menu_options.php
71.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
<?php
$w = new wfConfig();
?>
<div class="wordfenceModeElem" id="wordfenceMode_options"></div>
<div class="wrap wordfence">
<?php $helpLink = "http://docs.wordfence.com/en/Wordfence_options";
$helpLabel = "Learn more about Wordfence Options";
$pageTitle = "Wordfence Options";
$wantsLiveActivity = true;
include( 'pageTitle.php' ); ?>
<!-- <div class="wordfenceLive">
<table border="0" cellpadding="0" cellspacing="0" class="wordfenceLiveActivity">
<tr>
<td><h2>Wordfence Live Activity:</h2></td>
<td id="wfLiveStatus"></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" class="wordfenceLiveStateMessage">
<tr>
<td>Live Updates Paused — Click inside window to resume</td>
</tr>
</table>
</div> -->
<div class="wf-container-fluid">
<div class="wf-row">
<?php
$rightRail = new wfView('marketing/rightrail');
echo $rightRail;
?>
<div class="<?php echo wfStyle::contentClasses(); ?>">
<form id="wfConfigForm" class="wf-form-horizontal">
<h2>License</h2>
<div class="wf-form-group">
<label for="apiKey" class="wf-col-sm-3 wf-control-label">Your Wordfence API Key <a href="http://docs.wordfence.com/en/Wordfence_options#Wordfence_API_Key" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-9">
<input type="text" id="apiKey" class="wf-form-control" name="apiKey" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" value="<?php $w->f( 'apiKey' ); ?>" size="80">
</div>
</div>
<div class="wf-form-group">
<label for="apiKeyDetail" class="wf-col-sm-3 wf-control-label">Key type currently active</label>
<div class="wf-col-sm-9">
<p class="wf-form-control-static">
<?php if (wfConfig::get('hasKeyConflict')) { ?>
<span style="font-weight: bold; color: #A00;">The currently active Premium API Key is in use on another site.</span>
<?php } else if (wfConfig::get( 'isPaid' )){ ?>
The currently active API Key is a Premium Key. <span style="font-weight: bold; color: #0A0;">Premium scanning enabled!</span>
<?php } else { ?>
The currently active API Key is a <span style="color: #F00; font-weight: bold;">Free Key</span>. <a
href="https://www.wordfence.com/gnl1optAPIKey1/wordfence-signup/" target="_blank">Click Here to Upgrade to
Wordfence Premium now.</a>
<?php } ?>
</p>
</div>
</div>
<div class="wf-form-group">
<?php if (wfConfig::get('hasKeyConflict')): ?>
<div class="wf-col-sm-9 wf-col-sm-offset-3">
<a href="https://www.wordfence.com/gnl1optMngKysReset/manage-wordfence-api-keys/" target="_blank"><input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Reset your premium license"/></a> <input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Downgrade to a free license" onclick="WFAD.downgradeLicense();"/>
</div>
<?php elseif (wfConfig::get('isPaid')): ?>
<div class="wf-col-sm-9 wf-col-sm-offset-3">
<a href="https://www.wordfence.com/gnl1optMngKys/manage-wordfence-api-keys/" target="_blank"><input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Renew your premium license"/></a> <input type="button" class="wf-btn wf-btn-default wf-btn-sm" value="Downgrade to a free license" onclick="WFAD.downgradeLicense();"/>
</div>
<?php else: ?>
<div class="wf-col-xs-12">
<div class="wf-premium-callout">
<h3>Upgrade today:</h3>
<ul>
<li>Receive real-time Firewall and Scan engine rule updates for protection as threats emerge</li>
<li>Advanced features like IP reputation monitoring, country blocking, an advanced comment spam filter and cell phone sign-in give you the best protection available</li>
<li>Remote, frequent and scheduled scans</li>
<li>Access to Premium Support</li>
<li>Discounts of up to 90% for multiyear and multi-license purchases</li>
</ul>
<p class="center"><a class="wf-btn wf-btn-primary wf-btn-callout" href="https://www.wordfence.com/gnl1optCallout1/wordfence-signup/" target="_blank">Get Premium</a></p>
</div>
</div>
<?php endif ?>
</div>
<h2>Basic Options <a href="http://docs.wordfence.com/en/Wordfence_options#Basic_Options" target="_blank" class="wfhelp"></a></h2>
<div class="wf-form-group">
<label for="firewallEnabled" class="wf-col-sm-5 wf-control-label">Enable Rate Limiting and Advanced Blocking <a href="https://docs.wordfence.com/en/Wordfence_options#Enable_Rate_Limiting_and_Advanced_Blocking" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="firewallEnabled" class="wfConfigElem" name="firewallEnabled" value="1" <?php $w->cb( 'firewallEnabled' ); ?>></div>
<span class="wf-help-block"><span style="color: #F00;">NOTE:</span> This checkbox enables ALL blocking/throttling functions including IP, country and advanced blocking, and the "Rate Limiting Rules" below.</span>
</div>
</div>
<div class="wf-form-group">
<label for="loginSecurityEnabled" class="wf-col-sm-5 wf-control-label">Enable login security <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_login_security" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSecurityEnabled" class="wfConfigElem" name="loginSecurityEnabled" value="1" <?php $w->cb( 'loginSecurityEnabled' ); ?>></div>
<span class="wf-help-block">This option enables all "Login Security" options, including two-factor authentication, strong password enforcement, and invalid login throttling. You can modify individual options further down this page.</span>
</div>
</div>
<div class="wf-form-group">
<label for="liveTrafficEnabled" class="wf-col-sm-5 wf-control-label">Enable Live Traffic View <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_Live_Traffic_View" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="liveTrafficEnabled" class="wfConfigElem" name="liveTrafficEnabled" value="1" <?php $w->cb( 'liveTrafficEnabled' ); ?> onclick="WFAD.reloadConfigPage = true; return true;"></div>
<span class="wf-help-block">This option enables live traffic logging.</span>
</div>
</div>
<div class="wf-form-group">
<label for="advancedCommentScanning" class="wf-col-sm-5 wf-control-label">Advanced Comment Spam Filter <a href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Comment_Spam_Filter" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="advancedCommentScanning" class="wfConfigElem" name="advancedCommentScanning" value="1" <?php $w->cbp( 'advancedCommentScanning' ); if (!wfConfig::get('isPaid')) { ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#advancedCommentScanning').attr('checked', false); return false;" <?php } ?>></div>
<span class="wf-help-block"><span style="color: #F00;">Premium Feature</span> In addition to free comment filtering (see below) this option filters comments against several additional real-time lists of known spammers and infected hosts.</span>
</div>
</div>
<div class="wf-form-group">
<label for="spamvertizeCheck" class="wf-col-sm-5 wf-control-label">Check if this website is being "Spamvertised" <a href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_is_being_.22Spamvertized.22" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="spamvertizeCheck" class="wfConfigElem" name="spamvertizeCheck" value="1" <?php $w->cbp('spamvertizeCheck'); if (!wfConfig::get('isPaid')) { ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#spamvertizeCheck').attr('checked', false); return false;" <?php } ?>></div>
<span class="wf-help-block"><span style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam services if your site domain name is appearing as a link in spam emails.</span>
</div>
</div>
<div class="wf-form-group">
<label for="checkSpamIP" class="wf-col-sm-5 wf-control-label">Check if this website IP is generating spam <a href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_IP_is_generating_spam" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="checkSpamIP" class="wfConfigElem" name="checkSpamIP" value="1" <?php $w->cbp( 'checkSpamIP' ); if (!wfConfig::get('isPaid')) { ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#checkSpamIP').attr('checked', false); return false;" <?php } ?>></div>
<span class="wf-help-block"><span style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam services if your website IP address is listed as a known source of spam email.</span>
</div>
</div>
<div class="wf-form-group">
<label for="scheduledScansEnabled" class="wf-col-sm-5 wf-control-label">Enable automatic scheduled scans <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_automatic_scheduled_scans" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb( 'scheduledScansEnabled' ); ?>></div>
<span class="wf-help-block">Regular scans ensure your site stays secure.</span>
</div>
</div>
<div class="wf-form-group">
<label for="autoUpdate" class="wf-col-sm-5 wf-control-label">Update Wordfence automatically when a new version is released? <a href="http://docs.wordfence.com/en/Wordfence_options#Update_Wordfence_Automatically_when_a_new_version_is_released" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="autoUpdate" class="wfConfigElem" name="autoUpdate" value="1" <?php $w->cb( 'autoUpdate' ); ?>></div>
<span class="wf-help-block">Automatically updates Wordfence to the newest version within 24 hours of a new release.<br>
<?php if (getenv('noabort') != '1' && stristr($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false) { ?>
<span style="color: #F00;">Warning: </span>You are running LiteSpeed web server and you don't have the "noabort" variable set in your .htaccess.<br>
<a href="https://docs.wordfence.com/en/LiteSpeed_aborts_Wordfence_scans_and_updates._How_do_I_prevent_that%3F" target="_blank">Please read this article in our FAQ to make an important change that will ensure your site stability during an update.<br>
<?php } ?></span>
</div>
</div>
<div class="wf-form-group">
<label for="alertEmails" class="wf-col-sm-5 wf-control-label">Where to email alerts <a href="http://docs.wordfence.com/en/Wordfence_options#Where_to_email_alerts" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" id="alertEmails" name="alertEmails" class="wf-form-control" value="<?php $w->f( 'alertEmails' ); ?>" size="50">
<span class="wf-help-block">Separate multiple emails with commas.</span>
</div>
</div>
<div class="wf-form-group">
<label for="howGetIPs" class="wf-col-sm-5 wf-control-label">How does Wordfence get IPs <a href="http://docs.wordfence.com/en/Wordfence_options#How_does_Wordfence_get_IPs" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="howGetIPs" name="howGetIPs" class="wf-form-control">
<option value="">Let Wordfence use the most secure method to get visitor IP addresses. Prevents spoofing and works with most sites.</option>
<option value="REMOTE_ADDR"<?php $w->sel( 'howGetIPs', 'REMOTE_ADDR' ); ?>>Use PHP's built in REMOTE_ADDR and don't use anything else. Very secure if this is compatible with your site.</option>
<option value="HTTP_X_FORWARDED_FOR"<?php $w->sel( 'howGetIPs', 'HTTP_X_FORWARDED_FOR' ); ?>>Use the X-Forwarded-For HTTP header. Only use if you have a front-end proxy or spoofing may result.</option>
<option value="HTTP_X_REAL_IP"<?php $w->sel( 'howGetIPs', 'HTTP_X_REAL_IP' ); ?>>Use the X-Real-IP HTTP header. Only use if you have a front-end proxy or spoofing may result.</option>
<option value="HTTP_CF_CONNECTING_IP"<?php $w->sel( 'howGetIPs', 'HTTP_CF_CONNECTING_IP' ); ?>>Use the Cloudflare "CF-Connecting-IP" HTTP header to get a visitor IP. Only use if you're using Cloudflare.</option>
</select>
</div>
</div>
<div class="wf-form-group">
<div class="wf-col-sm-7 wf-col-sm-offset-5">
<a class="wf-btn wf-btn-primary wf-btn-callout" href="#" onclick="WFAD.saveConfig(); return false;">Save Options</a> <div class="wfAjax24"></div><span class="wfSavedMsg"> Your changes have been saved!</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerBasicOptions"></div>
<h2>Advanced Options <a href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Options" target="_blank" class="wfhelp"></a></h2>
<div class="wf-form-group">
<div class="wf-col-sm-9">
<span class="wf-help-block">Wordfence works great out of the box for most websites. Simply install Wordfence and your site and content is protected. For finer granularity of control, we have provided advanced options.</span>
</div>
</div>
<div id="wfConfigAdvanced">
<h3>Alerts <a href="http://docs.wordfence.com/en/Wordfence_options#Alerts" target="_blank" class="wfhelp"></a></h3>
<?php
$emails = wfConfig::getAlertEmails();
if (count($emails) < 1):
?>
<div class="wf-form-group">
<div class="wf-col-sm-9">
<span class="wf-help-block" style="color: #ff0000;">You have not configured an email to receive alerts yet. Set this up under "Basic Options" above.</span>
</div>
</div>
<?php
endif;
?>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'alertOn_update',
'label' => 'Email me when Wordfence is automatically updated',
'help' => 'If you have automatic updates enabled (see above), you\'ll get an email when an update occurs.',
),
array(
'id' => 'alertOn_wordfenceDeactivated',
'label' => 'Email me if Wordfence is deactivated',
),
array(
'id' => 'alertOn_critical',
'label' => 'Alert on critical problems',
),
array(
'id' => 'alertOn_warnings',
'label' => 'Alert on warnings',
),
array(
'id' => 'alertOn_block',
'label' => 'Alert when an IP address is blocked',
),
array(
'id' => 'alertOn_loginLockout',
'label' => 'Alert when someone is locked out from login',
),
array(
'id' => 'alertOn_lostPasswdForm',
'label' => 'Alert when the "lost password" form is used for a valid user',
),
array(
'id' => 'alertOn_adminLogin',
'label' => 'Alert me when someone with administrator access signs in',
'subs' => array(
array(
'id' => 'alertOn_firstAdminLoginOnly',
'label' => 'Only alert me when that administrator signs in from a new device or location',
),
)
),
array(
'id' => 'alertOn_nonAdminLogin',
'label' => 'Alert me when a non-admin user signs in',
'subs' => array(
array(
'id' => 'alertOn_firstNonAdminLoginOnly',
'label' => 'Only alert me when that user signs in from a new device or location',
),
)
),
array(
'id' => 'wafAlertOnAttacks',
'label' => 'Alert me when there\'s a large increase in attacks detected on my site',
),
);
foreach ($options as $o):
?>
<div class="wf-form-group">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?>></div>
<?php if (isset($o['help'])): ?>
<span class="wf-help-block"><?php echo $o['help']; ?></span>
<?php endif; ?>
</div>
</div>
<?php if (isset($o['subs'])): ?>
<?php foreach ($o['subs'] as $s): ?>
<div class="wf-form-group wf-sub-group">
<label for="<?php echo $s['id']; ?>" class="wf-col-sm-4 wf-col-sm-offset-1 wf-control-label"><?php echo $s['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $s['id']; ?>" class="wfConfigElem" name="<?php echo $s['id']; ?>" value="1" <?php $w->cb($s['id']); ?>></div>
<?php if (isset($s['help'])): ?>
<span class="wf-help-block"><?php echo $s['help']; ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
<?php
endforeach;
?>
<div class="wf-form-group">
<label for="alert_maxHourly" class="wf-col-sm-5 wf-control-label">Maximum email alerts to send per hour</label>
<div class="wf-col-sm-7">
<input type="text" id="alert_maxHourly" name="alert_maxHourly" class="wf-form-control" value="<?php $w->f( 'alert_maxHourly' ); ?>" size="4">
<span class="wf-help-block">0 or empty means unlimited alerts will be sent.</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerEmailSummary"></div>
<h3>Email Summary <a href="http://docs.wordfence.com/en/Wordfence_options#Email_Summary" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="email_summary_enabled" class="wf-col-sm-5 wf-control-label">Enable email summary</label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="email_summary_enabled" class="wfConfigElem" name="email_summary_enabled" value="1" <?php $w->cb('email_summary_enabled'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="email_summary_interval" class="wf-col-sm-5 wf-control-label">Email summary frequency</label>
<div class="wf-col-sm-7">
<select id="email_summary_interval" name="email_summary_interval" class="wf-form-control">
<option value="daily"<?php $w->sel( 'email_summary_interval', 'daily' ); ?>>Once a day</option>
<option value="weekly"<?php $w->sel( 'email_summary_interval', 'weekly' ); ?>>Once a week</option>
<option value="monthly"<?php $w->sel( 'email_summary_interval', 'monthly' ); ?>>Once a month</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="email_summary_excluded_directories" class="wf-col-sm-5 wf-control-label">Comma-separated list of directories to exclude from recently modified file list</label>
<div class="wf-col-sm-7">
<input type="text" id="email_summary_excluded_directories" name="email_summary_excluded_directories" class="wf-form-control" value="<?php $w->f( 'email_summary_excluded_directories' ); ?>">
</div>
</div>
<?php if ((defined('WP_DEBUG') && WP_DEBUG) || wfConfig::get('debugOn', 0)): ?>
<div class="wf-form-group">
<label for="email_summary_email_address_debug" class="wf-col-sm-5 wf-control-label">Send test email</label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<input type="email" id="email_summary_email_address_debug" class="wf-form-control">
<a class="wf-btn wf-btn-sm wf-btn-default" href="javascript:void(0);" onclick="WFAD.ajax('wordfence_email_summary_email_address_debug', {email: jQuery('#email_summary_email_address_debug').val()});">Send Email</a>
</div>
</div>
</div>
<?php endif; ?>
<div class="wf-form-group">
<label for="email_summary_dashboard_widget_enabled" class="wf-col-sm-5 wf-control-label">Enable activity report widget on dashboard</label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="email_summary_dashboard_widget_enabled" class="wfConfigElem" name="email_summary_dashboard_widget_enabled" value="1" <?php $w->cb('email_summary_dashboard_widget_enabled'); ?>></div>
</div>
</div>
<div class="wfMarker" id="wfMarkerLiveTrafficOptions"></div>
<h3>Live Traffic View <a href="http://docs.wordfence.com/en/Wordfence_options#Live_Traffic_View" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="liveTraf_ignorePublishers" class="wf-col-sm-5 wf-control-label">Don't log signed-in users with publishing access</label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="liveTraf_ignorePublishers" class="wfConfigElem" name="liveTraf_ignorePublishers" value="1" <?php $w->cb('liveTraf_ignorePublishers'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_ignoreUsers" class="wf-col-sm-5 wf-control-label">List of comma separated usernames to ignore</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_ignoreUsers" name="liveTraf_ignoreUsers" class="wf-form-control" value="<?php $w->f( 'liveTraf_ignoreUsers' ); ?>">
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_ignoreIPs" class="wf-col-sm-5 wf-control-label">List of comma separated IP addresses to ignore</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_ignoreIPs" name="liveTraf_ignoreIPs" class="wf-form-control" value="<?php $w->f( 'liveTraf_ignoreIPs' ); ?>">
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_ignoreUA" class="wf-col-sm-5 wf-control-label">Browser user-agent to ignore</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_ignoreUA" name="liveTraf_ignoreUA" class="wf-form-control" value="<?php $w->f( 'liveTraf_ignoreUA' ); ?>">
</div>
</div>
<div class="wf-form-group">
<label for="liveTraf_maxRows" class="wf-col-sm-5 wf-control-label">Amount of Live Traffic data to store (number of rows)</label>
<div class="wf-col-sm-7">
<input type="text" id="liveTraf_maxRows" name="liveTraf_maxRows" class="wf-form-control" value="<?php $w->f( 'liveTraf_maxRows' ); ?>">
</div>
</div>
<div class="wfMarker" id="wfMarkerScansToInclude"></div>
<h3>Scans to include <a href="http://docs.wordfence.com/en/Wordfence_options#Scans_to_Include" target="_blank" class="wfhelp"></a></h3>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'scansEnabled_public',
'label' => 'Scan public facing site for vulnerabilities <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site" target="_blank" class="wfhelp"></a>',
'premium' => true,
),
array(
'id' => 'scansEnabled_checkHowGetIPs',
'label' => 'Scan for misconfigured How does Wordfence get IPs <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_misconfigured_How_does_Wordfence_get_IPs" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_heartbleed',
'label' => 'Scan for the HeartBleed vulnerability <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_the_HeartBleed_vulnerability" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_checkReadableConfig',
'label' => 'Scan for publicly accessible configuration, backup, or log files <a href="http://docs.wordfence.com/en/Wordfence_options#Configuration_Readable" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_suspectedFiles',
'label' => 'Scan for publicly accessible quarantined files <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_publicly_accessible_quarantined_files" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_core',
'label' => 'Scan core files against repository versions for changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_core_files_against_repository_version_for_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_themes',
'label' => 'Scan theme files against repository versions for changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_theme_files_against_repository_versions_for_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_plugins',
'label' => 'Scan plugin files against repository versions for changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_plugin_files_against_repository_versions_for_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_coreUnknown',
'label' => 'Scan wp-admin and wp-includes for files not bundled with WordPress <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_wordpress_core_for_unknown_files" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_malware',
'label' => 'Scan for signatures of known malicious files <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_signatures_of_known_malicious_files" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_fileContents',
'label' => 'Scan file contents for backdoors, trojans and suspicious code <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_file_contents_for_backdoors.2C_trojans_and_suspicious_code" target="_blank" class="wfhelp"></a>',
'help' => '<a href="#add-more-rules" class="do-show" data-selector="#scan_include_extra">+ Add additional signatures</a>',
'subs' => array(
array(
'html' => '
<div class="wf-form-group wf-sub-group hidden" id="scan_include_extra">
<label for="scan_include_extra_field" class="wf-col-sm-4 wf-col-sm-offset-1 wf-control-label">Additional scan signatures</label>
<div class="wf-col-sm-7">
<textarea class="wf-form-control" rows="4" name="scan_include_extra" id="scan_include_extra_field">' . $w->getHTML('scan_include_extra') . '</textarea>
</div>
</div>
'
),
),
),
array(
'id' => 'scansEnabled_posts',
'label' => 'Scan posts for known dangerous URLs and suspicious content <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_posts_for_known_dangerous_URLs_and_suspicious_content" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_comments',
'label' => 'Scan comments for known dangerous URLs and suspicious content <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_comments_for_known_dangerous_URLs_and_suspicious_content" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_oldVersions',
'label' => 'Scan for out of date plugins, themes and WordPress versions <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_out_of_date_plugins.2C_themes_and_WordPress_versions" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_suspiciousAdminUsers',
'label' => 'Scan for admin users created outside of WordPress <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_admin_users_created_outside_of_WordPress" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_passwds',
'label' => 'Check the strength of passwords <a href="http://docs.wordfence.com/en/Wordfence_options#Check_the_strength_of_passwords" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_diskSpace',
'label' => 'Monitor disk space<a href="http://docs.wordfence.com/en/Wordfence_options#Monitor_disk_space" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_dns',
'label' => 'Scan for unauthorized DNS changes <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_unauthorized_DNS_changes" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_scanOutside',
'label' => 'Scan files outside your WordPress installation <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_files_outside_your_WordPress_installation" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_scanImages',
'label' => 'Scan images, binary, and other files as if they were executable <a href="http://docs.wordfence.com/en/Wordfence_options#Scan_image_files_as_if_they_were_executable" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'scansEnabled_highSense',
'label' => 'Enable HIGH SENSITIVITY scanning (may give false positives) <a href="http://docs.wordfence.com/en/Wordfence_options#Enable_HIGH_SENSITIVITY_scanning" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'lowResourceScansEnabled',
'label' => 'Use low resource scanning (reduces server load by lengthening the scan duration) <a href="http://docs.wordfence.com/en/Wordfence_options#Use_low_resource_scanning" target="_blank" class="wfhelp"></a>',
),
);
foreach ($options as $o):
?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?> <?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo 'disabled'; } ?>></div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php if (isset($o['subs'])): ?>
<?php foreach ($o['subs'] as $s): ?>
<?php if (isset($s['html'])): ?>
<?php echo $s['html']; ?>
<?php else: ?>
<div class="wf-form-group wf-sub-group">
<label for="<?php echo $s['id']; ?>" class="wf-col-sm-4 wf-col-sm-offset-1 wf-control-label"><?php echo $s['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $s['id']; ?>" class="wfConfigElem" name="<?php echo $s['id']; ?>" value="1" <?php $w->cb($s['id']); ?>></div>
<?php if (isset($s['help'])): ?>
<span class="wf-help-block"><?php echo $s['help']; ?></span>
<?php endif; ?>
</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
<?php endif; ?>
<?php
endforeach;
?>
<div class="wf-form-group">
<label for="scan_exclude" class="wf-col-sm-5 wf-control-label">Exclude files from scan that match these wildcard patterns (one per line) <a href="http://docs.wordfence.com/en/Wordfence_options#Exclude_files_from_scan_that_match_these_wildcard_patterns." target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="scan_exclude" class="wf-form-control" rows="4" name="scan_exclude"><?php echo wfUtils::cleanupOneEntryPerLine($w->getHTML( 'scan_exclude' )); ?></textarea>
</div>
</div>
<div class="wf-form-group">
<label for="scan_maxIssues" class="wf-col-sm-5 wf-control-label">Limit the number of issues sent in the scan results email <a href="https://docs.wordfence.com/en/Wordfence_options#Limit_the_number_of_issues_sent_in_the_scan_results_email" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="scan_maxIssues" id="scan_maxIssues" value="<?php $w->f( 'scan_maxIssues' ); ?>">
<span class="wf-help-block">0 or empty means unlimited issues will be sent.</span>
</div>
</div>
<div class="wf-form-group">
<label for="scan_maxDuration" class="wf-col-sm-5 wf-control-label">Time limit that a scan can run in seconds <a href="http://docs.wordfence.com/en/Wordfence_options#Time_limit_that_a_scan_can_run_in_seconds" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="scan_maxDuration" id="scan_maxDuration" value="<?php $w->f( 'scan_maxDuration' ); ?>">
<span class="wf-help-block">0 or empty means the default of <?php echo wfUtils::makeDuration(WORDFENCE_DEFAULT_MAX_SCAN_TIME); ?> will be used.</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerFirewallRules"></div>
<h3>Rate Limiting Rules <a href="http://docs.wordfence.com/en/Wordfence_options#Rate_Limiting_Rules" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="blockFakeBots" class="wf-col-sm-5 wf-control-label">Immediately block fake Google crawlers <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_fake_Google_crawlers:" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="blockFakeBots" name="blockFakeBots" value="1" <?php $w->cb('blockFakeBots'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="neverBlockBG" class="wf-col-sm-5 wf-control-label">How should we treat Google's crawlers <a href="http://docs.wordfence.com/en/Wordfence_options#How_should_we_treat_Google.27s_crawlers" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="neverBlockBG" class="wf-form-control" name="neverBlockBG">
<option value="neverBlockVerified"<?php $w->sel( 'neverBlockBG', 'neverBlockVerified' ); ?>>Verified Google crawlers have unlimited access to this site</option>
<option value="neverBlockUA"<?php $w->sel( 'neverBlockBG', 'neverBlockUA' ); ?>>Anyone claiming to be Google has unlimited access</option>
<option value="treatAsOtherCrawlers"<?php $w->sel( 'neverBlockBG', 'treatAsOtherCrawlers' ); ?>>Treat Google like any other Crawler</option>
</select>
</div>
</div>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'maxGlobalRequests',
'label' => 'If anyone\'s requests exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_anyone.27s_requests_exceed:" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'maxRequestsCrawlers',
'label' => 'If a crawler\'s page views exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_page_views_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'max404Crawlers',
'label' => 'If a crawler\'s pages not found (404s) exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_pages_not_found_.28404s.29_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'maxRequestsHumans',
'label' => 'If a human\'s page views exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_page_views_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'max404Humans',
'label' => 'If a human\'s pages not found (404s) exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_pages_not_found_.28404s.29_exceed" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'maxScanHits',
'label' => 'If 404s for known vulnerable URLs exceed <a href="http://docs.wordfence.com/en/Wordfence_options#If_404.27s_for_known_vulnerable_URL.27s_exceed" target="_blank" class="wfhelp"></a>',
),
);
foreach ($options as $o): ?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<select class="wf-form-control" id="<?php echo $o['id']; ?>" name="<?php echo $o['id']; ?>">
<option value="DISABLED"<?php $w->sel($o['id'], 'DISABLED'); ?>>Unlimited</option>
<option value="1"<?php $w->sel($o['id'], '1'); ?>>1 per minute</option>
<option value="2"<?php $w->sel($o['id'], '2'); ?>>2 per minute</option>
<option value="3"<?php $w->sel($o['id'], '3'); ?>>3 per minute</option>
<option value="4"<?php $w->sel($o['id'], '4'); ?>>4 per minute</option>
<option value="5"<?php $w->sel($o['id'], '5'); ?>>5 per minute</option>
<option value="10"<?php $w->sel($o['id'], '10'); ?>>10 per minute</option>
<option value="15"<?php $w->sel($o['id'], '15'); ?>>15 per minute</option>
<option value="30"<?php $w->sel($o['id'], '30'); ?>>30 per minute</option>
<option value="60"<?php $w->sel($o['id'], '60'); ?>>60 per minute</option>
<option value="120"<?php $w->sel($o['id'], '120'); ?>>120 per minute</option>
<option value="240"<?php $w->sel($o['id'], '240'); ?>>240 per minute</option>
<option value="480"<?php $w->sel($o['id'], '480'); ?>>480 per minute</option>
<option value="960"<?php $w->sel($o['id'], '960'); ?>>960 per minute</option>
<option value="1920"<?php $w->sel($o['id'], '1920'); ?>>1920 per minute</option>
</select>
<p class="wf-form-control-static">then</p>
<select class="wf-form-control" id="<?php echo $o['id']; ?>_action" name="<?php echo $o['id']; ?>_action">
<option value="throttle"<?php $w->sel($o['id'] . '_action', 'throttle'); ?>>throttle it</option>
<option value="block"<?php $w->sel($o['id'] . '_action', 'block'); ?>>block it</option>
</select>
</div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<div class="wf-form-group">
<label for="blockedTime" class="wf-col-sm-5 wf-control-label">How long is an IP address blocked when it breaks a rule <a href="http://docs.wordfence.com/en/Wordfence_options#How_long_is_an_IP_address_blocked_when_it_breaks_a_rule" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="blockedTime" class="wf-form-control" name="blockedTime">
<option value="60"<?php $w->sel( 'blockedTime', '60' ); ?>>1 minute</option>
<option value="300"<?php $w->sel( 'blockedTime', '300' ); ?>>5 minutes</option>
<option value="1800"<?php $w->sel( 'blockedTime', '1800' ); ?>>30 minutes</option>
<option value="3600"<?php $w->sel( 'blockedTime', '3600' ); ?>>1 hour</option>
<option value="7200"<?php $w->sel( 'blockedTime', '7200' ); ?>>2 hours</option>
<option value="21600"<?php $w->sel( 'blockedTime', '21600' ); ?>>6 hours</option>
<option value="43200"<?php $w->sel( 'blockedTime', '43200' ); ?>>12 hours</option>
<option value="86400"<?php $w->sel( 'blockedTime', '86400' ); ?>>1 day</option>
<option value="172800"<?php $w->sel( 'blockedTime', '172800' ); ?>>2 days</option>
<option value="432000"<?php $w->sel( 'blockedTime', '432000' ); ?>>5 days</option>
<option value="864000"<?php $w->sel( 'blockedTime', '864000' ); ?>>10 days</option>
<option value="2592000"<?php $w->sel( 'blockedTime', '2592000' ); ?>>1 month</option>
</select>
</div>
</div>
<div class="wfMarker" id="wfMarkerLoginSecurity"></div>
<h3>Login Security Options <a href="http://docs.wordfence.com/en/Wordfence_options#Login_Security_Options" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="blockedTime" class="wf-col-sm-5 wf-control-label">Enforce strong passwords <a href="http://docs.wordfence.com/en/Wordfence_options#Enforce_strong_passwords.3F" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select class="wf-form-control" id="loginSec_strongPasswds" name="loginSec_strongPasswds">
<option value="">Do not force users to use strong passwords</option>
<option value="pubs"<?php $w->sel( 'loginSec_strongPasswds', 'pubs' ); ?>>Force admins and publishers to use strong passwords (recommended)</option>
<option value="all"<?php $w->sel( 'loginSec_strongPasswds', 'all' ); ?>>Force all members to use strong passwords</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_maxFailures" class="wf-col-sm-5 wf-control-label">Lock out after how many login failures <a href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_login_failures" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_maxFailures" class="wf-form-control" name="loginSec_maxFailures">
<option value="1"<?php $w->sel( 'loginSec_maxFailures', '1' ); ?>>1</option>
<option value="2"<?php $w->sel( 'loginSec_maxFailures', '2' ); ?>>2</option>
<option value="3"<?php $w->sel( 'loginSec_maxFailures', '3' ); ?>>3</option>
<option value="4"<?php $w->sel( 'loginSec_maxFailures', '4' ); ?>>4</option>
<option value="5"<?php $w->sel( 'loginSec_maxFailures', '5' ); ?>>5</option>
<option value="6"<?php $w->sel( 'loginSec_maxFailures', '6' ); ?>>6</option>
<option value="7"<?php $w->sel( 'loginSec_maxFailures', '7' ); ?>>7</option>
<option value="8"<?php $w->sel( 'loginSec_maxFailures', '8' ); ?>>8</option>
<option value="9"<?php $w->sel( 'loginSec_maxFailures', '9' ); ?>>9</option>
<option value="10"<?php $w->sel( 'loginSec_maxFailures', '10' ); ?>>10</option>
<option value="20"<?php $w->sel( 'loginSec_maxFailures', '20' ); ?>>20</option>
<option value="30"<?php $w->sel( 'loginSec_maxFailures', '30' ); ?>>30</option>
<option value="40"<?php $w->sel( 'loginSec_maxFailures', '40' ); ?>>40</option>
<option value="50"<?php $w->sel( 'loginSec_maxFailures', '50' ); ?>>50</option>
<option value="100"<?php $w->sel( 'loginSec_maxFailures', '100' ); ?>>100</option>
<option value="200"<?php $w->sel( 'loginSec_maxFailures', '200' ); ?>>200</option>
<option value="500"<?php $w->sel( 'loginSec_maxFailures', '500' ); ?>>500</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_maxForgotPasswd" class="wf-col-sm-5 wf-control-label">Lock out after how many forgot password attempts <a href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_forgot_password_attempts" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_maxForgotPasswd" class="wf-form-control" name="loginSec_maxForgotPasswd">
<option value="1"<?php $w->sel( 'loginSec_maxForgotPasswd', '1' ); ?>>1</option>
<option value="2"<?php $w->sel( 'loginSec_maxForgotPasswd', '2' ); ?>>2</option>
<option value="3"<?php $w->sel( 'loginSec_maxForgotPasswd', '3' ); ?>>3</option>
<option value="4"<?php $w->sel( 'loginSec_maxForgotPasswd', '4' ); ?>>4</option>
<option value="5"<?php $w->sel( 'loginSec_maxForgotPasswd', '5' ); ?>>5</option>
<option value="6"<?php $w->sel( 'loginSec_maxForgotPasswd', '6' ); ?>>6</option>
<option value="7"<?php $w->sel( 'loginSec_maxForgotPasswd', '7' ); ?>>7</option>
<option value="8"<?php $w->sel( 'loginSec_maxForgotPasswd', '8' ); ?>>8</option>
<option value="9"<?php $w->sel( 'loginSec_maxForgotPasswd', '9' ); ?>>9</option>
<option value="10"<?php $w->sel( 'loginSec_maxForgotPasswd', '10' ); ?>>10</option>
<option value="20"<?php $w->sel( 'loginSec_maxForgotPasswd', '20' ); ?>>20</option>
<option value="30"<?php $w->sel( 'loginSec_maxForgotPasswd', '30' ); ?>>30</option>
<option value="40"<?php $w->sel( 'loginSec_maxForgotPasswd', '40' ); ?>>40</option>
<option value="50"<?php $w->sel( 'loginSec_maxForgotPasswd', '50' ); ?>>50</option>
<option value="100"<?php $w->sel( 'loginSec_maxForgotPasswd', '100' ); ?>>100</option>
<option value="200"<?php $w->sel( 'loginSec_maxForgotPasswd', '200' ); ?>>200</option>
<option value="500"<?php $w->sel( 'loginSec_maxForgotPasswd', '500' ); ?>>500</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_countFailMins" class="wf-col-sm-5 wf-control-label">Count failures over what time period <a href="http://docs.wordfence.com/en/Wordfence_options#Count_failures_over_what_time_period" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_countFailMins" class="wf-form-control" name="loginSec_countFailMins">
<option value="5"<?php $w->sel( 'loginSec_countFailMins', '5' ); ?>>5 minutes</option>
<option value="10"<?php $w->sel( 'loginSec_countFailMins', '10' ); ?>>10 minutes</option>
<option value="30"<?php $w->sel( 'loginSec_countFailMins', '30' ); ?>>30 minutes</option>
<option value="60"<?php $w->sel( 'loginSec_countFailMins', '60' ); ?>>1 hour</option>
<option value="120"<?php $w->sel( 'loginSec_countFailMins', '120' ); ?>>2 hours</option>
<option value="360"<?php $w->sel( 'loginSec_countFailMins', '360' ); ?>>6 hours</option>
<option value="720"<?php $w->sel( 'loginSec_countFailMins', '720' ); ?>>12 hours</option>
<option value="1440"<?php $w->sel( 'loginSec_countFailMins', '1440' ); ?>>1 day</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_lockoutMins" class="wf-col-sm-5 wf-control-label">Amount of time a user is locked out <a href="http://docs.wordfence.com/en/Wordfence_options#Amount_of_time_a_user_is_locked_out" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<select id="loginSec_lockoutMins" class="wf-form-control" name="loginSec_lockoutMins">
<option value="5"<?php $w->sel( 'loginSec_lockoutMins', '5' ); ?>>5 minutes</option>
<option value="10"<?php $w->sel( 'loginSec_lockoutMins', '10' ); ?>>10 minutes</option>
<option value="30"<?php $w->sel( 'loginSec_lockoutMins', '30' ); ?>>30 minutes</option>
<option value="60"<?php $w->sel( 'loginSec_lockoutMins', '60' ); ?>>1 hour</option>
<option value="120"<?php $w->sel( 'loginSec_lockoutMins', '120' ); ?>>2 hours</option>
<option value="360"<?php $w->sel( 'loginSec_lockoutMins', '360' ); ?>>6 hours</option>
<option value="720"<?php $w->sel( 'loginSec_lockoutMins', '720' ); ?>>12 hours</option>
<option value="1440"<?php $w->sel( 'loginSec_lockoutMins', '1440' ); ?>>1 day</option>
<option value="2880"<?php $w->sel( 'loginSec_lockoutMins', '2880' ); ?>>2 days</option>
<option value="7200"<?php $w->sel( 'loginSec_lockoutMins', '7200' ); ?>>5 days</option>
<option value="14400"<?php $w->sel( 'loginSec_lockoutMins', '14400' ); ?>>10 days</option>
<option value="28800"<?php $w->sel( 'loginSec_lockoutMins', '28800' ); ?>>20 days</option>
<option value="43200"<?php $w->sel( 'loginSec_lockoutMins', '43200' ); ?>>30 days</option>
<option value="86400"<?php $w->sel( 'loginSec_lockoutMins', '86400' ); ?>>60 days</option>
</select>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_lockInvalidUsers" class="wf-col-sm-5 wf-control-label">Immediately lock out invalid usernames <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_lock_out_invalid_usernames" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_lockInvalidUsers" name="loginSec_lockInvalidUsers" value="1" <?php $w->cb('loginSec_lockInvalidUsers'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_maskLoginErrors" class="wf-col-sm-5 wf-control-label">Don't let WordPress reveal valid users in login errors <a href="http://docs.wordfence.com/en/Wordfence_options#Don.27t_let_WordPress_reveal_valid_users_in_login_errors" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_maskLoginErrors" name="loginSec_maskLoginErrors" value="1" <?php $w->cb('loginSec_maskLoginErrors'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_blockAdminReg" class="wf-col-sm-5 wf-control-label">Prevent users registering 'admin' username if it doesn't exist <a href="http://docs.wordfence.com/en/Wordfence_options#Prevent_users_registering_.27admin.27_username_if_it_doesn.27t_exist" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_blockAdminReg" name="loginSec_blockAdminReg" value="1" <?php $w->cb('loginSec_blockAdminReg'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_disableAuthorScan" class="wf-col-sm-5 wf-control-label">Prevent discovery of usernames through '/?author=N' scans, the oEmbed API, and the WordPress REST API <a href="http://docs.wordfence.com/en/Wordfence_options#Prevent_discovery_of_usernames_through_.27.3F.2Fauthor.3DN.27_scans" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="loginSec_disableAuthorScan" name="loginSec_disableAuthorScan" value="1" <?php $w->cb('loginSec_disableAuthorScan'); ?>></div>
</div>
</div>
<div class="wf-form-group">
<label for="loginSec_userBlacklist" class="wf-col-sm-5 wf-control-label">Immediately block the IP of users who try to sign in as these usernames <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_the_IP_of_users_who_try_to_sign_in_as_these_usernames" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="loginSec_userBlacklist" class="wf-form-control" rows="4" name="loginSec_userBlacklist"><?php echo wfUtils::cleanupOneEntryPerLine($w->getHTML( 'loginSec_userBlacklist' )); ?></textarea>
<span class="wf-help-block">(One per line. Existing users won't be blocked.)</span>
</div>
</div>
<div class="wfMarker" id="wfMarkerOtherOptions"></div>
<h3>Other Options <a href="http://docs.wordfence.com/en/Wordfence_options#Other_Options" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="whitelisted" class="wf-col-sm-5 wf-control-label">Whitelisted IP addresses that bypass all rules <a href="http://docs.wordfence.com/en/Wordfence_options#Whitelisted_IP_addresses_that_bypass_all_rules" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="whitelisted" class="wf-form-control" rows="4" name="whitelisted"><?php echo esc_html(preg_replace('/,/', "\n", $w->get('whitelisted'))); ?></textarea>
<span class="wf-help-block">Whitelisted IPs must be separated by commas or placed on separate lines. You can specify ranges using the following format: 123.23.34.[1-50]<br/>Wordfence automatically whitelists <a href="http://en.wikipedia.org/wiki/Private_network" target="_blank">private networks</a> because these are not routable on the public Internet.</span>
</div>
</div>
<div class="wf-form-group">
<label for="bannedURLs" class="wf-col-sm-5 wf-control-label">Immediately block IPs that access these URLs <a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_IP.27s_that_access_these_URLs" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="bannedURLs" class="wf-form-control" rows="4" name="bannedURLs"><?php echo esc_html(preg_replace('/,/', "\n", $w->get('bannedURLs'))); ?></textarea>
<span class="wf-help-block">Separate multiple URLs with commas or place them on separate lines. Asterisks are wildcards, but use with care. If you see an attacker repeatedly probing your site for a known vulnerability you can use this to immediately block them. All URLs must start with a '/' without quotes and must be relative. e.g. /badURLone/, /bannedPage.html, /dont-access/this/URL/, /starts/with-*</span>
</div>
</div>
<div class="wf-form-group">
<label for="allowed404s" class="wf-col-sm-5 wf-control-label">Whitelisted 404 URLs (one per line) <a href="http://docs.wordfence.com/en/Wordfence_options#Whitelisted_404_URLs" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<textarea id="allowed404s" class="wf-form-control" rows="4" name="allowed404s"><?php echo $w->getHTML( 'allowed404s' ); ?></textarea>
<span class="wf-help-block">These URL patterns will be excluded from the throttling rules used to limit crawlers.</span>
</div>
</div>
<div class="wf-form-group">
<label for="wafAlertWhitelist" class="wf-col-sm-5 wf-control-label">Ignored IP addresses for Wordfence Web Application Firewall alerting</label>
<div class="wf-col-sm-7">
<textarea id="wafAlertWhitelist" class="wf-form-control" rows="4" name="wafAlertWhitelist"><?php echo esc_html(preg_replace('/,/', "\n", $w->get('wafAlertWhitelist'))); ?></textarea>
<span class="wf-help-block">Ignored IPs must be separated by commas or placed on separate lines. These addresses will be ignored from any alerts about increased attacks and can be used to ignore things like standalone website security scanners.</span>
</div>
</div>
<div class="wf-form-group hidden">
<label for="wafAlertThreshold" class="wf-col-sm-5 wf-control-label">Minimum number of blocked attacks before sending an alert</label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="wafAlertThreshold" id="wafAlertThreshold" value="<?php $w->f( 'wafAlertThreshold' ); ?>">
</div>
</div>
<div class="wf-form-group hidden">
<label for="wafAlertInterval" class="wf-col-sm-5 wf-control-label">Number of seconds to count the attacks over</label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="wafAlertInterval" id="wafAlertInterval" value="<?php $w->f( 'wafAlertInterval' ); ?>">
</div>
</div>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'other_hideWPVersion',
'label' => 'Hide WordPress version <a href="http://docs.wordfence.com/en/Wordfence_options#Hide_WordPress_version" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'showAdminBarMenu',
'label' => 'Show admin bar menu for administrators',
'hidden' => true,
),
array(
'id' => 'other_blockBadPOST',
'label' => 'Block IPs who send POST requests with blank User-Agent and Referer <a href="http://docs.wordfence.com/en/Wordfence_options#Block_IP.27s_who_send_POST_requests_with_blank_User-Agent_and_Referer" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_noAnonMemberComments',
'label' => 'Hold anonymous comments using member emails for moderation <a href="http://docs.wordfence.com/en/Wordfence_options#Hold_anonymous_comments_using_member_emails_for_moderation" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_scanComments',
'label' => 'Filter comments for malware and phishing URLs <a href="http://docs.wordfence.com/en/Wordfence_options#Filter_comments_for_malware_and_phishing_URL.27s" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_pwStrengthOnUpdate',
'label' => 'Check password strength on profile update <a href="http://docs.wordfence.com/en/Wordfence_options#Check_password_strength_on_profile_update" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'other_WFNet',
'label' => 'Participate in the Real-Time WordPress Security Network <a href="http://docs.wordfence.com/en/Wordfence_options#Participate_in_the_Real-Time_WordPress_Security_Network" target="_blank" class="wfhelp"></a>',
),
);
foreach ($options as $o):
?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?> <?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo 'disabled'; } ?>></div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<div class="wf-form-group">
<label for="maxMem" class="wf-col-sm-5 wf-control-label">How much memory should Wordfence request when scanning <a href="http://docs.wordfence.com/en/Wordfence_options#How_much_memory_should_Wordfence_request_when_scanning" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<input type="text" class="wf-form-control" name="maxMem" id="maxMem" value="<?php $w->f( 'maxMem' ); ?>">
<p class="wf-form-control-static">Megabytes</p>
</div>
</div>
</div>
<div class="wf-form-group">
<label for="maxExecutionTime" class="wf-col-sm-5 wf-control-label">Maximum execution time for each scan stage <a href="http://docs.wordfence.com/en/Wordfence_options#Maximum_execution_time_for_each_scan_stage" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="maxExecutionTime" id="maxExecutionTime" value="<?php $w->f( 'maxExecutionTime' ); ?>">
<span class="wf-help-block">Blank for default. Must be greater than 9.</span>
</div>
</div>
<div class="wf-form-group">
<label for="actUpdateInterval" class="wf-col-sm-5 wf-control-label">Update interval in seconds (2 is default) <a href="http://docs.wordfence.com/en/Wordfence_options#Update_interval_in_seconds" target="_blank" class="wfhelp"></a></label>
<div class="wf-col-sm-7">
<input type="text" class="wf-form-control" name="actUpdateInterval" id="actUpdateInterval" value="<?php $w->f( 'actUpdateInterval' ); ?>">
<span class="wf-help-block">Setting higher will reduce browser traffic but slow scan starts, live traffic & status updates.</span>
</div>
</div>
<?php
$options = array( //Contents should already be HTML-escaped as needed
array(
'id' => 'deleteTablesOnDeact',
'label' => 'Delete Wordfence tables and data on deactivation <a href="http://docs.wordfence.com/en/Wordfence_options#Delete_Wordfence_tables_and_data_on_deactivation.3F" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'disableCookies',
'label' => 'Disable Wordfence Cookies <a href="http://docs.wordfence.com/en/Wordfence_options#Disable_Wordfence_Cookies" target="_blank" class="wfhelp"></a>',
'help' => 'When enabled, all visits in live traffic will appear to be new visits.',
),
array(
'id' => 'disableCodeExecutionUploads',
'label' => 'Disable Code Execution for Uploads directory <a href="http://docs.wordfence.com/en/Wordfence_options#Disable_Code_Execution_for_Uploads_directory" target="_blank" class="wfhelp"></a>',
),
array(
'id' => 'ajaxWatcherDisabled_front',
'label' => 'Monitor Front-end Background Requests for False Positives',
'hidden' => true,
),
array(
'id' => 'ajaxWatcherDisabled_admin',
'label' => 'Monitor Admin Panel Background Requests for False Positives',
'hidden' => true,
),
array(
'id' => 'disableWAFIPBlocking',
'label' => 'Delay IP and Country blocking until after WordPress and plugins have loaded (only process firewall rules early)',
'hidden' => true,
),
);
foreach ($options as $o):
?>
<div class="wf-form-group<?php if (isset($o['hidden']) && $o['hidden']) { echo ' hidden'; } ?>">
<label for="<?php echo $o['id']; ?>" class="wf-col-sm-5 wf-control-label"><?php echo $o['label']; ?></label>
<div class="wf-col-sm-7">
<div class="wf-checkbox"><input type="checkbox" id="<?php echo $o['id']; ?>" class="wfConfigElem" name="<?php echo $o['id']; ?>" value="1" <?php $w->cb($o['id']); ?> <?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo 'disabled'; } ?>></div>
<?php if (isset($o['help']) || (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium'])): ?>
<span class="wf-help-block"><?php if (!wfConfig::get('isPaid') && isset($o['premium']) && $o['premium']) { echo '<span style="color: #F00;">Premium Feature</span> This feature requires a <a href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Wordfence Premium Key</a>. '; } ?><?php if (isset($o['help'])) { echo $o['help']; } ?></span>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
<div class="wfMarker" id="wfMarkerExportOptions"></div>
<h3>Exporting and Importing Wordfence Settings <a href="http://docs.wordfence.com/en/Wordfence_options#Exporting_and_Importing_Wordfence_Settings" target="_blank" class="wfhelp"></a></h3>
<div class="wf-form-group">
<label for="exportSettingsBut" class="wf-col-sm-5 wf-control-label">Export this site's Wordfence settings for import on another site</label>
<div class="wf-col-sm-7">
<input type="button" class="wf-btn wf-btn-sm wf-btn-default" id="exportSettingsBut" value="Export Wordfence Settings" onclick="WFAD.exportSettings(); return false;">
</div>
</div>
<div class="wf-form-group">
<label for="importToken" class="wf-col-sm-5 wf-control-label">Import Wordfence settings from another site using a token</label>
<div class="wf-col-sm-7">
<div class="wf-form-inline">
<input type="text" class="wf-form-control" id="importToken">
<input type="button" class="wf-btn wf-btn-sm wf-btn-default" name="importSettingsButton" value="Import Settings" onclick="WFAD.importSettings(jQuery('#importToken').val()); return false;">
</div>
</div>
</div>
<div class="wf-form-group">
<div class="wf-col-sm-7 wf-col-sm-offset-5">
<a class="wf-btn wf-btn-primary wf-btn-callout" href="#" onclick="WFAD.saveConfig(); return false;">Save Options</a> <div class="wfAjax24"></div><span class="wfSavedMsg"> Your changes have been saved!</span>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
<script type="application/javascript">
(function($) {
$(document).on('ready', function() {
if (window.location.hash) {
var hashes = window.location.hash.split('#');
var animatedOnce = false;
for (var i = 0; i < hashes.length; i++) {
var hash = hashes[i];
if (/^focus-/.test(hash)) {
var elementID = hash.replace('focus-', '');
var wrapper = $('#' + elementID).closest('.wf-form-group');
wrapper.addClass('wf-focus');
if (!animatedOnce) {
$('html, body').animate({
scrollTop: wrapper.offset().top - 100
}, 1000);
animatedOnce = true;
}
}
}
}
});
})(jQuery);
</script>
<script type="text/x-jquery-template" id="wfContentBasicOptions">
<div>
<h3>Basic Options</h3>
<p>
Using Wordfence is simple. Install Wordfence, enter an email address on this page to send alerts to, and
then do your first scan and work through the security alerts we provide.
We give you a few basic security levels to choose from, depending on your needs. Remember to hit the "Save"
button to save any changes you make.
</p>
<p>
If you use the free edition of Wordfence, you don't need to worry about entering an API key in the "API Key"
field above. One is automatically created for you. If you choose to <a
href="https://www.wordfence.com/gnl1optUpg1/wordfence-signup/" target="_blank">upgrade to Wordfence Premium
edition</a>, you will receive an API key. You will need to copy and paste that key into the "API Key"
field above and hit "Save" to activate your key.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentLiveTrafficOptions">
<div>
<h3>Live Traffic Options</h3>
<p>
These options let you ignore certain types of visitors, based on their level of access, usernames, IP
address or browser type.
If you run a very high traffic website where it is not feasible to see your visitors in real-time, simply
un-check the live traffic option and nothing will be written to the Wordfence tracking tables.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentScansToInclude">
<div>
<h3>Scans to Include</h3>
<p>
This section gives you the ability to fine-tune what we scan.
If you use many themes or plugins from the public WordPress directory we recommend you
enable theme and plugin scanning. This will verify the integrity of all these themes and plugins and alert
you of any changes.
<p>
<p>
The option to "scan files outside your WordPress installation" will cause Wordfence to do a much wider
security scan
that is not limited to your base WordPress directory and known WordPress subdirectories. This scan may take
longer
but can be very useful if you have other infected files outside this WordPress installation that you would
like us to look for.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentFirewallRules">
<div>
<h3>Rate Limiting Rules</h3>
<p>
<strong>NOTE:</strong> Before modifying these rules, make sure you have access to the email address
associated with this site's administrator account. If you accidentally lock yourself out, you will be given
the option
to enter that email address and receive an "unlock email" which will allow you to regain access.
</p>
<p>
<strong>Tips:</strong>
<p>• If you choose to limit the rate at which your site can be accessed, you need to customize the
settings for your site.</p>
<p>• If your users usually skip quickly between pages, you should set the values for human visitors to be
high.</p>
<p>• If you are aggressively crawled by non-Google crawlers like Baidu, you should set the page view limit
for crawlers to a high value.</p>
<p>• If you are currently under attack and want to aggressively protect your site or your content, you can
set low values for most options.</p>
<p>• In general we recommend you don't block fake Google crawlers unless you have a specific problem with
someone stealing your content.</p>
<p>
Remember that as long as you have your administrator email set correctly in this site's user administration,
and you are able to receive email at that address,
you will be able to regain access if you are accidentally locked out because your rules are too strict.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentLoginSecurity">
<div>
<h3>Login Security</h3>
<p>
We have found that real brute force login attacks make hundreds or thousands of requests trying to guess
passwords or user login names.
So in general you can leave the number of failed logins before a user is locked out as a fairly high number.
We have found that blocking after 20 failed attempts is sufficient for most sites and it allows your real
site users enough
attempts to guess their forgotten passwords without getting locked out.
</p>
</div>
</script>
<script type="text/x-jquery-template" id="wfContentOtherOptions">
<div>
<h3>Other Options</h3>
<p>
We have worked hard to make Wordfence memory efficient and much of the heavy lifting is done for your site
by our cloud scanning servers in our Seattle data center.
On most sites Wordfence will only use about 8 megabytes of additional memory when doing a scan, even if you
have large files or a large number of files.
You should not have to adjust the maximum memory that Wordfence can use, but we have provided the option.
Remember that this does not affect the actual memory usage of Wordfence, simply the maximum Wordfence can
use if it needs to.
</p>
<p>
You may find debugging mode helpful if Wordfence is not able to start a scan on your site or
if you are experiencing some other problem. Enable debugging by checking the box, save your options
and then try to do a scan. You will notice a lot more output on the "Scan" page.
</p>
<p>
If you decide to permanently remove Wordfence, you can choose the option to delete all data on deactivation.
We also provide helpful links at the bottom of this page which lets you see your systems configuration and
test how
much memory your host really allows you to use.
</p>
<p>
Thanks for completing this tour and I'm very happy to have you as our newest Wordfence customer. Don't
forget to <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">rate us 5 stars if you
love Wordfence</a>.<br/>
<br/>
<strong>Mark Maunder</strong> - Wordfence Creator.
</p>
</div>
</script>