Changeset 998103

Timestamp:

09/28/2014 07:40:27 PM (11 years ago)

Author:

cbergen

Message:

tagging v1.1.0

Location:

gauntlet-security

Files:

• tags/1.1.0 (copied) (copied from gauntlet-security/trunk)
• tags/1.1.0/README.txt (modified) (4 diffs)
• tags/1.1.0/admin/assets/js/admin.js (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_AdminCount.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_BmuhtMit.php (modified) (2 diffs)
• tags/1.1.0/admin/includes/classes/gus_CommonPasswords.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_DirectoryIndexing.php (modified) (3 diffs)
• tags/1.1.0/admin/includes/classes/gus_ExecutableUploads.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_FileEditing.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_FilePermissions.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_KeysAndSalts.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_PhpAllowUrl.php (modified) (2 diffs)
• tags/1.1.0/admin/includes/classes/gus_PhpDisplayErrors.php (modified) (6 diffs)
• tags/1.1.0/admin/includes/classes/gus_PhpFunctions.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_PluginAudit.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_SecureIncludes.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_SslAdmin.php (modified) (2 diffs)
• tags/1.1.0/admin/includes/classes/gus_TestBase.php (modified) (3 diffs)
• tags/1.1.0/admin/includes/classes/gus_TestRunner.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_UserNames.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_WpContentLocation.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_WpGenerator.php (modified) (1 diff)
• tags/1.1.0/admin/includes/classes/gus_WpVersion.php (modified) (1 diff)
• tags/1.1.0/gauntlet-security.php (modified) (1 diff)
• trunk/README.txt (modified) (4 diffs)
• trunk/admin/assets/js/admin.js (modified) (1 diff)
• trunk/admin/includes/classes/gus_AdminCount.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_BmuhtMit.php (modified) (2 diffs)
• trunk/admin/includes/classes/gus_CommonPasswords.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_DirectoryIndexing.php (modified) (3 diffs)
• trunk/admin/includes/classes/gus_ExecutableUploads.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_FileEditing.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_FilePermissions.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_KeysAndSalts.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_PhpAllowUrl.php (modified) (2 diffs)
• trunk/admin/includes/classes/gus_PhpDisplayErrors.php (modified) (6 diffs)
• trunk/admin/includes/classes/gus_PhpFunctions.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_PluginAudit.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_SecureIncludes.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_SslAdmin.php (modified) (2 diffs)
• trunk/admin/includes/classes/gus_TestBase.php (modified) (3 diffs)
• trunk/admin/includes/classes/gus_TestRunner.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_UserNames.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_WpContentLocation.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_WpGenerator.php (modified) (1 diff)
• trunk/admin/includes/classes/gus_WpVersion.php (modified) (1 diff)
• trunk/gauntlet-security.php (modified) (1 diff)

gauntlet-security/tags/1.1.0/README.txt

@@ -5 +5 @@
 Requires at least: 3.4
 Tested up to: 4.0
-Stable tag: 1.0.1
+Stable tag: 1.1.0
 License: GPLv3
 License URI: http://www.gnu.org/licenses/gpl-3.0.html
 
-Performs a detailed security analysis of your WordPress installation. Gives tips on how to make your site more secure.
+Performs a detailed security analysis of your WordPress installation. Suggests ways to make your site more secure.
 
 == Description ==
@@ -24 +24 @@
 * Block files in the includes directory
 * Rename or move the content directory
+* Make sure your server is not vulnerable to the Shellshock Bash bug
 * Disable dangerous PHP functions
 * Disable allow_url_include and allow_url_fopen PHP flags
@@ -44 +45 @@
 * Users should not display their login usernames publicly
 * Prevent username enumeration through standard author URLs
-* ...more tests are planned
+* ...more tests planned
 
 Check the [screenshots](screenshots) tab above for more detail on some of the above features.
@@ -98 +99 @@
 == Changelog ==
 
+= 1.1.0 =
+* New test: Check for Shellshock bug
+* Enhancement: Add reference links to many tests for more information
+* Enhancement: Improve PHP display errors check
+* Enhancement: Improve TimThumb check
+
 = 1.0.1 =
 * Fix: TimThumb test

gauntlet-security/tags/1.1.0/admin/assets/js/admin.js

@@ -18 +18 @@
             */
             var tests = [
-                ['gus_FilePermissions', 'slow'],
-                ['gus_DirectoryIndexing', 2],
-                ['gus_ExecutableUploads', 2],
-                ['gus_SecureIncludes', 2],
-                ['gus_WpContentLocation', 2],
-                ['gus_PhpFunctions', 2],
-                ['gus_PhpAllowUrl', 2],
-                ['gus_DbPassword', 2],
-                ['gus_WpTable', 2],
-                ['gus_WpVersion', 2],
-                ['gus_PhpDisplayErrors', 2],
-                ['gus_FileEditing', 2],
-                ['gus_KeysAndSalts', 2],
-                ['gus_WpGenerator', 2],
-                ['gus_AnyoneCanRegister', 2],
-                ['gus_SslAdmin', 2],
-                ['gus_PluginAudit', 'slow'],
-                ['gus_UnusedThemes', 2],
-                ['gus_BmuhtMit', 'slow'],
-                ['gus_AdminUsername', 2],
-                ['gus_CommonPasswords', 'slow'],
-                ['gus_UserIdOne', 'slow'],
-                ['gus_AdminCount', 'slow'],
-                ['gus_NickNames', 'slow'],
-                ['gus_UserNames', 'slow']
+                ['gus_Shellshock', 'slow'],
+                ['gus_FilePermissions', 'slow'],
+                ['gus_DirectoryIndexing', 2],
+                ['gus_ExecutableUploads', 2],
+                ['gus_SecureIncludes', 2],
+                ['gus_WpContentLocation', 2],
+                ['gus_PhpFunctions', 2],
+                ['gus_PhpAllowUrl', 2],
+                ['gus_DbPassword', 2],
+                ['gus_WpTable', 2],
+                ['gus_WpVersion', 2],
+                ['gus_PhpDisplayErrors', 2],
+                ['gus_FileEditing', 2],
+                ['gus_KeysAndSalts', 2],
+                ['gus_WpGenerator', 2],
+                ['gus_AnyoneCanRegister', 2],
+                ['gus_SslAdmin', 2],
+                ['gus_PluginAudit', 'slow'],
+                ['gus_UnusedThemes', 2],
+                ['gus_BmuhtMit', 'slow'],
+                ['gus_AdminUsername', 2],
+                ['gus_CommonPasswords', 'slow'],
+                ['gus_UserIdOne', 'slow'],
+                ['gus_AdminCount', 'slow'],
+                ['gus_NickNames', 'slow'],
+                ['gus_UserNames', 'slow']
             ];
             var finished_tests = 0;

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_AdminCount.php

@@ -127 +127 @@
     }
 
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Brute_Force_Attacks'>Codex: Brute Force Attacks</a><br>
+
+EOD;
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_BmuhtMit.php

@@ -36 +36 @@
 
         $timthumb_keywords = array(
-            '/timthumb.php',
-            '/thumb.php',
-            '/pics.php',
-            '/image.php',
-            '/upload.php',
+            'image',
+            'img',
+            'pic',
+            'thumb',
+            'tim.php',
+            'tt.php',
+            'upload',
         );
         
@@ -48 +50 @@
 
             $file_part = strtolower(strrchr($path, '/'));
-            if( in_array ( $file_part, $timthumb_keywords ) )
-            {
-                error_log("checking... " . $path);
-
-                if( $file_handle = @fopen( $path, 'r' ) )
+
+            $suspicious = false;
+            foreach($timthumb_keywords as $k)
+            {
+                if( strpos( $file_part, $k ) !== false )
                 {
-                    $contents = @fread( $file_handle, 1250 ); // just the first few bytes
-                    @fclose($file_handle);
-                    
-                    $this->run_sub_test( array(
-                        'path' => $path,
-                        'contents' => $contents,
-                    ) );
+                    $suspicious = true;
+                    break;
                 }
+            }
+                
+            if( $suspicious && $file_handle = @fopen( $path, 'r' ) )
+            {
+                $contents = @fread( $file_handle, 1250 ); // just the first few bytes
+                @fclose($file_handle);
+                
+                $this->run_sub_test( array(
+                    'path' => $path,
+                    'contents' => $contents,
+                ) );
             }
         }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_CommonPasswords.php

@@ -182 +182 @@
         return 'Intermediate';
     }
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Brute_Force_Attacks'>Codex: Brute Force Attacks</a><br>
+
+EOD;
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_DirectoryIndexing.php

@@ -70 +70 @@
     protected function how_to_fix()
     {
+        $code1 = <<<EOD
+
+<IfModule mod_autoindex.c>
+Options -Indexes
+</IfModule>
+
+EOD;
+        $code1 = htmlentities(trim($code1));
+            
         return <<<EOD
             
@@ -77 +86 @@
         So to turn off directory indexing site-wide, add this to the .htaccess file in your web root:
         
-        <code class='prettyprint'>Options -Indexes</code>
+        <code class='prettyprint'>{$code1}</code>
         
 EOD;
@@ -86 +95 @@
         return 'Intermediate';
     }
+    
+    protected function references()
+    {
+        return <<<EOD
+            
+    <a href='https://github.com/h5bp/server-configs-apache'>Apache Server Configs: HTML5 Boilerplate</a><br>
+        
+EOD;
+    }
     
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_ExecutableUploads.php

@@ -150 +150 @@
         return "Intermediate";
     }
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://www.askapache.com/htaccess/using-filesmatch-and-files-in-htaccess.html'>Ask Apache: Using FilesMatch and Files in htaccess</a><br>
+        <a href='http://docstore.mik.ua/orelly/linux/apache/ch05_06.htm'>Apache: The Definitive Guide: 5.6. Order, Allow, and Deny</a><br>
+EOD;
+    }
+    
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_FileEditing.php

@@ -110 +110 @@
         return 'Easy';
     }   
-    
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Hardening_WordPress#Disable_File_Editing'>Codex: Disable File Editing - Hardening WordPress</a><br>
+
+EOD;
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_FilePermissions.php

@@ -220 +220 @@
         return 'Advanced';
     }
+    
+    protected function references()
+    {
+        return <<<EOD
+            
+            <a href='http://codex.wordpress.org/Hardening_WordPress#File_Permissions'>Codex: File Permissions - Hardening Wordpress</a><br>
+            <a href='http://codex.wordpress.org/Changing_File_Permissions'>Codex: Changing File Permissions</a>    
+        
+EOD;
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_KeysAndSalts.php

@@ -149 +149 @@
     }   
     
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Editing_wp-config.php#Security_Keys'>Codex: Security Keys - Editing wp-config.php</a><br>
+
+EOD;
+    }
+    
+    
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_PhpAllowUrl.php

@@ -129 +129 @@
         $code = <<<EOD
 
-allow_url_include = Off
-allow_url_fopen = Off
+allow_url_include = 'off'
+allow_url_fopen = 'off'
 
 EOD;
@@ -164 +164 @@
     }
     
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/HTTP_API'>Codex: HTTP API</a><br>
+        <a href='http://php.net/manual/en/features.remote-files.php'>PHP Manual: Using remote files</a><br>
+
+EOD;
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_PhpDisplayErrors.php

@@ -3 +3 @@
 class gus_PhpDisplayErrors extends gus_TestBase
 {
+    protected $test_table_show = true;
+    protected $test_table_headers = false;
+    protected $test_table_fail_only = false;
+
     protected function main_check()
     {
-        if( ! defined( 'WP_DEBUG' ) || WP_DEBUG == false )
-        {
-            $this->pass();
-        }
-        elseif( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY == false )
-        {
-            $this->pass();
+        $wp_debug = ( WP_DEBUG ) ? 'true' : 'false' ;
+        $wp_debug_log = ( WP_DEBUG_LOG ) ? 'true' : 'false' ;
+        $ini_display_errors = ( ini_get('display_errors') == '1' ) ? 'on' : 'off';
+        
+        if ( WP_DEBUG_DISPLAY )
+        {
+            $wp_debug_display = 'true';
+        }
+        elseif ( null !== WP_DEBUG_DISPLAY )
+        {
+            $wp_debug_display = 'false';
         }
         else
-        {
-            $this->critical_fail();
-        }
-    }
+        {
+            $wp_debug_display = 'null';
+        }
+
+        $configs = array(
+            'WP_DEBUG' => $wp_debug,
+            'WP_DEBUG_LOG' => $wp_debug_log,
+            'WP_DEBUG_DISPLAY' => $wp_debug_display,
+            "ini_set( 'display_errors' )" => $ini_display_errors,
+        );        
+
+        $this->run_sub_test( array(
+            'config' =>  'WP_DEBUG',
+            'configs' => $configs,
+        ) );
+        
+        /*
+            Only display WP_DEBUG_LOG if WP_DEBUG is true
+        */
+        if( WP_DEBUG )
+        {
+            $this->run_sub_test( array(
+                'config' =>  "WP_DEBUG_LOG",
+                'configs' => $configs,
+            ) );
+        }
+
+        /*
+            Only display WP_DEBUG_DISPLAY if WP_DEBUG is true
+        */
+        if( WP_DEBUG )
+        {
+            $this->run_sub_test( array(
+                'config' =>  "WP_DEBUG_DISPLAY",
+                'configs' => $configs,
+            ) );
+        }
+
+        if( (WP_DEBUG && WP_DEBUG_DISPLAY) || (WP_DEBUG && WP_DEBUG_DISPLAY == false) )
+        {
+            // No need to run the ini display_errors check
+        }
+        else
+        {
+            $this->run_sub_test( array(
+                'config' =>  "ini_set( 'display_errors' )",
+                'configs' => $configs,
+            ) );
+        }
+
+    }
+
+    protected function sub_test($args)
+    {
+        $config = $args['config'];
+        $configs = $args['configs'];
+
+
+        // Critical Fails...
+        
+        // WP_DEBUG         = true      (should be false)
+        // display_errors   = true      (should be false)      
+
+        // WP_DEBUG         = false
+        // display_errors   = true      (should be false)
+
+
+        // Fails...
+        
+        // WP_DEBUG         = true      (should be false)
+        // display_errors   = false
+
+
+        // Passes...
+        
+        // WP_DEBUG         = false
+        // display_errors   = false
+
+
+
+
+        if( $config == 'WP_DEBUG' )
+        {
+            if( WP_DEBUG && $configs["ini_set( 'display_errors' )"] == 'on' )
+            {
+                $pass = 'critical';
+            }
+            elseif( WP_DEBUG && $configs["ini_set( 'display_errors' )"] == 'off' )
+            {
+                $pass = 'fail';
+                $configs['WP_DEBUG'] = "<span class='error'>" . $configs['WP_DEBUG'] . "</span>";
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }
+        
+        if( $config == 'WP_DEBUG_LOG' )
+        {
+            if( $configs['WP_DEBUG_LOG'] == 'true' )
+            {
+                $pass = 'fail';
+                $configs['WP_DEBUG_LOG'] = "<span class='error'>" . $configs['WP_DEBUG_LOG'] . "</span>";
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }       
+        
+        if( $config == 'WP_DEBUG_DISPLAY' )
+        {
+            if( WP_DEBUG && $configs['WP_DEBUG_DISPLAY'] == 'null' && $configs["ini_set( 'display_errors' )"] == 'on' )
+            {
+                $pass = 'critical';
+            }
+            elseif( WP_DEBUG && $configs['WP_DEBUG_DISPLAY'] == 'true' )
+            {
+                $pass = 'critical';
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }       
+        
+        if( $config == "ini_set( 'display_errors' )" )
+        {
+            if( $configs["ini_set( 'display_errors' )"] == 'on' )
+            {
+                $pass = 'critical';
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }       
+        
+        return array(
+            'pass' => $pass,
+            'table_columns' => array(
+                'Config' => $config,
+                'Value' => $configs[$config],
+            ),
+        );
+        
+    }
+
 
     public function title()
@@ -28 +181 @@
             
             case 'fail':
+            return 'PHP errors are not being displayed to the user';
+            break;
+            
             case 'critical':
             return 'PHP errors are being displayed to the user';
@@ -48 +204 @@
             
             case 'fail':
+            return 'PHP errors are not being displayed to the user, but WP_DEBUG should be false';
+            break;
+            
             case 'critical':
-            return 'PHP errors are being displayed to the user';
+            return "PHP errors are being displayed to the user";
             break;
         }
@@ -66 +225 @@
     protected function how_to_fix()
     {
+        $code1 = <<<EOD
+
+define( 'WP_DEBUG', false );
+ini_set( 'display_errors', 'off' );
+
+EOD;
+        $code1 = trim($code1);
+        
         $code2 = <<<EOD
 
@@ -79 +246 @@
         return <<<EOD
 
-        If you are not doing any debugging on a public site then add this configuration option 
-        in wp-config.php:
-    
-        <code class='prettyprint'>define( 'WP_DEBUG', false );</code>
+        If you are not doing any debugging on a public site then add this to your wp-config.php:
+    
+        <code class='prettyprint'>{$code1}</code>
 
         If you are temporarily debugging a production site, then use this combination of settings:
@@ -100 +266 @@
         return 'Easy';
     }   
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Debugging_in_WordPress'>Codex: Debugging in WordPress</a><br>
+
+EOD;
+    }
+    
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_PhpFunctions.php

@@ -131 +131 @@
     }
 
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://stackoverflow.com/a/3697776/3976381'>Stack Overflow: Exploitable PHP functions</a><br>
+
+EOD;
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_PluginAudit.php

@@ -224 +224 @@
         return 'Easy';
     }
+    
+    
+    
+    protected function references()
+    {
+        return <<<EOD
+    
+        <a href='https://wordpress.org/plugins/'>WordPress Plugin Directory</a><br>
+        <a href='http://web.nvd.nist.gov/view/vuln/search-results?query=wordpress&search_type=all&cves=on'>National Vulnerability Database</a><br>
+
+EOD;
+    }
+    
 
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_SecureIncludes.php

@@ -148 +148 @@
 EOD;
     }
-    
-    protected function fix_difficulty()
-    {
-        return "Intermediate";
-    }
+    
+    protected function fix_difficulty()
+    {
+        return "Intermediate";
+    }
+    
+    protected function references()
+    {
+        return "<a href='http://codex.wordpress.org/Hardening_WordPress#Securing_wp-includes'>Codex: Securing wp-includes - Hardening Wordpress</a>";
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_SslAdmin.php

@@ -125 +125 @@
         <code class="prettyprint">define('FORCE_SSL_ADMIN', true);</code>
         
-        ...but setting up SSL on your server is not so simple. For more information, start here:
-        <a target='_blank' href='http://codex.wordpress.org/Administration_Over_SSL'>codex.wordpress.org/Administration_Over_SSL</a>
-        
+        ...but setting up SSL on your server is not so simple. (See the reference below more info.)
+        
 EOD;
     }
@@ -135 +134 @@
         return 'Advanced';
     }
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Administration_Over_SSL'>Codex: Administration Over SSL</a><br>
+
+EOD;
+    }
+    
     
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_TestBase.php

@@ -71 +71 @@
 
             case 'undetermined':
-                $this->undetermined();
+                if($this->pass !== 'critical')
+                {
+                    $this->undetermined();
+                }
             break;
         }
+        
+        return $sub_test;
     }
 
@@ -81 +86 @@
     protected function how_to_fix(){}
     protected function fix_difficulty(){}
+    protected function references(){}
     
     
@@ -238 +244 @@
 EOD;
         }
-        
-        if( $html = $this->how_to_fix() )
-        {
-            if( $difficulty = $this->fix_difficulty() )
-            {
-                $difficulty = "<p><strong>Difficulty:</strong> {$difficulty}</p>\n";
-            }
-            else
-            {
-                $difficulty = '';
-            }
-            
-            $this->message .= <<<EOD
-            
-            <div class='how_to_fix'>            
-                <h3>How can this be fixed?</h3>             
-                {$difficulty}       
-                {$html}             
-            </div>
-EOD;
-        }
+        
+        if( $html = $this->how_to_fix() )
+        {
+            if( $difficulty = $this->fix_difficulty() )
+            {
+                $difficulty = "<p><strong>Difficulty:</strong> {$difficulty}</p>\n";
+            }
+            else
+            {
+                $difficulty = '';
+            }
+            
+            $this->message .= <<<EOD
+            
+            <div class='how_to_fix'>            
+                <h3>How can this be fixed?</h3>                
+                {$difficulty}        
+                {$html}                
+            </div>
+EOD;
+        }
+        
+        if( $html = $this->references() )
+        {
+            $this->message .= <<<EOD
+            
+            <div class='recommendations'>
+                <h3>References</h3>
+                {$html}
+            </div>
+EOD;
+        }
     }
 

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_TestRunner.php

@@ -11 +11 @@
 
         // File access
+        $this->tests[] = array('gus_Shellshock', 'Files');
         $this->tests[] = array('gus_FilePermissions', 'Files');
         $this->tests[] = array('gus_DirectoryIndexing', 'Files');

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_UserNames.php

@@ -29 +29 @@
             /*
                 Also display the (redirected) permalink for the URL if applicable
-                    Ex: http://wp-security-plugin:8888/author/user-login
+                    Ex: http://example.com/author/user-login
             */
             if($response['response']['code'] == 301)

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_WpContentLocation.php

@@ -144 +144 @@
     }
     
+    protected function references()
+    {
+        return <<<EOD
+        
+        <a href='http://codex.wordpress.org/Determining_Plugin_and_Content_Directories'>Codex: Determining Plugin and Content Directories</a>
+EOD;
+    }
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_WpGenerator.php

@@ -129 +129 @@
         return 'Intermediate';
     }   
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://kovshenin.com/2013/dont-hide-the-fact-that-youre-using-wordpress/'>Konstantin Kovshenin: Don’t Hide the Fact That You’re Using WordPress</a><br>
+        <a href='http://plugins.twinpictures.de/wordpress-jquery-versions/'>Twinpictures: A History of jQuery Versions Included in WordPress</a><br>
+        <a href='http://www.virendrachandak.com/techtalk/how-to-remove-wordpress-version-parameter-from-js-and-css-files/'>Virendra Chandak: How To Remove WordPress Version Parameter From JS and CSS Files</a><br>
+
+EOD;
+    }
     
 }

gauntlet-security/tags/1.1.0/admin/includes/classes/gus_WpVersion.php

@@ -110 +110 @@
     }
     
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Updating_WordPress'>Codex: Updating WordPress</a><br>
+
+EOD;
+    }
+    
 
 }

gauntlet-security/tags/1.1.0/gauntlet-security.php

@@ -7 +7 @@
  * Author: Cornelius Bergen, Matchbox Creative
  * Author URI: http://matchboxcreative.com
- * Version: 1.0.1
+ * Version: 1.1.0
  * Text Domain: gauntlet
  */

gauntlet-security/trunk/README.txt

@@ -5 +5 @@
 Requires at least: 3.4
 Tested up to: 4.0
-Stable tag: 1.0.1
+Stable tag: 1.1.0
 License: GPLv3
 License URI: http://www.gnu.org/licenses/gpl-3.0.html
 
-Performs a detailed security analysis of your WordPress installation. Gives tips on how to make your site more secure.
+Performs a detailed security analysis of your WordPress installation. Suggests ways to make your site more secure.
 
 == Description ==
@@ -24 +24 @@
 * Block files in the includes directory
 * Rename or move the content directory
+* Make sure your server is not vulnerable to the Shellshock Bash bug
 * Disable dangerous PHP functions
 * Disable allow_url_include and allow_url_fopen PHP flags
@@ -44 +45 @@
 * Users should not display their login usernames publicly
 * Prevent username enumeration through standard author URLs
-* ...more tests are planned
+* ...more tests planned
 
 Check the [screenshots](screenshots) tab above for more detail on some of the above features.
@@ -98 +99 @@
 == Changelog ==
 
+= 1.1.0 =
+* New test: Check for Shellshock bug
+* Enhancement: Add reference links to many tests for more information
+* Enhancement: Improve PHP display errors check
+* Enhancement: Improve TimThumb check
+
 = 1.0.1 =
 * Fix: TimThumb test

gauntlet-security/trunk/admin/assets/js/admin.js

@@ -18 +18 @@
             */
             var tests = [
-                ['gus_FilePermissions', 'slow'],
-                ['gus_DirectoryIndexing', 2],
-                ['gus_ExecutableUploads', 2],
-                ['gus_SecureIncludes', 2],
-                ['gus_WpContentLocation', 2],
-                ['gus_PhpFunctions', 2],
-                ['gus_PhpAllowUrl', 2],
-                ['gus_DbPassword', 2],
-                ['gus_WpTable', 2],
-                ['gus_WpVersion', 2],
-                ['gus_PhpDisplayErrors', 2],
-                ['gus_FileEditing', 2],
-                ['gus_KeysAndSalts', 2],
-                ['gus_WpGenerator', 2],
-                ['gus_AnyoneCanRegister', 2],
-                ['gus_SslAdmin', 2],
-                ['gus_PluginAudit', 'slow'],
-                ['gus_UnusedThemes', 2],
-                ['gus_BmuhtMit', 'slow'],
-                ['gus_AdminUsername', 2],
-                ['gus_CommonPasswords', 'slow'],
-                ['gus_UserIdOne', 'slow'],
-                ['gus_AdminCount', 'slow'],
-                ['gus_NickNames', 'slow'],
-                ['gus_UserNames', 'slow']
+                ['gus_Shellshock', 'slow'],
+                ['gus_FilePermissions', 'slow'],
+                ['gus_DirectoryIndexing', 2],
+                ['gus_ExecutableUploads', 2],
+                ['gus_SecureIncludes', 2],
+                ['gus_WpContentLocation', 2],
+                ['gus_PhpFunctions', 2],
+                ['gus_PhpAllowUrl', 2],
+                ['gus_DbPassword', 2],
+                ['gus_WpTable', 2],
+                ['gus_WpVersion', 2],
+                ['gus_PhpDisplayErrors', 2],
+                ['gus_FileEditing', 2],
+                ['gus_KeysAndSalts', 2],
+                ['gus_WpGenerator', 2],
+                ['gus_AnyoneCanRegister', 2],
+                ['gus_SslAdmin', 2],
+                ['gus_PluginAudit', 'slow'],
+                ['gus_UnusedThemes', 2],
+                ['gus_BmuhtMit', 'slow'],
+                ['gus_AdminUsername', 2],
+                ['gus_CommonPasswords', 'slow'],
+                ['gus_UserIdOne', 'slow'],
+                ['gus_AdminCount', 'slow'],
+                ['gus_NickNames', 'slow'],
+                ['gus_UserNames', 'slow']
             ];
             var finished_tests = 0;

gauntlet-security/trunk/admin/includes/classes/gus_AdminCount.php

@@ -127 +127 @@
     }
 
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Brute_Force_Attacks'>Codex: Brute Force Attacks</a><br>
+
+EOD;
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_BmuhtMit.php

@@ -36 +36 @@
 
         $timthumb_keywords = array(
-            '/timthumb.php',
-            '/thumb.php',
-            '/pics.php',
-            '/image.php',
-            '/upload.php',
+            'image',
+            'img',
+            'pic',
+            'thumb',
+            'tim.php',
+            'tt.php',
+            'upload',
         );
         
@@ -48 +50 @@
 
             $file_part = strtolower(strrchr($path, '/'));
-            if( in_array ( $file_part, $timthumb_keywords ) )
-            {
-                error_log("checking... " . $path);
-
-                if( $file_handle = @fopen( $path, 'r' ) )
+
+            $suspicious = false;
+            foreach($timthumb_keywords as $k)
+            {
+                if( strpos( $file_part, $k ) !== false )
                 {
-                    $contents = @fread( $file_handle, 1250 ); // just the first few bytes
-                    @fclose($file_handle);
-                    
-                    $this->run_sub_test( array(
-                        'path' => $path,
-                        'contents' => $contents,
-                    ) );
+                    $suspicious = true;
+                    break;
                 }
+            }
+                
+            if( $suspicious && $file_handle = @fopen( $path, 'r' ) )
+            {
+                $contents = @fread( $file_handle, 1250 ); // just the first few bytes
+                @fclose($file_handle);
+                
+                $this->run_sub_test( array(
+                    'path' => $path,
+                    'contents' => $contents,
+                ) );
             }
         }

gauntlet-security/trunk/admin/includes/classes/gus_CommonPasswords.php

@@ -182 +182 @@
         return 'Intermediate';
     }
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Brute_Force_Attacks'>Codex: Brute Force Attacks</a><br>
+
+EOD;
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_DirectoryIndexing.php

@@ -70 +70 @@
     protected function how_to_fix()
     {
+        $code1 = <<<EOD
+
+<IfModule mod_autoindex.c>
+Options -Indexes
+</IfModule>
+
+EOD;
+        $code1 = htmlentities(trim($code1));
+            
         return <<<EOD
             
@@ -77 +86 @@
         So to turn off directory indexing site-wide, add this to the .htaccess file in your web root:
         
-        <code class='prettyprint'>Options -Indexes</code>
+        <code class='prettyprint'>{$code1}</code>
         
 EOD;
@@ -86 +95 @@
         return 'Intermediate';
     }
+    
+    protected function references()
+    {
+        return <<<EOD
+            
+    <a href='https://github.com/h5bp/server-configs-apache'>Apache Server Configs: HTML5 Boilerplate</a><br>
+        
+EOD;
+    }
     
 }

gauntlet-security/trunk/admin/includes/classes/gus_ExecutableUploads.php

@@ -150 +150 @@
         return "Intermediate";
     }
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://www.askapache.com/htaccess/using-filesmatch-and-files-in-htaccess.html'>Ask Apache: Using FilesMatch and Files in htaccess</a><br>
+        <a href='http://docstore.mik.ua/orelly/linux/apache/ch05_06.htm'>Apache: The Definitive Guide: 5.6. Order, Allow, and Deny</a><br>
+EOD;
+    }
+    
 }

gauntlet-security/trunk/admin/includes/classes/gus_FileEditing.php

@@ -110 +110 @@
         return 'Easy';
     }   
-    
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Hardening_WordPress#Disable_File_Editing'>Codex: Disable File Editing - Hardening WordPress</a><br>
+
+EOD;
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_FilePermissions.php

@@ -220 +220 @@
         return 'Advanced';
     }
+    
+    protected function references()
+    {
+        return <<<EOD
+            
+            <a href='http://codex.wordpress.org/Hardening_WordPress#File_Permissions'>Codex: File Permissions - Hardening Wordpress</a><br>
+            <a href='http://codex.wordpress.org/Changing_File_Permissions'>Codex: Changing File Permissions</a>    
+        
+EOD;
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_KeysAndSalts.php

@@ -149 +149 @@
     }   
     
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Editing_wp-config.php#Security_Keys'>Codex: Security Keys - Editing wp-config.php</a><br>
+
+EOD;
+    }
+    
+    
 }

gauntlet-security/trunk/admin/includes/classes/gus_PhpAllowUrl.php

@@ -129 +129 @@
         $code = <<<EOD
 
-allow_url_include = Off
-allow_url_fopen = Off
+allow_url_include = 'off'
+allow_url_fopen = 'off'
 
 EOD;
@@ -164 +164 @@
     }
     
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/HTTP_API'>Codex: HTTP API</a><br>
+        <a href='http://php.net/manual/en/features.remote-files.php'>PHP Manual: Using remote files</a><br>
+
+EOD;
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_PhpDisplayErrors.php

@@ -3 +3 @@
 class gus_PhpDisplayErrors extends gus_TestBase
 {
+    protected $test_table_show = true;
+    protected $test_table_headers = false;
+    protected $test_table_fail_only = false;
+
     protected function main_check()
     {
-        if( ! defined( 'WP_DEBUG' ) || WP_DEBUG == false )
-        {
-            $this->pass();
-        }
-        elseif( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY == false )
-        {
-            $this->pass();
+        $wp_debug = ( WP_DEBUG ) ? 'true' : 'false' ;
+        $wp_debug_log = ( WP_DEBUG_LOG ) ? 'true' : 'false' ;
+        $ini_display_errors = ( ini_get('display_errors') == '1' ) ? 'on' : 'off';
+        
+        if ( WP_DEBUG_DISPLAY )
+        {
+            $wp_debug_display = 'true';
+        }
+        elseif ( null !== WP_DEBUG_DISPLAY )
+        {
+            $wp_debug_display = 'false';
         }
         else
-        {
-            $this->critical_fail();
-        }
-    }
+        {
+            $wp_debug_display = 'null';
+        }
+
+        $configs = array(
+            'WP_DEBUG' => $wp_debug,
+            'WP_DEBUG_LOG' => $wp_debug_log,
+            'WP_DEBUG_DISPLAY' => $wp_debug_display,
+            "ini_set( 'display_errors' )" => $ini_display_errors,
+        );        
+
+        $this->run_sub_test( array(
+            'config' =>  'WP_DEBUG',
+            'configs' => $configs,
+        ) );
+        
+        /*
+            Only display WP_DEBUG_LOG if WP_DEBUG is true
+        */
+        if( WP_DEBUG )
+        {
+            $this->run_sub_test( array(
+                'config' =>  "WP_DEBUG_LOG",
+                'configs' => $configs,
+            ) );
+        }
+
+        /*
+            Only display WP_DEBUG_DISPLAY if WP_DEBUG is true
+        */
+        if( WP_DEBUG )
+        {
+            $this->run_sub_test( array(
+                'config' =>  "WP_DEBUG_DISPLAY",
+                'configs' => $configs,
+            ) );
+        }
+
+        if( (WP_DEBUG && WP_DEBUG_DISPLAY) || (WP_DEBUG && WP_DEBUG_DISPLAY == false) )
+        {
+            // No need to run the ini display_errors check
+        }
+        else
+        {
+            $this->run_sub_test( array(
+                'config' =>  "ini_set( 'display_errors' )",
+                'configs' => $configs,
+            ) );
+        }
+
+    }
+
+    protected function sub_test($args)
+    {
+        $config = $args['config'];
+        $configs = $args['configs'];
+
+
+        // Critical Fails...
+        
+        // WP_DEBUG         = true      (should be false)
+        // display_errors   = true      (should be false)      
+
+        // WP_DEBUG         = false
+        // display_errors   = true      (should be false)
+
+
+        // Fails...
+        
+        // WP_DEBUG         = true      (should be false)
+        // display_errors   = false
+
+
+        // Passes...
+        
+        // WP_DEBUG         = false
+        // display_errors   = false
+
+
+
+
+        if( $config == 'WP_DEBUG' )
+        {
+            if( WP_DEBUG && $configs["ini_set( 'display_errors' )"] == 'on' )
+            {
+                $pass = 'critical';
+            }
+            elseif( WP_DEBUG && $configs["ini_set( 'display_errors' )"] == 'off' )
+            {
+                $pass = 'fail';
+                $configs['WP_DEBUG'] = "<span class='error'>" . $configs['WP_DEBUG'] . "</span>";
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }
+        
+        if( $config == 'WP_DEBUG_LOG' )
+        {
+            if( $configs['WP_DEBUG_LOG'] == 'true' )
+            {
+                $pass = 'fail';
+                $configs['WP_DEBUG_LOG'] = "<span class='error'>" . $configs['WP_DEBUG_LOG'] . "</span>";
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }       
+        
+        if( $config == 'WP_DEBUG_DISPLAY' )
+        {
+            if( WP_DEBUG && $configs['WP_DEBUG_DISPLAY'] == 'null' && $configs["ini_set( 'display_errors' )"] == 'on' )
+            {
+                $pass = 'critical';
+            }
+            elseif( WP_DEBUG && $configs['WP_DEBUG_DISPLAY'] == 'true' )
+            {
+                $pass = 'critical';
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }       
+        
+        if( $config == "ini_set( 'display_errors' )" )
+        {
+            if( $configs["ini_set( 'display_errors' )"] == 'on' )
+            {
+                $pass = 'critical';
+            }
+            else
+            {
+                $pass = 'pass';
+            }
+        }       
+        
+        return array(
+            'pass' => $pass,
+            'table_columns' => array(
+                'Config' => $config,
+                'Value' => $configs[$config],
+            ),
+        );
+        
+    }
+
 
     public function title()
@@ -28 +181 @@
             
             case 'fail':
+            return 'PHP errors are not being displayed to the user';
+            break;
+            
             case 'critical':
             return 'PHP errors are being displayed to the user';
@@ -48 +204 @@
             
             case 'fail':
+            return 'PHP errors are not being displayed to the user, but WP_DEBUG should be false';
+            break;
+            
             case 'critical':
-            return 'PHP errors are being displayed to the user';
+            return "PHP errors are being displayed to the user";
             break;
         }
@@ -66 +225 @@
     protected function how_to_fix()
     {
+        $code1 = <<<EOD
+
+define( 'WP_DEBUG', false );
+ini_set( 'display_errors', 'off' );
+
+EOD;
+        $code1 = trim($code1);
+        
         $code2 = <<<EOD
 
@@ -79 +246 @@
         return <<<EOD
 
-        If you are not doing any debugging on a public site then add this configuration option 
-        in wp-config.php:
-    
-        <code class='prettyprint'>define( 'WP_DEBUG', false );</code>
+        If you are not doing any debugging on a public site then add this to your wp-config.php:
+    
+        <code class='prettyprint'>{$code1}</code>
 
         If you are temporarily debugging a production site, then use this combination of settings:
@@ -100 +266 @@
         return 'Easy';
     }   
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Debugging_in_WordPress'>Codex: Debugging in WordPress</a><br>
+
+EOD;
+    }
+    
 }

gauntlet-security/trunk/admin/includes/classes/gus_PhpFunctions.php

@@ -131 +131 @@
     }
 
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://stackoverflow.com/a/3697776/3976381'>Stack Overflow: Exploitable PHP functions</a><br>
+
+EOD;
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_PluginAudit.php

@@ -224 +224 @@
         return 'Easy';
     }
+    
+    
+    
+    protected function references()
+    {
+        return <<<EOD
+    
+        <a href='https://wordpress.org/plugins/'>WordPress Plugin Directory</a><br>
+        <a href='http://web.nvd.nist.gov/view/vuln/search-results?query=wordpress&search_type=all&cves=on'>National Vulnerability Database</a><br>
+
+EOD;
+    }
+    
 
 }

gauntlet-security/trunk/admin/includes/classes/gus_SecureIncludes.php

@@ -148 +148 @@
 EOD;
     }
-    
-    protected function fix_difficulty()
-    {
-        return "Intermediate";
-    }
+    
+    protected function fix_difficulty()
+    {
+        return "Intermediate";
+    }
+    
+    protected function references()
+    {
+        return "<a href='http://codex.wordpress.org/Hardening_WordPress#Securing_wp-includes'>Codex: Securing wp-includes - Hardening Wordpress</a>";
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_SslAdmin.php

@@ -125 +125 @@
         <code class="prettyprint">define('FORCE_SSL_ADMIN', true);</code>
         
-        ...but setting up SSL on your server is not so simple. For more information, start here:
-        <a target='_blank' href='http://codex.wordpress.org/Administration_Over_SSL'>codex.wordpress.org/Administration_Over_SSL</a>
-        
+        ...but setting up SSL on your server is not so simple. (See the reference below more info.)
+        
 EOD;
     }
@@ -135 +134 @@
         return 'Advanced';
     }
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Administration_Over_SSL'>Codex: Administration Over SSL</a><br>
+
+EOD;
+    }
+    
     
 }

gauntlet-security/trunk/admin/includes/classes/gus_TestBase.php

@@ -71 +71 @@
 
             case 'undetermined':
-                $this->undetermined();
+                if($this->pass !== 'critical')
+                {
+                    $this->undetermined();
+                }
             break;
         }
+        
+        return $sub_test;
     }
 
@@ -81 +86 @@
     protected function how_to_fix(){}
     protected function fix_difficulty(){}
+    protected function references(){}
     
     
@@ -238 +244 @@
 EOD;
         }
-        
-        if( $html = $this->how_to_fix() )
-        {
-            if( $difficulty = $this->fix_difficulty() )
-            {
-                $difficulty = "<p><strong>Difficulty:</strong> {$difficulty}</p>\n";
-            }
-            else
-            {
-                $difficulty = '';
-            }
-            
-            $this->message .= <<<EOD
-            
-            <div class='how_to_fix'>            
-                <h3>How can this be fixed?</h3>             
-                {$difficulty}       
-                {$html}             
-            </div>
-EOD;
-        }
+        
+        if( $html = $this->how_to_fix() )
+        {
+            if( $difficulty = $this->fix_difficulty() )
+            {
+                $difficulty = "<p><strong>Difficulty:</strong> {$difficulty}</p>\n";
+            }
+            else
+            {
+                $difficulty = '';
+            }
+            
+            $this->message .= <<<EOD
+            
+            <div class='how_to_fix'>            
+                <h3>How can this be fixed?</h3>                
+                {$difficulty}        
+                {$html}                
+            </div>
+EOD;
+        }
+        
+        if( $html = $this->references() )
+        {
+            $this->message .= <<<EOD
+            
+            <div class='recommendations'>
+                <h3>References</h3>
+                {$html}
+            </div>
+EOD;
+        }
     }
 

gauntlet-security/trunk/admin/includes/classes/gus_TestRunner.php

@@ -11 +11 @@
 
         // File access
+        $this->tests[] = array('gus_Shellshock', 'Files');
         $this->tests[] = array('gus_FilePermissions', 'Files');
         $this->tests[] = array('gus_DirectoryIndexing', 'Files');

gauntlet-security/trunk/admin/includes/classes/gus_UserNames.php

@@ -29 +29 @@
             /*
                 Also display the (redirected) permalink for the URL if applicable
-                    Ex: http://wp-security-plugin:8888/author/user-login
+                    Ex: http://example.com/author/user-login
             */
             if($response['response']['code'] == 301)

gauntlet-security/trunk/admin/includes/classes/gus_WpContentLocation.php

@@ -144 +144 @@
     }
     
+    protected function references()
+    {
+        return <<<EOD
+        
+        <a href='http://codex.wordpress.org/Determining_Plugin_and_Content_Directories'>Codex: Determining Plugin and Content Directories</a>
+EOD;
+    }
 }

gauntlet-security/trunk/admin/includes/classes/gus_WpGenerator.php

@@ -129 +129 @@
         return 'Intermediate';
     }   
+
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://kovshenin.com/2013/dont-hide-the-fact-that-youre-using-wordpress/'>Konstantin Kovshenin: Don’t Hide the Fact That You’re Using WordPress</a><br>
+        <a href='http://plugins.twinpictures.de/wordpress-jquery-versions/'>Twinpictures: A History of jQuery Versions Included in WordPress</a><br>
+        <a href='http://www.virendrachandak.com/techtalk/how-to-remove-wordpress-version-parameter-from-js-and-css-files/'>Virendra Chandak: How To Remove WordPress Version Parameter From JS and CSS Files</a><br>
+
+EOD;
+    }
     
 }

gauntlet-security/trunk/admin/includes/classes/gus_WpVersion.php

@@ -110 +110 @@
     }
     
+    protected function references()
+    {
+        return <<<EOD
+            
+        <a href='http://codex.wordpress.org/Updating_WordPress'>Codex: Updating WordPress</a><br>
+
+EOD;
+    }
+    
 
 }

gauntlet-security/trunk/gauntlet-security.php

@@ -7 +7 @@
  * Author: Cornelius Bergen, Matchbox Creative
  * Author URI: http://matchboxcreative.com
- * Version: 1.0.1
+ * Version: 1.1.0
  * Text Domain: gauntlet
  */