| Server IP : 192.64.118.117 / Your IP : 18.119.108.165 Web Server : LiteSpeed System : Linux premium56.web-hosting.com 4.18.0-513.24.1.lve.1.el8.x86_64 #1 SMP Thu May 9 15:10:09 UTC 2024 x86_64 User : thecgapy ( 1160) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/thecgapy/mobilecreationz.com/wp-content/plugins/wordfence/lib/ |
Upload File : |
<?php
$w = new wfConfig();
?>
<div class="wordfenceModeElem" id="wordfenceMode_options"></div>
<div class="wrap wordfence">
<?php $helpLink = "http://docs.wordfence.com/en/Wordfence_options";
$helpLabel = "Learn more about Wordfence Options";
$pageTitle = "Wordfence Options";
$wantsLiveActivity = true;
include( 'pageTitle.php' ); ?>
<!-- <div class="wordfenceLive">
<table border="0" cellpadding="0" cellspacing="0" class="wordfenceLiveActivity">
<tr>
<td><h2>Wordfence Live Activity:</h2></td>
<td id="wfLiveStatus"></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" class="wordfenceLiveStateMessage">
<tr>
<td>Live Updates Paused — Click inside window to resume</td>
</tr>
</table>
</div> -->
<div class="wf-container-fluid">
<div class="wf-row">
<?php
$rightRail = new wfView('marketing/rightrail');
echo $rightRail;
?>
<div class="<?php echo wfStyle::contentClasses(); ?>">
<form id="wfConfigForm" class="wf-form-horizontal">
<h2>License</h2>
<div class="wf-form-group">
<label for="apiKey" class="wf-col-sm-3 wf-control-label">Your Wordfence API Key <a href="http://docs.wordfence.com/en/Wordfence_options#Wordfence_API_Key" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-9">
<input type="text" id="apiKey" class="wf-form-control" name="apiKey" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" value="<?php $w->f( 'apiKey' ); ?>" size="80">
</div>
</div>
<div class="wf-form-group">
<label for="apiKeyDetail" class="wf-col-sm-3 wf-control-label">Key type currently active</label>
<div class="wf-col-sm-9">
<p class="wf-form-control-static">
<?php if (wfConfig::get('hasKeyConflict')) { ?>
<span style="font-weight: bold; color: #A00;">The currently active Premium API Key is in use on another site.</span>
<?php } else if (wfConfig::get( 'isPaid' )){ ?>
The currently active API Key is a Premium Key. <span style="font-weight: bold; color: #0A0;">Premium scanning enabled!</span>
<?php } else { ?>
The currently active API Key is a <span style="color: #F00; font-weight: bold;">Free Key</span>. <a
href="https://www.wordfence.com/gnl1optAPIKey1/wordfence-signup/" target="_blank">Click Here to Upgrade to
Wordfence Premium now.</a>
<?php } ?>
</p>
</div>
</div>
<div class="wf-form-group">
<?php if (wfConfig::get('hasKeyConflict')): ?>
<div class="wf-col-sm-9 wf-col-sm-offset-3">
<a href="https://www.wordfence.com/gnl1optMngKysReset/manage-wordfence-api-keys/" target="_blank"><input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Reset your premium license"/></a> <input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Downgrade to a free license" onclick="WFAD.downgradeLicense();"/>
</div>
<?php elseif (wfConfig::get('isPaid')): ?>
<div class="wf-col-sm-9 wf-col-sm-offset-3">
<a href="https://www.wordfence.com/gnl1optMngKys/manage-wordfence-api-keys/" target="_blank"><input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Renew your premium license"/></a> <input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Downgrade to a free license" onclick="WFAD.downgradeLicense();"/>
</div>
<?php else: ?>
<div class="wf-col-xs-12">
<div class="wf-premium-callout">
<h3>Upgrade today:</h3>
<ul>
<li>Receive real-time Firewall and Scan engine rule updates for protection as threats emerge</li>
<li>Advanced features like IP reputation monitoring, country blocking, an advanced comment spam filter and cell phone sign-in give you the best protection available</li>
<li>Remote, frequent and scheduled scans</li>
<li>Access to Premium Support</li>
<li>Discounts of up to 90% for multiyear and multi-license purchases</li>
</ul>
<p class="center"><a class="wf-btn wf-btn-primary wf-btn-callout" href="https://www.wordfence.com/gnl1optCallout1/wordfence-signup/" target="_blank">Get Premium</a></p>
</div>
</div>
<?php endif ?>
</div>
<h2>Basic Options <a href="http://docs.wordfence.com/en/Wordfence_options#Basic_Options" target="_blank" class="wfhelp"></a></h2>
<div class="wf-form-group">
<label for="firewallEnabled" class="wf-col-sm-5 wf-control-label">Enable Rate Limiting and Advanced Blocking <a href="https://docs.wordfence.com/en/Wordfence_options#Enable_Rate_Limiting_and_Advanced_Blocking" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="firewallEnabled" class="wfConfigElem" name="firewallEnabled" value="1" <?php $w->cb( 'firewallEnabled' ); ?>></div>
<span class="wf-help-block"><span style="color: #F00;">NOTE:</span> This checkbox enables ALL blocking/throttling functions including IP, country and advanced blocking, and the "Rate Limiting Rules" below.</span>
</div>
</div>
<div class="wf-form-group">
<label for="loginSecurityEnabled" class="wf-col-sm-5 wf-control-label">Enable login security <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_login_security" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSecurityEnabled" class="wfConfigElem" name="loginSecurityEnabled" value="1" <?php $w->cb( 'loginSecurityEnabled' ); ?>></div>
<span class="wf-help-block">This option enables all "Login Security" options, including two-factor authentication, strong password enforcement, and invalid login throttling. You can modify individual options further down this page.</span>
</div>
</div>
<div class="wf-form-group">
<label for="liveTrafficEnabled" class="wf-col-sm-5 wf-control-label">Enable Live Traffic View <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_Live_Traffic_View" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="liveTrafficEnabled" class="wfConfigElem" name="liveTrafficEnabled" value="1" <?php $w->cb( 'liveTrafficEnabled' ); ?> onclick="WFAD.reloadConfigPage = true; return true;"></div>
<span class="wf-help-block">This option enables live traffic logging.</span>
</div>
</div>
<div class="wf-form-group">
<label for="advancedCommentScanning" class="wf-col-sm-5 wf-control-label">Advanced Comment Spam Filter <a href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Comment_Spam_Filter" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="advancedCommentScanning" class="wfConfigElem" name="advancedCommentScanning" value="1" <?php $w->cbp( 'advancedCommentScanning' ); if (!wfConfig::get('isPaid')) { ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#advancedCommentScanning').attr('checked', false); return false;" <?php } ?>></div>
<span class="wf-help-block"><span style="color: #F00;">Premium Feature</span> In addition to free comment filtering (see below) this option filters comments against several additional real-time lists of known spammers and infected hosts.</span>
</div>
</div>
<div class="wf-form-group">
<label for="spamvertizeCheck" class="wf-col-sm-5 wf-control-label">Check if this website is being "Spamvertised" <a href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_is_being_.22Spamvertized.22" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="spamvertizeCheck" class="wfConfigElem" name="spamvertizeCheck" value="1" <?php $w->cbp('spamvertizeCheck'); if (!wfConfig::get('isPaid')) { ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#spamvertizeCheck').attr('checked', false); return false;" <?php } ?>></div>
<span class="wf-help-block"><span style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam services if your site domain name is appearing as a link in spam emails.</span>
</div>
</div>
<div class="wf-form-group">
<label for="checkSpamIP" class="wf-col-sm-5 wf-control-label">Check if this website IP is generating spam <a href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_IP_is_generating_spam" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="checkSpamIP" class="wfConfigElem" name="checkSpamIP" value="1" <?php $w->cbp( 'checkSpamIP' ); if (!wfConfig::get('isPaid')) { ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#checkSpamIP').attr('checked', false); return false;" <?php } ?>></div>
<span class="wf-help-block"><span style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam services if your website IP address is listed as a known source of spam email.</span>
</div>
</div>
<div class="wf-form-group">
<label for="scheduledScansEnabled" class="wf-col-sm-5 wf-control-label">Enable automatic scheduled scans <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_automatic_scheduled_scans" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb( 'scheduledScansEnabled' ); ?>></div>
<span class="wf-help-block">Regular scans ensure your site stays secure.</span>
</div>
</div>
<div class="wf-form-group">
<label for="autoUpdate" class="wf-col-sm-5 wf-control-label">Update Wordfence automatically when a new version is released? <a href="http://docs.wordfence.com/en/Wordfence_options#Update_Wordfence_Automatically_when_a_new_version_is_released" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="autoUpdate" class="wfConfigElem" name="autoUpdate" value="1" <?php $w->cb( 'autoUpdate' ); ?>></div>
<span class="wf-help-block">Automatically updates Wordfence to the newest version within 24 hours of a new release.<br>
<?php if (getenv('noabort') != '1' && stristr($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false) { ?>
<span style="color: #F00;">Warning: </span>You are running LiteSpeed web server and you don't have the "noabort" variable set in your .htaccess.<br>
<a href="https://docs.wordfence.com/en/LiteSpeed_aborts_Wordfence_scans_and_updates._How_do_I_prevent_that%3F" target="_blank">Please read this article in our FAQ to make an important change that will ensure your site stability during an update.<br>
<?php } ?></span>
</div>
</div>
<div class="wf-form-group">
<label for="alertEmails" class="wf-col-sm-5 wf-control-label">Where to email alerts <a href="http://docs.wordfence.com/en/Wordfence_options#Where_to_email_alerts" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" id="alertEmails" name="alertEmails" class="wf-form-control" value="<?php $w->f( 'alertEmails' ); ?>" size="50">
<span class="wf-help-block">Separate multiple emails with commas.</span>
</div>
</div>
<div class="wf-form-group">
<label for="howGetIPs" class="wf-col-sm-5 wf-control-label">How does Wordfence get IPs <a href="http://docs.wordfence.com/en/Wordfence_options#How_does_Wordfence_get_IPs" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="howGetIPs" name="howGetIPs" class="wf-form-control">
<option value="">Let Wordfence use the most secure method to get visitor IP addresses. Prevents spoofing and works with most sites.</option>
<option value="REMOTE_ADDR"<?php $w->sel( 'howGetIPs', 'REMOTE_ADDR' ); ?>>Use PHP's built in REMOTE_ADDR and don't use anything else. Very secure if this is compatible with your site.</option>
<option value="HTTP_X_FORWARDED_FOR"<?php $w->sel( 'howGetIPs', 'HTTP_X_FORWARDED_FOR' ); ?>>Use the X-Forwarded-For HTTP header. Only use if you have a front-end proxy or spoofing may result.</option>
<option value="HTTP_X_REAL_IP"<?php $w->sel( 'howGetIPs', 'HTTP_X_REAL_IP' ); ?>>Use the X-Real-IP HTTP header. Only use if you have a front-end proxy or spoofing may result.</option>
<option value="HTTP_CF_CONNECTING_IP"<?php $w->sel( 'howGetIPs', 'HTTP_CF_CONNECTING_IP' ); ?>>Use the Cloudflare "CF-Connecting-IP" HTTP header to get a visitor IP. Only use if you're using Cloudflare.</option>
</select>
</div>
</div>
<div class="wf-form-group">
<div class="wf-col-sm-7 wf-col-sm-offset-5">
<a class="wf-btn wf-btn-primary wf-btn-callout" href="#" onclick="WFAD.saveConfig(); return false;">Save Options</a> <div class="wfAjax24"></div><span class="wfSavedMsg"> Your changes have been saved!</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerBasicOptions"></div>
<h2>Advanced Options <a href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Options" target="_blank" class="wfhelp"></a></h2>
<div class="wf-form-group">
<div class="wf-col-sm-9">
<span class="wf-help-block">Wordfence works great out of the box for most websites. Simply install Wordfence and your site and content is protected. For finer granularity of control, we have provided advanced options.</span>
</div>
</div>
<div id="wfConfigAdvanced">
<h3>Alerts <a href="http://docs.wordfence.com/en/Wordfence_options#Alerts" target="_blank" class="wfhelp"></a></h3>
<?php
$emails = wfConfig::getAlertEmails();
if (count($emails) < 1):
?>
<div class="wf-form-group">
<div class="wf-col-sm-9">
<span class="wf-help-block" style="color: #ff0000;">You have not configured an email to receive alerts yet. Set this up under "Basic Options" above.</span>
</div>
</div>
<?php
endif;
?>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'alertOn_update',
'label' => 'Email me when Wordfence is automatically updated',
'help' => 'If you have automatic updates enabled (see above), you\'ll get an email when an update occurs.',
),
array(
'id' => 'alertOn_wordfenceDeactivated',
'label' => 'Email me if Wordfence is deactivated',
),
array(
'id' => 'alertOn_critical',
'label' => 'Alert on critical problems',
),
array(
'id' => 'alertOn_warnings',
'label' => 'Alert on warnings',
),
array(
'id' => 'alertOn_block',
'label' => 'Alert when an IP address is blocked',
),
array(
'id' => 'alertOn_loginLockout',
'label' => 'Alert when someone is locked out from login',
),
array(
'id' => 'alertOn_lostPasswdForm',
'label' => 'Alert when the "lost password" form is used for a valid user',
),
array(
'id' => 'alertOn_adminLogin',
'label' => 'Alert me when someone with administrator access signs in',
'subs' => array(
array(
'id' => 'alertOn_firstAdminLoginOnly',
'label' => 'Only alert me when that administrator signs in from a new device or location',
),
)
),
array(
'id' => 'alertOn_nonAdminLogin',
'label' => 'Alert me when a non-admin user signs in',
'subs' => array(
array(
'id' => 'alertOn_firstNonAdminLoginOnly',
'label' => 'Only alert me when that user signs in from a new device or location',
),
)
),
array(
'id' => 'wafAlertOnAttacks',
'label' => 'Alert me when there\'s a large increase in attacks detected on my site',
),
);
foreach ($options as $o):
?>
<div class="wf-form-group">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?>></div>
<?php if (isset($o['help'])): ?>
<span class="wf-help-block"><?php echo $o['help']; ?></span>
<?php endif; ?>
</div>
</div>
<?php if (isset($o['subs'])): ?>
<?php foreach ($o['subs'] as $s): ?>
<div class="wf-form-group wf-sub-group">
<label for="<?php echo $s['id']; ?>" class="wf-col-sm-4 wf-col-sm-offset-1 wf-control-label"><?php echo $s['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $s['id']; ?>" class="wfConfigElem" name="<?php echo $s['id']; ?>" value="1" <?php $w->cb($s['id']); ?>></div>
<?php if (isset($s['help'])): ?>
<span class="wf-help-block"><?php echo $s['help']; ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
<?php
endforeach;
?>
<div class="wf-form-group">
<label for="alert_maxHourly" class="wf-col-sm-5 wf-control-label">Maximum email alerts to send per hour</label>
<div class="wf-col-sm-7">
<input type="text" id="alert_maxHourly" name="alert_maxHourly" class="wf-form-control" value="<?php $w->f( 'alert_maxHourly' ); ?>" size="4">
<span class="wf-help-block">0 or empty means unlimited alerts will be sent.</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerEmailSummary"></div>
<h3>Email Summary <a href="http://docs.wordfence.com/en/Wordfence_options#Email_Summary" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="email_summary_enabled" class="wf-col-sm-5 wf-control-label">Enable email summary</label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="email_summary_enabled" class="wfConfigElem" name="email_summary_enabled" value="1" <?php $w->cb('email_summary_enabled'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="email_summary_interval" class="wf-col-sm-5 wf-control-label">Email summary frequency</label>
<div class="wf-col-sm-7">
<select id="email_summary_interval" name="email_summary_interval" class="wf-form-control">
<option value="daily"<?php $w->sel( 'email_summary_interval', 'daily' ); ?>>Once a day</option>
<option value="weekly"<?php $w->sel( 'email_summary_interval', 'weekly' ); ?>>Once a week</option>
<option value="monthly"<?php $w->sel( 'email_summary_interval', 'monthly' ); ?>>Once a month</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="email_summary_excluded_directories" class="wf-col-sm-5 wf-control-label">Comma-separated list of directories to exclude from recently modified file list</label>
<div class="wf-col-sm-7">
<input type="text" id="email_summary_excluded_directories" name="email_summary_excluded_directories" class="wf-form-control" value="<?php $w->f( 'email_summary_excluded_directories' ); ?>">
</div>
</div>
<?php if ((defined('WP_DEBUG') && WP_DEBUG) || wfConfig::get('debugOn', 0)): ?>
<div class="wf-form-group">
<label for="email_summary_email_address_debug" class="wf-col-sm-5 wf-control-label">Send test email</label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<input type="email" id="email_summary_email_address_debug" class="wf-form-control">
<a class="wf-btn wf-btn-sm wf-btn-default" href="javascript:void(0);" onclick="WFAD.ajax('wordfence_email_summary_email_address_debug', {email: jQuery('#email_summary_email_address_debug').val()});">Send Email</a>
</div>
</div>
</div>
<?php endif; ?>
<div class="wf-form-group">
<label for="email_summary_dashboard_widget_enabled" class="wf-col-sm-5 wf-control-label">Enable activity report widget on dashboard</label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="email_summary_dashboard_widget_enabled" class="wfConfigElem" name="email_summary_dashboard_widget_enabled" value="1" <?php $w->cb('email_summary_dashboard_widget_enabled'); ?>></div>
</div>
</div>
<div class="wfMarker" id="wfMarkerLiveTrafficOptions"></div>
<h3>Live Traffic View <a href="http://docs.wordfence.com/en/Wordfence_options#Live_Traffic_View" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="liveTraf_ignorePublishers" class="wf-col-sm-5 wf-control-label">Don't log signed-in users with publishing access</label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="liveTraf_ignorePublishers" class="wfConfigElem" name="liveTraf_ignorePublishers" value="1" <?php $w->cb('liveTraf_ignorePublishers'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_ignoreUsers" class="wf-col-sm-5 wf-control-label">List of comma separated usernames to ignore</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_ignoreUsers" name="liveTraf_ignoreUsers" class="wf-form-control" value="<?php $w->f( 'liveTraf_ignoreUsers' ); ?>">
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_ignoreIPs" class="wf-col-sm-5 wf-control-label">List of comma separated IP addresses to ignore</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_ignoreIPs" name="liveTraf_ignoreIPs" class="wf-form-control" value="<?php $w->f( 'liveTraf_ignoreIPs' ); ?>">
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_ignoreUA" class="wf-col-sm-5 wf-control-label">Browser user-agent to ignore</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_ignoreUA" name="liveTraf_ignoreUA" class="wf-form-control" value="<?php $w->f( 'liveTraf_ignoreUA' ); ?>">
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_maxRows" class="wf-col-sm-5 wf-control-label">Amount of Live Traffic data to store (number of rows)</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_maxRows" name="liveTraf_maxRows" class="wf-form-control" value="<?php $w->f( 'liveTraf_maxRows' ); ?>">
</div>
</div>
<div class="wfMarker" id="wfMarkerScansToInclude"></div>
<h3>Scans to include <a href="http://docs.wordfence.com/en/Wordfence_options#Scans_to_Include" target="_blank" class="wfhelp"></a></h3>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'scansEnabled_public',
'label' => 'Scan public facing site for vulnerabilities <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site" target="_blank" class="wfhelp"></a>',
'premium' => true,
),
array(
'id' => 'scansEnabled_checkHowGetIPs',
'label' => 'Scan for misconfigured How does Wordfence get IPs <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_misconfigured_How_does_Wordfence_get_IPs" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_heartbleed',
'label' => 'Scan for the HeartBleed vulnerability <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_the_HeartBleed_vulnerability" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_checkReadableConfig',
'label' => 'Scan for publicly accessible configuration, backup, or log files <a href="http://docs.wordfence.com/en/Wordfence_options#Configuration_Readable" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_suspectedFiles',
'label' => 'Scan for publicly accessible quarantined files <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_publicly_accessible_quarantined_files" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_core',
'label' => 'Scan core files against repository versions for changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_core_files_against_repository_version_for_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_themes',
'label' => 'Scan theme files against repository versions for changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_theme_files_against_repository_versions_for_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_plugins',
'label' => 'Scan plugin files against repository versions for changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_plugin_files_against_repository_versions_for_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_coreUnknown',
'label' => 'Scan wp-admin and wp-includes for files not bundled with WordPress <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_wordpress_core_for_unknown_files" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_malware',
'label' => 'Scan for signatures of known malicious files <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_signatures_of_known_malicious_files" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_fileContents',
'label' => 'Scan file contents for backdoors, trojans and suspicious code <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_file_contents_for_backdoors.2C_trojans_and_suspicious_code" target="_blank" class="wfhelp"></a>',
'help' => '<a href="#add-more-rules" class="do-show" data-selector="#scan_include_extra">+ Add additional signatures</a>',
'subs' => array(
array(
'html' => '
<div class="wf-form-group wf-sub-group hidden" id="scan_include_extra">
<label for="scan_include_extra_field" class="wf-col-sm-4 wf-col-sm-offset-1 wf-control-label">Additional scan signatures</label>
<div class="wf-col-sm-7">
<textarea class="wf-form-control" rows="4" name="scan_include_extra" id="scan_include_extra_field">' . $w->getHTML('scan_include_extra') . '</textarea>
</div>
</div>
'
),
),
),
array(
'id' => 'scansEnabled_posts',
'label' => 'Scan posts for known dangerous URLs and suspicious content <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_posts_for_known_dangerous_URLs_and_suspicious_content" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_comments',
'label' => 'Scan comments for known dangerous URLs and suspicious content <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_comments_for_known_dangerous_URLs_and_suspicious_content" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_oldVersions',
'label' => 'Scan for out of date plugins, themes and WordPress versions <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_out_of_date_plugins.2C_themes_and_WordPress_versions" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_suspiciousAdminUsers',
'label' => 'Scan for admin users created outside of WordPress <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_admin_users_created_outside_of_WordPress" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_passwds',
'label' => 'Check the strength of passwords <a href="http://docs.wordfence.com/en/Wordfence_options#Check_the_strength_of_passwords" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_diskSpace',
'label' => 'Monitor disk space<a href="http://docs.wordfence.com/en/Wordfence_options#Monitor_disk_space" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_dns',
'label' => 'Scan for unauthorized DNS changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_unauthorized_DNS_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_scanOutside',
'label' => 'Scan files outside your WordPress installation <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_files_outside_your_WordPress_installation" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_scanImages',
'label' => 'Scan images, binary, and other files as if they were executable <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_image_files_as_if_they_were_executable" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_highSense',
'label' => 'Enable HIGH SENSITIVITY scanning (may give false positives) <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_HIGH_SENSITIVITY_scanning" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'lowResourceScansEnabled',
'label' => 'Use low resource scanning (reduces server load by lengthening the scan duration) <a href="http://docs.wordfence.com/en/Wordfence_options#Use_low_resource_scanning" target="_blank" class="wfhelp"></a>',
),
);
foreach ($options as $o):
?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?> <?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo 'disabled'; } ?>></div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php if (isset($o['subs'])): ?>
<?php foreach ($o['subs'] as $s): ?>
<?php if (isset($s['html'])): ?>
<?php echo $s['html']; ?>
<?php else: ?>
<div class="wf-form-group wf-sub-group">
<label for="<?php echo $s['id']; ?>" class="wf-col-sm-4 wf-col-sm-offset-1 wf-control-label"><?php echo $s['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $s['id']; ?>" class="wfConfigElem" name="<?php echo $s['id']; ?>" value="1" <?php $w->cb($s['id']); ?>></div>
<?php if (isset($s['help'])): ?>
<span class="wf-help-block"><?php echo $s['help']; ?></span>
<?php endif; ?>
</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
<?php endif; ?>
<?php
endforeach;
?>
<div class="wf-form-group">
<label for="scan_exclude" class="wf-col-sm-5 wf-control-label">Exclude files from scan that match these wildcard patterns (one per line) <a href="http://docs.wordfence.com/en/Wordfence_options#Exclude_files_from_scan_that_match_these_wildcard_patterns." target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="scan_exclude" class="wf-form-control" rows="4" name="scan_exclude"><?php echo wfUtils::cleanupOneEntryPerLine($w->getHTML( 'scan_exclude' )); ?></textarea>
</div>
</div>
<div class="wf-form-group">
<label for="scan_maxIssues" class="wf-col-sm-5 wf-control-label">Limit the number of issues sent in the scan results email <a href="https://docs.wordfence.com/en/Wordfence_options#Limit_the_number_of_issues_sent_in_the_scan_results_email" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="scan_maxIssues" id="scan_maxIssues" value="<?php $w->f( 'scan_maxIssues' ); ?>">
<span class="wf-help-block">0 or empty means unlimited issues will be sent.</span>
</div>
</div>
<div class="wf-form-group">
<label for="scan_maxDuration" class="wf-col-sm-5 wf-control-label">Time limit that a scan can run in seconds <a href="http://docs.wordfence.com/en/Wordfence_options#Time_limit_that_a_scan_can_run_in_seconds" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="scan_maxDuration" id="scan_maxDuration" value="<?php $w->f( 'scan_maxDuration' ); ?>">
<span class="wf-help-block">0 or empty means the default of <?php echo wfUtils::makeDuration(WORDFENCE_DEFAULT_MAX_SCAN_TIME); ?> will be used.</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerFirewallRules"></div>
<h3>Rate Limiting Rules <a href="http://docs.wordfence.com/en/Wordfence_options#Rate_Limiting_Rules" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="blockFakeBots" class="wf-col-sm-5 wf-control-label">Immediately block fake Google crawlers <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_fake_Google_crawlers:" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="blockFakeBots" name="blockFakeBots" value="1" <?php $w->cb('blockFakeBots'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="neverBlockBG" class="wf-col-sm-5 wf-control-label">How should we treat Google's crawlers <a href="http://docs.wordfence.com/en/Wordfence_options#How_should_we_treat_Google.27s_crawlers" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="neverBlockBG" class="wf-form-control" name="neverBlockBG">
<option value="neverBlockVerified"<?php $w->sel( 'neverBlockBG', 'neverBlockVerified' ); ?>>Verified Google crawlers have unlimited access to this site</option>
<option value="neverBlockUA"<?php $w->sel( 'neverBlockBG', 'neverBlockUA' ); ?>>Anyone claiming to be Google has unlimited access</option>
<option value="treatAsOtherCrawlers"<?php $w->sel( 'neverBlockBG', 'treatAsOtherCrawlers' ); ?>>Treat Google like any other Crawler</option>
</select>
</div>
</div>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'maxGlobalRequests',
'label' => 'If anyone\'s requests exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_anyone.27s_requests_exceed:" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'maxRequestsCrawlers',
'label' => 'If a crawler\'s page views exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_page_views_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'max404Crawlers',
'label' => 'If a crawler\'s pages not found (404s) exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_pages_not_found_.28404s.29_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'maxRequestsHumans',
'label' => 'If a human\'s page views exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_page_views_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'max404Humans',
'label' => 'If a human\'s pages not found (404s) exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_pages_not_found_.28404s.29_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'maxScanHits',
'label' => 'If 404s for known vulnerable URLs exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_404.27s_for_known_vulnerable_URL.27s_exceed" target="_blank" class="wfhelp"></a>',
),
);
foreach ($options as $o): ?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<select class="wf-form-control" id="<?php echo $o['id']; ?>" name="<?php echo $o['id']; ?>">
<option value="DISABLED"<?php $w->sel($o['id'], 'DISABLED'); ?>>Unlimited</option>
<option value="1"<?php $w->sel($o['id'], '1'); ?>>1 per minute</option>
<option value="2"<?php $w->sel($o['id'], '2'); ?>>2 per minute</option>
<option value="3"<?php $w->sel($o['id'], '3'); ?>>3 per minute</option>
<option value="4"<?php $w->sel($o['id'], '4'); ?>>4 per minute</option>
<option value="5"<?php $w->sel($o['id'], '5'); ?>>5 per minute</option>
<option value="10"<?php $w->sel($o['id'], '10'); ?>>10 per minute</option>
<option value="15"<?php $w->sel($o['id'], '15'); ?>>15 per minute</option>
<option value="30"<?php $w->sel($o['id'], '30'); ?>>30 per minute</option>
<option value="60"<?php $w->sel($o['id'], '60'); ?>>60 per minute</option>
<option value="120"<?php $w->sel($o['id'], '120'); ?>>120 per minute</option>
<option value="240"<?php $w->sel($o['id'], '240'); ?>>240 per minute</option>
<option value="480"<?php $w->sel($o['id'], '480'); ?>>480 per minute</option>
<option value="960"<?php $w->sel($o['id'], '960'); ?>>960 per minute</option>
<option value="1920"<?php $w->sel($o['id'], '1920'); ?>>1920 per minute</option>
</select>
<p class="wf-form-control-static">then</p>
<select class="wf-form-control" id="<?php echo $o['id']; ?>_action" name="<?php echo $o['id']; ?>_action">
<option value="throttle"<?php $w->sel($o['id'] . '_action', 'throttle'); ?>>throttle it</option>
<option value="block"<?php $w->sel($o['id'] . '_action', 'block'); ?>>block it</option>
</select>
</div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<div class="wf-form-group">
<label for="blockedTime" class="wf-col-sm-5 wf-control-label">How long is an IP address blocked when it breaks a rule <a href="http://docs.wordfence.com/en/Wordfence_options#How_long_is_an_IP_address_blocked_when_it_breaks_a_rule" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="blockedTime" class="wf-form-control" name="blockedTime">
<option value="60"<?php $w->sel( 'blockedTime', '60' ); ?>>1 minute</option>
<option value="300"<?php $w->sel( 'blockedTime', '300' ); ?>>5 minutes</option>
<option value="1800"<?php $w->sel( 'blockedTime', '1800' ); ?>>30 minutes</option>
<option value="3600"<?php $w->sel( 'blockedTime', '3600' ); ?>>1 hour</option>
<option value="7200"<?php $w->sel( 'blockedTime', '7200' ); ?>>2 hours</option>
<option value="21600"<?php $w->sel( 'blockedTime', '21600' ); ?>>6 hours</option>
<option value="43200"<?php $w->sel( 'blockedTime', '43200' ); ?>>12 hours</option>
<option value="86400"<?php $w->sel( 'blockedTime', '86400' ); ?>>1 day</option>
<option value="172800"<?php $w->sel( 'blockedTime', '172800' ); ?>>2 days</option>
<option value="432000"<?php $w->sel( 'blockedTime', '432000' ); ?>>5 days</option>
<option value="864000"<?php $w->sel( 'blockedTime', '864000' ); ?>>10 days</option>
<option value="2592000"<?php $w->sel( 'blockedTime', '2592000' ); ?>>1 month</option>
</select>
</div>
</div>
<div class="wfMarker" id="wfMarkerLoginSecurity"></div>
<h3>Login Security Options <a href="http://docs.wordfence.com/en/Wordfence_options#Login_Security_Options" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="blockedTime" class="wf-col-sm-5 wf-control-label">Enforce strong passwords <a href="http://docs.wordfence.com/en/Wordfence_options#Enforce_strong_passwords.3F" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select class="wf-form-control" id="loginSec_strongPasswds" name="loginSec_strongPasswds">
<option value="">Do not force users to use strong passwords</option>
<option value="pubs"<?php $w->sel( 'loginSec_strongPasswds', 'pubs' ); ?>>Force admins and publishers to use strong passwords (recommended)</option>
<option value="all"<?php $w->sel( 'loginSec_strongPasswds', 'all' ); ?>>Force all members to use strong passwords</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_maxFailures" class="wf-col-sm-5 wf-control-label">Lock out after how many login failures <a href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_login_failures" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_maxFailures" class="wf-form-control" name="loginSec_maxFailures">
<option value="1"<?php $w->sel( 'loginSec_maxFailures', '1' ); ?>>1</option>
<option value="2"<?php $w->sel( 'loginSec_maxFailures', '2' ); ?>>2</option>
<option value="3"<?php $w->sel( 'loginSec_maxFailures', '3' ); ?>>3</option>
<option value="4"<?php $w->sel( 'loginSec_maxFailures', '4' ); ?>>4</option>
<option value="5"<?php $w->sel( 'loginSec_maxFailures', '5' ); ?>>5</option>
<option value="6"<?php $w->sel( 'loginSec_maxFailures', '6' ); ?>>6</option>
<option value="7"<?php $w->sel( 'loginSec_maxFailures', '7' ); ?>>7</option>
<option value="8"<?php $w->sel( 'loginSec_maxFailures', '8' ); ?>>8</option>
<option value="9"<?php $w->sel( 'loginSec_maxFailures', '9' ); ?>>9</option>
<option value="10"<?php $w->sel( 'loginSec_maxFailures', '10' ); ?>>10</option>
<option value="20"<?php $w->sel( 'loginSec_maxFailures', '20' ); ?>>20</option>
<option value="30"<?php $w->sel( 'loginSec_maxFailures', '30' ); ?>>30</option>
<option value="40"<?php $w->sel( 'loginSec_maxFailures', '40' ); ?>>40</option>
<option value="50"<?php $w->sel( 'loginSec_maxFailures', '50' ); ?>>50</option>
<option value="100"<?php $w->sel( 'loginSec_maxFailures', '100' ); ?>>100</option>
<option value="200"<?php $w->sel( 'loginSec_maxFailures', '200' ); ?>>200</option>
<option value="500"<?php $w->sel( 'loginSec_maxFailures', '500' ); ?>>500</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_maxForgotPasswd" class="wf-col-sm-5 wf-control-label">Lock out after how many forgot password attempts <a href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_forgot_password_attempts" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_maxForgotPasswd" class="wf-form-control" name="loginSec_maxForgotPasswd">
<option value="1"<?php $w->sel( 'loginSec_maxForgotPasswd', '1' ); ?>>1</option>
<option value="2"<?php $w->sel( 'loginSec_maxForgotPasswd', '2' ); ?>>2</option>
<option value="3"<?php $w->sel( 'loginSec_maxForgotPasswd', '3' ); ?>>3</option>
<option value="4"<?php $w->sel( 'loginSec_maxForgotPasswd', '4' ); ?>>4</option>
<option value="5"<?php $w->sel( 'loginSec_maxForgotPasswd', '5' ); ?>>5</option>
<option value="6"<?php $w->sel( 'loginSec_maxForgotPasswd', '6' ); ?>>6</option>
<option value="7"<?php $w->sel( 'loginSec_maxForgotPasswd', '7' ); ?>>7</option>
<option value="8"<?php $w->sel( 'loginSec_maxForgotPasswd', '8' ); ?>>8</option>
<option value="9"<?php $w->sel( 'loginSec_maxForgotPasswd', '9' ); ?>>9</option>
<option value="10"<?php $w->sel( 'loginSec_maxForgotPasswd', '10' ); ?>>10</option>
<option value="20"<?php $w->sel( 'loginSec_maxForgotPasswd', '20' ); ?>>20</option>
<option value="30"<?php $w->sel( 'loginSec_maxForgotPasswd', '30' ); ?>>30</option>
<option value="40"<?php $w->sel( 'loginSec_maxForgotPasswd', '40' ); ?>>40</option>
<option value="50"<?php $w->sel( 'loginSec_maxForgotPasswd', '50' ); ?>>50</option>
<option value="100"<?php $w->sel( 'loginSec_maxForgotPasswd', '100' ); ?>>100</option>
<option value="200"<?php $w->sel( 'loginSec_maxForgotPasswd', '200' ); ?>>200</option>
<option value="500"<?php $w->sel( 'loginSec_maxForgotPasswd', '500' ); ?>>500</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_countFailMins" class="wf-col-sm-5 wf-control-label">Count failures over what time period <a href="http://docs.wordfence.com/en/Wordfence_options#Count_failures_over_what_time_period" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_countFailMins" class="wf-form-control" name="loginSec_countFailMins">
<option value="5"<?php $w->sel( 'loginSec_countFailMins', '5' ); ?>>5 minutes</option>
<option value="10"<?php $w->sel( 'loginSec_countFailMins', '10' ); ?>>10 minutes</option>
<option value="30"<?php $w->sel( 'loginSec_countFailMins', '30' ); ?>>30 minutes</option>
<option value="60"<?php $w->sel( 'loginSec_countFailMins', '60' ); ?>>1 hour</option>
<option value="120"<?php $w->sel( 'loginSec_countFailMins', '120' ); ?>>2 hours</option>
<option value="360"<?php $w->sel( 'loginSec_countFailMins', '360' ); ?>>6 hours</option>
<option value="720"<?php $w->sel( 'loginSec_countFailMins', '720' ); ?>>12 hours</option>
<option value="1440"<?php $w->sel( 'loginSec_countFailMins', '1440' ); ?>>1 day</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_lockoutMins" class="wf-col-sm-5 wf-control-label">Amount of time a user is locked out <a href="http://docs.wordfence.com/en/Wordfence_options#Amount_of_time_a_user_is_locked_out" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_lockoutMins" class="wf-form-control" name="loginSec_lockoutMins">
<option value="5"<?php $w->sel( 'loginSec_lockoutMins', '5' ); ?>>5 minutes</option>
<option value="10"<?php $w->sel( 'loginSec_lockoutMins', '10' ); ?>>10 minutes</option>
<option value="30"<?php $w->sel( 'loginSec_lockoutMins', '30' ); ?>>30 minutes</option>
<option value="60"<?php $w->sel( 'loginSec_lockoutMins', '60' ); ?>>1 hour</option>
<option value="120"<?php $w->sel( 'loginSec_lockoutMins', '120' ); ?>>2 hours</option>
<option value="360"<?php $w->sel( 'loginSec_lockoutMins', '360' ); ?>>6 hours</option>
<option value="720"<?php $w->sel( 'loginSec_lockoutMins', '720' ); ?>>12 hours</option>
<option value="1440"<?php $w->sel( 'loginSec_lockoutMins', '1440' ); ?>>1 day</option>
<option value="2880"<?php $w->sel( 'loginSec_lockoutMins', '2880' ); ?>>2 days</option>
<option value="7200"<?php $w->sel( 'loginSec_lockoutMins', '7200' ); ?>>5 days</option>
<option value="14400"<?php $w->sel( 'loginSec_lockoutMins', '14400' ); ?>>10 days</option>
<option value="28800"<?php $w->sel( 'loginSec_lockoutMins', '28800' ); ?>>20 days</option>
<option value="43200"<?php $w->sel( 'loginSec_lockoutMins', '43200' ); ?>>30 days</option>
<option value="86400"<?php $w->sel( 'loginSec_lockoutMins', '86400' ); ?>>60 days</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_lockInvalidUsers" class="wf-col-sm-5 wf-control-label">Immediately lock out invalid usernames <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_lock_out_invalid_usernames" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_lockInvalidUsers" name="loginSec_lockInvalidUsers" value="1" <?php $w->cb('loginSec_lockInvalidUsers'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_maskLoginErrors" class="wf-col-sm-5 wf-control-label">Don't let WordPress reveal valid users in login errors <a href="http://docs.wordfence.com/en/Wordfence_options#Don.27t_let_WordPress_reveal_valid_users_in_login_errors" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_maskLoginErrors" name="loginSec_maskLoginErrors" value="1" <?php $w->cb('loginSec_maskLoginErrors'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_blockAdminReg" class="wf-col-sm-5 wf-control-label">Prevent users registering 'admin' username if it doesn't exist <a href="http://docs.wordfence.com/en/Wordfence_options#Prevent_users_registering_.27admin.27_username_if_it_doesn.27t_exist" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_blockAdminReg" name="loginSec_blockAdminReg" value="1" <?php $w->cb('loginSec_blockAdminReg'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_disableAuthorScan" class="wf-col-sm-5 wf-control-label">Prevent discovery of usernames through '/?author=N' scans, the oEmbed API, and the WordPress REST API <a href="http://docs.wordfence.com/en/Wordfence_options#Prevent_discovery_of_usernames_through_.27.3F.2Fauthor.3DN.27_scans" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_disableAuthorScan" name="loginSec_disableAuthorScan" value="1" <?php $w->cb('loginSec_disableAuthorScan'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_userBlacklist" class="wf-col-sm-5 wf-control-label">Immediately block the IP of users who try to sign in as these usernames <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_the_IP_of_users_who_try_to_sign_in_as_these_usernames" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="loginSec_userBlacklist" class="wf-form-control" rows="4" name="loginSec_userBlacklist"><?php echo wfUtils::cleanupOneEntryPerLine($w->getHTML( 'loginSec_userBlacklist' )); ?></textarea>
<span class="wf-help-block">(One per line. Existing users won't be blocked.)</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerOtherOptions"></div>
<h3>Other Options <a href="http://docs.wordfence.com/en/Wordfence_options#Other_Options" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="whitelisted" class="wf-col-sm-5 wf-control-label">Whitelisted IP addresses that bypass all rules <a href="http://docs.wordfence.com/en/Wordfence_options#Whitelisted_IP_addresses_that_bypass_all_rules" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="whitelisted" class="wf-form-control" rows="4" name="whitelisted"><?php echo esc_html(preg_replace('/,/', "\n", $w->get('whitelisted'))); ?></textarea>
<span class="wf-help-block">Whitelisted IPs must be separated by commas or placed on separate lines. You can specify ranges using the following format: 123.23.34.[1-50]<br/>Wordfence automatically whitelists <a href="http://en.wikipedia.org/wiki/Private_network" target="_blank">private networks</a> because these are not routable on the public Internet.</span>
</div>
</div>
<div class="wf-form-group">
<label for="bannedURLs" class="wf-col-sm-5 wf-control-label">Immediately block IPs that access these URLs <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_IP.27s_that_access_these_URLs" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="bannedURLs" class="wf-form-control" rows="4" name="bannedURLs"><?php echo esc_html(preg_replace('/,/', "\n", $w->get('bannedURLs'))); ?></textarea>
<span class="wf-help-block">Separate multiple URLs with commas or place them on separate lines. Asterisks are wildcards, but use with care. If you see an attacker repeatedly probing your site for a known vulnerability you can use this to immediately block them. All URLs must start with a '/' without quotes and must be relative. e.g. /badURLone/, /bannedPage.html, /dont-access/this/URL/, /starts/with-*</span>
</div>
</div>
<div class="wf-form-group">
<label for="allowed404s" class="wf-col-sm-5 wf-control-label">Whitelisted 404 URLs (one per line) <a href="http://docs.wordfence.com/en/Wordfence_options#Whitelisted_404_URLs" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="allowed404s" class="wf-form-control" rows="4" name="allowed404s"><?php echo $w->getHTML( 'allowed404s' ); ?></textarea>
<span class="wf-help-block">These URL patterns will be excluded from the throttling rules used to limit crawlers.</span>
</div>
</div>
<div class="wf-form-group">
<label for="wafAlertWhitelist" class="wf-col-sm-5 wf-control-label">Ignored IP addresses for Wordfence Web Application Firewall alerting</label>
<div class="wf-col-sm-7">
<textarea id="wafAlertWhitelist" class="wf-form-control" rows="4" name="wafAlertWhitelist"><?php echo esc_html(preg_replace('/,/', "\n", $w->get('wafAlertWhitelist'))); ?></textarea>
<span class="wf-help-block">Ignored IPs must be separated by commas or placed on separate lines. These addresses will be ignored from any alerts about increased attacks and can be used to ignore things like standalone website security scanners.</span>
</div>
</div>
<div class="wf-form-group hidden">
<label for="wafAlertThreshold" class="wf-col-sm-5 wf-control-label">Minimum number of blocked attacks before sending an alert</label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="wafAlertThreshold" id="wafAlertThreshold" value="<?php $w->f( 'wafAlertThreshold' ); ?>">
</div>
</div>
<div class="wf-form-group hidden">
<label for="wafAlertInterval" class="wf-col-sm-5 wf-control-label">Number of seconds to count the attacks over</label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="wafAlertInterval" id="wafAlertInterval" value="<?php $w->f( 'wafAlertInterval' ); ?>">
</div>
</div>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'other_hideWPVersion',
'label' => 'Hide WordPress version <a href="http://docs.wordfence.com/en/Wordfence_options#Hide_WordPress_version" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'showAdminBarMenu',
'label' => 'Show admin bar menu for administrators',
'hidden' => true,
),
array(
'id' => 'other_blockBadPOST',
'label' => 'Block IPs who send POST requests with blank User-Agent and Referer <a href="http://docs.wordfence.com/en/Wordfence_options#Block_IP.27s_who_send_POST_requests_with_blank_User-Agent_and_Referer" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_noAnonMemberComments',
'label' => 'Hold anonymous comments using member emails for moderation <a href="http://docs.wordfence.com/en/Wordfence_options#Hold_anonymous_comments_using_member_emails_for_moderation" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_scanComments',
'label' => 'Filter comments for malware and phishing URLs <a href="http://docs.wordfence.com/en/Wordfence_options#Filter_comments_for_malware_and_phishing_URL.27s" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_pwStrengthOnUpdate',
'label' => 'Check password strength on profile update <a href="http://docs.wordfence.com/en/Wordfence_options#Check_password_strength_on_profile_update" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_WFNet',
'label' => 'Participate in the Real-Time WordPress Security Network <a href="http://docs.wordfence.com/en/Wordfence_options#Participate_in_the_Real-Time_WordPress_Security_Network" target="_blank" class="wfhelp"></a>',
),
);
foreach ($options as $o):
?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?> <?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo 'disabled'; } ?>></div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<div class="wf-form-group">
<label for="maxMem" class="wf-col-sm-5 wf-control-label">How much memory should Wordfence request when scanning <a href="http://docs.wordfence.com/en/Wordfence_options#How_much_memory_should_Wordfence_request_when_scanning" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<input type="text" class="wf-form-control" name="maxMem" id="maxMem" value="<?php $w->f( 'maxMem' ); ?>">
<p class="wf-form-control-static">Megabytes</p>
</div>
</div>
</div>
<div class="wf-form-group">
<label for="maxExecutionTime" class="wf-col-sm-5 wf-control-label">Maximum execution time for each scan stage <a href="http://docs.wordfence.com/en/Wordfence_options#Maximum_execution_time_for_each_scan_stage" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="maxExecutionTime" id="maxExecutionTime" value="<?php $w->f( 'maxExecutionTime' ); ?>">
<span class="wf-help-block">Blank for default. Must be greater than 9.</span>
</div>
</div>
<div class="wf-form-group">
<label for="actUpdateInterval" class="wf-col-sm-5 wf-control-label">Update interval in seconds (2 is default) <a href="http://docs.wordfence.com/en/Wordfence_options#Update_interval_in_seconds" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="actUpdateInterval" id="actUpdateInterval" value="<?php $w->f( 'actUpdateInterval' ); ?>">
<span class="wf-help-block">Setting higher will reduce browser traffic but slow scan starts, live traffic & status updates.</span>
</div>
</div>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'deleteTablesOnDeact',
'label' => 'Delete Wordfence tables and data on deactivation <a href="http://docs.wordfence.com/en/Wordfence_options#Delete_Wordfence_tables_and_data_on_deactivation.3F" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'disableCookies',
'label' => 'Disable Wordfence Cookies <a href="http://docs.wordfence.com/en/Wordfence_options#Disable_Wordfence_Cookies" target="_blank" class="wfhelp"></a>',
'help' => 'When enabled, all visits in live traffic will appear to be new visits.',
),
array(
'id' => 'disableCodeExecutionUploads',
'label' => 'Disable Code Execution for Uploads directory <a href="http://docs.wordfence.com/en/Wordfence_options#Disable_Code_Execution_for_Uploads_directory" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'ajaxWatcherDisabled_front',
'label' => 'Monitor Front-end Background Requests for False Positives',
'hidden' => true,
),
array(
'id' => 'ajaxWatcherDisabled_admin',
'label' => 'Monitor Admin Panel Background Requests for False Positives',
'hidden' => true,
),
array(
'id' => 'disableWAFIPBlocking',
'label' => 'Delay IP and Country blocking until after WordPress and plugins have loaded (only process firewall rules early)',
'hidden' => true,
),
);
foreach ($options as $o):
?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?> <?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo 'disabled'; } ?>></div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<div class="wfMarker" id="wfMarkerExportOptions"></div>
<h3>Exporting and Importing Wordfence Settings <a href="http://docs.wordfence.com/en/Wordfence_options#Exporting_and_Importing_Wordfence_Settings" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="exportSettingsBut" class="wf-col-sm-5 wf-control-label">Export this site's Wordfence settings for import on another site</label>
<div class="wf-col-sm-7">
<input type="button" class="wf-btn wf-btn-sm wf-btn-default" id="exportSettingsBut" value="Export Wordfence Settings" onclick="WFAD.exportSettings(); return false;">
</div>
</div>
<div class="wf-form-group">
<label for="importToken" class="wf-col-sm-5 wf-control-label">Import Wordfence settings from another site using a token</label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<input type="text" class="wf-form-control" id="importToken">
<input type="button" class="wf-btn wf-btn-sm wf-btn-default" name="importSettingsButton" value="Import Settings" onclick="WFAD.importSettings(jQuery('#importToken').val()); return false;">
</div>
</div>
</div>
<div class="wf-form-group">
<div class="wf-col-sm-7 wf-col-sm-offset-5">
<a class="wf-btn wf-btn-primary wf-btn-callout" href="#" onclick="WFAD.saveConfig(); return false;">Save Options</a> <div class="wfAjax24"></div><span class="wfSavedMsg"> Your changes have been saved!</span>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
<script type="application/javascript">
(function($) {
$(document).on('ready', function() {
if (window.location.hash) {
var hashes = window.location.hash.split('#');
var animatedOnce = false;
for (var i = 0; i < hashes.length; i++) {
var hash = hashes[i];
if (/^focus-/.test(hash)) {
var elementID = hash.replace('focus-', '');
var wrapper = $('#' + elementID).closest('.wf-form-group');
wrapper.addClass('wf-focus');
if (!animatedOnce) {
$('html, body').animate({
scrollTop: wrapper.offset().top - 100
}, 1000);
animatedOnce = true;
}
}
}
}
});
})(jQuery);
</script>
<script type="text/x-jquery-template" id="wfContentBasicOptions">
<div>
<h3>Basic Options</h3>
<p>
Using Wordfence is simple. Install Wordfence, enter an email address on this page to send alerts to, and
then do your first scan and work through the security alerts we provide.
We give you a few basic security levels to choose from, depending on your needs. Remember to hit the "Save"
button to save any changes you make.
</p>
<p>
If you use the free edition of Wordfence, you don't need to worry about entering an API key in the "API Key"
field above. One is automatically created for you. If you choose to <a
href="https://www.wordfence.com/gnl1optUpg1/wordfence-signup/" target="_blank">upgrade to Wordfence Premium
edition</a>, you will receive an API key. You will need to copy and paste that key into the "API Key"
field above and hit "Save" to activate your key.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentLiveTrafficOptions">
<div>
<h3>Live Traffic Options</h3>
<p>
These options let you ignore certain types of visitors, based on their level of access, usernames, IP
address or browser type.
If you run a very high traffic website where it is not feasible to see your visitors in real-time, simply
un-check the live traffic option and nothing will be written to the Wordfence tracking tables.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentScansToInclude">
<div>
<h3>Scans to Include</h3>
<p>
This section gives you the ability to fine-tune what we scan.
If you use many themes or plugins from the public WordPress directory we recommend you
enable theme and plugin scanning. This will verify the integrity of all these themes and plugins and alert
you of any changes.
<p>
<p>
The option to "scan files outside your WordPress installation" will cause Wordfence to do a much wider
security scan
that is not limited to your base WordPress directory and known WordPress subdirectories. This scan may take
longer
but can be very useful if you have other infected files outside this WordPress installation that you would
like us to look for.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentFirewallRules">
<div>
<h3>Rate Limiting Rules</h3>
<p>
<strong>NOTE:</strong> Before modifying these rules, make sure you have access to the email address
associated with this site's administrator account. If you accidentally lock yourself out, you will be given
the option
to enter that email address and receive an "unlock email" which will allow you to regain access.
</p>
<p>
<strong>Tips:</strong>
<p>• If you choose to limit the rate at which your site can be accessed, you need to customize the
settings for your site.</p>
<p>• If your users usually skip quickly between pages, you should set the values for human visitors to be
high.</p>
<p>• If you are aggressively crawled by non-Google crawlers like Baidu, you should set the page view limit
for crawlers to a high value.</p>
<p>• If you are currently under attack and want to aggressively protect your site or your content, you can
set low values for most options.</p>
<p>• In general we recommend you don't block fake Google crawlers unless you have a specific problem with
someone stealing your content.</p>
<p>
Remember that as long as you have your administrator email set correctly in this site's user administration,
and you are able to receive email at that address,
you will be able to regain access if you are accidentally locked out because your rules are too strict.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentLoginSecurity">
<div>
<h3>Login Security</h3>
<p>
We have found that real brute force login attacks make hundreds or thousands of requests trying to guess
passwords or user login names.
So in general you can leave the number of failed logins before a user is locked out as a fairly high number.
We have found that blocking after 20 failed attempts is sufficient for most sites and it allows your real
site users enough
attempts to guess their forgotten passwords without getting locked out.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentOtherOptions">
<div>
<h3>Other Options</h3>
<p>
We have worked hard to make Wordfence memory efficient and much of the heavy lifting is done for your site
by our cloud scanning servers in our Seattle data center.
On most sites Wordfence will only use about 8 megabytes of additional memory when doing a scan, even if you
have large files or a large number of files.
You should not have to adjust the maximum memory that Wordfence can use, but we have provided the option.
Remember that this does not affect the actual memory usage of Wordfence, simply the maximum Wordfence can
use if it needs to.
</p>
<p>
You may find debugging mode helpful if Wordfence is not able to start a scan on your site or
if you are experiencing some other problem. Enable debugging by checking the box, save your options
and then try to do a scan. You will notice a lot more output on the "Scan" page.
</p>
<p>
If you decide to permanently remove Wordfence, you can choose the option to delete all data on deactivation.
We also provide helpful links at the bottom of this page which lets you see your systems configuration and
test how
much memory your host really allows you to use.
</p>
<p>
Thanks for completing this tour and I'm very happy to have you as our newest Wordfence customer. Don't
forget to <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">rate us 5 stars if you
love Wordfence</a>.<br/>
<br/>
<strong>Mark Maunder</strong> - Wordfence Creator.
</p>
</div>
</script>