WebDefender Security – Protection & AntiSpam

Описание

A Professional Security Protection Plugin for WP

The WebDefender was developed by a team of security experts and it incorporates professional security tools for the best all around WordPress website protection and prevention of threats. Includes GDPR compline module.

  • Smart Protection / Website Hide Function (Prevent Hacker Attack / Security) / Anti-Spam Protection / Brute Force Bot Attack Prevention / Smart Firewall
  • Detection / Antivirus Scanner / Database Malware / Adware, Spyware, Spam Links
  • Diagnostic / Vulnerabilities Detection / Blacklist Monitoring
  • Built-in Malware Removal Tool / Security Cleaning Tool
  • Security Hardening / Hosting Hardening Check / Automatic Updating Function
  • GDPR Tools / GDPR Compliance Function

All of these solution make the WebDefender one of the best all around security protection tools for your WordPress resource.

The WebDefender offers the following tools and protection measures

Primary Protection Function

Website Hide function that hides your WP site from crawlers spiders and bots.

  • Hides website from bots, hides the core WP website components, plugins and themes.
  • Fully automatic encryption of your website components.
  • Coding website without use of the .htaccess file.
  • One click installation.

Security Protection Functions

  • Smart Firewall that detects and blocks bot traffic. This is a perfect and powerful prevention tool.
  • Anti-Bot Protection – Monitors web traffic, filters out, and blocks bad bot traffic to a website.
  • Anti-SPAM Protection – Automatic detection of all comments insert by bots and their filtration.
  • Brute Force Bot Attack Prevention – Bots detection system to prevent attempts to crack a password (login security).

Antivirus Security Scanner

  • A professional Antivirus Scanner that will scan your website from external threats. Designed to detect adware and malware, backdoors, exploits, phishing code, trojans and viruses, include built-in malware removal tool.
  • Database Malware Scanning – A unique ability of our algorithm is scanning the website’s database. This function crucial as more and more hackers use SQL injection to infect the websites with malware.
  • Adware, Spyware and SPAM links detection – Protect you website from attached code attacks.
  • Обнаружение уязвимостей – Plugins and themes security vulnerabilities, SQL, XSS injections, vulnerable and insecure scripts.
  • Мониторинг черных списков – Check your website reputation.

Security Hardening

  • Updater – an automatic functional tool for updating your WordPress Core versions, plugins and themes.
  • Hardening – Detect the hosting configuration security parameter.

Malware Removal Tool

Built-in file viewer and editor is an easy to use security cleaning tool for the removal of infected codes or its part depending on the type of infection.

GDPR Compliance Features

  • GDPR Consent management
  • Cookies and data collection privacy management
  • User data management
  • Privacy information should we provide to user
  • Personal data breaches

Companies that collect data on citizens in European Union (EU) countries will need to comply with strict new rules around protecting customer data by May 25, 2018. The General Data Protection Regulation (GDPR) is expected to set a new standard for consumer rights regarding their data, but companies will be challenged as they put systems and processes in place to comply.

Compliance will cause some concerns and new expectations of security teams. For example, the GDPR takes a wide view of what constitutes personal identification information. Companies will need the same level of protection for things like an individual’s IP address or cookie data as they do for name, address and Social Security number.

This plugin is meant to assist a Controller, Data Processor, and Data Protection Officer (DPO) with efforts to meet the obligations and rights enacted under the GDPR.

NOTE: Installing this plugin does not guarantee a full compliment with the GDPR. Please contact a GDPR consultant or a law firm to assess the necessary measures.

Technical Description

Hide Function – Perfect Security and Protection solution

A passive security mechanism for hack protection against crawlers spiders and bots. A fullprof function – one click and your website will become hidden from bots.

The Hider algorithm encrypts all layers of a website, thus hiding it from hackers by making existing vulnerabilities and other security risks invisible when searched and does not require manual configuration. Our encoding algorithm does not use the .htaccess file therefore there is no disruption to the operation of your website. This function will make your WordPress website totally invisible! A crucial step in improving your website security.

Smart Protection

A web application firewall filters, monitors, and blocks bad bot traffic to a website. It is deployed in “front” of a website and analyzes traffic – detecting and blocking anything malicious.

Anti SPAM

WebDefender includes a unique automatic algorithm for diagnosing the text entered on your website (forum, forms, comments and etc,) where made by a human or a bot. Bots won’t be allowed to enter text on your website. This is a unique algorithm, providing a unique solution to our clients.
The crisis is a time when almost every site is faced with a flurry of unwanted emails from reverse forms, posts and comments. Robots literally attack corporate e-mails, because of which sometimes valuable applications can be missed. But putting a captcha on the site you risk losing customer loyalty, as poorly readable images annoy 90% of users. Therefore, we offer a solution developed by WEbdefender specialists to protect the site from spam robots .

Brute Force Attack Protection

Hackers frequently use automatic bot systems to Brute force a website. Our algorithm detects those bots and prevents attempts of a password crack.

The “WebDefender” Antivirus Scanner

The builtin professional and multi-functional antivirus scanner offers top of the line security features and advanced functions for viruses and vulnerabilities detection. The scanner incorporates a user friendly malware removal tool. The diagnostic is performed by using a known database of virus signatures as well as Cobweb-Security’s Heuristic algorithm that can detected previously unknown virus signatures and zero-day vulnerabilities thus providing enterprise-level security capabilities.

WebDefender Antivirus Features

  • Virus & Malware antivirus scanner
  • Database security scanning (exclusive function)
  • ZIP file scanning (exclusive function)
  • Обнаружение Adware, Spyware и спам-ссылок
  • Мощные и простые в использовании инструменты для удаления вредоносного ПО
  • Аналитика и рекомендации по усилению безопасности
  • Real-time malware signature updates (Professional or Premium)
  • Scanner scheduler’s settings (Professional or Premium)

Database Malware Scanning

An unique ability of our algorithm is scanning the website’s database. This function crucial as more and more hackers use SQL injection to infect the websites with malware.

Adware, Spyware and SPAM links detection

The WebDefender Scanner successfully detects:

  • SEO & SPAM links
  • Doorway pages (SEO)
  • iFrame injections
  • Black-hat SEO заражения

Обнаружение уязвимостей

Одной из важнейших составляющих безопасности и защиты вашего сайта является своевременный анализ уязвимостей плагинов, CMS и баз данных. Эти уязвимости дают хакеру возможность совершит проникновенияние на ваш сайт. Вот почему своевременный диагноз и обновление жизненно важны для усиления защиты веб-сайта.

Наш сканер безопасности может найти:

  • Уязвимости плагинов и тем
  • вредоносные инъекции SQL, XSS

Мониторинг черных списков

The WebDefenders’ Blacklist Monitoring scanner checks IP addresses and website domains in the 10 most popular security blacklists and safe browsing databases.

Real-time Blacklists or Blackhole lists – also called DNS-based Blackhole Lists – are lists of IP addresses published through DNS. Often there are listed computers or networks that may spam or consist malware in such lists. Many secure corporate mail servers are configured to reject or flag messages which have been sent from IP addresses listed in one of these security blacklists.

Ведущие почтовые системы, такие как Gmail, Yahoo и Hotmail, также используют черные списки для фильтрации писем по адресам. Если IP-адреса вашей сети попадают в черный список, вы и ваши клиенты могут испытывать проблемы с отправкой и получением электронной почты. Это может значительно повредить вашему бизнесу.

CWIS Blacklist Monitoring scanner автоматически предупреждает вас, если ваши адреса или домены вашего сайта попадают в широко распространенные черные списки .

The Updater – WP Core, plugin and theme automatic update

The importance of using the latest updated version of the WP core, plugins and themes is understandable to everyone and not only for the increase in functionality but in no small degree for the security of the website.

To make it easier to keep track of update releases for WordPress Core, plugins and themes and installing them automatically, CobWeb-Security has introduced the Security Updater to the functionality of the WebDefender plugin.

The Updater will enable you to keep track of:

  • WordPress Core Updates
  • WordPress Plugin Updates
  • WordPress Theme Updates

The Updater has three separate blocks for managing themes, plugins, and WordPress core settings.

You can choose to update only individual plugins or themes or you can choose to update all of the installed themes and plugins. The Updater will also mark with different colors the importance of an update ( red to green)

Security Hardening

This function detects the hosting configuration security parameters.

Инструмент удаления вредоносного кода, мощный и легкии в использование

Сканер антивирусной безопасности CWIS не только поможет вам найти все вирусы и вредоносный код на вашем веб-сайте, но также поможет вам легко удалить это вредоносное ПО. Наш встроенный просмотрщик файлов и редактор — это простой инструмент для удаления зараженного файла или его части в зависимости от типа заражения. Процесс очистки очень прост и не требует специальной подготовки.

Preparing you website for the General Data Protection Regulation (GDPR)

This extension for our security plugin helps the website owner or company Data Protection Officer (DPO), Controller, Data Processor employees to fit the web application with the obligations and rights enacted under the GDPR requirement.

Professional Upgrade

Enhance the security of your website with our Professional upgrade. The Professional package will provide our clients with these additional features:

  1. FireWall:
    • Real-time firewall rules updates
    • Real-time IP Blacklists
  2. Hide Function:
    • New mask codes for updating the Hide function online
  3. Scanner:
    • Real-time malware signature updates
    • Scanner scheduler settings (Professional or Premium)

Premium Program

We also offer a Professional WebDefender key that will give you:

  • Настройки планировщика сканера
  • Перейти на премиум-версию
  • Database malware scan (WebDefender exclusive function)
  • Функция экспорта отчета сканера

A 100% protection – your website’s security in our hands. Our team will monitor your website online 24/7, in case of a hacker attack or malware injection, we will clean and repair you website.

Вы можете Нажмите здесь, чтобы зарегистрироваться для CWIS Business или Premium.

Cookies set by the Plugin and WordPress

This plugin keeps track of user consent by saving them to the database. We can only do that for logged in users. For visitors, however, we track their concent by creating a cookie and storing their preferences there. The same logic applies for cookies. We set a cookie named gdpr that stores that information.

WordPress also stores cookies on log in or commenting on a post. You can learn more about WordPress cookies here

Требования

  • WordPress version 2.8 or higher
  • PHP version 4.1.0 or higher

Заключительные замечания

Скриншоты

  • WebDefender Security Dashboard Control Panel
  • WebDefender Security Scanner Page
  • Мониторинг черных списков
  • Рекомендации по повышению безопасности
  • Антивирусный сканер & amp; Страница настроек планировщика
  • GDPR Dashboard Control Panel

Установка

Чтобы установить плагин и заставить его работать:

  1. Войдите в свою панель управления WordPress
  2. Перейдите в параметр Плагины в меню навигации WordPress и выберите Добавить новый
  3. Введите CWIS в поле Поисковые плагины (или загрузите плагин в каталог/wp-content/plugins/ directory)
  4. ВыберитеУстановить сейчас и выберитеАктивировать плагин (или активируйте плагин через меню Плагины в WordPress)
  5. В навигационном меню выберитеCWIS Antivirus Scanner В меню навигации и нажмитеStart Scan Кнопка
  6. Во время регистрации плагина необходимо отправить данные на сервер компании: имя, адрес электронной почты и домен сайта.

Часто задаваемые вопросы

Is the WebDefender Security free to use?

Yes, WebDefender is completely free to use. If you need to enable additional features, Professional or Premium plans are available.

Is the WebDefender plugin secure?

No sensitive data is sent to our servers. However, during the initial registration, the plugin securely sends encrypted data to the company’s server: your name, email address and website’s domain.

Will the WebDefender Security protect my site from being hacked?

Yes. The WebDefender is the complete package. It incorporates all the main security elements needed to protect your website: a passive WAF, an antivirus scanner and an automatic Updater of the sites’ elements.

Will the plugin impact the performance of my website?

No, it will not. We’ve performed extensive tests and the plugin had no visible effect on the performance of websites.

Does the scanner stores logs in my websites’ database?

No, it does not. Unlike most scanners we store our logs as text files which has no effect on the speed of a website.

Are there any issues installing this plugin on any hosts?

Not that we are aware of. After thousands of installations we have yet to experience issues with installing the plugin. However, we are constantly modifying our plugin introducing new and improving on existing features, so if you experiencing trouble installing please contact us at cwis@cobweb-security.com

Отзывы

16.07.2021
Annoying advertising and SCAM. Not trustworthy.
03.05.2020 2 ответа
couple of years ago i tried their plugin and made a huge mistake i gave them and payed with credit card more then 4 years every year twice or more they try to charge me althouge i tried to contact them in every way there is and didnt get answers or any responce scammers!!!! becarfull!!!!
04.04.2020 1 ответ
This plugin does not nothing unless you buy it, near $100 bucks a year. Another liar claiming free. It’s only a 30 day trial and you must sign up now to even scan anything much less detection and removal. Too bad there is no zero rating.
07.02.2020
Thank you for providing this plugin. With Smart Protection > Anti-Bot, Anti-Spam, and Brute Force Protection enabled spam has dropped by about 95% across dozens of sites. Better results than any other plugin I’ve tried (and I’ve tried many). I’m amazed this plugin doesn’t have a million active installations. Best kept secret on WordPress. *Note, be careful with the hide function — it’s a nice feature but can cause problems on some sites and is not necessary if all you want is the anti-spam functions.
05.03.2020
Amazing Plugin, it’s really worth having. I always use it against malwares 🙂
Посмотреть все 18 отзывов

Участники и разработчики

«WebDefender Security – Protection & AntiSpam» — проект с открытым исходным кодом. В развитие плагина внесли свой вклад следующие участники:

Участники

Журнал изменений

5.0.1.54

  • Corrected file viewer
  • CURL issue correction (plugin deactivation, deleting)
  • Design correction

5.0.1.53

  • Corrected file viewer (difference showing and original file loading)
  • Defender functionality correction
  • Design correction

5.0.1.52

  • Corrected file viewer (fixed issue with few popup opening)
  • Design correction

5.0.1.51

  • Fixed issue with scanning results tree
  • Added curl disable validation
  • Design correction

5.0.1.50

  • Fixed issue with scanning results tree
  • Fixed issue with scanner page
  • Corrected settings page save functionality
  • Design correction
  • Corrected warnings

5.0.1.49

  • Fixed issue with scanning results tree
  • Corrected settings page save functionality
  • Plugin security correction

5.0.1.48

  • Fixed issue with scanning results tree
  • Fixed issue with components page
  • Corrected settings page save functionality
  • Plugin security correction
  • Corrected warnings

5.0.1.47

  • Fixed issue with scanning results tree
  • Added documentation page
  • Added news page
  • Corrected settings page save functionality
  • Plugin security correction

5.0.1.46

  • Fixed issue with email saving
  • Fixed issue with report functionality
  • Plugin security correction

5.0.1.45

  • Fixed issue with scanner
  • Fixed issue with email saving
  • Plugin security correction
  • Cleared console messages, added fonts
  • Corrected design
  • Corrected result functionality view.

5.0.1.44

  • Fixed issue with communication between plugin and dashboard
  • Fixed issue with menu show/hide
  • Console message hiding
  • Plugin security correction

5.0.1.43

  • Fixed issue with dropdown menu after license key entering (or credentials for free license)

5.0.1.42

  • Plugin core rewriting
  • Design optimization
  • Bugfix: fixed small functionality issues
  • Fixed issue with ipv6 IPs processing

4.3.7.1

  • Bugfix: fixed bug of registration of Trial version

4.3.7.0

  • Updated Angular lib
  • Bugfix: interface
  • Change Plugin working method — work only after customer registration
  • Bugfix: fixed bugs of registration of Trial version

4.3.6.1

  • Set autostart enabled by default

4.3.6.0

  • Aded Multiple files actions on Scan Results screen
  • Files in quarantine are excluded from scanning Results
  • Updated Signatures file
  • Updated jQuery to latest version
  • Updated Angular lib
  • Bugfix: after deleting a file to quarantine, the information in the results is not updated
  • Bugfix: in file quarantine: to restore the file, you need to click the restore button several times
  • Bugfix: crash and stop when scanning
  • Bugfix: with the number of files in the menu on the left of the scan results page
  • Bugfix: bug in file quarantine: file editor did not open
  • Bugfix: some files could not be restored from quarantine

4.3.5.1

  • PHP 8 compatibility bug fixed

4.3.5

  • Update versions PHP8

4.3.4

  • Added a set of new anti-virus signatures

4.2.4

  • Added a set of new anti-virus signatures

4.2.3.6

  • Malware signature and vulnerabilities list updates

4.2.3

  • New security vulnerabilities in WordPress plugins

4.2.2.4

  • Improved encoding of executable files pathnames
  • New malware signatures (obfuscated loader and backdoor)

4.2.2

  • Added new signatures of backdoor PHP webshells
  • The list of known vulnerabilities has been updated

4.2.1.8

  • Fixed an issue with License Key client-side manager

4.2.1.5

  • Issues with delayed loading of the Defender Settings

4.2.1

  • Added a new option IP Filter (Whitelist & Blacklist)

4.2.0.3

  • Option to export or save the user data in PDF format
  • GDPR cookies and data collection privacy management

4.2.0

  • General Data Protection Regulation (GDPR) features

4.1.9

  • JSON API capabilities are no longer removed
  • A modified Base64-variant only with URL-safe chars
  • Fixed issues with invalid JSON server responses

4.1.8.5

  • Fixed an issue with the temporary files directory
  • Optimized list of known plugins vulnerabilities

4.1.8

  • Added REST Nonce (beta feature, used in SaaS Dashboard)

4.1.7

  • The email address setting is now auto-synchronized

4.1.6

  • WebDefender Security status dashboard widget added

4.1.5.5

  • Added new signatures of backdoor trojan files
  • Updated list of known WP-plugins vulnerabilities
  • Minor improvements in Guarder URL Convertor

4.1.5

  • Added a separate option «Anti-Bot Protection»
  • Improved scan results editor, minor bug fixes

4.1.4

  • Dedicated page «Smart Protection» with settings and statistics
  • A new scanner setting «Check PHP-files for potential security vulnerabilities using static code analysis»
  • New malware signatures (webshells and viruses)

4.1.3

  • Added a new tool called Log File Viewer
  • URL encoder regex performance optimizations

4.1.2.5

  • Support for external URLs in Guarder URL Convertor

4.1.2

  • Prevented infinite recursion in the vulnerability scanner

4.1.1.5

  • Website anti-bot protection improvements

4.1.1

  • Enhanced Brute Force Login protection

4.1.0

  • New results category «Potentially vulnerable» contains the potentially vulnerable PHP code
  • Malware signatures and scan speed optimizations

4.0.6

  • Fixed an issue with child themes protection
  • Antivirus Scanner performance improvements
  • Fixed compatibility issues with some cache plugins

4.0.5.3

  • Improved support for relative CSS/JS paths
  • Updated list of known WP & plugins vulnerabilities

4.0.5

  • Caching WP plugins and themes autoupdate settings
  • Translate provider fix (default language set to ‘en’)
  • Popular social networks added to URL ignore list

4.0.3.2

  • Fixed compatibility issues with plugin JCH Optimize Pro
  • Anti-bot cross-browser compatibility and caching issues

4.0.2

  • Added anti-bot protection, based on user behavior analysis

4.0.1

  • Fixed recursive pathnames encoding (issue with the WP Rocket)
  • Updated list of known WordPress plugins vulnerabilities

4.0.0

Release Date – 31st January, 2018

  • Integrations with the CobWeb Security Defender and rebranding

3.3.9.12

  • Improved detection of some backdoor signatures

3.3.9.5

  • New malware signatures (installers, trojans and viruses)

3.3.9

  • The Professional Features panel is added to the dashboard

3.3.8.5

  • New malware signatures and known vulnerabilities

3.3.7.5

  • CPU benchmarking dynamic correction improved

3.3.7

  • Cached AJAX responses: improvements and bug fixes
  • New setting «File extensions to exclude from scanning»

3.3.6.15

  • New signatures detects Monero (XMR) CPU miner
  • Updated list of known WordPress plugins vulnerabilities

3.3.6.9

  • New malware signatures (total 4248 so far)

3.3.6.5

  • Fixed a weird bug with dropdown translations mechanism

3.3.6

  • New logo for CobWeb Security, improvements in sitecheck’s module
  • Setting «Custom Path» now can be switched between two modes

3.3.5

Release Date – 16th August, 2017

  • CWIS Antivirus Plugin Celebrates Its One Year Anniversary!
  • Improved database scan with large MySQL tables and with PHP memory limited size
  • Minor improvements to the email reports

3.3.3.5

  • Support for automatic background updates of all types (including configuration via wp-config.php file)

3.3.3

  • Improved scan algorithm with memory limited size
  • Reduced server load during intensive scanning

3.3.0

  • A new security hardening feature «CWIS Updater» (navigate to Settings option in WordPress navigation menu)

3.2.5

  • Scan results filtering feature with regex support
  • Fixed issue with binary files content filtering

3.2.3

  • Into file viewer added support for database browsing
  • File viewer automatically highlights the marker line on content load
  • Added menu item into the WordPress Admin bar

3.2.2

  • Major improvements to the email reports

3.2.1.5

  • Minor improvements and bug fixes
  • The list of known vulnerabilities is up-to-date

3.2.1

  • Maintenance release, new malware signatures

3.2.0.7

  • Vulnerabilities and URL ignore list updates

3.2.0.3

  • Added the «Quarantine Manager» tool with description
  • Enabled option to restore quarantined files

3.2.0

  • New dashboard element: «Scanner Feature Status»
  • Scan-level limits were removed from the Free version

3.1.6

  • New PHP webshells signatures (total 3937 so far)
  • Vulnerabilities and URL ignore list optimizations

3.1.5

  • Security and maintenance release

3.1.4.7

  • Улучшения пользовательского интерфейса на стороне клиента

3.1.4.5

  • Database scanner now uses the list of detected CMS
  • Try new dashboard’s «Extra Options» to find out more…

3.1.3

  • New features of the Task Scheduler Manager
  • Improved white list management via AngularJS

3.1.2

  • Now using a local whitelist (useful for manual checking)
  • Fixed portability issues with ctype_xdigit and iconv

3.1.1

  • Updated list of known vulnerabilities
  • Removed deprecated result keys and methods

3.1.0.6

  • Исправление проблем совместимости (запрос path в запросах сокетов)
  • New defacement signatures (total 3915 so far)

3.1.0.3

  • Планировщик Cronjob и оптимизация кода проверки сайта
  • Путь сканирования, отображаемый в процессе сканирования

3.1.0

  • техническое обновление (всего 3871 подписи)
  • Улучшения в WordPress & amp; Детекторы плагинов CMS

3.0.6.3

  • Новые уязвимости плагинов для WordPress
  • Результаты проверки SSL добавлены на панель инструментов.

3.0.6

  • Новые сигнатуры вредоносных программ и вирусов (всего 3811)
  • Оптимизация скорости встроенного планировщика заданий cron

3.0.5.7

  • Добавлены результаты поиска в черном списке MxToolBox
  • Проверка сертификата SSL, состояние HTTP и время загрузки

3.0.5.5

  • Исправлены проблемы стабильности сканера на некоторых занятых / разделяемых серверах
  • Максимальный размер файла увеличен, глубина предварительного сканирования была ограничена

3.0.5.4

  • Новые сигнатуры вредоносного ПО, фишинга и вирусов
  • Настройки синхронизации при сканировании, стилизация CSS и JS улучшена

3.0.5.3

  • Оптимизированные сигнатуры вирусов типа «JS / redirector»
  • Чтобы предотвратить блокировку, i18n JSON-файлы переименовываются в JS-файлы

3.0.5.2

  • Усовершенствования обнаружения хаков (вредоносный код в .htaccess)

3.0.5.1

  • Обновлен список известных уязвимостей CMS / plugin / theme

3.0.5

  • Security and maintenance release
  • Исправлены проблемы с приостановлением просмотра, проверкой базы данных и проверкой сайта

3.0.4

  • Подсказка выполняется значительно быстрее
  • Исправлены проблемы несовместимости с параметрами POSTed

3.0.3

  • Rescan progress percent now calculated correctly

3.0.2.5

  • Совершенствование процесса повторного сканирования (разделен на две фазы)

3.0.2.4

  • Усовершенствования алгоритма эвристического анализа
  • Обновление списка белых списков и URL-адресов (проверено на 1000 + плагинах)

3.0.2.1

  • Подписи вредоносных программ оптимизированы, всего 3709 подписей
  • Исправлена ошибка в обновленном аккордеоне UI-Bootstrap

3.0.2

  • Отложенный автозапуск при загрузке и автоматическая повторная попытка при ошибке
  • Улучшена обработка прерывистого / нестабильного интернет-соединения
  • Подкатегории добавлены в меню администрирования WordPress

3.0.1.5

  • Планирование периодического повторного сканирования с использованием WordPress cron
  • Оптимизация «белых» списков, новые сигнатуры вредоносных программ

3.0.1

  • Принудительный перезапуск застрявшего / неполного повторного сканирования

3.0.0

Release Date – 2nd February, 2017

  • The first stable release of CWIS-3.0 is out!
  • CSS/JS optimizations, temporary files folders fix
  • Обновление белых списков и URL-адресов (проверено на 900 плагинов)
  • Усовершенствованный детектор «iFrame injections» (уровень PRO)

3.0.0-RC9

  • Security patch, mail sender bug fix, new signatures, and more…

3.0.0-RC2-RC5

  • Testing completely redesigned interface written in pure AngularJS

2.5.0

  • LTS (Long-term support) version release
  • Quick Rescan and Scheduler bug fixes

2.3.5.4

  • Compatability with WordPress 4.7.2
  • System info reporting improvements

2.3.5

  • Updated URL ignore-list and known vulnerabilities list

2.3.2.5

  • Security and maintenance release

2.3.2

  • Validation improvements, updated list of vulnerabilities

2.3.1.7

  • Whitelist and URL ignore list updates (tested on 700 plugins)

2.3.1.6

  • New server malware signatures, total 3697 signatures known
  • Updated list of known plugins and themes vulnerabilities

2.3.1.5

  • Correct calculations of rescan speed and time left in Quick Rescan mode
  • Filenames queue list split by volumes, quick rescan of modified files
  • URL-ignore list optimizations (automatically adding the WWW prefix)

2.3.0.12

  • Incorrect date check results resolved using a timezone offset

2.3.0.8

  • Whitelist updates, client-side improvements in License Manager

2.3.0.6

  • CMS plugins detector now supported the one-file-plugins

2.3.0.5

  • Whitelist and URL ignore list updates (tested on 300 plugins)
  • Memory and signatures optimizations, CMS detector bug fix

2.3.0.2

  • CSS improvements, bug fix in suspicious redirect detector
  • Weekly notice: «To make your site as secure as possible…»

2.3.0

  • New signatures, code improvements and optimizations, bug fixes
  • Complemented list of latest known vulnerabilities across WordPress Core, plugins and themes

2.2.8.5

  • New server malware signatures, total 3587 signatures known

2.2.8.3

  • Unset UA warning fix, default date timezone is set to UTC
  • Removed some low quality signatures which caused false positives

2.2.7.9

  • Added the most recent high-profile plugins vulnerabilities
  • Added a signature of fake plugin named «WordPress Researcher»
  • Empty threat categories in the scan results are also displayed

2.2.6.12

  • Simulate function error_get_last() for PHP 5 < 5.2.0
  • Scanner whitelist’s function fread() PHP warning (bug fix)

2.2.6.5

  • Support for the latest version check on core-level

2.2.6.3

  • Updated security list of known vulnerabilities (WordPress plugins)

2.2.6

  • New backdoor and server malware signatures, total 3581 signatures known
  • Scanner skips automatically files caused to compile-time parse errors

2.2.5

  • Security and maintenance release
  • Added prescan status «completed», new Potentially Malicious signatures
  • Now possible simultaneous scanning of different/mixed paths

2.2.4.5

  • Whitelist optimizations, URL ignore list been updated
  • New backdoor signatures added, total 3568 signatures known
  • Some of Server Malware signatures were skipped because of the bug

2.2.4

  • Doorways detection algorithm has been greatly improved (Professional Mode)
  • Scanning quality has been greatly improved (Basic Check and Recommended Mode)

2.2.3.5

  • Bug fixed in AJAX request’s timeout check (time limit has been doubled)
  • Last time rendering improved as scanner now ignores additional AJAX requests

2.2.3

  • Bug in the method detecting rescan status has been detected and fixed
  • The DRY philosophy has been applied to the scanner’s check code

2.2.2

  • Optimized some signatures in category «Potentially malicious»
  • Bootstrap popovers on hover explaining the scan modes and levels
  • Scan levels simplified: «Basic Check», «Recommended» and «Professional»

2.2.1.2

  • List of known vulnerabilities (CMS and plugins) is up to date

2.2.1

  • Client-side now handling correctly an empty server response
  • PDO class file is loaded once now (additional check added)

2.2.0.7

  • New signatures added into category «Server malware»

2.2.0.6

  • API mode with log messages turned off

2.2.0.5

  • Prevented duplicate result entries

2.2.0.2

  • «Database Scan» may be enabled/disabled on-the-fly

2.2.0.1

  • Whitelist optimizations, URL ignore list been updated
  • cURL timeout has been increased from 3 to 5 seconds

2.2.0

  • Some regexps were moved to a more appropriate category «Potentially malicious»

2.1.6.5

  • Fixed mistakenly popping dialog

2.1.6

  • New shell signatures, scan results explanation notice added

2.1.5.9

  • Total 3544 signatures known (adware, phishing, viruses etc)

2.1.5.7

  • A new signature added, extended messaging in the paused scan state

2.1.5.3

  • Whitelist updates, JS stability issues, and a new banner image

2.1.5

  • The scanner stopped after receiving an error from the server, fixed
  • Disk free space check added with response «Possibly out of free disk space»
  • Total 3534 signatures known (adware, phishing, viruses etc)

2.1.4.9

  • Improvements in alerting system (stripped HTML tags and JSON parser fix)

2.1.4

  • MIME types are used now to detect and skip binary files in «Paranoid» mode

2.1.3.5

  • Ability to add a database check in the middle of an already running scan

2.1.3

  • Code refactoring, improved scanner stability on slow servers

2.1.2.4

  • Неправильные данные о прогрессе исправлены и восстанавливаются
  • The list of vulnerabilities is extended and covers the last 4 years
  • Total 3477 signatures known (adware, phishing, viruses etc)

2.1.2

  • Был изменен код сканера, улучшена производительность

2.1.1.16

  • Не удалось выполнить быстрое повторное сканирование в списке пустых файлов (исправление ошибки)

2.1.1.15

  • Сканирование базы данных сбрасывалось при обновлении каждой страницы (исправление ошибок)

2.1.1.14

  • Улучшена совместимость кода обнаружения каталогов

2.1.1.12

  • Обновление белых списков и ложные тайм-ауты AJAX

2.1.1.4

  • Поддержка файлов без содержимого (исправление ошибок)

2.1.1

  • Улучшения пользовательского интерфейса на стороне клиента

2.1.0.12

  • Добавлена проверка таймаута для длинных запросов AJAX

2.1.0.7

  • Белый список WordPress 4.6.0 и файлы плагинов (около 500)
  • Оптимизирована проверка белого списка, теперь проверена и категория «Зашифрованные файлы»
  • Исправлена ошибка детектора плагинов (при передаче пустого массива из детектора CMS)

2.1.0.5

  • Улучшено обнаружение ссылок на SEO (PHP-код в привязке теперь пропущен)
  • Улучшена обработка результатов сканирования, исправлена ошибка с пустыми именами
  • В определенных условиях клиент входил в цикличный процес(исправлено)

2.1.0

  • Контроль сканирования базы данных с помощью новой кнопки «Поиск базы данных»
  • Обновлен список уязвимых версий CMS и плагинов
  • Лимит памяти установлен на «1536M», добавлены новые сигнатуры

2.0.7.5

Release Date – 16th August, 2016

  • The plugin is listed in the official WordPress Plugin Directory
  • Добавлена проверка использования неизвестных типов для расширений PHP в файле .htaccess.

2.0.7

  • Задержка автозапуска при первом запуске (на 5 секунд)
  • Улучшена новой версии версия WordPress и детекторов плагина CMS
  • Исправлена ошибка в отчете после быстрого повторного сканирования

2.0.6

  • Усовершенствования встроенного механизма переводов
  • В первом запуске функция планировщика отключена

2.0.5

  • Улучшена обработка ошибок и повышено качество перевода
  • Загружает каталог, используемый wp_upload_dir ($ this- & gt; plugin_name));

2.0.4

  • Thread-safe atomic file reading and writing solution
  • Исправлена ошибка RegExp для базового уровня сканирования

2.0.3

  • Скрипты и стили включали использование Hook действия

2.0.0

  • Включены классы активатора и деактиватора
  • Файлы сканера обновлены до последней версии

1.0.5

  • Теперь основной файл, содержащий пароли, автоматически обновляется
  • AJAX options now automatically generated and stored