=== Security & Malware scan by CleanTalk === Contributors: shagimuratov, Aleksandrrazor, sartemd174 Requires at least: 3.0 Stable tag: 2.2 Tested up to: 4.9.1 Tags: security, secure, malware, wordpress security, brute force License: GPLv2 Security, FireWall, Malware scan by CleanTalk, protects from Brute force hacks, online security. Report to email. Security plugin. == Description == = Security features = * **Stops brute force attacks to hack passwords** * **Stops brute force attacks to find WordPress accounts** * **Security Protection for WordPress login form** * **Security Protection for WordPress backend** * **Security FireWall to filter access to your site by IP, Networks or Countries** * **Security daily report to email** * **Security audit log** * **Real-time traffic monitor** * **Security Malware scanner** CleanTalk is a Cloud security service that protects your website from online threats and provides you great security instruments to control your website security. We provide detailed security stats for all of our security features to have a full control of security. All security logs are stored in the cloud for 45 days. Security FireWall by CleanTalk is a free plugin which works with the premium Cloud security service cleantalk.org. This security plugin as a service https://en.wikipedia.org/wiki/Software_as_a_service. == Frequently Asked Questions == = Why are they attacking me? = Hackers want to get access to your website and use it to get backlinks from your site to improve their site’s PageRank or redirect your visitors to malicious sites or use your website to send spam and viruses or other attacks.These attacks can damage your reputation with readers and commentators if you fail to tackle it. It is not uncommon for some WordPress websites to receive hundreds or even thousands of attacks every week. However, by using the Security CleanTalk plugin, all attacks will be stopped on your WordPress website. = How to install the plugin? = Installing the plugin is very simple and does not require much time or special knowledge. **Manual installation** 1. Download latest version on your computer's hard drive, https://downloads.wordpress.org/plugin/security-malware-firewall.zip 1. Go to your WordPress Dashboard->Plugins->Add New->Upload CleanTalk zip file. 1. Click Install Now and Activate. 1. After activated, go to plugin settings. Then you will need to create an API key, this is done automatically for you. Just click on "Get access key automatically" Installation completed successfully. **Installation from wordpress.org directory** 1. Navigate to Plugins Menu option in your WordPress administration panel and click the button "Add New". 1. Type CleanTalk in the Search box, and click Search plugins. 1. When the results are displayed, click Install Now. 1. Select Install Now. 1. Then choose to Activate the plugin. 1. After activated, go to plugin settings. Then you will need to create an API key, this is done automatically for you. Just click on "Get access key automatically" Installation completed successfully. = How to test the security service? = Please use the wrong username or password to log-in to your WP admin panel to see how the Security Plugin works. Then you may log-in with your correct account name and see the logs for the last actions in the settings or our plugin. Also, Audit Log will display the last visited URL's of the current user. = Is the plugin compatible with WordPress MultiUser (WPMU or WordPress network)? = Yes, the plugin is compatible with WordPress MultiUser. = How to control security activities on your website? = Go to your CleanTalk account->Log. Use filters to sort data for analyses. Security logs provide you to receive and keep information for 45 days. You have the following possibilities: 1. Time period for all records you want to see. 2. Website for which you want to see security records. Leave the field empty to see security records for all websites. 3. Choose an event you want to see: * Authorization Login — all successful logins to your website. * Authorization Logout — all closed sessions. * Authorization Invalid username — login attempts with not existing username. * Authorization Auth failed — wrong password login attempts. * Audit View — records of actions and events of users in your website backend. 4. Searching records by IP address. 5. Searching records by country. There are date and time of events for each record, username who performed an action and his IP (country) address. How to use Security Log https://cleantalk.org/help/Security-Log = Is it possible to set custom email for notification? = Yes, it is possible. Go to your CleanTalk account->Change email https://cleantalk.org/my/change-email = Why do you need an access key? = Access Key allows you to keep statistics up to 45 days in the cloud and different additional settings and has more possibilities to sort the data and analyses. Our plugin evolves to Cloud Technology and all its logs are transferred to Cloud. Cloud Service takes data processing and data storage and allows to reduce your webserver load. = How to use Security Log = * First go to your Security Dashboard. Choose "Site Security" in the "Services" menu. * Then go to your Security Log. You have the following possibilities: * Time period for all records you want to see. * Website for which you want to see security records. Leave the field empty to see security records for all websites. Choose an event you want to see: * Authorization Login — all successful logins to your website. * Authorization Logout — all closed sessions. * Authorization Invalid username — login attempts with not existing username. * Authorization Auth failed — wrong password login attempts. Audit View — records of actions and events of users in your website backend. * Searching records by IP address. * Searching records by username. * Searching records by country. List of records. Each record has the following columns: * Date — when the event happened. * User Log — who performed actions. * Event — what did he do. * Status — was he Passed or Banned. * IP — his IP address. * Country — what country that IP belongs to. * Details — some details if they are available. Please, read more https://cleantalk.org/help/Security-Log If you wish to block some countries from visiting your website, please, use this instruction: https://cleantalk.org/help/Security-Firewall = How to use Security Firewall = First go to your Security Dashboard. Choose "Site Security" in the "Services" menu. Then press the line "Black&White Lists" under the name of your website. You can add records of different types to your black list or white list: * IP-Addresses (For example 10.150.20.250, 10.10.10.10) * Subnets (For example 10.150.20.250/24, 10.10.10.10/8) * Countries. Click the line "Add a country" to blacklist or whitelist all IP-addresses of the chosen countries. The records can be added one by one or all at once using separators: comma, semicolon, space, tab or new line. After filling the field press the button "Whitelist" or "Blacklist". All added records will be displayed in your list below. Please note, all changes will be applied in 5-10 minutes. Please, read full instruction here https://cleantalk.org/help/Security-Firewall = How does malware scanner work? = Malware scanner will check and compare with the original WP files and show you what files were changed, deleted or added. Malware scanner could be used to find an added code in WP files. On your Malware Security Log page, you will see the list of all scans that were performed for your website. The CleanTalk Cloud saves the list of the found files for you to know where to look them for. = How to start malware scanner? = At the moment malware scanner may be started one time per day and manually. To start malware scanner go to the WordPress Admin Page —> Settings —> Security by CleanTalk —> "Malware Scanner" tab —> Perform Scan. Give the Malware Scanner some time to check all necessary files on your website. = Is it free or paid? = The plugin is free. But the plugin uses CleanTalk cloud security service. You have to register an account and then you will receive a free trial to test. When the trial (on CleanTalk account) is finished, you can renew the subscription for 1 year or deactivate the Security by CleanTalk plugin. If you haven’t got access key, the plugin will work and you will have logs only on the plugin settings page for last 20 requests. = What happens after the end of the trial period? = The plugin will fully perform its functions after the end of the trial period and will protect your website from brute force attacks and will keep Action Log in your WP Dashboard, but the number of entries in the log will be limited to the last 20 entries/24 hours. Also, you will receive a short daily security report to your email. Premium version allows to storage all logs for 45 days in the CleanTalk Dashboard for further analysis. = Email Notifications when administrators are logged in = Do you want to receive a notice each time a user with administrator rights is logged into the WP Dashboard? We added this option to our security plugin. Now you can receive notifications if you want to know about an unauthorized entrance to your WP Dashboard. Notification will be sent only when a user was able to authorize entering login and password. If you are logged into the admin panel from the saved session, then the alert won’t be sent. You can enable the option “Receive notifications for admin authorizations in your CleanTalk Dashboard. Choose “Site Security” in the “Services” menu, then click “Settings”. == Screenshots == 1. **Security report**. The report includes list of Brute force attacks or failed logins and list of successful logins. The plugin sends the reports daily. 1. **Security Log**. The log includes list of Brute force attacks or failed logins and list of successful logins for up to 45 days. To do the log is not accessible for hackers the plugin keeps the log on CleanTalk servers. 1. **Brute-force attacks log**. The log includes list of attacks for past 24 hours and shows only last 20 records. To see the full report please check the Daily security report in your Inbox. == Changelog == = 2.2 December 20 2017 = * Improvements: Security scanner. * Fix: Issue with periodically scan. * Minor error fixes. = 2.1 December 13 2017 = * Errors detection improved. * Security functions improved. * Cron updated. * Minor error fixes. = 2.0.1 December 5 2017 = * Minor error fixes. * Layout fixes. * Improved security scanner logic. = 2.0 December 4 2017 = * Added Malware Scanner. * Error fixes. * Improved update logic. = 1.29.1 November 27 2017 = * Error fix. = 1.29 November 23 2017 = * Security improvements. * Error fixes. = 1.28 November 8 2017 = * Security firewall fixes. = 1.27 November 3 2017 = * Improved security logs displaying. * Fixed issue with DB errors. * Many other small fixes and improvements. = 1.26 October 16 2017 = * Fixed issue with high CPU load. * Some small fixes for WPMS. * Security functionality improved. = 1.25 October 2 2017 = * Recognizing real IP when using Cloudflare CDN. * Admin notices and displaying fixes for WPMS. * Minor fixes. = 1.24 September 20 2017 = * Fix for Security Firewall under Worpdress Multisite with inherited access key. * Traffic Control log is now been updated automatically. * Minor fixes. = 1.23 September 15 2017 = * Security Firewall updated. * Fixed an issue with FireWall whitelist. * Fixes for WPMS. = 1.22 August 31 2017 = * Major fix for Wordpress Miltisite functionality. * Improved security functionality. * Minor fixes. = 1.21.1 August 24 2017 = * Last actions to view 20. = 1.21 August 24 2017 = * Added "Set cookies" setting. * Added Traffic Control feature. * Optimization. * Fixes for the cron jobs. = 1.20.2 July 7 2017 = * Fix the daily report sending function. = 1.20.1 July 5 2017 = * Minor fixes. = 1.20 July 3 2017 = * Fixes for cron system. * Some small fixes. * Stability and security were improved. = 1.19 June 15 2017 = * Added the secured tasks running system (cron) instead of using wp_cron. = 1.18 June 7 2017 = * Security settings have been redesigned. = 1.17 May 24 2017 = * Improved security functions. * Sending protected URL and other info to the cloud. = 1.16 May 16 2017 = * Small security fixes. * Blocking page cache issues fix. = 1.15 April 24 2017 = * Small security fixes. * Translation fix. = 1.14 April 13 2017 = * Major fix for Security FireWall. * Translation fix. * Changes for settings screen (Support button added). * Improved performance. = 1.13 April 5 2017 = * Fix for 'Let them know about security protection' option. * Minor fixes to improve security logic. * Added 'Complete deactivation' option. = 1.12 March 30 2017 = * Major fix for security firewall. * Small fixes for settings page. * Fixed WPDB Warnings for new users. * 'Complete deactivation' option was added. = 1.11.1 March 24 2017 = * Fixed issue with database prefix. * Small fixes to improve security logic. = 1.11 March 23 2017 = * Security has been improved. Added email notifications to account owner about superuser login to WordPress backend. * Brute force protection logic has been updated. = 1.10.1 March 17 2017 = * Fixed issue with exit() statement. = 1.10 March 17 2017 = * Improved anti brute force protection. An anti brute force notice has been added on sign in form. * Fixed logic to process remote calls. * Small fixes to improve security logic. = 1.9.6 March 14 2017 = * Fixed anti brute force logic to avoid issue with emails scanning. * Small fixes to improve security logic. = 1.9.5 March 7 2017 = * Database fix (support DB prefix with digits). * Fix for admin notices. * Small fixes to improve security logic. = 1.9.4 March 2 2017 = * Small fixes (WPMS settings logic, FireWall). * Added option for notification on login page. * Small fixes to improve security logic. = 1.9.3 February 28 2017 = * Packets SQL requests for FireWall updates. * Small fixes (User token gaining) * Notification changes = 1.9.2 February 16 2017 = * Bug fixes. * Automatic FireWall update time increased to 1 day. = 1.9.1 February 8 2017 = * Minor bug fixes. = 1.9 January 26 2017 = * Added new feature Security FireWall. * Common optimization. * Minor bug fixes. = 1.8.2 January 16 2017 = * Cron hooks fix = 1.8.1 December 29 2016 = * Translation fix = 1.8 December 23 2016 = * Fixes for settings page. * Showing last logs sending time in settings. = 1.7.2 December 19 2016 = * Fixed issue with logging for brute-force attacks. = 1.7.1 December 13 2016 = * Fix for translation system. * Added Russian language support. * Minor fixes. = 1.7 December 12 2016 = * Added support for WPMS. * Personal log possibility for each website. * Translation system attached. * Varnish extension compatibility. = 1.6.1 November 29 2016 = * Fixed error for some PHP versions. = 1.6 November 29 2016 = * Cloud service API key. * Cloud service dashboard. * Logs are stored in Cloud. * Protection status. * Code optimization. = 1.5.2 November 16 2016 = * Fixed conflict with CleanTalk Anti-spam plugin. = 1.5.1 November 14 2016 = * Fixed and improve log. * Fixed database error. * Changed update logic. = 1.5 November 13 2016 = * Logging viewed admin's page. * Counting viewed time. = 1.4.3 November 2 2016 = * Fixed issue with Security report. On some hostings the report couldn't be send by WP Cron because of PHP Fatal error with spbc_report_country_part(). = 1.4.2 October 20 2016 = * Improved the Security log. The new version includes brute force attacks to find WordPress accounts. * Applied changes to localize the plugin via Translating WordPress.org. * Minor backend fixes. = 1.3.1 September 29 2016 = * Fixed issue with PHP 5.2 and Security reports. * Fixed issue with WordPress notice after plugin activation. = 1.3 September 20 2016 = * Added a log of last 20 events (login, logout, auth failed and etc.) in WordPress backend to the plugin settings. * Added WP cron call for every auth_failed event. This fix has been made to avoid issue with missed Daily security reports on low visited web sites. = 1.2.3 September 14 2016 = * Added a country name in the Daily report for each IP address in the list of Brute-Force attacks. * Minor changes with WP Cron integration. = 1.2.1 September 5 2016 = * Fixed issue with Daily security report. Previous version (1.2) didn't send the report. = 1.2 September 2 2016 = * Added Daily security report. The report includes list of Brute-force attacks or failed logins and list of successful logins. = 1.1.1 August 29 2016 = * Removed some statement to debug the plugin. = 1.1 August 29 2016 = * Added 10 seconds delay for a failed attempt if more then 5 failed attempts have been made for past 1 hour. = 1.0.1 August 24 2016 = * Minor fix. = 1.0 August 19 2016 = * First release with anti brute force hacks protection. == Upgrade Notice == = 2.2 December 20 2017 = * Improvements: Security scanner. * Fix: Issue with periodically scan. * Minor error fixes. = 2.1 December 13 2017 = * Errors detection improved. * Security functions improved. * Cron updated. * Minor error fixes. = 2.0.1 December 5 2017 = * Minor error fixes. * Layout fixes. * Improved security scanner logic. = 2.0 December 4 2017 = * Added Malware Scanner. * Error fixes. * Improved update logic. = 1.29.1 November 27 2017 = * Error fix. = 1.29 November 23 2017 = * Security improvements. * Error fixes. = 1.28 November 8 2017 = * Security firewall fixes. = 1.27 November 3 2017 = * Improved security logs displaying. * Fixed issue with DB errors. * Many other small fixes and improvements. = 1.26 October 16 2017 = * Fixed issue with high CPU load. * Some small fixes for WPMS. * Security functionality improved. = 1.25 October 2 2017 = * Recognizing real IP when using Cloudflare CDN. * Admin notices and displaying fixes for WPMS. * Minor fixes. = 1.24 September 20 2017 = * Fix for Security Firewall under Worpdress Multisite with inherited access key. * Traffic Control log is now been updated automatically. * Minor fixes. = 1.23 September 15 2017 = * Security Firewall updated. * Fixed an issue with FireWall whitelist. * Fixes for WPMS. = 1.22 August 31 2017 = * Major fix for Wordpress Miltisite functionality. * Improved security functionality. * Minor fixes. = 1.21.1 August 24 2017 = * Last actions to view 20. = 1.21 August 24 2017 = * Added "Set cookies" setting. * Added Traffic Control feature. * Optimization. * Fixes for the cron jobs. = 1.20.2 July 7 2017 = * Fix the daily report sending function. = 1.20.1 July 5 2017 = * Minor fixes. = 1.20 July 3 2017 = * Fixes for cron system. * Some small fixes. * Stability and security were improved. = 1.19 June 15 2017 = * Added the secured tasks running system (cron) instead of using wp_cron. = 1.18 June 7 2017 = * Security settings have been redesigned. = 1.17 May 24 2017 = * Improved security functions. * Sending protected URL and other info to the cloud. = 1.16 May 16 2017 = * Small security fixes. * Blocking page cache issues fix. = 1.15 April 24 2017 = * Small security fixes. * Translation fix. = 1.14 April 13 2017 = * Major fix for Security FireWall. * Translation fix. * Changes for settings screen (Support button added). * Improved performance. = 1.13 April 5 2017 = * Fix for 'Let them know about protection' option. * Minor fixes. * Added 'Complete deactivation' option. = 1.12 March 30 2017 = * Major fix for security firewall. * Small fixes for settings page. * Fixed WPDB Warnings for new users. * 'Complete deactivation' option was added. = 1.11.1 March 24 2017 = * Fixed issue with database prefix. * Smal fixes. = 1.11 March 23 2017 = * Security has been improved. Added email notifications to account owner about superuser login to WordPress backend. * Brute force protection logic has been updated. = 1.10.1 March 17 2017 = * Fixed issue with exit() statement. = 1.10 March 17 2017 = * Improved anti brute force protection. An anti brute force notice has been added on sign in form. * Fixed logic to process remote calls. = 1.9.6 March 14 2017 = * Fixed anti brute force logic to avoid issue with emails scanning. = 1.9.5 March 7 2017 = * Database fix (support DB prefix with digits). * Fix for admin notices. = 1.9.4 March 2 2017 = * Small fixes (WPMS settings logic, FireWall). * Added option for notification on login page. = 1.9.3 February 28 2017 = * Packets SQL requests for FireWall updates. * Small fixes (User token gaining) * Notification changes = 1.9.2 February 16 2017 = * Bug fixes. * Automatic FireWall update time increased to 1 day. = 1.9.1 February 8 2017 = * Minor bug fixes. = 1.9 January 26 2017 = * Added new feature Security FireWall. * Common optimization. * Minor bug fixes. = 1.8.2 January 16 2017 = * Cron hooks fix = 1.8.1 December 29 2016 = * Translation fix = 1.8 December 23 2016 = * Fixes for settings page. * Showing last logs sending time in settings. = 1.7.2 December 19 2016 = * Fixed issue with logging for brute-force attacks. = 1.7.1 December 13 2016 = * Fix for translation system. * Added Russian language support. * Minor fixes. = 1.7 December 12 2016 = * Added support for WPMS. * Personal log possibility for each website. * Translation system attached. * Varnish extension compatibility. = 1.6.1 November 29 2016 = * Fixed error for some PHP versions. = 1.6 November 29 2016 = * Cloud service API key. * Cloud service dashboard. * Logs are stored in Cloud. * Protection status. * Code optimization. = 1.5.2 November 16 2016 = * Fixed conflict with CleanTalk Anti-spam plugin. = 1.5.1 November 14 2016 = * Fixed and improve log. * Fixed database error. * Changed update logic. = 1.5 November 13 2016 = * Logging viewed admin's page. * Counting viewed time. = 1.4.3 November 2 2016 = * Fixed issue with Security report. On some hostings the report couldn't be send by WP Cron because of PHP Fatal error with spbc_report_country_part(). = 1.4.2 October 20 2016 = * Improved the Security log. The new version includes brute force attacks to find WordPress accounts. * Applied changes to localize the plugin via Translating WordPress.org. * Minor backend fixes. = 1.3.1 September 29 2016 = * Fixed issue with PHP 5.2 and Security reports. * Fixed issue with WordPress notice after plugin activation. = 1.3 September 20 2016 = * Added a log of last 20 events (login, logout, auth failed and etc.) in WordPress backend to the plugin settings. * Added WP cron call for every auth_failed event. This fix has been made to avoid issue with missed Daily security reports on low visited web sites. = 1.2.1 September 5 2016 = * Fixed issue with Daily security report. Previous version didn't send the report.