset to initial blog ID on WPMS.
* Fix. SPBC_TBL_SCAN_FILES. Now uses base_prefix instead of prefix to prevent handling of unavailable blog scan result data on WPMS.
* Refactoring Admin Banners
* Fix. Admin banner. Security attention mark fixed.
* Fix. Scanner results. Remove undeleted separator after sending files for analysis.
* Fix. Scanner. Transferring stages names to the JS script fixed.
* Fif. Settings. Description fixed - hyperlinks protocol changed.
* Fix. Scanner. Signatures updating fixed.
* Fix. SecFW. Sending logs fixed.
* Fix. Scanner. Frontend scanning fixed.
* Fix. Scanner. Some scan stages fixed - signatures scan, heuristic scan, auto cure - fixed.
* Fix. Scanner. Scanned files count fixed.
* Fix. HTTP. Prevent caching during website answer code checking. |
| Jun 29 2022 |
|
Archive |
#### Additional data to the scanner\'s report added, available remote posting of api key, code quality improved and some minor issues fixed.
* New. Post api key remote call implemented.
* New. API key length extended to 30 symbols.
* New. Scanner. Additional data was added to the scanner report.
* New. Waf new params
* Fix. ScannerQueue.php. Now clear state->modules before new check.
* Fix. Heuristic. Getting inline HTML for checking implemented.
* Fix. Heuristic. Tokens max position fixed.
* Fixed spbc->notice_show
* Fix. Scanner. Sending results fixed. |
| Jun 20 2022 |
|
Archive |
#### SecFW updating fixed and some minor issues fixed.
* Fix. TablesAnalyzer.php, TablesCreator.php. Change tables charset and collation to support WP6+.
* Fix. - spbc-scanner.php - ListTable.php Add application/json header for every die($output) to.
* Fix. Firewall. Custom message will be wrapped on div tags instead of h2.
* Fix: Fixed colspan attribute in table row on plugin settings page
* Fix. IP.php. Private networks check fix.
* Mod: Surface.php - resave full_hash if different
* Fix. SecFW. Updating process fixed.
* Fix. HTTP lib. No cache pattern fixed.
* Fix. RemoteCalls. No cache parameter added.
* Fix. HTTP lib. Useragent for WP HTTP API requests fixed.
* Fix. Scanner. Heuristic. Includes. Empty include body.
* Fix. TablesAnalyzer.php. Remove incorrect table prefix for searched DB schema.
* Fix. TablesAnalyzer.php. Add collation search results check.
* Fix: Scanner. Preventing files actions during scanning.
* Fix. TablesAnalyzer.php. Rename possible collision with table names due collation check. |
| Jun 02 2022 |
|
Archive |
Fix. - spbc-admin.php - spbc-backups.php - spbc-scanner.php Add application/json header for every die($output) to.
Fix. spbc-scanner.php-> spbc_scanner_file_send. Fix \\\\\\\'unknown field checked\\\\\\\' while send for analysis.
Fix. ScannerQueue.php->controllerFront. Add application/json header to the output of stage result. |
| May 31 2022 |
|
Archive |
Fix. API::method_service_get() and its result processing.
Fix. From test. Scanner. Heuristic. Strings. Chars conversion.
Fix. From test. Scanner. Heuristic. Includes.
Fix. From test. Updater to 2.86.1.
Fix. From test. Resend file for analysis only for the main site.
Fix. get_cms_hashes(). Delete ex-core files if there is a same undeleted CORE hashes received from remote file.
Fix. Updater. Add settings for custom block message to the firewall blocking screens.
Fix: convertSchemaToStandard() fixed
Fix: perform() fixed
Fix: State->error_add() fixed
Fix: getDataFromRemoteGZ() fixed
Fix: important_files_listing() fixed
Fix: spbc_settings__register() fixed
Fix: spbc_field_scanner__files_listing__get_data() fixed
Fix: spbc_field_scanner__files_listing__get_total() fixed
Fix. Move spbc_resend_failed_files_for_analysis() from notice_paid_till processing logic.
Fix. Scanner. Actions. View bad code from file.
Fix. Scanner. Heuristic. Speed up.
Fix. spbc_resend_failed_files_for_analysis. Variable name fix.
Fix. SQLSchema.php Changes reverted. If there is no \\\\\\\"checked\\\\\\\" column the updater can\\\\\\\'t seek changes. Debug. UpdaterScripts.php. Debug removed.
Fix. get_modules_hashes(). SQL error fix.
Fix. Frontend.php->check(). Moved frontend scanner object creation to prevent collisions.
Fix. FrontendScan.php. Type of check added.
Fix. Switch heuristic analysis to 0 for 2.86 version.
Fix. HTTP. Request. Process unexpected errors.
Fix. Settings. Error output.
Fix. API::method_service_get() and its result processing #3.
Fix. API::method_service_get() and its result processing #2.
New. Firewall. Add custom block message to the blocking screens.
New. RemoteCalls. perform_service_get().
New. Add error type \\\\\\\'service_customize\\\\\\\'.
New. Implementation of API::method_service_get(): - in synchronize function; - in cron.
New. API::method_service_get() and its result processing.
New. Settings: - fw__custom_message; - fw__append_standard_message.
New. Add extra package logic.
New: Cherry pick from settings/extra-package.sr.
New: Settings. Collect PHP log description changed. It depends from \\\\\\\'extra_package\\\\\\\' flag.
New. UpdaterScripts.php. Update to 2_87_0 - delete \\\\\\\"checked\\\\\\\" row. New. SQLSchema.php. Removed checked row from schema. Debug. Version updated temporarily.
New. Methods in Scanner\\\\\\\\Heuristic\\\\\\\\Tokens: - convertOffset; - reindex; - getTokenFromPosition; - glueAllTokens; - getIterationTokens.
New. Implementation of Scanner\\\\\\\\Heuristic\\\\\\\\TokenGroups.
New. Scanner\\\\\\\\Heuristic\\\\\\\\Token implementation of \\\\\\\\Iterator, \\\\\\\\ArrayAccess, \\\\\\\\Countable interfaces.
New. Scanner\\\\\\\\Heuristic\\\\\\\\DataStructures\\\\\\\\Token. Represents instance of token.
New. Scanner\\\\\\\\Heuristic\\\\\\\\TokenGroups. Class with static properties. This class gather all types of token we are using to parse, analyze and deobfuscate the code.
New. DataStructure\\\\\\\\SplFixedArray::append().
New. spbc_check_files_sent_and_received(). Add check on timestamp if already sent in last 10 minutes. New. spbc_check_files_sent_and_received(). Errors handling
New. spbc_check_files_sent_and_received(). Check if count of sent and received files is equal. If not send differnce files again.
New. ScannerQueue.php. Changes to differ \\\\\\\"checked\\\\\\\" to \\\\\\\"cheked_heuristic\\\\\\\" and \\\\\\\"checked_signatures\\\\\\\"
New. Helper.php->isRegexp(). Now supports custom delimiters. Doc. Helper.php->isRegexp(). Docblock is set.
New. Helper.php->isRegexp(). Checks if signature is rexep, supports modifiers. Ref. Scanner. Regex checking moved to isRegexp. Ref. Firewall. Regex checking moved to isRegexp. Debug. spbc-admin.php. States commented.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\Controller. Add getters.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\Controller. Implementation of Token class.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\Controller. Constructor and properties.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\Controller. New way to iterate content.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\CodeStyle. Minor fix.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\Variables: - Improve search sequences; - Implementation of Token class.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\Variables. Minor fix.
Refactor. Scanner\\\\\\\\Heuristic\\\\\\\\Variables. Improve search sequences.
Refactor. Scanner\\\\\\\\H |
| May 19 2022 |
|
Archive |
Fix: Firewall. Update. DB request.
Fix: Delete useless \\\\\\\\\\\\\\\'use\\\\\\\\\\\\\\\';
Fix: Adding isText filter.
Fix: Signatures. Input \\\\\\\\\\\\\\\'NULL\\\\\\\\\\\\\\\' for empty values when updating signatures.
Fix: Scanner. Accordion. \\\\\\\\\\\\\\\'Critical\\\\\\\\\\\\\\\' tab. Check for if signatures exists before output result.
Fix: Common\\\\\\\\\\\\\\\\Helper::buffer__csv__get_map(). Use of validation class.
Fix: SpbctWP\\\\\\\\\\\\\\\\ListTable. Translations.
Fix: WAF. File check. Return result.
Fix: Scanner tab. CSS.
Fix: Few small fixes.
Fix: Fixed typo
Fix: Scanner. SpbctWP\\\\\\\\\\\\\\\\Scanner\\\\\\\\\\\\\\\\ScannerQueue. Use ScannerQueue::$db instead $wpdb in signature_analysis and heuristic_analysis.
Fix: Scanner. Implementing variable amount of checked files in one pass for heuristic and signature analysis.
Fix: Scanner. Percents count.
Fix: Scanner. Display spinner for row actions with files.
Fix: Scanner. Output error for row actions with files.
Fix. 2FA. Code sending email fixed.
Fix. 2FA. 2fa logic fixed.
Mod: Sanitize, Escape, Validate classes.
Mod: Signatures. Using \\\\\\\\\\\\\\\'mapped\\\\\\\\\\\\\\\' CSV file for signatures.
Mod: Signatures. Automatically parse CSV with map.
Mod: Update spbc_scanner_file_send() to use new DB structure.
Mod: spbcModal. CSS modify for error comment.
Mod: ListTable. Adding new bulk action \\\\\\\\\\\\\\\'send for analysis\\\\\\\\\\\\\\\' and refactor bulk actions handlers.
Mod: Do not make a remote calls when maintenance mode is enabled.
Mod: Updated phpDOC
Mod: Added escaping html for translate
Mod: Created Escape:class for escaping data
Mod: Refactoring Validator and Sanitizer classes
Mod: Added modificators in regexp for WAF
Mod: Settings. Do not show the support button if the access key is not correct.
New: WAF. Additional params to filter with. Prepare DB structure.
New: Scanner. Category \\\\\\\\\\\\\\\'Analysis log\\\\\\\\\\\\\\\'.
New: spbc_scanner_get_files_by_category() adding support for the new category \\\\\\\\\\\\\\\'analysis_log\\\\\\\\\\\\\\\'.
New: Implement table action \\\\\\\\\\\\\\\'check_analysis_status\\\\\\\\\\\\\\\'.
New: spbc_scanner_file_check_analysis_status(). Checks analysis status of passed file(s). Could handle multiple files input.
New: Variables\\\\\\\\\\\\\\\\Validator::isText() filter.
New: Common\\\\\\\\\\\\\\\\API. Process data for API::method__security_mscan_status().
New: Common\\\\\\\\\\\\\\\\API::method__security_mscan_status().
New: DB schema. Adding columns \\\\\\\\\\\\\\\'analysis_status\\\\\\\\\\\\\\\' and \\\\\\\\\\\\\\\'analysis_comment\\\\\\\\\\\\\\\' to \\\\\\\\\\\\\\\'scan_results\\\\\\\\\\\\\\\' table.
New: AJAX error comment output.
New: spbc_scanner_file_send_for_analysis__bulk() and handle error from a very single file.
New: spbc_scanner_get_file_by_id().
Ref: Decomposition of a class CleantalkSP\\\\\\\\\\\\\\\\Common\\\\\\\\\\\\\\\\Helper.
Del: Unused file Validator.php. |
| May 18 2022 |
|
Archive |
Fix. Scanner. Interface. Forbid user to check file analysis status for 10 minutes after sending.
Fix. spbc-settings.php Correct slash char \\\"\\\\\\\" is set in description.
Fix. From test. Catching unknown error.
Fix. Spbc-settings. Preloader fix. New. spbc-settings_tab--scanner.js. Spinner while content uploading.
Fix. spbc-settings_tab--scanner.js Debug removed
Fix. spbc-admin.php. States rolled back.
Fix: API. Add application agent to API-request.
Fix: Updater. Update to 2.82.
Fix. spbc_scannerButtonViewBad_callback(). Line width fix. New. spbc-settings.php. New test local domain New. FrontendScan.php WeakSpots lines length validation
Fix: Scanner. Links. Scanning posts with large amount of comments.
Fix. spbc_scannerButtonViewBad_callback(). Frame height fix.
Fix. spbc_scannerButtonViewBad_callback() Weak spot string style set. Fix. spbc_scanner_page_view() Weak spot redline style set.
Fix. spbc_scannerButtonViewBad_callback() Bad code highlight fixes.
Fix. spbc_scannerButtonViewBad_callback() Trying to fix HTML layout when view bad code.
Fix: Firewall. Update. End of update. To often setting savings.
Fix: Firewall. Update. Pass remote call action to Queue.
New. spbc-settings_tab--scanner.js. Spinner inside loading window.
Refactor. spbc-scanner.php. Debug removed.
Refactor. FrontendScan.php. Common weakspot parts of front-checks moved to constructWeakSpotArray() Ref. FrontendScan.php. validateLineLenght is redundant. Ref. FrontendScan.php. Debug removed. Ref. spbc-settings_tab--scanner.min.js Minified JS upload.
Refactor. Debug. spbc_scanner_clear().
Refactor. Frontend.php. Some explanation add. Fix. FrontendScan.php. Weak_spot cutting fix. |
| May 13 2022 |
|
Archive |
Fix: API. Add application agent to API-request. |
| May 12 2022 |
|
Archive |
Fix: Checking the existence of a function wp_is_maintenance_mode
Fix. CleantalkSP\\Common\\SpbctWP\\Request. Use \'blocking\' option for async requests.
Fix. CleantalkSP\\Common\\SpbctWP\\Request. Process exception passed from WordPress \\Requests class.
Fix: CleantalkSP\\Common\\HTTP\\Request. Timeout error while async request.
Fix: SpbctWP\\Scanner\\Heuristic\\Variables::updateArray_newElement(). Empty variable slice.
Fix: DataStructures\\ExtendedSplFixedArray::slice().
Fix: Scanner. Heuristic. Fatal error.
Fix: Scanner. Compatibility with PHP lower than 7.4.
Fix: Firewall. Brute-Force Protection module. Unexciting WP_Rewrite() object.
Fix: Scanner. Wrong progress percentage.
Refactor: CleantalkSP\\SpbctWP\\Scanner\\Heuristic\\Tokens::convertTokensToStandard(). |
| Apr 28 2022 |
|
Archive |
Fix: WordPress Multisite. Receive an access key in mode \\\\\\\"Mutual account, Individual access key\\\\\\\".
Fix. Scanner. Heuristic. Unset tokens.
Fix: Firewall. Calculation of the results priority logic.
Fix: Heuristic. Includes processing error.
Fix: Complete deactivation. Deleting all plugin settings from *_options.
Fix: Security Firewall update.
Fix: Call to undefined method CleantalkSP\\\\\\\\SpbctWP\\\\\\\\Helpers\\\\\\\\IP::ip__v6_reduce().
Fix: SpbctWP\\\\\\\\HTTP\\\\\\\\Request::appendParametersToURL().
Fix: DataStructures\\\\\\\\ExtendedSplFixedArray::getColumn() and slice() methods.
Fix: Delete useless class import.
Fix: SpbctWP\\\\\\\\HTTP\\\\\\\\Request. Inheritance bug.
Fix: fixed reloading of scanner accordion.
Fix: Complete deactivation.
Fix: result_wp_api_modules - version not exists
Fix: fixed colspan for approve message.
Fix: spbc->plugins for the first start.
Mod: Beautifying class import.
New: Common\\\\\\\\HTTP\\\\\\\\* wrapper for WordPress: SpbctWP\\\\\\\\HTTP\\\\\\\\Request.
New: Namespace Common\\\\\\\\HTTP\\\\\\\\ included classes: - Common\\\\\\\\HTTP\\\\\\\\Request; - Common\\\\\\\\HTTP\\\\\\\\Response.
New: SpbctWP\\\\\\\\Helper::http__get_data_from_gz() and implementation.
New: DataStructure\\\\\\\\ExtendedSplFixedArray class.
New: ExtendedSplFixedArray::unshift() method. Implementation of array_unshift for \\\\\\\\SplFixedArray.
Ref: Implementation of DataStructures\\\\\\\\ExtendedSplFixedArray to Heuristic\\\\\\\\* classes.
Ref: Implementation of new Helpers. Refactoring: PSR recommendation implementation.
Ref: Implementation of *\\\\\\\\HTTP\\\\\\\\Request. Refactoring: *\\\\\\\\RemoteCalls class upgrade.
Ref: Implementation of *\\\\\\\\HTTP\\\\\\\\Request for API requests.
Ref: Splitting *\\\\\\\\Helper class to the number of classes into name space \\\\\\\\Helpers\\\\\\\\*.
Ref: Common\\\\\\\\Helpers\\\\\\\\HelperHTTP rename method append_parameters_to_URL to appendParametersToURL.
Ref: Common\\\\\\\\Helper renaming methods.
Ref: SpbctWP\\\\\\\\Helper renaming methods.
Ref: Implement \\\\\\\'Truly moving IP* method from Common\\\\\\\\Helper to Common\\\\\\\\Helpers\\\\\\\\HelperIP\\\\\\\'.
Ref: Truly moving IP* method from Common\\\\\\\\Helper to Common\\\\\\\\Helpers\\\\\\\\HelperIP.
Ref: Rename Common/Helpers/HelperHTTP::$headers to $http_headers.
Ref: Rename Common/Helpers/HelperHTTP::getHeaders() to getHTTPHeaders(). |
| Mar 28 2022 |
|
Archive |
Fix: Scanner. Uploaded themes and plugins.
Fix: Set input parameter types for different functions using Security\\\\Firewall\\\\Result DTO.
Fix: Security\\\\Firewall\\\\Result. Set status after parent::constructor().
Fix: Delete debug.
Fix: Resolve CSS conflict with \\\'WP Lightbox 2\\\' plugin.
Fix: Scanner. File viewers. JS. Plenty of fixes.
Fix: 2FA. Users profile. Script attaching.
Fix: Scanner. File viewers. CSS fixes.
Fix: Common\\\\Helper::ip__v6_normalize(). hexdec() deprecated error.
Fix: Scanner. Frontend. File scan log.
Fix: UpdaterScripts. updateTo_2_82_0.
Fix: JavaScript. Table action.
Fix: Variables\\\\ServerVariables. Filters.
Fix: Scanner. Heuristic. Strings. Deprecated notice.
Fix. Scanner. Debug exclusions removed.
Mod: Security\\\\Firewall. Get changes from \\\'refactoring-prioritize-AA\\\' branch.
Mod: Alter SQL scheme for table firewall_logs. New \\\'signature_id\\\' column.
Mod: Alter SQL scheme for table scan_signatures. New \\\'waf_action\\\' column.
Mod: Add new properties to Security\\\\Firewall\\\\Result: - signature_id; - waf_action;
Mod: Move numeric status handling from Security\\\\Firewall\\\\Result::__constructor() to SpbctWP\\\\Firewall\\\\FW::check().
Mod: Added new columns to scan results
Mod: Firewall. Consider a smaller network as a prioritized result.
Mod: Update jQueryUI to version 1.13.1.
Mod: Optimization. Set the autoload flag to false where is possible.
Mod: Registration. Error message.
Mod: Interface. Terminology. Change \\\'API key\\\' to \\\'access key\\\'.
Mod: JS. Update minimized files.
Mod: Added to waf__suspicious_check() pattern as string.
Mod: Added to waf__exploit_check() pattern as string.
Mod: Added to waf__sql_check() pattern as string.
Mod: Added Validator::class and Sanitizer::class.
Mod: Authentication log. Do not send double log for a new device.
Mod: SpbctWP\\\\ListTable. Don not pass arguments to frontend.
Mod: JavaScript. Pass modified arguments when doing AJAX.
Mod: Added xss check by regular expression
Mod: Added link output for shuffle salts when treatment is performed.
Mod: Added new methods to Validator and Sanitizer.
New: spbc_list_table__get_args_by_type(). Get arguments for ListTable. New: spbc_list_table__get_args_by_type() implemented. New: SpbctWP\\\\ListTable. Process arguments in a new way.
New: ServerVariables. Filters.
New: SpbctWP\\\\Firewall. Update update_log.
New: SpbctWP\\\\Firewall\\\\WAF. Add middle_action() method to log a suspicious signatures.
New: SpbctWP\\\\Firewall\\\\WAF. Update. Working with suspicious signatures.
New: Implement Security\\\\Firewall\\\\Result class.
New: Security\\\\Firewall\\\\Result class. Represents a contract between firewall components.
New: Templates\\\\DTO class.
Refactoring: added method::hasSignature
Refactor: Security\\\\Firewall. Adding missing statuses to priority list.
Refactor: Security\\\\Firewall::prioritize(). |