at path:
ROOT
/
wp-content
/
plugins
/
wordfence
/
lib
/
wfAPI.php
run:
R
W
Run
Diff
DIR
2026-02-05 01:05:21
R
W
Run
audit-log
DIR
2026-02-05 01:05:21
R
W
Run
dashboard
DIR
2026-02-05 01:05:21
R
W
Run
rest-api
DIR
2026-02-05 01:05:21
R
W
Run
Diff.php
5.63 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
IPTraf.php
1.17 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
IPTrafList.php
2.98 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
WFLSPHP52Compatability.php
1.27 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
compat.php
425 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
diffResult.php
2.81 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
email_genericAlert.php
1.39 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
email_newIssues.php
8.82 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
email_unlockRequest.php
2.34 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
email_unsubscribeRequest.php
1.05 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
flags.php
6.62 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
geoip.mmdb
9.26 MB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
live_activity.php
580 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_dashboard.php
28.16 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_dashboard_options.php
15.37 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_firewall.php
2.12 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_firewall_blocking.php
10.25 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_firewall_blocking_options.php
4.63 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_firewall_waf.php
19.96 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_firewall_waf_options.php
11.09 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_install.php
1.73 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_options.php
24.7 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_scanner.php
21.6 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_scanner_credentials.php
2.77 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_scanner_options.php
8.41 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_support.php
17.82 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_tools.php
1.49 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_tools_auditlog.php
16.43 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_tools_diagnostic.php
50.8 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_tools_importExport.php
1.28 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_tools_livetraffic.php
39.43 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_tools_twoFactor.php
19.6 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_tools_whois.php
4.61 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
menu_wordfence_central.php
9.66 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
noc1.key
1.64 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
sodium_compat_fast.php
185 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
sysinfo.php
1.47 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
viewFullActivityLog.php
1.47 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wf503.php
9.67 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfAPI.php
10.1 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfActivityReport.php
20.55 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfAdminNoticeQueue.php
5.2 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfAlerts.php
8.19 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfAuditLog.php
47.13 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfBinaryList.php
1.02 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfBrowscap.php
3.9 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfBrowscapCache.php
256.83 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfBulkCountries.php
9.77 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfCache.php
6.02 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfCentralAPI.php
25.8 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfCommonPasswords.php
1.25 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfConfig.php
124.66 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfCrawl.php
6.92 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfCredentialsController.php
10.3 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfCrypt.php
4.05 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfCurlInterceptor.php
1.02 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfDB.php
11.49 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfDashboard.php
8.2 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfDateLocalization.php
352.13 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfDeactivationOption.php
2.13 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfDiagnostic.php
67.03 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfDirectoryIterator.php
1.89 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfFileUtils.php
2.72 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfHelperBin.php
1.97 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfHelperString.php
2.13 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfI18n.php
878 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfIPWhitelist.php
1.56 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfImportExportController.php
3.23 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfInaccessibleDirectoryException.php
303 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfInvalidPathException.php
266 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfIpLocation.php
1.8 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfIpLocator.php
2.7 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfIssues.php
27.93 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfJWT.php
5.33 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfLicense.php
10.95 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfLockedOut.php
9.73 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfLog.php
57.38 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfMD5BloomFilter.php
5.2 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfModuleController.php
754 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfNotification.php
6.41 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfOnboardingController.php
9.22 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfPersistenceController.php
819 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfRESTAPI.php
377 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScan.php
15.92 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanEngine.php
128.95 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanEntrypoint.php
1.04 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanFile.php
1.01 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanFileLink.php
403 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanFileListItem.php
408 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanFileProperties.php
1.07 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanMonitor.php
4.05 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfScanPath.php
1.77 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfSchema.php
11.93 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfStyle.php
1.21 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfSupportController.php
24.18 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfUnlockMsg.php
1.14 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfUpdateCheck.php
27.23 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfUtils.php
128.73 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfVersionCheckController.php
19.27 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfVersionSupport.php
535 By
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfView.php
2.22 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfViewResult.php
1.42 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wfWebsite.php
1.75 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wordfenceClass.php
437.99 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wordfenceConstants.php
3.56 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wordfenceHash.php
42.7 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wordfenceScanner.php
28.09 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
wordfenceURLHoover.php
18.35 KB
2025-12-21 04:19:00
R
W
Run
Delete
Rename
error_log
up
📄
wfAPI.php
Save
<?php require_once(dirname(__FILE__) . '/wordfenceConstants.php'); require_once(dirname(__FILE__) . '/wordfenceClass.php'); require_once(dirname(__FILE__) . '/wfLicense.php'); class wfAPI { public $lastHTTPStatus = ''; public $lastCurlErrorNo = ''; private $curlContent = 0; private $APIKey = ''; private $wordpressVersion = ''; public function __construct($apiKey, $wordpressVersion) { $this->APIKey = $apiKey; $this->wordpressVersion = $wordpressVersion; } public function getStaticURL($url) { // In the form '/something.bin' without quotes return $this->getURL(rtrim($this->getAPIURL(), '/') . '/' . ltrim($url, '/')); } public function call($action, $getParams = array(), $postParams = array(), $forceSSL = false, $timeout = 900, $passThroughErrorMsg = false) { $apiURL = $this->getAPIURL(); //Sanity check. Developer should call wfAPI::SSLEnabled() to check if SSL is enabled before forcing SSL and return a user friendly msg if it's not. if ($forceSSL && (!preg_match('/^https:/i', $apiURL))) { //User's should never see this message unless we aren't calling SSLEnabled() to check if SSL is enabled before using call() with forceSSL throw new wfAPICallSSLUnavailableException(__("SSL is not supported by your web server and is required to use this function. Please ask your hosting provider or site admin to install cURL with openSSL to use this feature.", 'wordfence')); } $json = $this->getURL(rtrim($apiURL, '/') . '/v' . WORDFENCE_API_VERSION . '/?' . $this->makeAPIQueryString() . '&' . self::buildQuery( array_merge( array('action' => $action), $getParams )), $postParams, $timeout, $passThroughErrorMsg); if (!$json) { throw new wfAPICallInvalidResponseException(sprintf(/* translators: API call/action/endpoint. */__("We received an empty data response from the Wordfence scanning servers when calling the '%s' function.", 'wordfence'), $action)); } $dat = json_decode($json, true); if (!is_array($dat)) { throw new wfAPICallInvalidResponseException(sprintf(/* translators: API call/action/endpoint. */ __("We received a data structure that is not the expected array when contacting the Wordfence scanning servers and calling the '%s' function.", 'wordfence'), $action)); } //Only process key data for responses that include it if (array_key_exists('_isPaidKey', $dat)) $this->processKeyData($dat); if (isset($dat['_touppChanged'])) { wfConfig::set('touppPromptNeeded', wfUtils::truthyToBoolean($dat['_touppChanged'])); } if (isset($dat['errorMsg'])) { throw new wfAPICallErrorResponseException($dat['errorMsg']); } return $dat; } private function processKeyData($dat) { $license = wfLicense::current() ->setApiKey($this->APIKey) ->setPaid($dat['_isPaidKey']) ->setRemainingDays($dat['_keyExpDays']) ->setType(array_key_exists('_licenseType', $dat) ? $dat['_licenseType'] : null); if (isset($dat['_isPaidKey']) && !isset($dat['errorMsg'])) { wfConfig::setOrRemove('premiumAutoRenew', isset($dat['_autoRenew']) ? wfUtils::truthyToInt($dat['_autoRenew']) : null); wfConfig::setOrRemove('premiumNextRenew', isset($dat['_nextRenewAttempt']) ? time() + $dat['_nextRenewAttempt'] * 86400 : null); wfConfig::setOrRemove('premiumPaymentExpiring', isset($dat['_paymentExpiring']) ? wfUtils::truthyToInt($dat['_paymentExpiring']) : null); wfConfig::setOrRemove('premiumPaymentExpired', isset($dat['_paymentExpired']) ? wfUtils::truthyToInt($dat['_paymentExpired']) : null); wfConfig::setOrRemove('premiumPaymentMissing', isset($dat['_paymentMissing']) ? wfUtils::truthyToInt($dat['_paymentMissing']) : null); wfConfig::setOrRemove('premiumPaymentHold', isset($dat['_paymentHold']) ? wfUtils::truthyToInt($dat['_paymentHold']) : null); } $hasKeyConflict = false; if (isset($dat['_hasKeyConflict'])) { $hasKeyConflict = ($dat['_hasKeyConflict'] == 1); if ($hasKeyConflict) { new wfNotification(null, wfNotification::PRIORITY_HIGH_CRITICAL, '<a href="' . wfUtils::wpAdminURL('admin.php?page=Wordfence&subpage=global_options') . '">' . esc_html__('The Wordfence license you\'re using does not match this site\'s address. Premium features are disabled.', 'wordfence') . '</a>', 'wfplugin_keyconflict', null, array(array('link' => 'https://www.wordfence.com/manage-wordfence-api-keys/', 'label' => 'Manage Keys'))); $license->setConflicting(); } } $license->setDeleted(isset($dat['_keyNoLongerValid']) && $dat['_keyNoLongerValid'] == 1); if (!$hasKeyConflict) { $license->setConflicting(false); $n = wfNotification::getNotificationForCategory('wfplugin_keyconflict'); if ($n !== null) { wordfence::status(1, 'info', 'Idle'); $n->markAsRead(); } } $license->save(isset($dat['errorMsg'])); } protected function getURL($url, $postParams = array(), $timeout = 900, $passThroughErrorMsg = false) { wordfence::status(4, 'info', sprintf(/* translators: API version. */ __("Calling Wordfence API v%s:", 'wordfence'), WORDFENCE_API_VERSION) . $url); if (!function_exists('wp_remote_post')) { require_once(ABSPATH . WPINC . 'http.php'); } $ssl_verify = (bool) wfConfig::get('ssl_verify'); $args = array( 'timeout' => $timeout, 'user-agent' => "Wordfence.com UA " . (defined('WORDFENCE_VERSION') ? WORDFENCE_VERSION : '[Unknown version]'), 'body' => $postParams, 'sslverify' => $ssl_verify, 'headers' => array('Referer' => false), ); if (!$ssl_verify) { // Some versions of cURL will complain that SSL verification is disabled but the CA bundle was supplied. $args['sslcertificates'] = false; } $response = wp_remote_post($url, $args); $this->lastHTTPStatus = (int) wp_remote_retrieve_response_code($response); if (is_wp_error($response)) { $error_message = $response->get_error_message(); if ($error_message) { $apiExceptionMessage = sprintf(/* translators: Error message. */ __('There was an error connecting to the Wordfence scanning servers: %s', 'wordfence'), $error_message); } else { $apiExceptionMessage = __('There was an unknown error connecting to the Wordfence scanning servers.', 'wordfence'); } throw new wfAPICallFailedException($apiExceptionMessage); } $dateHeader = null; if (isset($response['headers']['date'])) { $dateHeader = $response['headers']['date']; } if (!empty($dateHeader) && (time() - wfConfig::get('timeoffset_wf_updated', 0) > 3600)) { if (function_exists('date_create_from_format')) { $dt = DateTime::createFromFormat('D, j M Y G:i:s O', $dateHeader); $timestamp = $dt->getTimestamp(); } else { $timestamp = strtotime($dateHeader); } $offset = $timestamp - time(); wfConfig::set('timeoffset_wf', $offset); wfConfig::set('timeoffset_wf_updated', time()); } if (!empty($response['response']['code'])) { $this->lastHTTPStatus = (int) $response['response']['code']; } if ($this->lastHTTPStatus == 429) { $passThroughErrorMsg = true; } if (200 != $this->lastHTTPStatus) { if ($passThroughErrorMsg) { $content = wp_remote_retrieve_body($response); if (!is_wp_error($content) && ($dat = json_decode($content, true)) && isset($dat['errorMsg'])) { return $content; } } throw new wfAPICallFailedException(sprintf(/* translators: HTTP status code. */__("The Wordfence scanning servers are currently unavailable. This may be for maintenance or a temporary outage. If this still occurs in an hour, please contact support. [%s]", 'wordfence'), $this->lastHTTPStatus)); } $content = wp_remote_retrieve_body($response); return $content; } public function binCall($func, $postData) { $url = rtrim($this->getAPIURL(), '/') . '/v' . WORDFENCE_API_VERSION . '/?' . $this->makeAPIQueryString() . '&action=' . $func; $data = $this->getURL($url, $postData); if (preg_match('/\{.*errorMsg/', $data)) { $jdat = @json_decode($data, true); if (is_array($jdat) && $jdat['errorMsg']) { throw new Exception($jdat['errorMsg']); } } return array('code' => $this->lastHTTPStatus, 'data' => $data); } public static function generateSiteStats($wordpressVersion = null) { if ($wordpressVersion === null) $wordpressVersion = wfUtils::getWPVersion(); $cv = null; $cs = null; if (function_exists('curl_version')) { $curl = curl_version(); $cv = $curl['version']; $cs = $curl['ssl_version']; } $values = array( 'wp' => $wordpressVersion, 'wf' => WORDFENCE_VERSION, 'ms' => (is_multisite() ? get_blog_count() : false), 'h' => wfUtils::wpHomeURL(), 'sslv' => function_exists('openssl_verify') && defined('OPENSSL_VERSION_NUMBER') ? OPENSSL_VERSION_NUMBER : null, 'pv' => phpversion(), 'pt' => php_sapi_name(), 'cv' => $cv, 'cs' => $cs, 'sv' => (isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : null), 'dv' => wfConfig::get('dbVersion', null), 'lang' => get_site_option('WPLANG'), ); return wfUtils::base64url_encode(wfUtils::jsonEncodeSafely($values)); } public function makeAPIQueryString() { return self::buildQuery(array( 'k' => $this->APIKey, 's' => self::generateSiteStats($this->wordpressVersion) )); } private function buildQuery($data) { if (version_compare(phpversion(), '5.1.2', '>=')) { return http_build_query($data, '', '&'); //arg_separator parameter was only added in PHP 5.1.2. We do this because some PHP.ini's have arg_separator.output set to '&' } else { return http_build_query($data); } } private function getAPIURL() { return self::SSLEnabled() ? WORDFENCE_API_URL_SEC : WORDFENCE_API_URL_NONSEC; } public static function SSLEnabled() { if (!function_exists('wp_http_supports')) { require_once(ABSPATH . WPINC . 'http.php'); } return wp_http_supports(array('ssl')); } public function getTextImageURL($text) { $apiURL = $this->getAPIURL(); return rtrim($apiURL, '/') . '/v' . WORDFENCE_API_VERSION . '/?' . $this->makeAPIQueryString() . '&' . self::buildQuery(array('action' => 'image', 'txt' => base64_encode($text))); } } class wfAPICallSSLUnavailableException extends Exception { } class wfAPICallFailedException extends Exception { } class wfAPICallInvalidResponseException extends Exception { } class wfAPICallErrorResponseException extends Exception { }