All In One WP Security & Firewall - Version 1.8

Version Description

  • Moved the front end site lockout feature to a new menu called "Maintenance".
  • Added a feature in the front-end lockout feature to allow people to specify their own message which will be displayed on the front-end to visitors who try to access the site when it is in lock out state.
  • Fixed a bug in the front-end lockout feature by adding some checks which ensure that the admin will not get locked if the feature is still active and their login session expires or they log out.
  • Added a widget in the dashboard menu to show the status of the "maintenance mode" feature.
Download this release

Release Info

Developer mra13
Plugin Icon 128x128 All In One WP Security & Firewall
Version 1.8
Comparing to
See all releases

Code changes from version 1.7 to 1.8

Files changed (11) hide show
  1. admin/wp-security-admin-init.php +9 -0
  2. admin/wp-security-dashboard-menu.php +35 -4
  3. admin/wp-security-maintenance-menu.php +131 -0
  4. admin/wp-security-settings-menu.php +0 -44
  5. classes/wp-security-configure-settings.php +11 -4
  6. classes/wp-security-general-init-tasks.php +1 -1
  7. css/wp-security-site-lockout-page.css +0 -4
  8. other-includes/wp-security-visitor-lockout-page.php +8 -2
  9. readme.txt +8 -1
  10. wp-security-core.php +2 -1
  11. wp-security.php +1 -1
admin/wp-security-admin-init.php CHANGED
@@ -15,6 +15,7 @@ class AIOWPSecurity_Admin_Init
15
  var $whois_menu;
16
  var $blacklist_menu;
17
  var $firewall_menu;
 
18
 
19
  function __construct()
20
  {
@@ -146,6 +147,7 @@ class AIOWPSecurity_Admin_Init
146
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('WHOIS Lookup', 'aiowpsecurity'), __('WHOIS Lookup', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_WHOIS_MENU_SLUG, array(&$this, 'handle_whois_menu_rendering'));
147
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Blacklist Manager', 'aiowpsecurity'), __('Blacklist Manager', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_BLACKLIST_MENU_SLUG, array(&$this, 'handle_blacklist_menu_rendering'));
148
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Firewall', 'aiowpsecurity'), __('Firewall', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_FIREWALL_MENU_SLUG, array(&$this, 'handle_firewall_menu_rendering'));
 
149
  do_action('aiowpsecurity_admin_menu_created');
150
  }
151
 
@@ -203,5 +205,12 @@ class AIOWPSecurity_Admin_Init
203
  include_once('wp-security-firewall-menu.php');
204
  $this->firewall_menu = new AIOWPSecurity_Firewall_Menu();
205
  }
 
 
 
 
 
 
 
206
  }//End of class
207
 
15
  var $whois_menu;
16
  var $blacklist_menu;
17
  var $firewall_menu;
18
+ var $maintenance_menu;
19
 
20
  function __construct()
21
  {
147
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('WHOIS Lookup', 'aiowpsecurity'), __('WHOIS Lookup', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_WHOIS_MENU_SLUG, array(&$this, 'handle_whois_menu_rendering'));
148
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Blacklist Manager', 'aiowpsecurity'), __('Blacklist Manager', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_BLACKLIST_MENU_SLUG, array(&$this, 'handle_blacklist_menu_rendering'));
149
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Firewall', 'aiowpsecurity'), __('Firewall', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_FIREWALL_MENU_SLUG, array(&$this, 'handle_firewall_menu_rendering'));
150
+ add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Maintenance', 'aiowpsecurity'), __('Maintenance', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_MAINTENANCE_MENU_SLUG, array(&$this, 'handle_maintenance_menu_rendering'));
151
  do_action('aiowpsecurity_admin_menu_created');
152
  }
153
 
205
  include_once('wp-security-firewall-menu.php');
206
  $this->firewall_menu = new AIOWPSecurity_Firewall_Menu();
207
  }
208
+
209
+ function handle_maintenance_menu_rendering()
210
+ {
211
+ include_once('wp-security-maintenance-menu.php');
212
+ $this->maintenance_menu = new AIOWPSecurity_Maintenance_Menu();
213
+ }
214
+
215
  }//End of class
216
 
admin/wp-security-dashboard-menu.php CHANGED
@@ -71,6 +71,7 @@ class AIOWPSecurity_Dashboard_Menu extends AIOWPSecurity_Admin_Menu
71
  echo "<script type='text/javascript' src='https://www.google.com/jsapi'></script>";//Include the google chart library
72
 
73
  global $aiowps_feature_mgr;
 
74
  $feature_mgr = $aiowps_feature_mgr;
75
  $total_site_security_points = $feature_mgr->get_total_site_points();
76
  $total_security_points_achievable = $feature_mgr->get_total_achievable_points();
@@ -169,7 +170,7 @@ class AIOWPSecurity_Dashboard_Menu extends AIOWPSecurity_Admin_Menu
169
  $username_admin_feature = $feature_mgr->get_feature_item_by_id("user-accounts-change-admin-user");
170
  echo '<div class="aiowps_feature_status_container">';
171
  echo '<div class="aiowps_feature_status_name">'.__('Admin Username','aiowpsecurity').'</div>';
172
- echo '<a href="admin.php?page='.AIOWPSEC_USER_ACCOUNTS_MENU_SLUG.'" target="_blank">';
173
  echo '<div class="aiowps_feature_status_bar">';
174
  if($username_admin_feature->feature_status == $feature_mgr->feature_active){
175
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
@@ -184,7 +185,7 @@ class AIOWPSecurity_Dashboard_Menu extends AIOWPSecurity_Admin_Menu
184
  $login_lockdown_feature = $feature_mgr->get_feature_item_by_id("user-login-login-lockdown");
185
  echo '<div class="aiowps_feature_status_container">';
186
  echo '<div class="aiowps_feature_status_name">'.__('Login Lockdown','aiowpsecurity').'</div>';
187
- echo '<a href="admin.php?page='.AIOWPSEC_USER_LOGIN_MENU_SLUG.'" target="_blank">';
188
  echo '<div class="aiowps_feature_status_bar">';
189
  if($login_lockdown_feature->feature_status == $feature_mgr->feature_active){
190
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
@@ -199,7 +200,7 @@ class AIOWPSecurity_Dashboard_Menu extends AIOWPSecurity_Admin_Menu
199
  $filesystem_feature = $feature_mgr->get_feature_item_by_id("filesystem-file-permissions");
200
  echo '<div class="aiowps_feature_status_container">';
201
  echo '<div class="aiowps_feature_status_name">'.__('File Permission','aiowpsecurity').'</div>';
202
- echo '<a href="admin.php?page='.AIOWPSEC_FILESYSTEM_MENU_SLUG.'" target="_blank">';
203
  echo '<div class="aiowps_feature_status_bar">';
204
  if($filesystem_feature->feature_status == $feature_mgr->feature_active){
205
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
@@ -214,7 +215,7 @@ class AIOWPSecurity_Dashboard_Menu extends AIOWPSecurity_Admin_Menu
214
  $basic_firewall_feature = $feature_mgr->get_feature_item_by_id("firewall-basic-rules");
215
  echo '<div class="aiowps_feature_status_container">';
216
  echo '<div class="aiowps_feature_status_name">'.__('Basic Firewall','aiowpsecurity').'</div>';
217
- echo '<a href="admin.php?page='.AIOWPSEC_FIREWALL_MENU_SLUG.'" target="_blank">';
218
  echo '<div class="aiowps_feature_status_bar">';
219
  if($basic_firewall_feature->feature_status == $feature_mgr->feature_active){
220
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
@@ -228,6 +229,36 @@ class AIOWPSecurity_Dashboard_Menu extends AIOWPSecurity_Admin_Menu
228
  ?>
229
  </div></div>
230
  </div><!-- aiowps_dashboard_box -->
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
231
 
232
  <div class="aiowps_dashboard_box_small">
233
  <div class="postbox">
71
  echo "<script type='text/javascript' src='https://www.google.com/jsapi'></script>";//Include the google chart library
72
 
73
  global $aiowps_feature_mgr;
74
+ global $aio_wp_security;
75
  $feature_mgr = $aiowps_feature_mgr;
76
  $total_site_security_points = $feature_mgr->get_total_site_points();
77
  $total_security_points_achievable = $feature_mgr->get_total_achievable_points();
170
  $username_admin_feature = $feature_mgr->get_feature_item_by_id("user-accounts-change-admin-user");
171
  echo '<div class="aiowps_feature_status_container">';
172
  echo '<div class="aiowps_feature_status_name">'.__('Admin Username','aiowpsecurity').'</div>';
173
+ echo '<a href="admin.php?page='.AIOWPSEC_USER_ACCOUNTS_MENU_SLUG.'">';
174
  echo '<div class="aiowps_feature_status_bar">';
175
  if($username_admin_feature->feature_status == $feature_mgr->feature_active){
176
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
185
  $login_lockdown_feature = $feature_mgr->get_feature_item_by_id("user-login-login-lockdown");
186
  echo '<div class="aiowps_feature_status_container">';
187
  echo '<div class="aiowps_feature_status_name">'.__('Login Lockdown','aiowpsecurity').'</div>';
188
+ echo '<a href="admin.php?page='.AIOWPSEC_USER_LOGIN_MENU_SLUG.'">';
189
  echo '<div class="aiowps_feature_status_bar">';
190
  if($login_lockdown_feature->feature_status == $feature_mgr->feature_active){
191
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
200
  $filesystem_feature = $feature_mgr->get_feature_item_by_id("filesystem-file-permissions");
201
  echo '<div class="aiowps_feature_status_container">';
202
  echo '<div class="aiowps_feature_status_name">'.__('File Permission','aiowpsecurity').'</div>';
203
+ echo '<a href="admin.php?page='.AIOWPSEC_FILESYSTEM_MENU_SLUG.'">';
204
  echo '<div class="aiowps_feature_status_bar">';
205
  if($filesystem_feature->feature_status == $feature_mgr->feature_active){
206
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
215
  $basic_firewall_feature = $feature_mgr->get_feature_item_by_id("firewall-basic-rules");
216
  echo '<div class="aiowps_feature_status_container">';
217
  echo '<div class="aiowps_feature_status_name">'.__('Basic Firewall','aiowpsecurity').'</div>';
218
+ echo '<a href="admin.php?page='.AIOWPSEC_FIREWALL_MENU_SLUG.'">';
219
  echo '<div class="aiowps_feature_status_bar">';
220
  if($basic_firewall_feature->feature_status == $feature_mgr->feature_active){
221
  echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">On</div>';
229
  ?>
230
  </div></div>
231
  </div><!-- aiowps_dashboard_box -->
232
+
233
+ <div class="aiowps_dashboard_box_small">
234
+ <div class="postbox">
235
+ <h3><label for="title">Maintenance Mode Status</label></h3>
236
+ <div class="inside">
237
+ <?php
238
+ if($aio_wp_security->configs->get_value('aiowps_site_lockout') == '1'){
239
+ echo '<p>'.__('Maintenance mode is currently enabled. Remember to turn it off when you are done','aiowpsecurity').'</p>';
240
+ }
241
+ else{
242
+ echo '<p>'.__('Maintenance mode is currently off.','aiowpsecurity').'</p>';
243
+ }
244
+
245
+ echo '<div class="aiowps_feature_status_container">';
246
+ echo '<div class="aiowps_feature_status_name">'.__('Maintenance Mode','aiowpsecurity').'</div>';
247
+ echo '<a href="admin.php?page='.AIOWPSEC_MAINTENANCE_MENU_SLUG.'">';
248
+ echo '<div class="aiowps_feature_status_bar">';
249
+ if($aio_wp_security->configs->get_value('aiowps_site_lockout') == '1'){//Maintenance mode is enabled
250
+ echo '<div class="aiowps_feature_status_label aiowps_feature_status_off">On</div>';//If enabled show red by usign the "off" class
251
+ echo '<div class="aiowps_feature_status_label">Off</div>';
252
+ }else{
253
+ echo '<div class="aiowps_feature_status_label">On</div>';
254
+ echo '<div class="aiowps_feature_status_label aiowps_feature_status_on">Off</div>';
255
+ }
256
+ echo '</div></div></a>';
257
+ echo '<div class="aio_clear_float"></div>';
258
+ ?>
259
+ </div></div>
260
+ </div><!-- aiowps_dashboard_box -->
261
+
262
 
263
  <div class="aiowps_dashboard_box_small">
264
  <div class="postbox">
admin/wp-security-maintenance-menu.php ADDED
@@ -0,0 +1,131 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ class AIOWPSecurity_Maintenance_Menu extends AIOWPSecurity_Admin_Menu
4
+ {
5
+ var $menu_page_slug = AIOWPSEC_MAINTENANCE_MENU_SLUG;
6
+
7
+ /* Specify all the tabs of this menu in the following array */
8
+ var $menu_tabs = array(
9
+ 'tab1' => 'Visitor Lockout',
10
+ );
11
+
12
+ var $menu_tabs_handler = array(
13
+ 'tab1' => 'render_tab1',
14
+ );
15
+
16
+ function __construct()
17
+ {
18
+ $this->render_menu_page();
19
+ }
20
+
21
+ function get_current_tab()
22
+ {
23
+ $tab_keys = array_keys($this->menu_tabs);
24
+ $tab = isset( $_GET['tab'] ) ? $_GET['tab'] : $tab_keys[0];
25
+ return $tab;
26
+ }
27
+
28
+ /*
29
+ * Renders our tabs of this menu as nav items
30
+ */
31
+ function render_menu_tabs()
32
+ {
33
+ $current_tab = $this->get_current_tab();
34
+
35
+ echo '<h2 class="nav-tab-wrapper">';
36
+ foreach ( $this->menu_tabs as $tab_key => $tab_caption )
37
+ {
38
+ $active = $current_tab == $tab_key ? 'nav-tab-active' : '';
39
+ echo '<a class="nav-tab ' . $active . '" href="?page=' . $this->menu_page_slug . '&tab=' . $tab_key . '">' . $tab_caption . '</a>';
40
+ }
41
+ echo '</h2>';
42
+ }
43
+
44
+ /*
45
+ * The menu rendering goes here
46
+ */
47
+ function render_menu_page()
48
+ {
49
+ $tab = $this->get_current_tab();
50
+ ?>
51
+ <div class="wrap">
52
+ <div id="poststuff"><div id="post-body">
53
+ <?php
54
+ $this->render_menu_tabs();
55
+ //$tab_keys = array_keys($this->menu_tabs);
56
+ call_user_func(array(&$this, $this->menu_tabs_handler[$tab]));
57
+ ?>
58
+ </div></div>
59
+ </div><!-- end of wrap -->
60
+ <?php
61
+ }
62
+
63
+ function render_tab1()
64
+ {
65
+ global $aio_wp_security;
66
+ $maint_msg = '';
67
+ if(isset($_POST['aiowpsec_save_site_lockout']))
68
+ {
69
+ $nonce=$_REQUEST['_wpnonce'];
70
+ if (!wp_verify_nonce($nonce, 'aiowpsec-site-lockout'))
71
+ {
72
+ $aio_wp_security->debug_logger->log_debug("Nonce check failed on site lockout feature settings save!",4);
73
+ die("Nonce check failed on site lockout feature settings save!");
74
+ }
75
+
76
+ //Save settings
77
+ $aio_wp_security->configs->set_value('aiowps_site_lockout',isset($_POST["aiowps_site_lockout"])?'1':'');
78
+ $maint_msg = htmlentities(stripslashes($_POST['aiowps_site_lockout_msg']), ENT_COMPAT, "UTF-8");
79
+ $aio_wp_security->configs->set_value('aiowps_site_lockout_msg',$maint_msg);//Text area/msg box
80
+ $aio_wp_security->configs->save_config();
81
+
82
+ $this->show_msg_updated(__('Site lockout feature settings saved!', 'aiowpsecurity'));
83
+
84
+ }
85
+ ?>
86
+ <div class="postbox">
87
+ <h3><label for="title"><?php _e('General Visitor Lockout', 'aiowpsecurity'); ?></label></h3>
88
+ <div class="inside">
89
+ <form action="" method="POST">
90
+ <?php wp_nonce_field('aiowpsec-site-lockout'); ?>
91
+ <div class="aio_blue_box">
92
+ <?php
93
+ echo '<p>'.__('This feature allows you to put your site into "maintenance mode" by locking down the front-end to all visitors except logged in users with super admin privileges.', 'aiowpsecurity').'</p>';
94
+ echo '<p>'.__('Locking your site down to general visitors can be useful if you are investigating some issues on your site or perhaps you might be doing some maintenance and wish to keep out all traffic for security reasons.', 'aiowpsecurity').'</p>';
95
+ ?>
96
+ </div>
97
+ <table class="form-table">
98
+ <tr valign="top">
99
+ <th scope="row"><?php _e('Enable Front-end Lockout', 'aiowpsecurity')?>:</th>
100
+ <td>
101
+ <input name="aiowps_site_lockout" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_site_lockout')=='1') echo ' checked="checked"'; ?> value="1"/>
102
+ <span class="description"><?php _e('Check this if you want all visitors except those who are logged in as administrator to be locked out of the front-end of your site.', 'aiowpsecurity'); ?></span>
103
+ </td>
104
+ </tr>
105
+ <tr valign="top">
106
+ <th scope="row"><?php _e('Enter a Message:', 'aiowpsecurity')?></th>
107
+ <td>
108
+ <?php
109
+ $aiowps_site_lockout_msg_raw = $aio_wp_security->configs->get_value('aiowps_site_lockout_msg');
110
+ if(empty($aiowps_site_lockout_msg_raw)){
111
+ $aiowps_site_lockout_msg_raw = 'This site is currently not available. Please try again later.';
112
+ }
113
+ $aiowps_site_lockout_msg = html_entity_decode($aiowps_site_lockout_msg_raw, ENT_COMPAT, "UTF-8");
114
+ $aiowps_site_lockout_msg_settings = array('textarea_name' => 'aiowps_site_lockout_msg', 'media_buttons' => false);
115
+ wp_editor($aiowps_site_lockout_msg, "aiowps_site_lockout_msg_editor_content", $aiowps_site_lockout_msg_settings);
116
+ ?>
117
+ <br />
118
+ <span class="description"><?php _e('Enter a message you wish to display to visitors when your site is in maintenance mode.','aiowpsecurity');?></span>
119
+ </td>
120
+ </tr>
121
+
122
+ </table>
123
+
124
+ <div class="submit">
125
+ <input type="submit" class="button-primary" name="aiowpsec_save_site_lockout" value="<?php _e('Save Site Lockout Settings'); ?>" />
126
+ </div>
127
+ </form>
128
+ </div></div>
129
+ <?php
130
+ }
131
+ } //end class
admin/wp-security-settings-menu.php CHANGED
@@ -80,24 +80,6 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
80
  AIOWPSecurity_Configure_Settings::turn_off_all_security_features();
81
  $this->show_msg_updated(__('All the security features have been disabled successfully!', 'aiowpsecurity'));
82
  }
83
-
84
- //Site lockout feature submission tasks
85
- if(isset($_POST['aiowpsec_save_site_lockout']))
86
- {
87
- $nonce=$_REQUEST['_wpnonce'];
88
- if (!wp_verify_nonce($nonce, 'aiowpsec-site-lockout'))
89
- {
90
- $aio_wp_security->debug_logger->log_debug("Nonce check failed on site lockout feature settings save!",4);
91
- die("Nonce check failed on site lockout feature settings save!");
92
- }
93
-
94
- //Save settings if no errors
95
- $aio_wp_security->configs->set_value('aiowps_site_lockout',isset($_POST["aiowps_site_lockout"])?'1':'');
96
- $aio_wp_security->configs->save_config();
97
-
98
- $this->show_msg_updated(__('Site lockout feature settings saved!', 'aiowpsecurity'));
99
-
100
- }
101
  ?>
102
  <div class="aio_grey_box">
103
  <p>For information, updates and documentation, please visit the <a href="http://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin" target="_blank">AIO WP Security & Firewall Plugin</a> Page.</p>
@@ -134,32 +116,6 @@ class AIOWPSecurity_Settings_Menu extends AIOWPSecurity_Admin_Menu
134
  </div>
135
  </form>
136
  </div></div>
137
- <div class="postbox">
138
- <h3><label for="title"><?php _e('General Visitor Lockout', 'aiowpsecurity'); ?></label></h3>
139
- <div class="inside">
140
- <form action="" method="POST">
141
- <?php wp_nonce_field('aiowpsec-site-lockout'); ?>
142
- <div class="aio_blue_box">
143
- <?php
144
- echo '<p>'.__('This feature allows you to lockdown the front-end of your site to all visitors except user with super admin privileges.', 'aiowpsecurity').'</p>';
145
- echo '<p>'.__('Locking your site down to general visitors can be useful if you are investigating some issues on your site or perhaps you might be doing some maintenance and wish to keep out all traffic for security reasons.', 'aiowpsecurity').'</p>';
146
- ?>
147
- </div>
148
- <table class="form-table">
149
- <tr valign="top">
150
- <th scope="row"><?php _e('Enable Front-end Lockout', 'aiowpsecurity')?>:</th>
151
- <td>
152
- <input name="aiowps_site_lockout" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_site_lockout')=='1') echo ' checked="checked"'; ?> value="1"/>
153
- <span class="description"><?php _e('Check this if you want all visitors except those who are logged in as administrator to be locked out of the front-end of your site.', 'aiowpsecurity'); ?></span>
154
- </td>
155
- </tr>
156
- </table>
157
-
158
- <div class="submit">
159
- <input type="submit" name="aiowpsec_save_site_lockout" value="<?php _e('Save Site Lockout Settings'); ?>" />
160
- </div>
161
- </form>
162
- </div></div>
163
  <?php
164
  }
165
 
80
  AIOWPSecurity_Configure_Settings::turn_off_all_security_features();
81
  $this->show_msg_updated(__('All the security features have been disabled successfully!', 'aiowpsecurity'));
82
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
83
  ?>
84
  <div class="aio_grey_box">
85
  <p>For information, updates and documentation, please visit the <a href="http://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin" target="_blank">AIO WP Security & Firewall Plugin</a> Page.</p>
116
  </div>
117
  </form>
118
  </div></div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
119
  <?php
120
  }
121
 
classes/wp-security-configure-settings.php CHANGED
@@ -15,8 +15,7 @@ class AIOWPSecurity_Configure_Settings
15
  $aio_wp_security->configs->set_value('aiowps_remove_wp_generator_meta_info','');//Checkbox
16
 
17
  //General Settings Page
18
- $aio_wp_security->configs->set_value('aiowps_site_lockout','');//Checkbox
19
-
20
  //User password feature
21
 
22
  //Lockdown feature
@@ -61,7 +60,11 @@ class AIOWPSecurity_Configure_Settings
61
  $aio_wp_security->configs->set_value('aiowps_cookie_based_brute_force_redirect_url','http://127.0.0.1');
62
  $aio_wp_security->configs->set_value('aiowps_enable_brute_force_attack_prevention','');//Checkbox
63
  $aio_wp_security->configs->set_value('aiowps_brute_force_attack_prevention_pw_protected_exception','');//Checkbox
64
-
 
 
 
 
65
  //TODO - keep adding default options for any fields that require it
66
 
67
  //Save it
@@ -77,7 +80,6 @@ class AIOWPSecurity_Configure_Settings
77
  $aio_wp_security->configs->add_value('aiowps_remove_wp_generator_meta_info','');//Checkbox
78
 
79
  //General Settings Page
80
- $aio_wp_security->configs->add_value('aiowps_site_lockout','');//Checkbox
81
 
82
  //User password feature
83
 
@@ -123,6 +125,11 @@ class AIOWPSecurity_Configure_Settings
123
  $aio_wp_security->configs->add_value('aiowps_cookie_based_brute_force_redirect_url','http://127.0.0.1');
124
  $aio_wp_security->configs->add_value('aiowps_brute_force_attack_prevention_pw_protected_exception','');//Checkbox
125
 
 
 
 
 
 
126
  //TODO - keep adding default options for any fields that require it
127
 
128
  //Save it
15
  $aio_wp_security->configs->set_value('aiowps_remove_wp_generator_meta_info','');//Checkbox
16
 
17
  //General Settings Page
18
+
 
19
  //User password feature
20
 
21
  //Lockdown feature
60
  $aio_wp_security->configs->set_value('aiowps_cookie_based_brute_force_redirect_url','http://127.0.0.1');
61
  $aio_wp_security->configs->set_value('aiowps_enable_brute_force_attack_prevention','');//Checkbox
62
  $aio_wp_security->configs->set_value('aiowps_brute_force_attack_prevention_pw_protected_exception','');//Checkbox
63
+
64
+ //Maintenance menu - Visitor lockout feature
65
+ $aio_wp_security->configs->set_value('aiowps_site_lockout','');//Checkbox
66
+ $aio_wp_security->configs->set_value('aiowps_site_lockout_msg','');//Text area/msg box
67
+
68
  //TODO - keep adding default options for any fields that require it
69
 
70
  //Save it
80
  $aio_wp_security->configs->add_value('aiowps_remove_wp_generator_meta_info','');//Checkbox
81
 
82
  //General Settings Page
 
83
 
84
  //User password feature
85
 
125
  $aio_wp_security->configs->add_value('aiowps_cookie_based_brute_force_redirect_url','http://127.0.0.1');
126
  $aio_wp_security->configs->add_value('aiowps_brute_force_attack_prevention_pw_protected_exception','');//Checkbox
127
 
128
+ //Maintenance menu - Visitor lockout feature
129
+ $aio_wp_security->configs->add_value('aiowps_site_lockout','');//Checkbox
130
+ $aio_wp_security->configs->add_value('aiowps_site_lockout_msg','');//Text area/msg box
131
+
132
+
133
  //TODO - keep adding default options for any fields that require it
134
 
135
  //Save it
classes/wp-security-general-init-tasks.php CHANGED
@@ -19,7 +19,7 @@ class AIOWPSecurity_General_Init_Tasks
19
 
20
  //For site lockout feature
21
  if($aio_wp_security->configs->get_value('aiowps_site_lockout') == '1'){
22
- if (!is_user_logged_in() && !current_user_can('administrator')) {
23
  $this->site_lockout_tasks();
24
  }
25
  }
19
 
20
  //For site lockout feature
21
  if($aio_wp_security->configs->get_value('aiowps_site_lockout') == '1'){
22
+ if (!is_user_logged_in() && !current_user_can('administrator') && !is_admin() && !in_array( $GLOBALS['pagenow'], array( 'wp-login.php', 'wp-register.php' ))) {
23
  $this->site_lockout_tasks();
24
  }
25
  }
css/wp-security-site-lockout-page.css CHANGED
@@ -25,7 +25,3 @@ body{
25
  text-align: center;
26
  }
27
 
28
- .aiowps-site-lockout-text{
29
- margin-bottom: 30px;
30
- }
31
-
25
  text-align: center;
26
  }
27
 
 
 
 
 
other-includes/wp-security-visitor-lockout-page.php CHANGED
@@ -1,4 +1,11 @@
1
  <?php
 
 
 
 
 
 
 
2
  ?>
3
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
4
  <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
@@ -15,8 +22,7 @@
15
  <div class="aiowps-site-lockout-body-content">
16
  <div class="aiowps-site-lockout-box">
17
  <div class="aiowps-site-lockout-msg">
18
- <p class="aiowps-site-lockout-text"><?php _e('This site is currently not available', 'aiowpsecurity'); ?></p>
19
- <p class="aiowps-site-lockout-text"><?php _e('Please try again later', 'aiowpsecurity'); ?></p>
20
  </div>
21
  </div> <!-- end .aiowps-site-lockout-box -->
22
  </div> <!-- end .aiowps-site-lockout-body-content -->
1
  <?php
2
+ global $aio_wp_security;
3
+ $aiowps_site_lockout_msg_raw = $aio_wp_security->configs->get_value('aiowps_site_lockout_msg');
4
+ if(empty($aiowps_site_lockout_msg_raw)){
5
+ $aiowps_site_lockout_msg_raw = '<p>This site is currently not available. Please try again later.</p>';
6
+ }
7
+ $maintenance_msg = html_entity_decode($aiowps_site_lockout_msg_raw, ENT_COMPAT, "UTF-8");
8
+ $maintenance_msg = apply_filters('the_content', $maintenance_msg);
9
  ?>
10
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
11
  <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
22
  <div class="aiowps-site-lockout-body-content">
23
  <div class="aiowps-site-lockout-box">
24
  <div class="aiowps-site-lockout-msg">
25
+ <?php echo $maintenance_msg; ?>
 
26
  </div>
27
  </div> <!-- end .aiowps-site-lockout-box -->
28
  </div> <!-- end .aiowps-site-lockout-body-content -->
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://www.tipsandtricks-hq.com
4
  Tags: security, secure, Anti Virus, antivirus, virus, firewall, login, lockdown, htaccess, hacking, ban hacker, malware, vulnerability, protect, phishing, database, backup, plugin, sql injection, ssl, restrict
5
  Requires at least: 3.5
6
  Tested up to: 3.6
7
- Stable tag: 1.7
8
  License: GPLv3
9
 
10
  A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
@@ -125,6 +125,13 @@ None
125
  None
126
 
127
  == Changelog ==
 
 
 
 
 
 
 
128
  = 1.7 =
129
  - Added a new feature which is a password strength tool which calculates how easy it is for your chosen password to be cracked using a desktop PC and the appropriate SW. This tool should help you create strong passwords.
130
  - Added a front-end general visitor lockout feature. This feature allows you to temporarily lock down the front end of your site while you do security investigation, site upgrades, tweaks etc.
4
  Tags: security, secure, Anti Virus, antivirus, virus, firewall, login, lockdown, htaccess, hacking, ban hacker, malware, vulnerability, protect, phishing, database, backup, plugin, sql injection, ssl, restrict
5
  Requires at least: 3.5
6
  Tested up to: 3.6
7
+ Stable tag: 1.8
8
  License: GPLv3
9
 
10
  A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
125
  None
126
 
127
  == Changelog ==
128
+
129
+ = 1.8 =
130
+ - Moved the front end site lockout feature to a new menu called "Maintenance".
131
+ - Added a feature in the front-end lockout feature to allow people to specify their own message which will be displayed on the front-end to visitors who try to access the site when it is in lock out state.
132
+ - Fixed a bug in the front-end lockout feature by adding some checks which ensure that the admin will not get locked if the feature is still active and their login session expires or they log out.
133
+ - Added a widget in the dashboard menu to show the status of the "maintenance mode" feature.
134
+
135
  = 1.7 =
136
  - Added a new feature which is a password strength tool which calculates how easy it is for your chosen password to be cracked using a desktop PC and the appropriate SW. This tool should help you create strong passwords.
137
  - Added a front-end general visitor lockout feature. This feature allows you to temporarily lock down the front end of your site while you do security investigation, site upgrades, tweaks etc.
wp-security-core.php CHANGED
@@ -3,7 +3,7 @@
3
  if (!class_exists('AIO_WP_Security')){
4
 
5
  class AIO_WP_Security{
6
- var $version = '1.7';
7
  var $db_version = '1.2';
8
  var $plugin_url;
9
  var $plugin_path;
@@ -63,6 +63,7 @@ class AIO_WP_Security{
63
  define('AIOWPSEC_WHOIS_MENU_SLUG', 'aiowpsec_whois');
64
  define('AIOWPSEC_BLACKLIST_MENU_SLUG', 'aiowpsec_blacklist');
65
  define('AIOWPSEC_FIREWALL_MENU_SLUG', 'aiowpsec_firewall');
 
66
 
67
  global $wpdb;
68
  define('AIOWPSEC_TBL_LOGIN_LOCKDOWN', $wpdb->prefix . 'aiowps_login_lockdown');
3
  if (!class_exists('AIO_WP_Security')){
4
 
5
  class AIO_WP_Security{
6
+ var $version = '1.8';
7
  var $db_version = '1.2';
8
  var $plugin_url;
9
  var $plugin_path;
63
  define('AIOWPSEC_WHOIS_MENU_SLUG', 'aiowpsec_whois');
64
  define('AIOWPSEC_BLACKLIST_MENU_SLUG', 'aiowpsec_blacklist');
65
  define('AIOWPSEC_FIREWALL_MENU_SLUG', 'aiowpsec_firewall');
66
+ define('AIOWPSEC_MAINTENANCE_MENU_SLUG', 'aiowpsec_maintenance');
67
 
68
  global $wpdb;
69
  define('AIOWPSEC_TBL_LOGIN_LOCKDOWN', $wpdb->prefix . 'aiowps_login_lockdown');
wp-security.php CHANGED
@@ -1,7 +1,7 @@
1
  <?php
2
  /*
3
  Plugin Name: All In One WP Security
4
- Version: v1.7
5
  Plugin URI: http://www.tipsandtricks-hq.com/
6
  Author: Tips and Tricks HQ, Peter, Ruhul Amin
7
  Author URI: http://www.tipsandtricks-hq.com/
1
  <?php
2
  /*
3
  Plugin Name: All In One WP Security
4
+ Version: v1.8
5
  Plugin URI: http://www.tipsandtricks-hq.com/
6
  Author: Tips and Tricks HQ, Peter, Ruhul Amin
7
  Author URI: http://www.tipsandtricks-hq.com/