Version Description
Download this release
Release Info
| Developer | AITpro |
| Plugin |  BulletProof Security |
| Version | 5.5 |
| Comparing to | |
| See all releases | |
Code changes from version 5.4 to 5.5
- .htaccess +13 -0
- 400.php +11 -6
- 403.php +12 -7
- 404.php +44 -27
- 405.php +11 -6
- 410.php +11 -6
- admin/core/core-custom-code.php +265 -140
- admin/core/core-export-import.php +2 -2
- admin/core/core-forms.php +19 -247
- admin/core/core-help-text.php +4 -4
- admin/core/core-htaccess-code.php +32 -32
- admin/core/core.php +210 -158
- admin/css/bps-blue-ui-theme.css +70 -44
- admin/db-backup-security/db-backup-functions.php +4 -4
- admin/db-backup-security/db-backup-help-text.php +2 -2
- admin/db-backup-security/db-backup-security.php +79 -79
- admin/email-log-settings/email-log-settings.php +219 -30
- admin/htaccess/bps-maintenance.php +9 -4
- admin/htaccess/bps-mu-tools.php +19 -7
- admin/htaccess/secure.htaccess +1 -1
- admin/htaccess/wpadmin-secure.htaccess +1 -1
- admin/images/accordion-btn-over.png +0 -0
- admin/images/bps-plugin-logo.jpg +0 -0
- admin/images/bpspro-dashboard-status-display.jpg +0 -0
- admin/images/bpspro-plugin-logo.jpg +0 -0
- admin/images/menu-bg.png +0 -0
- admin/images/question-mark-large.jpg +0 -0
- admin/images/table_title_40_bg.png +0 -0
- admin/includes/admin.php +58 -58
- admin/includes/uninstall.php +1 -1
- admin/js/bps-ui-dialog.js +1 -1
- admin/login/login.php +72 -73
- admin/login/lsm-export.php +1 -1
- admin/maintenance/maintenance.php +207 -201
- admin/mscan/mscan-help-text.php +7 -13
- admin/mscan/mscan.php +90 -67
- admin/security-log/security-log.php +65 -64
- admin/system-info/system-info.php +41 -36
- admin/theme-skin/theme-skin.php +23 -39
- admin/wizard/pwizard-autofix-setup.php +60 -60
- admin/wizard/pwizard-autofix.php +35 -3
- admin/wizard/setup-wizard-export.php +811 -0
- admin/wizard/wizard-backup.php +4 -4
- admin/wizard/wizard-functions.php +30 -30
- admin/wizard/wizard.php +56 -53
- bulletproof-security.php +6 -6
- includes/db-security.php +4 -4
- includes/functions.php +36 -31
- includes/general-functions.php +29 -28
- includes/hidden-plugin-folders-cron.php +4 -4
- includes/hud-autofix-setup.php +5 -5
- includes/hud-autofix-whitelist.php +17 -1
- includes/hud-dismiss-functions.php +69 -67
- includes/idle-session-logout.php +1 -1
- includes/login-security.php +8 -4
- includes/mscan-ajax-functions.php +2 -2
- includes/mscan-plugin-hash-maker.php +5 -5
- includes/mscan-theme-hash-maker.php +5 -5
- includes/zip-email-cron-functions.php +4 -4
- isl-logout.php +30 -16
- languages/bulletproof-security.pot +405 -189
.htaccess
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# BEGIN BPS FILE WHITELIST: BPS Frontend Loading Website Plugin scripts/files
|
| 2 |
+
RewriteRule ^.*bps-maintenance.php - [S=6]
|
| 3 |
+
RewriteRule ^400.php - [S=5]
|
| 4 |
+
RewriteRule ^403.php - [S=4]
|
| 5 |
+
RewriteRule ^405.php - [S=3]
|
| 6 |
+
RewriteRule ^410.php - [S=2]
|
| 7 |
+
RewriteRule ^isl-logout.php - [S=1]
|
| 8 |
+
# END BPS FILE WHITELIST
|
| 9 |
+
|
| 10 |
+
# Block all other files in the BPS plugin folder except the whitelisted files above
|
| 11 |
+
# This only blocks files from being accessed by a Browser and not internally.
|
| 12 |
+
RewriteCond %{REQUEST_URI} ^.*\.(7z|as|bat|bin|cgi|chm|chml|cmd|com|command|dat|db|db2|db3|dba|dll|DS_Store|exe|gz|hta|htaccess|htc|htm|html|html5|htx|ico|idc|ini|ins|isp|jar|jav|java|jse|jsfl|json|jsp|jsx|lib|lnk|out|php|phps|php5|php4|php3|phtml|phpt|pl|py|pyd|pyc|pyo|rar|shtm|shtml|sql|swf|sys|tar|taz|tgz|tpl|txt|vb|vbe|vbs|war|ws|wsf|xhtml)$ [NC]
|
| 13 |
+
RewriteRule ^(.*)$ - [F]
|
400.php
CHANGED
|
@@ -55,12 +55,12 @@ p {
|
|
| 55 |
|
| 56 |
<?php
|
| 57 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 58 |
-
require_once
|
| 59 |
}
|
| 60 |
|
| 61 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 62 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 63 |
-
$hostname =
|
| 64 |
$timeNow = time();
|
| 65 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 66 |
|
|
@@ -72,12 +72,17 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 72 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 73 |
}
|
| 74 |
|
| 75 |
-
|
| 76 |
-
|
| 77 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 78 |
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
|
| 79 |
|
| 80 |
-
|
| 81 |
|
| 82 |
if ( is_writable( $bpsProLog ) ) {
|
| 83 |
|
|
@@ -95,7 +100,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 95 |
|
| 96 |
if ( $_SERVER['REQUEST_METHOD'] != 'POST' ) {
|
| 97 |
|
| 98 |
-
|
| 99 |
|
| 100 |
if ( is_writable( $bpsProLog ) ) {
|
| 101 |
|
| 55 |
|
| 56 |
<?php
|
| 57 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 58 |
+
require_once '../../../wp-load.php';
|
| 59 |
}
|
| 60 |
|
| 61 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 62 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 63 |
+
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
| 64 |
$timeNow = time();
|
| 65 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 66 |
|
| 72 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 73 |
}
|
| 74 |
|
| 75 |
+
$event = 'The request could not be understood by the server due to malformed syntax.';
|
| 76 |
+
$solution = 'N/A - Malformed Request - Not an Attack';
|
| 77 |
|
| 78 |
+
$bpsPro_http_referer = false;
|
| 79 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 80 |
+
$bpsPro_http_referer = $_SERVER['HTTP_REFERER'];
|
| 81 |
+
}
|
| 82 |
+
|
| 83 |
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
|
| 84 |
|
| 85 |
+
$log_contents = "\r\n" . '[400 POST Bad Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 86 |
|
| 87 |
if ( is_writable( $bpsProLog ) ) {
|
| 88 |
|
| 100 |
|
| 101 |
if ( $_SERVER['REQUEST_METHOD'] != 'POST' ) {
|
| 102 |
|
| 103 |
+
$log_contents = "\r\n" . '[400 GET Bad Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 104 |
|
| 105 |
if ( is_writable( $bpsProLog ) ) {
|
| 106 |
|
403.php
CHANGED
|
@@ -56,12 +56,12 @@ p {
|
|
| 56 |
|
| 57 |
<?php
|
| 58 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 59 |
-
require_once
|
| 60 |
}
|
| 61 |
|
| 62 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 63 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 64 |
-
$hostname =
|
| 65 |
$timeNow = time();
|
| 66 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 67 |
|
|
@@ -86,6 +86,11 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 86 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 87 |
}
|
| 88 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 89 |
// BPS .52.5: Do not log test 403 errors for /mod-test/ Apache Module testing
|
| 90 |
if ( ! preg_match('/wp-content\/plugins\/bulletproof-security\/admin\/mod-test/', $_SERVER['REQUEST_URI'] ) ) {
|
| 91 |
|
|
@@ -100,7 +105,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 100 |
$event = 'PSBR-HPRA';
|
| 101 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 102 |
}
|
| 103 |
-
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) ||
|
| 104 |
$event = 'WPADMIN-SBR';
|
| 105 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 106 |
|
|
@@ -109,7 +114,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 109 |
$solution = 'N/A - Hacker/Spammer Blocked/Forbidden';
|
| 110 |
}
|
| 111 |
|
| 112 |
-
|
| 113 |
|
| 114 |
if ( is_writable( $bpsProLog ) ) {
|
| 115 |
|
|
@@ -127,14 +132,14 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 127 |
|
| 128 |
if ( empty($request_body) ) {
|
| 129 |
# BEGIN USERAGENT FILTER
|
| 130 |
-
if (
|
| 131 |
# END USERAGENT FILTER
|
| 132 |
|
| 133 |
if ( preg_match_all('/(.*)\/plugins\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) ) {
|
| 134 |
$event = 'PSBR-HPRA';
|
| 135 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 136 |
}
|
| 137 |
-
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) ||
|
| 138 |
$event = 'WPADMIN-SBR';
|
| 139 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 140 |
|
|
@@ -143,7 +148,7 @@ if ( @!preg_match('/BPSUserAgentPlaceHolder/', $_SERVER['HTTP_USER_AGENT']) ) {
|
|
| 143 |
$solution = 'N/A - Hacker/Spammer Blocked/Forbidden';
|
| 144 |
}
|
| 145 |
|
| 146 |
-
|
| 147 |
|
| 148 |
if ( is_writable( $bpsProLog ) ) {
|
| 149 |
|
| 56 |
|
| 57 |
<?php
|
| 58 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 59 |
+
require_once '../../../wp-load.php';
|
| 60 |
}
|
| 61 |
|
| 62 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 63 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 64 |
+
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
| 65 |
$timeNow = time();
|
| 66 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 67 |
|
| 86 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 87 |
}
|
| 88 |
|
| 89 |
+
$bpsPro_http_referer = false;
|
| 90 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 91 |
+
$bpsPro_http_referer = $_SERVER['HTTP_REFERER'];
|
| 92 |
+
}
|
| 93 |
+
|
| 94 |
// BPS .52.5: Do not log test 403 errors for /mod-test/ Apache Module testing
|
| 95 |
if ( ! preg_match('/wp-content\/plugins\/bulletproof-security\/admin\/mod-test/', $_SERVER['REQUEST_URI'] ) ) {
|
| 96 |
|
| 105 |
$event = 'PSBR-HPRA';
|
| 106 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 107 |
}
|
| 108 |
+
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) || preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['HTTP_REFERER'], $matches ) ) {
|
| 109 |
$event = 'WPADMIN-SBR';
|
| 110 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 111 |
|
| 114 |
$solution = 'N/A - Hacker/Spammer Blocked/Forbidden';
|
| 115 |
}
|
| 116 |
|
| 117 |
+
$log_contents = "\r\n" . '[403 POST Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT'] . "\r\n" . 'REQUEST BODY: ' . $request_body . "\r\n";
|
| 118 |
|
| 119 |
if ( is_writable( $bpsProLog ) ) {
|
| 120 |
|
| 132 |
|
| 133 |
if ( empty($request_body) ) {
|
| 134 |
# BEGIN USERAGENT FILTER
|
| 135 |
+
if ( !preg_match('/BPSUserAgentPlaceHolder/', $_SERVER['HTTP_USER_AGENT']) ) {
|
| 136 |
# END USERAGENT FILTER
|
| 137 |
|
| 138 |
if ( preg_match_all('/(.*)\/plugins\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) ) {
|
| 139 |
$event = 'PSBR-HPRA';
|
| 140 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 141 |
}
|
| 142 |
+
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) || preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['HTTP_REFERER'], $matches ) ) {
|
| 143 |
$event = 'WPADMIN-SBR';
|
| 144 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 145 |
|
| 148 |
$solution = 'N/A - Hacker/Spammer Blocked/Forbidden';
|
| 149 |
}
|
| 150 |
|
| 151 |
+
$log_contents = "\r\n" . '[403 GET Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 152 |
|
| 153 |
if ( is_writable( $bpsProLog ) ) {
|
| 154 |
|
404.php
CHANGED
|
@@ -5,29 +5,51 @@
|
|
| 5 |
// your Theme's 404.php template file located in your themes folder /wp-content/themes/your-theme-folder-name/404.php.
|
| 6 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 7 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 8 |
-
$hostname =
|
| 9 |
$timeNow = time();
|
| 10 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 11 |
-
|
| 12 |
-
// Setup Wizard Options: GDPR Compliance Global Variables
|
| 13 |
-
$GDPR_Options = get_option('bulletproof_security_options_gdpr');
|
| 14 |
-
|
| 15 |
-
if ( $GDPR_Options['bps_gdpr_on_off'] != 'On' ) {
|
| 16 |
-
|
| 17 |
-
$bpsPro_remote_addr = $_SERVER['REMOTE_ADDR'];
|
| 18 |
-
$bpsPro_http_client_ip = $_SERVER['HTTP_CLIENT_IP'];
|
| 19 |
-
$bpsPro_http_forwarded = $_SERVER['HTTP_FORWARDED'];
|
| 20 |
-
$bpsPro_http_x_forwarded_for = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
| 21 |
-
$bpsPro_http_x_cluster_client_ip = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
|
| 22 |
|
| 23 |
-
|
| 24 |
|
| 25 |
-
$
|
| 26 |
-
|
| 27 |
-
|
| 28 |
-
|
| 29 |
-
|
| 30 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 31 |
|
| 32 |
$post_limit = get_option('bulletproof_security_options_sec_log_post_limit');
|
| 33 |
$query_string = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
|
|
@@ -53,18 +75,14 @@ if ( $GDPR_Options['bps_gdpr_on_off'] != 'On' ) {
|
|
| 53 |
$event = 'The server has not found anything matching the Request-URI.';
|
| 54 |
$solution = 'N/A - 404 Not Found';
|
| 55 |
|
| 56 |
-
//
|
| 57 |
-
// This condition below will prevent those 404 errors from being logged.
|
| 58 |
-
if ( ! preg_match( '/page=bulletproof-security/', esc_html($_SERVER['HTTP_REFERER']), $matches) ) {
|
| 59 |
-
|
| 60 |
-
// .52.7: Request Body condition added
|
| 61 |
if ( ! empty($request_body) ) {
|
| 62 |
|
| 63 |
if ( $post_limit['bps_security_log_post_none'] == '1' ) {
|
| 64 |
$request_body = 'BPS Security Log option set to: Do Not Log POST Request Body Data';
|
| 65 |
}
|
| 66 |
|
| 67 |
-
$log_contents = "\r\n" . '[404 POST Not Found Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '
|
| 68 |
|
| 69 |
if ( is_writable( $bpsProLog ) ) {
|
| 70 |
|
|
@@ -82,7 +100,7 @@ $log_contents = "\r\n" . '[404 POST Not Found Request: ' . $timestamp . ']' . "\
|
|
| 82 |
|
| 83 |
if ( empty($request_body) ) {
|
| 84 |
|
| 85 |
-
$log_contents = "\r\n" . '[404 GET Not Found Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$
|
| 86 |
|
| 87 |
if ( is_writable( $bpsProLog ) ) {
|
| 88 |
|
|
@@ -97,6 +115,5 @@ $log_contents = "\r\n" . '[404 GET Not Found Request: ' . $timestamp . ']' . "\r
|
|
| 97 |
fclose($handle);
|
| 98 |
}
|
| 99 |
}
|
| 100 |
-
}
|
| 101 |
?>
|
| 102 |
<!-- END COPY CODE - BPS Error logging code -->
|
| 5 |
// your Theme's 404.php template file located in your themes folder /wp-content/themes/your-theme-folder-name/404.php.
|
| 6 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 7 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 8 |
+
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
| 9 |
$timeNow = time();
|
| 10 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
|
| 12 |
+
$GDPR_Options = get_option('bulletproof_security_options_gdpr');
|
| 13 |
|
| 14 |
+
if ( isset($GDPR_Options['bps_gdpr_on_off']) && $GDPR_Options['bps_gdpr_on_off'] != 'On' ) {
|
| 15 |
+
|
| 16 |
+
$bpsPro_remote_addr = false;
|
| 17 |
+
if ( array_key_exists('REMOTE_ADDR', $_SERVER) ) {
|
| 18 |
+
$bpsPro_remote_addr = $_SERVER['REMOTE_ADDR'];
|
| 19 |
+
}
|
| 20 |
+
$bpsPro_http_client_ip = false;
|
| 21 |
+
if ( array_key_exists('HTTP_CLIENT_IP', $_SERVER) ) {
|
| 22 |
+
$bpsPro_http_client_ip = $_SERVER['HTTP_CLIENT_IP'];
|
| 23 |
+
}
|
| 24 |
+
$bpsPro_http_forwarded = false;
|
| 25 |
+
if ( array_key_exists('HTTP_FORWARDED', $_SERVER) ) {
|
| 26 |
+
$bpsPro_http_forwarded = $_SERVER['HTTP_FORWARDED'];
|
| 27 |
+
}
|
| 28 |
+
$bpsPro_http_x_forwarded_for = false;
|
| 29 |
+
if ( array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER) ) {
|
| 30 |
+
$bpsPro_http_x_forwarded_for = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
| 31 |
+
}
|
| 32 |
+
$bpsPro_http_x_cluster_client_ip = false;
|
| 33 |
+
if ( array_key_exists('HTTP_X_CLUSTER_CLIENT_IP', $_SERVER) ) {
|
| 34 |
+
$bpsPro_http_x_cluster_client_ip = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
|
| 35 |
+
}
|
| 36 |
+
$bpsPro_http_referrer = false;
|
| 37 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 38 |
+
$bpsPro_http_referrer = $_SERVER['HTTP_REFERER'];
|
| 39 |
+
}
|
| 40 |
+
|
| 41 |
+
} else {
|
| 42 |
+
|
| 43 |
+
$bpsPro_remote_addr = 'GDPR Compliance On';
|
| 44 |
+
$bpsPro_http_client_ip = 'GDPR Compliance On';
|
| 45 |
+
$bpsPro_http_forwarded = 'GDPR Compliance On';
|
| 46 |
+
$bpsPro_http_x_forwarded_for = 'GDPR Compliance On';
|
| 47 |
+
$bpsPro_http_x_cluster_client_ip = 'GDPR Compliance On';
|
| 48 |
+
$bpsPro_http_referrer = false;
|
| 49 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 50 |
+
$bpsPro_http_referrer = $_SERVER['HTTP_REFERER'];
|
| 51 |
+
}
|
| 52 |
+
}
|
| 53 |
|
| 54 |
$post_limit = get_option('bulletproof_security_options_sec_log_post_limit');
|
| 55 |
$query_string = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
|
| 75 |
$event = 'The server has not found anything matching the Request-URI.';
|
| 76 |
$solution = 'N/A - 404 Not Found';
|
| 77 |
|
| 78 |
+
// 11.2: Request Body condition added
|
|
|
|
|
|
|
|
|
|
|
|
|
| 79 |
if ( ! empty($request_body) ) {
|
| 80 |
|
| 81 |
if ( $post_limit['bps_security_log_post_none'] == '1' ) {
|
| 82 |
$request_body = 'BPS Security Log option set to: Do Not Log POST Request Body Data';
|
| 83 |
}
|
| 84 |
|
| 85 |
+
$log_contents = "\r\n" . '[404 POST Not Found Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: POST'."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referrer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string. "\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT'] . "\r\n" . 'REQUEST BODY: ' . $request_body . "\r\n";
|
| 86 |
|
| 87 |
if ( is_writable( $bpsProLog ) ) {
|
| 88 |
|
| 100 |
|
| 101 |
if ( empty($request_body) ) {
|
| 102 |
|
| 103 |
+
$log_contents = "\r\n" . '[404 GET Not Found Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referrer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 104 |
|
| 105 |
if ( is_writable( $bpsProLog ) ) {
|
| 106 |
|
| 115 |
fclose($handle);
|
| 116 |
}
|
| 117 |
}
|
|
|
|
| 118 |
?>
|
| 119 |
<!-- END COPY CODE - BPS Error logging code -->
|
405.php
CHANGED
|
@@ -58,12 +58,12 @@ p {
|
|
| 58 |
<?php
|
| 59 |
|
| 60 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 61 |
-
require_once
|
| 62 |
}
|
| 63 |
|
| 64 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 65 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 66 |
-
$hostname =
|
| 67 |
$timeNow = time();
|
| 68 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 69 |
|
|
@@ -88,6 +88,11 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 88 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 89 |
}
|
| 90 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 91 |
// Note: A HEAD Request should not have a Body, but leaving this code here anyway.
|
| 92 |
if ( ! empty($request_body) ) {
|
| 93 |
|
|
@@ -99,7 +104,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 99 |
$event = 'PSBR-HPRA-HEAD';
|
| 100 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 101 |
}
|
| 102 |
-
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) ||
|
| 103 |
$event = 'WPADMIN-SBR-HEAD';
|
| 104 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 105 |
|
|
@@ -108,7 +113,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 108 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 109 |
}
|
| 110 |
|
| 111 |
-
|
| 112 |
|
| 113 |
if ( is_writable( $bpsProLog ) ) {
|
| 114 |
|
|
@@ -131,7 +136,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 131 |
$event = 'PSBR-HPRA-HEAD';
|
| 132 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 133 |
}
|
| 134 |
-
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) ||
|
| 135 |
$event = 'WPADMIN-SBR-HEAD';
|
| 136 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 137 |
|
|
@@ -140,7 +145,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 140 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 141 |
}
|
| 142 |
|
| 143 |
-
|
| 144 |
|
| 145 |
if ( is_writable( $bpsProLog ) ) {
|
| 146 |
|
| 58 |
<?php
|
| 59 |
|
| 60 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 61 |
+
require_once '../../../wp-load.php';
|
| 62 |
}
|
| 63 |
|
| 64 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 65 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 66 |
+
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
| 67 |
$timeNow = time();
|
| 68 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 69 |
|
| 88 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 89 |
}
|
| 90 |
|
| 91 |
+
$bpsPro_http_referer = false;
|
| 92 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 93 |
+
$bpsPro_http_referer = $_SERVER['HTTP_REFERER'];
|
| 94 |
+
}
|
| 95 |
+
|
| 96 |
// Note: A HEAD Request should not have a Body, but leaving this code here anyway.
|
| 97 |
if ( ! empty($request_body) ) {
|
| 98 |
|
| 104 |
$event = 'PSBR-HPRA-HEAD';
|
| 105 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 106 |
}
|
| 107 |
+
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) || preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['HTTP_REFERER'], $matches ) ) {
|
| 108 |
$event = 'WPADMIN-SBR-HEAD';
|
| 109 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 110 |
|
| 113 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 114 |
}
|
| 115 |
|
| 116 |
+
$log_contents = "\r\n" . '[405 HEAD Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: ' . $bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip . "\r\n" . 'REQUEST_METHOD: HEAD' . "\r\n" . 'HTTP_REFERER: ' . $bpsPro_http_referer . "\r\n" . 'REQUEST_URI: ' . $_SERVER['REQUEST_URI'] . "\r\n" . 'QUERY_STRING: ' . $query_string . "\r\n" . 'HTTP_USER_AGENT: '. $_SERVER['HTTP_USER_AGENT'] . "\r\n" . 'REQUEST BODY: ' . $request_body . "\r\n";
|
| 117 |
|
| 118 |
if ( is_writable( $bpsProLog ) ) {
|
| 119 |
|
| 136 |
$event = 'PSBR-HPRA-HEAD';
|
| 137 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 138 |
}
|
| 139 |
+
elseif ( preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['REQUEST_URI'], $matches ) || preg_match('/(.*)\/wp-admin\/(.*)\.[a-zA-Z0-9]/', $_SERVER['HTTP_REFERER'], $matches ) ) {
|
| 140 |
$event = 'WPADMIN-SBR-HEAD';
|
| 141 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 142 |
|
| 145 |
$solution = 'https://forum.ait-pro.com/forums/topic/security-log-event-codes/';
|
| 146 |
}
|
| 147 |
|
| 148 |
+
$log_contents = "\r\n" . '[405 HEAD Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: ' . $bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip . "\r\n" . 'REQUEST_METHOD: HEAD' . "\r\n" . 'HTTP_REFERER: ' . $bpsPro_http_referer . "\r\n" . 'REQUEST_URI: ' . $_SERVER['REQUEST_URI'] . "\r\n" . 'QUERY_STRING: ' . $query_string . "\r\n" . 'HTTP_USER_AGENT: ' . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
|
| 149 |
|
| 150 |
if ( is_writable( $bpsProLog ) ) {
|
| 151 |
|
410.php
CHANGED
|
@@ -57,12 +57,12 @@ p {
|
|
| 57 |
|
| 58 |
<?php
|
| 59 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 60 |
-
require_once
|
| 61 |
}
|
| 62 |
|
| 63 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 64 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 65 |
-
$hostname =
|
| 66 |
$timeNow = time();
|
| 67 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 68 |
|
|
@@ -74,12 +74,17 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 74 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 75 |
}
|
| 76 |
|
| 77 |
-
|
| 78 |
-
|
| 79 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 80 |
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
|
| 81 |
|
| 82 |
-
|
| 83 |
|
| 84 |
if ( is_writable( $bpsProLog ) ) {
|
| 85 |
|
|
@@ -97,7 +102,7 @@ $gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
|
| 97 |
|
| 98 |
if ( $_SERVER['REQUEST_METHOD'] != 'POST' ) {
|
| 99 |
|
| 100 |
-
|
| 101 |
|
| 102 |
if ( is_writable( $bpsProLog ) ) {
|
| 103 |
|
| 57 |
|
| 58 |
<?php
|
| 59 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 60 |
+
require_once '../../../wp-load.php';
|
| 61 |
}
|
| 62 |
|
| 63 |
// NOTE: fwrite is faster in benchmark tests than file_put_contents for successive writes
|
| 64 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 65 |
+
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
| 66 |
$timeNow = time();
|
| 67 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 68 |
|
| 74 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 75 |
}
|
| 76 |
|
| 77 |
+
$event = '410 Gone';
|
| 78 |
+
$solution = 'N/A - 410 Gone - Not an Attack';
|
| 79 |
|
| 80 |
+
$bpsPro_http_referer = false;
|
| 81 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 82 |
+
$bpsPro_http_referer = $_SERVER['HTTP_REFERER'];
|
| 83 |
+
}
|
| 84 |
+
|
| 85 |
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
|
| 86 |
|
| 87 |
+
$log_contents = "\r\n" . '[410 Gone POST Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 88 |
|
| 89 |
if ( is_writable( $bpsProLog ) ) {
|
| 90 |
|
| 102 |
|
| 103 |
if ( $_SERVER['REQUEST_METHOD'] != 'POST' ) {
|
| 104 |
|
| 105 |
+
$log_contents = "\r\n" . '[410 Gone GET Request: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'Event Code: ' . $event . "\r\n" . 'Solution: ' . $solution . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 106 |
|
| 107 |
if ( is_writable( $bpsProLog ) ) {
|
| 108 |
|
admin/core/core-custom-code.php
CHANGED
|
@@ -1,5 +1,4 @@
|
|
| 1 |
<?php
|
| 2 |
-
// Direct calls to this file are Forbidden when core files are not present
|
| 3 |
if ( ! current_user_can('manage_options') ) {
|
| 4 |
header('Status: 403 Forbidden');
|
| 5 |
header('HTTP/1.1 403 Forbidden');
|
|
@@ -10,7 +9,7 @@ $scrolltoCCode = isset( $_REQUEST['scrolltoCCode'] ) ? (int) $_REQUEST['scrollto
|
|
| 10 |
$scrolltoCCodeWPA = isset( $_REQUEST['scrolltoCCodeWPA'] ) ? (int) $_REQUEST['scrolltoCCodeWPA'] : 0;
|
| 11 |
|
| 12 |
// Custom Code Check BPS Query String DB option for invalid code
|
| 13 |
-
// .
|
| 14 |
function bps_CustomCode_BPSQSE_check() {
|
| 15 |
global $bps_topDiv, $bps_bottomDiv;
|
| 16 |
|
|
@@ -43,11 +42,11 @@ $bps_customcode_one = ! isset($options['bps_customcode_one']) ? '' : $options['b
|
|
| 43 |
$bps_customcode_wp_rewrite_start = ! isset($options['bps_customcode_wp_rewrite_start']) ? '' : $options['bps_customcode_wp_rewrite_start'];
|
| 44 |
$bps_customcode_bpsqse = ! isset($options['bps_customcode_bpsqse']) ? '' : $options['bps_customcode_bpsqse'];
|
| 45 |
$bps_customcode_three = ! isset($options['bps_customcode_three']) ? '' : $options['bps_customcode_three'];
|
| 46 |
-
|
| 47 |
-
if ( preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_one, ENT_QUOTES ), $matches ) || preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_wp_rewrite_start, ENT_QUOTES ), $matches ) || preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_bpsqse, ENT_QUOTES ), $matches ) || preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_three, ENT_QUOTES ), $matches ) ) {
|
| 48 |
|
|
|
|
|
|
|
| 49 |
echo $bps_topDiv;
|
| 50 |
-
$text = '<strong><font color="#fb0101">'.__('Default WordPress Rewrite htaccess code has been added to BPS Custom Code.', 'bulletproof-security').'</font><br>'.__('The BPS plugin already uses/has Default WordPress Rewrite code. Delete the Default WordPress Rewrite htaccess code shown below from the CUSTOM CODE text box were it was added and click the Save Root Custom Code button.', 'bulletproof-security').'</strong><br>';
|
| 51 |
echo $text;
|
| 52 |
echo '<pre>';
|
| 53 |
print_r(htmlspecialchars($matches[0]));
|
|
@@ -61,7 +60,7 @@ bps_CustomCode_BPSQSE_check();
|
|
| 61 |
// Root Custom Code Form
|
| 62 |
// Important Note: stripslashes is used to strip any slashes that are added to a $_POST value and not slashes in the code itself.
|
| 63 |
// Note: Form value bps_customcode_wp_rewrite_end is conditional to Network|Multisite and is hidden for single WP site types, which means the value is not saved in the DB.
|
| 64 |
-
##
|
| 65 |
function bpsPro_CC_Root_values_form() {
|
| 66 |
global $bps_topDiv, $bps_bottomDiv;
|
| 67 |
|
|
@@ -209,7 +208,7 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 209 |
|
| 210 |
// wp-admin Custom Code Form
|
| 211 |
// Important Note: stripslashes is used to strip any slashes that are added to a $_POST value and not slashes in the code itself.
|
| 212 |
-
##
|
| 213 |
function bpsPro_CC_WPA_values_form() {
|
| 214 |
global $bps_topDiv, $bps_bottomDiv;
|
| 215 |
|
|
@@ -267,32 +266,64 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 267 |
}
|
| 268 |
}
|
| 269 |
|
| 270 |
-
|
| 271 |
-
|
| 272 |
-
|
| 273 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 274 |
?>
|
| 275 |
|
| 276 |
<div id="bps-accordion-2" class="bps-accordion-main-2" style="">
|
| 277 |
-
|
| 278 |
<div id="cc-accordion-inner">
|
| 279 |
|
| 280 |
-
<button onclick="bpsRootCCEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 281 |
-
<button onclick="bpsRootCCDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 282 |
|
| 283 |
<table width="100%" border="0" cellspacing="0" cellpadding="10" class="bps-help_faq_table">
|
| 284 |
<tr>
|
| 285 |
-
<td
|
| 286 |
</tr>
|
| 287 |
<tr>
|
| 288 |
-
|
| 289 |
<td class="bps-table_cell_help_custom_code">
|
| 290 |
-
|
| 291 |
<form name="bpsCustomCodeForm" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ); ?>" method="post">
|
| 292 |
<?php
|
| 293 |
wp_nonce_field('bulletproof_security_CC_Root');
|
| 294 |
bpsPro_CC_Root_values_form();
|
| 295 |
-
$CC_Options_root = get_option('bulletproof_security_options_customcode');
|
| 296 |
$bps_customcode_one = ! isset($CC_Options_root['bps_customcode_one']) ? '' : $CC_Options_root['bps_customcode_one'];
|
| 297 |
$bps_customcode_server_signature = ! isset($CC_Options_root['bps_customcode_server_signature']) ? '' : $CC_Options_root['bps_customcode_server_signature'];
|
| 298 |
$bps_customcode_directory_index = ! isset($CC_Options_root['bps_customcode_directory_index']) ? '' : $CC_Options_root['bps_customcode_directory_index'];
|
|
@@ -308,127 +339,214 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 308 |
$bps_customcode_wp_rewrite_end = ! isset($CC_Options_root['bps_customcode_wp_rewrite_end']) ? '' : $CC_Options_root['bps_customcode_wp_rewrite_end'];
|
| 309 |
$bps_customcode_deny_files = ! isset($CC_Options_root['bps_customcode_deny_files']) ? '' : $CC_Options_root['bps_customcode_deny_files'];
|
| 310 |
$bps_customcode_three = ! isset($CC_Options_root['bps_customcode_three']) ? '' : $CC_Options_root['bps_customcode_three'];
|
| 311 |
-
?>
|
| 312 |
|
| 313 |
-
|
| 314 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 315 |
<textarea id="crypt1" class="bps-text-area-custom-code" name="bps_customcode_one" tabindex="1"><?php echo $bps_customcode_one; ?></textarea>
|
|
|
|
| 316 |
</td>
|
| 317 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you where your php/php.ini handler and/or cache htaccess code will be created in your root htaccess file. If you have php/php.ini handler and/or cache htaccess code, copy and paste it into the CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE text box to the left.</span><pre># PHP/PHP.INI HANDLER/CACHE CODE<br /># Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.<br /># Most Hosts do not have/use/require php/php.ini Handler htaccess code</pre></td>
|
| 318 |
</tr>
|
| 319 |
<tr>
|
| 320 |
<td class="bps-table_cell_help_custom_code">
|
| 321 |
-
|
| 322 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 323 |
<textarea id="crypt2" class="bps-text-area-custom-code" name="bps_customcode_server_signature" tabindex="2"><?php echo $bps_customcode_server_signature; ?></textarea>
|
|
|
|
| 324 |
</td>
|
| 325 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE text box. Go to the htaccess File Editor tab page and copy your actual TURN OFF YOUR SERVER SIGNATURE root htaccess file code and paste it into the CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE text box to the left.</span><pre># TURN OFF YOUR SERVER SIGNATURE<br /># Suppresses the footer line server version number and ServerName of the serving virtual host<br />ServerSignature Off</pre></td>
|
| 326 |
</tr>
|
| 327 |
<tr>
|
| 328 |
<td class="bps-table_cell_help_custom_code">
|
| 329 |
-
|
| 330 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 331 |
<textarea id="crypt3" class="bps-text-area-custom-code" name="bps_customcode_directory_index" tabindex="3"><?php echo $bps_customcode_directory_index; ?></textarea>
|
|
|
|
| 332 |
</td>
|
| 333 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX text box. Go to the htaccess File Editor tab page and copy your actual DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX root htaccess file code and paste it into the CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX text box to the left.</span><pre style="max-height:130px;"># DO NOT SHOW DIRECTORY LISTING<br /># Disallow mod_autoindex from displaying a directory listing<br /># If a 500 Internal Server Error occurs when activating Root BulletProof Mode<br /># copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code<br /># and paste it into BPS Custom Code and comment out Options -Indexes<br /># by adding a # sign in front of it.<br /># Example: #Options -Indexes<br />Options -Indexes<br /><br /># DIRECTORY INDEX FORCE INDEX.PHP<br /># Use index.php as default directory index file. index.html will be ignored.<br /># If a 500 Internal Server Error occurs when activating Root BulletProof Mode<br /># copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code<br /># and paste it into BPS Custom Code and comment out DirectoryIndex<br /># by adding a # sign in front of it.<br /># Example: #DirectoryIndex index.php index.html /index.php<br />DirectoryIndex index.php index.html /index.php</pre></td>
|
| 334 |
</tr>
|
| 335 |
<tr>
|
| 336 |
<td class="bps-table_cell_help_custom_code">
|
| 337 |
-
|
| 338 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 339 |
<textarea id="crypt4" class="bps-text-area-custom-code" name="bps_customcode_server_protocol" tabindex="4"><?php echo $bps_customcode_server_protocol; ?></textarea>
|
|
|
|
| 340 |
</td>
|
| 341 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:60px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you where your Brute Force Login Page Protection code will be created in your root htaccess file if you decide to add the option/Bonus code. You can get the code by clicking the Brute Force Login Page Protection Code link. Copy and paste it into the CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION text box to the left.</span><pre># BRUTE FORCE LOGIN PAGE PROTECTION<br /># PLACEHOLDER ONLY<br /># Use BPS Custom Code to add Brute Force Login protection code and to save it permanently.<br /># See this link: https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/<br /># for more information.</pre></td>
|
| 342 |
</tr>
|
| 343 |
<tr>
|
| 344 |
<td class="bps-table_cell_help_custom_code">
|
| 345 |
-
|
| 346 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 347 |
<textarea id="crypt5" class="bps-text-area-custom-code" name="bps_customcode_error_logging" tabindex="5"><?php echo $bps_customcode_error_logging; ?></textarea>
|
|
|
|
| 348 |
</td>
|
| 349 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE ERROR LOGGING AND TRACKING text box. Go to the htaccess File Editor tab page and copy your actual ERROR LOGGING AND TRACKING root htaccess file code and paste it into the CUSTOM CODE ERROR LOGGING AND TRACKING text box to the left.</span><pre style="max-height:145px;"># BPS PRO ERROR LOGGING AND TRACKING<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># BPS Pro has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and<br /># 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors<br />.....<br />.....<br />ErrorDocument 400 <?php echo '/'.$bps_plugin_dir; ?>/bulletproof-security/400.php<br />ErrorDocument 401 default<br />ErrorDocument 403 <?php echo '/'.$bps_plugin_dir; ?>/bulletproof-security/403.php<br />ErrorDocument 404 /404.php<br />ErrorDocument 405 <?php echo '/'.$bps_plugin_dir; ?>/bulletproof-security/405.php<br />ErrorDocument 410 <?php echo '/'.$bps_plugin_dir; ?>/bulletproof-security/410.php</pre></td>
|
| 350 |
</tr>
|
| 351 |
<tr>
|
| 352 |
<td class="bps-table_cell_help_custom_code">
|
| 353 |
-
|
| 354 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 355 |
<textarea id="crypt6" class="bps-text-area-custom-code" name="bps_customcode_deny_dot_folders" tabindex="6"><?php echo $bps_customcode_deny_dot_folders; ?></textarea>
|
|
|
|
| 356 |
</td>
|
| 357 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS text box. Go to the htaccess File Editor tab page and copy your actual DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS root htaccess file code and paste it into the CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS text box to the left.</span><pre># DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs<br />RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$</pre></td>
|
| 358 |
</tr>
|
| 359 |
<tr>
|
| 360 |
<td class="bps-table_cell_help_custom_code">
|
| 361 |
-
|
| 362 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 363 |
<textarea id="crypt7" class="bps-text-area-custom-code" name="bps_customcode_admin_includes" tabindex="7"><?php echo $bps_customcode_admin_includes; ?></textarea>
|
|
|
|
| 364 |
</td>
|
| 365 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:60px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE WP-ADMIN/INCLUDES text box. Go to the htaccess File Editor tab page and copy your actual WP-ADMIN/INCLUDES root htaccess file code and paste it into the CUSTOM CODE WP-ADMIN/INCLUDES text box to the left.</span><pre># WP-ADMIN/INCLUDES<br /># Use BPS Custom Code to remove this code permanently.<br />RewriteEngine On<br />RewriteBase /<br />RewriteRule ^wp-admin/includes/ - [F]<br />RewriteRule !^wp-includes/ - [S=3]<br />RewriteRule ^wp-includes/[^/]+\.php$ - [F]<br />RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]<br />RewriteRule ^wp-includes/theme-compat/ - [F]</pre></td>
|
| 366 |
</tr>
|
| 367 |
<tr>
|
| 368 |
<td class="bps-table_cell_help_custom_code">
|
| 369 |
-
|
| 370 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 371 |
<textarea id="crypt8" class="bps-text-area-custom-code" name="bps_customcode_wp_rewrite_start" tabindex="8"><?php echo $bps_customcode_wp_rewrite_start; ?></textarea>
|
|
|
|
| 372 |
</td>
|
| 373 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE WP REWRITE LOOP START text box. Go to the htaccess File Editor tab page and copy your actual WP REWRITE LOOP START root htaccess file code and paste it into the CUSTOM CODE WP REWRITE LOOP START text box to the left.</span><br /><pre># CUSTOM CODE WP REWRITE LOOP START<br /># WP REWRITE LOOP START<br />RewriteEngine On<br />RewriteBase /<br />RewriteRule ^index\.php$ - [L]</pre></td>
|
| 374 |
</tr>
|
| 375 |
<tr>
|
| 376 |
<td class="bps-table_cell_help_custom_code">
|
| 377 |
-
<strong><label for="bps-CCode">
|
| 378 |
-
<?php echo number_format_i18n( 9 ).'. '; _e('CUSTOM CODE REQUEST METHODS FILTERED:', 'bulletproof-security'); ?><br />
|
| 379 |
-
<?php _e('Whitelist User Agents and allow HEAD Requests', 'bulletproof-security'); ?> </label></strong><br />
|
| 380 |
-
<strong><?php $text = '<font color="#2ea2cc">'.__('You MUST copy and paste the entire REQUEST METHODS FILTERED section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. To Allow HEAD Requests click the Read Me help button at the top of the Custom Code page for instructions and examples.', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 381 |
-
<textarea id="crypt9" class="bps-text-area-custom-code" name="bps_customcode_request_methods" tabindex="9"><?php echo $bps_customcode_request_methods; ?></textarea>
|
| 382 |
-
</td>
|
| 383 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;">
|
| 384 |
-
|
| 385 |
-
<?php if ( preg_match( '/R=405/', $bps_customcode_request_methods ) ) { ?>
|
| 386 |
|
| 387 |
-
|
| 388 |
-
|
| 389 |
-
|
| 390 |
|
| 391 |
-
|
| 392 |
|
| 393 |
-
|
| 394 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 395 |
</td>
|
| 396 |
</tr>
|
| 397 |
<tr>
|
| 398 |
<td class="bps-table_cell_help_custom_code">
|
| 399 |
-
|
| 400 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 401 |
<textarea id="crypt10" class="bps-text-area-custom-code" name="bps_customcode_two" tabindex="10"><?php echo $bps_customcode_two; ?></textarea>
|
|
|
|
| 402 |
</td>
|
| 403 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:60px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you where your plugin/theme skip/bypass rules code will be created in your root htaccess file. If you have plugin/theme skip/bypass rules, copy and paste it into the CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES text box to the left. Click the Read Me help button for more information about plugin/theme skip/bypass rules code.</span><pre style="max-height:145px;"># PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES<br /># To add plugin/theme skip/bypass rules use BPS Custom Code.<br /># The [S] flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules.<br /># The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9...<br /># If you delete a skip rule, change the other skip rule numbers accordingly.<br /># Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc.<br /># If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13]<br /><br /><div style="background-color:#FFFF00;padding:3px;">Your plugin/theme skip/bypass rules will be created here in your root htaccess file</div><br /># Adminer MySQL management tool data populate<br />RewriteCond %{REQUEST_URI} ^/<?php echo $bps_plugin_dir; ?>/adminer/ [NC]<br />RewriteRule . - [S=12]</pre></td>
|
| 404 |
</tr>
|
| 405 |
<tr>
|
| 406 |
<td class="bps-table_cell_help_custom_code">
|
| 407 |
-
|
| 408 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 409 |
<textarea id="crypt11" class="bps-text-area-custom-code" name="bps_customcode_timthumb_misc" tabindex="11"><?php echo $bps_customcode_timthumb_misc; ?></textarea>
|
|
|
|
| 410 |
</td>
|
| 411 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE text box. Go to the htaccess File Editor tab page and copy your actual TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE root htaccess file code and paste it into the CUSTOM CODE text box to the left.</span><pre style="max-height:145px;"># TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># Remote File Inclusion (RFI) security rules<br />.....<br />.....<br /># Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)<br />RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]<br /># Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*<br />RewriteCond %{HTTP_REFERER} ^.*<?php echo $bps_get_domain_root; ?>.*<br />RewriteRule . - [S=1]</pre></td>
|
| 412 |
</tr>
|
| 413 |
<tr>
|
| 414 |
<td class="bps-table_cell_help_custom_code">
|
| 415 |
-
|
| 416 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 417 |
<textarea id="crypt12" class="bps-text-area-custom-code" name="bps_customcode_bpsqse" tabindex="12"><?php echo $bps_customcode_bpsqse; ?></textarea>
|
|
|
|
| 418 |
</td>
|
| 419 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:90px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS text box. Go to the htaccess File Editor tab page and copy your actual BPSQSE BPS QUERY STRING EXPLOITS root htaccess file code and paste it into the CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS text box to the left.</span><pre># BEGIN BPSQSE BPS QUERY STRING EXPLOITS<br /># The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too.<br /># Good sites such as W3C use it for their W3C-LinkChecker.<br /># Use BPS Custom Code to add or remove user agents temporarily or permanently from the<br />.....<br />.....<br />RewriteCond %{QUERY_STRING} (sp_executesql) [NC]<br />RewriteRule ^(.*)$ - [F]<br /># END BPSQSE BPS QUERY STRING EXPLOITS</pre></td>
|
| 420 |
</tr>
|
| 421 |
|
| 422 |
<?php if ( is_multisite() ) { ?>
|
| 423 |
|
| 424 |
<tr>
|
| 425 |
<td class="bps-table_cell_help_custom_code">
|
| 426 |
-
|
| 427 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 428 |
<textarea id="crypt12b" class="bps-text-area-custom-code" name="bps_customcode_wp_rewrite_end" tabindex="13"><?php echo $bps_customcode_wp_rewrite_end; ?></textarea>
|
| 429 |
|
| 430 |
-
</td>
|
| 431 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: The actual WP REWRITE LOOP END code for your website may be different. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE WP REWRITE LOOP END text box. Go to the htaccess File Editor tab page and copy your actual WP REWRITE LOOP END root htaccess file code and paste it into the CUSTOM CODE WP REWRITE LOOP END text box to the left.</span><br /><pre># END BPSQSE BPS QUERY STRING EXPLOITS<br /><div style="background-color:#FFFF00;padding:3px;">RewriteCond %{REQUEST_FILENAME} -f [OR]<br />RewriteCond %{REQUEST_FILENAME} -d<br />RewriteRule ^ - [L]<br />RewriteRule ^[_0-9a-zA-Z-]+/(wp-(content|admin|includes).*) $1 [L]<br />RewriteRule ^[_0-9a-zA-Z-]+/(.*\.php)$ $1 [L]<br />RewriteRule . index.php [L]<br /># WP REWRITE LOOP END</div></pre>
|
| 432 |
</td>
|
| 433 |
</tr>
|
| 434 |
|
|
@@ -440,50 +558,50 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 440 |
|
| 441 |
<tr>
|
| 442 |
<td class="bps-table_cell_help_custom_code">
|
| 443 |
-
<strong><label for="bps-CCode"><?php echo number_format_i18n( 13 ).'. '; _e('CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES:', 'bulletproof-security'); ?> </label></strong><br />
|
| 444 |
-
<strong><?php $text = '<font color="#2ea2cc">'.__('You MUST copy and paste the entire DENY BROWSER ACCESS section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 445 |
-
<textarea id="crypt13" class="bps-text-area-custom-code" name="bps_customcode_deny_files" tabindex="14"><?php echo $bps_customcode_deny_files; ?></textarea>
|
| 446 |
-
</td>
|
| 447 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:75px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES text box. Go to the htaccess File Editor tab page and copy your actual DENY BROWSER ACCESS TO THESE FILES root htaccess file code and paste it into the CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES text box to the left.</span>
|
| 448 |
-
|
| 449 |
-
<?php if ( isset($Apache_Mod_options['bps_apache_mod_ifmodule']) && $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'Yes' ) { ?>
|
| 450 |
-
|
| 451 |
-
<pre style="max-height:145px;"># DENY BROWSER ACCESS TO THESE FILES<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># wp-config.php, bb-config.php, php.ini, php5.ini, readme.html<br /># To be able to view these files from a Browser, replace 127.0.0.1 with your actual<br /># current IP address. Comment out: #Require all denied and Uncomment: Require ip 127.0.0.1<br /># Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1<br /># Note: The BPS System Info page displays which modules are loaded on your server.<br /><br /><FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)"><br /><IfModule mod_authz_core.c><br />Require all denied<br />#Require ip 127.0.0.1<br /></IfModule><br /><br /><IfModule !mod_authz_core.c><br /><IfModule mod_access_compat.c><br />Order Allow,Deny<br />Deny from all<br />#Allow from 127.0.0.1<br /></IfModule><br /></IfModule><br /></FilesMatch></pre>
|
| 452 |
-
|
| 453 |
-
<?php } elseif ( isset($Apache_Mod_options['bps_apache_mod_ifmodule']) && $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'No' ) { ?>
|
| 454 |
|
| 455 |
-
|
|
|
|
|
|
|
| 456 |
|
| 457 |
-
<?php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 458 |
|
| 459 |
</td>
|
| 460 |
</tr>
|
| 461 |
<tr>
|
| 462 |
<td class="bps-table_cell_help_custom_code">
|
| 463 |
-
|
| 464 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 465 |
<textarea id="crypt14" class="bps-text-area-custom-code" name="bps_customcode_three" tabindex="15"><?php echo $bps_customcode_three; ?></textarea>
|
|
|
|
| 466 |
</td>
|
| 467 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:60px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for Custom Code Setup Steps. This example code is a visual reference to show you where your custom htaccess code will be created in your root htaccess file. If you have Hotlinking, Redirect, IP Blocking htaccess code then copy and paste it into the CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE text box to the left.</span><pre># CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE<br /># PLACEHOLDER ONLY<br /># Use BPS Custom Code to add custom code and save it permanently here.</pre></td>
|
| 468 |
</tr>
|
| 469 |
<tr>
|
| 470 |
<td class="bps-table_cell_help_custom_code">
|
| 471 |
|
| 472 |
-
<?php echo '<label for="bps-mscan-label" style="">'.__('If you are unable to save Custom Code and/or see an error message when trying to save Custom Code, click the Encrypt Custom Code button first and then click the Save Root Custom Code button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-
|
| 473 |
|
| 474 |
<input type="hidden" name="scrolltoCCode" value="<?php echo esc_html( $scrolltoCCode ); ?>" />
|
| 475 |
-
<input type="submit" name="bps_customcode_submit" value="<?php esc_attr_e('Save Root Custom Code', 'bulletproof-security') ?>" class="button bps-button" onclick="return confirm('<?php $text = __('IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first before saving your Root Custom Code?', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to save your Root Custom Code or click Cancel.', 'bulletproof-security'); echo $text; ?>')" />
|
| 476 |
</form>
|
| 477 |
-
|
| 478 |
-
<button onclick="bpsRootCCEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 479 |
-
<button onclick="bpsRootCCDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 480 |
|
| 481 |
-
|
| 482 |
-
<
|
| 483 |
-
|
| 484 |
-
|
| 485 |
-
|
| 486 |
-
<td class="bps-table_cell_help"> </td>
|
| 487 |
</tr>
|
| 488 |
</table>
|
| 489 |
|
|
@@ -764,21 +882,23 @@ function bpsRootCCDecrypt() {
|
|
| 764 |
</div>
|
| 765 |
|
| 766 |
<?php
|
| 767 |
-
|
|
|
|
| 768 |
|
| 769 |
-
if ( isset($BPS_wpadmin_Options['bps_wpadmin_restriction']) && $BPS_wpadmin_Options['bps_wpadmin_restriction'] == 'disabled' ) {
|
| 770 |
|
| 771 |
} else {
|
| 772 |
?>
|
| 773 |
-
|
|
|
|
| 774 |
<div id="cc-accordion-inner">
|
| 775 |
|
| 776 |
-
<button onclick="bpsWpadminCCEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 777 |
-
<button onclick="bpsWpadminCCDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 778 |
|
| 779 |
<table width="100%" border="0" cellspacing="0" cellpadding="10" class="bps-help_faq_table">
|
| 780 |
<tr>
|
| 781 |
-
<td
|
| 782 |
</tr>
|
| 783 |
<tr>
|
| 784 |
<td class="bps-table_cell_help_custom_code">
|
|
@@ -793,69 +913,72 @@ function bpsRootCCDecrypt() {
|
|
| 793 |
$bps_customcode_two_wpa = ! isset($CC_Options_wpadmin['bps_customcode_two_wpa']) ? '' : $CC_Options_wpadmin['bps_customcode_two_wpa'];
|
| 794 |
$bps_customcode_bpsqse_wpa = ! isset($CC_Options_wpadmin['bps_customcode_bpsqse_wpa']) ? '' : $CC_Options_wpadmin['bps_customcode_bpsqse_wpa'];
|
| 795 |
|
| 796 |
-
|
| 797 |
-
|
| 798 |
-
<strong><
|
| 799 |
-
<strong><?php $text = '<font color="#2ea2cc">'.__('You MUST copy and paste the entire WPADMIN DENY BROWSER ACCESS TO FILES section of code from your wp-admin .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. Add one pound sign # below to prevent the WPADMIN DENY BROWSER ACCESS TO FILES section of code from being created in your wp-admin .htaccess file', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 800 |
-
<textarea id="crypt15" class="bps-text-area-custom-code" name="bps_customcode_deny_files_wpa" tabindex="1"><?php echo $bps_customcode_deny_files_wpa; ?></textarea>
|
| 801 |
-
</td>
|
| 802 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:105px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you which wp-admin htaccess file code goes in the CUSTOM CODE WPADMIN DENY BROWSER ACCESS TO FILES text box. Go to the htaccess File Editor tab page and copy your actual WPADMIN DENY BROWSER ACCESS TO FILES wp-admin htaccess file code and paste it into the CUSTOM CODE text box to the left.</span>
|
| 803 |
-
|
| 804 |
-
<?php if ( $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'Yes' ) { ?>
|
| 805 |
-
|
| 806 |
-
<pre style="max-height:145px;"># WPADMIN DENY BROWSER ACCESS TO FILES<br /># Deny Browser access to /wp-admin/install.php<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># To be able to view the install.php file from a Browser, replace 127.0.0.1 with your actual<br /># current IP address. Comment out: #Require all denied and Uncomment: Require ip 127.0.0.1<br /># Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1<br /># Note: The BPS System Info page displays which modules are loaded on your server.<br /><br /># BEGIN BPS WPADMIN DENY ACCESS TO FILES<br /><FilesMatch "^(install\.php)"><br /><IfModule mod_authz_core.c><br />Require all denied<br />#Require ip 127.0.0.1<br /></IfModule><br /><IfModule !mod_authz_core.c><br /><IfModule mod_access_compat.c><br />Order Allow,Deny<br />Deny from all<br />#Allow from 127.0.0.1<br /></IfModule><br /></IfModule><br /></FilesMatch><br /># END BPS WPADMIN DENY ACCESS TO FILES</pre>
|
| 807 |
-
|
| 808 |
-
<?php } elseif ( $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'No' ) { ?>
|
| 809 |
|
| 810 |
-
<
|
| 811 |
-
<FilesMatch "^(install\.php)"><br />Order Allow,Deny<br />Deny from all<br />#Allow from 127.0.0.1<br /></FilesMatch><br /># END BPS WPADMIN DENY ACCESS TO FILES</pre>
|
| 812 |
|
| 813 |
-
|
|
|
|
| 814 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 815 |
</td>
|
| 816 |
</tr>
|
| 817 |
<tr>
|
| 818 |
<td class="bps-table_cell_help_custom_code">
|
| 819 |
-
|
| 820 |
-
|
| 821 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 822 |
</td>
|
| 823 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:60px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you where your wp-admin custom htaccess code will be created in your wp-admin htaccess file. If you have custom wp-admin htaccess code, copy and paste it into the CUSTOM CODE WPADMIN TOP text box to the left.</span><pre># BEGIN OPTIONAL WP-ADMIN ADDITIONAL SECURITY MEASURES:<br /><br /># BEGIN CUSTOM CODE WPADMIN TOP<br /># Use BPS wp-admin Custom Code to modify/edit/change this code and to save it permanently.<br /><div style="background-color:#FFFF00;padding:3px;"># CCWTOP - Your custom code will be created here when you activate wp-admin BulletProof Mode</div># END CUSTOM CODE WPADMIN TOP</pre></td>
|
| 824 |
</tr>
|
| 825 |
<tr>
|
| 826 |
<td class="bps-table_cell_help_custom_code">
|
| 827 |
-
|
| 828 |
-
|
| 829 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 830 |
</td>
|
| 831 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:60px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you where your wp-admin plugin/file skip rules code will be created in your wp-admin htaccess file. If you have wp-admin plugin/file skip rules code, copy and paste it into the CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES text box to the left.</span><pre># BEGIN CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES<br /># To add wp-admin plugin skip/bypass rules use BPS wp-admin Custom Code.<br /># If a plugin is calling a wp-admin file in a way that it is being blocked/forbidden<br />...<br />...<br /><div style="background-color:#FFFF00;padding:3px;"># CCWPF - Your custom code will be created here when you activate wp-admin BulletProof Mode</div># END CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES</pre></td>
|
| 832 |
</tr>
|
| 833 |
<tr>
|
| 834 |
<td class="bps-table_cell_help_custom_code">
|
| 835 |
-
|
| 836 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 837 |
<textarea id="crypt18" class="bps-text-area-custom-code" name="bps_customcode_bpsqse_wpa" tabindex="4"><?php echo $bps_customcode_bpsqse_wpa; ?></textarea>
|
|
|
|
| 838 |
</td>
|
| 839 |
-
<td class="bps-table_cell_help_custom_code" style="padding-top:105px;"><span style="color:#2ea2cc;font-weight:bold;">Example Code: Click the Read Me help button for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you which wp-admin htaccess file code goes in the CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS text box. Go to the htaccess File Editor tab page and copy your actual BPS QUERY STRING EXPLOITS AND FILTERS wp-admin htaccess file code and paste it into the CUSTOM CODE text box to the left.</span><pre># BEGIN BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS<br /># WORDPRESS WILL BREAK IF ALL THE BPSQSE FILTERS ARE DELETED<br /># Use BPS wp-admin Custom Code to modify/edit/change this code and to save it permanently.<br />RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]<br />.....<br />.....<br />RewriteCond %{QUERY_STRING} (sp_executesql) [NC]<br />RewriteRule ^(.*)$ - [F]<br /># END BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS</pre></td>
|
| 840 |
</tr>
|
| 841 |
<tr>
|
| 842 |
<td class="bps-table_cell_help_custom_code">
|
| 843 |
|
| 844 |
-
<?php echo '<label for="bps-mscan-label" style="">'.__('If you are unable to save Custom Code and/or see an error message when trying to save Custom Code, click the Encrypt Custom Code button first and then click the Save wp-admin Custom Code button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-
|
| 845 |
|
| 846 |
<input type="hidden" name="scrolltoCCodeWPA" value="<?php echo esc_html( $scrolltoCCodeWPA ); ?>" />
|
| 847 |
<input type="submit" name="bps_customcode_submit_wpa" value="<?php esc_attr_e('Save wp-admin Custom Code', 'bulletproof-security') ?>" class="button bps-button" onclick="return confirm('<?php $text = __('IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first before saving your wp-admin Custom Code?', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to save your wp-admin Custom Code or click Cancel.', 'bulletproof-security'); echo $text; ?>')" />
|
| 848 |
</form>
|
| 849 |
-
|
| 850 |
-
<button onclick="bpsWpadminCCEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 851 |
-
<button onclick="bpsWpadminCCDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 852 |
|
| 853 |
</td>
|
| 854 |
-
<td class="bps-table_cell_help_custom_code"> </td>
|
| 855 |
-
</tr>
|
| 856 |
-
<tr>
|
| 857 |
-
<td class="bps-table_cell_help"> </td>
|
| 858 |
-
<td class="bps-table_cell_help"> </td>
|
| 859 |
</tr>
|
| 860 |
</table>
|
| 861 |
|
|
@@ -960,4 +1083,6 @@ function bpsWpadminCCDecrypt() {
|
|
| 960 |
</div>
|
| 961 |
|
| 962 |
<?php } ?>
|
|
|
|
|
|
|
| 963 |
</div>
|
| 1 |
<?php
|
|
|
|
| 2 |
if ( ! current_user_can('manage_options') ) {
|
| 3 |
header('Status: 403 Forbidden');
|
| 4 |
header('HTTP/1.1 403 Forbidden');
|
| 9 |
$scrolltoCCodeWPA = isset( $_REQUEST['scrolltoCCodeWPA'] ) ? (int) $_REQUEST['scrolltoCCodeWPA'] : 0;
|
| 10 |
|
| 11 |
// Custom Code Check BPS Query String DB option for invalid code
|
| 12 |
+
// 10.3: added check for Default WP Rewrite htaccess code
|
| 13 |
function bps_CustomCode_BPSQSE_check() {
|
| 14 |
global $bps_topDiv, $bps_bottomDiv;
|
| 15 |
|
| 42 |
$bps_customcode_wp_rewrite_start = ! isset($options['bps_customcode_wp_rewrite_start']) ? '' : $options['bps_customcode_wp_rewrite_start'];
|
| 43 |
$bps_customcode_bpsqse = ! isset($options['bps_customcode_bpsqse']) ? '' : $options['bps_customcode_bpsqse'];
|
| 44 |
$bps_customcode_three = ! isset($options['bps_customcode_three']) ? '' : $options['bps_customcode_three'];
|
|
|
|
|
|
|
| 45 |
|
| 46 |
+
if ( preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_one, ENT_QUOTES ), $matches ) || preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_wp_rewrite_start, ENT_QUOTES ), $matches ) || preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_bpsqse, ENT_QUOTES ), $matches ) || preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_three, ENT_QUOTES ), $matches ) ) {
|
| 47 |
+
|
| 48 |
echo $bps_topDiv;
|
| 49 |
+
$text = '<strong><font color="#fb0101">'.__('Default WordPress Rewrite htaccess code has been added to BPS Custom Code.', 'bulletproof-security').'</font><br>'.__('The BPS Pro plugin already uses/has Default WordPress Rewrite code. Delete the Default WordPress Rewrite htaccess code shown below from the CUSTOM CODE text box were it was added and click the Save Root Custom Code button.', 'bulletproof-security').'</strong><br>';
|
| 50 |
echo $text;
|
| 51 |
echo '<pre>';
|
| 52 |
print_r(htmlspecialchars($matches[0]));
|
| 60 |
// Root Custom Code Form
|
| 61 |
// Important Note: stripslashes is used to strip any slashes that are added to a $_POST value and not slashes in the code itself.
|
| 62 |
// Note: Form value bps_customcode_wp_rewrite_end is conditional to Network|Multisite and is hidden for single WP site types, which means the value is not saved in the DB.
|
| 63 |
+
## 14.1: Encryption|Decryption added to Forms to bypass/evade OWASP ModSecurity CRS Ruleset on web hosts.
|
| 64 |
function bpsPro_CC_Root_values_form() {
|
| 65 |
global $bps_topDiv, $bps_bottomDiv;
|
| 66 |
|
| 208 |
|
| 209 |
// wp-admin Custom Code Form
|
| 210 |
// Important Note: stripslashes is used to strip any slashes that are added to a $_POST value and not slashes in the code itself.
|
| 211 |
+
## 14.1: Encryption|Decryption added to Forms to bypass/evade OWASP ModSecurity CRS Ruleset on web hosts.
|
| 212 |
function bpsPro_CC_WPA_values_form() {
|
| 213 |
global $bps_topDiv, $bps_bottomDiv;
|
| 214 |
|
| 266 |
}
|
| 267 |
}
|
| 268 |
|
| 269 |
+
// UAEG Custom Code Form
|
| 270 |
+
## 14.1: Encryption|Decryption added to Forms to bypass/evade OWASP ModSecurity CRS Ruleset on web hosts.
|
| 271 |
+
function bpsPro_CC_UAEG_values_form() {
|
| 272 |
+
global $bps_topDiv, $bps_bottomDiv;
|
| 273 |
+
|
| 274 |
+
if ( isset( $_POST['bps_customcode_submit_uaeg'] ) && current_user_can('manage_options') ) {
|
| 275 |
+
check_admin_referer( 'bulletproof_security_CC_UAEG' );
|
| 276 |
+
|
| 277 |
+
$Encryption = new bpsProPHPEncryption();
|
| 278 |
+
$nonceValue = 'ghbhnyxu';
|
| 279 |
+
|
| 280 |
+
$pos = strpos( $_POST['bps_customcode_uaeg'], 'eyJjaXBoZXJ0ZXh0Ijoi' );
|
| 281 |
+
|
| 282 |
+
if ( $pos === false ) {
|
| 283 |
+
$bps_customcode_uaeg = stripslashes($_POST['bps_customcode_uaeg']);
|
| 284 |
+
} else {
|
| 285 |
+
$bps_customcode_uaeg = $Encryption->decrypt($_POST['bps_customcode_uaeg'], $nonceValue);
|
| 286 |
+
}
|
| 287 |
+
|
| 288 |
+
$UAEG_CC_Options = array( 'bps_customcode_uaeg' => $bps_customcode_uaeg );
|
| 289 |
+
|
| 290 |
+
foreach( $UAEG_CC_Options as $key => $value ) {
|
| 291 |
+
update_option('bulletproof_security_options_customcode_UAEG', $UAEG_CC_Options);
|
| 292 |
+
}
|
| 293 |
+
|
| 294 |
+
echo $bps_topDiv;
|
| 295 |
+
$text = '<strong><font color="green">'.__('UAEG Custom Code saved successfully! Go to the Security Modes tab page and click the UAEG BulletProof Mode Activate button to add/create your new Custom Code in your UAEG htaccess file.', 'bulletproof-security').'</font></strong>';
|
| 296 |
+
echo $text;
|
| 297 |
+
echo $bps_bottomDiv;
|
| 298 |
+
|
| 299 |
+
}
|
| 300 |
+
}
|
| 301 |
+
|
| 302 |
+
$Apache_Mod_options = get_option('bulletproof_security_options_apache_modules');
|
| 303 |
+
// Nonce for Crypto-js
|
| 304 |
+
$bps_nonceValue = 'ghbhnyxu';
|
| 305 |
+
$bpsSpacePop = '-------------------------------------------------------------';
|
| 306 |
?>
|
| 307 |
|
| 308 |
<div id="bps-accordion-2" class="bps-accordion-main-2" style="">
|
| 309 |
+
<h3><?php _e('Root htaccess File Custom Code', 'bulletproof-security'); ?></h3>
|
| 310 |
<div id="cc-accordion-inner">
|
| 311 |
|
| 312 |
+
<button onclick="bpsRootCCEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 313 |
+
<button onclick="bpsRootCCDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 314 |
|
| 315 |
<table width="100%" border="0" cellspacing="0" cellpadding="10" class="bps-help_faq_table">
|
| 316 |
<tr>
|
| 317 |
+
<td class="bps-table_title"></td>
|
| 318 |
</tr>
|
| 319 |
<tr>
|
|
|
|
| 320 |
<td class="bps-table_cell_help_custom_code">
|
| 321 |
+
|
| 322 |
<form name="bpsCustomCodeForm" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ); ?>" method="post">
|
| 323 |
<?php
|
| 324 |
wp_nonce_field('bulletproof_security_CC_Root');
|
| 325 |
bpsPro_CC_Root_values_form();
|
| 326 |
+
$CC_Options_root = get_option('bulletproof_security_options_customcode');
|
| 327 |
$bps_customcode_one = ! isset($CC_Options_root['bps_customcode_one']) ? '' : $CC_Options_root['bps_customcode_one'];
|
| 328 |
$bps_customcode_server_signature = ! isset($CC_Options_root['bps_customcode_server_signature']) ? '' : $CC_Options_root['bps_customcode_server_signature'];
|
| 329 |
$bps_customcode_directory_index = ! isset($CC_Options_root['bps_customcode_directory_index']) ? '' : $CC_Options_root['bps_customcode_directory_index'];
|
| 339 |
$bps_customcode_wp_rewrite_end = ! isset($CC_Options_root['bps_customcode_wp_rewrite_end']) ? '' : $CC_Options_root['bps_customcode_wp_rewrite_end'];
|
| 340 |
$bps_customcode_deny_files = ! isset($CC_Options_root['bps_customcode_deny_files']) ? '' : $CC_Options_root['bps_customcode_deny_files'];
|
| 341 |
$bps_customcode_three = ! isset($CC_Options_root['bps_customcode_three']) ? '' : $CC_Options_root['bps_customcode_three'];
|
|
|
|
| 342 |
|
| 343 |
+
$hover_icon_top = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you where your php/php.ini handler and/or cache htaccess code will be created in your root htaccess file. If you have php/php.ini handler and/or cache htaccess code, copy and paste it into this CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># PHP/PHP.INI HANDLER/CACHE CODE<br /># Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.<br /># Most Hosts do not have/use/require php/php.ini Handler htaccess code</pre></span></span></font></strong><br>';
|
| 344 |
+
|
| 345 |
+
$hover_icon_server_signature = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE text box. Go to the htaccess File Editor tab page and copy your actual TURN OFF YOUR SERVER SIGNATURE root htaccess file code and paste it into this CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE text box', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># TURN OFF YOUR SERVER SIGNATURE<br /># Suppresses the footer line server version number and ServerName of the serving virtual host<br />ServerSignature Off</pre></span></span></font></strong><br>';
|
| 346 |
+
?>
|
| 347 |
+
|
| 348 |
+
<?php echo $hover_icon_top; ?>
|
| 349 |
+
|
| 350 |
+
<strong><label for="bps-CCode"><?php _e('1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE:<br>Add php/php.ini handler code, cache code and/or <a href="https://forum.ait-pro.com/forums/topic/htaccess-caching-code-speed-boost-cache-code/" title="Link opens in a new Browser window" target="_blank">Speed Boost Cache Code</a>', 'bulletproof-security'); ?> </label></strong><br />
|
| 351 |
+
<strong><?php $text = '<font color="#2271b1">'.__('ONLY add valid php/php.ini handler htaccess code and/or cache htaccess code below or text commented out with a pound sign #', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 352 |
+
|
| 353 |
<textarea id="crypt1" class="bps-text-area-custom-code" name="bps_customcode_one" tabindex="1"><?php echo $bps_customcode_one; ?></textarea>
|
| 354 |
+
|
| 355 |
</td>
|
|
|
|
| 356 |
</tr>
|
| 357 |
<tr>
|
| 358 |
<td class="bps-table_cell_help_custom_code">
|
| 359 |
+
|
| 360 |
+
<?php echo $hover_icon_server_signature; ?>
|
| 361 |
+
|
| 362 |
+
<strong><label for="bps-CCode"><?php _e('2. CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE:', 'bulletproof-security'); ?> </label></strong><br />
|
| 363 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire TURN OFF YOUR SERVER SIGNATURE section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 364 |
+
|
| 365 |
<textarea id="crypt2" class="bps-text-area-custom-code" name="bps_customcode_server_signature" tabindex="2"><?php echo $bps_customcode_server_signature; ?></textarea>
|
| 366 |
+
|
| 367 |
</td>
|
|
|
|
| 368 |
</tr>
|
| 369 |
<tr>
|
| 370 |
<td class="bps-table_cell_help_custom_code">
|
| 371 |
+
|
| 372 |
+
<?php
|
| 373 |
+
$hover_icon_dir_index = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX text box. Go to the htaccess File Editor tab page and copy your actual DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX root htaccess file code and paste it into this CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># DO NOT SHOW DIRECTORY LISTING<br /># Disallow mod_autoindex from displaying a directory listing<br /># If a 500 Internal Server Error occurs when activating Root BulletProof Mode<br /># copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code<br /># and paste it into BPS Custom Code and comment out Options -Indexes<br /># by adding a # sign in front of it.<br /># Example: #Options -Indexes<br />Options -Indexes<br /><br /># DIRECTORY INDEX FORCE INDEX.PHP<br /># Use index.php as default directory index file. index.html will be ignored.<br /># If a 500 Internal Server Error occurs when activating Root BulletProof Mode<br /># copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code<br /># and paste it into BPS Custom Code and comment out DirectoryIndex<br /># by adding a # sign in front of it.<br /># Example: #DirectoryIndex index.php index.html /index.php<br />DirectoryIndex index.php index.html /index.php</pre></span></span></font></strong><br>';
|
| 374 |
+
|
| 375 |
+
?>
|
| 376 |
+
|
| 377 |
+
<?php echo $hover_icon_dir_index; ?>
|
| 378 |
+
|
| 379 |
+
<strong><label for="bps-CCode"><?php _e('3. CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX:', 'bulletproof-security'); ?> </label></strong><br />
|
| 380 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 381 |
+
|
| 382 |
<textarea id="crypt3" class="bps-text-area-custom-code" name="bps_customcode_directory_index" tabindex="3"><?php echo $bps_customcode_directory_index; ?></textarea>
|
| 383 |
+
|
| 384 |
</td>
|
|
|
|
| 385 |
</tr>
|
| 386 |
<tr>
|
| 387 |
<td class="bps-table_cell_help_custom_code">
|
| 388 |
+
|
| 389 |
+
<?php
|
| 390 |
+
$hover_icon_brute_force = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you where your Brute Force Login Page Protection code will be created in your root htaccess file if you decide to add the option/Bonus code. You can get the code by clicking the Brute Force Login Page Protection Code link. Copy and paste it into this CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># BRUTE FORCE LOGIN PAGE PROTECTION<br /># PLACEHOLDER ONLY<br /># Use BPS Custom Code to add Brute Force Login protection code and to save it permanently.<br /># See this link: https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/<br /># for more information.</pre></span></span></font></strong><br>';
|
| 391 |
+
|
| 392 |
+
?>
|
| 393 |
+
|
| 394 |
+
<?php echo $hover_icon_brute_force; ?>
|
| 395 |
+
|
| 396 |
+
<strong><label for="bps-CCode"><?php _e('4. CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION:', 'bulletproof-security'); ?> </label></strong><br />
|
| 397 |
+
<strong><?php $text = '<font color="#2271b1">'.__('This Custom Code text box is for optional/Bonus code. To get this code click the link below:', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/" title="Link opens in a new Browser window" target="_blank">Brute Force Login Page Protection Code</a></font>'; echo $text ; ?></strong><br />
|
| 398 |
+
|
| 399 |
<textarea id="crypt4" class="bps-text-area-custom-code" name="bps_customcode_server_protocol" tabindex="4"><?php echo $bps_customcode_server_protocol; ?></textarea>
|
| 400 |
+
|
| 401 |
</td>
|
|
|
|
| 402 |
</tr>
|
| 403 |
<tr>
|
| 404 |
<td class="bps-table_cell_help_custom_code">
|
| 405 |
+
|
| 406 |
+
<?php
|
| 407 |
+
$hover_icon_error_logging = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE ERROR LOGGING AND TRACKING text box. Go to the htaccess File Editor tab page and copy your actual ERROR LOGGING AND TRACKING root htaccess file code and paste it into this CUSTOM CODE ERROR LOGGING AND TRACKING text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># BPS PRO ERROR LOGGING AND TRACKING<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># BPS Pro has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and<br /># 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors<br />.....<br />.....<br />ErrorDocument 400 /'.$bps_plugin_dir.'/bulletproof-security/400.php<br />ErrorDocument 401 default<br />ErrorDocument 403 /'.$bps_plugin_dir.'/bulletproof-security/403.php<br />ErrorDocument 404 /404.php<br />ErrorDocument 405 /'.$bps_plugin_dir.'/bulletproof-security/405.php<br />ErrorDocument 410 /'.$bps_plugin_dir.'/bulletproof-security/410.php</pre></span></span></font></strong><br>';
|
| 408 |
+
?>
|
| 409 |
+
|
| 410 |
+
<?php echo $hover_icon_error_logging; ?>
|
| 411 |
+
|
| 412 |
+
<strong><label for="bps-CCode"><?php _e('5. CUSTOM CODE ERROR LOGGING AND TRACKING:', 'bulletproof-security'); ?> </label></strong><br />
|
| 413 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire ERROR LOGGING AND TRACKING section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 414 |
+
|
| 415 |
<textarea id="crypt5" class="bps-text-area-custom-code" name="bps_customcode_error_logging" tabindex="5"><?php echo $bps_customcode_error_logging; ?></textarea>
|
| 416 |
+
|
| 417 |
</td>
|
|
|
|
| 418 |
</tr>
|
| 419 |
<tr>
|
| 420 |
<td class="bps-table_cell_help_custom_code">
|
| 421 |
+
|
| 422 |
+
<?php
|
| 423 |
+
$hover_icon_protected_files = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS text box. Go to the htaccess File Editor tab page and copy your actual DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS root htaccess file code and paste it into this CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs<br />RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$</pre></span></span></font></strong><br>';
|
| 424 |
+
?>
|
| 425 |
+
|
| 426 |
+
<?php echo $hover_icon_protected_files; ?>
|
| 427 |
+
|
| 428 |
+
<strong><label for="bps-CCode"><?php _e('6. CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS:', 'bulletproof-security'); ?> </label></strong><br />
|
| 429 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 430 |
+
|
| 431 |
<textarea id="crypt6" class="bps-text-area-custom-code" name="bps_customcode_deny_dot_folders" tabindex="6"><?php echo $bps_customcode_deny_dot_folders; ?></textarea>
|
| 432 |
+
|
| 433 |
</td>
|
|
|
|
| 434 |
</tr>
|
| 435 |
<tr>
|
| 436 |
<td class="bps-table_cell_help_custom_code">
|
| 437 |
+
|
| 438 |
+
<?php
|
| 439 |
+
$hover_icon_wpadmin_includes = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE WP-ADMIN/INCLUDES text box. Go to the htaccess File Editor tab page and copy your actual WP-ADMIN/INCLUDES root htaccess file code and paste it into this CUSTOM CODE WP-ADMIN/INCLUDES text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># WP-ADMIN/INCLUDES<br /># Use BPS Custom Code to remove this code permanently.<br />RewriteEngine On<br />RewriteBase /<br />RewriteRule ^wp-admin/includes/ - [F]<br />RewriteRule !^wp-includes/ - [S=3]<br />RewriteRule ^wp-includes/[^/]+\.php$ - [F]<br />RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]<br />RewriteRule ^wp-includes/theme-compat/ - [F]</pre></span></span></font></strong><br>';
|
| 440 |
+
?>
|
| 441 |
+
|
| 442 |
+
<?php echo $hover_icon_wpadmin_includes; ?>
|
| 443 |
+
|
| 444 |
+
<strong><label for="bps-CCode"><?php _e('7. CUSTOM CODE WP-ADMIN/INCLUDES: DO NOT add wp-admin .htaccess code here', 'bulletproof-security'); ?> </label></strong><br />
|
| 445 |
+
<strong><?php $text = '<font color="#2271b1">'.__('Add one pound sign # below to prevent the WP-ADMIN/INCLUDES section of code from being created in your root .htaccess file', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 446 |
+
|
| 447 |
<textarea id="crypt7" class="bps-text-area-custom-code" name="bps_customcode_admin_includes" tabindex="7"><?php echo $bps_customcode_admin_includes; ?></textarea>
|
| 448 |
+
|
| 449 |
</td>
|
|
|
|
| 450 |
</tr>
|
| 451 |
<tr>
|
| 452 |
<td class="bps-table_cell_help_custom_code">
|
| 453 |
+
|
| 454 |
+
<?php
|
| 455 |
+
$hover_icon_rewrite_loop = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE WP REWRITE LOOP START text box. Go to the htaccess File Editor tab page and copy your actual WP REWRITE LOOP START root htaccess file code and paste it into this CUSTOM CODE WP REWRITE LOOP START text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># CUSTOM CODE WP REWRITE LOOP START<br /># WP REWRITE LOOP START<br />RewriteEngine On<br />RewriteBase /<br />RewriteRule ^index\.php$ - [L]</pre></span></span></font></strong><br>';
|
| 456 |
+
?>
|
| 457 |
+
|
| 458 |
+
<?php echo $hover_icon_rewrite_loop; ?>
|
| 459 |
+
|
| 460 |
+
<strong><label for="bps-CCode"><?php _e('8. CUSTOM CODE WP REWRITE LOOP START: www/non-www http/https Rewrite code here', 'bulletproof-security'); ?> </label></strong><br />
|
| 461 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire WP REWRITE LOOP START section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').' <a href="https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233" title="Link opens in a new Browser window" target="_blank">Get HTTPS/SSL Rewrite htaccess Code</a>.</font>'; echo $text ; ?></strong><br />
|
| 462 |
+
|
| 463 |
<textarea id="crypt8" class="bps-text-area-custom-code" name="bps_customcode_wp_rewrite_start" tabindex="8"><?php echo $bps_customcode_wp_rewrite_start; ?></textarea>
|
| 464 |
+
|
| 465 |
</td>
|
|
|
|
| 466 |
</tr>
|
| 467 |
<tr>
|
| 468 |
<td class="bps-table_cell_help_custom_code">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 469 |
|
| 470 |
+
<?php
|
| 471 |
+
$hover_icon_request_methods = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE REQUEST METHODS FILTERED text box. Go to the htaccess File Editor tab page and copy your actual REQUEST METHODS FILTERED root htaccess file code and paste it into this CUSTOM CODE REQUEST METHODS FILTERED text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># REQUEST METHODS FILTERED<br /># If you want to allow HEAD Requests use BPS Custom Code and copy<br /># this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code<br /># text box: CUSTOM CODE REQUEST METHODS FILTERED.<br /># See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.<br />RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]<br />RewriteRule ^(.*)$ - [F]<br />RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]<br />RewriteRule ^(.*)$ - [R=405,L]</pre></span></span></font></strong><br>';
|
| 472 |
+
?>
|
| 473 |
|
| 474 |
+
<?php echo $hover_icon_request_methods; ?>
|
| 475 |
|
| 476 |
+
<strong><label for="bps-CCode">
|
| 477 |
+
<?php _e('9. CUSTOM CODE REQUEST METHODS FILTERED:', 'bulletproof-security'); ?><br />
|
| 478 |
+
<?php _e('Whitelist User Agents and allow HEAD Requests', 'bulletproof-security'); ?> </label></strong><br />
|
| 479 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire REQUEST METHODS FILTERED section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. To Allow HEAD Requests click the Question Mark help button at the top of the Custom Code page for instructions and examples.', 'bulletproof-security').'</font>'; echo $text ; ?></strong><br />
|
| 480 |
+
|
| 481 |
+
<textarea id="crypt9" class="bps-text-area-custom-code" name="bps_customcode_request_methods" tabindex="9"><?php echo $bps_customcode_request_methods; ?></textarea>
|
| 482 |
+
|
| 483 |
</td>
|
| 484 |
</tr>
|
| 485 |
<tr>
|
| 486 |
<td class="bps-table_cell_help_custom_code">
|
| 487 |
+
|
| 488 |
+
<?php
|
| 489 |
+
$hover_icon_root_skip_bypass = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you where your plugin/theme skip/bypass rules code will be created in your root htaccess file. If you have plugin/theme skip/bypass rules, copy and paste it into this CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES<br /># To add plugin/theme skip/bypass rules use BPS Custom Code.<br /># The [S] flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules.<br /># The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9...<br /># If you delete a skip rule, change the other skip rule numbers accordingly.<br /># Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc.<br /># If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13]<br /><br /><div style="background-color:#FFFF00;padding:3px;">Your plugin/theme skip/bypass rules will be created here in your root htaccess file</div><br /># Adminer MySQL management tool data populate<br />RewriteCond %{REQUEST_URI} ^/<?php echo $bps_plugin_dir; ?>/adminer/ [NC]<br />RewriteRule . - [S=12]</pre></span></span></font></strong><br>';
|
| 490 |
+
?>
|
| 491 |
+
|
| 492 |
+
<?php echo $hover_icon_root_skip_bypass; ?>
|
| 493 |
+
|
| 494 |
+
<strong><label for="bps-CCode"><?php _e('10. CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES:<br>Add personal plugin/theme skip/bypass rules here', 'bulletproof-security'); ?> </label></strong><br />
|
| 495 |
+
<strong><?php $text = '<font color="#2271b1">'.__('ONLY add valid htaccess code below or text commented out with a pound sign #', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 496 |
+
|
| 497 |
<textarea id="crypt10" class="bps-text-area-custom-code" name="bps_customcode_two" tabindex="10"><?php echo $bps_customcode_two; ?></textarea>
|
| 498 |
+
|
| 499 |
</td>
|
|
|
|
| 500 |
</tr>
|
| 501 |
<tr>
|
| 502 |
<td class="bps-table_cell_help_custom_code">
|
| 503 |
+
|
| 504 |
+
<?php
|
| 505 |
+
$hover_icon_rfi = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE text box. Go to the htaccess File Editor tab page and copy your actual TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE root htaccess file code and paste it into this CUSTOM CODE text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># Remote File Inclusion (RFI) security rules<br />.....<br />.....<br /># Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)<br />RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]<br /># Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*<br />RewriteCond %{HTTP_REFERER} ^.*'.$bps_get_domain_root.'.*<br />RewriteRule . - [S=1]</pre></span></span></font></strong><br>';
|
| 506 |
+
?>
|
| 507 |
+
|
| 508 |
+
<?php echo $hover_icon_rfi; ?>
|
| 509 |
+
|
| 510 |
+
<strong><label for="bps-CCode"><?php _e('11. CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE:', 'bulletproof-security'); ?> </label></strong><br />
|
| 511 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire TIMTHUMB FORBID RFI section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 512 |
+
|
| 513 |
<textarea id="crypt11" class="bps-text-area-custom-code" name="bps_customcode_timthumb_misc" tabindex="11"><?php echo $bps_customcode_timthumb_misc; ?></textarea>
|
| 514 |
+
|
| 515 |
</td>
|
|
|
|
| 516 |
</tr>
|
| 517 |
<tr>
|
| 518 |
<td class="bps-table_cell_help_custom_code">
|
| 519 |
+
|
| 520 |
+
<?php
|
| 521 |
+
$hover_icon_root_query_strings = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS text box. Go to the htaccess File Editor tab page and copy your actual BPSQSE BPS QUERY STRING EXPLOITS root htaccess file code and paste it into this CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># BEGIN BPSQSE BPS QUERY STRING EXPLOITS<br /># The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too.<br /># Good sites such as W3C use it for their W3C-LinkChecker.<br /># Use BPS Custom Code to add or remove user agents temporarily or permanently from the<br />.....<br />.....<br />RewriteCond %{QUERY_STRING} (sp_executesql) [NC]<br />RewriteRule ^(.*)$ - [F]<br /># END BPSQSE BPS QUERY STRING EXPLOITS</pre></span></span></font></strong><br>';
|
| 522 |
+
?>
|
| 523 |
+
|
| 524 |
+
<?php echo $hover_icon_root_query_strings; ?>
|
| 525 |
+
|
| 526 |
+
<strong><label for="bps-CCode"><?php _e('12. CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS:', 'bulletproof-security'); ?> </label></strong><br />
|
| 527 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire BPSQSE QUERY STRING EXPLOITS section of code from your root .htaccess file from # BEGIN BPSQSE BPS QUERY STRING EXPLOITS to # END BPSQSE BPS QUERY STRING EXPLOITS into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 528 |
+
|
| 529 |
<textarea id="crypt12" class="bps-text-area-custom-code" name="bps_customcode_bpsqse" tabindex="12"><?php echo $bps_customcode_bpsqse; ?></textarea>
|
| 530 |
+
|
| 531 |
</td>
|
|
|
|
| 532 |
</tr>
|
| 533 |
|
| 534 |
<?php if ( is_multisite() ) { ?>
|
| 535 |
|
| 536 |
<tr>
|
| 537 |
<td class="bps-table_cell_help_custom_code">
|
| 538 |
+
|
| 539 |
+
<?php
|
| 540 |
+
$hover_icon_rewrit_loop_end = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: The actual WP REWRITE LOOP END code for your website may be different. Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in this CUSTOM CODE WP REWRITE LOOP END text box. Go to the htaccess File Editor tab page and copy your actual WP REWRITE LOOP END root htaccess file code and paste it into this CUSTOM CODE WP REWRITE LOOP END text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># END BPSQSE BPS QUERY STRING EXPLOITS<br /><div style="background-color:#FFFF00;padding:3px;">RewriteCond %{REQUEST_FILENAME} -f [OR]<br />RewriteCond %{REQUEST_FILENAME} -d<br />RewriteRule ^ - [L]<br />RewriteRule ^[_0-9a-zA-Z-]+/(wp-(content|admin|includes).*) $1 [L]<br />RewriteRule ^[_0-9a-zA-Z-]+/(.*\.php)$ $1 [L]<br />RewriteRule . index.php [L]<br /># WP REWRITE LOOP END</div></pre></span></span></font></strong><br>';
|
| 541 |
+
?>
|
| 542 |
+
|
| 543 |
+
<?php echo $hover_icon_rewrit_loop_end; ?>
|
| 544 |
+
|
| 545 |
+
<strong><label for="bps-CCode"><?php _e('12b. CUSTOM CODE WP REWRITE LOOP END: Add WP Rewrite Loop End code here', 'bulletproof-security'); ?> </label></strong><br />
|
| 546 |
+
<strong><?php $text = '<font color="#2271b1">'.__('This is a Special Custom Code text box that should only be used if the correct WP REWRITE LOOP END code is not being created in your root .htaccess file. See the Question Mark help button for more information.', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 547 |
+
|
| 548 |
<textarea id="crypt12b" class="bps-text-area-custom-code" name="bps_customcode_wp_rewrite_end" tabindex="13"><?php echo $bps_customcode_wp_rewrite_end; ?></textarea>
|
| 549 |
|
|
|
|
|
|
|
| 550 |
</td>
|
| 551 |
</tr>
|
| 552 |
|
| 558 |
|
| 559 |
<tr>
|
| 560 |
<td class="bps-table_cell_help_custom_code">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 561 |
|
| 562 |
+
<?php
|
| 563 |
+
$hover_icon_deny_browser_access = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you which root htaccess file code goes in the CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES text box. Go to the htaccess File Editor tab page and copy your actual DENY BROWSER ACCESS TO THESE FILES root htaccess file code and paste it into this CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># DENY BROWSER ACCESS TO THESE FILES<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># wp-config.php, bb-config.php, php.ini, php5.ini, readme.html<br /># To be able to view these files from a Browser, replace 127.0.0.1 with your actual<br /># current IP address. Comment out: #Require all denied and Uncomment: Require ip 127.0.0.1<br /># Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1<br /># Note: The BPS System Info page displays which modules are loaded on your server.<br /><br /><FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)"><br /><IfModule mod_authz_core.c><br />Require all denied<br />#Require ip 127.0.0.1<br /></IfModule><br /><br /><IfModule !mod_authz_core.c><br /><IfModule mod_access_compat.c><br />Order Allow,Deny<br />Deny from all<br />#Allow from 127.0.0.1<br /></IfModule><br /></IfModule><br /></FilesMatch></pre></span></span></font></strong><br>';
|
| 564 |
+
?>
|
| 565 |
|
| 566 |
+
<?php echo $hover_icon_deny_browser_access; ?>
|
| 567 |
+
|
| 568 |
+
<strong><label for="bps-CCode"><?php _e('13. CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES:', 'bulletproof-security'); ?> </label></strong><br />
|
| 569 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire DENY BROWSER ACCESS section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 570 |
+
|
| 571 |
+
<textarea id="crypt13" class="bps-text-area-custom-code" name="bps_customcode_deny_files" tabindex="14"><?php echo $bps_customcode_deny_files; ?></textarea>
|
| 572 |
|
| 573 |
</td>
|
| 574 |
</tr>
|
| 575 |
<tr>
|
| 576 |
<td class="bps-table_cell_help_custom_code">
|
| 577 |
+
|
| 578 |
+
<?php
|
| 579 |
+
$hover_icon_cc_bottom = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for root Custom Code Setup Steps. This example code is a visual reference to show you where your custom htaccess code will be created in your root htaccess file. If you have Hotlinking, Redirect, IP Blocking htaccess code then copy and paste it into this CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE<br /># PLACEHOLDER ONLY<br /># Use BPS Custom Code to add custom code and save it permanently here.</pre></span></span></font></strong><br>';
|
| 580 |
+
?>
|
| 581 |
+
|
| 582 |
+
<?php echo $hover_icon_cc_bottom; ?>
|
| 583 |
+
|
| 584 |
+
<strong><label for="bps-CCode"><?php _e('14. CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here', 'bulletproof-security'); ?> </label></strong><br />
|
| 585 |
+
<strong><?php $text = '<font color="#2271b1">'.__('ONLY add valid htaccess code below or text commented out with a pound sign #', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 586 |
+
|
| 587 |
<textarea id="crypt14" class="bps-text-area-custom-code" name="bps_customcode_three" tabindex="15"><?php echo $bps_customcode_three; ?></textarea>
|
| 588 |
+
|
| 589 |
</td>
|
|
|
|
| 590 |
</tr>
|
| 591 |
<tr>
|
| 592 |
<td class="bps-table_cell_help_custom_code">
|
| 593 |
|
| 594 |
+
<?php echo '<label for="bps-mscan-label" style="">'.__('If you are unable to save Custom Code and/or see an error message when trying to save Custom Code, click the Encrypt Custom Code button first and then click the Save Root Custom Code button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-250-left"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your custom htaccess code unless you encrypt it first by clicking the Encrypt Custom Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt Custom Code button, but then want to add or edit additional custom code click the Decrypt Custom Code button. After you are done adding or editing custom code click the Encrypt Custom Code button before clicking the Save Root Custom Code button.', 'bulletproof-security').'<br><br>'.__('Additional Encrypt and Decrypt buttons have been added at the top of the Root Custom Code Form.', 'bulletproof-security').'<br><br>'.__('Click the Custom Code Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong><br><br>'; ?>
|
| 595 |
|
| 596 |
<input type="hidden" name="scrolltoCCode" value="<?php echo esc_html( $scrolltoCCode ); ?>" />
|
| 597 |
+
<input type="submit" name="bps_customcode_submit" value="<?php esc_attr_e('Save Root Custom Code', 'bulletproof-security'); ?>" class="button bps-button" onclick="return confirm('<?php $text = __('IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first before saving your Root Custom Code?', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to save your Root Custom Code or click Cancel.', 'bulletproof-security'); echo $text; ?>')" />
|
| 598 |
</form>
|
|
|
|
|
|
|
|
|
|
| 599 |
|
| 600 |
+
<br /><br />
|
| 601 |
+
<button onclick="bpsRootCCEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 602 |
+
<button onclick="bpsRootCCDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 603 |
+
|
| 604 |
+
</td>
|
|
|
|
| 605 |
</tr>
|
| 606 |
</table>
|
| 607 |
|
| 882 |
</div>
|
| 883 |
|
| 884 |
<?php
|
| 885 |
+
$BPS_wpadmin_Options = get_option('bulletproof_security_options_htaccess_res');
|
| 886 |
+
$GDMW_options = get_option('bulletproof_security_options_GDMW');
|
| 887 |
|
| 888 |
+
if ( isset( $BPS_wpadmin_Options['bps_wpadmin_restriction'] ) && $BPS_wpadmin_Options['bps_wpadmin_restriction'] == 'disabled' || isset( $GDMW_options['bps_gdmw_hosting'] ) && $GDMW_options['bps_gdmw_hosting'] == 'yes' ) {
|
| 889 |
|
| 890 |
} else {
|
| 891 |
?>
|
| 892 |
+
|
| 893 |
+
<h3><?php _e('wp-admin htaccess File Custom Code', 'bulletproof-security'); ?></h3>
|
| 894 |
<div id="cc-accordion-inner">
|
| 895 |
|
| 896 |
+
<button onclick="bpsWpadminCCEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 897 |
+
<button onclick="bpsWpadminCCDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 898 |
|
| 899 |
<table width="100%" border="0" cellspacing="0" cellpadding="10" class="bps-help_faq_table">
|
| 900 |
<tr>
|
| 901 |
+
<td class="bps-table_title"></td>
|
| 902 |
</tr>
|
| 903 |
<tr>
|
| 904 |
<td class="bps-table_cell_help_custom_code">
|
| 913 |
$bps_customcode_two_wpa = ! isset($CC_Options_wpadmin['bps_customcode_two_wpa']) ? '' : $CC_Options_wpadmin['bps_customcode_two_wpa'];
|
| 914 |
$bps_customcode_bpsqse_wpa = ! isset($CC_Options_wpadmin['bps_customcode_bpsqse_wpa']) ? '' : $CC_Options_wpadmin['bps_customcode_bpsqse_wpa'];
|
| 915 |
|
| 916 |
+
$hover_icon_deny_browser = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you which wp-admin htaccess file code goes in the CUSTOM CODE WPADMIN DENY BROWSER ACCESS TO FILES text box. Go to the htaccess File Editor tab page and copy your actual WPADMIN DENY BROWSER ACCESS TO FILES wp-admin htaccess file code and paste it into this CUSTOM CODE text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># WPADMIN DENY BROWSER ACCESS TO FILES<br /># Deny Browser access to /wp-admin/install.php<br /># Use BPS Custom Code to modify/edit/change this code and to save it permanently.<br /># To be able to view the install.php file from a Browser, replace 127.0.0.1 with your actual<br /># current IP address. Comment out: #Require all denied and Uncomment: Require ip 127.0.0.1<br /># Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1<br /># Note: The BPS System Info page displays which modules are loaded on your server.<br /><br /># BEGIN BPS WPADMIN DENY ACCESS TO FILES<br /><FilesMatch "^(install\.php)"><br /><IfModule mod_authz_core.c><br />Require all denied<br />#Require ip 127.0.0.1<br /></IfModule><br /><IfModule !mod_authz_core.c><br /><IfModule mod_access_compat.c><br />Order Allow,Deny<br />Deny from all<br />#Allow from 127.0.0.1<br /></IfModule><br /></IfModule><br /></FilesMatch><br /># END BPS WPADMIN DENY ACCESS TO FILES</pre></span></span></font></strong><br>';
|
| 917 |
+
|
| 918 |
+
$hover_icon_wpadmin_top = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you where your wp-admin custom htaccess code will be created in your wp-admin htaccess file. If you have custom wp-admin htaccess code, copy and paste it into this CUSTOM CODE WPADMIN TOP text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># BEGIN OPTIONAL WP-ADMIN ADDITIONAL SECURITY MEASURES:<br /><br /># BEGIN CUSTOM CODE WPADMIN TOP<br /># Use BPS wp-admin Custom Code to modify/edit/change this code and to save it permanently.<br /><div style="background-color:#FFFF00;padding:3px;"># CCWTOP - Your custom code will be created here when you activate wp-admin BulletProof Mode</div># END CUSTOM CODE WPADMIN TOP</pre></span></span></font></strong><br>';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 919 |
|
| 920 |
+
$hover_icon_skip_rules = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you where your wp-admin plugin/file skip rules code will be created in your wp-admin htaccess file. If you have wp-admin plugin/file skip rules code, copy and paste it into this CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># BEGIN CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES<br /># To add wp-admin plugin skip/bypass rules use BPS wp-admin Custom Code.<br /># If a plugin is calling a wp-admin file in a way that it is being blocked/forbidden<br />...<br />...<br /><div style="background-color:#FFFF00;padding:3px;"># CCWPF - Your custom code will be created here when you activate wp-admin BulletProof Mode</div># END CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES</pre></span></span></font></strong><br>';
|
|
|
|
| 921 |
|
| 922 |
+
$hover_icon_query_string = '<strong><font color="black"><span class="tooltip-575-270"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:0px;" /><span>'.__('Example Code: Click the Question Mark help button at the top of the Custom Code page for wp-admin Custom Code Setup Steps. This example code is a visual reference to show you which wp-admin htaccess file code goes in the CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS text box. Go to the htaccess File Editor tab page and copy your actual BPS QUERY STRING EXPLOITS AND FILTERS wp-admin htaccess file code and paste it into this CUSTOM CODE text box.', 'bulletproof-security').'<pre style="max-height:175px;max-width:565px;"># BEGIN BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS<br /># WORDPRESS WILL BREAK IF ALL THE BPSQSE FILTERS ARE DELETED<br /># Use BPS wp-admin Custom Code to modify/edit/change this code and to save it permanently.<br />RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]<br />.....<br />.....<br />RewriteCond %{QUERY_STRING} (sp_executesql) [NC]<br />RewriteRule ^(.*)$ - [F]<br /># END BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS</pre></span></span></font></strong><br>';
|
| 923 |
+
?>
|
| 924 |
|
| 925 |
+
<?php echo $hover_icon_deny_browser; ?>
|
| 926 |
+
|
| 927 |
+
<strong><label for="bps-CCode"><?php _e('1. CUSTOM CODE WPADMIN DENY BROWSER ACCESS TO FILES:<br>Add additional wp-admin files that you would like to block here', 'bulletproof-security'); ?> </label></strong><br />
|
| 928 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire WPADMIN DENY BROWSER ACCESS TO FILES section of code from your wp-admin .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. Add one pound sign # below to prevent the WPADMIN DENY BROWSER ACCESS TO FILES section of code from being created in your wp-admin .htaccess file', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 929 |
+
<textarea id="crypt15" class="bps-text-area-custom-code" name="bps_customcode_deny_files_wpa" tabindex="4"><?php echo $bps_customcode_deny_files_wpa; ?></textarea>
|
| 930 |
+
|
| 931 |
</td>
|
| 932 |
</tr>
|
| 933 |
<tr>
|
| 934 |
<td class="bps-table_cell_help_custom_code">
|
| 935 |
+
|
| 936 |
+
<?php echo $hover_icon_wpadmin_top; ?>
|
| 937 |
+
|
| 938 |
+
<strong><label for="bps-CCode"><?php _e('2. CUSTOM CODE WPADMIN TOP:<br>wp-admin password protection & miscellaneous custom code here', 'bulletproof-security'); ?> </label></strong><br />
|
| 939 |
+
<strong><?php $text = '<font color="#2271b1">'.__('ONLY add valid htaccess code below or text commented out with a pound sign #', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 940 |
+
|
| 941 |
+
<textarea id="crypt16" class="bps-text-area-custom-code" name="bps_customcode_one_wpa" tabindex="4"><?php echo $bps_customcode_one_wpa; ?></textarea>
|
| 942 |
+
|
| 943 |
</td>
|
|
|
|
| 944 |
</tr>
|
| 945 |
<tr>
|
| 946 |
<td class="bps-table_cell_help_custom_code">
|
| 947 |
+
|
| 948 |
+
<?php echo $hover_icon_skip_rules; ?>
|
| 949 |
+
|
| 950 |
+
<strong><label for="bps-CCode"><?php _e('3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES:<br>Add wp-admin plugin/file skip rules code here', 'bulletproof-security'); ?> </label></strong><br />
|
| 951 |
+
<strong><?php $text = '<font color="#2271b1">'.__('ONLY add valid htaccess code below or text commented out with a pound sign #', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 952 |
+
|
| 953 |
+
<textarea id="crypt17" class="bps-text-area-custom-code" name="bps_customcode_two_wpa" tabindex="5"><?php echo $bps_customcode_two_wpa; ?></textarea>
|
| 954 |
+
|
| 955 |
</td>
|
|
|
|
| 956 |
</tr>
|
| 957 |
<tr>
|
| 958 |
<td class="bps-table_cell_help_custom_code">
|
| 959 |
+
|
| 960 |
+
<?php echo $hover_icon_query_string; ?>
|
| 961 |
+
|
| 962 |
+
<strong><label for="bps-CCode"><?php _e('4. CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS:<br>Modify Query String Exploit code here', 'bulletproof-security'); ?> </label></strong><br />
|
| 963 |
+
<strong><?php $text = '<font color="#2271b1">'.__('You MUST copy and paste the entire BPS QUERY STRING EXPLOITS section of code from your wp-admin .htaccess file from # BEGIN BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS to # END BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'</font>'; echo $text; ?></strong><br />
|
| 964 |
+
|
| 965 |
<textarea id="crypt18" class="bps-text-area-custom-code" name="bps_customcode_bpsqse_wpa" tabindex="4"><?php echo $bps_customcode_bpsqse_wpa; ?></textarea>
|
| 966 |
+
|
| 967 |
</td>
|
|
|
|
| 968 |
</tr>
|
| 969 |
<tr>
|
| 970 |
<td class="bps-table_cell_help_custom_code">
|
| 971 |
|
| 972 |
+
<?php echo '<label for="bps-mscan-label" style="">'.__('If you are unable to save Custom Code and/or see an error message when trying to save Custom Code, click the Encrypt Custom Code button first and then click the Save wp-admin Custom Code button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-250-left"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your custom htaccess code unless you encrypt it first by clicking the Encrypt Custom Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt Custom Code button, but then want to add or edit additional custom code click the Decrypt Custom Code button. After you are done adding or editing custom code click the Encrypt Custom Code button before clicking the Save wp-admin Custom Code button.', 'bulletproof-security').'<br><br>'.__('Additional Encrypt and Decrypt buttons have been added at the top of the wp-admin Custom Code Form.', 'bulletproof-security').'<br><br>'.__('Click the Custom Code Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong><br><br>'; ?>
|
| 973 |
|
| 974 |
<input type="hidden" name="scrolltoCCodeWPA" value="<?php echo esc_html( $scrolltoCCodeWPA ); ?>" />
|
| 975 |
<input type="submit" name="bps_customcode_submit_wpa" value="<?php esc_attr_e('Save wp-admin Custom Code', 'bulletproof-security') ?>" class="button bps-button" onclick="return confirm('<?php $text = __('IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first before saving your wp-admin Custom Code?', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to save your wp-admin Custom Code or click Cancel.', 'bulletproof-security'); echo $text; ?>')" />
|
| 976 |
</form>
|
| 977 |
+
<br /><br />
|
| 978 |
+
<button onclick="bpsWpadminCCEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 979 |
+
<button onclick="bpsWpadminCCDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt Custom Code', 'bulletproof-security'); ?></button>
|
| 980 |
|
| 981 |
</td>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 982 |
</tr>
|
| 983 |
</table>
|
| 984 |
|
| 1083 |
</div>
|
| 1084 |
|
| 1085 |
<?php } ?>
|
| 1086 |
+
|
| 1087 |
+
</div>
|
| 1088 |
</div>
|
admin/core/core-export-import.php
CHANGED
|
@@ -27,7 +27,7 @@ function bps_Zip_CC_Master_File() {
|
|
| 27 |
|
| 28 |
// Use PclZip
|
| 29 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/core/' );
|
| 30 |
-
require_once
|
| 31 |
|
| 32 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 33 |
$previous_encoding = mb_internal_encoding();
|
|
@@ -175,7 +175,7 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 175 |
|
| 176 |
// NOTE: last modified date of files is not changed with PclZip
|
| 177 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/core/' );
|
| 178 |
-
require_once
|
| 179 |
|
| 180 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 181 |
$previous_encoding = mb_internal_encoding();
|
| 27 |
|
| 28 |
// Use PclZip
|
| 29 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/core/' );
|
| 30 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 31 |
|
| 32 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 33 |
$previous_encoding = mb_internal_encoding();
|
| 175 |
|
| 176 |
// NOTE: last modified date of files is not changed with PclZip
|
| 177 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/core/' );
|
| 178 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 179 |
|
| 180 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 181 |
$previous_encoding = mb_internal_encoding();
|
admin/core/core-forms.php
CHANGED
|
@@ -37,7 +37,7 @@ if ( isset( $_POST['Submit-WBM-Activate'] ) && current_user_can('manage_options'
|
|
| 37 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 38 |
$permsHtaccess = '';
|
| 39 |
if ( file_exists($wpadminHtaccess) ) {
|
| 40 |
-
$permsHtaccess =
|
| 41 |
}
|
| 42 |
$sapi_type = php_sapi_name();
|
| 43 |
$bpsString1 = "# CCWTOP";
|
|
@@ -51,8 +51,8 @@ if ( isset( $_POST['Submit-WBM-Activate'] ) && current_user_can('manage_options'
|
|
| 51 |
|
| 52 |
if ( file_exists($wpadminHtaccess) ) {
|
| 53 |
|
| 54 |
-
if (
|
| 55 |
-
|
| 56 |
}
|
| 57 |
}
|
| 58 |
|
|
@@ -66,8 +66,8 @@ if ( isset( $_POST['Submit-WBM-Activate'] ) && current_user_can('manage_options'
|
|
| 66 |
|
| 67 |
if ( file_exists($wpadminHtaccess) ) {
|
| 68 |
|
| 69 |
-
if (
|
| 70 |
-
|
| 71 |
}
|
| 72 |
|
| 73 |
$bpsBaseContent = file_get_contents($wpadminHtaccess);
|
|
@@ -120,7 +120,7 @@ if ( isset( $_POST['Submit-WBM-Deactivate'] ) && current_user_can('manage_option
|
|
| 120 |
|
| 121 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 122 |
|
| 123 |
-
|
| 124 |
|
| 125 |
if ( file_exists($wpadminHtaccess) ) {
|
| 126 |
|
|
@@ -257,7 +257,7 @@ if ( isset( $_POST['Submit-MBM-Deactivate'] ) && current_user_can('manage_option
|
|
| 257 |
|
| 258 |
$mbm_htaccess_file = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/.htaccess';
|
| 259 |
|
| 260 |
-
|
| 261 |
|
| 262 |
if ( file_exists($mbm_htaccess_file) ) {
|
| 263 |
|
|
@@ -341,7 +341,7 @@ if ( isset( $_POST['Submit-BBM-Deactivate'] ) && current_user_can('manage_option
|
|
| 341 |
|
| 342 |
$bbm_htaccess_file = WP_CONTENT_DIR . '/bps-backup/.htaccess';
|
| 343 |
|
| 344 |
-
|
| 345 |
|
| 346 |
if ( file_exists($bbm_htaccess_file) ) {
|
| 347 |
|
|
@@ -380,7 +380,7 @@ if ( isset( $_POST['Submit-Backup-htaccess-Files'] ) && current_user_can('manage
|
|
| 380 |
|
| 381 |
if ( ! file_exists($old_backroot) ) {
|
| 382 |
echo $bps_topDiv;
|
| 383 |
-
$text = '<font color="#fb0101"><strong>'.__('You do not
|
| 384 |
echo $text;
|
| 385 |
echo '</p></div>';
|
| 386 |
|
|
@@ -395,7 +395,7 @@ if ( isset( $_POST['Submit-Backup-htaccess-Files'] ) && current_user_can('manage
|
|
| 395 |
} else {
|
| 396 |
|
| 397 |
echo $bps_topDiv;
|
| 398 |
-
$text = '<font color="green"><strong>'.__('Your
|
| 399 |
echo $text;
|
| 400 |
echo $bps_bottomDiv;
|
| 401 |
}
|
|
@@ -403,7 +403,7 @@ if ( isset( $_POST['Submit-Backup-htaccess-Files'] ) && current_user_can('manage
|
|
| 403 |
|
| 404 |
if ( ! file_exists($old_backwpadmin) ) {
|
| 405 |
echo $bps_topDiv;
|
| 406 |
-
$text = '<font color="#fb0101"><strong>'.__('You do not
|
| 407 |
echo $text;
|
| 408 |
echo $bps_bottomDiv;
|
| 409 |
|
|
@@ -418,7 +418,7 @@ if ( isset( $_POST['Submit-Backup-htaccess-Files'] ) && current_user_can('manage
|
|
| 418 |
} else {
|
| 419 |
|
| 420 |
echo $bps_topDiv;
|
| 421 |
-
$text = '<font color="green"><strong>'.__('Your
|
| 422 |
echo $text;
|
| 423 |
echo $bps_bottomDiv;
|
| 424 |
}
|
|
@@ -443,24 +443,24 @@ if ( isset( $_POST['Submit-Restore-htaccess-Files'] ) && current_user_can('manag
|
|
| 443 |
$new_restoreroot = ABSPATH . '.htaccess';
|
| 444 |
$old_restorewpadmin = WP_CONTENT_DIR . '/bps-backup/master-backups/wpadmin.htaccess';
|
| 445 |
$new_restorewpadmin = ABSPATH . 'wp-admin/.htaccess';
|
| 446 |
-
$permsRootHtaccess =
|
| 447 |
$sapi_type = php_sapi_name();
|
| 448 |
|
| 449 |
if ( file_exists($old_restoreroot) ) {
|
| 450 |
|
| 451 |
-
if (
|
| 452 |
-
|
| 453 |
}
|
| 454 |
|
| 455 |
if ( ! copy($old_restoreroot, $new_restoreroot) ) {
|
| 456 |
echo $bps_topDiv;
|
| 457 |
-
echo '<font color="#fb0101"><strong>'.__('Failed to Restore Your Root htaccess File. Either you DO NOT
|
| 458 |
echo $bps_bottomDiv;
|
| 459 |
|
| 460 |
} else {
|
| 461 |
|
| 462 |
-
if (
|
| 463 |
-
|
| 464 |
}
|
| 465 |
|
| 466 |
echo $bps_topDiv;
|
|
@@ -474,7 +474,7 @@ if ( isset( $_POST['Submit-Restore-htaccess-Files'] ) && current_user_can('manag
|
|
| 474 |
|
| 475 |
if ( ! copy($old_restorewpadmin, $new_restorewpadmin) ) {
|
| 476 |
echo $bps_topDiv;
|
| 477 |
-
$text = '<font color="#fb0101"><strong>'.__('Failed to Restore Your wp-admin htaccess File. Either you DO NOT
|
| 478 |
echo $text;
|
| 479 |
echo $bps_bottomDiv;
|
| 480 |
|
|
@@ -488,232 +488,4 @@ if ( isset( $_POST['Submit-Restore-htaccess-Files'] ) && current_user_can('manag
|
|
| 488 |
}
|
| 489 |
}
|
| 490 |
|
| 491 |
-
// Custom Code page: Reset/Recheck Dismiss Notices
|
| 492 |
-
if ( isset( $_POST['bpsResetDismissSubmit'] ) && current_user_can('manage_options') ) {
|
| 493 |
-
check_admin_referer( 'bulletproof_security_reset_dismiss_notices' );
|
| 494 |
-
|
| 495 |
-
$user_id = $current_user->ID;
|
| 496 |
-
|
| 497 |
-
echo '<div id="message" class="updated fade" style="color:#000000;font-weight:600;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 498 |
-
|
| 499 |
-
|
| 500 |
-
|
| 501 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_iis_notice') ) {
|
| 502 |
-
$text = __('The Windows IIS Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 503 |
-
echo $text;
|
| 504 |
-
} else {
|
| 505 |
-
$text = '<span style="color:#008000;">'.__('Success! The Windows IIS check is reset.', 'bulletproof-security').'</span><br>';
|
| 506 |
-
echo $text;
|
| 507 |
-
}
|
| 508 |
-
|
| 509 |
-
if ( ! delete_user_meta($user_id, 'bps_bonus_code_dismiss_all_notice') ) {
|
| 510 |
-
$text = __('The Bonus Custom Code: Dismiss All Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 511 |
-
echo $text;
|
| 512 |
-
} else {
|
| 513 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Dismiss All Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 514 |
-
echo $text;
|
| 515 |
-
}
|
| 516 |
-
|
| 517 |
-
if ( ! delete_user_meta($user_id, 'bps_brute_force_login_protection_notice') ) {
|
| 518 |
-
$text = __('The Bonus Custom Code: Brute Force Login Protection Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 519 |
-
echo $text;
|
| 520 |
-
} else {
|
| 521 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Brute Force Login Protection Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 522 |
-
echo $text;
|
| 523 |
-
}
|
| 524 |
-
|
| 525 |
-
if ( ! delete_user_meta($user_id, 'bps_speed_boost_cache_notice') ) {
|
| 526 |
-
$text = __('The Bonus Custom Code: Speed Boost Cache Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 527 |
-
echo $text;
|
| 528 |
-
} else {
|
| 529 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Speed Boost Cache Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 530 |
-
echo $text;
|
| 531 |
-
}
|
| 532 |
-
|
| 533 |
-
if ( ! delete_user_meta($user_id, 'bps_author_enumeration_notice') ) {
|
| 534 |
-
$text = __('The Bonus Custom Code: Author Enumeration BOT Probe Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 535 |
-
echo $text;
|
| 536 |
-
} else {
|
| 537 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Author Enumeration BOT Probe Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 538 |
-
echo $text;
|
| 539 |
-
}
|
| 540 |
-
|
| 541 |
-
if ( ! delete_user_meta($user_id, 'bps_xmlrpc_ddos_notice') ) {
|
| 542 |
-
$text = __('The Bonus Custom Code: XML-RPC DDoS Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 543 |
-
echo $text;
|
| 544 |
-
} else {
|
| 545 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: XML-RPC DDoS Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 546 |
-
echo $text;
|
| 547 |
-
}
|
| 548 |
-
|
| 549 |
-
/*
|
| 550 |
-
if ( ! delete_user_meta($user_id, 'bps_referer_spam_notice') ) {
|
| 551 |
-
$text = __('The Bonus Custom Code: Referer Spam|Phishing Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 552 |
-
echo $text;
|
| 553 |
-
} else {
|
| 554 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Referer Spam|Phishing Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 555 |
-
echo $text;
|
| 556 |
-
}
|
| 557 |
-
*/
|
| 558 |
-
|
| 559 |
-
if ( ! delete_user_meta($user_id, 'bps_post_request_attack_notice') ) {
|
| 560 |
-
$text = __('The Bonus Custom Code: POST Request Attack Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 561 |
-
echo $text;
|
| 562 |
-
} else {
|
| 563 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: POST Request Attack Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 564 |
-
echo $text;
|
| 565 |
-
}
|
| 566 |
-
|
| 567 |
-
if ( ! delete_user_meta($user_id, 'bps_sniff_driveby_notice') ) {
|
| 568 |
-
$text = __('The Bonus Custom Code: Mime Sniffing|Drive-by Download Attack Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 569 |
-
echo $text;
|
| 570 |
-
} else {
|
| 571 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Mime Sniffing|Drive-by Download Attack Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 572 |
-
echo $text;
|
| 573 |
-
}
|
| 574 |
-
|
| 575 |
-
if ( ! delete_user_meta($user_id, 'bps_iframe_clickjack_notice') ) {
|
| 576 |
-
$text = __('The Bonus Custom Code: External iFrame|Clickjacking Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 577 |
-
echo $text;
|
| 578 |
-
} else {
|
| 579 |
-
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: External iFrame|Clickjacking Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 580 |
-
echo $text;
|
| 581 |
-
}
|
| 582 |
-
|
| 583 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_PhpiniHandler_notice') ) {
|
| 584 |
-
$text = __('The PHP|php.ini handler htaccess code check Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 585 |
-
echo $text;
|
| 586 |
-
} else {
|
| 587 |
-
$text = '<span style="color:#008000;">'.__('Success! The PHP|php.ini handler htaccess code check is reset.', 'bulletproof-security').'</span><br>';
|
| 588 |
-
echo $text;
|
| 589 |
-
}
|
| 590 |
-
|
| 591 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_safemode_notice') ) {
|
| 592 |
-
$text = __('The Safe Mode HUD Check Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 593 |
-
echo $text;
|
| 594 |
-
} else {
|
| 595 |
-
$text = '<span style="color:#008000;">'.__('Success! The Safe Mode HUD Check is reset.', 'bulletproof-security').'</span><br>';
|
| 596 |
-
echo $text;
|
| 597 |
-
}
|
| 598 |
-
|
| 599 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_Permalinks_notice') ) {
|
| 600 |
-
$text = __('The Custom Permalinks HUD Check Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 601 |
-
echo $text;
|
| 602 |
-
} else {
|
| 603 |
-
$text = '<span style="color:#008000;">'.__('Success! The Custom Permalinks HUD Check is reset.', 'bulletproof-security').'</span><br>';
|
| 604 |
-
echo $text;
|
| 605 |
-
}
|
| 606 |
-
|
| 607 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_sucuri_notice') ) {
|
| 608 |
-
$text = __('The Sucuri Restrict wp-content access Hardening Option problem Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 609 |
-
echo $text;
|
| 610 |
-
} else {
|
| 611 |
-
$text = '<span style="color:#008000;">'.__('Success! The Sucuri Restrict wp-content access Hardening Option problem check is reset.', 'bulletproof-security').'</span><br>';
|
| 612 |
-
echo $text;
|
| 613 |
-
}
|
| 614 |
-
|
| 615 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_wpfirewall2_notice') ) {
|
| 616 |
-
$text = __('The WordPress Firewall 2 Plugin Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 617 |
-
echo $text;
|
| 618 |
-
} else {
|
| 619 |
-
$text = '<span style="color:#008000;>'.__('Success! The WordPress Firewall 2 Plugin check is reset.', 'bulletproof-security').'</span><br>';
|
| 620 |
-
echo $text;
|
| 621 |
-
}
|
| 622 |
-
|
| 623 |
-
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_speed_boost_notice') ) {
|
| 624 |
-
$text = __('The New Improved BPS Speed Boost Cache Code Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 625 |
-
echo $text;
|
| 626 |
-
} else {
|
| 627 |
-
$text = '<span style="color:#008000;">'.__('Success! The New Improved BPS Speed Boost Cache Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 628 |
-
echo $text;
|
| 629 |
-
}
|
| 630 |
-
|
| 631 |
-
/*
|
| 632 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_autoupdate_notice') ) {
|
| 633 |
-
$text = __('The BPS Plugin Automatic Update Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 634 |
-
echo $text;
|
| 635 |
-
} else {
|
| 636 |
-
$text = '<span style="color:#008000;">'.__('Success! The BPS Plugin Automatic Update Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 637 |
-
echo $text;
|
| 638 |
-
}
|
| 639 |
-
*/
|
| 640 |
-
|
| 641 |
-
/*
|
| 642 |
-
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_EPC_plugin_notice') ) {
|
| 643 |
-
$text = __('The Endurance Page Cache (EPC) plugin Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 644 |
-
echo $text;
|
| 645 |
-
} else {
|
| 646 |
-
$text = '<span style="color:#008000;">'.__('Success! The Endurance Page Cache (EPC) plugin Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 647 |
-
echo $text;
|
| 648 |
-
}
|
| 649 |
-
*/
|
| 650 |
-
/*
|
| 651 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_mscan_notice') ) {
|
| 652 |
-
$text = __('The MScan First Run Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 653 |
-
echo $text;
|
| 654 |
-
} else {
|
| 655 |
-
$text = '<span style="color:#008000;">'.__('Success! The MScan First Run Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 656 |
-
echo $text;
|
| 657 |
-
}
|
| 658 |
-
*/
|
| 659 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_jtc_lite_notice') ) {
|
| 660 |
-
$text = __('The JTC-Lite New Feature Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 661 |
-
echo $text;
|
| 662 |
-
} else {
|
| 663 |
-
$text = '<span style="color:#008000;">'.__('Success! The JTC-Lite New Feature Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 664 |
-
echo $text;
|
| 665 |
-
}
|
| 666 |
-
|
| 667 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_rate_notice') ) {
|
| 668 |
-
$text = __('The BPS Plugin Star Rating Request Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 669 |
-
echo $text;
|
| 670 |
-
} else {
|
| 671 |
-
$text = '<span style="color:#008000;">'.__('Success! The BPS Plugin Star Rating Request Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 672 |
-
echo $text;
|
| 673 |
-
}
|
| 674 |
-
|
| 675 |
-
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_mod_security_notice') ) {
|
| 676 |
-
$text = __('The Mod Security Module is Loaded|Enabled Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 677 |
-
echo $text;
|
| 678 |
-
} else {
|
| 679 |
-
$text = '<span style="color:#008000;">'.__('Success! The Mod Security Module is Loaded|Enabled Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 680 |
-
echo $text;
|
| 681 |
-
}
|
| 682 |
-
|
| 683 |
-
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_gdpr_compliance_notice') ) {
|
| 684 |
-
$text = __('The GDPR Compliance Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 685 |
-
echo $text;
|
| 686 |
-
} else {
|
| 687 |
-
$text = '<span style="color:#008000;">'.__('Success! The GDPR Compliance Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 688 |
-
echo $text;
|
| 689 |
-
}
|
| 690 |
-
|
| 691 |
-
if ( ! delete_user_meta($user_id, 'bps_ignore_root_version_check_notice') ) {
|
| 692 |
-
$text = __('The Root htaccess File Version Check Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 693 |
-
echo $text;
|
| 694 |
-
} else {
|
| 695 |
-
$text = '<span style="color:#008000;">'.__('Success! The Root htaccess File Version Check Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 696 |
-
echo $text;
|
| 697 |
-
}
|
| 698 |
-
|
| 699 |
-
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_mu_wp_automatic_updates_notice') ) {
|
| 700 |
-
$text = __('The BPS wp-config.php file WP Automatic Update constants detected Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 701 |
-
echo $text;
|
| 702 |
-
} else {
|
| 703 |
-
$text = '<span style="color:#008000;">'.__('Success! The BPS wp-config.php file WP Automatic Update constants detected Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 704 |
-
echo $text;
|
| 705 |
-
}
|
| 706 |
-
|
| 707 |
-
if ( ! delete_user_meta($user_id, 'bpsPro_hud_owner_uid_check_notice') ) {
|
| 708 |
-
$text = __('The Script|File Owner User ID Mismatch Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 709 |
-
echo $text;
|
| 710 |
-
} else {
|
| 711 |
-
$text = '<span style="color:#008000;">'.__('Success! The Script|File Owner User ID Mismatch Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 712 |
-
echo $text;
|
| 713 |
-
}
|
| 714 |
-
|
| 715 |
-
echo '<div class="bps-message-button" style="width:90px;margin-bottom:9px;"><a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ).'">'.__('Refresh Status', 'bulletproof-security').'</a></div>';
|
| 716 |
-
echo '</p></div>';
|
| 717 |
-
}
|
| 718 |
-
|
| 719 |
?>
|
| 37 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 38 |
$permsHtaccess = '';
|
| 39 |
if ( file_exists($wpadminHtaccess) ) {
|
| 40 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
| 41 |
}
|
| 42 |
$sapi_type = php_sapi_name();
|
| 43 |
$bpsString1 = "# CCWTOP";
|
| 51 |
|
| 52 |
if ( file_exists($wpadminHtaccess) ) {
|
| 53 |
|
| 54 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 55 |
+
chmod($wpadminHtaccess, 0644);
|
| 56 |
}
|
| 57 |
}
|
| 58 |
|
| 66 |
|
| 67 |
if ( file_exists($wpadminHtaccess) ) {
|
| 68 |
|
| 69 |
+
if ( $permsHtaccess != '0666' || $permsHtaccess != '0777' ) { // Windows IIS, XAMPP, etc
|
| 70 |
+
chmod($wpadminHtaccess, 0644);
|
| 71 |
}
|
| 72 |
|
| 73 |
$bpsBaseContent = file_get_contents($wpadminHtaccess);
|
| 120 |
|
| 121 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 122 |
|
| 123 |
+
unlink($wpadminHtaccess);
|
| 124 |
|
| 125 |
if ( file_exists($wpadminHtaccess) ) {
|
| 126 |
|
| 257 |
|
| 258 |
$mbm_htaccess_file = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/.htaccess';
|
| 259 |
|
| 260 |
+
unlink($mbm_htaccess_file);
|
| 261 |
|
| 262 |
if ( file_exists($mbm_htaccess_file) ) {
|
| 263 |
|
| 341 |
|
| 342 |
$bbm_htaccess_file = WP_CONTENT_DIR . '/bps-backup/.htaccess';
|
| 343 |
|
| 344 |
+
unlink($bbm_htaccess_file);
|
| 345 |
|
| 346 |
if ( file_exists($bbm_htaccess_file) ) {
|
| 347 |
|
| 380 |
|
| 381 |
if ( ! file_exists($old_backroot) ) {
|
| 382 |
echo $bps_topDiv;
|
| 383 |
+
$text = '<font color="#fb0101"><strong>'.__('You do not have an .htaccess file in your Root folder to backup.', 'bulletproof-security').'</strong></font>';
|
| 384 |
echo $text;
|
| 385 |
echo '</p></div>';
|
| 386 |
|
| 395 |
} else {
|
| 396 |
|
| 397 |
echo $bps_topDiv;
|
| 398 |
+
$text = '<font color="green"><strong>'.__('Your Root .htaccess file has been backed up successfully.', 'bulletproof-security').'</strong></font>';
|
| 399 |
echo $text;
|
| 400 |
echo $bps_bottomDiv;
|
| 401 |
}
|
| 403 |
|
| 404 |
if ( ! file_exists($old_backwpadmin) ) {
|
| 405 |
echo $bps_topDiv;
|
| 406 |
+
$text = '<font color="#fb0101"><strong>'.__('You do not have an htaccess file in your wp-admin folder to backup.', 'bulletproof-security').'</strong></font>';
|
| 407 |
echo $text;
|
| 408 |
echo $bps_bottomDiv;
|
| 409 |
|
| 418 |
} else {
|
| 419 |
|
| 420 |
echo $bps_topDiv;
|
| 421 |
+
$text = '<font color="green"><strong>'.__('Your wp-admin htaccess file has been backed up successfully.', 'bulletproof-security').'</strong></font><br>';
|
| 422 |
echo $text;
|
| 423 |
echo $bps_bottomDiv;
|
| 424 |
}
|
| 443 |
$new_restoreroot = ABSPATH . '.htaccess';
|
| 444 |
$old_restorewpadmin = WP_CONTENT_DIR . '/bps-backup/master-backups/wpadmin.htaccess';
|
| 445 |
$new_restorewpadmin = ABSPATH . 'wp-admin/.htaccess';
|
| 446 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($new_restoreroot)), -4);
|
| 447 |
$sapi_type = php_sapi_name();
|
| 448 |
|
| 449 |
if ( file_exists($old_restoreroot) ) {
|
| 450 |
|
| 451 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 452 |
+
chmod($new_restoreroot, 0644);
|
| 453 |
}
|
| 454 |
|
| 455 |
if ( ! copy($old_restoreroot, $new_restoreroot) ) {
|
| 456 |
echo $bps_topDiv;
|
| 457 |
+
echo '<font color="#fb0101"><strong>'.__('Failed to Restore Your Root htaccess File. Either you DO NOT have a Backed up Root htaccess file or your Root htaccess file permissions do not allow the file to be replaced/restored.', 'bulletproof-security').'</strong></font>';
|
| 458 |
echo $bps_bottomDiv;
|
| 459 |
|
| 460 |
} else {
|
| 461 |
|
| 462 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $options['bps_root_htaccess_autolock'] != 'Off' || isset($options['bps_root_htaccess_autolock']) && $options['bps_root_htaccess_autolock'] != 'On' ) {
|
| 463 |
+
chmod($new_restoreroot, 0404);
|
| 464 |
}
|
| 465 |
|
| 466 |
echo $bps_topDiv;
|
| 474 |
|
| 475 |
if ( ! copy($old_restorewpadmin, $new_restorewpadmin) ) {
|
| 476 |
echo $bps_topDiv;
|
| 477 |
+
$text = '<font color="#fb0101"><strong>'.__('Failed to Restore Your wp-admin htaccess File. Either you DO NOT have a Backed up wp-admin htaccess file or your wp-admin htaccess file permissions do not allow the file to be replaced/restored.', 'bulletproof-security').'</strong></font>';
|
| 478 |
echo $text;
|
| 479 |
echo $bps_bottomDiv;
|
| 480 |
|
| 488 |
}
|
| 489 |
}
|
| 490 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 491 |
?>
|
admin/core/core-help-text.php
CHANGED
|
@@ -9,10 +9,10 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 9 |
$bps_general_help_info = '<strong>'.__('General Help Info', 'bulletproof-security').'</strong><br>'.__('The Setup Wizard automatically sets up and activates all BulletProof Modes and all other BPS settings with default settings. The Setup Wizard can be re-run at any time. If you change any BPS default settings, your custom settings will not be changed/reset by re-running the Setup Wizard. The manual Security Modes option settings are for doing things like changing default settings, adding custom htaccess code to BPS Custom Code, testing and troubleshooting by deactivating (turning Off) BulletProof Modes.', 'bulletproof-security').'<br><br>';
|
| 10 |
|
| 11 |
/** Root Folder BulletProof Mode & Other Help Info **/
|
| 12 |
-
$bps_rbm_content = '<strong>'.__('Activate|Deactivate Root Folder BulletProof Mode (RBM)', 'bulletproof-security').'</strong><br>'.__('Clicking the Activate button turns On Root Folder BulletProof Mode (RBM) by creating a BPS htaccess file in your WordPress root installation folder (same folder as the wp-config.php file). Clicking the Deactivate button turns Off Root Folder BulletProof Mode (RBM) by creating a generic/default WordPress htaccess file in your WordPress root installation folder. Deactivating Root Folder BulletProof Mode (RBM) is used for testing and troubleshooting. Click the BPS Troubleshooting Steps link at the top of this
|
| 13 |
|
| 14 |
/** wp-admin Folder BulletProof Mode **/
|
| 15 |
-
$bps_wbm_content = '<strong>'.__('Activate|Deactivate wp-admin Folder BulletProof Mode (WBM)', 'bulletproof-security').'</strong><br>'.__('Clicking the Activate button turns On wp-admin Folder BulletProof Mode (WBM) by creating a BPS htaccess file in your WordPress wp-admin folder. Clicking the Deactivate button turns Off wp-admin Folder BulletProof Mode (WBM) by deleting the BPS htaccess file in your WordPress wp-admin folder. Deactivating wp-admin Folder BulletProof Mode (WBM) is used for testing and troubleshooting. Click the BPS Troubleshooting Steps link at the top of this
|
| 16 |
|
| 17 |
/** Hidden Plugin Folders|Files (HPF) Cron **/
|
| 18 |
$bps_hpf_content = '<strong>'.__('Hidden Plugin Folders|Files (HPF) Cron General Info', 'bulletproof-security').'</strong><br>'.__('A hidden or empty plugin folder is a plugin the exists in your /plugins/ folder, but is not displayed on the WordPress Plugins page. A hidden plugin can be used as a hacker backdoor to gain access to your WP Dashboard, hosting account, create user accounts, completely control your website and hosting account, etc. A non-standard WP file or modified/altered file in your /plugins/ folder can also do all of the things a hidden plugin can do.', 'bulletproof-security').'<br><br>'.__('The HPF Cron is setup automatically by running the Setup Wizard. The HPF Cron checks the WordPress /plugins/ folder for hidden or empty plugin folders and any non-standard WP files or altered files in the /plugins/ folder. This is a lightweight Cron check that uses an insignificant amount of resources/memory. So 4 checks per hour (check every 15 minutes) will not cause any significant resource/memory issues whatsoever. Even choosing Run Check Every 1 Minute would not cause any significant resource/memory issues whatsoever.', 'bulletproof-security').'<br><br><strong>'.__('What to do if a hidden plugin folder or file is detected', 'bulletproof-security').'</strong><br>'.__('If a hidden or empty plugin folder is detected or a non-standard WP file is detected then you would use FTP to check the folder or file. If the folder or file contains hacker code or is a hidden plugin or is a non-standard WP file then make a copy of it and delete it. If the plugin folder is just an empty plugin folder then delete it. If you recognize the folder or file you can use the Ignore Hidden Plugin Folders & Files textarea box option to ignore/not check this folder or file.', 'bulletproof-security').'<br><br><strong>'.__('Dashboard Alerts & Email Alerts:', 'bulletproof-security').'</strong><br>'.__('If a hidden or empty plugin folder is detected or a non-standard WP file is detected then a BPS Dashboard Alert will be displayed and Email Alert will be sent to you. ', 'bulletproof-security').'<strong><font color="blue">'.__('BPS Pro Only:', 'bulletproof-security').'</font></strong>'.__(' The HPF Email Alert setting is in S-Monitor: HPF: Hidden Plugin Folders|Files (HPF) Cron and the option settings are: Send Email Alerts or Do Not Send Email Alerts.', 'bulletproof-security').'<br><br><strong>'.__('HPF Cron Check Frequency:', 'bulletproof-security').'</strong><br>'.__('Available Cron Check Frequency Settings are: 1, 5, 10, 15, 30 or 60 minutes. The default HPF Cron Frequency is: Run Check Every 15 Minutes, which is setup automatically by running the Setup Wizard. Click the Save HPF Cron Options button to save your settings.', 'bulletproof-security').'<br><br><strong>'.__('HPF Cron On|Off:', 'bulletproof-security').'</strong><br>'.__('To turn on the HPF Cron choose HPF Cron On. To turn off the HPF Cron choose HPF Cron Off. Click the Save HPF Cron Options button to save your settings.', 'bulletproof-security').'<br><br><strong>'.__('Ignore Hidden Plugin Folders & Files:', 'bulletproof-security').'</strong><br>'.__('This option is for adding ignore rules for Hidden or Empty Plugin Folders Detected by BPS or Non-standard WP files detected by BPS in your /plugins/ folder. This is an independent option setting that does not require clicking any other buttons. Example Usage: If you intentionally have an empty plugin folder in your /plugins/ folder or you have a custom file in your /plugins/ folder then you can add the plugin folder or custom file name in the Ignore Hidden Plugin Folders & Files textarea box so that the HPF Cron check will ignore any folder or file names that you add. Add Ignore rules using plugin folder names or file names. Use a comma and a space between folder and/or file names. Example Ignore Rules: plugin-folder-name, example-file-name.php', 'bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.','bulletproof-security').'</strong>';
|
|
@@ -27,7 +27,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 27 |
$bps_backup_restore_content = __('The Backup and Restore tools can be used to quickly backup and restore the root and wp-admin htaccess files. Example usage: You are testing some code and want to save copies of your working root and wp-admin htaccess files so that you can quickly restore them. It is not necessary to create backups of the root and wp-admin htaccess files. These tools should just be used as stated above.', 'bulletproof-security').'<br><br><strong>'.__('Note:', 'bulletproof-security').'</strong><br>'.__('Typically if invalid/bad htaccess code is added in an htaccess file then most likely your site will crash. The quick and simple solution if your website crashes is to use FTP or your web host control panel file manager and delete the htaccess file that has the invalid/bad htaccess code in it so you can log back into your site and correct or delete the invalid/bad htaccess code. So using Backup & Restore will not work in a scenario where invalid/bad htaccess code has caused your website to crash.','bulletproof-security').'<br><br><strong>'.__('Tip:', 'bulletproof-security').'</strong><br>'.__('A more practical method of temporarily testing new htaccess code is to use the htaccess File Editor. Example: You add your new htaccess code using the htaccess File Editor, save it and activate BulletProof Mode instead of using these Backup & Restore options. Or you can use Custom Code. Example: You add your new htaccess code using BPS Custom Code, save it and activate BulletProof Mode.', 'bulletproof-security').'<br><br><strong>'.__('Reminder:', 'bulletproof-security').'</strong><br>'.__('Any htaccess code that you add using the htaccess File Editor is not saved permanently. To save any new htaccess code permanently use BPS Custom Code.', 'bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.', 'bulletproof-security').'</strong>';
|
| 28 |
|
| 29 |
/** htaccess File Editing **/
|
| 30 |
-
$bps_hfe_content = '<strong>'.__('
|
| 31 |
|
| 32 |
/** Custom Code - Network/Multisite specific **/
|
| 33 |
if ( is_multisite() ) {
|
|
@@ -37,6 +37,6 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 37 |
}
|
| 38 |
|
| 39 |
/** Custom Code **/
|
| 40 |
-
$bps_customcode_content = '<strong>'.__('Reset|Recheck Dismiss Notices:', 'bulletproof-security').'</strong><br>'.__('Clicking this button resets ALL Dismiss Notices such as Bonus Code Dismiss Notices and ALL other Dismiss Notices. If you previously dismissed a Dismiss Notice and want to display it again at a later time click this button.', 'bulletproof-security').'<br><br><strong>'.__('Export Tool', 'bulletproof-security').'</strong><br>'.__('The Custom Code Export tool exports (copies) all of your Root and wp-admin custom htaccess code into the cc-master.zip file, which you can then download to your computer by clicking the Download Zip Export button displayed in the Custom Code Export success message. You can unzip the cc-master.zip file on your computer to extract the cc-master.txt file for editing - see the Import Tool help info below.', 'bulletproof-security').'<br><br><strong>'.__('Import Tool', 'bulletproof-security').'</strong><br>'.__('The Custom Code Import tool imports all of your Root and wp-admin Custom Code from the cc-master.zip file on your computer into the Custom Code text boxes and saves your imported custom htaccess code to your WordPress Database. You can unzip the cc-master.zip file on your computer to extract the cc-master.txt file for editing to add/change any custom htaccess code in the cc-master.txt file. Do NOT delete any of the BEGIN and END placeholder lines of code in the cc-master.txt file. You can add/edit/change any code in-between the BEGIN and END lines of code. After editing the cc-master.txt file you will need to zip the cc-master.txt file in order to be able to import the cc-master.zip file using the Custom Code Import tool. The zip file MUST be named cc-master.zip in order to be able to Import it to BPS Custom Code. Important Note: Use Notepad, Notepad++ or another ASCII text editor to edit the cc-master.txt file. Do NOT use Word or WordPad to edit the cc-master.txt file.', 'bulletproof-security').'<br><br><strong>'.__('Delete Tool', 'bulletproof-security').'</strong><br>'.__('The Custom Code Delete tool deletes all of your Root and wp-admin Custom Code from all of the Custom Code text boxes and your WordPress Database. The Delete tool can be used for troubleshooting possible invalid/bad custom htaccess code issues/problems or simply just to delete all custom htaccess code in all of the Custom Code text boxes.', 'bulletproof-security').'<br><br><strong>'.__('Custom Code General Help Information', 'bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code into these text areas/text boxes. If you want to add regular text instead of .htaccess code then you will need to add a pound sign # in front of the text to comment it out. If you do not do this then the next time you activate BulletProof Mode for your Root folder or your wp-admin folder your website WILL crash.', 'bulletproof-security').'<br><br>'.__('For Custom Code text boxes the require that you copy the entire section of code that you want to edit and modify you will see this blue help text - ', 'bulletproof-security').'<strong><font color="blue">'.__('"You MUST copy and paste the entire xxxxx section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes."', 'bulletproof-security').'</font></strong><br><br><strong>'.__('If you do not copy the entire section of code into a text box that requires this then the next time activate BulletProof Mode for your Root folder or your wp-admin folder your website WILL crash.', 'bulletproof-security').'</strong><br><br><strong>'.__('If your website crashes after adding custom code: Use FTP or use your web host control panel file manager and delete the root .htaccess file or the wp-admin file or both files if necessary. Log back into your website and correct/fix the invalid/incorrect custom htaccess code that was added in any of the Custom Code text boxes, save your changes, go to the Security Modes page and click the Activate button for the Root or wp-admin Folder BulletProof Mode or both if necessary.', 'bulletproof-security').'</strong><br><br><strong>'.__('Your Custom Code is saved permanently until you delete it and will not be removed or deleted when you upgrade BPS.','bulletproof-security').'</strong><br><br><strong>'.__('Root htaccess File Custom Code Setup Steps', 'bulletproof-security').'</strong><br>'.__('1. Add your custom code in the appropriate Root Custom Code text box.', 'bulletproof-security').'<br>'.__('2. Click the Encrypt Custom Code button - You only need to do this step if you are unable to save your custom code - See the Encryption|Decryption ModSecurity CRS Bypass help section below.', 'bulletproof-security').'<br>'.__('3. Click the Save Root Custom Code button to save your Root custom code.', 'bulletproof-security').'<br>'.__('4. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.', 'bulletproof-security').'<br><br><strong>'.__('Encryption|Decryption ModSecurity CRS Bypass', 'bulletproof-security').'</strong><br>'.__('ModSecurity CRS is a security feature installed on some web hosts. ModSecurity CRS sees the legitimate htaccess code in the Custom Code text boxes as malicious and will prevent you from saving your custom htaccess code. When trying to save your custom code you may see an error message or you may be redirected to your website Home page or nothing happens or other various problems. To evade/bypass ModSecurity CRS click the Encrypt Custom Code button before clicking the Save Custom Code buttons. Your custom htaccess code is encrypted in the POST Form submission and then decrypted in the Form processing code. That means that your custom htaccess code is only encrypted temporarily during Custom Code Form submission to bypass/evade ModSecurity CRS detection. The Decrypt Custom Code feature was added as an additional user friendly convenience feature. It allows you to decrypt your custom code in real time if you already clicked the Encrypt Custom Code button. You can then continue adding or editing your custom code and then click the Encrypt Custom Code button again when you are done adding or editing custom code. Important!!! Do not forget to click the Encrypt Custom Code button before clicking the Save Custom Code buttons.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE:', 'bulletproof-security').'<br>'.__('Add php/php.ini handler code, cache code and/or Speed Boost Cache Code here', 'bulletproof-security').'</strong><br>'.__('ONLY add valid php/php.ini handler htaccess code and/or cache htaccess code or text commented out with a pound sign #.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE:', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire TURN OFF YOUR SERVER SIGNATURE section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION:','bulletproof-security').'</strong><br>'.__('This Custom Code text box is for optional/Bonus code. To get this code see the Forum Help Links at the top of this Read Me help window. CAUTION! This code has a 95%/5% success/fail ratio meaning that this code will not work on 5% of websites. If you see a 403 error when logging out and logging into your website then you cannot use this code on your website and will need to delete this code to correct the 403 error when logging out and logging into your website.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE ERROR LOGGING AND TRACKING:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire ERROR LOGGING AND TRACKING section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS:', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WP-ADMIN/INCLUDES: DO NOT add wp-admin .htaccess file code here', 'bulletproof-security').'</strong><br>'.__('Add one pound sign # in this text box to prevent the WP-ADMIN/INCLUDES section of code from being created in your root .htaccess file.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WP REWRITE LOOP START: Add www to non-www/non-www to www code here', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire WP REWRITE LOOP START section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE REQUEST METHODS FILTERED: Whitelist User Agents and allow HEAD Requests', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire REQUEST METHODS FILTERED section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. If you see this code: ','bulletproof-security').'RewriteRule ^(.*)$ - [R=405,L]'.__('. To Allow HEAD Requests, comment out these 2 lines of code with # signs: ', 'bulletproof-security').'#RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] and #RewriteRule ^(.*)$ - [R=405,L].'.__(' If you see this code: ','bulletproof-security').'RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]'.__('. To Allow HEAD Requests, comment out these 2 lines of code with # signs: ', 'bulletproof-security').'#RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] and #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L].<br><br><strong>'.__('CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES:','bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code or text commented out with a pound sign #. This text area is for plugin fixes that are specific to your website. BPS already has some plugin skip/bypass rules included in the Root htaccess file by default. Adding additional plugin skip/bypass rules for your plugins on your website goes in this text box. There are 12 default skip rules in the standard BPS root htaccess file already. Skip rules MUST be in descending consecutive number order: 15, 14, 13... If you add one plugin skip/bypass rule in this text box it should be skip rule #13. For each additional plugin skip rule that you add the S= skip number is increased by one. Example: if you add 3 plugin skip rules in this text box they would be Skip rules #15, #14 and #13 - RewriteRule . - [S=15] and RewriteRule . - [S=14] and RewriteRule . - [S=13] in descending consecutive order', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire TIMTHUMB FORBID RFI section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire BPSQSE QUERY STRING EXPLOITS section of code from your root .htaccess file from # BEGIN BPSQSE BPS QUERY STRING EXPLOITS to # END BPSQSE BPS QUERY STRING EXPLOITS into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').$network_cc_help.'<br><br><strong>'.__('CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire DENY BROWSER ACCESS section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here','bulletproof-security').'</strong><br>'.__('This Custom Code text box is for any/all personal custom code that you have created or want to use that is not standard BPS htaccess code. ONLY add valid htaccess code below or text commented out with a pound sign # You can save any miscellaneous custom htaccess code here as long as it is valid htaccess code or if it is just plain text then you will need to comment it out with a pound sign # in front of the text.', 'bulletproof-security').'<br><br><strong>'.__('wp-admin htaccess File Custom Code Steps','bulletproof-security').'</strong><br>'.__('1. Add your custom code in the appropriate wp-admin Custom Code text box.', 'bulletproof-security').'<br>'.__('2. Click the Save wp-admin Custom Code button to save your wp-admin custom code.', 'bulletproof-security').'<br>'.__('3. Go to the Security Modes page and click the wp-admin Folder BulletProof Mode Activate button.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BPS WPADMIN DENY ACCESS TO FILES:','bulletproof-security').'<br>'.__('Add additional wp-admin files that you would like to block here','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire WPADMIN DENY BROWSER ACCESS TO FILES section of code from your wp-admin .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. Add one pound sign # below to prevent the WPADMIN DENY BROWSER ACCESS TO FILES section of code from being created in your wp-admin .htaccess file.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WPADMIN TOP:','bulletproof-security').'<br>'.__('Add wp-admin password protection, IP whitelist allow access & miscellaneous custom code here','bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code below or text commented out with a pound sign # You can save any miscellaneous custom htaccess code here as long as it is valid htaccess code or if it is just plain text then you will need to comment it out with a pound sign # in front of the text.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES:','bulletproof-security').'<br>'.__('Add wp-admin plugin/file skip rules code here','bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code below or text commented out with a pound sign #. There is currently one default skip rule [S=1] in the standard BPS wp-admin htaccess file already. Skip rules MUST be in descending consecutive number order: 4, 3, 2... If you add one plugin skip/bypass rule in this text box it will be skip rule #2. For each additional plugin skip rule that you add the S= skip number is increased by one. Example: if you add 3 plugin skip rules in this text box they would be Skip rules #4, #3 and #2 - RewriteRule . - [S=4] and RewriteRule . - [S=3] and RewriteRule . - [S=2] in descending consecutive order.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS:','bulletproof-security').'<br>'.__('Modify wp-admin Query String Exploit code here','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire BPS QUERY STRING EXPLOITS section of code from your wp-admin .htaccess file from # BEGIN BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS to # END BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.','bulletproof-security').'</strong>';
|
| 41 |
|
| 42 |
?>
|
| 9 |
$bps_general_help_info = '<strong>'.__('General Help Info', 'bulletproof-security').'</strong><br>'.__('The Setup Wizard automatically sets up and activates all BulletProof Modes and all other BPS settings with default settings. The Setup Wizard can be re-run at any time. If you change any BPS default settings, your custom settings will not be changed/reset by re-running the Setup Wizard. The manual Security Modes option settings are for doing things like changing default settings, adding custom htaccess code to BPS Custom Code, testing and troubleshooting by deactivating (turning Off) BulletProof Modes.', 'bulletproof-security').'<br><br>';
|
| 10 |
|
| 11 |
/** Root Folder BulletProof Mode & Other Help Info **/
|
| 12 |
+
$bps_rbm_content = '<strong>'.__('Activate|Deactivate Root Folder BulletProof Mode (RBM)', 'bulletproof-security').'</strong><br>'.__('Clicking the Activate button turns On Root Folder BulletProof Mode (RBM) by creating a BPS htaccess file in your WordPress root installation folder (same folder as the wp-config.php file). Clicking the Deactivate button turns Off Root Folder BulletProof Mode (RBM) by creating a generic/default WordPress htaccess file in your WordPress root installation folder. Deactivating Root Folder BulletProof Mode (RBM) is used for testing and troubleshooting. Click the BPS Troubleshooting Steps link at the top of this Question Mark help file for BPS troubleshooting steps.', 'bulletproof-security').'<br><br><strong>'.__('Notes:', 'bulletproof-security').'</strong><br><strong>'.__('Viewing, Editing, Modifying, Creating, Saving and Testing htaccess Code/Files', 'bulletproof-security').'</strong><br>'.__('To check, view or edit BPS htaccess files/code manually/directly for testing you can use the htaccess File Editor. Click the htaccess File Editor Question Mark help button for more detailed help information. To save htaccess code permanently use BPS Custom Code. Click the Custom Code Question Mark help button for more detailed help information.', 'bulletproof-security').'<br><br>'.__('BPS has built-in troubleshooting capability - all features/options can be turned Off/On independently for troubleshooting. Deactivating/activating or uninstalling/reinstalling the BPS plugin is not the correct way to troubleshoot issues or problems. See the BPS Troubleshooting Steps link at the top of this Question Mark help file.', 'bulletproof-security').'<br><br>'.__('The BPS Security Log logs all 403 errors and anything that BPS is blocking - hackers, spammers or something legitimate in another plugin or theme. If you think BPS is blocking something legitimate in another plugin or theme click the BPS Pro Troubleshooting Steps link at the top of this Question Mark help file.', 'bulletproof-security').'<br><br>'.__('If you activate BulletProof Mode for your Root folder you should also activate BulletProof Mode for your wp-admin folder. On some Hosts that is required and on other Hosts that is not required for everything to work correctly.', 'bulletproof-security').'<br><br>'.__('The current status of BulletProof Modes is displayed in-page. The BPS Inpage Status Display also shows the current status of RBM and WBM.', 'bulletproof-security').'<br><br><strong>'.__('WordPress Network (Multisite) Sites Info','bulletproof-security').'</strong><br>'.__('BPS will automatically detect whether you have a subdomain or subdirectory Network (Multisite) installation and create the correct htaccess code for your website type. The BPS plugin can be Network Activated or you can allow the BPS plugin to be activated individually on each Network/Multisite subsite or of course you can choose not to Network Activate BPS or allow the BPS plugin on subsites. Super Admins will see BPS Dashboard Alerts and other Status displays on the Primary Site only. Administrators can activate or deactivate BPS on subsites, if you allow this on your Network/Multisite.', 'bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.','bulletproof-security').'</strong>';
|
| 13 |
|
| 14 |
/** wp-admin Folder BulletProof Mode **/
|
| 15 |
+
$bps_wbm_content = '<strong>'.__('Activate|Deactivate wp-admin Folder BulletProof Mode (WBM)', 'bulletproof-security').'</strong><br>'.__('Clicking the Activate button turns On wp-admin Folder BulletProof Mode (WBM) by creating a BPS htaccess file in your WordPress wp-admin folder. Clicking the Deactivate button turns Off wp-admin Folder BulletProof Mode (WBM) by deleting the BPS htaccess file in your WordPress wp-admin folder. Deactivating wp-admin Folder BulletProof Mode (WBM) is used for testing and troubleshooting. Click the BPS Troubleshooting Steps link at the top of this Question Mark help file for BPS troubleshooting steps.', 'bulletproof-security').'<br><br><strong>'.__('Notes: ', 'bulletproof-security').'</strong><br><strong>'.__('Viewing, Editing, Modifying, Creating, Saving and Testing htaccess Code/Files', 'bulletproof-security').'</strong><br>'.__('To check, view or edit BPS htaccess files/code manually/directly for testing you can use the htaccess File Editor. Click the htaccess File Editor Question Mark help button for more detailed help information. To save htaccess code permanently use BPS Custom Code. Click the Custom Code Question Mark help button for more detailed help information.', 'bulletproof-security').'<br><br>'.__('BPS has built-in troubleshooting capability - all features/options can be turned Off/On independently for troubleshooting. Deactivating/activating or uninstalling/reinstalling the BPS plugin is not the correct way to troubleshoot issues or problems. See the BPS Troubleshooting Steps link at the top of this Question Mark help file.', 'bulletproof-security').'<br><br>'.__('The BPS Security Log logs all 403 errors and anything that BPS is blocking - hackers, spammers or something legitimate in another plugin or theme. If you think BPS is blocking something legitimate in another plugin or theme click the BPS Pro Troubleshooting Steps link at the top of this Question Mark help file.', 'bulletproof-security').'<br><br>'.__('If you activate BulletProof Mode for your Root folder you should also activate BulletProof Mode for your wp-admin folder. On some Hosts that is required and on other Hosts that is not required for everything to work correctly.', 'bulletproof-security').'<br><br>'.__('The current status of BulletProof Modes is displayed in-page. The BPS Inpage Status Display also shows the current status of RBM and WBM.', 'bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.', 'bulletproof-security').'</strong>';
|
| 16 |
|
| 17 |
/** Hidden Plugin Folders|Files (HPF) Cron **/
|
| 18 |
$bps_hpf_content = '<strong>'.__('Hidden Plugin Folders|Files (HPF) Cron General Info', 'bulletproof-security').'</strong><br>'.__('A hidden or empty plugin folder is a plugin the exists in your /plugins/ folder, but is not displayed on the WordPress Plugins page. A hidden plugin can be used as a hacker backdoor to gain access to your WP Dashboard, hosting account, create user accounts, completely control your website and hosting account, etc. A non-standard WP file or modified/altered file in your /plugins/ folder can also do all of the things a hidden plugin can do.', 'bulletproof-security').'<br><br>'.__('The HPF Cron is setup automatically by running the Setup Wizard. The HPF Cron checks the WordPress /plugins/ folder for hidden or empty plugin folders and any non-standard WP files or altered files in the /plugins/ folder. This is a lightweight Cron check that uses an insignificant amount of resources/memory. So 4 checks per hour (check every 15 minutes) will not cause any significant resource/memory issues whatsoever. Even choosing Run Check Every 1 Minute would not cause any significant resource/memory issues whatsoever.', 'bulletproof-security').'<br><br><strong>'.__('What to do if a hidden plugin folder or file is detected', 'bulletproof-security').'</strong><br>'.__('If a hidden or empty plugin folder is detected or a non-standard WP file is detected then you would use FTP to check the folder or file. If the folder or file contains hacker code or is a hidden plugin or is a non-standard WP file then make a copy of it and delete it. If the plugin folder is just an empty plugin folder then delete it. If you recognize the folder or file you can use the Ignore Hidden Plugin Folders & Files textarea box option to ignore/not check this folder or file.', 'bulletproof-security').'<br><br><strong>'.__('Dashboard Alerts & Email Alerts:', 'bulletproof-security').'</strong><br>'.__('If a hidden or empty plugin folder is detected or a non-standard WP file is detected then a BPS Dashboard Alert will be displayed and Email Alert will be sent to you. ', 'bulletproof-security').'<strong><font color="blue">'.__('BPS Pro Only:', 'bulletproof-security').'</font></strong>'.__(' The HPF Email Alert setting is in S-Monitor: HPF: Hidden Plugin Folders|Files (HPF) Cron and the option settings are: Send Email Alerts or Do Not Send Email Alerts.', 'bulletproof-security').'<br><br><strong>'.__('HPF Cron Check Frequency:', 'bulletproof-security').'</strong><br>'.__('Available Cron Check Frequency Settings are: 1, 5, 10, 15, 30 or 60 minutes. The default HPF Cron Frequency is: Run Check Every 15 Minutes, which is setup automatically by running the Setup Wizard. Click the Save HPF Cron Options button to save your settings.', 'bulletproof-security').'<br><br><strong>'.__('HPF Cron On|Off:', 'bulletproof-security').'</strong><br>'.__('To turn on the HPF Cron choose HPF Cron On. To turn off the HPF Cron choose HPF Cron Off. Click the Save HPF Cron Options button to save your settings.', 'bulletproof-security').'<br><br><strong>'.__('Ignore Hidden Plugin Folders & Files:', 'bulletproof-security').'</strong><br>'.__('This option is for adding ignore rules for Hidden or Empty Plugin Folders Detected by BPS or Non-standard WP files detected by BPS in your /plugins/ folder. This is an independent option setting that does not require clicking any other buttons. Example Usage: If you intentionally have an empty plugin folder in your /plugins/ folder or you have a custom file in your /plugins/ folder then you can add the plugin folder or custom file name in the Ignore Hidden Plugin Folders & Files textarea box so that the HPF Cron check will ignore any folder or file names that you add. Add Ignore rules using plugin folder names or file names. Use a comma and a space between folder and/or file names. Example Ignore Rules: plugin-folder-name, example-file-name.php', 'bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.','bulletproof-security').'</strong>';
|
| 27 |
$bps_backup_restore_content = __('The Backup and Restore tools can be used to quickly backup and restore the root and wp-admin htaccess files. Example usage: You are testing some code and want to save copies of your working root and wp-admin htaccess files so that you can quickly restore them. It is not necessary to create backups of the root and wp-admin htaccess files. These tools should just be used as stated above.', 'bulletproof-security').'<br><br><strong>'.__('Note:', 'bulletproof-security').'</strong><br>'.__('Typically if invalid/bad htaccess code is added in an htaccess file then most likely your site will crash. The quick and simple solution if your website crashes is to use FTP or your web host control panel file manager and delete the htaccess file that has the invalid/bad htaccess code in it so you can log back into your site and correct or delete the invalid/bad htaccess code. So using Backup & Restore will not work in a scenario where invalid/bad htaccess code has caused your website to crash.','bulletproof-security').'<br><br><strong>'.__('Tip:', 'bulletproof-security').'</strong><br>'.__('A more practical method of temporarily testing new htaccess code is to use the htaccess File Editor. Example: You add your new htaccess code using the htaccess File Editor, save it and activate BulletProof Mode instead of using these Backup & Restore options. Or you can use Custom Code. Example: You add your new htaccess code using BPS Custom Code, save it and activate BulletProof Mode.', 'bulletproof-security').'<br><br><strong>'.__('Reminder:', 'bulletproof-security').'</strong><br>'.__('Any htaccess code that you add using the htaccess File Editor is not saved permanently. To save any new htaccess code permanently use BPS Custom Code.', 'bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.', 'bulletproof-security').'</strong>';
|
| 28 |
|
| 29 |
/** htaccess File Editing **/
|
| 30 |
+
$bps_hfe_content = '<strong>'.__('The File Editor is designed to open all of your htaccess files simultaneously and allow you to copy and paste from one window (file) to another window (file), BUT you can ONLY save your edits for one file at a time. Whichever file you currently have opened (the tab that you are currently viewing) when you click the Update File button is the file that will be updated/saved.', 'bulletproof-security').'</strong><br><br><strong>'.__('Important Notes: ', 'bulletproof-security').'</strong><br>'.__('You can edit all of your htaccess files directly using the htaccess File Editor, but to save your edits permanently for the "Root htaccess File" tab, which is your Root htaccess file and the "wp-admin htaccess File" tab, which is your wp-admin folder htaccess file, use BPS Custom Code to save your editing changes permanently.', 'bulletproof-security').'<br><br><font color="blue"><strong>'.__('default.htaccess File Exception: ', 'bulletproof-security').'</strong></font>'.__('You can create a Custom default.htaccess file that will be saved permanently by editing the default.htaccess file using the htaccess File Editor. Your Custom default.htaccess file will be saved permanently to this folder: /bps-backup/master-backups/default.htaccess. If you have created a Custom default.htaccess file then it will be automatically copied from the /bps-backup/master-backups/ folder during a BPS plugin upgrade and will replace the default BPS default.htaccess Master file.', 'bulletproof-security').'<br><br>'.__('The secure.htaccess (Root htaccess Master htaccess file), default.htaccess (Default WP Master htaccess file) and wpadmin-secure.htaccess (wp-admin folder Master htaccess file) tabs are Master htaccess files that will be replaced when you upgrade BPS. You can edit these files directly, but these files will not be saved permanently, with the exception of the default.htaccess file - See the ', 'bulletproof-security').'<font color="blue"><strong>'.__('default.htaccess File Exception', 'bulletproof-security').'</strong></font>'.__(' help information above.', 'bulletproof-security').'<br><br><strong>'.__('Encryption|Decryption ModSecurity CRS Bypass', 'bulletproof-security').'</strong><br>'.__('ModSecurity CRS is a security feature installed on some web hosts. ModSecurity CRS sees the legitimate htaccess code in the htaccess File Editor as malicious and will prevent you from saving your htaccess code edits. When trying to save your htaccess code you may see an error message or you may be redirected to your website Home page or nothing happens or other various problems. To evade/bypass ModSecurity CRS click the Encrypt htaccess Code button before clicking the Update File button. Your htaccess code is encrypted in the POST Form submission and then decrypted in the Form processing code. That means that your htaccess code is only encrypted temporarily during htaccess File Editor Form submission to bypass/evade ModSecurity CRS detection. The Decrypt htaccess Code feature was added as an additional user friendly convenience feature. It allows you to decrypt your htaccess code in real time if you already clicked the Encrypt htaccess Code button. You can then continue editing your htaccess code and then click the Encrypt htaccess Code button again when you are done editing custom code. Important!!! Do not forget to click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br><strong>'.__('Lock|Unlock .htaccess Files', 'bulletproof-security').'</strong><br>'.__('If your Server API is using CGI then you will see Lock and Unlock buttons to lock your Root htaccess file with 404 Permissions and unlock your root htaccess file with 644 Permissions. If your Server API is using CLI - DSO/Apache/mod_php then you will not see lock and unlock buttons. 644 Permissions are required to write to/edit the root htaccess file. Once you are done editing your root htaccess file use the lock button to lock it with 404 Permissions. 644 Permissions for DSO are considered secure for DSO because of the different way that file security is handled with DSO.', 'bulletproof-security').'<br><br>'.__('If your Root htaccess file is locked and you try to save your editing changes you will see a pop message that your Root htaccess file is locked. You will need to unlock your Root htaccess file before you can save your changes.', 'bulletproof-security').'<br><br><strong>'.__('Turn On AutoLock|Turn Off AutoLock', 'bulletproof-security').'</strong><br>'.__('AutoLock is designed to automatically lock your root .htaccess file to save you an additional step of locking your root .htaccess file when performing certain actions, tasks or functions and AutoLock also automatically locks your root .htaccess during BPS Pro upgrades. This can be a problem for some folks whose Web Hosts do not allow locking the root .htaccess file with 404 file permissions and can cause 403 errors and/or cause a website to crash. For 99.99% of folks leaving AutoLock turned On will work fine. If your Web Host ONLY allows 644 file permissions for your root .htaccess file then click the Turn Off AutoLock button. This turns Off AutoLocking for all BPS actions, tasks, functions and also for BPS Pro upgrades.', 'bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.','bulletproof-security').'</strong>';
|
| 31 |
|
| 32 |
/** Custom Code - Network/Multisite specific **/
|
| 33 |
if ( is_multisite() ) {
|
| 37 |
}
|
| 38 |
|
| 39 |
/** Custom Code **/
|
| 40 |
+
$bps_customcode_content = '<strong>'.__('Export Tool', 'bulletproof-security').'</strong><br>'.__('The Custom Code Export tool exports (copies) all of your Root and wp-admin custom htaccess code into the cc-master.zip file, which you can then download to your computer by clicking the Download Zip Export button displayed in the Custom Code Export success message. You can unzip the cc-master.zip file on your computer to extract the cc-master.txt file for editing - see the Import Tool help info below.', 'bulletproof-security').'<br><br><strong>'.__('Import Tool', 'bulletproof-security').'</strong><br>'.__('The Custom Code Import tool imports all of your Root and wp-admin Custom Code from the cc-master.zip file on your computer into the Custom Code text boxes and saves your imported custom htaccess code to your WordPress Database. You can unzip the cc-master.zip file on your computer to extract the cc-master.txt file for editing to add/change any custom htaccess code in the cc-master.txt file. Do NOT delete any of the BEGIN and END placeholder lines of code in the cc-master.txt file. You can add/edit/change any code in-between the BEGIN and END lines of code. After editing the cc-master.txt file you will need to zip the cc-master.txt file in order to be able to import the cc-master.zip file using the Custom Code Import tool. The zip file MUST be named cc-master.zip in order to be able to Import it to BPS Custom Code. Important Note: Use Notepad, Notepad++ or another ASCII text editor to edit the cc-master.txt file. Do NOT use Word or WordPad to edit the cc-master.txt file.', 'bulletproof-security').'<br><br><strong>'.__('Delete Tool', 'bulletproof-security').'</strong><br>'.__('The Custom Code Delete tool deletes all of your Root and wp-admin Custom Code from all of the Custom Code text boxes and your WordPress Database. The Delete tool can be used for troubleshooting possible invalid/bad custom htaccess code issues/problems or simply just to delete all custom htaccess code in all of the Custom Code text boxes.', 'bulletproof-security').'<br><br><strong>'.__('Custom Code General Help Information', 'bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code into these text areas/text boxes. If you want to add regular text instead of .htaccess code then you will need to add a pound sign # in front of the text to comment it out. If you do not do this then the next time you activate BulletProof Mode for your Root folder or your wp-admin folder your website WILL crash.', 'bulletproof-security').'<br><br>'.__('For Custom Code text boxes the require that you copy the entire section of code that you want to edit and modify you will see this blue help text - ', 'bulletproof-security').'<strong><font color="blue">'.__('"You MUST copy and paste the entire xxxxx section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes."', 'bulletproof-security').'</font></strong><br><br><strong>'.__('If you do not copy the entire section of code into a text box that requires this then the next time activate BulletProof Mode for your Root folder or your wp-admin folder your website WILL crash.', 'bulletproof-security').'</strong><br><br><strong>'.__('If your website crashes after adding custom code: Use FTP or use your web host control panel file manager and delete the root .htaccess file or the wp-admin file or both files if necessary. Log back into your website and correct/fix the invalid/incorrect custom htaccess code that was added in any of the Custom Code text boxes, save your changes, go to the Security Modes page and click the Activate button for the Root or wp-admin Folder BulletProof Mode or both if necessary.', 'bulletproof-security').'</strong><br><br><strong>'.__('Your Custom Code is saved permanently until you delete it and will not be removed or deleted when you upgrade BPS.','bulletproof-security').'</strong><br><br><strong>'.__('Root htaccess File Custom Code Setup Steps', 'bulletproof-security').'</strong><br>'.__('1. Add your custom code in the appropriate Root Custom Code text box.', 'bulletproof-security').'<br>'.__('2. Click the Encrypt Custom Code button - You only need to do this step if you are unable to save your custom code - See the Encryption|Decryption ModSecurity CRS Bypass help section below.', 'bulletproof-security').'<br>'.__('3. Click the Save Root Custom Code button to save your Root custom code.', 'bulletproof-security').'<br>'.__('4. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.', 'bulletproof-security').'<br><br><strong>'.__('Encryption|Decryption ModSecurity CRS Bypass', 'bulletproof-security').'</strong><br>'.__('ModSecurity CRS is a security feature installed on some web hosts. ModSecurity CRS sees the legitimate htaccess code in the Custom Code text boxes as malicious and will prevent you from saving your custom htaccess code. When trying to save your custom code you may see an error message or you may be redirected to your website Home page or nothing happens or other various problems. To evade/bypass ModSecurity CRS click the Encrypt Custom Code button before clicking the Save Custom Code buttons. Your custom htaccess code is encrypted in the POST Form submission and then decrypted in the Form processing code. That means that your custom htaccess code is only encrypted temporarily during Custom Code Form submission to bypass/evade ModSecurity CRS detection. The Decrypt Custom Code feature was added as an additional user friendly convenience feature. It allows you to decrypt your custom code in real time if you already clicked the Encrypt Custom Code button. You can then continue adding or editing your custom code and then click the Encrypt Custom Code button again when you are done adding or editing custom code. Important!!! Do not forget to click the Encrypt Custom Code button before clicking the Save Custom Code buttons.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE:', 'bulletproof-security').'<br>'.__('Add php/php.ini handler code, cache code and/or Speed Boost Cache Code here', 'bulletproof-security').'</strong><br>'.__('ONLY add valid php/php.ini handler htaccess code and/or cache htaccess code or text commented out with a pound sign #.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE:', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire TURN OFF YOUR SERVER SIGNATURE section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION:','bulletproof-security').'</strong><br>'.__('This Custom Code text box is for optional/Bonus code. To get this code see the Forum Help Links at the top of this Question Mark help window. CAUTION! This code has a 95%/5% success/fail ratio meaning that this code will not work on 5% of websites. If you see a 403 error when logging out and logging into your website then you cannot use this code on your website and will need to delete this code to correct the 403 error when logging out and logging into your website.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE ERROR LOGGING AND TRACKING:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire ERROR LOGGING AND TRACKING section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS:', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WP-ADMIN/INCLUDES: DO NOT add wp-admin .htaccess file code here', 'bulletproof-security').'</strong><br>'.__('Add one pound sign # in this text box to prevent the WP-ADMIN/INCLUDES section of code from being created in your root .htaccess file.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WP REWRITE LOOP START: Add www to non-www/non-www to www code here', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire WP REWRITE LOOP START section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE REQUEST METHODS FILTERED: Whitelist User Agents and allow HEAD Requests', 'bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire REQUEST METHODS FILTERED section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. If you see this code: ','bulletproof-security').'RewriteRule ^(.*)$ - [R=405,L]'.__('. To Allow HEAD Requests, comment out these 2 lines of code with # signs: ', 'bulletproof-security').'#RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] and #RewriteRule ^(.*)$ - [R=405,L].'.__(' If you see this code: ','bulletproof-security').'RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]'.__('. To Allow HEAD Requests, comment out these 2 lines of code with # signs: ', 'bulletproof-security').'#RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] and #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L].<br><br><strong>'.__('CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES:','bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code or text commented out with a pound sign #. This text area is for plugin fixes that are specific to your website. BPS already has some plugin skip/bypass rules included in the Root htaccess file by default. Adding additional plugin skip/bypass rules for your plugins on your website goes in this text box. There are 12 default skip rules in the standard BPS root htaccess file already. Skip rules MUST be in descending consecutive number order: 15, 14, 13... If you add one plugin skip/bypass rule in this text box it should be skip rule #13. For each additional plugin skip rule that you add the S= skip number is increased by one. Example: if you add 3 plugin skip rules in this text box they would be Skip rules #15, #14 and #13 - RewriteRule . - [S=15] and RewriteRule . - [S=14] and RewriteRule . - [S=13] in descending consecutive order', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire TIMTHUMB FORBID RFI section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire BPSQSE QUERY STRING EXPLOITS section of code from your root .htaccess file from # BEGIN BPSQSE BPS QUERY STRING EXPLOITS to # END BPSQSE BPS QUERY STRING EXPLOITS into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').$network_cc_help.'<br><br><strong>'.__('CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES:','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire DENY BROWSER ACCESS section of code from your root .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here','bulletproof-security').'</strong><br>'.__('This Custom Code text box is for any/all personal custom code that you have created or want to use that is not standard BPS htaccess code. ONLY add valid htaccess code below or text commented out with a pound sign # You can save any miscellaneous custom htaccess code here as long as it is valid htaccess code or if it is just plain text then you will need to comment it out with a pound sign # in front of the text.', 'bulletproof-security').'<br><br><strong>'.__('wp-admin htaccess File Custom Code Steps','bulletproof-security').'</strong><br>'.__('1. Add your custom code in the appropriate wp-admin Custom Code text box.', 'bulletproof-security').'<br>'.__('2. Click the Save wp-admin Custom Code button to save your wp-admin custom code.', 'bulletproof-security').'<br>'.__('3. Go to the Security Modes page and click the wp-admin Folder BulletProof Mode Activate button.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BPS WPADMIN DENY ACCESS TO FILES:','bulletproof-security').'<br>'.__('Add additional wp-admin files that you would like to block here','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire WPADMIN DENY BROWSER ACCESS TO FILES section of code from your wp-admin .htaccess file into this text box first. You can then edit and modify the code in this text window and save your changes. Add one pound sign # below to prevent the WPADMIN DENY BROWSER ACCESS TO FILES section of code from being created in your wp-admin .htaccess file.', 'bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WPADMIN TOP:','bulletproof-security').'<br>'.__('Add wp-admin password protection, IP whitelist allow access & miscellaneous custom code here','bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code below or text commented out with a pound sign # You can save any miscellaneous custom htaccess code here as long as it is valid htaccess code or if it is just plain text then you will need to comment it out with a pound sign # in front of the text.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES:','bulletproof-security').'<br>'.__('Add wp-admin plugin/file skip rules code here','bulletproof-security').'</strong><br>'.__('ONLY add valid htaccess code below or text commented out with a pound sign #. There is currently one default skip rule [S=1] in the standard BPS wp-admin htaccess file already. Skip rules MUST be in descending consecutive number order: 4, 3, 2... If you add one plugin skip/bypass rule in this text box it will be skip rule #2. For each additional plugin skip rule that you add the S= skip number is increased by one. Example: if you add 3 plugin skip rules in this text box they would be Skip rules #4, #3 and #2 - RewriteRule . - [S=4] and RewriteRule . - [S=3] and RewriteRule . - [S=2] in descending consecutive order.','bulletproof-security').'<br><br><strong>'.__('CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS:','bulletproof-security').'<br>'.__('Modify wp-admin Query String Exploit code here','bulletproof-security').'</strong><br>'.__('You MUST copy and paste the entire BPS QUERY STRING EXPLOITS section of code from your wp-admin .htaccess file from # BEGIN BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS to # END BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS into this text box first. You can then edit and modify the code in this text window and save your changes.','bulletproof-security').'<br><br><strong>'.__('BPS Video Tutorial links can be found in the Help & FAQ pages.','bulletproof-security').'</strong>';
|
| 41 |
|
| 42 |
?>
|
admin/core/core-htaccess-code.php
CHANGED
|
@@ -130,7 +130,7 @@ $bps_secure_phpini_cache = "# PHP/PHP.INI HANDLER/CACHE CODE
|
|
| 130 |
# Most Hosts do not have/use/require php/php.ini Handler htaccess code\n\n";
|
| 131 |
}
|
| 132 |
|
| 133 |
-
if (
|
| 134 |
$bps_server_signature = "# CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE\n" . htmlspecialchars_decode( $BPSCustomCodeOptions['bps_customcode_server_signature'], ENT_QUOTES ) . "\n\n";
|
| 135 |
} else {
|
| 136 |
$bps_server_signature = "# TURN OFF YOUR SERVER SIGNATURE
|
|
@@ -195,7 +195,7 @@ ErrorDocument 405 " . $bps_get_wp_root_secure . $bps_plugin_dir . "/bulletproof-
|
|
| 195 |
ErrorDocument 410 " . $bps_get_wp_root_secure . $bps_plugin_dir . "/bulletproof-security/410.php\n\n";
|
| 196 |
}
|
| 197 |
|
| 198 |
-
if (
|
| 199 |
$bps_secure_dot_server_files = "# CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS\n" . htmlspecialchars_decode( $BPSCustomCodeOptions['bps_customcode_deny_dot_folders'], ENT_QUOTES ) . "\n\n";
|
| 200 |
} else {
|
| 201 |
$bps_secure_dot_server_files = "# DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
|
|
@@ -432,15 +432,15 @@ if ( isset( $_POST['Submit-RBM-Deactivate'] ) && current_user_can('manage_option
|
|
| 432 |
$options = get_option('bulletproof_security_options_autolock');
|
| 433 |
$DefaultHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/default.htaccess';
|
| 434 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 435 |
-
$permsRootHtaccess =
|
| 436 |
$sapi_type = php_sapi_name();
|
| 437 |
|
| 438 |
$custom_default_htaccess = WP_CONTENT_DIR . '/bps-backup/master-backups/default.htaccess';
|
| 439 |
|
| 440 |
if ( file_exists($custom_default_htaccess) ) {
|
| 441 |
|
| 442 |
-
if (
|
| 443 |
-
|
| 444 |
}
|
| 445 |
|
| 446 |
if ( ! copy($custom_default_htaccess, $RootHtaccess) ) {
|
|
@@ -451,12 +451,12 @@ if ( isset( $_POST['Submit-RBM-Deactivate'] ) && current_user_can('manage_option
|
|
| 451 |
|
| 452 |
} else {
|
| 453 |
|
| 454 |
-
if (
|
| 455 |
-
|
| 456 |
}
|
| 457 |
|
| 458 |
echo $bps_topDiv;
|
| 459 |
-
$text = '<font color="green"><strong>'.__('Root Folder BulletProof Mode deactivated successfully. Your Custom default.htaccess is
|
| 460 |
echo $text;
|
| 461 |
echo $bps_bottomDiv;
|
| 462 |
}
|
|
@@ -474,8 +474,8 @@ if ( isset( $_POST['Submit-RBM-Deactivate'] ) && current_user_can('manage_option
|
|
| 474 |
echo $bps_bottomDiv;
|
| 475 |
}
|
| 476 |
|
| 477 |
-
if (
|
| 478 |
-
|
| 479 |
}
|
| 480 |
|
| 481 |
if ( ! copy($DefaultHtaccess, $RootHtaccess) ) {
|
|
@@ -486,8 +486,8 @@ if ( isset( $_POST['Submit-RBM-Deactivate'] ) && current_user_can('manage_option
|
|
| 486 |
|
| 487 |
} else {
|
| 488 |
|
| 489 |
-
if (
|
| 490 |
-
|
| 491 |
}
|
| 492 |
|
| 493 |
echo $bps_topDiv;
|
|
@@ -527,11 +527,11 @@ if ( isset( $_POST['Submit-RBM-Activate'] ) && current_user_can('manage_options'
|
|
| 527 |
$options = get_option('bulletproof_security_options_autolock');
|
| 528 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 529 |
$SecureHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/secure.htaccess';
|
| 530 |
-
$permsRootHtaccess =
|
| 531 |
$sapi_type = php_sapi_name();
|
| 532 |
|
| 533 |
-
if (
|
| 534 |
-
|
| 535 |
}
|
| 536 |
|
| 537 |
if ( ! copy($SecureHtaccess, $RootHtaccess) ) {
|
|
@@ -542,8 +542,8 @@ if ( isset( $_POST['Submit-RBM-Activate'] ) && current_user_can('manage_options'
|
|
| 542 |
|
| 543 |
} else {
|
| 544 |
|
| 545 |
-
if (
|
| 546 |
-
|
| 547 |
}
|
| 548 |
|
| 549 |
echo $bps_topDiv;
|
|
@@ -585,15 +585,15 @@ if ( isset( $_POST['Submit-RBM-Deactivate-Network'] ) && current_user_can('manag
|
|
| 585 |
$options = get_option('bulletproof_security_options_autolock');
|
| 586 |
$DefaultHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/default.htaccess';
|
| 587 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 588 |
-
$permsRootHtaccess =
|
| 589 |
$sapi_type = php_sapi_name();
|
| 590 |
|
| 591 |
$custom_default_htaccess = WP_CONTENT_DIR . '/bps-backup/master-backups/default.htaccess';
|
| 592 |
|
| 593 |
if ( file_exists($custom_default_htaccess) ) {
|
| 594 |
|
| 595 |
-
if (
|
| 596 |
-
|
| 597 |
}
|
| 598 |
|
| 599 |
if ( ! copy($custom_default_htaccess, $RootHtaccess) ) {
|
|
@@ -604,12 +604,12 @@ if ( isset( $_POST['Submit-RBM-Deactivate-Network'] ) && current_user_can('manag
|
|
| 604 |
|
| 605 |
} else {
|
| 606 |
|
| 607 |
-
if (
|
| 608 |
-
|
| 609 |
}
|
| 610 |
|
| 611 |
echo $bps_topDiv;
|
| 612 |
-
$text = '<font color="green"><strong>'.__('Root Folder BulletProof Mode deactivated successfully. Your Custom default.htaccess is
|
| 613 |
echo $text;
|
| 614 |
echo $bps_bottomDiv;
|
| 615 |
}
|
|
@@ -627,8 +627,8 @@ if ( isset( $_POST['Submit-RBM-Deactivate-Network'] ) && current_user_can('manag
|
|
| 627 |
echo $bps_bottomDiv;
|
| 628 |
}
|
| 629 |
|
| 630 |
-
if (
|
| 631 |
-
|
| 632 |
}
|
| 633 |
|
| 634 |
if ( ! copy($DefaultHtaccess, $RootHtaccess) ) {
|
|
@@ -639,8 +639,8 @@ if ( isset( $_POST['Submit-RBM-Deactivate-Network'] ) && current_user_can('manag
|
|
| 639 |
|
| 640 |
} else {
|
| 641 |
|
| 642 |
-
if (
|
| 643 |
-
|
| 644 |
}
|
| 645 |
|
| 646 |
echo $bps_topDiv;
|
|
@@ -680,11 +680,11 @@ if ( isset( $_POST['Submit-RBM-Activate-Network'] ) && current_user_can('manage_
|
|
| 680 |
$options = get_option('bulletproof_security_options_autolock');
|
| 681 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 682 |
$SecureHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/secure.htaccess';
|
| 683 |
-
$permsRootHtaccess =
|
| 684 |
$sapi_type = php_sapi_name();
|
| 685 |
|
| 686 |
-
if (
|
| 687 |
-
|
| 688 |
}
|
| 689 |
|
| 690 |
if ( ! copy($SecureHtaccess, $RootHtaccess) ) {
|
|
@@ -695,8 +695,8 @@ if ( isset( $_POST['Submit-RBM-Activate-Network'] ) && current_user_can('manage_
|
|
| 695 |
|
| 696 |
} else {
|
| 697 |
|
| 698 |
-
if (
|
| 699 |
-
|
| 700 |
}
|
| 701 |
|
| 702 |
echo $bps_topDiv;
|
| 130 |
# Most Hosts do not have/use/require php/php.ini Handler htaccess code\n\n";
|
| 131 |
}
|
| 132 |
|
| 133 |
+
if ( $BPSCustomCodeOptions['bps_customcode_server_signature'] != '' ) {
|
| 134 |
$bps_server_signature = "# CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE\n" . htmlspecialchars_decode( $BPSCustomCodeOptions['bps_customcode_server_signature'], ENT_QUOTES ) . "\n\n";
|
| 135 |
} else {
|
| 136 |
$bps_server_signature = "# TURN OFF YOUR SERVER SIGNATURE
|
| 195 |
ErrorDocument 410 " . $bps_get_wp_root_secure . $bps_plugin_dir . "/bulletproof-security/410.php\n\n";
|
| 196 |
}
|
| 197 |
|
| 198 |
+
if ( $BPSCustomCodeOptions['bps_customcode_deny_dot_folders'] != '' ) {
|
| 199 |
$bps_secure_dot_server_files = "# CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS\n" . htmlspecialchars_decode( $BPSCustomCodeOptions['bps_customcode_deny_dot_folders'], ENT_QUOTES ) . "\n\n";
|
| 200 |
} else {
|
| 201 |
$bps_secure_dot_server_files = "# DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
|
| 432 |
$options = get_option('bulletproof_security_options_autolock');
|
| 433 |
$DefaultHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/default.htaccess';
|
| 434 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 435 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($RootHtaccess)), -4);
|
| 436 |
$sapi_type = php_sapi_name();
|
| 437 |
|
| 438 |
$custom_default_htaccess = WP_CONTENT_DIR . '/bps-backup/master-backups/default.htaccess';
|
| 439 |
|
| 440 |
if ( file_exists($custom_default_htaccess) ) {
|
| 441 |
|
| 442 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 443 |
+
chmod($RootHtaccess, 0644);
|
| 444 |
}
|
| 445 |
|
| 446 |
if ( ! copy($custom_default_htaccess, $RootHtaccess) ) {
|
| 451 |
|
| 452 |
} else {
|
| 453 |
|
| 454 |
+
if ( $permsRootHtaccess == '0644' && substr($sapi_type, 0, 6) != 'apache' && $options['bps_root_htaccess_autolock'] != 'Off' || $options['bps_root_htaccess_autolock'] == 'On' ) {
|
| 455 |
+
chmod($RootHtaccess, 0404);
|
| 456 |
}
|
| 457 |
|
| 458 |
echo $bps_topDiv;
|
| 459 |
+
$text = '<font color="green"><strong>'.__('Root Folder BulletProof Mode deactivated successfully. Your Custom default.htaccess is now in use.', 'bulletproof-security').'</strong></font>';
|
| 460 |
echo $text;
|
| 461 |
echo $bps_bottomDiv;
|
| 462 |
}
|
| 474 |
echo $bps_bottomDiv;
|
| 475 |
}
|
| 476 |
|
| 477 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 478 |
+
chmod($RootHtaccess, 0644);
|
| 479 |
}
|
| 480 |
|
| 481 |
if ( ! copy($DefaultHtaccess, $RootHtaccess) ) {
|
| 486 |
|
| 487 |
} else {
|
| 488 |
|
| 489 |
+
if ( $permsRootHtaccess == '0644' && substr($sapi_type, 0, 6) != 'apache' && $options['bps_root_htaccess_autolock'] != 'Off' || $options['bps_root_htaccess_autolock'] == 'On' ) {
|
| 490 |
+
chmod($RootHtaccess, 0404);
|
| 491 |
}
|
| 492 |
|
| 493 |
echo $bps_topDiv;
|
| 527 |
$options = get_option('bulletproof_security_options_autolock');
|
| 528 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 529 |
$SecureHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/secure.htaccess';
|
| 530 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($RootHtaccess)), -4);
|
| 531 |
$sapi_type = php_sapi_name();
|
| 532 |
|
| 533 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 534 |
+
chmod($RootHtaccess, 0644);
|
| 535 |
}
|
| 536 |
|
| 537 |
if ( ! copy($SecureHtaccess, $RootHtaccess) ) {
|
| 542 |
|
| 543 |
} else {
|
| 544 |
|
| 545 |
+
if ( $permsRootHtaccess == '0644' && substr($sapi_type, 0, 6) != 'apache' && $options['bps_root_htaccess_autolock'] != 'Off' || $options['bps_root_htaccess_autolock'] == 'On' ) {
|
| 546 |
+
chmod($RootHtaccess, 0404);
|
| 547 |
}
|
| 548 |
|
| 549 |
echo $bps_topDiv;
|
| 585 |
$options = get_option('bulletproof_security_options_autolock');
|
| 586 |
$DefaultHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/default.htaccess';
|
| 587 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 588 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($RootHtaccess)), -4);
|
| 589 |
$sapi_type = php_sapi_name();
|
| 590 |
|
| 591 |
$custom_default_htaccess = WP_CONTENT_DIR . '/bps-backup/master-backups/default.htaccess';
|
| 592 |
|
| 593 |
if ( file_exists($custom_default_htaccess) ) {
|
| 594 |
|
| 595 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 596 |
+
chmod($RootHtaccess, 0644);
|
| 597 |
}
|
| 598 |
|
| 599 |
if ( ! copy($custom_default_htaccess, $RootHtaccess) ) {
|
| 604 |
|
| 605 |
} else {
|
| 606 |
|
| 607 |
+
if ( $permsRootHtaccess == '0644' && substr($sapi_type, 0, 6) != 'apache' && $options['bps_root_htaccess_autolock'] != 'Off' || $options['bps_root_htaccess_autolock'] == 'On' ) {
|
| 608 |
+
chmod($RootHtaccess, 0404);
|
| 609 |
}
|
| 610 |
|
| 611 |
echo $bps_topDiv;
|
| 612 |
+
$text = '<font color="green"><strong>'.__('Root Folder BulletProof Mode deactivated successfully. Your Custom default.htaccess is now in use.', 'bulletproof-security').'</strong></font>';
|
| 613 |
echo $text;
|
| 614 |
echo $bps_bottomDiv;
|
| 615 |
}
|
| 627 |
echo $bps_bottomDiv;
|
| 628 |
}
|
| 629 |
|
| 630 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 631 |
+
chmod($RootHtaccess, 0644);
|
| 632 |
}
|
| 633 |
|
| 634 |
if ( ! copy($DefaultHtaccess, $RootHtaccess) ) {
|
| 639 |
|
| 640 |
} else {
|
| 641 |
|
| 642 |
+
if ( $permsRootHtaccess == '0644' && substr($sapi_type, 0, 6) != 'apache' && $options['bps_root_htaccess_autolock'] != 'Off' || $options['bps_root_htaccess_autolock'] == 'On' ) {
|
| 643 |
+
chmod($RootHtaccess, 0404);
|
| 644 |
}
|
| 645 |
|
| 646 |
echo $bps_topDiv;
|
| 680 |
$options = get_option('bulletproof_security_options_autolock');
|
| 681 |
$RootHtaccess = ABSPATH . '.htaccess';
|
| 682 |
$SecureHtaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/secure.htaccess';
|
| 683 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($RootHtaccess)), -4);
|
| 684 |
$sapi_type = php_sapi_name();
|
| 685 |
|
| 686 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 687 |
+
chmod($RootHtaccess, 0644);
|
| 688 |
}
|
| 689 |
|
| 690 |
if ( ! copy($SecureHtaccess, $RootHtaccess) ) {
|
| 695 |
|
| 696 |
} else {
|
| 697 |
|
| 698 |
+
if ( $permsRootHtaccess == '0644' && substr($sapi_type, 0, 6) != 'apache' && $options['bps_root_htaccess_autolock'] != 'Off' || $options['bps_root_htaccess_autolock'] == 'On' ) {
|
| 699 |
+
chmod($RootHtaccess, 0404);
|
| 700 |
}
|
| 701 |
|
| 702 |
echo $bps_topDiv;
|
admin/core/core.php
CHANGED
|
@@ -19,7 +19,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 19 |
#wpwrap{min-height:100.1%};
|
| 20 |
</style>
|
| 21 |
|
| 22 |
-
<div id="bps-container" class="wrap"
|
| 23 |
|
| 24 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 25 |
|
|
@@ -28,7 +28,7 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 28 |
|
| 29 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 30 |
|
| 31 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) &&
|
| 32 |
|
| 33 |
bpsPro_Browser_UA_scroll_animation();
|
| 34 |
}
|
|
@@ -36,12 +36,6 @@ if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scr
|
|
| 36 |
?>
|
| 37 |
|
| 38 |
<?php
|
| 39 |
-
echo '<div class="bps-star-container">';
|
| 40 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 41 |
-
echo '<div class="bps-downloaded">';
|
| 42 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 43 |
-
echo '</div>';
|
| 44 |
-
echo '</div>';
|
| 45 |
|
| 46 |
// Get Real IP address - USE EXTREME CAUTION!!!
|
| 47 |
function bpsPro_get_real_ip_address_cc() {
|
|
@@ -148,7 +142,7 @@ bpsPro_Core_CC_deny_all();
|
|
| 148 |
|
| 149 |
?>
|
| 150 |
|
| 151 |
-
<h2 class="bps-tab-title"><?php _e('
|
| 152 |
|
| 153 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 154 |
|
|
@@ -176,22 +170,22 @@ $bps_bottomDiv = '</p></div>';
|
|
| 176 |
|
| 177 |
// General all purpose "Settings Saved." message for forms
|
| 178 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 179 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 180 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 181 |
echo $text;
|
| 182 |
}
|
| 183 |
}
|
| 184 |
|
| 185 |
-
require_once
|
| 186 |
|
| 187 |
// WBM, HPF, MBM, BBM: activate and deactivate and all other form code
|
| 188 |
-
if ( isset( $_POST['Submit-WBM-Activate'] ) || isset( $_POST['Submit-WBM-Deactivate'] ) || isset( $_POST['Submit-Hidden-Plugins'] ) || isset( $_POST['Hidden-Plugins-Ignore-Submit'] ) || isset( $_POST['Submit-MBM-Activate'] ) || isset( $_POST['Submit-MBM-Deactivate'] ) || isset( $_POST['Submit-BBM-Activate'] ) || isset( $_POST['Submit-BBM-Deactivate'] ) || isset( $_POST['Submit-Backup-htaccess-Files'] ) || isset( $_POST['Submit-Restore-htaccess-Files'] )
|
| 189 |
-
require_once
|
| 190 |
}
|
| 191 |
|
| 192 |
// RBM: activate and deactivate form code
|
| 193 |
if ( isset( $_POST['Submit-RBM-Activate'] ) || isset( $_POST['Submit-RBM-Deactivate'] ) || isset( $_POST['Submit-RBM-Activate-Network'] ) || isset( $_POST['Submit-RBM-Deactivate-Network'] ) ) {
|
| 194 |
-
require_once
|
| 195 |
}
|
| 196 |
|
| 197 |
?>
|
|
@@ -215,24 +209,25 @@ require_once( WP_PLUGIN_DIR . '/bulletproof-security/admin/core/core-htaccess-co
|
|
| 215 |
|
| 216 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 217 |
<tr>
|
| 218 |
-
<td class="bps-table_title">
|
| 219 |
-
<?php $text = '<h2>'.__('htaccess File Security Modes ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('RBM, WBM, HPF, MBM & BBM BulletProof Modes', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 220 |
-
</td>
|
| 221 |
</tr>
|
| 222 |
<tr>
|
| 223 |
<td class="bps-table_cell_help">
|
| 224 |
|
| 225 |
<?php if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletproof-security'); } else { ?>
|
| 226 |
|
| 227 |
-
<
|
| 228 |
-
|
| 229 |
-
<h3><?php _e('Root Folder BulletProof Mode (RBM)', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button"><?php _e('Read Me', 'bulletproof-security'); ?></button></h3>
|
| 230 |
|
| 231 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Root Folder BulletProof Mode (RBM)', 'bulletproof-security'); ?>">
|
| 232 |
<p>
|
| 233 |
<?php
|
| 234 |
-
$text = '<strong>'.__('This
|
| 235 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 236 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 237 |
echo $text;
|
| 238 |
?>
|
|
@@ -253,7 +248,7 @@ global $bps_version;
|
|
| 253 |
$filename = ABSPATH . '.htaccess';
|
| 254 |
|
| 255 |
if ( file_exists($filename) ) {
|
| 256 |
-
$check_string =
|
| 257 |
}
|
| 258 |
|
| 259 |
if ( isset ( $_POST['Submit-RBM-Activate'] ) ) {
|
|
@@ -306,7 +301,7 @@ global $bps_version;
|
|
| 306 |
|
| 307 |
<div id="RBM-Status"><?php bpsPro_rbm_status(); ?></div>
|
| 308 |
|
| 309 |
-
<div id="root-bulletproof-mode" style="
|
| 310 |
|
| 311 |
<?php if ( ! is_multisite() ) { ?>
|
| 312 |
|
|
@@ -348,13 +343,18 @@ global $bps_version;
|
|
| 348 |
|
| 349 |
</div>
|
| 350 |
|
| 351 |
-
<h3><?php _e('wp-admin Folder BulletProof Mode (WBM)', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button"
|
|
|
|
| 352 |
|
| 353 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('Root Folder BulletProof Mode (RBM)', 'bulletproof-security'); ?>">
|
| 354 |
<p>
|
| 355 |
<?php
|
| 356 |
-
$text = '<strong>'.__('This
|
| 357 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 358 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 359 |
echo $text;
|
| 360 |
?>
|
|
@@ -380,7 +380,7 @@ global $bps_version;
|
|
| 380 |
$filename = ABSPATH . 'wp-admin/.htaccess';
|
| 381 |
|
| 382 |
if ( file_exists($filename) ) {
|
| 383 |
-
$check_string =
|
| 384 |
}
|
| 385 |
|
| 386 |
if ( isset ( $_POST['Submit-WBM-Activate'] ) ) {
|
|
@@ -427,7 +427,7 @@ global $bps_version;
|
|
| 427 |
|
| 428 |
<div id="WBM-Status"><?php bpsPro_wbm_status(); ?></div>
|
| 429 |
|
| 430 |
-
<div id="wpadmin-bulletproof-mode" style="
|
| 431 |
|
| 432 |
<form name="WBM-Activate" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 433 |
<?php wp_nonce_field('bulletproof_security_wbm_activate'); ?>
|
|
@@ -449,13 +449,18 @@ global $bps_version;
|
|
| 449 |
|
| 450 |
<div id="UAEG-Menu-Link"></div>
|
| 451 |
|
| 452 |
-
<h3><?php _e('Hidden Plugin Folders|Files Cron (HPF)', 'bulletproof-security'); ?> <button id="bps-open-modal5" class="button bps-modal-button"
|
|
|
|
| 453 |
|
| 454 |
<div id="bps-modal-content5" class="bps-dialog-hide" title="<?php _e('Hidden Plugin Folders|Files Cron (HPF)', 'bulletproof-security'); ?>">
|
| 455 |
<p>
|
| 456 |
<?php
|
| 457 |
-
$text = '<strong>'.__('This
|
| 458 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 459 |
echo $bps_general_help_info;
|
| 460 |
echo $bps_hpf_content;
|
| 461 |
?>
|
|
@@ -494,10 +499,10 @@ function bpsPro_hpf_status() {
|
|
| 494 |
|
| 495 |
if ( $_POST['Submit-Hidden-Plugins'] == true || $_POST['Hidden-Plugins-Ignore-Submit'] == true ) {
|
| 496 |
|
| 497 |
-
if ( $hpf_options['bps_hidden_plugins_cron'] == 'On' ) {
|
| 498 |
$text = '<h3><strong>'.__('HPF Status: ', 'bulletproof-security').'<span class="core-status-activated">'.__('HPF Cron On', 'bulletproof-security').'</span></strong></h3>';
|
| 499 |
echo $text;
|
| 500 |
-
} elseif ( $hpf_options['bps_hidden_plugins_cron'] == 'Off' ) {
|
| 501 |
$text = '<h3><strong>'.__('HPF Status: ', 'bulletproof-security').'<span class="core-status-deactivated">'.__('HPF Cron Off', 'bulletproof-security').'</span></strong></h3>';
|
| 502 |
echo $text;
|
| 503 |
}
|
|
@@ -507,7 +512,7 @@ function bpsPro_hpf_status() {
|
|
| 507 |
|
| 508 |
<div id="HPF-Status"><?php bpsPro_hpf_status(); ?></div>
|
| 509 |
|
| 510 |
-
<div id="HPF1"
|
| 511 |
<div id="HPF2" style="position:relative;top:10px;left:0px;float:left;margin:0px 15px 0px 0px;">
|
| 512 |
|
| 513 |
<?php
|
|
@@ -517,7 +522,7 @@ function bpsPro_hpf_status() {
|
|
| 517 |
|
| 518 |
$hpf_options = get_option('bulletproof_security_options_hpf_cron');
|
| 519 |
$bps_hidden_plugins_cron_frequency = ! isset($hpf_options['bps_hidden_plugins_cron_frequency']) ? '' : $hpf_options['bps_hidden_plugins_cron_frequency'];
|
| 520 |
-
$bps_hidden_plugins_cron = ! isset($hpf_options['bps_hidden_plugins_cron']) ? '' : $hpf_options['bps_hidden_plugins_cron'];
|
| 521 |
|
| 522 |
echo '<label for="bps-hpf">'.__('HPF Cron Check Frequency:', 'bulletproof-security').'</label><br>';
|
| 523 |
echo '<select name="hpf_cron_frequency" class="form-340">';
|
|
@@ -536,24 +541,26 @@ function bpsPro_hpf_status() {
|
|
| 536 |
echo '<option value="Off"'. selected('Off', $bps_hidden_plugins_cron).'>'.__('HPF Cron Off', 'bulletproof-security').'</option>';
|
| 537 |
echo '</select>';
|
| 538 |
|
| 539 |
-
echo "<p><input type=\"submit\" name=\"Submit-Hidden-Plugins\" value=\"".__('Save HPF Cron Options', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"return confirm('".__('The default Cron Frequency is: Run Check Every 15 Minutes. This is a lightweight check that uses an insignificant amount of resources/memory so 4 checks per hour will not cause any performance issues whatsoever.\n\n-------------------------------------------------------------\n\nEven choosing Run Check Every 1 Minute would not cause any significant performance issues whatsoever.\n\n-------------------------------------------------------------\n\nClick OK to proceed or click Cancel', 'bulletproof-security')."')\" /></p></form>";
|
| 540 |
|
| 541 |
$scrolltoHiddenPlugins = isset($_REQUEST['scrolltoHiddenPlugins']) ? (int) $_REQUEST['scrolltoHiddenPlugins'] : 0;
|
|
|
|
|
|
|
| 542 |
?>
|
| 543 |
|
| 544 |
</div>
|
| 545 |
|
| 546 |
-
<div id="HPF3" style="position:relative;
|
| 547 |
|
| 548 |
<form name="Hidden-Plugins" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 549 |
<?php wp_nonce_field('bulletproof_security_hpf_cron_ignore'); ?>
|
| 550 |
<?php $hpfi_options = get_option('bulletproof_security_options_hidden_plugins');
|
| 551 |
-
$bps_hidden_plugins_check = ! isset($hpfi_options['bps_hidden_plugins_check']) ? '' : esc_html( trim( $hpfi_options['bps_hidden_plugins_check'], ", \t\n\r") );
|
| 552 |
?>
|
| 553 |
|
| 554 |
<div id="HPF4" style="position:relative;top:0px;left:0px;margin:10px 0px 10px 0px;">
|
| 555 |
-
<strong><label><?php _e('Ignore Hidden Plugin Folders & Files:', 'bulletproof-security'); ?></label></strong
|
| 556 |
-
|
| 557 |
<textarea class="PFW-Allow-From-Text-Area" name="bps_hidden_plugins_check" style="margin-top:5px;" tabindex="1"><?php echo $bps_hidden_plugins_check; ?></textarea>
|
| 558 |
<input type="hidden" name="scrolltoHiddenPlugins" id="scrolltoHiddenPlugins" value="<?php echo esc_html( $scrolltoHiddenPlugins ); ?>" />
|
| 559 |
</div>
|
|
@@ -577,13 +584,18 @@ jQuery(document).ready(function($){
|
|
| 577 |
|
| 578 |
<div id="MC1" style="position:relative;top:0px;left:0px;float:left;margin:0px 0px 0px 0px;width:100%;border-top:1px solid #999999;">
|
| 579 |
|
| 580 |
-
<h3><?php _e('Master htaccess Folder BulletProof Mode (MBM)', 'bulletproof-security'); ?> <button id="bps-open-modal6" class="button bps-modal-button"
|
|
|
|
| 581 |
|
| 582 |
<div id="bps-modal-content6" class="bps-dialog-hide" title="<?php _e('MBM BulletProof Modes', 'bulletproof-security'); ?>">
|
| 583 |
<p>
|
| 584 |
<?php
|
| 585 |
-
$text = '<strong>'.__('This
|
| 586 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 587 |
echo $bps_general_help_info;
|
| 588 |
echo $bps_mbm_content;
|
| 589 |
?>
|
|
@@ -642,7 +654,7 @@ function bpsPro_mbm_status() {
|
|
| 642 |
|
| 643 |
<div id="MBM-Status"><?php bpsPro_mbm_status(); ?></div>
|
| 644 |
|
| 645 |
-
<div id="mbm-bulletproof-mode" style="
|
| 646 |
|
| 647 |
<form name="MBM-Activate" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 648 |
<?php wp_nonce_field('bulletproof_security_mbm_activate'); ?>
|
|
@@ -665,13 +677,18 @@ function bpsPro_mbm_status() {
|
|
| 665 |
|
| 666 |
<div id="MC2" style="position:relative;top:0px;left:0px;float:left;margin:0px 0px 0px 0px;width:100%;border-top:1px solid #999999;">
|
| 667 |
|
| 668 |
-
<h3><?php _e('BPS Backup Folder BulletProof Mode (BBM)', 'bulletproof-security'); ?> <button id="bps-open-modal7" class="button bps-modal-button"
|
|
|
|
| 669 |
|
| 670 |
<div id="bps-modal-content7" class="bps-dialog-hide" title="<?php _e('BBM BulletProof Modes', 'bulletproof-security'); ?>">
|
| 671 |
<p>
|
| 672 |
<?php
|
| 673 |
-
$text = '<strong>'.__('This
|
| 674 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 675 |
echo $bps_general_help_info;
|
| 676 |
echo $bps_bbm_content;
|
| 677 |
?>
|
|
@@ -730,7 +747,7 @@ function bpsPro_bbm_status() {
|
|
| 730 |
|
| 731 |
<div id="BBM-Status"><?php bpsPro_bbm_status(); ?></div>
|
| 732 |
|
| 733 |
-
<div id="bbm-bulletproof-mode" style="
|
| 734 |
|
| 735 |
<form name="BBM-Activate" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 736 |
<?php wp_nonce_field('bulletproof_security_bbm_activate'); ?>
|
|
@@ -753,19 +770,24 @@ function bpsPro_bbm_status() {
|
|
| 753 |
|
| 754 |
<div id="MC3" style="position:relative;top:0px;left:0px;float:left;margin:0px 0px 0px 0px;width:100%;border-top:1px solid #999999;">
|
| 755 |
|
| 756 |
-
<h3><?php _e('Backup & Restore BPS htaccess Files', 'bulletproof-security'); ?> <button id="bps-open-modal8" class="button bps-modal-button"
|
|
|
|
| 757 |
|
| 758 |
<div id="bps-modal-content8" class="bps-dialog-hide" title="<?php _e('Backup & Restore BPS htaccess Files', 'bulletproof-security'); ?>">
|
| 759 |
<p>
|
| 760 |
<?php
|
| 761 |
-
$text = '<strong>'.__('This
|
| 762 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 763 |
echo $bps_backup_restore_content;
|
| 764 |
?>
|
| 765 |
</p>
|
| 766 |
</div>
|
| 767 |
|
| 768 |
-
<div id="backup-restore-mode"
|
| 769 |
|
| 770 |
<form name="Backup-htaccess-Files" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 771 |
<?php wp_nonce_field('bulletproof_security_backup_active_htaccess_files'); ?>
|
|
@@ -797,17 +819,26 @@ function bpsPro_bbm_status() {
|
|
| 797 |
|
| 798 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 799 |
<tr>
|
| 800 |
-
<td class="bps-table_title">
|
| 801 |
-
<?php $text = '<h2>'.__('htaccess File Editor ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Check or edit BPS htaccess files/code manually/directly for testing. Use BPS Custom Code to save htaccess code permanently', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 802 |
-
</td>
|
| 803 |
</tr>
|
| 804 |
<tr>
|
| 805 |
<td class="bps-table_cell">
|
| 806 |
|
| 807 |
-
<h3 style="margin:0px 0px 5px 5px;"><?php _e('htaccess File Editing', 'bulletproof-security'); ?> <button id="bps-open-modal9" class="button bps-modal-button"
|
|
|
|
| 808 |
|
| 809 |
<div id="bps-modal-content9" class="bps-dialog-hide" title="<?php _e('htaccess File Editing', 'bulletproof-security'); ?>">
|
| 810 |
-
<p
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 811 |
</div>
|
| 812 |
|
| 813 |
<?php if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletproof-security'); } else { ?>
|
|
@@ -1144,7 +1175,7 @@ function bpsPro_root_htaccess_write_check() {
|
|
| 1144 |
|
| 1145 |
if ( is_writable($root_htaccess_file) ) {
|
| 1146 |
|
| 1147 |
-
$text = '<font color="green" style="font-size:12px;"><strong>'.__('File Open and Write test successful! Your
|
| 1148 |
echo $text;
|
| 1149 |
|
| 1150 |
} else {
|
|
@@ -1199,7 +1230,7 @@ bpsPro_root_htaccess_write_check();
|
|
| 1199 |
}
|
| 1200 |
|
| 1201 |
echo $bps_topDiv;
|
| 1202 |
-
$text = '<font color="green"><strong>'.__('Your
|
| 1203 |
echo $text;
|
| 1204 |
echo $bps_bottomDiv;
|
| 1205 |
|
|
@@ -1242,7 +1273,7 @@ function bpsPro_wpadmin_htaccess_write_check() {
|
|
| 1242 |
|
| 1243 |
if ( is_writable($current_wpadmin_htaccess_file) ) {
|
| 1244 |
|
| 1245 |
-
$text = '<font color="green" style="font-size:12px;"><strong>'.__('File Open and Write test successful! Your
|
| 1246 |
echo $text;
|
| 1247 |
|
| 1248 |
} else {
|
|
@@ -1298,7 +1329,7 @@ bpsPro_wpadmin_htaccess_write_check();
|
|
| 1298 |
}
|
| 1299 |
|
| 1300 |
echo $bps_topDiv;
|
| 1301 |
-
$text = '<font color="green"><strong>'.__('Your
|
| 1302 |
echo $text;
|
| 1303 |
echo $bps_bottomDiv;
|
| 1304 |
|
|
@@ -1313,7 +1344,7 @@ if ( isset( $_POST['submit-ProFlockLock'] ) && current_user_can('manage_options'
|
|
| 1313 |
$bpsRootHtaccessOL = ABSPATH . '.htaccess';
|
| 1314 |
|
| 1315 |
if ( file_exists($bpsRootHtaccessOL) ) {
|
| 1316 |
-
|
| 1317 |
echo $bps_topDiv;
|
| 1318 |
$text = '<font color="green"><strong><br>'.__('Your Root htaccess file has been Locked.', 'bulletproof-security').'</strong></font><br>';
|
| 1319 |
echo $text;
|
|
@@ -1332,7 +1363,7 @@ if ( isset( $_POST['submit-ProFlockUnLock'] ) && current_user_can('manage_option
|
|
| 1332 |
$bpsRootHtaccessOL = ABSPATH . '.htaccess';
|
| 1333 |
|
| 1334 |
if ( file_exists($bpsRootHtaccessOL) ) {
|
| 1335 |
-
|
| 1336 |
echo $bps_topDiv;
|
| 1337 |
$text = '<font color="green"><strong><br>'.__('Your Root htaccess file has been Unlocked.', 'bulletproof-security').'</strong></font><br>';
|
| 1338 |
echo $text;
|
|
@@ -1356,7 +1387,7 @@ if ( isset( $_POST['submit-ProFlockUnLock'] ) && current_user_can('manage_option
|
|
| 1356 |
|
| 1357 |
<?php // Detect the SAPI - display form submit button only if sapi is cgi
|
| 1358 |
$sapi_type = php_sapi_name();
|
| 1359 |
-
if (
|
| 1360 |
?>
|
| 1361 |
|
| 1362 |
<div id="bpsLockHtaccess">
|
|
@@ -1411,8 +1442,8 @@ if ( isset( $_POST['submit-ProFlockUnLock'] ) && current_user_can('manage_option
|
|
| 1411 |
<li><a href="#bps-edittabs-1"><?php _e('secure.htaccess', 'bulletproof-security'); ?></a></li>
|
| 1412 |
<li><a href="#bps-edittabs-2"><?php _e('default.htaccess', 'bulletproof-security'); ?></a></li>
|
| 1413 |
<li><a href="#bps-edittabs-4"><?php _e('wpadmin-secure.htaccess', 'bulletproof-security'); ?></a></li>
|
| 1414 |
-
<li><a href="#bps-edittabs-5"><?php _e('
|
| 1415 |
-
<li><a href="#bps-edittabs-6"><?php _e('
|
| 1416 |
</ul>
|
| 1417 |
|
| 1418 |
<?php
|
|
@@ -1433,16 +1464,18 @@ $scrollto6 = isset($_REQUEST['scrollto6']) ? (int) $_REQUEST['scrollto6'] : 0;
|
|
| 1433 |
<input type="hidden" name="action" value="update" />
|
| 1434 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $secure_htaccess_file ) ?>" />
|
| 1435 |
<input type="hidden" name="scrollto1" id="scrollto1" value="<?php echo esc_html( $scrollto1 ); ?>" />
|
|
|
|
| 1436 |
<p class="submit">
|
| 1437 |
|
| 1438 |
-
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing
|
| 1439 |
|
| 1440 |
-
<input type="submit" name="submit1" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 1441 |
</div>
|
| 1442 |
</form>
|
| 1443 |
|
| 1444 |
-
<button onclick="bpsSecureFileEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1445 |
-
<button onclick="bpsSecureFileDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1446 |
|
| 1447 |
<script type="text/javascript">
|
| 1448 |
/* <![CDATA[ */
|
|
@@ -1505,15 +1538,17 @@ function bpsSecureFileDecrypt() {
|
|
| 1505 |
<input type="hidden" name="action" value="update" />
|
| 1506 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $default_htaccess_file ) ?>" />
|
| 1507 |
<input type="hidden" name="scrollto2" id="scrollto2" value="<?php echo esc_html( $scrollto2 ); ?>" />
|
|
|
|
| 1508 |
<p class="submit">
|
| 1509 |
|
| 1510 |
-
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing
|
| 1511 |
|
| 1512 |
-
<input type="submit" name="submit2" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 1513 |
</div>
|
| 1514 |
|
| 1515 |
-
<button onclick="bpsDefaultFileEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1516 |
-
<button onclick="bpsDefaultFileDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1517 |
|
| 1518 |
</form>
|
| 1519 |
<script type="text/javascript">
|
|
@@ -1577,16 +1612,18 @@ function bpsDefaultFileDecrypt() {
|
|
| 1577 |
<input type="hidden" name="action" value="update" />
|
| 1578 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $wpadmin_htaccess_file ) ?>" />
|
| 1579 |
<input type="hidden" name="scrollto4" id="scrollto4" value="<?php echo esc_html( $scrollto4 ); ?>" />
|
|
|
|
| 1580 |
<p class="submit">
|
| 1581 |
|
| 1582 |
-
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing
|
| 1583 |
|
| 1584 |
-
<input type="submit" name="submit4" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 1585 |
</div>
|
| 1586 |
</form>
|
| 1587 |
|
| 1588 |
-
<button onclick="bpsWpadminSecureFileEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1589 |
-
<button onclick="bpsWpadminSecureFileDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1590 |
|
| 1591 |
<script type="text/javascript">
|
| 1592 |
/* <![CDATA[ */
|
|
@@ -1674,6 +1711,7 @@ function bpsStatusRHE() {
|
|
| 1674 |
<input type="hidden" name="action" value="update" />
|
| 1675 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $root_htaccess_file ) ?>" />
|
| 1676 |
<input type="hidden" name="scrollto5" id="scrollto5" value="<?php echo esc_html( $scrollto5 ); ?>" />
|
|
|
|
| 1677 |
<p class="submit">
|
| 1678 |
|
| 1679 |
<?php if ( bpsStatusRHE($perms) == '0404' ) { ?>
|
|
@@ -1682,16 +1720,17 @@ function bpsStatusRHE() {
|
|
| 1682 |
|
| 1683 |
<?php } else { ?>
|
| 1684 |
|
| 1685 |
-
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing
|
| 1686 |
|
| 1687 |
-
<input type="submit" name="submit5" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 1688 |
<?php } ?>
|
| 1689 |
|
| 1690 |
</div>
|
| 1691 |
</form>
|
| 1692 |
|
| 1693 |
-
<button onclick="bpsRootFileEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1694 |
-
<button onclick="bpsRootFileDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1695 |
|
| 1696 |
<script type="text/javascript">
|
| 1697 |
/* <![CDATA[ */
|
|
@@ -1754,16 +1793,18 @@ function bpsRootFileDecrypt() {
|
|
| 1754 |
<input type="hidden" name="action" value="update" />
|
| 1755 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $current_wpadmin_htaccess_file ) ?>" />
|
| 1756 |
<input type="hidden" name="scrollto6" id="scrollto6" value="<?php echo esc_html( $scrollto6 ); ?>" />
|
|
|
|
| 1757 |
<p class="submit">
|
| 1758 |
|
| 1759 |
-
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing
|
| 1760 |
|
| 1761 |
-
<input type="submit" name="submit6" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 1762 |
</div>
|
| 1763 |
</form>
|
| 1764 |
|
| 1765 |
-
<button onclick="bpsWpadminFileEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1766 |
-
<button onclick="bpsWpadminFileDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1767 |
|
| 1768 |
<script type="text/javascript">
|
| 1769 |
/* <![CDATA[ */
|
|
@@ -1832,34 +1873,31 @@ function bpsWpadminFileDecrypt() {
|
|
| 1832 |
|
| 1833 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1834 |
<tr>
|
| 1835 |
-
<td class="bps-table_title">
|
| 1836 |
-
<?php $text = '<h2>'.__('htaccess File Custom Code ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Save custom htaccess code for your Root and wp-admin htaccess Files permanently', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 1837 |
-
</td>
|
| 1838 |
</tr>
|
| 1839 |
<tr>
|
| 1840 |
<td class="bps-table_cell_help">
|
| 1841 |
|
| 1842 |
-
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Custom Code', 'bulletproof-security'); ?> <button id="bps-open-modal10" class="button bps-modal-button"
|
| 1843 |
-
|
| 1844 |
-
<div id="ResetDismissNotices">
|
| 1845 |
-
<form name="bpsResetDismissNotices" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ); ?>" method="post">
|
| 1846 |
-
<?php wp_nonce_field('bulletproof_security_reset_dismiss_notices'); ?>
|
| 1847 |
-
|
| 1848 |
-
<p><strong><label for="Status-Display"><?php _e('Reset|Recheck Dismiss Notices: ', 'bulletproof-security'); ?></label>
|
| 1849 |
-
<input type="hidden" name="bpsRDN" value="bps-RDN" />
|
| 1850 |
-
<input type="submit" name="bpsResetDismissSubmit" class="button bps-button" value="<?php esc_attr_e('Reset|Recheck', 'bulletproof-security') ?>" />
|
| 1851 |
-
</strong></p>
|
| 1852 |
-
</form>
|
| 1853 |
-
</div>
|
| 1854 |
|
| 1855 |
<div id="bps-modal-content10" class="bps-dialog-hide" title="<?php _e('Custom Code', 'bulletproof-security'); ?>">
|
| 1856 |
<p>
|
| 1857 |
<?php
|
| 1858 |
-
$text = '<strong>'.__('This
|
| 1859 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1860 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 1861 |
echo $text;
|
| 1862 |
?>
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1863 |
<strong><a href="https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/" title="Brute Force Login Page Protection code" target="_blank"><?php _e('Brute Force Login Page Protection code', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 1864 |
|
| 1865 |
<?php echo $bps_customcode_content; ?>
|
|
@@ -1867,10 +1905,22 @@ function bpsWpadminFileDecrypt() {
|
|
| 1867 |
</p>
|
| 1868 |
</div>
|
| 1869 |
|
| 1870 |
-
<
|
| 1871 |
-
<
|
| 1872 |
-
<
|
| 1873 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1874 |
|
| 1875 |
<?php
|
| 1876 |
if ( ! current_user_can('manage_options') ) {
|
|
@@ -1878,11 +1928,11 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 1878 |
|
| 1879 |
} else {
|
| 1880 |
|
| 1881 |
-
require_once
|
| 1882 |
}
|
| 1883 |
-
?>
|
| 1884 |
|
| 1885 |
-
<div id="CC-Import">
|
| 1886 |
<form name="bpsImport" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ); ?>" method="post" enctype="multipart/form-data">
|
| 1887 |
<?php wp_nonce_field('bulletproof_security_cc_import'); ?>
|
| 1888 |
<input type="file" name="bps_cc_import" id="bps_cc_import" />
|
|
@@ -1908,16 +1958,11 @@ $text = __('Clicking OK will Export (copy) all of your Root and wp-admin Custom
|
|
| 1908 |
</form>
|
| 1909 |
</div>
|
| 1910 |
|
| 1911 |
-
|
| 1912 |
-
|
| 1913 |
-
|
| 1914 |
-
|
| 1915 |
-
} else {
|
| 1916 |
|
| 1917 |
-
|
| 1918 |
-
}
|
| 1919 |
-
?>
|
| 1920 |
-
<br />
|
| 1921 |
|
| 1922 |
</td>
|
| 1923 |
</tr>
|
|
@@ -1927,8 +1972,17 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 1927 |
|
| 1928 |
<div id="bps-tabs-9" class="bps-tab-page">
|
| 1929 |
|
| 1930 |
-
<?php if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletproof-security'); } else {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1931 |
|
|
|
|
| 1932 |
// My Notes Form
|
| 1933 |
function bpsPro_My_Notes_values_form() {
|
| 1934 |
global $bps_topDiv, $bps_bottomDiv;
|
|
@@ -1946,7 +2000,7 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 1946 |
} else {
|
| 1947 |
$bps_my_notes = $Encryption->decrypt($_POST['bps_my_notes'], $nonceValue);
|
| 1948 |
}
|
| 1949 |
-
|
| 1950 |
$MyNotes_Options = array( 'bps_my_notes' => $bps_my_notes );
|
| 1951 |
|
| 1952 |
foreach( $MyNotes_Options as $key => $value ) {
|
|
@@ -1961,40 +2015,31 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 1961 |
}
|
| 1962 |
}
|
| 1963 |
|
| 1964 |
-
$scrolltoNotes = isset($_REQUEST['scrolltoNotes']) ? (int) $_REQUEST['scrolltoNotes'] : 0;
|
| 1965 |
?>
|
| 1966 |
|
| 1967 |
-
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1968 |
-
<tr>
|
| 1969 |
-
<td class="bps-table_title">
|
| 1970 |
-
<?php $text = '<h2>'.__('My Notes ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Save Personal Notes and htaccess Code Notes to your WordPress Database', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 1971 |
-
</td>
|
| 1972 |
-
</tr>
|
| 1973 |
-
<tr>
|
| 1974 |
-
<td class="bps-table_cell_help">
|
| 1975 |
-
|
| 1976 |
<div id="my-notes-float" style="float:left">
|
| 1977 |
|
| 1978 |
-
<button onclick="bpsMyNotesEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt My Notes', 'bulletproof-security'); ?></button>
|
| 1979 |
-
<button onclick="bpsMyNotesDecrypt()" class="button bps-button" style="margin:0px 0px 10px 0px"><?php esc_attr_e('Decrypt My Notes', 'bulletproof-security'); ?></button>
|
| 1980 |
|
| 1981 |
-
<form name="myNotes" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-
|
| 1982 |
<?php
|
| 1983 |
wp_nonce_field('bulletproof_security_My_Notes');
|
| 1984 |
bpsPro_My_Notes_values_form();
|
| 1985 |
$My_Notes_options = get_option('bulletproof_security_options_mynotes');
|
| 1986 |
?>
|
| 1987 |
|
| 1988 |
-
|
| 1989 |
<input type="hidden" name="scrolltoNotes" value="<?php echo esc_html( $scrolltoNotes ); ?>" />
|
|
|
|
|
|
|
| 1990 |
|
| 1991 |
-
|
| 1992 |
-
|
| 1993 |
-
<input type="submit" name="myNotes_submit" class="button bps-button" style="margin:10px 0px 10px 0px;height:auto;white-space:normal" value="<?php esc_attr_e('Save My Notes', 'bulletproof-security') ?>" /></p>
|
| 1994 |
</form>
|
| 1995 |
|
| 1996 |
-
<button onclick="bpsMyNotesEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt My Notes', 'bulletproof-security'); ?></button>
|
| 1997 |
-
<button onclick="bpsMyNotesDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt My Notes', 'bulletproof-security'); ?></button>
|
| 1998 |
|
| 1999 |
</div>
|
| 2000 |
|
|
@@ -2058,47 +2103,45 @@ function bpsMyNotesDecrypt() {
|
|
| 2058 |
|
| 2059 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-whats_new_table">
|
| 2060 |
<tr>
|
| 2061 |
-
<td
|
| 2062 |
-
<td width="99%" class="bps-table_title_no_border">
|
| 2063 |
<h2><?php _e('Whats New in ', 'bulletproof-security'); ?><?php echo $bps_version; _e(' and General Help Info & Tips', 'bulletproof-security'); ?></h2>
|
| 2064 |
</td>
|
| 2065 |
</tr>
|
| 2066 |
<tr>
|
| 2067 |
-
<td class="bps-table_cell_no_border"
|
| 2068 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2069 |
</tr>
|
| 2070 |
<tr>
|
| 2071 |
-
<td class="bps-table_cell_no_border"
|
| 2072 |
-
<td class="bps-table_cell_no_border"> </td>
|
| 2073 |
</tr>
|
| 2074 |
<tr>
|
| 2075 |
-
<td class="bps-table_cell_no_border"
|
| 2076 |
-
<td class="bps-table_cell_no_border"><?php $text = '<div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 2077 |
-
</td>
|
| 2078 |
</tr>
|
| 2079 |
<tr>
|
| 2080 |
-
<td class="bps-table_cell_no_border"> </td>
|
| 2081 |
<td class="bps-table_cell_no_border"><?php $text = '<h2><strong>'.__('General Help Info & Tips:', 'bulletproof-security').'</strong></h2>'; echo $text; ?></td>
|
| 2082 |
</tr>
|
| 2083 |
<tr>
|
| 2084 |
-
<td class="bps-table_cell_no_border"
|
| 2085 |
-
<td class="bps-table_cell_no_border"><?php $text = '<strong>'.__('If BPS plugin pages are not displaying visually correct you can ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/theme-skin/theme-skin.php' ).'" title="Script|Style Loader Filter (SLF) In BPS Plugin Pages">'.esc_attr__('Turn On the BPS SLF filter', 'bulletproof-security').'</a></strong>'; echo $text; ?></td>
|
| 2086 |
</tr>
|
| 2087 |
<tr>
|
| 2088 |
-
<td class="bps-table_cell_no_border"
|
| 2089 |
-
<td class="bps-table_cell_no_border"><?php $text = '<strong>'.__('BPS Video Tutorials|Setup Wizard: ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank" title="BPS Video Tutorials">BPS Pro Video Tutorials</a></strong>'; echo $text; ?></td>
|
| 2090 |
</tr>
|
| 2091 |
<tr>
|
| 2092 |
-
<td class="bps-table_cell_no_border"
|
| 2093 |
-
<td class="bps-table_cell_no_border"> </td>
|
| 2094 |
</tr>
|
| 2095 |
<tr>
|
| 2096 |
-
<td class="bps-table_cell_no_border"
|
| 2097 |
-
<td class="bps-table_cell_no_border"><?php $text = '<strong>'.__('Troubleshooting Steps & The BPS Security Log: ', 'bulletproof-security').'</strong><br>'.__('All BPS plugin features can be turned Off/On individually to confirm, eliminate or isolate a problem or issue that may or may not be caused by BPS.', 'bulletproof-security').'<br><strong><a href="https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-free-general-troubleshooting" target="_blank" title="BPS Troubleshooting Steps">Troubleshooting Steps</a></strong><br>'.__('The BPS Security Log is a primary troubleshooting tool. If BPS is blocking something legitimate in another plugin or theme then a Security Log entry will be logged for exactly what is being blocked. A whitelist rule can then be created to allow a plugin or theme to do what it needs to do without being blocked.', 'bulletproof-security').'<br><strong><a href="https://forum.ait-pro.com/video-tutorials/#security-log-firewall" target="_blank" title="BPS Security Log Video Tutorial">Security Log Video Tutorial</a></strong><br>'.__('Search the Forum site to see if a known issue or problem is already posted with a solution/whitelist rule in the Forum.', 'bulletproof-security').'<strong><br><a href="https://forum.ait-pro.com/forums/forum/bulletproof-security-free/" target="_blank" title="BPS Security Forum">BPS Security Forum</a></strong>'; echo $text; ?></td>
|
| 2098 |
</tr>
|
| 2099 |
<tr>
|
| 2100 |
<td class="bps-table_cell_no_border"> </td>
|
| 2101 |
-
<td class="bps-table_cell_no_border"> </td>
|
| 2102 |
</tr>
|
| 2103 |
</table>
|
| 2104 |
</div>
|
|
@@ -2107,16 +2150,20 @@ function bpsMyNotesDecrypt() {
|
|
| 2107 |
|
| 2108 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2109 |
<tr>
|
| 2110 |
-
<td class="bps-table_title"
|
| 2111 |
</tr>
|
| 2112 |
<tr>
|
| 2113 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 2114 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 2115 |
<a href="https://www.ait-pro.com/aitpro-blog/2304/wordpress-tips-tricks-fixes/permalinks-wordpress-custom-permalinks-wordpress-best-wordpress-permalinks-structure/" target="_blank"><?php _e('WP Permalinks - Custom Permalink Structure Help Info', 'bulletproof-security'); ?></a><br /><br />
|
| 2116 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 2117 |
<a href="https://www.ait-pro.com/aitpro-blog/2239/bulletproof-security-plugin-support/adding-a-custom-403-forbidden-page-htaccess-403-errordocument-directive-examples/" target="_blank"><?php _e('Adding a Custom 403 Forbidden Page For Your Website', 'bulletproof-security'); ?></a><br /><br />
|
| 2118 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a><br /><br />
|
| 2119 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Custom Code Video Tutorial', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 2120 |
</td>
|
| 2121 |
</tr>
|
| 2122 |
</table>
|
|
@@ -2128,13 +2175,13 @@ function bpsMyNotesDecrypt() {
|
|
| 2128 |
|
| 2129 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2130 |
<tr>
|
| 2131 |
-
<td colspan="2" class="bps-table_title"><h2><?php _e('BulletProof Security Pro Feature Highlights', 'bulletproof-security'); ?></h2></td>
|
| 2132 |
</tr>
|
| 2133 |
<tr>
|
| 2134 |
<td width="62%" valign="top" class="bps-table_cell_help">
|
| 2135 |
|
| 2136 |
<div id="bpsProLogo"><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BulletProof Security Pro">
|
| 2137 |
-
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/
|
| 2138 |
</div>
|
| 2139 |
|
| 2140 |
<div id="bpsProText">
|
|
@@ -2149,7 +2196,11 @@ function bpsMyNotesDecrypt() {
|
|
| 2149 |
<div id="bpsProFeatures">
|
| 2150 |
|
| 2151 |
<?php
|
| 2152 |
-
$text = '<h3><span class="blue-bold">'.__('
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2153 |
?>
|
| 2154 |
|
| 2155 |
<?php echo '<p><span class="blue-bold">'; _e('One-Click Setup Wizard Installation: ', 'bulletproof-security'); echo '</span>'; _e('Fast, simple and complete BPS Pro installation and setup in less than 1 minute.', 'bulletproof-security').'</p>'; ?>
|
|
@@ -2172,7 +2223,7 @@ $text = '<h3><span class="blue-bold">'.__('The Complete Website Security Solutio
|
|
| 2172 |
|
| 2173 |
<?php echo '<p><span class="blue-bold">'; _e('DB Status & Info: ', 'bulletproof-security'); echo '</span>'; _e('General DB Info shows commonly checked DB status and info about your WordPress database at a glance. Extensive DB Info shows extensive DB status information using: SHOW PRIVILEGES, SHOW TABLE STATUS|SIZE, SHOW STORAGE ENGINES, SHOW FULL PROCESSLIST, SHOW GLOBAL STATUS, SHOW SESSION STATUS, SHOW GLOBAL VARIABLES and SHOW SESSION VARIABLES.', 'bulletproof-security').'</p>'; ?>
|
| 2174 |
|
| 2175 |
-
<?php echo '<p><span class="blue-bold">'; _e('
|
| 2176 |
|
| 2177 |
<?php echo '<p><span class="blue-bold">'; _e('Advanced Real-Time Alerting & Heads Up Dashboard Status Display: ', 'bulletproof-security'); echo '</span>'; _e('BPS Pro checks and displays error, warning, notifications and alert messages in real time. You can choose how you want these messages displayed to you with S-Monitor Monitoring & Alerting Options - Display in your WP Dashboard, BPS Pro pages only, Turned off, Email Alerts, Logging...', 'bulletproof-security'); echo '</p>'; ?>
|
| 2178 |
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/bpspro-dashboard-status-display.jpg'); ?>" />
|
|
@@ -2191,6 +2242,7 @@ $text = '<h3><span class="blue-bold">'.__('The Complete Website Security Solutio
|
|
| 2191 |
|
| 2192 |
<div class="pro-links">
|
| 2193 |
<?php
|
|
|
|
| 2194 |
echo sprintf( __( '<a href="%2$s" target="_blank" title="Link Opens in New Browser Window">Whats New in BPS Pro %1$s</a>' ), '16', 'https://www.ait-pro.com/aitpro-blog/5733/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-16/' ).'<br>';
|
| 2195 |
echo sprintf( __( '<a href="%2$s" target="_blank" title="Link Opens in New Browser Window">Whats New in BPS Pro %1$s</a>' ), '15.9', 'https://www.ait-pro.com/aitpro-blog/5729/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-15-9/' ).'<br>';
|
| 2196 |
echo sprintf( __( '<a href="%2$s" target="_blank" title="Link Opens in New Browser Window">Whats New in BPS Pro %1$s</a>' ), '15.8', 'https://www.ait-pro.com/aitpro-blog/5718/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-15-8/' ).'<br>';
|
| 19 |
#wpwrap{min-height:100.1%};
|
| 20 |
</style>
|
| 21 |
|
| 22 |
+
<div id="bps-container" class="wrap">
|
| 23 |
|
| 24 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 25 |
|
| 28 |
|
| 29 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 30 |
|
| 31 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 32 |
|
| 33 |
bpsPro_Browser_UA_scroll_animation();
|
| 34 |
}
|
| 36 |
?>
|
| 37 |
|
| 38 |
<?php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 39 |
|
| 40 |
// Get Real IP address - USE EXTREME CAUTION!!!
|
| 41 |
function bpsPro_get_real_ip_address_cc() {
|
| 142 |
|
| 143 |
?>
|
| 144 |
|
| 145 |
+
<h2 class="bps-tab-title"><?php _e('htaccess File Options', 'bulletproof-security'); ?></h2>
|
| 146 |
|
| 147 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 148 |
|
| 170 |
|
| 171 |
// General all purpose "Settings Saved." message for forms
|
| 172 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 173 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 174 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 175 |
echo $text;
|
| 176 |
}
|
| 177 |
}
|
| 178 |
|
| 179 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/core/core-help-text.php';
|
| 180 |
|
| 181 |
// WBM, HPF, MBM, BBM: activate and deactivate and all other form code
|
| 182 |
+
if ( isset( $_POST['Submit-WBM-Activate'] ) || isset( $_POST['Submit-WBM-Deactivate'] ) || isset( $_POST['Submit-Hidden-Plugins'] ) || isset( $_POST['Hidden-Plugins-Ignore-Submit'] ) || isset( $_POST['Submit-MBM-Activate'] ) || isset( $_POST['Submit-MBM-Deactivate'] ) || isset( $_POST['Submit-BBM-Activate'] ) || isset( $_POST['Submit-BBM-Deactivate'] ) || isset( $_POST['Submit-Backup-htaccess-Files'] ) || isset( $_POST['Submit-Restore-htaccess-Files'] ) ) {
|
| 183 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/core/core-forms.php';
|
| 184 |
}
|
| 185 |
|
| 186 |
// RBM: activate and deactivate form code
|
| 187 |
if ( isset( $_POST['Submit-RBM-Activate'] ) || isset( $_POST['Submit-RBM-Deactivate'] ) || isset( $_POST['Submit-RBM-Activate-Network'] ) || isset( $_POST['Submit-RBM-Deactivate-Network'] ) ) {
|
| 188 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/core/core-htaccess-code.php';
|
| 189 |
}
|
| 190 |
|
| 191 |
?>
|
| 209 |
|
| 210 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 211 |
<tr>
|
| 212 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 213 |
</tr>
|
| 214 |
<tr>
|
| 215 |
<td class="bps-table_cell_help">
|
| 216 |
|
| 217 |
<?php if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletproof-security'); } else { ?>
|
| 218 |
|
| 219 |
+
<h3 style="margin-top:0px"><?php _e('Root Folder BulletProof Mode (RBM)', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 220 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
|
|
|
| 221 |
|
| 222 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Root Folder BulletProof Mode (RBM)', 'bulletproof-security'); ?>">
|
| 223 |
<p>
|
| 224 |
<?php
|
| 225 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 226 |
echo $text;
|
| 227 |
+
|
| 228 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 229 |
+
echo $bpsPro_text;
|
| 230 |
+
|
| 231 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 232 |
echo $text;
|
| 233 |
?>
|
| 248 |
$filename = ABSPATH . '.htaccess';
|
| 249 |
|
| 250 |
if ( file_exists($filename) ) {
|
| 251 |
+
$check_string = file_get_contents($filename);
|
| 252 |
}
|
| 253 |
|
| 254 |
if ( isset ( $_POST['Submit-RBM-Activate'] ) ) {
|
| 301 |
|
| 302 |
<div id="RBM-Status"><?php bpsPro_rbm_status(); ?></div>
|
| 303 |
|
| 304 |
+
<div id="root-bulletproof-mode" style="border-bottom:1px solid #999999;">
|
| 305 |
|
| 306 |
<?php if ( ! is_multisite() ) { ?>
|
| 307 |
|
| 343 |
|
| 344 |
</div>
|
| 345 |
|
| 346 |
+
<h3><?php _e('wp-admin Folder BulletProof Mode (WBM)', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button">
|
| 347 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 348 |
|
| 349 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('Root Folder BulletProof Mode (RBM)', 'bulletproof-security'); ?>">
|
| 350 |
<p>
|
| 351 |
<?php
|
| 352 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 353 |
echo $text;
|
| 354 |
+
|
| 355 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 356 |
+
echo $bpsPro_text;
|
| 357 |
+
|
| 358 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 359 |
echo $text;
|
| 360 |
?>
|
| 380 |
$filename = ABSPATH . 'wp-admin/.htaccess';
|
| 381 |
|
| 382 |
if ( file_exists($filename) ) {
|
| 383 |
+
$check_string = file_get_contents($filename);
|
| 384 |
}
|
| 385 |
|
| 386 |
if ( isset ( $_POST['Submit-WBM-Activate'] ) ) {
|
| 427 |
|
| 428 |
<div id="WBM-Status"><?php bpsPro_wbm_status(); ?></div>
|
| 429 |
|
| 430 |
+
<div id="wpadmin-bulletproof-mode" style="border-bottom:1px solid #999999;">
|
| 431 |
|
| 432 |
<form name="WBM-Activate" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 433 |
<?php wp_nonce_field('bulletproof_security_wbm_activate'); ?>
|
| 449 |
|
| 450 |
<div id="UAEG-Menu-Link"></div>
|
| 451 |
|
| 452 |
+
<h3><?php _e('Hidden Plugin Folders|Files Cron (HPF)', 'bulletproof-security'); ?> <button id="bps-open-modal5" class="button bps-modal-button">
|
| 453 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 454 |
|
| 455 |
<div id="bps-modal-content5" class="bps-dialog-hide" title="<?php _e('Hidden Plugin Folders|Files Cron (HPF)', 'bulletproof-security'); ?>">
|
| 456 |
<p>
|
| 457 |
<?php
|
| 458 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 459 |
echo $text;
|
| 460 |
+
|
| 461 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 462 |
+
echo $bpsPro_text;
|
| 463 |
+
|
| 464 |
echo $bps_general_help_info;
|
| 465 |
echo $bps_hpf_content;
|
| 466 |
?>
|
| 499 |
|
| 500 |
if ( $_POST['Submit-Hidden-Plugins'] == true || $_POST['Hidden-Plugins-Ignore-Submit'] == true ) {
|
| 501 |
|
| 502 |
+
if ( isset($hpf_options['bps_hidden_plugins_cron']) && $hpf_options['bps_hidden_plugins_cron'] == 'On' ) {
|
| 503 |
$text = '<h3><strong>'.__('HPF Status: ', 'bulletproof-security').'<span class="core-status-activated">'.__('HPF Cron On', 'bulletproof-security').'</span></strong></h3>';
|
| 504 |
echo $text;
|
| 505 |
+
} elseif ( isset($hpf_options['bps_hidden_plugins_cron']) && $hpf_options['bps_hidden_plugins_cron'] == 'Off' ) {
|
| 506 |
$text = '<h3><strong>'.__('HPF Status: ', 'bulletproof-security').'<span class="core-status-deactivated">'.__('HPF Cron Off', 'bulletproof-security').'</span></strong></h3>';
|
| 507 |
echo $text;
|
| 508 |
}
|
| 512 |
|
| 513 |
<div id="HPF-Status"><?php bpsPro_hpf_status(); ?></div>
|
| 514 |
|
| 515 |
+
<div id="HPF1">
|
| 516 |
<div id="HPF2" style="position:relative;top:10px;left:0px;float:left;margin:0px 15px 0px 0px;">
|
| 517 |
|
| 518 |
<?php
|
| 522 |
|
| 523 |
$hpf_options = get_option('bulletproof_security_options_hpf_cron');
|
| 524 |
$bps_hidden_plugins_cron_frequency = ! isset($hpf_options['bps_hidden_plugins_cron_frequency']) ? '' : $hpf_options['bps_hidden_plugins_cron_frequency'];
|
| 525 |
+
$bps_hidden_plugins_cron = ! isset($hpf_options['bps_hidden_plugins_cron']) ? '' : $hpf_options['bps_hidden_plugins_cron'];
|
| 526 |
|
| 527 |
echo '<label for="bps-hpf">'.__('HPF Cron Check Frequency:', 'bulletproof-security').'</label><br>';
|
| 528 |
echo '<select name="hpf_cron_frequency" class="form-340">';
|
| 541 |
echo '<option value="Off"'. selected('Off', $bps_hidden_plugins_cron).'>'.__('HPF Cron Off', 'bulletproof-security').'</option>';
|
| 542 |
echo '</select>';
|
| 543 |
|
| 544 |
+
echo "<p style=\"margin-top:14px\"><input type=\"submit\" name=\"Submit-Hidden-Plugins\" value=\"".__('Save HPF Cron Options', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"return confirm('".__('The default Cron Frequency is: Run Check Every 15 Minutes. This is a lightweight check that uses an insignificant amount of resources/memory so 4 checks per hour will not cause any performance issues whatsoever.\n\n-------------------------------------------------------------\n\nEven choosing Run Check Every 1 Minute would not cause any significant performance issues whatsoever.\n\n-------------------------------------------------------------\n\nClick OK to proceed or click Cancel', 'bulletproof-security')."')\" /></p></form>";
|
| 545 |
|
| 546 |
$scrolltoHiddenPlugins = isset($_REQUEST['scrolltoHiddenPlugins']) ? (int) $_REQUEST['scrolltoHiddenPlugins'] : 0;
|
| 547 |
+
|
| 548 |
+
$hover_icon_hpf = '<strong><font color="black"><span class="tooltip-250-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('Add Ignore rules using plugin folder names or file names.', 'bulletproof-security').'<br>'.__('Use a comma and a space between folder and/or file names.', 'bulletproof-security').'<br>'.__('Example: plugin-folder-name, example-file-name.php', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 549 |
?>
|
| 550 |
|
| 551 |
</div>
|
| 552 |
|
| 553 |
+
<div id="HPF3" style="position:relative;bottom:6px;left:0px;float:left;margin:0px 0px 0px 0px;">
|
| 554 |
|
| 555 |
<form name="Hidden-Plugins" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 556 |
<?php wp_nonce_field('bulletproof_security_hpf_cron_ignore'); ?>
|
| 557 |
<?php $hpfi_options = get_option('bulletproof_security_options_hidden_plugins');
|
| 558 |
+
$bps_hidden_plugins_check = ! isset($hpfi_options['bps_hidden_plugins_check']) ? '' : esc_html( trim( $hpfi_options['bps_hidden_plugins_check'], ", \t\n\r") );
|
| 559 |
?>
|
| 560 |
|
| 561 |
<div id="HPF4" style="position:relative;top:0px;left:0px;margin:10px 0px 10px 0px;">
|
| 562 |
+
<strong><label><?php _e('Ignore Hidden Plugin Folders & Files:', 'bulletproof-security'); echo $hover_icon_hpf; ?></label></strong>
|
| 563 |
+
|
| 564 |
<textarea class="PFW-Allow-From-Text-Area" name="bps_hidden_plugins_check" style="margin-top:5px;" tabindex="1"><?php echo $bps_hidden_plugins_check; ?></textarea>
|
| 565 |
<input type="hidden" name="scrolltoHiddenPlugins" id="scrolltoHiddenPlugins" value="<?php echo esc_html( $scrolltoHiddenPlugins ); ?>" />
|
| 566 |
</div>
|
| 584 |
|
| 585 |
<div id="MC1" style="position:relative;top:0px;left:0px;float:left;margin:0px 0px 0px 0px;width:100%;border-top:1px solid #999999;">
|
| 586 |
|
| 587 |
+
<h3><?php _e('Master htaccess Folder BulletProof Mode (MBM)', 'bulletproof-security'); ?> <button id="bps-open-modal6" class="button bps-modal-button">
|
| 588 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 589 |
|
| 590 |
<div id="bps-modal-content6" class="bps-dialog-hide" title="<?php _e('MBM BulletProof Modes', 'bulletproof-security'); ?>">
|
| 591 |
<p>
|
| 592 |
<?php
|
| 593 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 594 |
echo $text;
|
| 595 |
+
|
| 596 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 597 |
+
echo $bpsPro_text;
|
| 598 |
+
|
| 599 |
echo $bps_general_help_info;
|
| 600 |
echo $bps_mbm_content;
|
| 601 |
?>
|
| 654 |
|
| 655 |
<div id="MBM-Status"><?php bpsPro_mbm_status(); ?></div>
|
| 656 |
|
| 657 |
+
<div id="mbm-bulletproof-mode" style="">
|
| 658 |
|
| 659 |
<form name="MBM-Activate" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 660 |
<?php wp_nonce_field('bulletproof_security_mbm_activate'); ?>
|
| 677 |
|
| 678 |
<div id="MC2" style="position:relative;top:0px;left:0px;float:left;margin:0px 0px 0px 0px;width:100%;border-top:1px solid #999999;">
|
| 679 |
|
| 680 |
+
<h3><?php _e('BPS Backup Folder BulletProof Mode (BBM)', 'bulletproof-security'); ?> <button id="bps-open-modal7" class="button bps-modal-button">
|
| 681 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 682 |
|
| 683 |
<div id="bps-modal-content7" class="bps-dialog-hide" title="<?php _e('BBM BulletProof Modes', 'bulletproof-security'); ?>">
|
| 684 |
<p>
|
| 685 |
<?php
|
| 686 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 687 |
echo $text;
|
| 688 |
+
|
| 689 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 690 |
+
echo $bpsPro_text;
|
| 691 |
+
|
| 692 |
echo $bps_general_help_info;
|
| 693 |
echo $bps_bbm_content;
|
| 694 |
?>
|
| 747 |
|
| 748 |
<div id="BBM-Status"><?php bpsPro_bbm_status(); ?></div>
|
| 749 |
|
| 750 |
+
<div id="bbm-bulletproof-mode" style="">
|
| 751 |
|
| 752 |
<form name="BBM-Activate" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 753 |
<?php wp_nonce_field('bulletproof_security_bbm_activate'); ?>
|
| 770 |
|
| 771 |
<div id="MC3" style="position:relative;top:0px;left:0px;float:left;margin:0px 0px 0px 0px;width:100%;border-top:1px solid #999999;">
|
| 772 |
|
| 773 |
+
<h3><?php _e('Backup & Restore BPS htaccess Files', 'bulletproof-security'); ?> <button id="bps-open-modal8" class="button bps-modal-button">
|
| 774 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 775 |
|
| 776 |
<div id="bps-modal-content8" class="bps-dialog-hide" title="<?php _e('Backup & Restore BPS htaccess Files', 'bulletproof-security'); ?>">
|
| 777 |
<p>
|
| 778 |
<?php
|
| 779 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 780 |
echo $text;
|
| 781 |
+
|
| 782 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 783 |
+
echo $bpsPro_text;
|
| 784 |
+
|
| 785 |
echo $bps_backup_restore_content;
|
| 786 |
?>
|
| 787 |
</p>
|
| 788 |
</div>
|
| 789 |
|
| 790 |
+
<div id="backup-restore-mode">
|
| 791 |
|
| 792 |
<form name="Backup-htaccess-Files" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php' ); ?>" method="post">
|
| 793 |
<?php wp_nonce_field('bulletproof_security_backup_active_htaccess_files'); ?>
|
| 819 |
|
| 820 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 821 |
<tr>
|
| 822 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 823 |
</tr>
|
| 824 |
<tr>
|
| 825 |
<td class="bps-table_cell">
|
| 826 |
|
| 827 |
+
<h3 style="margin:0px 0px 5px 5px;"><?php _e('htaccess File Editing', 'bulletproof-security'); ?> <button id="bps-open-modal9" class="button bps-modal-button">
|
| 828 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 829 |
|
| 830 |
<div id="bps-modal-content9" class="bps-dialog-hide" title="<?php _e('htaccess File Editing', 'bulletproof-security'); ?>">
|
| 831 |
+
<p>
|
| 832 |
+
<?php
|
| 833 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 834 |
+
echo $text;
|
| 835 |
+
|
| 836 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 837 |
+
echo $bpsPro_text;
|
| 838 |
+
|
| 839 |
+
echo $bps_hfe_content;
|
| 840 |
+
?>
|
| 841 |
+
</p>
|
| 842 |
</div>
|
| 843 |
|
| 844 |
<?php if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletproof-security'); } else { ?>
|
| 1175 |
|
| 1176 |
if ( is_writable($root_htaccess_file) ) {
|
| 1177 |
|
| 1178 |
+
$text = '<font color="green" style="font-size:12px;"><strong>'.__('File Open and Write test successful! Your root htaccess file is writable.', 'bulletproof-security').'</strong></font><br>';
|
| 1179 |
echo $text;
|
| 1180 |
|
| 1181 |
} else {
|
| 1230 |
}
|
| 1231 |
|
| 1232 |
echo $bps_topDiv;
|
| 1233 |
+
$text = '<font color="green"><strong>'.__('Your root htaccess file has been updated.', 'bulletproof-security').'</strong></font><br>';
|
| 1234 |
echo $text;
|
| 1235 |
echo $bps_bottomDiv;
|
| 1236 |
|
| 1273 |
|
| 1274 |
if ( is_writable($current_wpadmin_htaccess_file) ) {
|
| 1275 |
|
| 1276 |
+
$text = '<font color="green" style="font-size:12px;"><strong>'.__('File Open and Write test successful! Your wp-admin htaccess file is writable.', 'bulletproof-security').'</strong></font><br>';
|
| 1277 |
echo $text;
|
| 1278 |
|
| 1279 |
} else {
|
| 1329 |
}
|
| 1330 |
|
| 1331 |
echo $bps_topDiv;
|
| 1332 |
+
$text = '<font color="green"><strong>'.__('Your wp-admin htaccess file has been updated.', 'bulletproof-security').'</strong></font><br>';
|
| 1333 |
echo $text;
|
| 1334 |
echo $bps_bottomDiv;
|
| 1335 |
|
| 1344 |
$bpsRootHtaccessOL = ABSPATH . '.htaccess';
|
| 1345 |
|
| 1346 |
if ( file_exists($bpsRootHtaccessOL) ) {
|
| 1347 |
+
chmod($bpsRootHtaccessOL, 0404);
|
| 1348 |
echo $bps_topDiv;
|
| 1349 |
$text = '<font color="green"><strong><br>'.__('Your Root htaccess file has been Locked.', 'bulletproof-security').'</strong></font><br>';
|
| 1350 |
echo $text;
|
| 1363 |
$bpsRootHtaccessOL = ABSPATH . '.htaccess';
|
| 1364 |
|
| 1365 |
if ( file_exists($bpsRootHtaccessOL) ) {
|
| 1366 |
+
chmod($bpsRootHtaccessOL, 0644);
|
| 1367 |
echo $bps_topDiv;
|
| 1368 |
$text = '<font color="green"><strong><br>'.__('Your Root htaccess file has been Unlocked.', 'bulletproof-security').'</strong></font><br>';
|
| 1369 |
echo $text;
|
| 1387 |
|
| 1388 |
<?php // Detect the SAPI - display form submit button only if sapi is cgi
|
| 1389 |
$sapi_type = php_sapi_name();
|
| 1390 |
+
if ( substr($sapi_type, 0, 6) != 'apache' ) {
|
| 1391 |
?>
|
| 1392 |
|
| 1393 |
<div id="bpsLockHtaccess">
|
| 1442 |
<li><a href="#bps-edittabs-1"><?php _e('secure.htaccess', 'bulletproof-security'); ?></a></li>
|
| 1443 |
<li><a href="#bps-edittabs-2"><?php _e('default.htaccess', 'bulletproof-security'); ?></a></li>
|
| 1444 |
<li><a href="#bps-edittabs-4"><?php _e('wpadmin-secure.htaccess', 'bulletproof-security'); ?></a></li>
|
| 1445 |
+
<li><a href="#bps-edittabs-5"><?php _e('Root htaccess File', 'bulletproof-security'); ?></a></li>
|
| 1446 |
+
<li><a href="#bps-edittabs-6"><?php _e('wp-admin htaccess File', 'bulletproof-security'); ?></a></li>
|
| 1447 |
</ul>
|
| 1448 |
|
| 1449 |
<?php
|
| 1464 |
<input type="hidden" name="action" value="update" />
|
| 1465 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $secure_htaccess_file ) ?>" />
|
| 1466 |
<input type="hidden" name="scrollto1" id="scrollto1" value="<?php echo esc_html( $scrollto1 ); ?>" />
|
| 1467 |
+
|
| 1468 |
<p class="submit">
|
| 1469 |
|
| 1470 |
+
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 1471 |
|
| 1472 |
+
<input type="submit" name="submit1" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 1473 |
+
</p>
|
| 1474 |
</div>
|
| 1475 |
</form>
|
| 1476 |
|
| 1477 |
+
<button onclick="bpsSecureFileEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1478 |
+
<button onclick="bpsSecureFileDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1479 |
|
| 1480 |
<script type="text/javascript">
|
| 1481 |
/* <![CDATA[ */
|
| 1538 |
<input type="hidden" name="action" value="update" />
|
| 1539 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $default_htaccess_file ) ?>" />
|
| 1540 |
<input type="hidden" name="scrollto2" id="scrollto2" value="<?php echo esc_html( $scrollto2 ); ?>" />
|
| 1541 |
+
|
| 1542 |
<p class="submit">
|
| 1543 |
|
| 1544 |
+
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 1545 |
|
| 1546 |
+
<input type="submit" name="submit2" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 1547 |
+
</p>
|
| 1548 |
</div>
|
| 1549 |
|
| 1550 |
+
<button onclick="bpsDefaultFileEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1551 |
+
<button onclick="bpsDefaultFileDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1552 |
|
| 1553 |
</form>
|
| 1554 |
<script type="text/javascript">
|
| 1612 |
<input type="hidden" name="action" value="update" />
|
| 1613 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $wpadmin_htaccess_file ) ?>" />
|
| 1614 |
<input type="hidden" name="scrollto4" id="scrollto4" value="<?php echo esc_html( $scrollto4 ); ?>" />
|
| 1615 |
+
|
| 1616 |
<p class="submit">
|
| 1617 |
|
| 1618 |
+
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 1619 |
|
| 1620 |
+
<input type="submit" name="submit4" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 1621 |
+
</p>
|
| 1622 |
</div>
|
| 1623 |
</form>
|
| 1624 |
|
| 1625 |
+
<button onclick="bpsWpadminSecureFileEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1626 |
+
<button onclick="bpsWpadminSecureFileDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1627 |
|
| 1628 |
<script type="text/javascript">
|
| 1629 |
/* <![CDATA[ */
|
| 1711 |
<input type="hidden" name="action" value="update" />
|
| 1712 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $root_htaccess_file ) ?>" />
|
| 1713 |
<input type="hidden" name="scrollto5" id="scrollto5" value="<?php echo esc_html( $scrollto5 ); ?>" />
|
| 1714 |
+
|
| 1715 |
<p class="submit">
|
| 1716 |
|
| 1717 |
<?php if ( bpsStatusRHE($perms) == '0404' ) { ?>
|
| 1720 |
|
| 1721 |
<?php } else { ?>
|
| 1722 |
|
| 1723 |
+
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 1724 |
|
| 1725 |
+
<input type="submit" name="submit5" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 1726 |
+
</p>
|
| 1727 |
<?php } ?>
|
| 1728 |
|
| 1729 |
</div>
|
| 1730 |
</form>
|
| 1731 |
|
| 1732 |
+
<button onclick="bpsRootFileEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1733 |
+
<button onclick="bpsRootFileDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1734 |
|
| 1735 |
<script type="text/javascript">
|
| 1736 |
/* <![CDATA[ */
|
| 1793 |
<input type="hidden" name="action" value="update" />
|
| 1794 |
<input type="hidden" name="filename" value="<?php echo esc_attr( $current_wpadmin_htaccess_file ) ?>" />
|
| 1795 |
<input type="hidden" name="scrollto6" id="scrollto6" value="<?php echo esc_html( $scrollto6 ); ?>" />
|
| 1796 |
+
|
| 1797 |
<p class="submit">
|
| 1798 |
|
| 1799 |
+
<?php echo '<div id="bps-edittabs-tooltip" style="margin:-40px 0px 10px 0px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your editing changes then click the Encrypt htaccess Code button first and then click the Update File button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your htaccess code unless you encrypt it first by clicking the Encrypt htaccess Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt htaccess Code button and then want to edit your code again click the Decrypt htaccess Code button. After you are done editing click the Encrypt htaccess Code button before clicking the Update File button.', 'bulletproof-security').'<br><br>'.__('Click the htaccess File Editing Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 1800 |
|
| 1801 |
+
<input type="submit" name="submit6" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 1802 |
+
</p>
|
| 1803 |
</div>
|
| 1804 |
</form>
|
| 1805 |
|
| 1806 |
+
<button onclick="bpsWpadminFileEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1807 |
+
<button onclick="bpsWpadminFileDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt htaccess Code', 'bulletproof-security'); ?></button>
|
| 1808 |
|
| 1809 |
<script type="text/javascript">
|
| 1810 |
/* <![CDATA[ */
|
| 1873 |
|
| 1874 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1875 |
<tr>
|
| 1876 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 1877 |
</tr>
|
| 1878 |
<tr>
|
| 1879 |
<td class="bps-table_cell_help">
|
| 1880 |
|
| 1881 |
+
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Custom Code', 'bulletproof-security'); ?> <button id="bps-open-modal10" class="button bps-modal-button">
|
| 1882 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1883 |
|
| 1884 |
<div id="bps-modal-content10" class="bps-dialog-hide" title="<?php _e('Custom Code', 'bulletproof-security'); ?>">
|
| 1885 |
<p>
|
| 1886 |
<?php
|
| 1887 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1888 |
echo $text;
|
| 1889 |
+
|
| 1890 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1891 |
+
echo $bpsPro_text;
|
| 1892 |
+
|
| 1893 |
+
// Forum Help Links or of course both
|
| 1894 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 1895 |
echo $text;
|
| 1896 |
?>
|
| 1897 |
+
<strong><a href="https://forum.ait-pro.com/video-tutorials/" title="Custom Code Video Tutorial" target="_blank"><?php _e('Custom Code Video Tutorial', 'bulletproof-security'); ?></a></strong><br />
|
| 1898 |
+
|
| 1899 |
+
<strong><a href="https://forum.ait-pro.com/read-me-first/" title="BulletProof Security Pro Forum" target="_blank"><?php _e('BulletProof Security Pro Forum', 'bulletproof-security'); ?></a></strong><br />
|
| 1900 |
+
|
| 1901 |
<strong><a href="https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/" title="Brute Force Login Page Protection code" target="_blank"><?php _e('Brute Force Login Page Protection code', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 1902 |
|
| 1903 |
<?php echo $bps_customcode_content; ?>
|
| 1905 |
</p>
|
| 1906 |
</div>
|
| 1907 |
|
| 1908 |
+
<table width="100%" border="0">
|
| 1909 |
+
<tr>
|
| 1910 |
+
<td style="width:400px;">
|
| 1911 |
+
|
| 1912 |
+
<?php
|
| 1913 |
+
if ( ! current_user_can('manage_options') ) {
|
| 1914 |
+
_e('Permission Denied', 'bulletproof-security');
|
| 1915 |
+
|
| 1916 |
+
} else {
|
| 1917 |
+
|
| 1918 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/core/core-custom-code.php';
|
| 1919 |
+
}
|
| 1920 |
+
?>
|
| 1921 |
+
|
| 1922 |
+
</td>
|
| 1923 |
+
<td>
|
| 1924 |
|
| 1925 |
<?php
|
| 1926 |
if ( ! current_user_can('manage_options') ) {
|
| 1928 |
|
| 1929 |
} else {
|
| 1930 |
|
| 1931 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/core/core-export-import.php';
|
| 1932 |
}
|
| 1933 |
+
?>
|
| 1934 |
|
| 1935 |
+
<div id="CC-Import" style="margin-top:18px">
|
| 1936 |
<form name="bpsImport" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ); ?>" method="post" enctype="multipart/form-data">
|
| 1937 |
<?php wp_nonce_field('bulletproof_security_cc_import'); ?>
|
| 1938 |
<input type="file" name="bps_cc_import" id="bps_cc_import" />
|
| 1958 |
</form>
|
| 1959 |
</div>
|
| 1960 |
|
| 1961 |
+
</td>
|
| 1962 |
+
</tr>
|
| 1963 |
+
</table>
|
|
|
|
|
|
|
| 1964 |
|
| 1965 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
|
|
|
|
|
|
|
|
|
| 1966 |
|
| 1967 |
</td>
|
| 1968 |
</tr>
|
| 1972 |
|
| 1973 |
<div id="bps-tabs-9" class="bps-tab-page">
|
| 1974 |
|
| 1975 |
+
<?php if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletproof-security'); } else { ?>
|
| 1976 |
+
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1977 |
+
<tr>
|
| 1978 |
+
<td class="bps-table_title"></td>
|
| 1979 |
+
</tr>
|
| 1980 |
+
<tr>
|
| 1981 |
+
<td class="bps-table_cell_help">
|
| 1982 |
+
|
| 1983 |
+
<h3 style="margin-top:0px"><?php _e('Save Personal Notes and htaccess Code Notes to your WordPress Database', 'bulletproof-security'); ?></h3>
|
| 1984 |
|
| 1985 |
+
<?php
|
| 1986 |
// My Notes Form
|
| 1987 |
function bpsPro_My_Notes_values_form() {
|
| 1988 |
global $bps_topDiv, $bps_bottomDiv;
|
| 2000 |
} else {
|
| 2001 |
$bps_my_notes = $Encryption->decrypt($_POST['bps_my_notes'], $nonceValue);
|
| 2002 |
}
|
| 2003 |
+
|
| 2004 |
$MyNotes_Options = array( 'bps_my_notes' => $bps_my_notes );
|
| 2005 |
|
| 2006 |
foreach( $MyNotes_Options as $key => $value ) {
|
| 2015 |
}
|
| 2016 |
}
|
| 2017 |
|
| 2018 |
+
$scrolltoNotes = isset( $_REQUEST['scrolltoNotes'] ) ? (int) $_REQUEST['scrolltoNotes'] : 0;
|
| 2019 |
?>
|
| 2020 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2021 |
<div id="my-notes-float" style="float:left">
|
| 2022 |
|
| 2023 |
+
<button onclick="bpsMyNotesEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt My Notes', 'bulletproof-security'); ?></button>
|
| 2024 |
+
<button onclick="bpsMyNotesDecrypt()" class="button bps-decrypt-button" style="margin:0px 0px 10px 0px"><?php esc_attr_e('Decrypt My Notes', 'bulletproof-security'); ?></button>
|
| 2025 |
|
| 2026 |
+
<form name="myNotes" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-8' ); ?>" method="post">
|
| 2027 |
<?php
|
| 2028 |
wp_nonce_field('bulletproof_security_My_Notes');
|
| 2029 |
bpsPro_My_Notes_values_form();
|
| 2030 |
$My_Notes_options = get_option('bulletproof_security_options_mynotes');
|
| 2031 |
?>
|
| 2032 |
|
| 2033 |
+
<textarea id="crypt20" class="bps-text-area-600x700" name="bps_my_notes" tabindex="1"><?php if ( ! empty( $My_Notes_options['bps_my_notes'] ) ) { echo $My_Notes_options['bps_my_notes']; } ?></textarea>
|
| 2034 |
<input type="hidden" name="scrolltoNotes" value="<?php echo esc_html( $scrolltoNotes ); ?>" />
|
| 2035 |
+
|
| 2036 |
+
<?php echo '<div id="bps-my-notes-tooltip"><label for="bps-mscan-label" style="">'.__('If you are unable to save custom htaccess code and/or see an error message when trying to save custom htaccess code, ', 'bulletproof-security').'<br>'.__('click the Encrypt My Notes button first and then click the Save My Notes button.', 'bulletproof-security').'<br>'.__('Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-250"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your custom htaccess code unless you encrypt it first by clicking the Encrypt My Notes button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt My Notes button, but then want to add or edit additional custom code click the Decrypt My Notes button. After you are done adding or editing custom code click the Encrypt My Notes button before clicking the Save My Notes button.', 'bulletproof-security').'<br><br>'.__('Click the Custom Code Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 2037 |
|
| 2038 |
+
<input type="submit" name="myNotes_submit" class="button bps-button" style="margin:10px 0px 10px 0px;height:auto;white-space:normal" value="<?php esc_attr_e('Save My Notes', 'bulletproof-security') ?>" />
|
|
|
|
|
|
|
| 2039 |
</form>
|
| 2040 |
|
| 2041 |
+
<button onclick="bpsMyNotesEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt My Notes', 'bulletproof-security'); ?></button>
|
| 2042 |
+
<button onclick="bpsMyNotesDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt My Notes', 'bulletproof-security'); ?></button>
|
| 2043 |
|
| 2044 |
</div>
|
| 2045 |
|
| 2103 |
|
| 2104 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-whats_new_table">
|
| 2105 |
<tr>
|
| 2106 |
+
<td class="bps-table_title_no_border">
|
|
|
|
| 2107 |
<h2><?php _e('Whats New in ', 'bulletproof-security'); ?><?php echo $bps_version; _e(' and General Help Info & Tips', 'bulletproof-security'); ?></h2>
|
| 2108 |
</td>
|
| 2109 |
</tr>
|
| 2110 |
<tr>
|
| 2111 |
+
<td class="bps-table_cell_no_border">
|
| 2112 |
+
|
| 2113 |
+
<?php $text = '<h3><strong>'.__('The BPS Changelog|Whats New page has been moved to the ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/forums/topic/bps-changelog/" target="_blank" title="BulletProof Security Forum Changelog|Whats New Forum Topic">BulletProof Security Forum Changelog|Whats New Forum Topic</a></strong></h3>';
|
| 2114 |
+
echo $text;
|
| 2115 |
+
|
| 2116 |
+
$bpsPro_text = '<h3><span class="blue-bold">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'<br><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></span></h3>';
|
| 2117 |
+
echo $bpsPro_text;
|
| 2118 |
+
?>
|
| 2119 |
+
|
| 2120 |
+
</td>
|
| 2121 |
</tr>
|
| 2122 |
<tr>
|
| 2123 |
+
<td class="bps-table_cell_no_border"></td>
|
|
|
|
| 2124 |
</tr>
|
| 2125 |
<tr>
|
| 2126 |
+
<td class="bps-table_cell_no_border"></td>
|
|
|
|
|
|
|
| 2127 |
</tr>
|
| 2128 |
<tr>
|
|
|
|
| 2129 |
<td class="bps-table_cell_no_border"><?php $text = '<h2><strong>'.__('General Help Info & Tips:', 'bulletproof-security').'</strong></h2>'; echo $text; ?></td>
|
| 2130 |
</tr>
|
| 2131 |
<tr>
|
| 2132 |
+
<td class="bps-table_cell_no_border"></td>
|
|
|
|
| 2133 |
</tr>
|
| 2134 |
<tr>
|
| 2135 |
+
<td class="bps-table_cell_no_border" style="font-size:1.13em"><?php $text = __('BPS Video Tutorials|Setup Wizard: ', 'bulletproof-security').'<strong><a href="https://forum.ait-pro.com/video-tutorials/" target="_blank" title="BPS Video Tutorials">BPS Pro Video Tutorials</a></strong><br><br>'; echo $text; ?></td>
|
|
|
|
| 2136 |
</tr>
|
| 2137 |
<tr>
|
| 2138 |
+
<td class="bps-table_cell_no_border"></td>
|
|
|
|
| 2139 |
</tr>
|
| 2140 |
<tr>
|
| 2141 |
+
<td class="bps-table_cell_no_border" style="font-size:1.13em"><?php $text = __('BPS Setup Wizard AutoFix automatically creates whitelist rules for 100+ known issues with plugins and themes: ', 'bulletproof-security').'<strong><a href="https://forum.ait-pro.com/forums/topic/setup-wizard-autofix/" target="_blank" title="Setup Wizard AutoFix">Setup Wizard AutoFix</a></strong><br><br>'.__('All BPS plugin features can be turned Off/On individually to confirm, eliminate or isolate a problem or issue that may or may not be caused by BPS: ', 'bulletproof-security').'<strong><a href="https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-free-general-troubleshooting" target="_blank" title="BPS Troubleshooting Steps">Troubleshooting Steps</a></strong><br><br>'.__('The BPS Security Log is a primary troubleshooting tool. If BPS is blocking something legitimate in another plugin or theme then a Security Log entry will be logged for exactly<br>what is being blocked. A whitelist rule can then be created to allow a plugin or theme to do what it needs to do without being blocked: ', 'bulletproof-security').'<strong><a href="https://forum.ait-pro.com/video-tutorials/#security-log-firewall" target="_blank" title="BPS Security Log Video Tutorial">Security Log Video Tutorial</a></strong><br><br>'.__('BPS Security Forum: ', 'bulletproof-security').'<strong><a href="https://forum.ait-pro.com/forums/forum/bulletproof-security-free/" target="_blank" title="BPS Security Forum">BPS Security Forum</a></strong>'; echo $text; ?></td>
|
|
|
|
| 2142 |
</tr>
|
| 2143 |
<tr>
|
| 2144 |
<td class="bps-table_cell_no_border"> </td>
|
|
|
|
| 2145 |
</tr>
|
| 2146 |
</table>
|
| 2147 |
</div>
|
| 2150 |
|
| 2151 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2152 |
<tr>
|
| 2153 |
+
<td class="bps-table_title"></td>
|
| 2154 |
</tr>
|
| 2155 |
<tr>
|
| 2156 |
<td class="bps-table_cell_help_links">
|
| 2157 |
+
|
| 2158 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 2159 |
<a href="https://www.ait-pro.com/aitpro-blog/2304/wordpress-tips-tricks-fixes/permalinks-wordpress-custom-permalinks-wordpress-best-wordpress-permalinks-structure/" target="_blank"><?php _e('WP Permalinks - Custom Permalink Structure Help Info', 'bulletproof-security'); ?></a><br /><br />
|
| 2160 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 2161 |
<a href="https://www.ait-pro.com/aitpro-blog/2239/bulletproof-security-plugin-support/adding-a-custom-403-forbidden-page-htaccess-403-errordocument-directive-examples/" target="_blank"><?php _e('Adding a Custom 403 Forbidden Page For Your Website', 'bulletproof-security'); ?></a><br /><br />
|
| 2162 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a><br /><br />
|
| 2163 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Custom Code Video Tutorial', 'bulletproof-security'); ?></a>
|
| 2164 |
+
|
| 2165 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 2166 |
+
|
| 2167 |
</td>
|
| 2168 |
</tr>
|
| 2169 |
</table>
|
| 2175 |
|
| 2176 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2177 |
<tr>
|
| 2178 |
+
<td colspan="2" class="bps-table_title"><h2 style="margin:5px 0px 0px 10px"><?php _e('BulletProof Security Pro Feature Highlights', 'bulletproof-security'); ?></h2></td>
|
| 2179 |
</tr>
|
| 2180 |
<tr>
|
| 2181 |
<td width="62%" valign="top" class="bps-table_cell_help">
|
| 2182 |
|
| 2183 |
<div id="bpsProLogo"><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BulletProof Security Pro">
|
| 2184 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/bpspro-plugin-logo.jpg'); ?>" /></a>
|
| 2185 |
</div>
|
| 2186 |
|
| 2187 |
<div id="bpsProText">
|
| 2196 |
<div id="bpsProFeatures">
|
| 2197 |
|
| 2198 |
<?php
|
| 2199 |
+
$text = '<h3><span class="blue-bold">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</span></h3>
|
| 2200 |
+
|
| 2201 |
+
<h3><span class="blue-bold">'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'</span></h3>
|
| 2202 |
+
|
| 2203 |
+
<h3><span class="blue-bold">'.__('The Complete Website Security Solution for Hacker and Spammer Protection', 'bulletproof-security').'</span></h3><h3><span class="blue-bold">'.__('BulletProof Security Pro has an amazing track record. BPS Pro has been publicly available for 10+ years and is installed on over 60,000 websites worldwide. Not a single one of those 60,000+ websites in 10+ years has been hacked.', 'bulletproof-security').'</span></h3><h3><span class="blue-bold">'.__('Why pay 10 times or more for other premium WordPress Security Plugins with recurring yearly subscriptions when you can get the best WordPress Security Plugin for an extremely low one-time purchase price?', 'bulletproof-security').'<br><a href="https://affiliates.ait-pro.com/po/" target="_blank">'.__('View Cost Comparison', 'bulletproof-security').'</a></span></h3><h3><span class="blue-bold">'.__('30-Day Money-Back Guarantee: If you are dissatisfied with BulletProof Security Pro for any reason. We offer a no questions asked full refund.', 'bulletproof-security').'</span></h3>'; echo $text;
|
| 2204 |
?>
|
| 2205 |
|
| 2206 |
<?php echo '<p><span class="blue-bold">'; _e('One-Click Setup Wizard Installation: ', 'bulletproof-security'); echo '</span>'; _e('Fast, simple and complete BPS Pro installation and setup in less than 1 minute.', 'bulletproof-security').'</p>'; ?>
|
| 2223 |
|
| 2224 |
<?php echo '<p><span class="blue-bold">'; _e('DB Status & Info: ', 'bulletproof-security'); echo '</span>'; _e('General DB Info shows commonly checked DB status and info about your WordPress database at a glance. Extensive DB Info shows extensive DB status information using: SHOW PRIVILEGES, SHOW TABLE STATUS|SIZE, SHOW STORAGE ENGINES, SHOW FULL PROCESSLIST, SHOW GLOBAL STATUS, SHOW SESSION STATUS, SHOW GLOBAL VARIABLES and SHOW SESSION VARIABLES.', 'bulletproof-security').'</p>'; ?>
|
| 2225 |
|
| 2226 |
+
<?php echo '<p><span class="blue-bold">'; _e('Display & Alert Options: ', 'bulletproof-security'); echo '</span>'; _e('Centralized Display & Alert Options where you can manage and choose BPS Pro settings for Dashboard Alerts, Dashboard Status Display|Inpage Status Display, Email Alerts, Automated Log file handling, Error checking, etc. Having BPS Pro monitoring, alerting and log file handling options all in one centralized location makes it simple and easy to change all/any BPS Pro settings to your particular preferences.', 'bulletproof-security').'</p>'; ?>
|
| 2227 |
|
| 2228 |
<?php echo '<p><span class="blue-bold">'; _e('Advanced Real-Time Alerting & Heads Up Dashboard Status Display: ', 'bulletproof-security'); echo '</span>'; _e('BPS Pro checks and displays error, warning, notifications and alert messages in real time. You can choose how you want these messages displayed to you with S-Monitor Monitoring & Alerting Options - Display in your WP Dashboard, BPS Pro pages only, Turned off, Email Alerts, Logging...', 'bulletproof-security'); echo '</p>'; ?>
|
| 2229 |
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/bpspro-dashboard-status-display.jpg'); ?>" />
|
| 2242 |
|
| 2243 |
<div class="pro-links">
|
| 2244 |
<?php
|
| 2245 |
+
echo sprintf( __( '<a href="%2$s" target="_blank" title="Link Opens in New Browser Window">Whats New in BPS Pro %1$s</a>' ), '16.1', 'https://www.ait-pro.com/aitpro-blog/5737/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-16-1/' ).'<br>';
|
| 2246 |
echo sprintf( __( '<a href="%2$s" target="_blank" title="Link Opens in New Browser Window">Whats New in BPS Pro %1$s</a>' ), '16', 'https://www.ait-pro.com/aitpro-blog/5733/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-16/' ).'<br>';
|
| 2247 |
echo sprintf( __( '<a href="%2$s" target="_blank" title="Link Opens in New Browser Window">Whats New in BPS Pro %1$s</a>' ), '15.9', 'https://www.ait-pro.com/aitpro-blog/5729/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-15-9/' ).'<br>';
|
| 2248 |
echo sprintf( __( '<a href="%2$s" target="_blank" title="Link Opens in New Browser Window">Whats New in BPS Pro %1$s</a>' ), '15.8', 'https://www.ait-pro.com/aitpro-blog/5718/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-15-8/' ).'<br>';
|
admin/css/bps-blue-ui-theme.css
CHANGED
|
@@ -1,7 +1,7 @@
|
|
| 1 |
/* px to em: 12-.75 * 14-.88 * 16-1 * 18-1.13 * 20-1.25 * 22-1.38 * 24-1.5 * 26-1.63 * 28-1.75 * 30-1.88 * 32-2 * 34-2.13 * 36-2.25 * 38-2.38 */
|
| 2 |
/* BPS Container / Top Level / Theme-wide Stuff */
|
| 3 |
li#toplevel_page_bulletproof-security-admin-options .wp-menu-image, li#toplevel_page_bulletproof-security-admin-login-login .wp-menu-image {position:relative;top:-2px;left:-2px;}
|
| 4 |
-
#bps-container {margin:
|
| 5 |
div.bps-white-background {background-color:#fff;}
|
| 6 |
#bps-container table th {width:200px;background:#fff;}
|
| 7 |
#bps-container div div {font-size:1em;}
|
|
@@ -18,16 +18,16 @@ h1 {font-size:2em;margin:.67em 0;}
|
|
| 18 |
/** BPS plugin header, images, AITpro Link, Star Rating and page Titles **/
|
| 19 |
div.promo-text {font-size:14px!important;font-weight:600;margin-bottom:5px}
|
| 20 |
#bpsHead {position:relative;top:0px;left:0px;}
|
| 21 |
-
#bpsHead img {float:left;padding:0px
|
| 22 |
-
h2.bps-tab-title {margin-left:
|
| 23 |
.bps-star-container {float:right;position:relative;top:-40px;left:0px;margin:0px 0px -40px 0px;font-weight:bold;}
|
| 24 |
.bps-star {}
|
| 25 |
.bps-downloaded {}
|
| 26 |
.bps-star-link {font-size:13px;font-weight:600;}
|
| 27 |
#AITpro-link {padding:0px 0px 5px 10px;background-color:#f1f1f1;font-size:1.13em;font-weight:600}
|
| 28 |
/** Displayed Messages|Alerts **/
|
| 29 |
-
#message.updated {margin-left:
|
| 30 |
-
#message.updated.fade {margin-left:
|
| 31 |
#messageinner .updatedinner {margin-top:20px;width:690px;padding:2px 2px 2px 4px;background-color:#dfecf2;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 32 |
/** Form Text boxes & Select Forms **/
|
| 33 |
#bps-container td label {font-size:13px;font-weight:600;}
|
|
@@ -63,7 +63,7 @@ div#Roles-scroller {max-height:100px;max-width:250px;overflow:auto;margin:0px;}
|
|
| 63 |
#bps-container textarea {background-color:#f4f9ff;resize:both;} /* a little too blue #f2fdfd */
|
| 64 |
#bps-container .bps-text-area-600x700 {font-family:"Courier New", Courier, monospace;font-size:1em;height:600px;width:700px;overflow:auto;}
|
| 65 |
#bps-container .bps-text-area-custom-code {font-family:"Courier New", Courier, monospace;font-size:1em;height:220px;width:580px;overflow:auto;}
|
| 66 |
-
.PFW-Allow-From-Text-Area {width:400px;height:
|
| 67 |
.allow-from-small-text {}
|
| 68 |
/* widefat Tables */
|
| 69 |
.widefat td {border-bottom:1px solid #eee;}
|
|
@@ -91,7 +91,7 @@ div#milestone {font-weight:bold;height:20px;background-color:#CCC;border:1px sol
|
|
| 91 |
.LSSearch-text {width:187px;margin:0px 5px 0px 0px;}
|
| 92 |
#LSMExportButton {float:right;max-width:300px;}
|
| 93 |
#LoginSecurityResetButton {position:relative;bottom:52px;left:115px;margin:0px 0px -30px 0px;max-width:300px;}
|
| 94 |
-
#LoginSecurityDBRowCount {position:relative;left:0px;top:5px;color:#
|
| 95 |
.button.bps-button.lsmreset {margin:6px 0px 0px 8px;}
|
| 96 |
/** Idle Session Logout **/
|
| 97 |
#Idle-Session-Logout {position:relative;top:0px;left:0px;margin:0px 0px 0px 0px;}
|
|
@@ -108,13 +108,13 @@ div#milestone {font-weight:bold;height:20px;background-color:#CCC;border:1px sol
|
|
| 108 |
.bps-backup_restore_table {}
|
| 109 |
.bps-table_cell_bottom {background-color:#fff;padding:0px 0px 0px 10px;border-right:1px solid #cdcdcd;border-left:1px solid #cdcdcd;border-bottom:1px solid #cdcdcd;}
|
| 110 |
.bps-table_cell_perms_blank {background-color:#fff;vertical-align:text-top;border-right:1px solid #cdcdcd;border-left:1px solid #cdcdcd;}
|
| 111 |
-
.bps-help_faq_table {padding:0px 0px 10px 0px;margin
|
| 112 |
#SysInfoBorder {border-top:1px solid #999;}
|
| 113 |
.bps-public-ip {background:#A9F5A0;border:1px solid #addae6;text-align:center;font-weight:900;}
|
| 114 |
.system-info-text {font-size:13px;}
|
| 115 |
.sysinfo-label-text {color:#000;}
|
| 116 |
/* Whats New table */
|
| 117 |
-
.bps-whats_new_table {padding:0px 0px 0px 0px;
|
| 118 |
/** Setup Wizard **/
|
| 119 |
#wizard-steps {background-color:#fff;margin-top:10px;padding:10px;border-top:1px solid black;border-right:1px solid black;border-left:1px solid black;}
|
| 120 |
#wizard-steps h3 {font-size:14px;}
|
|
@@ -146,6 +146,11 @@ span.tooltip-250-120:hover {z-index:10;}
|
|
| 146 |
span.tooltip-250-120 img:hover {z-index:10;}
|
| 147 |
span.tooltip-250-120 span {display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 148 |
span.tooltip-250-120:hover span {width:250px;height:120px;display:block;position:absolute;top:0px;left:30px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 149 |
span.tooltip-350-120 {display:inline-block;position:relative;}
|
| 150 |
span.tooltip-350-120:hover {z-index:10;}
|
| 151 |
span.tooltip-350-120 img:hover {z-index:10;}
|
|
@@ -161,12 +166,27 @@ span.tooltip-350-225:hover {z-index:999;}
|
|
| 161 |
span.tooltip-350-225 img:hover {z-index:999;}
|
| 162 |
span.tooltip-350-225 span {z-index:999;display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 163 |
span.tooltip-350-225:hover span {z-index:999;width:350px;height:225px;display:block;position:absolute;top:-120px;left:30px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 164 |
#MScanSuspectcheckall, #MScanSuspectDBcheckall {max-height:400px;width:100%;overflow:auto;margin:0px 0px 20px 0px;}
|
| 165 |
/** Security Log **/
|
| 166 |
#SecLogCounter {float:right;background-color:#dfecf2;border:1px solid #999;padding:5px;margin:0px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 167 |
div#SecLogCounter div.sec-log-counter-text-title {font-weight:600;color:#000;font-size:16px;padding-bottom:5px;border-bottom:2px solid #999;}
|
| 168 |
span.sec-log-counter-text {font-weight:600;font-size:13px;color:#000;}
|
| 169 |
-
span.sec-log-counter-text-blue {font-weight:600;font-size:13px;color:#
|
| 170 |
#SecurityLogTable {position:relative;top:0px;left:0px;margin:0px 0px 15px -3px;}
|
| 171 |
#SecLogPostLimit {position:relative;top:0px;left:0px;margin:0px 0px 15px 0px;}
|
| 172 |
/** B-Core & BPS htaccess File Editor **/
|
|
@@ -176,7 +196,7 @@ span.sec-log-counter-text-blue {font-weight:600;font-size:13px;color:#2ea2cc;}
|
|
| 176 |
#bps-edittabs {width:700px;position:relative;left:0px;top:0px;}
|
| 177 |
#bps_file_editor {width:690px;}
|
| 178 |
.bps_file_editor_update {background-color:#dfecf2;border:1px solid #999;padding:5px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 179 |
-
.autolock_status {padding:4px 4px 5px 4px;line-height:28px;white-space:nowrap;margin:0px 0px 0px 5px;width:25px;color:#
|
| 180 |
#bpsLockHtaccess {margin:5px;}
|
| 181 |
#bpsUnLockHtaccess {margin:5px;}
|
| 182 |
#bpsAutoLockOn {margin:5px;}
|
|
@@ -185,12 +205,12 @@ span.sec-log-counter-text-blue {font-weight:600;font-size:13px;color:#2ea2cc;}
|
|
| 185 |
#ResetDismissNotices {}
|
| 186 |
#CC-Help-Links {}
|
| 187 |
pre {position:relative;z-index:50;background:#fff url(../images/pre_bg.png) top left repeat;border:1px solid #999;color:#000;display:block;font-family:"Courier New", Courier, monospace;font-size:11px;line-height:14px;width:700px;margin:0px 0px 0px 0px;overflow:auto;max-height:200px;overflow-x:scroll;overflow-y:scroll;padding:5px;}
|
| 188 |
-
.cc-read-me-text {color:#
|
| 189 |
#CC-Import {max-width:324px;border:1px solid black;padding:5px;}
|
| 190 |
#CC-Export {position:relative;top:0px;left:0px;margin:10px 0px 0px 0px;}
|
| 191 |
#CC-Delete {position:relative;top:-30px;left:80px;margin-right:80px;}
|
| 192 |
/** Maintenance Mode **/
|
| 193 |
-
#mmode-caution {font-weight:bold;margin:0px 0px 10px 0px;border:2px solid #000;width:
|
| 194 |
.mmode-tinymce {width:70%;}
|
| 195 |
/** DB Backup **/
|
| 196 |
#DBBJobscheckall {margin:0px 0px 0px -20px;}
|
|
@@ -199,18 +219,25 @@ pre {position:relative;z-index:50;background:#fff url(../images/pre_bg.png) top
|
|
| 199 |
.dbb-text-500 {width:500px;margin:0px 0px 10px 0px;}
|
| 200 |
.table-prefix-changer {width:215px;}
|
| 201 |
/** Buttons **/
|
| 202 |
-
|
|
|
|
|
|
|
| 203 |
/* Form Submit buttons */
|
| 204 |
-
|
| 205 |
-
|
| 206 |
-
|
| 207 |
-
|
| 208 |
-
/*
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 209 |
.bps-dialog-hide {display:none}
|
| 210 |
-
|
| 211 |
-
|
| 212 |
-
|
| 213 |
-
|
| 214 |
/* Messages | message buttons */
|
| 215 |
.bps-message-button a {text-decoration:none;}
|
| 216 |
#message .bps-message-button, #messageinner .bps-message-button {border-color:#bbb;color:#464646;background:#f2f2f2 url(../images/white-grad-active.png) repeat-x scroll left top;color:#fff;font-weight:bold;text-align:center;/* width:100px; *//* text-shadow:rgba(255,255,255,1) 0 1px 0; *//* text-shadow:rgba(0,0,0,0.4) 0 1px 0; */border-width:1px;text-decoration:none;font-size:12px!important;line-height:12px;padding:5px 8px;cursor:pointer;border-width:1px;border-style:solid;-moz-border-radius:11px;-khtml-border-radius:11px;-webkit-border-radius:11px;border-radius:11px;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;-khtml-box-sizing:content-box;box-sizing:content-box;}
|
|
@@ -219,15 +246,16 @@ pre {position:relative;z-index:50;background:#fff url(../images/pre_bg.png) top
|
|
| 219 |
#messageinner {}
|
| 220 |
.updatedinner {width:690px;padding:2px 2px 2px 4px;margin:0px 0px 10px 0px;background-color:#dfecf2;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 221 |
/** BPS Tab Menus **/
|
| 222 |
-
.bps-menu {text-decoration:none;border:1px solid #999;
|
| 223 |
.bps-menu ul {background-image:url(../images/menu-bg.png);background-repeat:none;}
|
| 224 |
.bps-menu ul li {font-size:1.25em;font-weight:600;}
|
| 225 |
.bps-menu ul li a {color:#fff;background-image:url(../images/menu-btn.png);background-repeat:none;}
|
| 226 |
-
.bps-menu ul li a:hover {color:#000;background-image:url(../images/
|
| 227 |
-
.bps-menu ul li a:active {color:#fff;background-image:url(../images/
|
| 228 |
/** BPS jQuery UI Tabs - page background color **/
|
| 229 |
.bps-tab-page {}
|
| 230 |
-
|
|
|
|
| 231 |
/* Links */
|
| 232 |
.bps-table_cell_help_links a:link {font-size:1.13em;font-weight:600;}
|
| 233 |
.bps-table_cell_help_links a:active {font-size:1.13em;font-weight:600;}
|
|
@@ -236,7 +264,7 @@ pre {position:relative;z-index:50;background:#fff url(../images/pre_bg.png) top
|
|
| 236 |
/* Table cells */
|
| 237 |
.bps-table_cell {background:#fff;vertical-align:text-top;padding:15px 10px 0px 10px;}
|
| 238 |
.bps-table_cell_status {font-weight:bold;background:#fff;vertical-align:text-top;padding:10px 0px 10px 10px;border-right:1px solid black;border-left:1px solid black;}
|
| 239 |
-
.bps-table_title {
|
| 240 |
.bps-table_title h2 {margin-top:-5px}
|
| 241 |
.bps-table_title_no_border {background:#fff;font-size:12px;font-weight:900;padding:5px 0px 5px 5px;}
|
| 242 |
.bps-table_cell_no_border {background:#fff;vertical-align:text-top;padding:0px 5px 0px 5px;}
|
|
@@ -245,7 +273,7 @@ pre {position:relative;z-index:50;background:#fff url(../images/pre_bg.png) top
|
|
| 245 |
.bps-table_cell_perms_bottom {border-right:1px solid black;border-left:1px solid black;border-bottom:1px solid black;background-image:url(../images/table_title_bg.png);background-repeat: repeat-x;}
|
| 246 |
.bps-table_cell_file_checks {background-color:#fff;vertical-align:text-top;padding:5px 0px 0px 5px;border-right:1px solid black;border-left:1px solid black;}
|
| 247 |
#bps_tools_help_table td {}
|
| 248 |
-
.bps-table_cell_help {background-color:#fff;font-size:1em;padding:
|
| 249 |
.bps-table_cell_help_links {background-color:#fff;font-size:1em;padding:15px 10px 0px 10px;}
|
| 250 |
.bps-table_cell_help_custom_code {vertical-align:top;background-color:#fff;font-size:1em;padding:15px 10px 0px 10px;}
|
| 251 |
.bps-table_cell_help_no_left_border {background-color:#fff;font-size:1em;border-right:1px solid black;border-left: none;padding:15px 10px 0px 10px;}
|
|
@@ -256,14 +284,12 @@ pre {position:relative;z-index:50;background:#fff url(../images/pre_bg.png) top
|
|
| 256 |
.bps_pro_activate_text_field {font-size:1em;font-style:italic;font-weight:700;padding:5px 0px 0px 5px;}
|
| 257 |
.bps-table_cell_activation_details {vertical-align:text-top;padding:0px 0px 0px 5px;border-right:1px solid black;border-left:1px solid black;}
|
| 258 |
.bps_pro_modules_info {background-color:#fff;vertical-align:text-top;padding:5px 0px 5px 5px;}
|
| 259 |
-
/** jQuery UI Interaction States in jquery.ui.theme
|
| 260 |
-
Note: This filter: style_loader_tag should stop Roque scripts from breaking BPS. This is an additional protective measure
|
| 261 |
-
against Roque plugin and theme scripts loading in BPS plugn pages and breaking things visually. **/
|
| 262 |
.ui-state-default.bps-menu, .ui-widget-content.bps-menu .ui-state-default, .ui-widget-header.bps-menu .ui-state-default {font-size:14px;border-left:1px solid #999999;border-right:1px solid #999999;border-bottom:1px solid #999999;padding:0px 10px 5px 10px;}
|
| 263 |
.ui-state-default.bps-menu a, .ui-state-default.bps-menu a:link, .ui-state-default.bps-menu a:visited {color:#fff;background-image:url(../images/menu-btn.png);background-repeat:none;}
|
| 264 |
.ui-state-hover.bps-menu, .ui-widget-content.bps-menu .ui-state-hover, .ui-widget-header.bps-menu .ui-state-hover, .ui-state-focus.bps-menu, .ui-widget-content.bps-menu .ui-state-focus, .ui-widget-header.bps-menu .ui-state-focus {font-size:14px;border-left:1px solid #999999;border-right:1px solid #999999;border-bottom:1px solid #999999;padding:0px 10px 5px 10px;}
|
| 265 |
-
.ui-state-hover.bps-menu a, .ui-state-hover a:hover {font-size:14px;color:#000;background-image:url(../images/
|
| 266 |
-
.ui-state-active a, .ui-state-active a:link, .ui-state-active a:visited {color:#000;background-image:url(../images/
|
| 267 |
/* BPS jQuery UI Accordion button background image hover and active states */
|
| 268 |
.ui-state-active, .ui-state-hover, .ui-widget-content .ui-state-active, .ui-widget-content .ui-state-hover, .ui-widget-header .ui-state-active, .ui-widget-header .ui-state-hover {color:#000;background-image:url(../images/accordion-btn-over.png);background-repeat:none;}
|
| 269 |
/** jQuery UI Core defaults **/
|
|
@@ -307,7 +333,7 @@ against Roque plugin and theme scripts loading in BPS plugn pages and breaking t
|
|
| 307 |
#mmode-accordion-inner {margin:0px -15px 0px -15px;}
|
| 308 |
#dbb-accordion-inner {margin:0px -20px 0px 0px;}
|
| 309 |
#dbb-accordion-inner #dbb-special {margin:0px 0px 0px -20px;}
|
| 310 |
-
/* jQuery UI Dialog
|
| 311 |
.bps-readme-table {background:#fff;vertical-align:text-top;margin:8px 0px 10px 0px;}
|
| 312 |
.bps-readme-table-td {padding:5px;}
|
| 313 |
.wp-dialog.bps-dialog .ui-resizable{position:relative;}
|
|
@@ -321,13 +347,14 @@ against Roque plugin and theme scripts loading in BPS plugn pages and breaking t
|
|
| 321 |
.wp-dialog.bps-dialog .ui-resizable-sw{cursor:sw-resize;width:9px;height:9px;left:-5px;bottom:-5px;}
|
| 322 |
.wp-dialog.bps-dialog .ui-resizable-nw{cursor:nw-resize;width:9px;height:9px;left:-5px;top:-5px;}
|
| 323 |
.wp-dialog.bps-dialog .ui-resizable-ne{cursor:ne-resize;width:9px;height:9px;right:-5px;top:-5px;}
|
| 324 |
-
/* jQuery UI Dialog
|
| 325 |
.wp-dialog.bps-dialog{z-index:999;position:absolute;width:300px;overflow:hidden;}
|
| 326 |
.wp-dialog.bps-dialog .ui-dialog-titlebar{position:relative;}
|
| 327 |
.wp-dialog.bps-dialog .ui-dialog-titlebar-close span {z-index:999;display:block;margin:1px;}
|
| 328 |
.wp-dialog.bps-dialog .ui-dialog-content {z-index:999;position:relative;border:0;padding:0px 10px 0px 10px;background:none;overflow:auto;zoom:1;}
|
| 329 |
-
/* bottom pane */
|
| 330 |
-
.wp-dialog.bps-dialog .ui-dialog-buttonpane {z-index:999;text-align:left;border-width:1px 0 0 0;background:url('../images/
|
|
|
|
| 331 |
.wp-dialog.bps-dialog .ui-dialog-buttonpane .ui-dialog-buttonset{float:right;}
|
| 332 |
.wp-dialog.bps-dialog .ui-dialog-buttonpane button{margin:.4em .5em .5em 0;cursor:pointer;}
|
| 333 |
.wp-dialog.bps-dialog .ui-resizable-se{width:20px;height:20px;right:0px;bottom:0px;}
|
|
@@ -335,15 +362,14 @@ against Roque plugin and theme scripts loading in BPS plugn pages and breaking t
|
|
| 335 |
.wp-dialog.bps-dialog{border:1px solid #999;-moz-box-shadow:0 0 16px rgba(0,0,0,0.3);-webkit-box-shadow:0 0 16px rgba(0,0,0,0.3);box-shadow:0 0 16px rgba(0,0,0,0.3);}
|
| 336 |
.wp-dialog.bps-dialog .ui-dialog-titlebar-close .ui-button-text {visibility:hidden;}/* important - this hides the duplicate close button */
|
| 337 |
.wp-dialog.bps-dialog .ui-button-text {font-size:11px; font-weight:bold;}
|
| 338 |
-
.wp-dialog.bps-dialog .ui-button {z-index:999;background:url('../images/close-button.png') no-repeat -3px -3px;}
|
| 339 |
/* this is the top pane */
|
| 340 |
.wp-dialog.bps-dialog .ui-dialog-title {z-index:999;display:block;margin-top:0px;text-align:center;padding:7px 0px 0px 0px;}
|
| 341 |
-
.wp-dialog.bps-dialog .ui-dialog-titlebar {z-index:999;padding:0 1em
|
| 342 |
.wp-dialog.bps-dialog{-moz-border-radius-topleft:4px;-webkit-border-top-left-radius:4px;-khtml-border-top-left-radius:4px;border-top-left-radius:4px;-moz-border-radius-topright:4px;-webkit-border-top-right-radius:4px;-khtml-border-top-right-radius:4px;border-top-right-radius:4px;}
|
| 343 |
.wp-dialog.bps-dialog .ui-dialog-titlebar{-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;}
|
| 344 |
/* this is the top right corner X button , .wp-dialog .ui-dialog-titlebar-close .ui-button-text */
|
| 345 |
-
.wp-dialog.bps-dialog .ui-dialog-titlebar-close {z-index:999;position:absolute;width:29px;height:16px;top:
|
| 346 |
-
.wp-dialog.bps-dialog .ui-dialog-titlebar-close:hover,.wp-dialog.bps-dialog .ui-dialog-titlebar-close:focus{background-position:-88px -
|
| 347 |
|
| 348 |
/** CSS3 Media Queries **/
|
| 349 |
@-ms-viewport {width:device-width;}
|
|
@@ -386,7 +412,7 @@ td.bps-table_cell_help_custom_code pre {width:95%;}
|
|
| 386 |
select.form-220 {width:90%;}
|
| 387 |
#LoginSecuritySearch {float:right;position:relative;bottom:35px;left:20px;margin:0px 20px 0px 0px;}
|
| 388 |
#LSMExportButton {margin-bottom:-50px}
|
| 389 |
-
#LoginSecurityDBRowCount {position:relative;left:0px;bottom:5px;color:#
|
| 390 |
#LoginSecurityResetButton {position:relative;bottom:10px;left:0px;margin:0px 0px 0px 0px;max-width:300px;}
|
| 391 |
#LoginSecurityDBRowCount {float:left;position:relative;left:0px;bottom:20px;height:20px;}
|
| 392 |
.button.bps-button.lsmreset {margin:0px 0px 0px 0px;}
|
|
@@ -469,7 +495,7 @@ td.bps-table_cell_help_custom_code pre {width:95%;}
|
|
| 469 |
#LoginSecurityCheckall .widefat thead tr th {width:100%;text-align:left;white-space:normal;font-weight:bold;}
|
| 470 |
#LoginSecurityCheckall .widefat tbody tr th {width:100%;}
|
| 471 |
#LoginSecurityCheckall .widefat tbody tr td {width:100%;}
|
| 472 |
-
#LoginSecurityDBRowCount {position:relative;left:0px;bottom:5px;color:#
|
| 473 |
#LoginSecurityResetButton {position:relative;bottom:10px;left:0px;margin:0px 0px 0px 0px;max-width:300px;}
|
| 474 |
#LoginSecurityDBRowCount {float:left;position:relative;left:0px;bottom:20px;height:20px;}
|
| 475 |
.button.bps-button.lsmreset {margin:0px 0px 0px 0px;}
|
| 1 |
/* px to em: 12-.75 * 14-.88 * 16-1 * 18-1.13 * 20-1.25 * 22-1.38 * 24-1.5 * 26-1.63 * 28-1.75 * 30-1.88 * 32-2 * 34-2.13 * 36-2.25 * 38-2.38 */
|
| 2 |
/* BPS Container / Top Level / Theme-wide Stuff */
|
| 3 |
li#toplevel_page_bulletproof-security-admin-options .wp-menu-image, li#toplevel_page_bulletproof-security-admin-login-login .wp-menu-image {position:relative;top:-2px;left:-2px;}
|
| 4 |
+
#bps-container {margin:10px 20px 5px 0px;font-size:12px;}
|
| 5 |
div.bps-white-background {background-color:#fff;}
|
| 6 |
#bps-container table th {width:200px;background:#fff;}
|
| 7 |
#bps-container div div {font-size:1em;}
|
| 18 |
/** BPS plugin header, images, AITpro Link, Star Rating and page Titles **/
|
| 19 |
div.promo-text {font-size:14px!important;font-weight:600;margin-bottom:5px}
|
| 20 |
#bpsHead {position:relative;top:0px;left:0px;}
|
| 21 |
+
#bpsHead img {float:left;padding:0px;margin:-70px 0px 0px 0px;-moz-box-shadow:3px 3px 3px #888888;-webkit-box-shadow:3px 3px 3px #888888;box-shadow:3px 3px 3px #888888;}
|
| 22 |
+
h2.bps-tab-title {margin-left:205px;}
|
| 23 |
.bps-star-container {float:right;position:relative;top:-40px;left:0px;margin:0px 0px -40px 0px;font-weight:bold;}
|
| 24 |
.bps-star {}
|
| 25 |
.bps-downloaded {}
|
| 26 |
.bps-star-link {font-size:13px;font-weight:600;}
|
| 27 |
#AITpro-link {padding:0px 0px 5px 10px;background-color:#f1f1f1;font-size:1.13em;font-weight:600}
|
| 28 |
/** Displayed Messages|Alerts **/
|
| 29 |
+
#message.updated {margin-left:205px;}
|
| 30 |
+
#message.updated.fade {margin-left:205px;}
|
| 31 |
#messageinner .updatedinner {margin-top:20px;width:690px;padding:2px 2px 2px 4px;background-color:#dfecf2;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 32 |
/** Form Text boxes & Select Forms **/
|
| 33 |
#bps-container td label {font-size:13px;font-weight:600;}
|
| 63 |
#bps-container textarea {background-color:#f4f9ff;resize:both;} /* a little too blue #f2fdfd */
|
| 64 |
#bps-container .bps-text-area-600x700 {font-family:"Courier New", Courier, monospace;font-size:1em;height:600px;width:700px;overflow:auto;}
|
| 65 |
#bps-container .bps-text-area-custom-code {font-family:"Courier New", Courier, monospace;font-size:1em;height:220px;width:580px;overflow:auto;}
|
| 66 |
+
.PFW-Allow-From-Text-Area {width:400px;height:98px;margin-top:5px;}
|
| 67 |
.allow-from-small-text {}
|
| 68 |
/* widefat Tables */
|
| 69 |
.widefat td {border-bottom:1px solid #eee;}
|
| 91 |
.LSSearch-text {width:187px;margin:0px 5px 0px 0px;}
|
| 92 |
#LSMExportButton {float:right;max-width:300px;}
|
| 93 |
#LoginSecurityResetButton {position:relative;bottom:52px;left:115px;margin:0px 0px -30px 0px;max-width:300px;}
|
| 94 |
+
#LoginSecurityDBRowCount {position:relative;left:0px;top:5px;color:#2271b1;font-weight:bold;font-size:14px;max-width:400px}
|
| 95 |
.button.bps-button.lsmreset {margin:6px 0px 0px 8px;}
|
| 96 |
/** Idle Session Logout **/
|
| 97 |
#Idle-Session-Logout {position:relative;top:0px;left:0px;margin:0px 0px 0px 0px;}
|
| 108 |
.bps-backup_restore_table {}
|
| 109 |
.bps-table_cell_bottom {background-color:#fff;padding:0px 0px 0px 10px;border-right:1px solid #cdcdcd;border-left:1px solid #cdcdcd;border-bottom:1px solid #cdcdcd;}
|
| 110 |
.bps-table_cell_perms_blank {background-color:#fff;vertical-align:text-top;border-right:1px solid #cdcdcd;border-left:1px solid #cdcdcd;}
|
| 111 |
+
.bps-help_faq_table {padding:0px 0px 10px 0px;margin:0px;border:none;background:#fff}
|
| 112 |
#SysInfoBorder {border-top:1px solid #999;}
|
| 113 |
.bps-public-ip {background:#A9F5A0;border:1px solid #addae6;text-align:center;font-weight:900;}
|
| 114 |
.system-info-text {font-size:13px;}
|
| 115 |
.sysinfo-label-text {color:#000;}
|
| 116 |
/* Whats New table */
|
| 117 |
+
.bps-whats_new_table {padding:0px 0px 0px 0px;margin-bottom:5px;}
|
| 118 |
/** Setup Wizard **/
|
| 119 |
#wizard-steps {background-color:#fff;margin-top:10px;padding:10px;border-top:1px solid black;border-right:1px solid black;border-left:1px solid black;}
|
| 120 |
#wizard-steps h3 {font-size:14px;}
|
| 146 |
span.tooltip-250-120 img:hover {z-index:10;}
|
| 147 |
span.tooltip-250-120 span {display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 148 |
span.tooltip-250-120:hover span {width:250px;height:120px;display:block;position:absolute;top:0px;left:30px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 149 |
+
span.tooltip-275-120 {display:inline-block;position:relative;}
|
| 150 |
+
span.tooltip-275-120:hover {z-index:10;}
|
| 151 |
+
span.tooltip-275-120 img:hover {z-index:10;}
|
| 152 |
+
span.tooltip-275-120 span {display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 153 |
+
span.tooltip-275-120:hover span {width:275px;height:120px;display:block;position:absolute;top:0px;left:30px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 154 |
span.tooltip-350-120 {display:inline-block;position:relative;}
|
| 155 |
span.tooltip-350-120:hover {z-index:10;}
|
| 156 |
span.tooltip-350-120 img:hover {z-index:10;}
|
| 166 |
span.tooltip-350-225 img:hover {z-index:999;}
|
| 167 |
span.tooltip-350-225 span {z-index:999;display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 168 |
span.tooltip-350-225:hover span {z-index:999;width:350px;height:225px;display:block;position:absolute;top:-120px;left:30px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 169 |
+
span.tooltip-350-250 {display:inline-block;position:relative;}
|
| 170 |
+
span.tooltip-350-250:hover {z-index:999;}
|
| 171 |
+
span.tooltip-350-250 img:hover {z-index:999;}
|
| 172 |
+
span.tooltip-350-250 span {z-index:999;display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 173 |
+
span.tooltip-350-250:hover span {z-index:999;width:350px;height:250px;display:block;position:absolute;top:-120px;left:30px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 174 |
+
span.tooltip-350-250-left {display:inline-block;position:relative;}
|
| 175 |
+
span.tooltip-350-250-left:hover {z-index:999;}
|
| 176 |
+
span.tooltip-350-250-left img:hover {z-index:999;}
|
| 177 |
+
span.tooltip-350-250-left span {z-index:999;display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 178 |
+
span.tooltip-350-250-left:hover span {z-index:999;width:350px;height:250px;display:block;position:absolute;bottom:20px;left:-200px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 179 |
+
span.tooltip-575-270 {display:inline-block;position:relative;}
|
| 180 |
+
span.tooltip-575-270:hover {z-index:999;}
|
| 181 |
+
span.tooltip-575-270 img:hover {z-index:999;}
|
| 182 |
+
span.tooltip-575-270 span {z-index:999;display:none;position:absolute;bottom:0;left:0;right:0;}
|
| 183 |
+
span.tooltip-575-270:hover span {z-index:999;width:575px;height:270px;display:block;position:absolute;top:20px;left:0px;right:0;color:#000;background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow:3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 184 |
#MScanSuspectcheckall, #MScanSuspectDBcheckall {max-height:400px;width:100%;overflow:auto;margin:0px 0px 20px 0px;}
|
| 185 |
/** Security Log **/
|
| 186 |
#SecLogCounter {float:right;background-color:#dfecf2;border:1px solid #999;padding:5px;margin:0px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 187 |
div#SecLogCounter div.sec-log-counter-text-title {font-weight:600;color:#000;font-size:16px;padding-bottom:5px;border-bottom:2px solid #999;}
|
| 188 |
span.sec-log-counter-text {font-weight:600;font-size:13px;color:#000;}
|
| 189 |
+
span.sec-log-counter-text-blue {font-weight:600;font-size:13px;color:#2271b1;}
|
| 190 |
#SecurityLogTable {position:relative;top:0px;left:0px;margin:0px 0px 15px -3px;}
|
| 191 |
#SecLogPostLimit {position:relative;top:0px;left:0px;margin:0px 0px 15px 0px;}
|
| 192 |
/** B-Core & BPS htaccess File Editor **/
|
| 196 |
#bps-edittabs {width:700px;position:relative;left:0px;top:0px;}
|
| 197 |
#bps_file_editor {width:690px;}
|
| 198 |
.bps_file_editor_update {background-color:#dfecf2;border:1px solid #999;padding:5px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 199 |
+
.autolock_status {padding:4px 4px 5px 4px;line-height:28px;white-space:nowrap;margin:0px 0px 0px 5px;width:25px;color:#2271b1;border:1px solid #999;background-color:#222;text-align:center;}
|
| 200 |
#bpsLockHtaccess {margin:5px;}
|
| 201 |
#bpsUnLockHtaccess {margin:5px;}
|
| 202 |
#bpsAutoLockOn {margin:5px;}
|
| 205 |
#ResetDismissNotices {}
|
| 206 |
#CC-Help-Links {}
|
| 207 |
pre {position:relative;z-index:50;background:#fff url(../images/pre_bg.png) top left repeat;border:1px solid #999;color:#000;display:block;font-family:"Courier New", Courier, monospace;font-size:11px;line-height:14px;width:700px;margin:0px 0px 0px 0px;overflow:auto;max-height:200px;overflow-x:scroll;overflow-y:scroll;padding:5px;}
|
| 208 |
+
.cc-read-me-text {color:#2271b1;}
|
| 209 |
#CC-Import {max-width:324px;border:1px solid black;padding:5px;}
|
| 210 |
#CC-Export {position:relative;top:0px;left:0px;margin:10px 0px 0px 0px;}
|
| 211 |
#CC-Delete {position:relative;top:-30px;left:80px;margin-right:80px;}
|
| 212 |
/** Maintenance Mode **/
|
| 213 |
+
#mmode-caution {font-weight:bold;margin:0px 0px 10px 0px;border:2px solid #000;width:330px;padding:5px;background-color:#dfecf2;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 214 |
.mmode-tinymce {width:70%;}
|
| 215 |
/** DB Backup **/
|
| 216 |
#DBBJobscheckall {margin:0px 0px 0px -20px;}
|
| 219 |
.dbb-text-500 {width:500px;margin:0px 0px 10px 0px;}
|
| 220 |
.table-prefix-changer {width:215px;}
|
| 221 |
/** Buttons **/
|
| 222 |
+
input.button.bps-button {height:28px;}
|
| 223 |
+
.button.bps-modal-button{min-height:20px;}
|
| 224 |
+
.button.bps-encrypt-button, .button.bps-decrypt-button{min-height:28px;}
|
| 225 |
/* Form Submit buttons */
|
| 226 |
+
input.button.bps-button {background:#3c86bd;border-color:#037c9a;color:white;-webkit-box-shadow: inset 0 1px 0 #22cffb, 0 1px 0 rgba(0, 0, 0, 0.15);box-shadow:inset 0 1px 0 #22cffb, 0 1px 0 rgba(0, 0, 0, 0.15);}
|
| 227 |
+
input.button.bps-button:hover {background:#05b5e1;border-color:#036881;color:white;-webkit-box-shadow:inset 0 1px 0 #09cafa;box-shadow:inset 0 1px 0 #09cafa;}
|
| 228 |
+
input.button.bps-button:focus {-webkit-box-shadow:inset 0 1px 0 #09cafa, 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:inset 0 1px 0 #09cafa, 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);}
|
| 229 |
+
input.button.bps-button:active {background:#037c9a;border-color:#036881;color:white;-webkit-box-shadow:inset 0 2px 5px -3px rgba(0, 0, 0, 0.5), 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:inset 0 2px 5px -3px rgba(0, 0, 0, 0.5), 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);}
|
| 230 |
+
/* Encrypt|Decrypt buttons */
|
| 231 |
+
.button.bps-encrypt-button, .button.bps-decrypt-button {background:#3c86bd;border-color:#037c9a;color:white;-webkit-box-shadow: inset 0 1px 0 #22cffb, 0 1px 0 rgba(0, 0, 0, 0.15);box-shadow:inset 0 1px 0 #22cffb, 0 1px 0 rgba(0, 0, 0, 0.15);}
|
| 232 |
+
.button.bps-encrypt-button:hover, .button.bps-decrypt-button:hover {background:#05b5e1;border-color:#036881;color:white;-webkit-box-shadow:inset 0 1px 0 #09cafa;box-shadow:inset 0 1px 0 #09cafa;}
|
| 233 |
+
.button.bps-encrypt-button:focus, .button.bps-decrypt-button:focus {-webkit-box-shadow:inset 0 1px 0 #09cafa, 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:inset 0 1px 0 #09cafa, 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);}
|
| 234 |
+
.button.bps-encrypt-button:active, .button.bps-decrypt-button:active {background:#037c9a;border-color:#036881;color:white;-webkit-box-shadow:inset 0 2px 5px -3px rgba(0, 0, 0, 0.5), 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:inset 0 2px 5px -3px rgba(0, 0, 0, 0.5), 0 0 0 1px #5b9dd9, 0 0 2px 1px rgba(30, 140, 190, 0.8);}
|
| 235 |
+
/* Question Mark Dialog buttons */
|
| 236 |
.bps-dialog-hide {display:none}
|
| 237 |
+
.button.bps-modal-button{width:20px;height:20px;border:none;background:none}
|
| 238 |
+
.button.bps-modal-button:hover {width:20px;height:20px;border:none;background:none}
|
| 239 |
+
.button.bps-modal-button:focus {width:20px;height:20px;border:none;background:none}
|
| 240 |
+
.button.bps-modal-button:active {width:20px;height:20px;border:none;background:none}
|
| 241 |
/* Messages | message buttons */
|
| 242 |
.bps-message-button a {text-decoration:none;}
|
| 243 |
#message .bps-message-button, #messageinner .bps-message-button {border-color:#bbb;color:#464646;background:#f2f2f2 url(../images/white-grad-active.png) repeat-x scroll left top;color:#fff;font-weight:bold;text-align:center;/* width:100px; *//* text-shadow:rgba(255,255,255,1) 0 1px 0; *//* text-shadow:rgba(0,0,0,0.4) 0 1px 0; */border-width:1px;text-decoration:none;font-size:12px!important;line-height:12px;padding:5px 8px;cursor:pointer;border-width:1px;border-style:solid;-moz-border-radius:11px;-khtml-border-radius:11px;-webkit-border-radius:11px;border-radius:11px;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;-khtml-box-sizing:content-box;box-sizing:content-box;}
|
| 246 |
#messageinner {}
|
| 247 |
.updatedinner {width:690px;padding:2px 2px 2px 4px;margin:0px 0px 10px 0px;background-color:#dfecf2;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);}
|
| 248 |
/** BPS Tab Menus **/
|
| 249 |
+
.bps-menu {text-decoration:none;} /* border:1px solid #999; */
|
| 250 |
.bps-menu ul {background-image:url(../images/menu-bg.png);background-repeat:none;}
|
| 251 |
.bps-menu ul li {font-size:1.25em;font-weight:600;}
|
| 252 |
.bps-menu ul li a {color:#fff;background-image:url(../images/menu-btn.png);background-repeat:none;}
|
| 253 |
+
.bps-menu ul li a:hover {color:#000;background-image:url(../images/accordion-btn-over.png);background-repeat:none;}
|
| 254 |
+
.bps-menu ul li a:active {color:#fff;background-image:url(../images/accordion-btn-over.png);background-repeat:none;}
|
| 255 |
/** BPS jQuery UI Tabs - page background color **/
|
| 256 |
.bps-tab-page {}
|
| 257 |
+
.ui-tabs-hide {display:none;}
|
| 258 |
+
#bps-tabs-1, #bps-tabs-2, #bps-tabs-3, #bps-tabs-4, #bps-tabs-5, #bps-tabs-6, #bps-tabs-7, #bps-tabs-8, #bps-tabs-9, #bps-tabs-10, #bps-tabs-11, #bps-tabs-12, #bps-tabs-13, #bps-tabs-14, #bps-tabs-15, #bps-tabs-16, #bps-tabs-17, #bps-tabs-18, #bps-tabs-19, #bps-tabs-20 {padding:0px 10px 5px 10px;background-color:#fff;border-left:1px solid #cdcdcd;border-right:1px solid #cdcdcd;border-bottom:1px solid #cdcdcd}
|
| 259 |
/* Links */
|
| 260 |
.bps-table_cell_help_links a:link {font-size:1.13em;font-weight:600;}
|
| 261 |
.bps-table_cell_help_links a:active {font-size:1.13em;font-weight:600;}
|
| 264 |
/* Table cells */
|
| 265 |
.bps-table_cell {background:#fff;vertical-align:text-top;padding:15px 10px 0px 10px;}
|
| 266 |
.bps-table_cell_status {font-weight:bold;background:#fff;vertical-align:text-top;padding:10px 0px 10px 10px;border-right:1px solid black;border-left:1px solid black;}
|
| 267 |
+
.bps-table_title {}
|
| 268 |
.bps-table_title h2 {margin-top:-5px}
|
| 269 |
.bps-table_title_no_border {background:#fff;font-size:12px;font-weight:900;padding:5px 0px 5px 5px;}
|
| 270 |
.bps-table_cell_no_border {background:#fff;vertical-align:text-top;padding:0px 5px 0px 5px;}
|
| 273 |
.bps-table_cell_perms_bottom {border-right:1px solid black;border-left:1px solid black;border-bottom:1px solid black;background-image:url(../images/table_title_bg.png);background-repeat: repeat-x;}
|
| 274 |
.bps-table_cell_file_checks {background-color:#fff;vertical-align:text-top;padding:5px 0px 0px 5px;border-right:1px solid black;border-left:1px solid black;}
|
| 275 |
#bps_tools_help_table td {}
|
| 276 |
+
.bps-table_cell_help {background-color:#fff;font-size:1em;padding:20px 10px 0px 10px;}
|
| 277 |
.bps-table_cell_help_links {background-color:#fff;font-size:1em;padding:15px 10px 0px 10px;}
|
| 278 |
.bps-table_cell_help_custom_code {vertical-align:top;background-color:#fff;font-size:1em;padding:15px 10px 0px 10px;}
|
| 279 |
.bps-table_cell_help_no_left_border {background-color:#fff;font-size:1em;border-right:1px solid black;border-left: none;padding:15px 10px 0px 10px;}
|
| 284 |
.bps_pro_activate_text_field {font-size:1em;font-style:italic;font-weight:700;padding:5px 0px 0px 5px;}
|
| 285 |
.bps-table_cell_activation_details {vertical-align:text-top;padding:0px 0px 0px 5px;border-right:1px solid black;border-left:1px solid black;}
|
| 286 |
.bps_pro_modules_info {background-color:#fff;vertical-align:text-top;padding:5px 0px 5px 5px;}
|
| 287 |
+
/** jQuery UI Interaction States in jquery.ui.theme **/
|
|
|
|
|
|
|
| 288 |
.ui-state-default.bps-menu, .ui-widget-content.bps-menu .ui-state-default, .ui-widget-header.bps-menu .ui-state-default {font-size:14px;border-left:1px solid #999999;border-right:1px solid #999999;border-bottom:1px solid #999999;padding:0px 10px 5px 10px;}
|
| 289 |
.ui-state-default.bps-menu a, .ui-state-default.bps-menu a:link, .ui-state-default.bps-menu a:visited {color:#fff;background-image:url(../images/menu-btn.png);background-repeat:none;}
|
| 290 |
.ui-state-hover.bps-menu, .ui-widget-content.bps-menu .ui-state-hover, .ui-widget-header.bps-menu .ui-state-hover, .ui-state-focus.bps-menu, .ui-widget-content.bps-menu .ui-state-focus, .ui-widget-header.bps-menu .ui-state-focus {font-size:14px;border-left:1px solid #999999;border-right:1px solid #999999;border-bottom:1px solid #999999;padding:0px 10px 5px 10px;}
|
| 291 |
+
.ui-state-hover.bps-menu a, .ui-state-hover a:hover {font-size:14px;color:#000;background-image:url(../images/accordion-btn-over.png);background-repeat:none;}
|
| 292 |
+
.ui-state-active a, .ui-state-active a:link, .ui-state-active a:visited {color:#000;background-image:url(../images/accordion-btn-over.png);background-repeat:none;}
|
| 293 |
/* BPS jQuery UI Accordion button background image hover and active states */
|
| 294 |
.ui-state-active, .ui-state-hover, .ui-widget-content .ui-state-active, .ui-widget-content .ui-state-hover, .ui-widget-header .ui-state-active, .ui-widget-header .ui-state-hover {color:#000;background-image:url(../images/accordion-btn-over.png);background-repeat:none;}
|
| 295 |
/** jQuery UI Core defaults **/
|
| 333 |
#mmode-accordion-inner {margin:0px -15px 0px -15px;}
|
| 334 |
#dbb-accordion-inner {margin:0px -20px 0px 0px;}
|
| 335 |
#dbb-accordion-inner #dbb-special {margin:0px 0px 0px -20px;}
|
| 336 |
+
/* jQuery UI Dialog Question Mark buttons */
|
| 337 |
.bps-readme-table {background:#fff;vertical-align:text-top;margin:8px 0px 10px 0px;}
|
| 338 |
.bps-readme-table-td {padding:5px;}
|
| 339 |
.wp-dialog.bps-dialog .ui-resizable{position:relative;}
|
| 347 |
.wp-dialog.bps-dialog .ui-resizable-sw{cursor:sw-resize;width:9px;height:9px;left:-5px;bottom:-5px;}
|
| 348 |
.wp-dialog.bps-dialog .ui-resizable-nw{cursor:nw-resize;width:9px;height:9px;left:-5px;top:-5px;}
|
| 349 |
.wp-dialog.bps-dialog .ui-resizable-ne{cursor:ne-resize;width:9px;height:9px;right:-5px;top:-5px;}
|
| 350 |
+
/* jQuery UI Dialog Question Mark buttons customizations */
|
| 351 |
.wp-dialog.bps-dialog{z-index:999;position:absolute;width:300px;overflow:hidden;}
|
| 352 |
.wp-dialog.bps-dialog .ui-dialog-titlebar{position:relative;}
|
| 353 |
.wp-dialog.bps-dialog .ui-dialog-titlebar-close span {z-index:999;display:block;margin:1px;}
|
| 354 |
.wp-dialog.bps-dialog .ui-dialog-content {z-index:999;position:relative;border:0;padding:0px 10px 0px 10px;background:none;overflow:auto;zoom:1;}
|
| 355 |
+
/* Dialog window bottom pane */
|
| 356 |
+
.wp-dialog.bps-dialog .ui-dialog-buttonpane {z-index:999;text-align:left;border-width:1px 0 0 0;background:url('../images/table_title_40_bg.png') repeat;height:40px;margin:0px;padding:0px;}
|
| 357 |
+
.wp-dialog.bps-dialog .ui-button {z-index:999;display:inline-block;text-decoration:none;font-size:13px;line-height:2;height:28px;margin:0;padding:0 10px 1px;cursor:pointer;border-width:1px;border-style: solid;-webkit-appearance:none;border-radius:3px;white-space:nowrap;box-sizing:border-box;color:#50575e;border-color:#c3c4c7;background:#f6f7f7;box-shadow:0 1px 0 #c3c4c7;vertical-align:top;}
|
| 358 |
.wp-dialog.bps-dialog .ui-dialog-buttonpane .ui-dialog-buttonset{float:right;}
|
| 359 |
.wp-dialog.bps-dialog .ui-dialog-buttonpane button{margin:.4em .5em .5em 0;cursor:pointer;}
|
| 360 |
.wp-dialog.bps-dialog .ui-resizable-se{width:20px;height:20px;right:0px;bottom:0px;}
|
| 362 |
.wp-dialog.bps-dialog{border:1px solid #999;-moz-box-shadow:0 0 16px rgba(0,0,0,0.3);-webkit-box-shadow:0 0 16px rgba(0,0,0,0.3);box-shadow:0 0 16px rgba(0,0,0,0.3);}
|
| 363 |
.wp-dialog.bps-dialog .ui-dialog-titlebar-close .ui-button-text {visibility:hidden;}/* important - this hides the duplicate close button */
|
| 364 |
.wp-dialog.bps-dialog .ui-button-text {font-size:11px; font-weight:bold;}
|
|
|
|
| 365 |
/* this is the top pane */
|
| 366 |
.wp-dialog.bps-dialog .ui-dialog-title {z-index:999;display:block;margin-top:0px;text-align:center;padding:7px 0px 0px 0px;}
|
| 367 |
+
.wp-dialog.bps-dialog .ui-dialog-titlebar {z-index:999;padding:0 1em;background:url('../images/table_title_bg.png') repeat;height:35px;font-weight:bold;font-size:14px;line-height:18px;color:#fff;}
|
| 368 |
.wp-dialog.bps-dialog{-moz-border-radius-topleft:4px;-webkit-border-top-left-radius:4px;-khtml-border-top-left-radius:4px;border-top-left-radius:4px;-moz-border-radius-topright:4px;-webkit-border-top-right-radius:4px;-khtml-border-top-right-radius:4px;border-top-right-radius:4px;}
|
| 369 |
.wp-dialog.bps-dialog .ui-dialog-titlebar{-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;}
|
| 370 |
/* this is the top right corner X button , .wp-dialog .ui-dialog-titlebar-close .ui-button-text */
|
| 371 |
+
.wp-dialog.bps-dialog .ui-dialog-titlebar-close {z-index:999;position:absolute;width:29px;height:16px;top:8px;right:8px;background:url('../images/buttons.gif') no-repeat -88px -17px;padding:1px;}
|
| 372 |
+
.wp-dialog.bps-dialog .ui-dialog-titlebar-close:hover,.wp-dialog.bps-dialog .ui-dialog-titlebar-close:focus{background-position:-88px -32px;}
|
| 373 |
|
| 374 |
/** CSS3 Media Queries **/
|
| 375 |
@-ms-viewport {width:device-width;}
|
| 412 |
select.form-220 {width:90%;}
|
| 413 |
#LoginSecuritySearch {float:right;position:relative;bottom:35px;left:20px;margin:0px 20px 0px 0px;}
|
| 414 |
#LSMExportButton {margin-bottom:-50px}
|
| 415 |
+
#LoginSecurityDBRowCount {position:relative;left:0px;bottom:5px;color:#2271b1;font-weight:bold;font-size:14px;max-width:400px}
|
| 416 |
#LoginSecurityResetButton {position:relative;bottom:10px;left:0px;margin:0px 0px 0px 0px;max-width:300px;}
|
| 417 |
#LoginSecurityDBRowCount {float:left;position:relative;left:0px;bottom:20px;height:20px;}
|
| 418 |
.button.bps-button.lsmreset {margin:0px 0px 0px 0px;}
|
| 495 |
#LoginSecurityCheckall .widefat thead tr th {width:100%;text-align:left;white-space:normal;font-weight:bold;}
|
| 496 |
#LoginSecurityCheckall .widefat tbody tr th {width:100%;}
|
| 497 |
#LoginSecurityCheckall .widefat tbody tr td {width:100%;}
|
| 498 |
+
#LoginSecurityDBRowCount {position:relative;left:0px;bottom:5px;color:#2271b1;font-weight:bold;font-size:14px;max-width:400px}
|
| 499 |
#LoginSecurityResetButton {position:relative;bottom:10px;left:0px;margin:0px 0px 0px 0px;max-width:300px;}
|
| 500 |
#LoginSecurityDBRowCount {float:left;position:relative;left:0px;bottom:20px;height:20px;}
|
| 501 |
.button.bps-button.lsmreset {margin:0px 0px 0px 0px;}
|
admin/db-backup-security/db-backup-functions.php
CHANGED
|
@@ -96,7 +96,7 @@ function bpsPro_reset_db_backup_folder() {
|
|
| 96 |
|
| 97 |
} else {
|
| 98 |
|
| 99 |
-
if ( !
|
| 100 |
|
| 101 |
echo '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 102 |
$text = '<strong><font color="#fb0101">'.__('Error: Unable to create the DB Backup folder.', 'bulletproof-security').'</font><br>'.__('Go to the BPS System Info page File|Folder Permissions & UID checks table. Check the /wp-content/bps-backup/ folder permissions. The folder permissions should be 755 or 705. The Script Owner ID and File Owner ID should be the same matching ID. All of your other WordPress folders should also have the same matching ID\'s.', 'bulletproof-security').'</strong>';
|
|
@@ -110,9 +110,9 @@ function bpsPro_reset_db_backup_folder() {
|
|
| 110 |
echo $text;
|
| 111 |
echo '</p></div>';
|
| 112 |
|
| 113 |
-
|
| 114 |
-
|
| 115 |
-
|
| 116 |
|
| 117 |
$dbb_options = 'bulletproof_security_options_db_backup';
|
| 118 |
$bps_db_backup_folder = addslashes( WP_CONTENT_DIR . '/bps-backup/' . $new_db_backup_folder );
|
| 96 |
|
| 97 |
} else {
|
| 98 |
|
| 99 |
+
if ( ! mkdir( WP_CONTENT_DIR . '/bps-backup/' . $new_db_backup_folder, 0755, true ) ) {
|
| 100 |
|
| 101 |
echo '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 102 |
$text = '<strong><font color="#fb0101">'.__('Error: Unable to create the DB Backup folder.', 'bulletproof-security').'</font><br>'.__('Go to the BPS System Info page File|Folder Permissions & UID checks table. Check the /wp-content/bps-backup/ folder permissions. The folder permissions should be 755 or 705. The Script Owner ID and File Owner ID should be the same matching ID. All of your other WordPress folders should also have the same matching ID\'s.', 'bulletproof-security').'</strong>';
|
| 110 |
echo $text;
|
| 111 |
echo '</p></div>';
|
| 112 |
|
| 113 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/' . $new_db_backup_folder . '/', 0755 );
|
| 114 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/' . $new_db_backup_folder . '/db-diff', 0755, true );
|
| 115 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/' . $new_db_backup_folder . '/db-diff/', 0755 );
|
| 116 |
|
| 117 |
$dbb_options = 'bulletproof_security_options_db_backup';
|
| 118 |
$bps_db_backup_folder = addslashes( WP_CONTENT_DIR . '/bps-backup/' . $new_db_backup_folder );
|
admin/db-backup-security/db-backup-help-text.php
CHANGED
|
@@ -9,9 +9,9 @@ if ( !current_user_can('manage_options') ) {
|
|
| 9 |
$bps_modal_content1 = '<strong><font color="blue">'.__('Backup Job settings and other information about backups are logged in the DB backup Log. The sql dump backup file in the DB Backup zip file/archive also contains information about the Backup Job. You can Export your Backup Jobs by doing a backup of only the xx_bpspro_db_backup DB Table, which you can then Import to another website by using phpMyAdmin. Important Note: Your DB Table Prefix name in your sql dump backup file MUST match the DB Table Prefix name for the site you are importing it too. You can manually edit the sql dump file on your computer to change the DB Table Prefix name before importing it to a new site with phpMyAdmin.', 'bulletproof-security').'</font></strong><br><br><strong>'.__('DB Backup Job Completion Time Estimates: ', 'bulletproof-security').'</strong>'.__('DB Size before zip: 10MB: 3 Seconds - 100MB: 30 Seconds', 'bulletproof-security').'<br><br><strong>'.__('How To Create a Backup Job, Run a Backup Job, Download a Backup File and Delete a Backup File', 'bulletproof-security').'</strong><br><strong>'.__('NOTE: ', 'bulletproof-security').'</strong>'.__('Before creating a Scheduled Backup Job please read the - ', 'bulletproof-security').'<strong>'.__('Scheduled Backup Jobs General Information and Notes', 'bulletproof-security').'</strong>'.__(' help section.', 'bulletproof-security').'<br><br>'.__('1. Click the Create Backup Jobs accordion tab.', 'bulletproof-security').'<br>'.__('2. Enter a Description|Backup Job Name and select the Form option choices that you want.', 'bulletproof-security').'<br>'.__('3. Click the Create Backup Job|Save Settings button to save your Form option choices and create your Backup Job.', 'bulletproof-security').'<br>'.__('4. Click the Backup Jobs - Manual|Scheduled accordion tab, click on the Run checkbox for the Backup Job that you want to run and click the Run Job|Delete Job button.', 'bulletproof-security').'<br>'.__('5. Your Backup files are displayed under the Backup Files - Download|Delete accordion tab.', 'bulletproof-security').'<br>'.__('6. You can Download Backup files to your computer by clicking the Download link for that Backup file.', 'bulletproof-security').'<br>'.__('7. You can delete Backup files by clicking the checkbox for the Backup file that you want to delete and then click the Delete Files button.', 'bulletproof-security').'<br><br><strong>'.__('Backup Jobs - Manual|Scheduled Accordion Tab', 'bulletproof-security').'</strong><br>'.__('- Displays the Description|Job Name, Delete and Run Checkboxes, Job Type, Frequency, Last Backup, Next Backup, Email Backup and Job Created table columns.', 'bulletproof-security').'<br>'.__('- Job Type displays either Manual or Scheduled.', 'bulletproof-security').'<br>'.__('- Frequency displays either Manual, Hourly, Daily, Weekly or Monthly.', 'bulletproof-security').'<br>'.__('- Last Backup displays either Backup Job Created or a timestamp when the last backup job was run.', 'bulletproof-security').'<br>'.__('- Next Backup displays either Manual, Hourly or a combination of user-friendly next job run times: 5PM, Sunday 5PM, 30th 5PM.', 'bulletproof-security').'<br>'.__('- Email Backup displays either Manual, Yes, Yes & Delete, No or Send Email Only.', 'bulletproof-security').'<br>'.__('- Job Created displays the timestamp for when the Backup Job was created.', 'bulletproof-security').'<br><br><strong>'.__('Backup Files - Download|Delete Accordion Tab', 'bulletproof-security').'</strong><br>'.__('- Displays the Backup Filename, Delete Checkbox, Download Links, Backup Folder, Size and Date|Time table columns.', 'bulletproof-security').'<br>'.__('- Backup Filename displays the name of the backup zip file.', 'bulletproof-security').'<br>'.__('- Backup Folder displays the backup folder path.', 'bulletproof-security').'<br>'.__('- Size displays the size of the backup zip file.', 'bulletproof-security').'<br>'.__('- Date|Time displays the date and time that the backup zip file was created.', 'bulletproof-security').'<br><br><strong>'.__('Create Backup Jobs Accordion Tab', 'bulletproof-security').'</strong><br>'.__('- Displays a dynamic DB Table Name checkbox form used to select the database tables that you want to backup.', 'bulletproof-security').'<br>'.__('- Description|Backup Job Name textbox to enter a description for your Backup Job.', 'bulletproof-security').'<br>'.__('- DB Backup Folder Location textbox with a default Obfuscated & Secure BPS Backup Folder location.', 'bulletproof-security').'<br>'.__('- DB Backup File Download Link|URL textbox with a default download URL path.', 'bulletproof-security').'<br>'.__('- Backup Job Type: Manual or Scheduled select dropdown option to choose either a Manual or Scheduled Backup job type.', 'bulletproof-security').'<br>'.__('- Frequency of Scheduled Backup Job (recurring) select dropdown option to choose either N/A, Hourly, Daily, Weekly or Monthly backup job frequency.', 'bulletproof-security').'<br>'.__('- Hour When Scheduled Backup is Run (recurring) select dropdown option to choose a start time for a scheduled backup job: N/A and 12AM through 11PM.', 'bulletproof-security').'<br>'.__('- Day of Week When Scheduled Backup is Run (recurring) select dropdown option to choose a weekday day when a scheduled backup job is run: N/A and Sunday through Monday.', 'bulletproof-security').'<br>'.__('- Day of Month When Scheduled Backup is Run (recurring) select dropdown option to choose a day of the month for a start time when a backup job is run: N/A and 1st through 30th.', 'bulletproof-security').'<br>'.__('- Send Scheduled Backup Zip File Via Email or Just Email Only select dropdown option to choose either to email a zip backup file, do not email backup zip file, email and delete zip backup file or just send an email that backup job has completed/been run. ', 'bulletproof-security').'<strong>'.__('Note: This option is ONLY for Scheduled backup jobs and is NOT for Manual backup jobs.', 'bulletproof-security').'</strong><br>'.__('- Automatically Delete Old Backup Files select dropdown option to choose Never delete old backup files, delete backup files older than 1 day, 5 days, 10 days, 15 days, 30 days, 60 days, 90 days or 180 days. This is an independent option meaning that it can be set/changed/saved independently and is not specific to any created Backup Jobs.', 'bulletproof-security').'<br>'.__('- Turn On|Off All Scheduled Backups (override) select dropdown option to choose either turn on all scheduled backups or turn off all scheduled backups. This an override option that prevent any/all scheduled backup jobs from being run. This is an independent option meaning that it can be set/changed/saved independently and is not specific to any created Backup Jobs.', 'bulletproof-security').'<br><br><strong>'.__('Rename|Create|Reset Tool', 'bulletproof-security').'</strong><br>'.__('If you would like to change/rename the default BPS DB Backup folder name either use the automatically randomly generated new DB Backup folder name or you can edit the new DB Backup folder name in the Rename|Create|Reset DB Backup Folder Name: text box and click the Rename|Create|Reset button. Only use these valid characters: Letters A to Z uppercase or lowercase, Numbers 0-9 and/or a dash "-" or an underscore "_". If you have DB Backup files they will not be affected/changed. The DB Backup File Download Link|URL path will also be changed and have the new DB Backup folder name in the URL path.', 'bulletproof-security').'<br><br>'.__('The Rename|Create|Reset Tool can also be used for troubleshooting problems with the automatic BPS DB Backup folder creation. If the BPS DB Backup folder was not automatically created already then use this tool to try and create a new DB Backup folder. You will see an error message displayed with things to check that could be preventing the DB Backup folder from being successfully created.', 'bulletproof-security').'<br><br><strong>'.__('Scheduled Backup Jobs General Information and Notes', 'bulletproof-security').'</strong><br>'.__('- The Send Scheduled Backup Zip File Via Email or Just Email Only option is ONLY for Scheduled backup jobs and is NOT for Manual backup jobs.', 'bulletproof-security').'<br><br>'.__('- Scheduled Backup Cron Jobs are synchronized to run exactly on the hour: 5:00pm, 6:00pm, 7:00pm. The Backup Cron job actual run times may fluctuate slightly. That is just the normal nature of WordPress Crons. The DB Backup Cron is designed to resynchronize itself to the top of the hour on the hour.', 'bulletproof-security').'<br><br>'.__('- Today is 12AM to 11:59PM. If you want a Daily scheduled backup job to start running for the first time at 12AM tomorrow (which seems like today, but is actually tomorrow) then choose the Day of the Week that is tomorrow. 12AM tomorrow is the start time and the Daily scheduled backup job will continue to be run at 12AM every day after the start time that you choose.', 'bulletproof-security').'<br><br>'.__('- The Create Backup Jobs Form allows for the widest possible combinations of start times for scheduled backup jobs. The start time choices are: Frequency, Hour, Day of Week and Day of Month and have many different possible logical combinations that can be chosen. See this help section before creating any scheduled backup jobs - ', 'bulletproof-security').'<strong>'.__('Best Logical Choices For Start Times When Scheduling Backup Jobs With the Create Backup Jobs Form', 'bulletproof-security').'</strong><br><br>'.__('- You can schedule multiple backup jobs for the same frequency. Example: You can create/schedule a backup job to run Weekly at 8PM on Sunday and can create/schedule a backup job to run Weekly at 10PM on Wednesday. Scheduled backup jobs run based on the time the scheduled backup job is scheduled to run - there are no limitations with scheduling multiple backup jobs.', 'bulletproof-security').'<br><br><strong>'.__('Best Logical Choices For Start Times When Scheduling Backup Jobs With the Create Backup Jobs Form', 'bulletproof-security').'</strong><br>'.__('These are some common logical option choices for Creating/Scheduling Backup Jobs. There are other possible combinations of option settings/start times, but these are intended to be simple examples of common logical option setting choices.', 'bulletproof-security').'<br><br><strong>'.__('Hourly Backup Job', 'bulletproof-security').'</strong><br>'.__('- If you choose Hourly for the Frequency and you do not pick a start Time/Hour when the Backup Job is next run. The next Backup Job will be run at the top of the next hour. Example: If the time now is 4:30PM then the next backup job will be run at 5PM, then 6PM, then 7PM, etc.', 'bulletproof-security').'<br>'.__('- If you choose Hourly for the Frequency and pick a start Time/Hour when the Backup Job is next run. The next Backup Job will be run at the start Time/Hour that you chose. Example: If the time now is 4:30PM and you chose 8PM for the start Time/Hour then the next backup job will be run at 8PM, then 9PM, then 10PM, etc.', 'bulletproof-security').'<br><br><strong>'.__('Daily Backup Job', 'bulletproof-security').'</strong><br>'.__('- If today is Tuesday and you want to schedule a Backup Job to run at 12AM daily/every night. You would choose Daily for the Frequency, start Time/Hour of 12AM (12AM is tomorrow) and Wednesday for the day of the week for the start time when the Backup Job is next run. The next Backup Job will be run at 12AM Wednesday tonight/tomorrow and at 12AM every night/morning.', 'bulletproof-security').'<br><br><strong>'.__('Weekly Backup Job', 'bulletproof-security').'</strong><br>'.__('- If you want to schedule a Backup Job to run Weekly at 12AM every Sunday. You would choose Weekly for the Frequency, start Time/Hour of 12AM and Sunday for the day of the week for the start time when the Backup Job is next run. The next Backup Job will be run at 12AM next Sunday and every Sunday at 12AM.', 'bulletproof-security').'<br><br><strong>'.__('Monthly Backup Job', 'bulletproof-security').'</strong><br>'.__('- If you want to schedule a Backup Job to run Monthly on the 30th of each month at 11PM. You would choose Monthly for the Frequency, start Time/Hour of 11PM and 30th for the day of the month for the start time when the Backup Job is next run. The next Backup Job will be run on the 30th of this month at 11PM and each month on the 30th at 11PM.', 'bulletproof-security').'<br><br><strong>'.__('404 errors when trying to download zip files or if you have changed the DB Backup Folder Location', 'bulletproof-security').'</strong><br>'.__('On some web hosts (Go Daddy) if you have a WordPress subfolder website installation: Example: Main domain is example.com and Subfolder WordPress site is example.com/wordpress-subfolder-website/ then the download link will not work correctly and you will see 404 errors when trying to download zip backup files. Your options are to not change the default backup folder path for your subfolder site and download zip backup files via FTP or you can use/add the backup folder path for your main site instead of the default backup folder path for your subfolder site. You would also change the DB Backup File Download Link|URL to your main site\'s backup folder Link/URL path. What this means is that DB Backups for both your main site and your subfolder site will be saved/stored under your main site\'s backup folder.', 'bulletproof-security').'<br><br>'.__('If you are seeing 404 errors after changing the DB Backup File Download Link|URL and/or the DB Backup Folder Location then make sure that you have entered the correct folder path and also the correct link/URL paths for where your DB backup files are being saved/stored. The DB Backup File Download Link|URL path MUST end with/have a trailing slash. Example: http://www.example.com/wp-content/bps-backup/backups_xxxxxxxxxx/', 'bulletproof-security');
|
| 10 |
|
| 11 |
/** DB Backup Log **/
|
| 12 |
-
$bps_modal_content2 = '<strong>'.__('
|
| 13 |
|
| 14 |
/** DB Table Prefix Changer **/
|
| 15 |
-
$bps_modal_content3 = '<strong>'.__('
|
| 16 |
|
| 17 |
?>
|
| 9 |
$bps_modal_content1 = '<strong><font color="blue">'.__('Backup Job settings and other information about backups are logged in the DB backup Log. The sql dump backup file in the DB Backup zip file/archive also contains information about the Backup Job. You can Export your Backup Jobs by doing a backup of only the xx_bpspro_db_backup DB Table, which you can then Import to another website by using phpMyAdmin. Important Note: Your DB Table Prefix name in your sql dump backup file MUST match the DB Table Prefix name for the site you are importing it too. You can manually edit the sql dump file on your computer to change the DB Table Prefix name before importing it to a new site with phpMyAdmin.', 'bulletproof-security').'</font></strong><br><br><strong>'.__('DB Backup Job Completion Time Estimates: ', 'bulletproof-security').'</strong>'.__('DB Size before zip: 10MB: 3 Seconds - 100MB: 30 Seconds', 'bulletproof-security').'<br><br><strong>'.__('How To Create a Backup Job, Run a Backup Job, Download a Backup File and Delete a Backup File', 'bulletproof-security').'</strong><br><strong>'.__('NOTE: ', 'bulletproof-security').'</strong>'.__('Before creating a Scheduled Backup Job please read the - ', 'bulletproof-security').'<strong>'.__('Scheduled Backup Jobs General Information and Notes', 'bulletproof-security').'</strong>'.__(' help section.', 'bulletproof-security').'<br><br>'.__('1. Click the Create Backup Jobs accordion tab.', 'bulletproof-security').'<br>'.__('2. Enter a Description|Backup Job Name and select the Form option choices that you want.', 'bulletproof-security').'<br>'.__('3. Click the Create Backup Job|Save Settings button to save your Form option choices and create your Backup Job.', 'bulletproof-security').'<br>'.__('4. Click the Backup Jobs - Manual|Scheduled accordion tab, click on the Run checkbox for the Backup Job that you want to run and click the Run Job|Delete Job button.', 'bulletproof-security').'<br>'.__('5. Your Backup files are displayed under the Backup Files - Download|Delete accordion tab.', 'bulletproof-security').'<br>'.__('6. You can Download Backup files to your computer by clicking the Download link for that Backup file.', 'bulletproof-security').'<br>'.__('7. You can delete Backup files by clicking the checkbox for the Backup file that you want to delete and then click the Delete Files button.', 'bulletproof-security').'<br><br><strong>'.__('Backup Jobs - Manual|Scheduled Accordion Tab', 'bulletproof-security').'</strong><br>'.__('- Displays the Description|Job Name, Delete and Run Checkboxes, Job Type, Frequency, Last Backup, Next Backup, Email Backup and Job Created table columns.', 'bulletproof-security').'<br>'.__('- Job Type displays either Manual or Scheduled.', 'bulletproof-security').'<br>'.__('- Frequency displays either Manual, Hourly, Daily, Weekly or Monthly.', 'bulletproof-security').'<br>'.__('- Last Backup displays either Backup Job Created or a timestamp when the last backup job was run.', 'bulletproof-security').'<br>'.__('- Next Backup displays either Manual, Hourly or a combination of user-friendly next job run times: 5PM, Sunday 5PM, 30th 5PM.', 'bulletproof-security').'<br>'.__('- Email Backup displays either Manual, Yes, Yes & Delete, No or Send Email Only.', 'bulletproof-security').'<br>'.__('- Job Created displays the timestamp for when the Backup Job was created.', 'bulletproof-security').'<br><br><strong>'.__('Backup Files - Download|Delete Accordion Tab', 'bulletproof-security').'</strong><br>'.__('- Displays the Backup Filename, Delete Checkbox, Download Links, Backup Folder, Size and Date|Time table columns.', 'bulletproof-security').'<br>'.__('- Backup Filename displays the name of the backup zip file.', 'bulletproof-security').'<br>'.__('- Backup Folder displays the backup folder path.', 'bulletproof-security').'<br>'.__('- Size displays the size of the backup zip file.', 'bulletproof-security').'<br>'.__('- Date|Time displays the date and time that the backup zip file was created.', 'bulletproof-security').'<br><br><strong>'.__('Create Backup Jobs Accordion Tab', 'bulletproof-security').'</strong><br>'.__('- Displays a dynamic DB Table Name checkbox form used to select the database tables that you want to backup.', 'bulletproof-security').'<br>'.__('- Description|Backup Job Name textbox to enter a description for your Backup Job.', 'bulletproof-security').'<br>'.__('- DB Backup Folder Location textbox with a default Obfuscated & Secure BPS Backup Folder location.', 'bulletproof-security').'<br>'.__('- DB Backup File Download Link|URL textbox with a default download URL path.', 'bulletproof-security').'<br>'.__('- Backup Job Type: Manual or Scheduled select dropdown option to choose either a Manual or Scheduled Backup job type.', 'bulletproof-security').'<br>'.__('- Frequency of Scheduled Backup Job (recurring) select dropdown option to choose either N/A, Hourly, Daily, Weekly or Monthly backup job frequency.', 'bulletproof-security').'<br>'.__('- Hour When Scheduled Backup is Run (recurring) select dropdown option to choose a start time for a scheduled backup job: N/A and 12AM through 11PM.', 'bulletproof-security').'<br>'.__('- Day of Week When Scheduled Backup is Run (recurring) select dropdown option to choose a weekday day when a scheduled backup job is run: N/A and Sunday through Monday.', 'bulletproof-security').'<br>'.__('- Day of Month When Scheduled Backup is Run (recurring) select dropdown option to choose a day of the month for a start time when a backup job is run: N/A and 1st through 30th.', 'bulletproof-security').'<br>'.__('- Send Scheduled Backup Zip File Via Email or Just Email Only select dropdown option to choose either to email a zip backup file, do not email backup zip file, email and delete zip backup file or just send an email that backup job has completed/been run. ', 'bulletproof-security').'<strong>'.__('Note: This option is ONLY for Scheduled backup jobs and is NOT for Manual backup jobs.', 'bulletproof-security').'</strong><br>'.__('- Automatically Delete Old Backup Files select dropdown option to choose Never delete old backup files, delete backup files older than 1 day, 5 days, 10 days, 15 days, 30 days, 60 days, 90 days or 180 days. This is an independent option meaning that it can be set/changed/saved independently and is not specific to any created Backup Jobs.', 'bulletproof-security').'<br>'.__('- Turn On|Off All Scheduled Backups (override) select dropdown option to choose either turn on all scheduled backups or turn off all scheduled backups. This an override option that prevent any/all scheduled backup jobs from being run. This is an independent option meaning that it can be set/changed/saved independently and is not specific to any created Backup Jobs.', 'bulletproof-security').'<br><br><strong>'.__('Rename|Create|Reset Tool', 'bulletproof-security').'</strong><br>'.__('If you would like to change/rename the default BPS DB Backup folder name either use the automatically randomly generated new DB Backup folder name or you can edit the new DB Backup folder name in the Rename|Create|Reset DB Backup Folder Name: text box and click the Rename|Create|Reset button. Only use these valid characters: Letters A to Z uppercase or lowercase, Numbers 0-9 and/or a dash "-" or an underscore "_". If you have DB Backup files they will not be affected/changed. The DB Backup File Download Link|URL path will also be changed and have the new DB Backup folder name in the URL path.', 'bulletproof-security').'<br><br>'.__('The Rename|Create|Reset Tool can also be used for troubleshooting problems with the automatic BPS DB Backup folder creation. If the BPS DB Backup folder was not automatically created already then use this tool to try and create a new DB Backup folder. You will see an error message displayed with things to check that could be preventing the DB Backup folder from being successfully created.', 'bulletproof-security').'<br><br><strong>'.__('Scheduled Backup Jobs General Information and Notes', 'bulletproof-security').'</strong><br>'.__('- The Send Scheduled Backup Zip File Via Email or Just Email Only option is ONLY for Scheduled backup jobs and is NOT for Manual backup jobs.', 'bulletproof-security').'<br><br>'.__('- Scheduled Backup Cron Jobs are synchronized to run exactly on the hour: 5:00pm, 6:00pm, 7:00pm. The Backup Cron job actual run times may fluctuate slightly. That is just the normal nature of WordPress Crons. The DB Backup Cron is designed to resynchronize itself to the top of the hour on the hour.', 'bulletproof-security').'<br><br>'.__('- Today is 12AM to 11:59PM. If you want a Daily scheduled backup job to start running for the first time at 12AM tomorrow (which seems like today, but is actually tomorrow) then choose the Day of the Week that is tomorrow. 12AM tomorrow is the start time and the Daily scheduled backup job will continue to be run at 12AM every day after the start time that you choose.', 'bulletproof-security').'<br><br>'.__('- The Create Backup Jobs Form allows for the widest possible combinations of start times for scheduled backup jobs. The start time choices are: Frequency, Hour, Day of Week and Day of Month and have many different possible logical combinations that can be chosen. See this help section before creating any scheduled backup jobs - ', 'bulletproof-security').'<strong>'.__('Best Logical Choices For Start Times When Scheduling Backup Jobs With the Create Backup Jobs Form', 'bulletproof-security').'</strong><br><br>'.__('- You can schedule multiple backup jobs for the same frequency. Example: You can create/schedule a backup job to run Weekly at 8PM on Sunday and can create/schedule a backup job to run Weekly at 10PM on Wednesday. Scheduled backup jobs run based on the time the scheduled backup job is scheduled to run - there are no limitations with scheduling multiple backup jobs.', 'bulletproof-security').'<br><br><strong>'.__('Best Logical Choices For Start Times When Scheduling Backup Jobs With the Create Backup Jobs Form', 'bulletproof-security').'</strong><br>'.__('These are some common logical option choices for Creating/Scheduling Backup Jobs. There are other possible combinations of option settings/start times, but these are intended to be simple examples of common logical option setting choices.', 'bulletproof-security').'<br><br><strong>'.__('Hourly Backup Job', 'bulletproof-security').'</strong><br>'.__('- If you choose Hourly for the Frequency and you do not pick a start Time/Hour when the Backup Job is next run. The next Backup Job will be run at the top of the next hour. Example: If the time now is 4:30PM then the next backup job will be run at 5PM, then 6PM, then 7PM, etc.', 'bulletproof-security').'<br>'.__('- If you choose Hourly for the Frequency and pick a start Time/Hour when the Backup Job is next run. The next Backup Job will be run at the start Time/Hour that you chose. Example: If the time now is 4:30PM and you chose 8PM for the start Time/Hour then the next backup job will be run at 8PM, then 9PM, then 10PM, etc.', 'bulletproof-security').'<br><br><strong>'.__('Daily Backup Job', 'bulletproof-security').'</strong><br>'.__('- If today is Tuesday and you want to schedule a Backup Job to run at 12AM daily/every night. You would choose Daily for the Frequency, start Time/Hour of 12AM (12AM is tomorrow) and Wednesday for the day of the week for the start time when the Backup Job is next run. The next Backup Job will be run at 12AM Wednesday tonight/tomorrow and at 12AM every night/morning.', 'bulletproof-security').'<br><br><strong>'.__('Weekly Backup Job', 'bulletproof-security').'</strong><br>'.__('- If you want to schedule a Backup Job to run Weekly at 12AM every Sunday. You would choose Weekly for the Frequency, start Time/Hour of 12AM and Sunday for the day of the week for the start time when the Backup Job is next run. The next Backup Job will be run at 12AM next Sunday and every Sunday at 12AM.', 'bulletproof-security').'<br><br><strong>'.__('Monthly Backup Job', 'bulletproof-security').'</strong><br>'.__('- If you want to schedule a Backup Job to run Monthly on the 30th of each month at 11PM. You would choose Monthly for the Frequency, start Time/Hour of 11PM and 30th for the day of the month for the start time when the Backup Job is next run. The next Backup Job will be run on the 30th of this month at 11PM and each month on the 30th at 11PM.', 'bulletproof-security').'<br><br><strong>'.__('404 errors when trying to download zip files or if you have changed the DB Backup Folder Location', 'bulletproof-security').'</strong><br>'.__('On some web hosts (Go Daddy) if you have a WordPress subfolder website installation: Example: Main domain is example.com and Subfolder WordPress site is example.com/wordpress-subfolder-website/ then the download link will not work correctly and you will see 404 errors when trying to download zip backup files. Your options are to not change the default backup folder path for your subfolder site and download zip backup files via FTP or you can use/add the backup folder path for your main site instead of the default backup folder path for your subfolder site. You would also change the DB Backup File Download Link|URL to your main site\'s backup folder Link/URL path. What this means is that DB Backups for both your main site and your subfolder site will be saved/stored under your main site\'s backup folder.', 'bulletproof-security').'<br><br>'.__('If you are seeing 404 errors after changing the DB Backup File Download Link|URL and/or the DB Backup Folder Location then make sure that you have entered the correct folder path and also the correct link/URL paths for where your DB backup files are being saved/stored. The DB Backup File Download Link|URL path MUST end with/have a trailing slash. Example: http://www.example.com/wp-content/bps-backup/backups_xxxxxxxxxx/', 'bulletproof-security');
|
| 10 |
|
| 11 |
/** DB Backup Log **/
|
| 12 |
+
$bps_modal_content2 = '<strong>'.__('DB Backup Log General Information', 'bulletproof-security').'</strong><br>'.__('Your DB Backup Log file is a plain text static file and not a dynamic file or dynamic display to keep your website resource usage at a bare minimum and keep your website performance at a maximum. Log entries are logged in descending order by Date and Time. You can copy, edit and delete this plain text file.', 'bulletproof-security').'<br><br><strong>'.__('Note: ', 'bulletproof-security').'</strong>'.__('DB Backup Log Email Alert and Log file option settings are on the Email|Log Settings page.', 'bulletproof-security').'<strong><br><br>'.__('What is Logged in The DB Backup Log?', 'bulletproof-security').'</strong><br>'.__('Depending on your DB Backup settings, log entries will be logged anytime you run a Manual Backup Job or whenever a Scheduled Cron Backup Job is run. Logs Backup Job Settings, Completion Time, Memory Usage, Zip Backup File Name, Timestamp and other DB Backup information. If you have chosen the option to automatically delete old zip backup files then the zip backup file name and timestamp will be logged when old zip backup files are automatically deleted. When you create a new Backup Job your Backup Job Settings are logged/saved in the DB Backup Log.', 'bulletproof-security').'<strong><br><br>'.__('DB Backup Log File Size', 'bulletproof-security').'</strong><br>'.__('Displays the size of your DB Backup Log file. 500KB is the optimum recommended log file size setting that you should choose for your log file to be automatically zipped, emailed and replaced with a new blank DB Backup Log file.', 'bulletproof-security').'<br><br><strong>'.__('DB Backup Log Last Modified Time', 'bulletproof-security').'</strong><br>'.__('Displays the last time a DB Backup Log entry was logged.', 'bulletproof-security').'<br><br><strong>'.__('Delete Log Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Delete Log button will delete the entire contents of your DB Backup Log File.', 'bulletproof-security');
|
| 13 |
|
| 14 |
/** DB Table Prefix Changer **/
|
| 15 |
+
$bps_modal_content3 = '<strong>'.__('Safety Precautions & Procedures', 'bulletproof-security').'</strong><br>'.__('Changing the DB Table Prefix name is a very simple thing to automate. This tool has been extensively tested and is safe and reliable, but anytime you are modifying your database you should ALWAYS perform a database backup as a safety precaution.', 'bulletproof-security').'<br><br><strong>'.__('Compatibility', 'bulletproof-security').'</strong><br>'.__('Works on all WordPress, BuddyPress and bbPress site types: Single standard WordPress installations and Network/Multisite installations.', 'bulletproof-security').'<br><br><strong><font color="blue">'.__('Note: The DB Table Names & Character Length Table needs to be a clickable Form button and is not displayed permanently open because that would cause the entire DB Backup & Security page (all Tab pages) to perform poorly/sluggishly on large websites.', 'bulletproof-security').'</font></strong><br><br><strong>'.__('Other Prefix Changes Explained', 'bulletproof-security').'</strong><br>'.__('In your WordPress xxxxxx_options DB Table there is one value that will be changed in the option_name Column: xxxxxx_user_roles. Note: Network|Multisite sites will have additional xxxxxx_[Site ID]_user_roles Columns for each subsite options DB Table. In your WordPress xxxxxx_usermeta DB Table there are several values that will be changed in the meta_key Column. These are user/user ID specific values based on individual user\'s Metadata stored in the xxxxxx_usermeta DB Table. Metadata is user specific saved settings, such as individual user\'s capabilities, permissions, saved screen options settings, etc.', 'bulletproof-security').'<br><br><strong>'.__('Correct Usage & Technical Info.', 'bulletproof-security').'</strong><br>'.__('If you want to create your own DB Table Prefix name or add additional characters to the randomly generated DB Table Prefix name then ONLY use lowercase letters, numbers and underscores in your DB Table Prefix name. The standard MySQL DB Table naming convention is xxxxxx_ where the x\'s should be ONLY lowercase letters and/or numbers and the DB Table Prefix name should end with an underscore.', 'bulletproof-security').'<br><br>'.__('The maximum length limitation of a DB Table name, including the table prefix is 64 characters. See the DB Table Names & Character Length Table for character lengths of your database table names.', 'bulletproof-security').'<br><br>'.__('If a plugin or theme is using "wp_" in its DB Table naming conventions, example: wp_wp_some_plugin_table_name, then the DB Table Prefix Changer tool will NOT change anything besides the first wp_ in the DB Table name - The DB Table Prefix Change will ONLY change the actual start/prefix of a DB Table name.', 'bulletproof-security').'<br><br>'.__('To change your DB Table Prefix name back to the WordPress default DB Table Prefix name, enter wp_ for the DB Table Prefix name.', 'bulletproof-security').'<br><br><strong>'.__('Network|Multisite Additional Info.', 'bulletproof-security').'</strong><br>'.__('If you have a Network|Multisite site then you will see an additional button: Update Site User Roles button. Click the Change DB Table Prefix button first before clicking the Update Site User Roles button. You must click both buttons to complete all DB Table Prefix Name changes on a Network|Multisite site type. If you forget to click the Update Site User Roles button then users will see this error message when trying to login: You do not have sufficient permissions to access this page. Click the Update Site User Roles button to fix that problem.', 'bulletproof-security').'<br><br><strong>'.__('Security measure vs Anti-nuisance measure', 'bulletproof-security').'</strong><br>'.__('By changing your Database Table Prefix name you will probably stop a lot of random Bot probes from doing any further reconnaissance against your website and causing unnecessary slowness from those random Bot probes. Changing the DB Table Prefix name is not really a security measure since if a hacker wants to find/get your DB Table Prefix name he/she will be able to find/get that information. The Anti-nuisance benefits alone are worth changing your DB Table Prefix name. BPS has many layers of security protection that protect your Database against SQL Injection attacks.', 'bulletproof-security');
|
| 16 |
|
| 17 |
?>
|
admin/db-backup-security/db-backup-security.php
CHANGED
|
@@ -17,7 +17,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 17 |
#wpwrap{min-height:100.1%};
|
| 18 |
</style>
|
| 19 |
|
| 20 |
-
<div id="bps-container" class="wrap"
|
| 21 |
|
| 22 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 23 |
|
|
@@ -26,35 +26,26 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 26 |
|
| 27 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 28 |
|
| 29 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-DB-Prefix-Table-Refresh'] ) || isset( $_GET['settings-updated'] ) &&
|
| 30 |
|
| 31 |
bpsPro_Browser_UA_scroll_animation();
|
| 32 |
}
|
| 33 |
}
|
| 34 |
?>
|
| 35 |
|
| 36 |
-
|
| 37 |
-
echo '<div class="bps-star-container">';
|
| 38 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 39 |
-
echo '<div class="bps-downloaded">';
|
| 40 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 41 |
-
echo '</div>';
|
| 42 |
-
echo '</div>';
|
| 43 |
-
?>
|
| 44 |
-
|
| 45 |
-
<h2 class="bps-tab-title"><?php _e('BulletProof Security ~ DB Backup & Security', 'bulletproof-security'); ?></h2>
|
| 46 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 47 |
|
| 48 |
<?php
|
| 49 |
// General all purpose "Settings Saved." message for forms
|
| 50 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 51 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 52 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 53 |
echo $text;
|
| 54 |
}
|
| 55 |
}
|
| 56 |
|
| 57 |
-
require_once
|
| 58 |
|
| 59 |
$bpsSpacePop = '-------------------------------------------------------------';
|
| 60 |
|
|
@@ -288,22 +279,25 @@ function bpsSpinnerTableRefresh() {
|
|
| 288 |
|
| 289 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 290 |
<tr>
|
| 291 |
-
<td class="bps-table_title">
|
| 292 |
-
<?php $text = '<h2>'.__('DB Backup ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Full & Partial DB Backups, Manual & Scheduled DB Backups, Email Zip Backups, Automatically Delete Old Backups', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 293 |
-
</td>
|
| 294 |
</tr>
|
| 295 |
<tr>
|
| 296 |
<td class="bps-table_cell_help">
|
| 297 |
|
| 298 |
-
<h3 style="margin:0px 0px 15px 0px;"><?php _e('DB Backup', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button"
|
|
|
|
| 299 |
|
| 300 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('DB Backup', 'bulletproof-security'); ?>">
|
| 301 |
<p>
|
| 302 |
<?php
|
| 303 |
-
$text = '<strong>'.__('This
|
| 304 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 305 |
// Forum Help Links or of course both
|
| 306 |
-
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong>';
|
| 307 |
echo $text;
|
| 308 |
?>
|
| 309 |
<strong><a href="https://forum.ait-pro.com/forums/topic/database-backup-security-guide/" title="DB Backup & Security Guide" target="_blank"><?php _e('DB Backup & Security Guide', 'bulletproof-security'); ?></a></strong><br /><br />
|
|
@@ -768,13 +762,10 @@ bpsPro_dbbackup_form_processing();
|
|
| 768 |
echo '</table>';
|
| 769 |
echo '</div>';
|
| 770 |
|
| 771 |
-
echo "<
|
| 772 |
|
| 773 |
?>
|
| 774 |
|
| 775 |
-
<?php
|
| 776 |
-
if ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] == 'blue' ) { ?>
|
| 777 |
-
|
| 778 |
<script type="text/javascript">
|
| 779 |
/* <![CDATA[ */
|
| 780 |
jQuery(document).ready(function($) {
|
|
@@ -783,8 +774,6 @@ jQuery(document).ready(function($) {
|
|
| 783 |
/* ]]> */
|
| 784 |
</script>
|
| 785 |
|
| 786 |
-
<?php } ?>
|
| 787 |
-
|
| 788 |
<script type="text/javascript">
|
| 789 |
/* <![CDATA[ */
|
| 790 |
jQuery(document).ready(function($){
|
|
@@ -928,9 +917,9 @@ if ( isset( $_POST['Submit-DBB-Files'] ) && current_user_can('manage_options') )
|
|
| 928 |
echo '</div>';
|
| 929 |
}
|
| 930 |
|
| 931 |
-
echo "<
|
| 932 |
|
| 933 |
-
|
| 934 |
|
| 935 |
<script type="text/javascript">
|
| 936 |
/* <![CDATA[ */
|
|
@@ -940,8 +929,6 @@ jQuery(document).ready(function($) {
|
|
| 940 |
/* ]]> */
|
| 941 |
</script>
|
| 942 |
|
| 943 |
-
<?php } ?>
|
| 944 |
-
|
| 945 |
<script type="text/javascript">
|
| 946 |
/* <![CDATA[ */
|
| 947 |
jQuery(document).ready(function($){
|
|
@@ -960,7 +947,7 @@ jQuery(document).ready(function($){
|
|
| 960 |
|
| 961 |
// Form Processing: Rename|Create|Reset DB Backup Folder Location and DB Backup File Download Link|URL
|
| 962 |
if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') ) {
|
| 963 |
-
require_once
|
| 964 |
bpsPro_reset_db_backup_folder();
|
| 965 |
}
|
| 966 |
|
|
@@ -1044,12 +1031,12 @@ if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') )
|
|
| 1044 |
echo '<input type="text" name="DBBDescription" class="dbb-text-500" value="'.esc_html($DBBDescription).'" /><br>';
|
| 1045 |
|
| 1046 |
echo '<label for="bps-dbb">'.__('DB Backup Folder Location:', 'bulletproof-security').'</label><br>';
|
| 1047 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1048 |
echo '<input type="text" name="DBBFolder" class="dbb-text-500" value="'; echo esc_html(trim(stripslashes($DBBFolder))); echo '" /><br>';
|
| 1049 |
|
| 1050 |
echo '<label for="bps-dbb">'.__('DB Backup File Download Link|URL:', 'bulletproof-security').'</label><br>';
|
| 1051 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1052 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1053 |
echo '<input type="text" name="DBBDownloadLink" class="dbb-text-500" value="'; echo esc_url(trim($DBBDownloadLink)); echo '" /><br>';
|
| 1054 |
|
| 1055 |
echo '<label for="bps-dbb">'.__('Backup Job Type: Manual or Scheduled', 'bulletproof-security').'</label><br>';
|
|
@@ -1144,7 +1131,7 @@ if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') )
|
|
| 1144 |
echo '</select><br><br>';
|
| 1145 |
|
| 1146 |
echo '<label for="bps-dbb">'.__('Send Scheduled Backup Zip File Via Email or Just Email Only:', 'bulletproof-security').'</label><br>';
|
| 1147 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1148 |
echo '<select name="dbb_backup_email_zip" class="form-340">';
|
| 1149 |
echo '<option value="No"'. selected('No', $bps_db_backup_email_zip).'>'.__('Do Not Email Zip Backup File', 'bulletproof-security').'</option>';
|
| 1150 |
echo '<option value="Delete"'. selected('Delete', $bps_db_backup_email_zip).'>'.__('Email & Delete Zip Backup File', 'bulletproof-security').'</option>';
|
|
@@ -1153,7 +1140,7 @@ if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') )
|
|
| 1153 |
echo '</select><br><br>';
|
| 1154 |
|
| 1155 |
echo '<label for="bps-dbb">'.__('Automatically Delete Old Backup Files:', 'bulletproof-security').'</label><br>';
|
| 1156 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1157 |
echo '<select name="dbb_backup_delete" class="form-340">';
|
| 1158 |
echo '<option value="Never"'. selected('Never', $bps_db_backup_delete).'>'.__('Never Delete Old Backup Files', 'bulletproof-security').'</option>';
|
| 1159 |
echo '<option value="1"'. selected('1', $bps_db_backup_delete).'>'.__('Delete Backup Files Older Than 1 Day', 'bulletproof-security').'</option>';
|
|
@@ -1167,7 +1154,7 @@ if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') )
|
|
| 1167 |
echo '</select><br><br>';
|
| 1168 |
|
| 1169 |
echo '<label for="bps-dbb">'.__('Turn On|Off All Scheduled Backups (Override):', 'bulletproof-security').'</label><br>';
|
| 1170 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1171 |
echo '<select name="dbb_backup_on_off" class="form-340">';
|
| 1172 |
echo '<option value="On"'. selected('On', $bps_db_backup).'>'.__('All Scheduled Backups On', 'bulletproof-security').'</option>';
|
| 1173 |
echo '<option value="Off"'. selected('Off', $bps_db_backup).'>'.__('All Scheduled Backups Off', 'bulletproof-security').'</option>';
|
|
@@ -1192,8 +1179,8 @@ if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') )
|
|
| 1192 |
wp_nonce_field('bulletproof_security_db_backup_reset');
|
| 1193 |
|
| 1194 |
echo '<label for="bps-dbb">'.__('Rename|Create|Reset DB Backup Folder Name:', 'bulletproof-security').'</label><br>';
|
| 1195 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1196 |
-
echo '<label for="bps-dbb"><font color="#
|
| 1197 |
echo '<input type="text" name="DBBFolderReset" class="regular-text-short-fixed" style="width:325px;margin:0px 0px 10px 0px;" value="'; echo esc_html(trim(stripslashes($DBBFolderReset))); echo '" /><br>';
|
| 1198 |
|
| 1199 |
echo "<p><input type=\"submit\" name=\"Submit-DBB-Reset\" value=\"".esc_attr__('Rename|Create|Reset', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"return confirm('".__('The Rename|Create|Reset Tool renames the DB Backup folder if it already exists or creates a new DB Backup folder if it does not already exist.\n\n-------------------------------------------------------------\n\nIf you have DB Backup files they will not be affected/changed. The DB Backup File Download Link|URL path will also be changed and have the new DB Backup folder name in the URL path.\n\n-------------------------------------------------------------\n\nClick OK to proceed or click Cancel', 'bulletproof-security')."')\" /></p></form>";
|
|
@@ -1206,7 +1193,7 @@ if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') )
|
|
| 1206 |
|
| 1207 |
echo '</div>'; // #dbb-special
|
| 1208 |
|
| 1209 |
-
|
| 1210 |
|
| 1211 |
<script type="text/javascript">
|
| 1212 |
/* <![CDATA[ */
|
|
@@ -1216,8 +1203,6 @@ jQuery(document).ready(function($) {
|
|
| 1216 |
/* ]]> */
|
| 1217 |
</script>
|
| 1218 |
|
| 1219 |
-
<?php } ?>
|
| 1220 |
-
|
| 1221 |
<script type="text/javascript">
|
| 1222 |
/* <![CDATA[ */
|
| 1223 |
jQuery(document).ready(function($){
|
|
@@ -1241,17 +1226,27 @@ jQuery(document).ready(function($){
|
|
| 1241 |
|
| 1242 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1243 |
<tr>
|
| 1244 |
-
<td class="bps-table_title">
|
| 1245 |
-
<?php $text = '<h2>'.__('DB Backup Log ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Logs Backup Job Settings, Completion Time, Memory Usage, Zip Backup File Name, Timestamp...', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 1246 |
-
</td>
|
| 1247 |
</tr>
|
| 1248 |
<tr>
|
| 1249 |
<td class="bps-table_cell_help">
|
| 1250 |
|
| 1251 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('DB Backup Log', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button"
|
|
|
|
| 1252 |
|
| 1253 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('DB Backup Log', 'bulletproof-security'); ?>">
|
| 1254 |
-
<p
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1255 |
</div>
|
| 1256 |
|
| 1257 |
<?php
|
|
@@ -1264,7 +1259,7 @@ function bpsPro_DBB_LogSize() {
|
|
| 1264 |
$logSize = filesize($filename);
|
| 1265 |
|
| 1266 |
if ( $logSize < 2097152 ) {
|
| 1267 |
-
$text = '<span style="font-size:13px;"><strong>'. __('DB Backup Log File Size: ', 'bulletproof-security').'<font color="#
|
| 1268 |
echo $text;
|
| 1269 |
} else {
|
| 1270 |
$text = '<span style="font-size:13px;"><strong>'. __('DB Backup Log File Size: ', 'bulletproof-security').'<font color="#fb0101">'. round($logSize / 1024, 2) .' KB<br>'.__('The Email Logging options will only send log files up to 2MB in size.', 'bulletproof-security').'</font></strong><br>'.__('Copy and paste the DB Backup Log file contents into a Notepad text file on your computer and save it.', 'bulletproof-security').'<br>'.__('Then click the Delete Log button to delete the contents of this Log file.', 'bulletproof-security').'</span><br>';
|
|
@@ -1280,9 +1275,9 @@ function bpsPro_DBB_Log_LastMod() {
|
|
| 1280 |
|
| 1281 |
if ( file_exists($filename) ) {
|
| 1282 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 1283 |
-
$timestamp = date_i18n(get_option('date_format').' - '.get_option('time_format'),
|
| 1284 |
|
| 1285 |
-
$text = '<strong>'. __('DB Backup Log Last Modified Time: ', 'bulletproof-security').'<font color="#
|
| 1286 |
echo $text;
|
| 1287 |
}
|
| 1288 |
}
|
|
@@ -1370,8 +1365,9 @@ if ( current_user_can('manage_options') ) {
|
|
| 1370 |
<div id="DBBLog">
|
| 1371 |
<textarea class="bps-text-area-600x700" name="newcontentdbb" id="newcontentdbb" tabindex="1"><?php echo bpsPro_DBB_get_contents(); ?></textarea>
|
| 1372 |
<input type="hidden" name="scrolltodbblog" id="scrolltodbblog" value="<?php echo esc_html( $scrolltodbblog ); ?>" />
|
| 1373 |
-
<
|
| 1374 |
-
<input type="submit" name="Submit-DBB-Log" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 1375 |
</div>
|
| 1376 |
</form>
|
| 1377 |
|
|
@@ -1397,24 +1393,34 @@ jQuery(document).ready(function($){
|
|
| 1397 |
|
| 1398 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1399 |
<tr>
|
| 1400 |
-
<td colspan="2" class="bps-table_title">
|
| 1401 |
-
<?php $text = '<h2>'.__('DB Table Prefix Changer ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Tools to change & check your WordPress Database Table Prefix', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 1402 |
-
</td>
|
| 1403 |
</tr>
|
| 1404 |
<tr>
|
| 1405 |
<td width="50%" valign="top" class="bps-table_cell_help">
|
| 1406 |
|
| 1407 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('DB Table Prefix Changer', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button"
|
|
|
|
| 1408 |
|
| 1409 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('DB Table Prefix Changer', 'bulletproof-security'); ?>">
|
| 1410 |
-
<p
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1411 |
</div>
|
| 1412 |
|
| 1413 |
<?php
|
| 1414 |
if ( is_admin() && current_user_can('manage_options') && preg_match( '/page=bulletproof-security/', esc_html( $_SERVER['REQUEST_URI'] ) ) ) {
|
| 1415 |
|
| 1416 |
echo '<div id="DBPrefixText" style="width:90%;padding-bottom:20px;">';
|
| 1417 |
-
$text = '<span style="font-size:1.13em;">'.__('Your current WordPress Database Table Prefix is: ', 'bulletproof-security').'<strong><font color="#
|
| 1418 |
echo $text;
|
| 1419 |
echo '</div>';
|
| 1420 |
|
|
@@ -1447,16 +1453,16 @@ if ( isset( $_POST['Submit-DB-Table-Prefix'] ) && current_user_can('manage_optio
|
|
| 1447 |
|
| 1448 |
if ( file_exists($wpconfig_file) ) {
|
| 1449 |
|
| 1450 |
-
$permswpconfig =
|
| 1451 |
$sapi_type = php_sapi_name();
|
| 1452 |
$lock = '';
|
| 1453 |
|
| 1454 |
-
if (
|
| 1455 |
$lock = '0400';
|
| 1456 |
}
|
| 1457 |
|
| 1458 |
-
if (
|
| 1459 |
-
|
| 1460 |
}
|
| 1461 |
|
| 1462 |
if ( ! is_writable($wpconfig_file) ) {
|
|
@@ -1491,7 +1497,7 @@ if ( isset( $_POST['Submit-DB-Table-Prefix'] ) && current_user_can('manage_optio
|
|
| 1491 |
$contents = file_get_contents($wpconfig_file);
|
| 1492 |
$pattern = '/\$table_prefix(.*)=(.*);/';
|
| 1493 |
|
| 1494 |
-
$stringReplace =
|
| 1495 |
|
| 1496 |
if ( preg_match( $pattern, $contents, $matches ) ) {
|
| 1497 |
$stringReplace = preg_replace('/\$table_prefix(.*)=(.*);/', "\$table_prefix = '$DBTablePrefix';", $stringReplace);
|
|
@@ -1500,7 +1506,7 @@ if ( isset( $_POST['Submit-DB-Table-Prefix'] ) && current_user_can('manage_optio
|
|
| 1500 |
if ( file_put_contents( $wpconfig_file, $stringReplace ) ) {
|
| 1501 |
|
| 1502 |
if ( $lock == '0400' ) {
|
| 1503 |
-
|
| 1504 |
}
|
| 1505 |
}
|
| 1506 |
|
|
@@ -1532,10 +1538,10 @@ if ( isset( $_POST['Submit-DB-Table-Prefix'] ) && current_user_can('manage_optio
|
|
| 1532 |
<?php wp_nonce_field('bulletproof_security_table_prefix_changer'); ?>
|
| 1533 |
<div>
|
| 1534 |
<strong><label for="bpsTablePrefix"><?php _e('Randomly Generated DB Table Prefix', 'bulletproof-security'); ?></label></strong><br />
|
| 1535 |
-
<input type="text" name="DBTablePrefix" value="<?php if ( isset( $_POST['DBTablePrefix'] ) && preg_match( '|[^a-z0-9_]|', $_POST['DBTablePrefix'] ) ) { echo esc_html($prefix_obs); } else { echo esc_html($DBTablePrefix); } ?>" class="table-prefix-changer" /> <br />
|
| 1536 |
-
<
|
| 1537 |
<input type="submit" name="Submit-DB-Table-Prefix" value="<?php esc_attr_e('Change DB Table Prefix', 'bulletproof-security') ?>" class="button bps-button" onclick="bpsSpinnerTablePrefix()" />
|
| 1538 |
-
</
|
| 1539 |
</div>
|
| 1540 |
</form>
|
| 1541 |
|
|
@@ -1690,7 +1696,7 @@ global $wpdb, $bps_topDiv, $bps_bottomDiv;
|
|
| 1690 |
// Form: DB Table Names & Character Length Table - needs to be a clickable form otherwise causes slowness on large websites if query is running
|
| 1691 |
echo '<div id="DB-Prefix-Table-Refresh-Button" style="margin:0px 0px 20px 0px;">';
|
| 1692 |
echo '<h3 style="margin:0px 0px -5px 0px;">'.__('DB Table Names & Character Length Table', 'bulletproof-security').'</h3>';
|
| 1693 |
-
echo '<h4><font color="#
|
| 1694 |
echo '<form name="DB-Prefix-Table-Refresh" action="'.admin_url( 'admin.php?page=bulletproof-security/admin/db-backup-security/db-backup-security.php#bps-tabs-3' ).'" method="post">';
|
| 1695 |
wp_nonce_field('bulletproof_security_db_prefix_refresh');
|
| 1696 |
echo "<p><input type=\"submit\" name=\"Submit-DB-Prefix-Table-Refresh\" value=\"".esc_attr__('Load|Refresh Table', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"bpsSpinnerTableRefresh()\" /></p>";
|
|
@@ -1702,9 +1708,6 @@ global $wpdb, $bps_topDiv, $bps_bottomDiv;
|
|
| 1702 |
|
| 1703 |
?>
|
| 1704 |
|
| 1705 |
-
<?php
|
| 1706 |
-
if ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] == 'blue' ) { ?>
|
| 1707 |
-
|
| 1708 |
<script type="text/javascript">
|
| 1709 |
/* <![CDATA[ */
|
| 1710 |
jQuery(document).ready(function($) {
|
|
@@ -1713,11 +1716,6 @@ jQuery(document).ready(function($) {
|
|
| 1713 |
/* ]]> */
|
| 1714 |
</script>
|
| 1715 |
|
| 1716 |
-
<?php } ?>
|
| 1717 |
-
|
| 1718 |
-
<?php
|
| 1719 |
-
if ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] == 'blue' ) { ?>
|
| 1720 |
-
|
| 1721 |
<script type="text/javascript">
|
| 1722 |
/* <![CDATA[ */
|
| 1723 |
jQuery(document).ready(function($) {
|
|
@@ -1726,8 +1724,6 @@ jQuery(document).ready(function($) {
|
|
| 1726 |
/* ]]> */
|
| 1727 |
</script>
|
| 1728 |
|
| 1729 |
-
<?php } ?>
|
| 1730 |
-
|
| 1731 |
</td>
|
| 1732 |
</tr>
|
| 1733 |
</table>
|
|
@@ -1739,15 +1735,19 @@ jQuery(document).ready(function($) {
|
|
| 1739 |
|
| 1740 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1741 |
<tr>
|
| 1742 |
-
<td class="bps-table_title"
|
| 1743 |
</tr>
|
| 1744 |
<tr>
|
| 1745 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 1746 |
<a href="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-10' ); ?>" target="_blank"><?php _e('Whats New in ', 'bulletproof-security'); echo BULLETPROOF_VERSION; ?></a><br /><br />
|
| 1747 |
<a href="https://forum.ait-pro.com/forums/topic/bulletproof-security-pro-version-release-dates/" target="_blank"><?php _e('BPS Pro Features & Version Release Dates', 'bulletproof-security'); ?></a><br /><br />
|
| 1748 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Video Tutorials', 'bulletproof-security'); ?></a><br /><br />
|
| 1749 |
<a href="https://forum.ait-pro.com/forums/topic/database-backup-security-guide/" target="_blank"><?php _e('DB Backup & Security Guide & Troubleshooting', 'bulletproof-security'); ?></a><br /><br />
|
| 1750 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 1751 |
</td>
|
| 1752 |
</tr>
|
| 1753 |
</table>
|
| 17 |
#wpwrap{min-height:100.1%};
|
| 18 |
</style>
|
| 19 |
|
| 20 |
+
<div id="bps-container" class="wrap">
|
| 21 |
|
| 22 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 23 |
|
| 26 |
|
| 27 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 28 |
|
| 29 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-DB-Prefix-Table-Refresh'] ) || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 30 |
|
| 31 |
bpsPro_Browser_UA_scroll_animation();
|
| 32 |
}
|
| 33 |
}
|
| 34 |
?>
|
| 35 |
|
| 36 |
+
<h2 class="bps-tab-title"><?php _e('DB Backup Options', 'bulletproof-security'); ?></h2>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 37 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 38 |
|
| 39 |
<?php
|
| 40 |
// General all purpose "Settings Saved." message for forms
|
| 41 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 42 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 43 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 44 |
echo $text;
|
| 45 |
}
|
| 46 |
}
|
| 47 |
|
| 48 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/db-backup-security/db-backup-help-text.php';
|
| 49 |
|
| 50 |
$bpsSpacePop = '-------------------------------------------------------------';
|
| 51 |
|
| 279 |
|
| 280 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 281 |
<tr>
|
| 282 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 283 |
</tr>
|
| 284 |
<tr>
|
| 285 |
<td class="bps-table_cell_help">
|
| 286 |
|
| 287 |
+
<h3 style="margin:0px 0px 15px 0px;"><?php _e('DB Backup', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 288 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 289 |
|
| 290 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('DB Backup', 'bulletproof-security'); ?>">
|
| 291 |
<p>
|
| 292 |
<?php
|
| 293 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 294 |
echo $text;
|
| 295 |
+
|
| 296 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 297 |
+
echo $bpsPro_text;
|
| 298 |
+
|
| 299 |
// Forum Help Links or of course both
|
| 300 |
+
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 301 |
echo $text;
|
| 302 |
?>
|
| 303 |
<strong><a href="https://forum.ait-pro.com/forums/topic/database-backup-security-guide/" title="DB Backup & Security Guide" target="_blank"><?php _e('DB Backup & Security Guide', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 762 |
echo '</table>';
|
| 763 |
echo '</div>';
|
| 764 |
|
| 765 |
+
echo "<div style=\"margin:10px 0px 0px -20px\"><input type=\"submit\" name=\"Submit-DBB-Run-Job\" value=\"".esc_attr__('Run Job|Delete Job', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"bpsSpinnerDBBackup()\" /></div></form>";
|
| 766 |
|
| 767 |
?>
|
| 768 |
|
|
|
|
|
|
|
|
|
|
| 769 |
<script type="text/javascript">
|
| 770 |
/* <![CDATA[ */
|
| 771 |
jQuery(document).ready(function($) {
|
| 774 |
/* ]]> */
|
| 775 |
</script>
|
| 776 |
|
|
|
|
|
|
|
| 777 |
<script type="text/javascript">
|
| 778 |
/* <![CDATA[ */
|
| 779 |
jQuery(document).ready(function($){
|
| 917 |
echo '</div>';
|
| 918 |
}
|
| 919 |
|
| 920 |
+
echo "<div style=\"margin:10px 0px 0px -20px\"><input type=\"submit\" name=\"Submit-DBB-Files\" value=\"".esc_attr__('Delete Files', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"return confirm('".__('Click OK to Delete Backup File(s) or click Cancel', 'bulletproof-security')."')\" /></div></form>";
|
| 921 |
|
| 922 |
+
?>
|
| 923 |
|
| 924 |
<script type="text/javascript">
|
| 925 |
/* <![CDATA[ */
|
| 929 |
/* ]]> */
|
| 930 |
</script>
|
| 931 |
|
|
|
|
|
|
|
| 932 |
<script type="text/javascript">
|
| 933 |
/* <![CDATA[ */
|
| 934 |
jQuery(document).ready(function($){
|
| 947 |
|
| 948 |
// Form Processing: Rename|Create|Reset DB Backup Folder Location and DB Backup File Download Link|URL
|
| 949 |
if ( isset( $_POST['Submit-DBB-Reset'] ) && current_user_can('manage_options') ) {
|
| 950 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/db-backup-security/db-backup-functions.php';
|
| 951 |
bpsPro_reset_db_backup_folder();
|
| 952 |
}
|
| 953 |
|
| 1031 |
echo '<input type="text" name="DBBDescription" class="dbb-text-500" value="'.esc_html($DBBDescription).'" /><br>';
|
| 1032 |
|
| 1033 |
echo '<label for="bps-dbb">'.__('DB Backup Folder Location:', 'bulletproof-security').'</label><br>';
|
| 1034 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('Recommended: Use The Default Obfuscated & Secure BPS Backup Folder.', 'bulletproof-security').'</strong></font></label><br>';
|
| 1035 |
echo '<input type="text" name="DBBFolder" class="dbb-text-500" value="'; echo esc_html(trim(stripslashes($DBBFolder))); echo '" /><br>';
|
| 1036 |
|
| 1037 |
echo '<label for="bps-dbb">'.__('DB Backup File Download Link|URL:', 'bulletproof-security').'</label><br>';
|
| 1038 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('Note: If you see 404 errors when trying to download zip files or if you have', 'bulletproof-security').'</strong></font></label><br>';
|
| 1039 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('changed the DB Backup Folder Location above, click the Question Mark help button.', 'bulletproof-security').'</strong></font></label><br>';
|
| 1040 |
echo '<input type="text" name="DBBDownloadLink" class="dbb-text-500" value="'; echo esc_url(trim($DBBDownloadLink)); echo '" /><br>';
|
| 1041 |
|
| 1042 |
echo '<label for="bps-dbb">'.__('Backup Job Type: Manual or Scheduled', 'bulletproof-security').'</label><br>';
|
| 1131 |
echo '</select><br><br>';
|
| 1132 |
|
| 1133 |
echo '<label for="bps-dbb">'.__('Send Scheduled Backup Zip File Via Email or Just Email Only:', 'bulletproof-security').'</label><br>';
|
| 1134 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('Note: Check with your email provider for the maximum<br>file attachment size limit that is allowed by your Mail Server', 'bulletproof-security').'</strong></font></label><br>';
|
| 1135 |
echo '<select name="dbb_backup_email_zip" class="form-340">';
|
| 1136 |
echo '<option value="No"'. selected('No', $bps_db_backup_email_zip).'>'.__('Do Not Email Zip Backup File', 'bulletproof-security').'</option>';
|
| 1137 |
echo '<option value="Delete"'. selected('Delete', $bps_db_backup_email_zip).'>'.__('Email & Delete Zip Backup File', 'bulletproof-security').'</option>';
|
| 1140 |
echo '</select><br><br>';
|
| 1141 |
|
| 1142 |
echo '<label for="bps-dbb">'.__('Automatically Delete Old Backup Files:', 'bulletproof-security').'</label><br>';
|
| 1143 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('Independent Option:', 'bulletproof-security').'</strong></font></label><br>';
|
| 1144 |
echo '<select name="dbb_backup_delete" class="form-340">';
|
| 1145 |
echo '<option value="Never"'. selected('Never', $bps_db_backup_delete).'>'.__('Never Delete Old Backup Files', 'bulletproof-security').'</option>';
|
| 1146 |
echo '<option value="1"'. selected('1', $bps_db_backup_delete).'>'.__('Delete Backup Files Older Than 1 Day', 'bulletproof-security').'</option>';
|
| 1154 |
echo '</select><br><br>';
|
| 1155 |
|
| 1156 |
echo '<label for="bps-dbb">'.__('Turn On|Off All Scheduled Backups (Override):', 'bulletproof-security').'</label><br>';
|
| 1157 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('Independent Option:', 'bulletproof-security').'</strong></font></label><br>';
|
| 1158 |
echo '<select name="dbb_backup_on_off" class="form-340">';
|
| 1159 |
echo '<option value="On"'. selected('On', $bps_db_backup).'>'.__('All Scheduled Backups On', 'bulletproof-security').'</option>';
|
| 1160 |
echo '<option value="Off"'. selected('Off', $bps_db_backup).'>'.__('All Scheduled Backups Off', 'bulletproof-security').'</option>';
|
| 1179 |
wp_nonce_field('bulletproof_security_db_backup_reset');
|
| 1180 |
|
| 1181 |
echo '<label for="bps-dbb">'.__('Rename|Create|Reset DB Backup Folder Name:', 'bulletproof-security').'</label><br>';
|
| 1182 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('Randomly Generated New DB Backup Folder Name.', 'bulletproof-security').'</strong></font></label><br>';
|
| 1183 |
+
echo '<label for="bps-dbb"><font color="#2271b1"><strong>'.__('Valid Folder Naming Characters: a-z A-Z 0-9 - _', 'bulletproof-security').'</strong></font></label><br>';
|
| 1184 |
echo '<input type="text" name="DBBFolderReset" class="regular-text-short-fixed" style="width:325px;margin:0px 0px 10px 0px;" value="'; echo esc_html(trim(stripslashes($DBBFolderReset))); echo '" /><br>';
|
| 1185 |
|
| 1186 |
echo "<p><input type=\"submit\" name=\"Submit-DBB-Reset\" value=\"".esc_attr__('Rename|Create|Reset', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"return confirm('".__('The Rename|Create|Reset Tool renames the DB Backup folder if it already exists or creates a new DB Backup folder if it does not already exist.\n\n-------------------------------------------------------------\n\nIf you have DB Backup files they will not be affected/changed. The DB Backup File Download Link|URL path will also be changed and have the new DB Backup folder name in the URL path.\n\n-------------------------------------------------------------\n\nClick OK to proceed or click Cancel', 'bulletproof-security')."')\" /></p></form>";
|
| 1193 |
|
| 1194 |
echo '</div>'; // #dbb-special
|
| 1195 |
|
| 1196 |
+
?>
|
| 1197 |
|
| 1198 |
<script type="text/javascript">
|
| 1199 |
/* <![CDATA[ */
|
| 1203 |
/* ]]> */
|
| 1204 |
</script>
|
| 1205 |
|
|
|
|
|
|
|
| 1206 |
<script type="text/javascript">
|
| 1207 |
/* <![CDATA[ */
|
| 1208 |
jQuery(document).ready(function($){
|
| 1226 |
|
| 1227 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1228 |
<tr>
|
| 1229 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 1230 |
</tr>
|
| 1231 |
<tr>
|
| 1232 |
<td class="bps-table_cell_help">
|
| 1233 |
|
| 1234 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('DB Backup Log', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button">
|
| 1235 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1236 |
|
| 1237 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('DB Backup Log', 'bulletproof-security'); ?>">
|
| 1238 |
+
<p>
|
| 1239 |
+
<?php
|
| 1240 |
+
|
| 1241 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1242 |
+
echo $text;
|
| 1243 |
+
|
| 1244 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1245 |
+
echo $bpsPro_text;
|
| 1246 |
+
|
| 1247 |
+
echo $bps_modal_content2;
|
| 1248 |
+
?>
|
| 1249 |
+
</p>
|
| 1250 |
</div>
|
| 1251 |
|
| 1252 |
<?php
|
| 1259 |
$logSize = filesize($filename);
|
| 1260 |
|
| 1261 |
if ( $logSize < 2097152 ) {
|
| 1262 |
+
$text = '<span style="font-size:13px;"><strong>'. __('DB Backup Log File Size: ', 'bulletproof-security').'<font color="#2271b1">'. round($logSize / 1024, 2) .' KB</font></strong></span><br>';
|
| 1263 |
echo $text;
|
| 1264 |
} else {
|
| 1265 |
$text = '<span style="font-size:13px;"><strong>'. __('DB Backup Log File Size: ', 'bulletproof-security').'<font color="#fb0101">'. round($logSize / 1024, 2) .' KB<br>'.__('The Email Logging options will only send log files up to 2MB in size.', 'bulletproof-security').'</font></strong><br>'.__('Copy and paste the DB Backup Log file contents into a Notepad text file on your computer and save it.', 'bulletproof-security').'<br>'.__('Then click the Delete Log button to delete the contents of this Log file.', 'bulletproof-security').'</span><br>';
|
| 1275 |
|
| 1276 |
if ( file_exists($filename) ) {
|
| 1277 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 1278 |
+
$timestamp = date_i18n(get_option('date_format').' - '.get_option('time_format'), filemtime($filename) + $gmt_offset);
|
| 1279 |
|
| 1280 |
+
$text = '<strong>'. __('DB Backup Log Last Modified Time: ', 'bulletproof-security').'<font color="#2271b1">'.$timestamp.'</font></strong><br><br>';
|
| 1281 |
echo $text;
|
| 1282 |
}
|
| 1283 |
}
|
| 1365 |
<div id="DBBLog">
|
| 1366 |
<textarea class="bps-text-area-600x700" name="newcontentdbb" id="newcontentdbb" tabindex="1"><?php echo bpsPro_DBB_get_contents(); ?></textarea>
|
| 1367 |
<input type="hidden" name="scrolltodbblog" id="scrolltodbblog" value="<?php echo esc_html( $scrolltodbblog ); ?>" />
|
| 1368 |
+
<div style="margin:10px 0px">
|
| 1369 |
+
<input type="submit" name="Submit-DBB-Log" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 1370 |
+
</div>
|
| 1371 |
</div>
|
| 1372 |
</form>
|
| 1373 |
|
| 1393 |
|
| 1394 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1395 |
<tr>
|
| 1396 |
+
<td colspan="2" class="bps-table_title"></td>
|
|
|
|
|
|
|
| 1397 |
</tr>
|
| 1398 |
<tr>
|
| 1399 |
<td width="50%" valign="top" class="bps-table_cell_help">
|
| 1400 |
|
| 1401 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('DB Table Prefix Changer', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button">
|
| 1402 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1403 |
|
| 1404 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('DB Table Prefix Changer', 'bulletproof-security'); ?>">
|
| 1405 |
+
<p>
|
| 1406 |
+
<?php
|
| 1407 |
+
|
| 1408 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1409 |
+
echo $text;
|
| 1410 |
+
|
| 1411 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1412 |
+
echo $bpsPro_text;
|
| 1413 |
+
|
| 1414 |
+
echo $bps_modal_content3;
|
| 1415 |
+
?>
|
| 1416 |
+
</p>
|
| 1417 |
</div>
|
| 1418 |
|
| 1419 |
<?php
|
| 1420 |
if ( is_admin() && current_user_can('manage_options') && preg_match( '/page=bulletproof-security/', esc_html( $_SERVER['REQUEST_URI'] ) ) ) {
|
| 1421 |
|
| 1422 |
echo '<div id="DBPrefixText" style="width:90%;padding-bottom:20px;">';
|
| 1423 |
+
$text = '<span style="font-size:1.13em;">'.__('Your current WordPress Database Table Prefix is: ', 'bulletproof-security').'<strong><font color="#2271b1">'.$wpdb->base_prefix .'</span><br><br><span class="bps-dbb-small-text">'.__('NOTES: ', 'bulletproof-security').'<br>'.__('1. It is recommended that you backup your database before using this tool.', 'bulletproof-security').'<br>'.__('2. If you want to create your own DB Table Prefix name or add additional characters to the randomly generated DB Table Prefix name below then ONLY use lowercase letters, numbers and underscores in your DB Table Prefix name.', 'bulletproof-security').'<br>'.__('3. The maximum length limitation of a DB Table name, including the table prefix is 64 characters. See the DB Table Names & Character Length Table to the right.', 'bulletproof-security').'<br>'.__('4. To change your DB Table Prefix name back to the WordPress default DB Table Prefix name, enter wp_ for the DB Table Prefix name.', 'bulletproof-security').'</span></font></strong>';
|
| 1424 |
echo $text;
|
| 1425 |
echo '</div>';
|
| 1426 |
|
| 1453 |
|
| 1454 |
if ( file_exists($wpconfig_file) ) {
|
| 1455 |
|
| 1456 |
+
$permswpconfig = substr(sprintf('%o', fileperms($wpconfig_file)), -4);
|
| 1457 |
$sapi_type = php_sapi_name();
|
| 1458 |
$lock = '';
|
| 1459 |
|
| 1460 |
+
if ( $permswpconfig == '0400') {
|
| 1461 |
$lock = '0400';
|
| 1462 |
}
|
| 1463 |
|
| 1464 |
+
if ( substr( $sapi_type, 0, 6 ) != 'apache' || $permswpconfig != '0666' || $permswpconfig != '0777' ) { // Windows IIS, XAMPP, etc
|
| 1465 |
+
chmod($wpconfig_file, 0644);
|
| 1466 |
}
|
| 1467 |
|
| 1468 |
if ( ! is_writable($wpconfig_file) ) {
|
| 1497 |
$contents = file_get_contents($wpconfig_file);
|
| 1498 |
$pattern = '/\$table_prefix(.*)=(.*);/';
|
| 1499 |
|
| 1500 |
+
$stringReplace = file_get_contents($wpconfig_file);
|
| 1501 |
|
| 1502 |
if ( preg_match( $pattern, $contents, $matches ) ) {
|
| 1503 |
$stringReplace = preg_replace('/\$table_prefix(.*)=(.*);/', "\$table_prefix = '$DBTablePrefix';", $stringReplace);
|
| 1506 |
if ( file_put_contents( $wpconfig_file, $stringReplace ) ) {
|
| 1507 |
|
| 1508 |
if ( $lock == '0400' ) {
|
| 1509 |
+
chmod($wpconfig_file, 0400);
|
| 1510 |
}
|
| 1511 |
}
|
| 1512 |
|
| 1538 |
<?php wp_nonce_field('bulletproof_security_table_prefix_changer'); ?>
|
| 1539 |
<div>
|
| 1540 |
<strong><label for="bpsTablePrefix"><?php _e('Randomly Generated DB Table Prefix', 'bulletproof-security'); ?></label></strong><br />
|
| 1541 |
+
<input type="text" name="DBTablePrefix" value="<?php if ( isset( $_POST['DBTablePrefix'] ) && preg_match( '|[^a-z0-9_]|', $_POST['DBTablePrefix'] ) ) { echo esc_html($prefix_obs); } else { echo esc_html($DBTablePrefix); } ?>" class="table-prefix-changer" style="width:152px" /> <br />
|
| 1542 |
+
<div style="margin:10px 0px">
|
| 1543 |
<input type="submit" name="Submit-DB-Table-Prefix" value="<?php esc_attr_e('Change DB Table Prefix', 'bulletproof-security') ?>" class="button bps-button" onclick="bpsSpinnerTablePrefix()" />
|
| 1544 |
+
</div>
|
| 1545 |
</div>
|
| 1546 |
</form>
|
| 1547 |
|
| 1696 |
// Form: DB Table Names & Character Length Table - needs to be a clickable form otherwise causes slowness on large websites if query is running
|
| 1697 |
echo '<div id="DB-Prefix-Table-Refresh-Button" style="margin:0px 0px 20px 0px;">';
|
| 1698 |
echo '<h3 style="margin:0px 0px -5px 0px;">'.__('DB Table Names & Character Length Table', 'bulletproof-security').'</h3>';
|
| 1699 |
+
echo '<h4><font color="#2271b1">'.__('Displays your Current DB Table Names & Length Including The DB Table Prefix', 'bulletproof-security').'</font></h4>';
|
| 1700 |
echo '<form name="DB-Prefix-Table-Refresh" action="'.admin_url( 'admin.php?page=bulletproof-security/admin/db-backup-security/db-backup-security.php#bps-tabs-3' ).'" method="post">';
|
| 1701 |
wp_nonce_field('bulletproof_security_db_prefix_refresh');
|
| 1702 |
echo "<p><input type=\"submit\" name=\"Submit-DB-Prefix-Table-Refresh\" value=\"".esc_attr__('Load|Refresh Table', 'bulletproof-security')."\" class=\"button bps-button\" onclick=\"bpsSpinnerTableRefresh()\" /></p>";
|
| 1708 |
|
| 1709 |
?>
|
| 1710 |
|
|
|
|
|
|
|
|
|
|
| 1711 |
<script type="text/javascript">
|
| 1712 |
/* <![CDATA[ */
|
| 1713 |
jQuery(document).ready(function($) {
|
| 1716 |
/* ]]> */
|
| 1717 |
</script>
|
| 1718 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1719 |
<script type="text/javascript">
|
| 1720 |
/* <![CDATA[ */
|
| 1721 |
jQuery(document).ready(function($) {
|
| 1724 |
/* ]]> */
|
| 1725 |
</script>
|
| 1726 |
|
|
|
|
|
|
|
| 1727 |
</td>
|
| 1728 |
</tr>
|
| 1729 |
</table>
|
| 1735 |
|
| 1736 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1737 |
<tr>
|
| 1738 |
+
<td class="bps-table_title"></td>
|
| 1739 |
</tr>
|
| 1740 |
<tr>
|
| 1741 |
<td class="bps-table_cell_help_links">
|
| 1742 |
+
|
| 1743 |
<a href="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-10' ); ?>" target="_blank"><?php _e('Whats New in ', 'bulletproof-security'); echo BULLETPROOF_VERSION; ?></a><br /><br />
|
| 1744 |
<a href="https://forum.ait-pro.com/forums/topic/bulletproof-security-pro-version-release-dates/" target="_blank"><?php _e('BPS Pro Features & Version Release Dates', 'bulletproof-security'); ?></a><br /><br />
|
| 1745 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Video Tutorials', 'bulletproof-security'); ?></a><br /><br />
|
| 1746 |
<a href="https://forum.ait-pro.com/forums/topic/database-backup-security-guide/" target="_blank"><?php _e('DB Backup & Security Guide & Troubleshooting', 'bulletproof-security'); ?></a><br /><br />
|
| 1747 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 1748 |
+
|
| 1749 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 1750 |
+
|
| 1751 |
</td>
|
| 1752 |
</tr>
|
| 1753 |
</table>
|
admin/email-log-settings/email-log-settings.php
CHANGED
|
@@ -12,7 +12,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
-
<div id="bps-container" class="wrap"
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
|
@@ -21,29 +21,20 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-SecLog-Search'] ) || isset( $_GET['settings-updated'] ) &&
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
| 31 |
-
|
| 32 |
-
echo '<div class="bps-star-container">';
|
| 33 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 34 |
-
echo '<div class="bps-downloaded">';
|
| 35 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 36 |
-
echo '</div>';
|
| 37 |
-
echo '</div>';
|
| 38 |
-
?>
|
| 39 |
-
|
| 40 |
-
<h2 class="bps-tab-title"><?php _e('BulletProof Security ~ Email Alerts & Log File Settings', 'bulletproof-security'); ?></h2>
|
| 41 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 42 |
|
| 43 |
<?php
|
| 44 |
// General all purpose "Settings Saved." message for forms
|
| 45 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 46 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 47 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 48 |
echo $text;
|
| 49 |
}
|
|
@@ -59,6 +50,186 @@ $bps_wpcontent_dir = str_replace( ABSPATH, '', WP_CONTENT_DIR );
|
|
| 59 |
$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 60 |
$bps_bottomDiv = '</p></div>';
|
| 61 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 62 |
?>
|
| 63 |
</div>
|
| 64 |
|
|
@@ -66,7 +237,7 @@ $bps_bottomDiv = '</p></div>';
|
|
| 66 |
<div id="bps-tabs" class="bps-menu">
|
| 67 |
<div id="bpsHead"><img src="<?php echo plugins_url('/bulletproof-security/admin/images/bps-plugin-logo.jpg'); ?>" /></div>
|
| 68 |
<ul>
|
| 69 |
-
<li><a href="#bps-tabs-1"><?php _e('Email
|
| 70 |
<li><a href="#bps-tabs-2"><?php _e('Help & FAQ', 'bulletproof-security'); ?></a></li>
|
| 71 |
</ul>
|
| 72 |
|
|
@@ -74,27 +245,41 @@ $bps_bottomDiv = '</p></div>';
|
|
| 74 |
|
| 75 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 76 |
<tr>
|
| 77 |
-
<td class="bps-table_title">
|
| 78 |
-
<?php $text = '<h2>'.__('Email Alerts & Log File Settings ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('For Login Security, Security Log & DB Backup Log', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 79 |
-
</td>
|
| 80 |
</tr>
|
| 81 |
<tr>
|
| 82 |
<td class="bps-table_cell_help">
|
| 83 |
|
| 84 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Email
|
|
|
|
| 85 |
|
| 86 |
-
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Email
|
| 87 |
<p>
|
| 88 |
<?php
|
| 89 |
-
$text = '<strong>'.__('This
|
| 90 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 91 |
// Forum Help Links or of course both
|
| 92 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 93 |
echo $text;
|
| 94 |
?>
|
| 95 |
<strong><a href="https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting" title="BPS Troubleshooting Steps" target="_blank"><?php _e('BPS Troubleshooting Steps', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 96 |
|
| 97 |
-
<?php $text = '<strong>'.__('Email Alerts & Log File Settings', 'bulletproof-security').'</strong><br>'.__('The email address fields To, From, Cc and Bcc can be email addresses for your hosting account, your WordPress Administrator email address or 3rd party email addresses like gmail or yahoo email. If you are sending emails to multiple email recipients then separate the email addresses with a comma. Example: someone@somewhere.com, someoneelse@somewhereelse.com. You can add a space or not add a space after the comma between email addresses.', 'bulletproof-security').'<br><br><strong>'.__('Note: ', 'bulletproof-security').'</strong>'.__('Email Alerting and Log file options are located in S-Monitor in BPS Pro.', 'bulletproof-security').'<br><br><strong>'.__('Login Security: Send Email Alert When...', 'bulletproof-security').'</strong><br>'.__('There are 5 different email options. Choose to have email alerts sent when a User Account is locked out, An Administrator Logs in, An Administrator Logs in and when a User Account is locked out, Any User logs in and when a User Account is locked out or Do Not Send Email Alerts.', 'bulletproof-security').'<br><br>'.__('The email alerts contain the action that occurred with Timestamp and these fields: Username, Status, Role, Email, Lockout Time, Lockout Time Expires, User IP Address, User Hostname, Request URI and URL link for the website where the action occurred.', 'bulletproof-security').'<br><br><strong>'.__('Security Log File Email|Delete Log File When...', 'bulletproof-security').'</strong><br>'.__('Select the maximum Log File size that you want to allow for your Security Log File and then select the option that you want when your log file reaches that maximum size. Choose to either automatically Email the Log file to you and delete it or just delete it without emailing the log file to you first.', 'bulletproof-security').'<br><br><strong>'.__('DB Backup Log File Email|Delete Log File When...', 'bulletproof-security').'</strong><br>'.__('Select the maximum Log File size that you want to allow for your DB Backup Log File and then select the option that you want when your log file reaches that maximum size. Choose to either automatically Email the Log file to you and delete it or just delete it without emailing the log file to you first.', 'bulletproof-security').'<br><br><strong>'.__('MScan Malware Scanner Email|Delete Log File When...', 'bulletproof-security').'</strong><br>'.__('Select the maximum Log File size that you want to allow for your MScan Log File and then select the option that you want when your log file reaches that maximum size. Choose to either automatically Email the Log file to you and delete it or just delete it without emailing the log file to you first.', 'bulletproof-security').'<br><br><strong>'.__('Plugin Updates Available Email Alert:', 'bulletproof-security').'</strong><br>'.__('Choose whether or not to have email alerts sent if new Plugin version updates are available. The default setting is "Do Not Send Email Alerts". You can choose either to send email alerts for all Plugins or only Active Plugins.', 'bulletproof-security').'<br><br><strong>'.__('Theme Updates Available Email Alert:', 'bulletproof-security').'</strong><br>'.__('Choose whether or not to have email alerts sent if new Theme version updates are available. The default setting is "Do Not Send Email Alerts". You can choose either to send email alerts for all Themes or only the Active Theme.', 'bulletproof-security'); echo $text; ?></p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 98 |
</div>
|
| 99 |
|
| 100 |
<div id="EmailOptions" style="width:100%;">
|
|
@@ -122,20 +307,20 @@ $bps_bottomDiv = '</p></div>';
|
|
| 122 |
|
| 123 |
<table border="0">
|
| 124 |
<tr>
|
| 125 |
-
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files To:', 'bulletproof-security'); ?> </label
|
| 126 |
-
<
|
| 127 |
</tr>
|
| 128 |
<tr>
|
| 129 |
-
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files From:', 'bulletproof-security'); ?> </label
|
| 130 |
-
<
|
| 131 |
</tr>
|
| 132 |
<tr>
|
| 133 |
-
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files Cc:', 'bulletproof-security'); ?> </label
|
| 134 |
-
<
|
| 135 |
</tr>
|
| 136 |
<tr>
|
| 137 |
-
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files Bcc:', 'bulletproof-security'); ?> </label
|
| 138 |
-
<
|
| 139 |
</tr>
|
| 140 |
</table>
|
| 141 |
<br />
|
|
@@ -237,13 +422,17 @@ $bps_bottomDiv = '</p></div>';
|
|
| 237 |
|
| 238 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 239 |
<tr>
|
| 240 |
-
<td class="bps-table_title"
|
| 241 |
</tr>
|
| 242 |
<tr>
|
| 243 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 244 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 245 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 246 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 247 |
</td>
|
| 248 |
</tr>
|
| 249 |
</table>
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
+
<div id="bps-container" class="wrap">
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-SecLog-Search'] ) || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
| 31 |
+
<h2 class="bps-tab-title"><?php _e('Alerts|Logs|Email Options', 'bulletproof-security'); ?></h2>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 32 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 33 |
|
| 34 |
<?php
|
| 35 |
// General all purpose "Settings Saved." message for forms
|
| 36 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 37 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 38 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 39 |
echo $text;
|
| 40 |
}
|
| 50 |
$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 51 |
$bps_bottomDiv = '</p></div>';
|
| 52 |
|
| 53 |
+
// Reset/Recheck Dismiss Notices
|
| 54 |
+
if ( isset( $_POST['bpsResetDismissSubmit'] ) && current_user_can('manage_options') ) {
|
| 55 |
+
check_admin_referer( 'bulletproof_security_reset_dismiss_notices' );
|
| 56 |
+
|
| 57 |
+
$user_id = $current_user->ID;
|
| 58 |
+
|
| 59 |
+
echo '<div id="message" class="updated fade" style="color:#000000;font-weight:600;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 60 |
+
|
| 61 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_iis_notice') ) {
|
| 62 |
+
$text = __('The Windows IIS Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 63 |
+
echo $text;
|
| 64 |
+
} else {
|
| 65 |
+
$text = '<span style="color:#008000;">'.__('Success! The Windows IIS check is reset.', 'bulletproof-security').'</span><br>';
|
| 66 |
+
echo $text;
|
| 67 |
+
}
|
| 68 |
+
|
| 69 |
+
if ( ! delete_user_meta($user_id, 'bps_bonus_code_dismiss_all_notice') ) {
|
| 70 |
+
$text = __('The Bonus Custom Code: Dismiss All Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 71 |
+
echo $text;
|
| 72 |
+
} else {
|
| 73 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Dismiss All Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 74 |
+
echo $text;
|
| 75 |
+
}
|
| 76 |
+
|
| 77 |
+
if ( ! delete_user_meta($user_id, 'bps_brute_force_login_protection_notice') ) {
|
| 78 |
+
$text = __('The Bonus Custom Code: Brute Force Login Protection Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 79 |
+
echo $text;
|
| 80 |
+
} else {
|
| 81 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Brute Force Login Protection Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 82 |
+
echo $text;
|
| 83 |
+
}
|
| 84 |
+
|
| 85 |
+
if ( ! delete_user_meta($user_id, 'bps_speed_boost_cache_notice') ) {
|
| 86 |
+
$text = __('The Bonus Custom Code: Speed Boost Cache Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 87 |
+
echo $text;
|
| 88 |
+
} else {
|
| 89 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Speed Boost Cache Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 90 |
+
echo $text;
|
| 91 |
+
}
|
| 92 |
+
|
| 93 |
+
if ( ! delete_user_meta($user_id, 'bps_author_enumeration_notice') ) {
|
| 94 |
+
$text = __('The Bonus Custom Code: Author Enumeration BOT Probe Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 95 |
+
echo $text;
|
| 96 |
+
} else {
|
| 97 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Author Enumeration BOT Probe Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 98 |
+
echo $text;
|
| 99 |
+
}
|
| 100 |
+
|
| 101 |
+
if ( ! delete_user_meta($user_id, 'bps_xmlrpc_ddos_notice') ) {
|
| 102 |
+
$text = __('The Bonus Custom Code: XML-RPC DDoS Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 103 |
+
echo $text;
|
| 104 |
+
} else {
|
| 105 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: XML-RPC DDoS Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 106 |
+
echo $text;
|
| 107 |
+
}
|
| 108 |
+
|
| 109 |
+
if ( ! delete_user_meta($user_id, 'bps_post_request_attack_notice') ) {
|
| 110 |
+
$text = __('The Bonus Custom Code: POST Request Attack Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 111 |
+
echo $text;
|
| 112 |
+
} else {
|
| 113 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: POST Request Attack Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 114 |
+
echo $text;
|
| 115 |
+
}
|
| 116 |
+
|
| 117 |
+
if ( ! delete_user_meta($user_id, 'bps_sniff_driveby_notice') ) {
|
| 118 |
+
$text = __('The Bonus Custom Code: Mime Sniffing|Drive-by Download Attack Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 119 |
+
echo $text;
|
| 120 |
+
} else {
|
| 121 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: Mime Sniffing|Drive-by Download Attack Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 122 |
+
echo $text;
|
| 123 |
+
}
|
| 124 |
+
|
| 125 |
+
if ( ! delete_user_meta($user_id, 'bps_iframe_clickjack_notice') ) {
|
| 126 |
+
$text = __('The Bonus Custom Code: External iFrame|Clickjacking Protection Code Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 127 |
+
echo $text;
|
| 128 |
+
} else {
|
| 129 |
+
$text = '<span style="color:#008000;">'.__('Success! The Bonus Custom Code: External iFrame|Clickjacking Protection Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 130 |
+
echo $text;
|
| 131 |
+
}
|
| 132 |
+
|
| 133 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_PhpiniHandler_notice') ) {
|
| 134 |
+
$text = __('The PHP|php.ini handler htaccess code check Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 135 |
+
echo $text;
|
| 136 |
+
} else {
|
| 137 |
+
$text = '<span style="color:#008000;">'.__('Success! The PHP|php.ini handler htaccess code check is reset.', 'bulletproof-security').'</span><br>';
|
| 138 |
+
echo $text;
|
| 139 |
+
}
|
| 140 |
+
|
| 141 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_safemode_notice') ) {
|
| 142 |
+
$text = __('The Safe Mode HUD Check Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 143 |
+
echo $text;
|
| 144 |
+
} else {
|
| 145 |
+
$text = '<span style="color:#008000;">'.__('Success! The Safe Mode HUD Check is reset.', 'bulletproof-security').'</span><br>';
|
| 146 |
+
echo $text;
|
| 147 |
+
}
|
| 148 |
+
|
| 149 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_Permalinks_notice') ) {
|
| 150 |
+
$text = __('The Custom Permalinks HUD Check Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 151 |
+
echo $text;
|
| 152 |
+
} else {
|
| 153 |
+
$text = '<span style="color:#008000;">'.__('Success! The Custom Permalinks HUD Check is reset.', 'bulletproof-security').'</span><br>';
|
| 154 |
+
echo $text;
|
| 155 |
+
}
|
| 156 |
+
|
| 157 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_wpfirewall2_notice') ) {
|
| 158 |
+
$text = __('The WordPress Firewall 2 Plugin Dismiss Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 159 |
+
echo $text;
|
| 160 |
+
} else {
|
| 161 |
+
$text = '<span style="color:#008000;>'.__('Success! The WordPress Firewall 2 Plugin check is reset.', 'bulletproof-security').'</span><br>';
|
| 162 |
+
echo $text;
|
| 163 |
+
}
|
| 164 |
+
|
| 165 |
+
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_speed_boost_notice') ) {
|
| 166 |
+
$text = __('The New Improved BPS Speed Boost Cache Code Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 167 |
+
echo $text;
|
| 168 |
+
} else {
|
| 169 |
+
$text = '<span style="color:#008000;">'.__('Success! The New Improved BPS Speed Boost Cache Code Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 170 |
+
echo $text;
|
| 171 |
+
}
|
| 172 |
+
|
| 173 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_jtc_lite_notice') ) {
|
| 174 |
+
$text = __('The JTC-Lite New Feature Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 175 |
+
echo $text;
|
| 176 |
+
} else {
|
| 177 |
+
$text = '<span style="color:#008000;">'.__('Success! The JTC-Lite New Feature Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 178 |
+
echo $text;
|
| 179 |
+
}
|
| 180 |
+
|
| 181 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_rate_notice') ) {
|
| 182 |
+
$text = __('The BPS Plugin Star Rating Request Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 183 |
+
echo $text;
|
| 184 |
+
} else {
|
| 185 |
+
$text = '<span style="color:#008000;">'.__('Success! The BPS Plugin Star Rating Request Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 186 |
+
echo $text;
|
| 187 |
+
}
|
| 188 |
+
|
| 189 |
+
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_mod_security_notice') ) {
|
| 190 |
+
$text = __('The Mod Security Module is Loaded|Enabled Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 191 |
+
echo $text;
|
| 192 |
+
} else {
|
| 193 |
+
$text = '<span style="color:#008000;">'.__('Success! The Mod Security Module is Loaded|Enabled Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 194 |
+
echo $text;
|
| 195 |
+
}
|
| 196 |
+
|
| 197 |
+
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_gdpr_compliance_notice') ) {
|
| 198 |
+
$text = __('The GDPR Compliance Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 199 |
+
echo $text;
|
| 200 |
+
} else {
|
| 201 |
+
$text = '<span style="color:#008000;">'.__('Success! The GDPR Compliance Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 202 |
+
echo $text;
|
| 203 |
+
}
|
| 204 |
+
|
| 205 |
+
if ( ! delete_user_meta($user_id, 'bps_ignore_root_version_check_notice') ) {
|
| 206 |
+
$text = __('The Root htaccess File Version Check Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 207 |
+
echo $text;
|
| 208 |
+
} else {
|
| 209 |
+
$text = '<span style="color:#008000;">'.__('Success! The Root htaccess File Version Check Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 210 |
+
echo $text;
|
| 211 |
+
}
|
| 212 |
+
|
| 213 |
+
if ( ! delete_user_meta($user_id, 'bpsPro_ignore_mu_wp_automatic_updates_notice') ) {
|
| 214 |
+
$text = __('The BPS wp-config.php file WP Automatic Update constants detected Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 215 |
+
echo $text;
|
| 216 |
+
} else {
|
| 217 |
+
$text = '<span style="color:#008000;">'.__('Success! The BPS wp-config.php file WP Automatic Update constants detected Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 218 |
+
echo $text;
|
| 219 |
+
}
|
| 220 |
+
|
| 221 |
+
if ( ! delete_user_meta($user_id, 'bpsPro_hud_owner_uid_check_notice') ) {
|
| 222 |
+
$text = __('The Script|File Owner User ID Mismatch Notice is NOT set. Nothing to reset.', 'bulletproof-security').'<br>';
|
| 223 |
+
echo $text;
|
| 224 |
+
} else {
|
| 225 |
+
$text = '<span style="color:#008000;">'.__('Success! The Script|File Owner User ID Mismatch Notice is reset.', 'bulletproof-security').'</span><br>';
|
| 226 |
+
echo $text;
|
| 227 |
+
}
|
| 228 |
+
|
| 229 |
+
echo '<div class="bps-message-button" style="width:90px;margin-bottom:9px;"><a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/email-log-settings/email-log-settings.php' ).'">'.__('Refresh Status', 'bulletproof-security').'</a></div>';
|
| 230 |
+
echo '</p></div>';
|
| 231 |
+
}
|
| 232 |
+
|
| 233 |
?>
|
| 234 |
</div>
|
| 235 |
|
| 237 |
<div id="bps-tabs" class="bps-menu">
|
| 238 |
<div id="bpsHead"><img src="<?php echo plugins_url('/bulletproof-security/admin/images/bps-plugin-logo.jpg'); ?>" /></div>
|
| 239 |
<ul>
|
| 240 |
+
<li><a href="#bps-tabs-1"><?php _e('Alerts|Logs|Email Options', 'bulletproof-security'); ?></a></li>
|
| 241 |
<li><a href="#bps-tabs-2"><?php _e('Help & FAQ', 'bulletproof-security'); ?></a></li>
|
| 242 |
</ul>
|
| 243 |
|
| 245 |
|
| 246 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 247 |
<tr>
|
| 248 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 249 |
</tr>
|
| 250 |
<tr>
|
| 251 |
<td class="bps-table_cell_help">
|
| 252 |
|
| 253 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Alerts|Logs|Email Options', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 254 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 255 |
|
| 256 |
+
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Alerts|Logs|Email Options', 'bulletproof-security'); ?>">
|
| 257 |
<p>
|
| 258 |
<?php
|
| 259 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 260 |
echo $text;
|
| 261 |
+
|
| 262 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 263 |
+
echo $bpsPro_text;
|
| 264 |
+
|
| 265 |
// Forum Help Links or of course both
|
| 266 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 267 |
echo $text;
|
| 268 |
?>
|
| 269 |
<strong><a href="https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting" title="BPS Troubleshooting Steps" target="_blank"><?php _e('BPS Troubleshooting Steps', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 270 |
|
| 271 |
+
<?php $text = '<strong>'.__('Reset|Recheck Dismiss Notices:', 'bulletproof-security').'</strong><br>'.__('Clicking this button resets ALL Dismiss Notices such as Bonus Code Dismiss Notices and ALL other Dismiss Notices. If you previously dismissed a Dismiss Notice and want to display it again at a later time click this button.', 'bulletproof-security').'<br><br><strong>'.__('Email Alerts & Log File Settings', 'bulletproof-security').'</strong><br>'.__('The email address fields To, From, Cc and Bcc can be email addresses for your hosting account, your WordPress Administrator email address or 3rd party email addresses like gmail or yahoo email. If you are sending emails to multiple email recipients then separate the email addresses with a comma. Example: someone@somewhere.com, someoneelse@somewhereelse.com. You can add a space or not add a space after the comma between email addresses.', 'bulletproof-security').'<br><br><strong>'.__('Note: ', 'bulletproof-security').'</strong>'.__('Email Alerting and Log file options are located in S-Monitor in BPS Pro.', 'bulletproof-security').'<br><br><strong>'.__('Login Security: Send Email Alert When...', 'bulletproof-security').'</strong><br>'.__('There are 5 different email options. Choose to have email alerts sent when a User Account is locked out, An Administrator Logs in, An Administrator Logs in and when a User Account is locked out, Any User logs in and when a User Account is locked out or Do Not Send Email Alerts.', 'bulletproof-security').'<br><br>'.__('The email alerts contain the action that occurred with Timestamp and these fields: Username, Status, Role, Email, Lockout Time, Lockout Time Expires, User IP Address, User Hostname, Request URI and URL link for the website where the action occurred.', 'bulletproof-security').'<br><br><strong>'.__('Security Log File Email|Delete Log File When...', 'bulletproof-security').'</strong><br>'.__('Select the maximum Log File size that you want to allow for your Security Log File and then select the option that you want when your log file reaches that maximum size. Choose to either automatically Email the Log file to you and delete it or just delete it without emailing the log file to you first.', 'bulletproof-security').'<br><br><strong>'.__('DB Backup Log File Email|Delete Log File When...', 'bulletproof-security').'</strong><br>'.__('Select the maximum Log File size that you want to allow for your DB Backup Log File and then select the option that you want when your log file reaches that maximum size. Choose to either automatically Email the Log file to you and delete it or just delete it without emailing the log file to you first.', 'bulletproof-security').'<br><br><strong>'.__('MScan Malware Scanner Email|Delete Log File When...', 'bulletproof-security').'</strong><br>'.__('Select the maximum Log File size that you want to allow for your MScan Log File and then select the option that you want when your log file reaches that maximum size. Choose to either automatically Email the Log file to you and delete it or just delete it without emailing the log file to you first.', 'bulletproof-security').'<br><br><strong>'.__('Plugin Updates Available Email Alert:', 'bulletproof-security').'</strong><br>'.__('Choose whether or not to have email alerts sent if new Plugin version updates are available. The default setting is "Do Not Send Email Alerts". You can choose either to send email alerts for all Plugins or only Active Plugins.', 'bulletproof-security').'<br><br><strong>'.__('Theme Updates Available Email Alert:', 'bulletproof-security').'</strong><br>'.__('Choose whether or not to have email alerts sent if new Theme version updates are available. The default setting is "Do Not Send Email Alerts". You can choose either to send email alerts for all Themes or only the Active Theme.', 'bulletproof-security'); echo $text; ?></p>
|
| 272 |
+
</div>
|
| 273 |
+
|
| 274 |
+
<div id="ResetDismissNotices">
|
| 275 |
+
<form name="bpsResetDismissNotices" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/email-log-settings/email-log-settings.php' ); ?>" method="post">
|
| 276 |
+
<?php wp_nonce_field('bulletproof_security_reset_dismiss_notices'); ?>
|
| 277 |
+
|
| 278 |
+
<p><strong><label for="Status-Display"><?php _e('Reset|Recheck Dismiss Notices: ', 'bulletproof-security'); ?></label>
|
| 279 |
+
<input type="hidden" name="bpsRDN" value="bps-RDN" />
|
| 280 |
+
<input type="submit" name="bpsResetDismissSubmit" class="button bps-button" value="<?php esc_attr_e('Reset|Recheck', 'bulletproof-security') ?>" />
|
| 281 |
+
</strong></p>
|
| 282 |
+
</form>
|
| 283 |
</div>
|
| 284 |
|
| 285 |
<div id="EmailOptions" style="width:100%;">
|
| 307 |
|
| 308 |
<table border="0">
|
| 309 |
<tr>
|
| 310 |
+
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files To:', 'bulletproof-security'); ?> </label><br />
|
| 311 |
+
<input type="text" name="bulletproof_security_options_email[bps_send_email_to]" class="regular-text-340" value="<?php if ( $bps_send_email_to != '' ) { echo esc_html( $bps_send_email_to ); } else { echo esc_html( $admin_email ); } ?>" /></td>
|
| 312 |
</tr>
|
| 313 |
<tr>
|
| 314 |
+
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files From:', 'bulletproof-security'); ?> </label><br />
|
| 315 |
+
<input type="text" name="bulletproof_security_options_email[bps_send_email_from]" class="regular-text-340" value="<?php if ( $bps_send_email_from != '' ) { echo esc_html( $bps_send_email_from ); } else { echo esc_html( $admin_email ); } ?>" /></td>
|
| 316 |
</tr>
|
| 317 |
<tr>
|
| 318 |
+
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files Cc:', 'bulletproof-security'); ?> </label><br />
|
| 319 |
+
<input type="text" name="bulletproof_security_options_email[bps_send_email_cc]" class="regular-text-340" value="<?php echo esc_html( $bps_send_email_cc ); ?>" /></td>
|
| 320 |
</tr>
|
| 321 |
<tr>
|
| 322 |
+
<td><label for="bps-monitor-email"><?php _e('Send Email Alerts & Log Files Bcc:', 'bulletproof-security'); ?> </label><br />
|
| 323 |
+
<input type="text" name="bulletproof_security_options_email[bps_send_email_bcc]" class="regular-text-340" value="<?php echo esc_html( $bps_send_email_bcc ); ?>" /></td>
|
| 324 |
</tr>
|
| 325 |
</table>
|
| 326 |
<br />
|
| 422 |
|
| 423 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 424 |
<tr>
|
| 425 |
+
<td class="bps-table_title"></td>
|
| 426 |
</tr>
|
| 427 |
<tr>
|
| 428 |
<td class="bps-table_cell_help_links">
|
| 429 |
+
|
| 430 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 431 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 432 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 433 |
+
|
| 434 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 435 |
+
|
| 436 |
</td>
|
| 437 |
</tr>
|
| 438 |
</table>
|
admin/htaccess/bps-maintenance.php
CHANGED
|
@@ -14,9 +14,9 @@ include( dirname( __FILE__ ) . '/bps-maintenance-values.php' );
|
|
| 14 |
if ( $bps_maint_log_visitors == '1' ) {
|
| 15 |
|
| 16 |
if ( file_exists( dirname(dirname(dirname(dirname(dirname(dirname(__FILE__)))))) . '/wp-load.php' ) ) {
|
| 17 |
-
require_once
|
| 18 |
} elseif ( file_exists( dirname(__FILE__) . '/wp-load.php' ) ) {
|
| 19 |
-
require_once
|
| 20 |
} else {
|
| 21 |
echo '<strong><font color="#fb0101">ERROR: Unable to load the wp-load.php file</strong></font>';
|
| 22 |
}
|
|
@@ -35,7 +35,7 @@ function bps_get_wp_root_install_folder() {
|
|
| 35 |
|
| 36 |
// Log visitors in the BPS Security Log
|
| 37 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 38 |
-
$hostname =
|
| 39 |
$timeNow = time();
|
| 40 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 41 |
$query_string = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
|
|
@@ -46,9 +46,14 @@ function bps_get_wp_root_install_folder() {
|
|
| 46 |
$timestamp = date_i18n( get_option('date_format'), strtotime("11/15-1976") ) . ' - ' . date_i18n( get_option('time_format'), $timeNow + $gmt_offset );
|
| 47 |
}
|
| 48 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49 |
if ( $_SERVER['REQUEST_URI'] != bps_get_wp_root_install_folder() . '0' ) {
|
| 50 |
|
| 51 |
-
$log_contents = "\r\n" . '[Maintenance Mode - Visitor Logged: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version ."\r\n" . 'WP: ' . $wp_version . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$
|
| 52 |
|
| 53 |
if ( is_writable( $bpsProLog ) ) {
|
| 54 |
|
| 14 |
if ( $bps_maint_log_visitors == '1' ) {
|
| 15 |
|
| 16 |
if ( file_exists( dirname(dirname(dirname(dirname(dirname(dirname(__FILE__)))))) . '/wp-load.php' ) ) {
|
| 17 |
+
require_once '../../../../../wp-load.php';
|
| 18 |
} elseif ( file_exists( dirname(__FILE__) . '/wp-load.php' ) ) {
|
| 19 |
+
require_once dirname(__FILE__) . '/wp-load.php';
|
| 20 |
} else {
|
| 21 |
echo '<strong><font color="#fb0101">ERROR: Unable to load the wp-load.php file</strong></font>';
|
| 22 |
}
|
| 35 |
|
| 36 |
// Log visitors in the BPS Security Log
|
| 37 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 38 |
+
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
| 39 |
$timeNow = time();
|
| 40 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 41 |
$query_string = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
|
| 46 |
$timestamp = date_i18n( get_option('date_format'), strtotime("11/15-1976") ) . ' - ' . date_i18n( get_option('time_format'), $timeNow + $gmt_offset );
|
| 47 |
}
|
| 48 |
|
| 49 |
+
$bpsPro_http_referer = false;
|
| 50 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 51 |
+
$bpsPro_http_referer = $_SERVER['HTTP_REFERER'];
|
| 52 |
+
}
|
| 53 |
+
|
| 54 |
if ( $_SERVER['REQUEST_URI'] != bps_get_wp_root_install_folder() . '0' ) {
|
| 55 |
|
| 56 |
+
$log_contents = "\r\n" . '[Maintenance Mode - Visitor Logged: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version ."\r\n" . 'WP: ' . $wp_version . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 57 |
|
| 58 |
if ( is_writable( $bpsProLog ) ) {
|
| 59 |
|
admin/htaccess/bps-mu-tools.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
/*
|
| 3 |
Plugin Name: BPS MU Tools
|
| 4 |
Description: To turn On any of these WordPress Automatic Update options/filters click the links. When any of these WordPress Automatic Update options/filters are turned On that means that particular WP Automatic Update option/filter is enabled and the link will be displayed in green font. When any of these WordPress Automatic Update options/filters are turned Off that means that particular WP Automatic Update option/filter is not in use. It does not mean that particular WP Automatic Update filter is disabling or turning Off a particular WP Automatic Update. For additional help info about each of these WordPress Automatic Update options/filters click the "WordPress Automatic Update Help Forum Topic" link below. • Disable all Updates: On = All WordPress Automatic Updates: Core, Plugins, Themes and Translations will be disabled. • Disable all Core Updates: On = All WordPress Core Automatic Updates: Development, Minor and Major versions are disabled. • Enable all Core Updates: On = All WordPress Core Automatic Updates: Development, Minor and Major versions are enabled. • Enable Development Updates: On = WordPress Core Automatic Updates are enabled for Development WP versions. • Enable Minor Updates: On = WordPress Core Automatic Updates are enabled for Minor WP versions. • Enable Major Updates: On = WordPress Core Automatic Updates are enabled for Major WP versions.
|
| 5 |
-
Version:
|
| 6 |
Author: AITpro
|
| 7 |
Author URI: https://forum.ait-pro.com/forums/forum/bulletproof-security-free/
|
| 8 |
License: GPLv2 or later
|
|
@@ -253,48 +253,60 @@ function bpsPro_toggle_links() {
|
|
| 253 |
|
| 254 |
$wp_auto_update_options = get_option('bulletproof_security_options_mu_wp_autoupdate');
|
| 255 |
|
|
|
|
|
|
|
| 256 |
if ( ! isset( $_GET['bps_toggle_automatic_updater_disabled'] ) ) {
|
| 257 |
-
$bps_toggle_automatic_updater_disabled = $
|
| 258 |
} elseif ( 'enable' == $_GET['bps_toggle_automatic_updater_disabled'] ) {
|
| 259 |
$bps_toggle_automatic_updater_disabled = 'enabled';
|
| 260 |
} elseif ( 'disable' == $_GET['bps_toggle_automatic_updater_disabled'] ) {
|
| 261 |
$bps_toggle_automatic_updater_disabled = 'disabled';
|
| 262 |
}
|
| 263 |
|
|
|
|
|
|
|
| 264 |
if ( ! isset( $_GET['bps_toggle_auto_update_core_updates_disabled'] ) ) {
|
| 265 |
-
$bps_toggle_auto_update_core_updates_disabled = $
|
| 266 |
} elseif ( 'enable' == $_GET['bps_toggle_auto_update_core_updates_disabled'] ) {
|
| 267 |
$bps_toggle_auto_update_core_updates_disabled = 'enabled';
|
| 268 |
} elseif ( 'disable' == $_GET['bps_toggle_auto_update_core_updates_disabled'] ) {
|
| 269 |
$bps_toggle_auto_update_core_updates_disabled = 'disabled';
|
| 270 |
}
|
| 271 |
|
|
|
|
|
|
|
| 272 |
if ( ! isset( $_GET['bps_toggle_auto_update_core'] ) ) {
|
| 273 |
-
$bps_toggle_auto_update_core = $
|
| 274 |
} elseif ( 'enable' == $_GET['bps_toggle_auto_update_core'] ) {
|
| 275 |
$bps_toggle_auto_update_core = 'enabled';
|
| 276 |
} elseif ( 'disable' == $_GET['bps_toggle_auto_update_core'] ) {
|
| 277 |
$bps_toggle_auto_update_core = 'disabled';
|
| 278 |
}
|
| 279 |
|
|
|
|
|
|
|
| 280 |
if ( ! isset( $_GET['bps_toggle_allow_dev_auto_core_updates'] ) ) {
|
| 281 |
-
$bps_toggle_allow_dev_auto_core_updates = $
|
| 282 |
} elseif ( 'enable' == $_GET['bps_toggle_allow_dev_auto_core_updates'] ) {
|
| 283 |
$bps_toggle_allow_dev_auto_core_updates = 'enabled';
|
| 284 |
} elseif ( 'disable' == $_GET['bps_toggle_allow_dev_auto_core_updates'] ) {
|
| 285 |
$bps_toggle_allow_dev_auto_core_updates = 'disabled';
|
| 286 |
}
|
| 287 |
|
|
|
|
|
|
|
| 288 |
if ( ! isset( $_GET['bps_toggle_allow_minor_auto_core_updates'] ) ) {
|
| 289 |
-
$bps_toggle_allow_minor_auto_core_updates = $
|
| 290 |
} elseif ( 'enable' == $_GET['bps_toggle_allow_minor_auto_core_updates'] ) {
|
| 291 |
$bps_toggle_allow_minor_auto_core_updates = 'enabled';
|
| 292 |
} elseif ( 'disable' == $_GET['bps_toggle_allow_minor_auto_core_updates'] ) {
|
| 293 |
$bps_toggle_allow_minor_auto_core_updates = 'disabled';
|
| 294 |
}
|
| 295 |
|
|
|
|
|
|
|
| 296 |
if ( ! isset( $_GET['bps_toggle_allow_major_auto_core_updates'] ) ) {
|
| 297 |
-
$bps_toggle_allow_major_auto_core_updates = $
|
| 298 |
} elseif ( 'enable' == $_GET['bps_toggle_allow_major_auto_core_updates'] ) {
|
| 299 |
$bps_toggle_allow_major_auto_core_updates = 'enabled';
|
| 300 |
} elseif ( 'disable' == $_GET['bps_toggle_allow_major_auto_core_updates'] ) {
|
| 2 |
/*
|
| 3 |
Plugin Name: BPS MU Tools
|
| 4 |
Description: To turn On any of these WordPress Automatic Update options/filters click the links. When any of these WordPress Automatic Update options/filters are turned On that means that particular WP Automatic Update option/filter is enabled and the link will be displayed in green font. When any of these WordPress Automatic Update options/filters are turned Off that means that particular WP Automatic Update option/filter is not in use. It does not mean that particular WP Automatic Update filter is disabling or turning Off a particular WP Automatic Update. For additional help info about each of these WordPress Automatic Update options/filters click the "WordPress Automatic Update Help Forum Topic" link below. • Disable all Updates: On = All WordPress Automatic Updates: Core, Plugins, Themes and Translations will be disabled. • Disable all Core Updates: On = All WordPress Core Automatic Updates: Development, Minor and Major versions are disabled. • Enable all Core Updates: On = All WordPress Core Automatic Updates: Development, Minor and Major versions are enabled. • Enable Development Updates: On = WordPress Core Automatic Updates are enabled for Development WP versions. • Enable Minor Updates: On = WordPress Core Automatic Updates are enabled for Minor WP versions. • Enable Major Updates: On = WordPress Core Automatic Updates are enabled for Major WP versions.
|
| 5 |
+
Version: 8.0
|
| 6 |
Author: AITpro
|
| 7 |
Author URI: https://forum.ait-pro.com/forums/forum/bulletproof-security-free/
|
| 8 |
License: GPLv2 or later
|
| 253 |
|
| 254 |
$wp_auto_update_options = get_option('bulletproof_security_options_mu_wp_autoupdate');
|
| 255 |
|
| 256 |
+
$bps_automatic_updater_disabled = isset($wp_auto_update_options['bps_automatic_updater_disabled']) ? $wp_auto_update_options['bps_automatic_updater_disabled'] : '';
|
| 257 |
+
|
| 258 |
if ( ! isset( $_GET['bps_toggle_automatic_updater_disabled'] ) ) {
|
| 259 |
+
$bps_toggle_automatic_updater_disabled = $bps_automatic_updater_disabled;
|
| 260 |
} elseif ( 'enable' == $_GET['bps_toggle_automatic_updater_disabled'] ) {
|
| 261 |
$bps_toggle_automatic_updater_disabled = 'enabled';
|
| 262 |
} elseif ( 'disable' == $_GET['bps_toggle_automatic_updater_disabled'] ) {
|
| 263 |
$bps_toggle_automatic_updater_disabled = 'disabled';
|
| 264 |
}
|
| 265 |
|
| 266 |
+
$bps_auto_update_core_updates_disabled = isset($wp_auto_update_options['bps_auto_update_core_updates_disabled']) ? $wp_auto_update_options['bps_auto_update_core_updates_disabled'] : '';
|
| 267 |
+
|
| 268 |
if ( ! isset( $_GET['bps_toggle_auto_update_core_updates_disabled'] ) ) {
|
| 269 |
+
$bps_toggle_auto_update_core_updates_disabled = $bps_auto_update_core_updates_disabled;
|
| 270 |
} elseif ( 'enable' == $_GET['bps_toggle_auto_update_core_updates_disabled'] ) {
|
| 271 |
$bps_toggle_auto_update_core_updates_disabled = 'enabled';
|
| 272 |
} elseif ( 'disable' == $_GET['bps_toggle_auto_update_core_updates_disabled'] ) {
|
| 273 |
$bps_toggle_auto_update_core_updates_disabled = 'disabled';
|
| 274 |
}
|
| 275 |
|
| 276 |
+
$bps_auto_update_core = isset($wp_auto_update_options['bps_auto_update_core']) ? $wp_auto_update_options['bps_auto_update_core'] : '';
|
| 277 |
+
|
| 278 |
if ( ! isset( $_GET['bps_toggle_auto_update_core'] ) ) {
|
| 279 |
+
$bps_toggle_auto_update_core = $bps_auto_update_core;
|
| 280 |
} elseif ( 'enable' == $_GET['bps_toggle_auto_update_core'] ) {
|
| 281 |
$bps_toggle_auto_update_core = 'enabled';
|
| 282 |
} elseif ( 'disable' == $_GET['bps_toggle_auto_update_core'] ) {
|
| 283 |
$bps_toggle_auto_update_core = 'disabled';
|
| 284 |
}
|
| 285 |
|
| 286 |
+
$bps_allow_dev_auto_core_updates = isset($wp_auto_update_options['bps_allow_dev_auto_core_updates']) ? $wp_auto_update_options['bps_allow_dev_auto_core_updates'] : '';
|
| 287 |
+
|
| 288 |
if ( ! isset( $_GET['bps_toggle_allow_dev_auto_core_updates'] ) ) {
|
| 289 |
+
$bps_toggle_allow_dev_auto_core_updates = $bps_allow_dev_auto_core_updates;
|
| 290 |
} elseif ( 'enable' == $_GET['bps_toggle_allow_dev_auto_core_updates'] ) {
|
| 291 |
$bps_toggle_allow_dev_auto_core_updates = 'enabled';
|
| 292 |
} elseif ( 'disable' == $_GET['bps_toggle_allow_dev_auto_core_updates'] ) {
|
| 293 |
$bps_toggle_allow_dev_auto_core_updates = 'disabled';
|
| 294 |
}
|
| 295 |
|
| 296 |
+
$bps_allow_minor_auto_core_updates = isset($wp_auto_update_options['bps_allow_minor_auto_core_updates']) ? $wp_auto_update_options['bps_allow_minor_auto_core_updates'] : '';
|
| 297 |
+
|
| 298 |
if ( ! isset( $_GET['bps_toggle_allow_minor_auto_core_updates'] ) ) {
|
| 299 |
+
$bps_toggle_allow_minor_auto_core_updates = $bps_allow_minor_auto_core_updates;
|
| 300 |
} elseif ( 'enable' == $_GET['bps_toggle_allow_minor_auto_core_updates'] ) {
|
| 301 |
$bps_toggle_allow_minor_auto_core_updates = 'enabled';
|
| 302 |
} elseif ( 'disable' == $_GET['bps_toggle_allow_minor_auto_core_updates'] ) {
|
| 303 |
$bps_toggle_allow_minor_auto_core_updates = 'disabled';
|
| 304 |
}
|
| 305 |
|
| 306 |
+
$bps_allow_major_auto_core_updates = isset($wp_auto_update_options['bps_allow_major_auto_core_updates']) ? $wp_auto_update_options['bps_allow_major_auto_core_updates'] : '';
|
| 307 |
+
|
| 308 |
if ( ! isset( $_GET['bps_toggle_allow_major_auto_core_updates'] ) ) {
|
| 309 |
+
$bps_toggle_allow_major_auto_core_updates = $bps_allow_major_auto_core_updates;
|
| 310 |
} elseif ( 'enable' == $_GET['bps_toggle_allow_major_auto_core_updates'] ) {
|
| 311 |
$bps_toggle_allow_major_auto_core_updates = 'enabled';
|
| 312 |
} elseif ( 'disable' == $_GET['bps_toggle_allow_major_auto_core_updates'] ) {
|
admin/htaccess/secure.htaccess
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
# BULLETPROOF 5.
|
| 2 |
|
| 3 |
# PHP/PHP.INI HANDLER/CACHE CODE
|
| 4 |
# Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.
|
| 1 |
+
# BULLETPROOF 5.5 SECURE .HTACCESS
|
| 2 |
|
| 3 |
# PHP/PHP.INI HANDLER/CACHE CODE
|
| 4 |
# Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.
|
admin/htaccess/wpadmin-secure.htaccess
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
# BULLETPROOF 5.
|
| 2 |
|
| 3 |
# DO NOT ADD URL REWRITING IN THIS FILE OR WORDPRESS WILL BREAK
|
| 4 |
# RewriteRule ^(.*)$ - [F] works in /wp-admin without breaking WordPress
|
| 1 |
+
# BULLETPROOF 5.5 WP-ADMIN SECURE .HTACCESS
|
| 2 |
|
| 3 |
# DO NOT ADD URL REWRITING IN THIS FILE OR WORDPRESS WILL BREAK
|
| 4 |
# RewriteRule ^(.*)$ - [F] works in /wp-admin without breaking WordPress
|
admin/images/accordion-btn-over.png
CHANGED
|
Binary file
|
admin/images/bps-plugin-logo.jpg
CHANGED
|
Binary file
|
admin/images/bpspro-dashboard-status-display.jpg
CHANGED
|
Binary file
|
admin/images/bpspro-plugin-logo.jpg
ADDED
|
Binary file
|
admin/images/menu-bg.png
CHANGED
|
Binary file
|
admin/images/question-mark-large.jpg
ADDED
|
Binary file
|
admin/images/table_title_40_bg.png
ADDED
|
Binary file
|
admin/includes/admin.php
CHANGED
|
@@ -191,32 +191,32 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 191 |
|
| 192 |
// Create BPS Backup Folder
|
| 193 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup' ) ) {
|
| 194 |
-
|
| 195 |
-
|
| 196 |
}
|
| 197 |
|
| 198 |
// Create master backups folder
|
| 199 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/master-backups' ) ) {
|
| 200 |
-
|
| 201 |
-
|
| 202 |
}
|
| 203 |
|
| 204 |
// Create logs folder
|
| 205 |
if( ! is_dir( WP_CONTENT_DIR . '/bps-backup/logs' ) ) {
|
| 206 |
-
|
| 207 |
-
|
| 208 |
}
|
| 209 |
|
| 210 |
// Create the wp-hashes folder
|
| 211 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/wp-hashes' ) ) {
|
| 212 |
-
|
| 213 |
-
|
| 214 |
}
|
| 215 |
|
| 216 |
// Create the mscan folder for mscan pattern matching file/code
|
| 217 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/mscan' ) ) {
|
| 218 |
-
|
| 219 |
-
|
| 220 |
}
|
| 221 |
|
| 222 |
// Copy the blank wp-hashes.php file to the /wp-hashes/ folder
|
|
@@ -228,8 +228,8 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 228 |
}
|
| 229 |
|
| 230 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes' ) ) {
|
| 231 |
-
|
| 232 |
-
|
| 233 |
}
|
| 234 |
|
| 235 |
$plugin_hash_file = WP_CONTENT_DIR . '/bps-backup/plugin-hashes/plugin-hashes.php';
|
|
@@ -240,8 +240,8 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 240 |
}
|
| 241 |
|
| 242 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/theme-hashes' ) ) {
|
| 243 |
-
|
| 244 |
-
|
| 245 |
}
|
| 246 |
|
| 247 |
$theme_hash_file = WP_CONTENT_DIR . '/bps-backup/theme-hashes/theme-hashes.php';
|
|
@@ -256,7 +256,7 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 256 |
$bpsProMScanLogARQ = WP_CONTENT_DIR . '/bps-backup/logs/mscan_log.txt';
|
| 257 |
|
| 258 |
if ( ! file_exists($bpsProMScanLogARQ) ) {
|
| 259 |
-
|
| 260 |
}
|
| 261 |
|
| 262 |
// Previously the mscan-pattern-match.php file was copied to the /mscan/ folder and then deleted from the /htaccess/ folder
|
|
@@ -267,7 +267,7 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 267 |
|
| 268 |
if ( file_exists($mscan_pattern_match_master) ) {
|
| 269 |
|
| 270 |
-
require_once
|
| 271 |
|
| 272 |
$mscan_pattern_match_files = array(
|
| 273 |
'mscan_pattern_match_files' =>
|
|
@@ -323,7 +323,7 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 323 |
$MScanStop = WP_CONTENT_DIR . '/bps-backup/master-backups/mscan-stop.txt';
|
| 324 |
|
| 325 |
if ( ! file_exists($MScanStop) ) {
|
| 326 |
-
|
| 327 |
}
|
| 328 |
|
| 329 |
// Create backups folder with randomly generated folder name & save the backups folder name to the DB
|
|
@@ -334,7 +334,7 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 334 |
$bpsProLogARQ = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 335 |
|
| 336 |
if ( ! file_exists($bpsProLogARQ) ) {
|
| 337 |
-
|
| 338 |
}
|
| 339 |
|
| 340 |
// Create the DB Backup log in /logs
|
|
@@ -342,13 +342,13 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 342 |
$bpsProDBBLogARQ = WP_CONTENT_DIR . '/bps-backup/logs/db_backup_log.txt';
|
| 343 |
|
| 344 |
if ( ! file_exists($bpsProDBBLogARQ) ) {
|
| 345 |
-
|
| 346 |
}
|
| 347 |
|
| 348 |
// Create the /mu-plugins/ Folder
|
| 349 |
if ( ! is_dir( WP_CONTENT_DIR . '/mu-plugins' ) ) {
|
| 350 |
-
|
| 351 |
-
|
| 352 |
}
|
| 353 |
|
| 354 |
// Make sure the old bps-plugin-autoupdate.php is deleted first if it exists.
|
|
@@ -374,7 +374,7 @@ register_setting('bulletproof_security_options_fsp', 'bulletproof_security_optio
|
|
| 374 |
$bps_mu_tools_muplugins_file = WP_CONTENT_DIR . '/mu-plugins/bps-mu-tools.php';
|
| 375 |
|
| 376 |
if ( is_dir( WP_CONTENT_DIR . '/mu-plugins' ) && ! file_exists($bps_mu_tools_muplugins_file) && ! file_exists($BPS_MU_tools_file) ) {
|
| 377 |
-
|
| 378 |
}
|
| 379 |
|
| 380 |
$bps_autofix_options = 'bulletproof_security_options_wizard_autofix';
|
|
@@ -398,9 +398,9 @@ global $blog_id;
|
|
| 398 |
// Network/Multisite display partial BPS menus
|
| 399 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 400 |
|
| 401 |
-
add_menu_page(__('
|
| 402 |
-
add_submenu_page('bulletproof-security/admin/login/login.php', __('Login Security
|
| 403 |
-
add_submenu_page('bulletproof-security/admin/login/login.php', __('Login Security
|
| 404 |
|
| 405 |
// Do not display the Maintenance Mode menu for GDMW hosted sites
|
| 406 |
$BPS_wpadmin_Options = get_option('bulletproof_security_options_htaccess_res');
|
|
@@ -415,16 +415,16 @@ global $blog_id;
|
|
| 415 |
add_submenu_page('bulletproof-security/admin/login/login.php', __('System Info', 'bulletproof-security'), __('System Info', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/system-info/system-info.php' );
|
| 416 |
}
|
| 417 |
|
| 418 |
-
add_submenu_page('bulletproof-security/admin/login/login.php', __('UI|UX
|
| 419 |
|
| 420 |
} else {
|
| 421 |
|
| 422 |
-
add_menu_page(__('
|
| 423 |
-
add_submenu_page('bulletproof-security/admin/core/core.php', __('
|
| 424 |
-
add_submenu_page('bulletproof-security/admin/core/core.php', __('MScan
|
| 425 |
-
add_submenu_page('bulletproof-security/admin/core/core.php', __('Login Security
|
| 426 |
-
add_submenu_page('bulletproof-security/admin/core/core.php', __('Login Security
|
| 427 |
-
add_submenu_page('bulletproof-security/admin/core/core.php', __('Login Security
|
| 428 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('DB Backup & Security', 'bulletproof-security'), __('DB Backup', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/db-backup-security/db-backup-security.php' );
|
| 429 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('Security Log', 'bulletproof-security'), __('Security Log', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/security-log/security-log.php' );
|
| 430 |
|
|
@@ -436,8 +436,8 @@ global $blog_id;
|
|
| 436 |
}
|
| 437 |
|
| 438 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('System Info', 'bulletproof-security'), __('System Info', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/system-info/system-info.php' );
|
| 439 |
-
add_submenu_page('bulletproof-security/admin/core/core.php', __('Email
|
| 440 |
-
add_submenu_page('bulletproof-security/admin/core/core.php', __('UI|UX
|
| 441 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('Setup Wizard', 'bulletproof-security'), __('Setup Wizard', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/wizard/wizard.php' );
|
| 442 |
// MScan Scan Status Page: hidden submenu. Necessary to avoid the "you don't have permission to view this page" error message.
|
| 443 |
add_submenu_page( null, __('MScan Scan Status', 'bulletproof-security'), __('MScan Scan Status', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/mscan/mscan-scan-status.php' );
|
|
@@ -562,16 +562,16 @@ global $wp_scripts, $wp_styles, $bulletproof_security, $wp_version, $bps_version
|
|
| 562 |
wp_register_script('bps-encryption', plugins_url( '/bulletproof-security/admin/js/bps-encryption.js' ), array(), $bps_version, true );
|
| 563 |
wp_register_script('bps-crypto-js', plugins_url( '/bulletproof-security/admin/js/crypto-js/crypto-js.js' ), array(), $bps_version, true );
|
| 564 |
|
| 565 |
-
// Register BPS Styles
|
| 566 |
switch ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] ) {
|
| 567 |
case 'blue':
|
| 568 |
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-blue-ui-theme.css'), array(), $bps_version, 'all' );
|
| 569 |
break;
|
| 570 |
case 'grey':
|
| 571 |
-
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-
|
| 572 |
break;
|
| 573 |
case 'black':
|
| 574 |
-
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-
|
| 575 |
break;
|
| 576 |
default:
|
| 577 |
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-blue-ui-theme.css'), array(), $bps_version, 'all' );
|
|
@@ -601,7 +601,7 @@ global $wp_scripts, $wp_styles, $bulletproof_security, $wp_version, $bps_version
|
|
| 601 |
|
| 602 |
// Dequeue any other plugin or theme scripts that should not be loading on BPS plugin pages
|
| 603 |
$script_handles = array( 'bps-arq-ajax', 'bps-mscan-ajax', 'bps-tabs', 'bps-dialog', 'bps-accordion', 'bps-encryption', 'bps-crypto-js', 'admin-bar', 'jquery', 'jquery-ui-core', 'jquery-ui-tabs', 'jquery-ui-dialog', 'jquery-ui-widget', 'jquery-ui-mouse', 'jquery-ui-resizable', 'jquery-ui-draggable', 'jquery-ui-button', 'jquery-ui-position', 'jquery-ui-accordion', 'jquery-effects-core', 'jquery-effects-blind', 'jquery-effects-explode', 'common', 'utils', 'svg-painter', 'wp-auth-check', 'heartbeat', 'debug-bar', 'wp-polyfill', 'wp-i18n', 'hoverintent-js', 'wp-hooks', 'query-monitor' );
|
| 604 |
-
|
| 605 |
$style_handles = array( 'bps-css', 'bps-css-38', 'admin-bar', 'colors', 'ie', 'wp-auth-check', 'debug-bar', 'query-monitor' );
|
| 606 |
|
| 607 |
if ( isset($Debug_options['bps_debug']) && $Debug_options['bps_debug'] == 'On' ) {
|
|
@@ -749,7 +749,7 @@ function bpsPro_remove_non_wp_nodes_from_toolbar() {
|
|
| 749 |
function bpsPro_create_db_backup_folder() {
|
| 750 |
$options = get_option('bulletproof_security_options_db_backup');
|
| 751 |
|
| 752 |
-
if ( isset($options['bps_db_backup_folder']) && $options['bps_db_backup_folder'] != '' && is_dir( $options['bps_db_backup_folder'] ) || isset($_POST['Submit-DBB-Reset']) &&
|
| 753 |
return;
|
| 754 |
}
|
| 755 |
|
|
@@ -767,8 +767,8 @@ $options = get_option('bulletproof_security_options_db_backup');
|
|
| 767 |
|
| 768 |
$str = '1234567890abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
| 769 |
$folder_obs = substr( str_shuffle($str), 0, 15 );
|
| 770 |
-
|
| 771 |
-
|
| 772 |
|
| 773 |
$dbb_options = 'bulletproof_security_options_db_backup';
|
| 774 |
$bps_db_backup_folder = addslashes( WP_CONTENT_DIR . '/bps-backup/backups_' . $folder_obs );
|
|
@@ -954,7 +954,7 @@ function bpsPro_pop_uninstall_bps_backup_folder($source) {
|
|
| 954 |
function bulletproof_security_uninstall() {
|
| 955 |
$POPoptions = get_option('bulletproof_security_options_pop_uninstall');
|
| 956 |
|
| 957 |
-
require_once
|
| 958 |
|
| 959 |
if ( $POPoptions['bps_pop_uninstall'] == 2 ) {
|
| 960 |
|
|
@@ -1239,19 +1239,19 @@ function bulletproof_security_options_validate_idle_session($input) {
|
|
| 1239 |
$options['bps_isl_timeout'] = trim(wp_filter_nohtml_kses($input['bps_isl_timeout']));
|
| 1240 |
$options['bps_isl_logout_url'] = trim(wp_filter_nohtml_kses($input['bps_isl_logout_url']));
|
| 1241 |
$options['bps_isl_login_url'] = trim(wp_filter_nohtml_kses($input['bps_isl_login_url']));
|
| 1242 |
-
|
| 1243 |
$options['bps_isl_custom_css_1'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_1']);
|
| 1244 |
$options['bps_isl_custom_css_2'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_2']);
|
| 1245 |
$options['bps_isl_custom_css_3'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_3']);
|
| 1246 |
$options['bps_isl_custom_css_4'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_4']);
|
| 1247 |
-
|
| 1248 |
-
|
| 1249 |
-
|
| 1250 |
-
|
| 1251 |
-
|
| 1252 |
-
|
| 1253 |
-
|
| 1254 |
-
|
| 1255 |
// Note: You cannot use: wp_filter_nohtml_kses for multidimensional arrays - it will strip out the inner array code.
|
| 1256 |
@$options['bps_isl_custom_roles'] = $input['bps_isl_custom_roles'];
|
| 1257 |
|
|
@@ -1264,13 +1264,13 @@ function bulletproof_security_options_validate_auth_cookie($input) {
|
|
| 1264 |
$options['bps_ace'] = wp_filter_nohtml_kses($input['bps_ace']);
|
| 1265 |
$options['bps_ace_expiration'] = trim(wp_filter_nohtml_kses($input['bps_ace_expiration']));
|
| 1266 |
$options['bps_ace_rememberme_expiration'] = trim(wp_filter_nohtml_kses($input['bps_ace_rememberme_expiration']));
|
| 1267 |
-
|
| 1268 |
-
|
| 1269 |
-
|
| 1270 |
-
|
| 1271 |
-
|
| 1272 |
-
|
| 1273 |
-
|
| 1274 |
// Note: You cannot use: wp_filter_nohtml_kses for multidimensional arrays - it will strip out the inner array code.
|
| 1275 |
@$options['bps_ace_custom_roles'] = $input['bps_ace_custom_roles'];
|
| 1276 |
|
| 191 |
|
| 192 |
// Create BPS Backup Folder
|
| 193 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup' ) ) {
|
| 194 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup', 0755, true );
|
| 195 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/', 0755 );
|
| 196 |
}
|
| 197 |
|
| 198 |
// Create master backups folder
|
| 199 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/master-backups' ) ) {
|
| 200 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/master-backups', 0755, true );
|
| 201 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/master-backups/', 0755 );
|
| 202 |
}
|
| 203 |
|
| 204 |
// Create logs folder
|
| 205 |
if( ! is_dir( WP_CONTENT_DIR . '/bps-backup/logs' ) ) {
|
| 206 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/logs', 0755, true );
|
| 207 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/logs/', 0755 );
|
| 208 |
}
|
| 209 |
|
| 210 |
// Create the wp-hashes folder
|
| 211 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/wp-hashes' ) ) {
|
| 212 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/wp-hashes', 0755, true );
|
| 213 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/wp-hashes/', 0755 );
|
| 214 |
}
|
| 215 |
|
| 216 |
// Create the mscan folder for mscan pattern matching file/code
|
| 217 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/mscan' ) ) {
|
| 218 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/mscan', 0755, true );
|
| 219 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/mscan/', 0755 );
|
| 220 |
}
|
| 221 |
|
| 222 |
// Copy the blank wp-hashes.php file to the /wp-hashes/ folder
|
| 228 |
}
|
| 229 |
|
| 230 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes' ) ) {
|
| 231 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes', 0755, true );
|
| 232 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/plugin-hashes/', 0755 );
|
| 233 |
}
|
| 234 |
|
| 235 |
$plugin_hash_file = WP_CONTENT_DIR . '/bps-backup/plugin-hashes/plugin-hashes.php';
|
| 240 |
}
|
| 241 |
|
| 242 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/theme-hashes' ) ) {
|
| 243 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/theme-hashes', 0755, true );
|
| 244 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/theme-hashes/', 0755 );
|
| 245 |
}
|
| 246 |
|
| 247 |
$theme_hash_file = WP_CONTENT_DIR . '/bps-backup/theme-hashes/theme-hashes.php';
|
| 256 |
$bpsProMScanLogARQ = WP_CONTENT_DIR . '/bps-backup/logs/mscan_log.txt';
|
| 257 |
|
| 258 |
if ( ! file_exists($bpsProMScanLogARQ) ) {
|
| 259 |
+
copy($bpsProMScanLog, $bpsProMScanLogARQ);
|
| 260 |
}
|
| 261 |
|
| 262 |
// Previously the mscan-pattern-match.php file was copied to the /mscan/ folder and then deleted from the /htaccess/ folder
|
| 267 |
|
| 268 |
if ( file_exists($mscan_pattern_match_master) ) {
|
| 269 |
|
| 270 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/mscan-pattern-match.php';
|
| 271 |
|
| 272 |
$mscan_pattern_match_files = array(
|
| 273 |
'mscan_pattern_match_files' =>
|
| 323 |
$MScanStop = WP_CONTENT_DIR . '/bps-backup/master-backups/mscan-stop.txt';
|
| 324 |
|
| 325 |
if ( ! file_exists($MScanStop) ) {
|
| 326 |
+
copy($BPSblank, $MScanStop);
|
| 327 |
}
|
| 328 |
|
| 329 |
// Create backups folder with randomly generated folder name & save the backups folder name to the DB
|
| 334 |
$bpsProLogARQ = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 335 |
|
| 336 |
if ( ! file_exists($bpsProLogARQ) ) {
|
| 337 |
+
copy($bpsProLog, $bpsProLogARQ);
|
| 338 |
}
|
| 339 |
|
| 340 |
// Create the DB Backup log in /logs
|
| 342 |
$bpsProDBBLogARQ = WP_CONTENT_DIR . '/bps-backup/logs/db_backup_log.txt';
|
| 343 |
|
| 344 |
if ( ! file_exists($bpsProDBBLogARQ) ) {
|
| 345 |
+
copy($bpsProDBBLog, $bpsProDBBLogARQ);
|
| 346 |
}
|
| 347 |
|
| 348 |
// Create the /mu-plugins/ Folder
|
| 349 |
if ( ! is_dir( WP_CONTENT_DIR . '/mu-plugins' ) ) {
|
| 350 |
+
mkdir( WP_CONTENT_DIR . '/mu-plugins', 0755, true );
|
| 351 |
+
chmod( WP_CONTENT_DIR . '/mu-plugins/', 0755 );
|
| 352 |
}
|
| 353 |
|
| 354 |
// Make sure the old bps-plugin-autoupdate.php is deleted first if it exists.
|
| 374 |
$bps_mu_tools_muplugins_file = WP_CONTENT_DIR . '/mu-plugins/bps-mu-tools.php';
|
| 375 |
|
| 376 |
if ( is_dir( WP_CONTENT_DIR . '/mu-plugins' ) && ! file_exists($bps_mu_tools_muplugins_file) && ! file_exists($BPS_MU_tools_file) ) {
|
| 377 |
+
copy($bps_mu_tools_master_file, $bps_mu_tools_muplugins_file);
|
| 378 |
}
|
| 379 |
|
| 380 |
$bps_autofix_options = 'bulletproof_security_options_wizard_autofix';
|
| 398 |
// Network/Multisite display partial BPS menus
|
| 399 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 400 |
|
| 401 |
+
add_menu_page(__('htaccess File Options', 'bulletproof-security'), __('BPS Security', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/login/login.php', '', plugins_url('bulletproof-security/admin/images/bps-icon-small.png'));
|
| 402 |
+
add_submenu_page('bulletproof-security/admin/login/login.php', __('Login Security Options', 'bulletproof-security'), __('Login Security', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/login/login.php' );
|
| 403 |
+
add_submenu_page('bulletproof-security/admin/login/login.php', __('Login Security Options', 'bulletproof-security'), __('JTC-Lite', 'bulletproof-security'), 'manage_options', 'admin.php?page=bulletproof-security/admin/login/login.php#bps-tabs-2' );
|
| 404 |
|
| 405 |
// Do not display the Maintenance Mode menu for GDMW hosted sites
|
| 406 |
$BPS_wpadmin_Options = get_option('bulletproof_security_options_htaccess_res');
|
| 415 |
add_submenu_page('bulletproof-security/admin/login/login.php', __('System Info', 'bulletproof-security'), __('System Info', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/system-info/system-info.php' );
|
| 416 |
}
|
| 417 |
|
| 418 |
+
add_submenu_page('bulletproof-security/admin/login/login.php', __('UI|UX Options', 'bulletproof-security'), __('UI|UX Options', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/theme-skin/theme-skin.php' );
|
| 419 |
|
| 420 |
} else {
|
| 421 |
|
| 422 |
+
add_menu_page(__('htaccess File Options', 'bulletproof-security'), __('BPS Security', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/core/core.php', '', plugins_url('bulletproof-security/admin/images/bps-icon-small.png'));
|
| 423 |
+
add_submenu_page('bulletproof-security/admin/core/core.php', __('htaccess File Options', 'bulletproof-security'), __('htaccess File Options', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/core/core.php' );
|
| 424 |
+
add_submenu_page('bulletproof-security/admin/core/core.php', __('MScan Malware Scanner', 'bulletproof-security'), __('MScan', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/mscan/mscan.php' );
|
| 425 |
+
add_submenu_page('bulletproof-security/admin/core/core.php', __('Login Security Options', 'bulletproof-security'), __('Login Security', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/login/login.php' );
|
| 426 |
+
add_submenu_page('bulletproof-security/admin/core/core.php', __('Login Security Options', 'bulletproof-security'), __('JTC-Lite', 'bulletproof-security'), 'manage_options', 'admin.php?page=bulletproof-security/admin/login/login.php#bps-tabs-2' );
|
| 427 |
+
add_submenu_page('bulletproof-security/admin/core/core.php', __('Login Security Options', 'bulletproof-security'), __('Idle Session Logout<br>Cookie Expiration', 'bulletproof-security'), 'manage_options', 'admin.php?page=bulletproof-security/admin/login/login.php#bps-tabs-3' );
|
| 428 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('DB Backup & Security', 'bulletproof-security'), __('DB Backup', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/db-backup-security/db-backup-security.php' );
|
| 429 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('Security Log', 'bulletproof-security'), __('Security Log', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/security-log/security-log.php' );
|
| 430 |
|
| 436 |
}
|
| 437 |
|
| 438 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('System Info', 'bulletproof-security'), __('System Info', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/system-info/system-info.php' );
|
| 439 |
+
add_submenu_page('bulletproof-security/admin/core/core.php', __('Alerts|Logs|Email Options', 'bulletproof-security'), __('Alerts|Logs|Email Options', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/email-log-settings/email-log-settings.php' );
|
| 440 |
+
add_submenu_page('bulletproof-security/admin/core/core.php', __('UI|UX Options', 'bulletproof-security'), __('UI|UX Options', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/theme-skin/theme-skin.php' );
|
| 441 |
add_submenu_page('bulletproof-security/admin/core/core.php', __('Setup Wizard', 'bulletproof-security'), __('Setup Wizard', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/wizard/wizard.php' );
|
| 442 |
// MScan Scan Status Page: hidden submenu. Necessary to avoid the "you don't have permission to view this page" error message.
|
| 443 |
add_submenu_page( null, __('MScan Scan Status', 'bulletproof-security'), __('MScan Scan Status', 'bulletproof-security'), 'manage_options', 'bulletproof-security/admin/mscan/mscan-scan-status.php' );
|
| 562 |
wp_register_script('bps-encryption', plugins_url( '/bulletproof-security/admin/js/bps-encryption.js' ), array(), $bps_version, true );
|
| 563 |
wp_register_script('bps-crypto-js', plugins_url( '/bulletproof-security/admin/js/crypto-js/crypto-js.js' ), array(), $bps_version, true );
|
| 564 |
|
| 565 |
+
// Register BPS Styles - The grey and black Theme Skins have been retired.
|
| 566 |
switch ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] ) {
|
| 567 |
case 'blue':
|
| 568 |
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-blue-ui-theme.css'), array(), $bps_version, 'all' );
|
| 569 |
break;
|
| 570 |
case 'grey':
|
| 571 |
+
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-blue-ui-theme.css'), array(), $bps_version, 'all' );
|
| 572 |
break;
|
| 573 |
case 'black':
|
| 574 |
+
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-blue-ui-theme.css'), array(), $bps_version, 'all' );
|
| 575 |
break;
|
| 576 |
default:
|
| 577 |
wp_register_style('bps-css-38', plugins_url('/bulletproof-security/admin/css/bps-blue-ui-theme.css'), array(), $bps_version, 'all' );
|
| 601 |
|
| 602 |
// Dequeue any other plugin or theme scripts that should not be loading on BPS plugin pages
|
| 603 |
$script_handles = array( 'bps-arq-ajax', 'bps-mscan-ajax', 'bps-tabs', 'bps-dialog', 'bps-accordion', 'bps-encryption', 'bps-crypto-js', 'admin-bar', 'jquery', 'jquery-ui-core', 'jquery-ui-tabs', 'jquery-ui-dialog', 'jquery-ui-widget', 'jquery-ui-mouse', 'jquery-ui-resizable', 'jquery-ui-draggable', 'jquery-ui-button', 'jquery-ui-position', 'jquery-ui-accordion', 'jquery-effects-core', 'jquery-effects-blind', 'jquery-effects-explode', 'common', 'utils', 'svg-painter', 'wp-auth-check', 'heartbeat', 'debug-bar', 'wp-polyfill', 'wp-i18n', 'hoverintent-js', 'wp-hooks', 'query-monitor' );
|
| 604 |
+
|
| 605 |
$style_handles = array( 'bps-css', 'bps-css-38', 'admin-bar', 'colors', 'ie', 'wp-auth-check', 'debug-bar', 'query-monitor' );
|
| 606 |
|
| 607 |
if ( isset($Debug_options['bps_debug']) && $Debug_options['bps_debug'] == 'On' ) {
|
| 749 |
function bpsPro_create_db_backup_folder() {
|
| 750 |
$options = get_option('bulletproof_security_options_db_backup');
|
| 751 |
|
| 752 |
+
if ( isset($options['bps_db_backup_folder']) && $options['bps_db_backup_folder'] != '' && is_dir( $options['bps_db_backup_folder'] ) || isset($_POST['Submit-DBB-Reset']) && $_POST['Submit-DBB-Reset'] == true ) {
|
| 753 |
return;
|
| 754 |
}
|
| 755 |
|
| 767 |
|
| 768 |
$str = '1234567890abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
| 769 |
$folder_obs = substr( str_shuffle($str), 0, 15 );
|
| 770 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/backups_' . $folder_obs, 0755, true );
|
| 771 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/backups_' . $folder_obs . '/', 0755 );
|
| 772 |
|
| 773 |
$dbb_options = 'bulletproof_security_options_db_backup';
|
| 774 |
$bps_db_backup_folder = addslashes( WP_CONTENT_DIR . '/bps-backup/backups_' . $folder_obs );
|
| 954 |
function bulletproof_security_uninstall() {
|
| 955 |
$POPoptions = get_option('bulletproof_security_options_pop_uninstall');
|
| 956 |
|
| 957 |
+
require_once ABSPATH . 'wp-admin/includes/plugin.php';
|
| 958 |
|
| 959 |
if ( $POPoptions['bps_pop_uninstall'] == 2 ) {
|
| 960 |
|
| 1239 |
$options['bps_isl_timeout'] = trim(wp_filter_nohtml_kses($input['bps_isl_timeout']));
|
| 1240 |
$options['bps_isl_logout_url'] = trim(wp_filter_nohtml_kses($input['bps_isl_logout_url']));
|
| 1241 |
$options['bps_isl_login_url'] = trim(wp_filter_nohtml_kses($input['bps_isl_login_url']));
|
| 1242 |
+
$options['bps_isl_custom_message'] = wp_filter_nohtml_kses($input['bps_isl_custom_message']);
|
| 1243 |
$options['bps_isl_custom_css_1'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_1']);
|
| 1244 |
$options['bps_isl_custom_css_2'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_2']);
|
| 1245 |
$options['bps_isl_custom_css_3'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_3']);
|
| 1246 |
$options['bps_isl_custom_css_4'] = wp_filter_nohtml_kses($input['bps_isl_custom_css_4']);
|
| 1247 |
+
$options['bps_isl_user_account_exceptions'] = wp_filter_nohtml_kses($input['bps_isl_user_account_exceptions']);
|
| 1248 |
+
$options['bps_isl_administrator'] = wp_filter_nohtml_kses($input['bps_isl_administrator']);
|
| 1249 |
+
$options['bps_isl_editor'] = wp_filter_nohtml_kses($input['bps_isl_editor']);
|
| 1250 |
+
$options['bps_isl_author'] = wp_filter_nohtml_kses($input['bps_isl_author']);
|
| 1251 |
+
$options['bps_isl_contributor'] = wp_filter_nohtml_kses($input['bps_isl_contributor']);
|
| 1252 |
+
$options['bps_isl_subscriber'] = wp_filter_nohtml_kses($input['bps_isl_subscriber']);
|
| 1253 |
+
$options['bps_isl_tinymce'] = wp_filter_nohtml_kses($input['bps_isl_tinymce']);
|
| 1254 |
+
$options['bps_isl_uri_exclusions'] = wp_filter_nohtml_kses($input['bps_isl_uri_exclusions']);
|
| 1255 |
// Note: You cannot use: wp_filter_nohtml_kses for multidimensional arrays - it will strip out the inner array code.
|
| 1256 |
@$options['bps_isl_custom_roles'] = $input['bps_isl_custom_roles'];
|
| 1257 |
|
| 1264 |
$options['bps_ace'] = wp_filter_nohtml_kses($input['bps_ace']);
|
| 1265 |
$options['bps_ace_expiration'] = trim(wp_filter_nohtml_kses($input['bps_ace_expiration']));
|
| 1266 |
$options['bps_ace_rememberme_expiration'] = trim(wp_filter_nohtml_kses($input['bps_ace_rememberme_expiration']));
|
| 1267 |
+
$options['bps_ace_user_account_exceptions'] = wp_filter_nohtml_kses($input['bps_ace_user_account_exceptions']);
|
| 1268 |
+
$options['bps_ace_administrator'] = wp_filter_nohtml_kses($input['bps_ace_administrator']);
|
| 1269 |
+
$options['bps_ace_editor'] = wp_filter_nohtml_kses($input['bps_ace_editor']);
|
| 1270 |
+
$options['bps_ace_author'] = wp_filter_nohtml_kses($input['bps_ace_author']);
|
| 1271 |
+
$options['bps_ace_contributor'] = wp_filter_nohtml_kses($input['bps_ace_contributor']);
|
| 1272 |
+
$options['bps_ace_subscriber'] = wp_filter_nohtml_kses($input['bps_ace_subscriber']);
|
| 1273 |
+
$options['bps_ace_rememberme_disable'] = wp_filter_nohtml_kses($input['bps_ace_rememberme_disable']);
|
| 1274 |
// Note: You cannot use: wp_filter_nohtml_kses for multidimensional arrays - it will strip out the inner array code.
|
| 1275 |
@$options['bps_ace_custom_roles'] = $input['bps_ace_custom_roles'];
|
| 1276 |
|
admin/includes/uninstall.php
CHANGED
|
@@ -20,7 +20,7 @@ function bpsPro_pop_get_message() {
|
|
| 20 |
|
| 21 |
if ( current_user_can('manage_options') ) {
|
| 22 |
|
| 23 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 24 |
|
| 25 |
$text = '<div style="margin:10px 0px 0px 0px;"><font color="green"><strong>'.__('BPS Plugin Uninstall Option Saved Successfully. Click the Close button below to go back to the Plugins page and deactivate and delete the BPS plugin.', 'bulletproof-security').'</strong></font></div>';
|
| 26 |
echo $text;
|
| 20 |
|
| 21 |
if ( current_user_can('manage_options') ) {
|
| 22 |
|
| 23 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 24 |
|
| 25 |
$text = '<div style="margin:10px 0px 0px 0px;"><font color="green"><strong>'.__('BPS Plugin Uninstall Option Saved Successfully. Click the Close button below to go back to the Plugins page and deactivate and delete the BPS plugin.', 'bulletproof-security').'</strong></font></div>';
|
| 26 |
echo $text;
|
admin/js/bps-ui-dialog.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
// BPS jQuery UI Dialog
|
| 2 |
// Note: each + num has undesirable results - continue to use per div
|
| 3 |
if (screen.width >= 496) {
|
| 4 |
|
| 1 |
+
// BPS jQuery UI Dialog Question Mark help buttons
|
| 2 |
// Note: each + num has undesirable results - continue to use per div
|
| 3 |
if (screen.width >= 496) {
|
| 4 |
|
admin/login/login.php
CHANGED
|
@@ -12,7 +12,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
-
<div id="bps-container" class="wrap"
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
|
@@ -21,20 +21,11 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-Login-Security-search'] ) || isset( $_GET['settings-updated'] ) &&
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
| 29 |
-
?>
|
| 30 |
-
|
| 31 |
-
<?php
|
| 32 |
-
echo '<div class="bps-star-container">';
|
| 33 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 34 |
-
echo '<div class="bps-downloaded">';
|
| 35 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 36 |
-
echo '</div>';
|
| 37 |
-
echo '</div>';
|
| 38 |
|
| 39 |
// Get Real IP address - USE EXTREME CAUTION!!!
|
| 40 |
function bpsPro_get_real_ip_address_lsm() {
|
|
@@ -141,13 +132,13 @@ bpsPro_Core_LSM_deny_all();
|
|
| 141 |
|
| 142 |
?>
|
| 143 |
|
| 144 |
-
<h2 class="bps-tab-title"><?php _e('
|
| 145 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 146 |
|
| 147 |
<?php
|
| 148 |
// General all purpose "Settings Saved." message for forms
|
| 149 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 150 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 151 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 152 |
echo $text;
|
| 153 |
}
|
|
@@ -168,8 +159,8 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 168 |
|
| 169 |
} else {
|
| 170 |
|
| 171 |
-
require_once
|
| 172 |
-
require_once
|
| 173 |
}
|
| 174 |
|
| 175 |
?>
|
|
@@ -203,20 +194,23 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 203 |
|
| 204 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 205 |
<tr>
|
| 206 |
-
<td class="bps-table_title">
|
| 207 |
-
<?php $text = '<h2>'.__('Login Security & Monitoring (LSM) ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Log All Account Logins or Log Only Account Lockouts ~ Brute Force Login Protection', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting) & User Account Lockouts: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a>'; echo $text; ?>
|
| 208 |
-
</td>
|
| 209 |
</tr>
|
| 210 |
<tr>
|
| 211 |
<td class="bps-table_cell_help">
|
| 212 |
|
| 213 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Login Security & Monitoring', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button"
|
|
|
|
| 214 |
|
| 215 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Login Security & Monitoring', 'bulletproof-security'); ?>">
|
| 216 |
<p>
|
| 217 |
<?php
|
| 218 |
-
$text = '<strong>'.__('This
|
| 219 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 220 |
echo $bps_modal_content1;
|
| 221 |
?>
|
| 222 |
</p>
|
|
@@ -533,7 +527,7 @@ if ( isset($_POST['Submit-Login-Search-Radio'] ) && current_user_can('manage_opt
|
|
| 533 |
<div id="LoginSecuritySearch">
|
| 534 |
<form name="LoginSecuritySearchForm" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/login/login.php#LSM-DB-Table' ); ?>" method="post">
|
| 535 |
<?php wp_nonce_field('bulletproof_security_login_security_search'); ?>
|
| 536 |
-
<input type="text" name="LSSearch" class="LSSearch-text" value="" />
|
| 537 |
<input type="submit" name="Submit-Login-Security-search" class="button bps-button" value="<?php esc_attr_e('Search', 'bulletproof-security') ?>" />
|
| 538 |
</form>
|
| 539 |
</div>
|
|
@@ -754,12 +748,6 @@ if ( isset( $_POST['Submit-Login-Security-search'] ) && current_user_can('manage
|
|
| 754 |
}
|
| 755 |
?>
|
| 756 |
<br />
|
| 757 |
-
|
| 758 |
-
<?php
|
| 759 |
-
$UIoptions = get_option('bulletproof_security_options_theme_skin');
|
| 760 |
-
|
| 761 |
-
if ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] == 'blue' ) {
|
| 762 |
-
?>
|
| 763 |
<br />
|
| 764 |
|
| 765 |
<script type="text/javascript">
|
|
@@ -770,8 +758,6 @@ jQuery(document).ready(function($) {
|
|
| 770 |
/* ]]> */
|
| 771 |
</script>
|
| 772 |
|
| 773 |
-
<?php } ?>
|
| 774 |
-
|
| 775 |
<script type="text/javascript">
|
| 776 |
/* <![CDATA[ */
|
| 777 |
jQuery(document).ready(function($){
|
|
@@ -830,20 +816,23 @@ jQuery(document).ready(function($){
|
|
| 830 |
|
| 831 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 832 |
<tr>
|
| 833 |
-
<td class="bps-table_title">
|
| 834 |
-
<?php $text = '<h2>'.__('jQuery ToolTip CAPTCHA-Lite (JTC-Lite) ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Protects the WP Login Form against constant lockouts by Bots trying to Brute Force Login to your website', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Get the full version of JTC Anti-Spam|Anti-Hacker that protects all of your WP Forms', 'bulletproof-security').'<br>'.__('against SpamBots & HackerBots (auto-registering, auto-logins, auto-posting, auto-commenting) & User Account Lockouts: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a>'; echo $text; ?>
|
| 835 |
-
</td>
|
| 836 |
</tr>
|
| 837 |
<tr>
|
| 838 |
<td class="bps-table_cell_help">
|
| 839 |
|
| 840 |
-
<h3 style="margin:0px 0px 5px 0px;"><?php _e('JTC-Lite', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button"
|
|
|
|
| 841 |
|
| 842 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('JTC-Lite', 'bulletproof-security'); ?>">
|
| 843 |
<p>
|
| 844 |
<?php
|
| 845 |
-
$text = '<strong>'.__('This
|
| 846 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 847 |
echo $bps_modal_content2;
|
| 848 |
?>
|
| 849 |
</p>
|
|
@@ -962,9 +951,7 @@ if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletpro
|
|
| 962 |
$bps_jtc_comment_form_label = ! isset($BPSoptionsJTC['bps_jtc_comment_form_label']) ? '' : $BPSoptionsJTC['bps_jtc_comment_form_label'];
|
| 963 |
$bps_jtc_comment_form_input = ! isset($BPSoptionsJTC['bps_jtc_comment_form_input']) ? '' : $BPSoptionsJTC['bps_jtc_comment_form_input'];
|
| 964 |
?>
|
| 965 |
-
|
| 966 |
-
<h3><?php _e('JTC-Lite Settings', 'bulletproof-security'); ?></h3>
|
| 967 |
-
|
| 968 |
<table border="0">
|
| 969 |
<tr>
|
| 970 |
<td><label for="LSLog"><?php _e('JTC CAPTCHA:', 'bulletproof-security'); ?></label></td>
|
|
@@ -1051,14 +1038,14 @@ if ( ! current_user_can('manage_options') ) { _e('Permission Denied', 'bulletpro
|
|
| 1051 |
<label><?php _e('Comment Form Input Text Box (BPS Pro Only): <i>The JTC CAPTCHA Form Input text box</i>', 'bulletproof-security'); ?></label><br />
|
| 1052 |
<input type="text" id="crypt32" name="bps_jtc_comment_form_input" class="regular-text-short-fixed" style="width:75%;" value="<?php if ($bps_jtc_comment_form_input != '') { echo $bps_jtc_comment_form_input; } else { echo 'position:relative;top:0px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;'; } ?>" /><br /><br />
|
| 1053 |
|
| 1054 |
-
<?php echo '<div id="jtc-tooltip" style="margin:0px 0px 10px 0px;max-width:640px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your JTC option settings then click the Encrypt JTC Code button first and then click the Save Options button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your JTC options settings and CSS code unless you encrypt it first by clicking the Encrypt JTC Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt JTC Code button and then want to edit your CSS code again click the Decrypt JTC Code button. After you are done editing click the Encrypt JTC Code button before clicking the Save Options button.', 'bulletproof-security').'<br><br>'.__('Click the JTC Anti-Spam|Anti-Hacker
|
| 1055 |
|
| 1056 |
<input type="submit" name="Submit-Security-Log-Options-JTC" class="button bps-button" style="margin-top:5px;" value="<?php esc_attr_e('Save Options', 'bulletproof-security') ?>" onclick="return confirm('<?php $text = __('Click OK to Proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')"/>
|
| 1057 |
</form><br />
|
| 1058 |
</div>
|
| 1059 |
|
| 1060 |
-
<button onclick="bpsJTCEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt JTC Code', 'bulletproof-security'); ?></button>
|
| 1061 |
-
<button onclick="bpsJTCDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt JTC Code', 'bulletproof-security'); ?></button>
|
| 1062 |
|
| 1063 |
<script type="text/javascript">
|
| 1064 |
/* <![CDATA[ */
|
|
@@ -1164,12 +1151,12 @@ function bpsJTCDecrypt() {
|
|
| 1164 |
|
| 1165 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1166 |
<tr>
|
| 1167 |
-
<td class="bps-table_title"
|
| 1168 |
</tr>
|
| 1169 |
<tr>
|
| 1170 |
<td class="bps-table_cell_help">
|
| 1171 |
|
| 1172 |
-
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Idle Session Logout|Auth Cookie Expiration', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button"
|
| 1173 |
|
| 1174 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('Idle Session Logout|Auth Cookie Expiration', 'bulletproof-security'); ?>">
|
| 1175 |
|
|
@@ -1178,10 +1165,13 @@ function bpsJTCDecrypt() {
|
|
| 1178 |
<td class="bps-readme-table-td">
|
| 1179 |
|
| 1180 |
<?php
|
| 1181 |
-
$text = '<strong>'.__('This
|
| 1182 |
echo $text;
|
| 1183 |
|
| 1184 |
-
$
|
|
|
|
|
|
|
|
|
|
| 1185 |
echo $text;
|
| 1186 |
?>
|
| 1187 |
<strong><a href="https://forum.ait-pro.com/forums/topic/idle-session-logout-isl-and-authentication-cookie-expiration-ace" title="ISL and ACE" target="_blank">
|
|
@@ -1331,8 +1321,8 @@ $ISL_exceptions = isset($BPS_ISL_options['bps_isl_user_account_exceptions']) ? e
|
|
| 1331 |
<td>
|
| 1332 |
<label for="LSLog"><?php _e('Turn On|Turn Off:', 'bulletproof-security'); ?></label><br />
|
| 1333 |
<select name="bps_isl" class="form-250">
|
| 1334 |
-
<option value="On" <?php selected('On', $ISL_on_off); ?>><?php _e('ISL On', 'bulletproof-security'); ?></option>
|
| 1335 |
<option value="Off" <?php selected('Off', $ISL_on_off); ?>><?php _e('ISL Off', 'bulletproof-security'); ?></option>
|
|
|
|
| 1336 |
</select>
|
| 1337 |
</td>
|
| 1338 |
</tr>
|
|
@@ -1359,32 +1349,32 @@ $ISL_exceptions = isset($BPS_ISL_options['bps_isl_user_account_exceptions']) ? e
|
|
| 1359 |
<td>
|
| 1360 |
<label for="LSLog"><?php _e('Idle Session Logout Exclude URLs|URIs:', 'bulletproof-security'); ?></label><br />
|
| 1361 |
<label><strong><i><?php _e('Enter URIs separated by a comma and a space: /some-post/, /some-page/', 'bulletproof-security'); ?></i></strong></label><br />
|
| 1362 |
-
<textarea class="PFW-Allow-From-Text-Area" name="bps_isl_uri_exclusions" tabindex="1"><?php echo $ISL_exclusions; ?></textarea>
|
| 1363 |
<input type="hidden" name="scrolltoISLMessage" id="scrolltoISLMessage" value="<?php echo esc_html( $scrolltoISLMessage ); ?>" />
|
| 1364 |
</td>
|
| 1365 |
</tr>
|
| 1366 |
<tr>
|
| 1367 |
<td>
|
| 1368 |
<label for="LSLog"><?php _e('Idle Session Logout Page Custom Message:', 'bulletproof-security'); ?></label><br />
|
| 1369 |
-
<textarea class="PFW-Allow-From-Text-Area" name="bps_isl_custom_message" tabindex="1"><?php echo $ISL_message; ?></textarea>
|
| 1370 |
<input type="hidden" name="scrolltoISLMessage" id="scrolltoISLMessage" value="<?php echo esc_html( $scrolltoISLMessage ); ?>" />
|
| 1371 |
</td>
|
| 1372 |
</tr>
|
| 1373 |
<tr>
|
| 1374 |
<td>
|
| 1375 |
<label for="LSLog"><?php _e('Idle Session Logout Page Custom CSS Style:', 'bulletproof-security'); ?></label><br />
|
| 1376 |
-
<label><strong><?php echo 'body
|
| 1377 |
-
<input type="text" id="crypt33" name="bps_isl_custom_css_1" class="
|
| 1378 |
-
<
|
| 1379 |
-
<label><strong><?php echo '#bpsMessage
|
| 1380 |
-
<input type="text" id="crypt34" name="bps_isl_custom_css_2" class="
|
| 1381 |
-
<
|
| 1382 |
-
<label><strong><?php echo '#bpsMessageTextBox
|
| 1383 |
-
<input type="text" id="crypt35" name="bps_isl_custom_css_3" class="
|
| 1384 |
-
<
|
| 1385 |
-
<label><strong><?php echo 'p
|
| 1386 |
-
<input type="text" id="crypt36" name="bps_isl_custom_css_4" class="
|
| 1387 |
-
<
|
| 1388 |
</td>
|
| 1389 |
</tr>
|
| 1390 |
<tr>
|
|
@@ -1398,7 +1388,7 @@ $ISL_exceptions = isset($BPS_ISL_options['bps_isl_user_account_exceptions']) ? e
|
|
| 1398 |
<tr>
|
| 1399 |
<td>
|
| 1400 |
<label><strong><?php _e('Enable|Disable Idle Session Logouts For These User Roles: ', 'bulletproof-security'); ?></strong></label><br />
|
| 1401 |
-
<label><strong><i><?php _e('Check to Enable. Uncheck to Disable. See the
|
| 1402 |
<div id="Roles-scroller">
|
| 1403 |
<input type="checkbox" name="bps_isl_administrator" value="1" <?php if ( empty( $BPS_ISL_options['bps_isl_administrator'] ) ) { echo ''; } else { checked( $BPS_ISL_options['bps_isl_administrator'], 1 ); } ?> /><label><?php _e(' Administrator', 'bulletproof-security'); ?></label><br />
|
| 1404 |
<input type="checkbox" name="bps_isl_editor" value="1" <?php if ( empty( $BPS_ISL_options['bps_isl_editor'] ) ) { echo ''; } else { checked( $BPS_ISL_options['bps_isl_editor'], 1 ); } ?> /><label><?php _e(' Editor', 'bulletproof-security'); ?></label><br />
|
|
@@ -1427,10 +1417,10 @@ $ISL_exceptions = isset($BPS_ISL_options['bps_isl_user_account_exceptions']) ? e
|
|
| 1427 |
<tr>
|
| 1428 |
<td>
|
| 1429 |
<label><strong><?php _e('Enable|Disable Idle Session Logouts For TinyMCE Editors: ', 'bulletproof-security'); ?></strong></label><br />
|
| 1430 |
-
<label><strong><i><?php _e('Check to Disable. Uncheck to Enable. See the
|
| 1431 |
<input type="checkbox" name="bps_isl_tinymce" value="1" <?php if ( empty( $BPS_ISL_options['bps_isl_tinymce'] ) ) { echo ''; } else { checked( $BPS_ISL_options['bps_isl_tinymce'], 1 ); } ?> /><label><?php _e(' Enable|Disable ISL For TinyMCE Editor', 'bulletproof-security'); ?></label><br /><br />
|
| 1432 |
|
| 1433 |
-
<?php echo '<div id="jtc-tooltip" style="margin:0px 0px 10px 0px;max-width:640px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your ISL option settings then click the Encrypt ISL Code button first and then click the Save Options button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your ISL option settings and CSS code unless you encrypt it first by clicking the Encrypt ISL Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt ISL Code button and then want to edit your CSS code again click the Decrypt ISL Code button. After you are done editing click the Encrypt ISL Code button before clicking the Save Options button.', 'bulletproof-security').'<br><br>'.__('Click the Idle Session Logout|Auth Cookie Expiration
|
| 1434 |
|
| 1435 |
<input type="submit" name="Submit-ISL-Options" class="button bps-button" style="margin:5px 0px 15px 0px;" value="<?php esc_attr_e('Save Options', 'bulletproof-security') ?>" onclick="return confirm('<?php $text = __('Click OK to Proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')"/>
|
| 1436 |
</form>
|
|
@@ -1442,8 +1432,8 @@ $ISL_exceptions = isset($BPS_ISL_options['bps_isl_user_account_exceptions']) ? e
|
|
| 1442 |
|
| 1443 |
</div>
|
| 1444 |
|
| 1445 |
-
<button onclick="bpsISLEncrypt()" class="button bps-button"><?php esc_attr_e('Encrypt ISL Code', 'bulletproof-security'); ?></button>
|
| 1446 |
-
<button onclick="bpsISLDecrypt()" class="button bps-button"><?php esc_attr_e('Decrypt ISL Code', 'bulletproof-security'); ?></button>
|
| 1447 |
|
| 1448 |
<script type="text/javascript">
|
| 1449 |
/* <![CDATA[ */
|
|
@@ -1621,8 +1611,8 @@ $ACE_exceptions = isset($BPS_ACE_options['bps_ace_user_account_exceptions']) ? e
|
|
| 1621 |
<td>
|
| 1622 |
<label for="LSLog"><?php _e('Turn On|Turn Off:', 'bulletproof-security'); ?></label><br />
|
| 1623 |
<select name="bps_ace" class="form-250"><br />
|
| 1624 |
-
<option value="On" <?php selected('On', $ACE_on_off); ?>><?php _e('ACE On', 'bulletproof-security'); ?></option>
|
| 1625 |
<option value="Off" <?php selected('Off', $ACE_on_off); ?>><?php _e('ACE Off', 'bulletproof-security'); ?></option>
|
|
|
|
| 1626 |
</select>
|
| 1627 |
</td>
|
| 1628 |
</tr>
|
|
@@ -1643,7 +1633,7 @@ $ACE_exceptions = isset($BPS_ACE_options['bps_ace_user_account_exceptions']) ? e
|
|
| 1643 |
<tr>
|
| 1644 |
<td>
|
| 1645 |
<label><strong><?php _e('Enable|Disable Remember Me Checkbox:', 'bulletproof-security'); ?></strong></label><br />
|
| 1646 |
-
<label><strong><i><?php _e('Check to Disable. Uncheck to Enable. See the
|
| 1647 |
<input type="checkbox" name="bps_ace_rememberme_disable" value="1" <?php if ( empty( $BPS_ACE_options['bps_ace_rememberme_disable'] ) ) { echo ''; } else { checked( $BPS_ACE_options['bps_ace_rememberme_disable'], 1 ); } ?> /><label><?php _e(' Disable & do not display the Remember Me checkbox', 'bulletproof-security'); ?></label><br />
|
| 1648 |
</td>
|
| 1649 |
</tr>
|
|
@@ -1658,7 +1648,7 @@ $ACE_exceptions = isset($BPS_ACE_options['bps_ace_user_account_exceptions']) ? e
|
|
| 1658 |
<tr>
|
| 1659 |
<td>
|
| 1660 |
<label><strong><?php _e('Enable|Disable Auth Cookie Expiration Time For These User Roles: ', 'bulletproof-security'); ?></strong></label><br />
|
| 1661 |
-
<label><strong><i><?php _e('Check to Enable. Uncheck to Disable. See the
|
| 1662 |
<div id="Roles-scroller">
|
| 1663 |
<input type="checkbox" name="bps_ace_administrator" value="1" <?php if ( empty( $BPS_ACE_options['bps_ace_administrator'] ) ) { echo ''; } else { checked( $BPS_ACE_options['bps_ace_administrator'], 1 ); } ?> /><label><?php _e(' Administrator', 'bulletproof-security'); ?></label><br />
|
| 1664 |
<input type="checkbox" name="bps_ace_editor" value="1" <?php if ( empty( $BPS_ACE_options['bps_ace_editor'] ) ) { echo ''; } else { checked( $BPS_ACE_options['bps_ace_editor'], 1 ); } ?> /><label><?php _e(' Editor', 'bulletproof-security'); ?></label><br />
|
|
@@ -1704,19 +1694,24 @@ $ACE_exceptions = isset($BPS_ACE_options['bps_ace_user_account_exceptions']) ? e
|
|
| 1704 |
|
| 1705 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1706 |
<tr>
|
| 1707 |
-
<td class="bps-table_title"
|
| 1708 |
</tr>
|
| 1709 |
<tr>
|
| 1710 |
<td class="bps-table_cell_help" style="max-width:800px;">
|
| 1711 |
|
| 1712 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Force Strong Passwords', 'bulletproof-security'); ?> <button id="bps-open-modal4" class="button bps-modal-button"
|
|
|
|
| 1713 |
|
| 1714 |
<div id="bps-modal-content4" class="bps-dialog-hide" title="<?php _e('Force Strong Passwords', 'bulletproof-security'); ?>">
|
| 1715 |
<p>
|
| 1716 |
|
| 1717 |
<?php
|
| 1718 |
-
$text = '<strong>'.__('This
|
| 1719 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1720 |
echo $bps_modal_content4;
|
| 1721 |
?>
|
| 1722 |
|
|
@@ -1778,7 +1773,7 @@ $scrolltoFSPMessage = isset($_REQUEST['scrolltoFSPMessage']) ? (int) $_REQUEST['
|
|
| 1778 |
<table border="0">
|
| 1779 |
<tr>
|
| 1780 |
<td><label for="LSLog"><?php _e('Turn FSP On|Turn FSP Off:', 'bulletproof-security'); ?></label></td>
|
| 1781 |
-
<td><select name="bps_fsp_on_off" class="regular-text-150" style="width:
|
| 1782 |
<option value="Off" <?php selected('Off', $bps_fsp_on_off); ?>><?php _e('FSP Off', 'bulletproof-security'); ?></option>
|
| 1783 |
<option value="On" <?php selected('On', $bps_fsp_on_off); ?>><?php _e('FSP On', 'bulletproof-security'); ?></option>
|
| 1784 |
</select>
|
|
@@ -1786,7 +1781,7 @@ $scrolltoFSPMessage = isset($_REQUEST['scrolltoFSPMessage']) ? (int) $_REQUEST['
|
|
| 1786 |
</tr>
|
| 1787 |
<tr>
|
| 1788 |
<td><label for="LSLog"><?php _e('Password Character Length:', 'bulletproof-security'); ?></label></td>
|
| 1789 |
-
<td><input type="text" name="bps_fsp_char_length" class="regular-text-150" style="width:
|
| 1790 |
<td><label for="LSLog" style="margin:0px 0px 0px 5px;font-style:italic;font-weight:normal;"><?php _e('Example: 12', 'bulletproof-security'); ?></label></td>
|
| 1791 |
</tr>
|
| 1792 |
</table>
|
|
@@ -1824,13 +1819,17 @@ $scrolltoFSPMessage = isset($_REQUEST['scrolltoFSPMessage']) ? (int) $_REQUEST['
|
|
| 1824 |
|
| 1825 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1826 |
<tr>
|
| 1827 |
-
<td class="bps-table_title"
|
| 1828 |
</tr>
|
| 1829 |
<tr>
|
| 1830 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 1831 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 1832 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 1833 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 1834 |
</td>
|
| 1835 |
</tr>
|
| 1836 |
</table>
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
+
<div id="bps-container" class="wrap">
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-Login-Security-search'] ) || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 29 |
|
| 30 |
// Get Real IP address - USE EXTREME CAUTION!!!
|
| 31 |
function bpsPro_get_real_ip_address_lsm() {
|
| 132 |
|
| 133 |
?>
|
| 134 |
|
| 135 |
+
<h2 class="bps-tab-title"><?php _e('Login Security Options', 'bulletproof-security'); ?></h2>
|
| 136 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 137 |
|
| 138 |
<?php
|
| 139 |
// General all purpose "Settings Saved." message for forms
|
| 140 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 141 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 142 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 143 |
echo $text;
|
| 144 |
}
|
| 159 |
|
| 160 |
} else {
|
| 161 |
|
| 162 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/login/lsm-export.php';
|
| 163 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/login/lsm-help-text.php';
|
| 164 |
}
|
| 165 |
|
| 166 |
?>
|
| 194 |
|
| 195 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 196 |
<tr>
|
| 197 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 198 |
</tr>
|
| 199 |
<tr>
|
| 200 |
<td class="bps-table_cell_help">
|
| 201 |
|
| 202 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Login Security & Monitoring', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 203 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 204 |
|
| 205 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Login Security & Monitoring', 'bulletproof-security'); ?>">
|
| 206 |
<p>
|
| 207 |
<?php
|
| 208 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 209 |
echo $text;
|
| 210 |
+
|
| 211 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 212 |
+
echo $bpsPro_text;
|
| 213 |
+
|
| 214 |
echo $bps_modal_content1;
|
| 215 |
?>
|
| 216 |
</p>
|
| 527 |
<div id="LoginSecuritySearch">
|
| 528 |
<form name="LoginSecuritySearchForm" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/login/login.php#LSM-DB-Table' ); ?>" method="post">
|
| 529 |
<?php wp_nonce_field('bulletproof_security_login_security_search'); ?>
|
| 530 |
+
<input type="text" name="LSSearch" class="LSSearch-text" style="width:170px" value="" />
|
| 531 |
<input type="submit" name="Submit-Login-Security-search" class="button bps-button" value="<?php esc_attr_e('Search', 'bulletproof-security') ?>" />
|
| 532 |
</form>
|
| 533 |
</div>
|
| 748 |
}
|
| 749 |
?>
|
| 750 |
<br />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 751 |
<br />
|
| 752 |
|
| 753 |
<script type="text/javascript">
|
| 758 |
/* ]]> */
|
| 759 |
</script>
|
| 760 |
|
|
|
|
|
|
|
| 761 |
<script type="text/javascript">
|
| 762 |
/* <![CDATA[ */
|
| 763 |
jQuery(document).ready(function($){
|
| 816 |
|
| 817 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 818 |
<tr>
|
| 819 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 820 |
</tr>
|
| 821 |
<tr>
|
| 822 |
<td class="bps-table_cell_help">
|
| 823 |
|
| 824 |
+
<h3 style="margin:0px 0px 5px 0px;"><?php _e('JTC-Lite', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button">
|
| 825 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 826 |
|
| 827 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('JTC-Lite', 'bulletproof-security'); ?>">
|
| 828 |
<p>
|
| 829 |
<?php
|
| 830 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 831 |
echo $text;
|
| 832 |
+
|
| 833 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 834 |
+
echo $bpsPro_text;
|
| 835 |
+
|
| 836 |
echo $bps_modal_content2;
|
| 837 |
?>
|
| 838 |
</p>
|
| 951 |
$bps_jtc_comment_form_label = ! isset($BPSoptionsJTC['bps_jtc_comment_form_label']) ? '' : $BPSoptionsJTC['bps_jtc_comment_form_label'];
|
| 952 |
$bps_jtc_comment_form_input = ! isset($BPSoptionsJTC['bps_jtc_comment_form_input']) ? '' : $BPSoptionsJTC['bps_jtc_comment_form_input'];
|
| 953 |
?>
|
| 954 |
+
|
|
|
|
|
|
|
| 955 |
<table border="0">
|
| 956 |
<tr>
|
| 957 |
<td><label for="LSLog"><?php _e('JTC CAPTCHA:', 'bulletproof-security'); ?></label></td>
|
| 1038 |
<label><?php _e('Comment Form Input Text Box (BPS Pro Only): <i>The JTC CAPTCHA Form Input text box</i>', 'bulletproof-security'); ?></label><br />
|
| 1039 |
<input type="text" id="crypt32" name="bps_jtc_comment_form_input" class="regular-text-short-fixed" style="width:75%;" value="<?php if ($bps_jtc_comment_form_input != '') { echo $bps_jtc_comment_form_input; } else { echo 'position:relative;top:0px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;'; } ?>" /><br /><br />
|
| 1040 |
|
| 1041 |
+
<?php echo '<div id="jtc-tooltip" style="margin:0px 0px 10px 0px;max-width:640px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your JTC option settings then click the Encrypt JTC Code button first and then click the Save Options button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your JTC options settings and CSS code unless you encrypt it first by clicking the Encrypt JTC Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt JTC Code button and then want to edit your CSS code again click the Decrypt JTC Code button. After you are done editing click the Encrypt JTC Code button before clicking the Save Options button.', 'bulletproof-security').'<br><br>'.__('Click the JTC Anti-Spam|Anti-Hacker Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 1042 |
|
| 1043 |
<input type="submit" name="Submit-Security-Log-Options-JTC" class="button bps-button" style="margin-top:5px;" value="<?php esc_attr_e('Save Options', 'bulletproof-security') ?>" onclick="return confirm('<?php $text = __('Click OK to Proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')"/>
|
| 1044 |
</form><br />
|
| 1045 |
</div>
|
| 1046 |
|
| 1047 |
+
<button onclick="bpsJTCEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt JTC Code', 'bulletproof-security'); ?></button>
|
| 1048 |
+
<button onclick="bpsJTCDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt JTC Code', 'bulletproof-security'); ?></button>
|
| 1049 |
|
| 1050 |
<script type="text/javascript">
|
| 1051 |
/* <![CDATA[ */
|
| 1151 |
|
| 1152 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1153 |
<tr>
|
| 1154 |
+
<td class="bps-table_title"></td>
|
| 1155 |
</tr>
|
| 1156 |
<tr>
|
| 1157 |
<td class="bps-table_cell_help">
|
| 1158 |
|
| 1159 |
+
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Idle Session Logout|Auth Cookie Expiration', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button"><img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1160 |
|
| 1161 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('Idle Session Logout|Auth Cookie Expiration', 'bulletproof-security'); ?>">
|
| 1162 |
|
| 1165 |
<td class="bps-readme-table-td">
|
| 1166 |
|
| 1167 |
<?php
|
| 1168 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1169 |
echo $text;
|
| 1170 |
|
| 1171 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1172 |
+
echo $bpsPro_text;
|
| 1173 |
+
|
| 1174 |
+
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 1175 |
echo $text;
|
| 1176 |
?>
|
| 1177 |
<strong><a href="https://forum.ait-pro.com/forums/topic/idle-session-logout-isl-and-authentication-cookie-expiration-ace" title="ISL and ACE" target="_blank">
|
| 1321 |
<td>
|
| 1322 |
<label for="LSLog"><?php _e('Turn On|Turn Off:', 'bulletproof-security'); ?></label><br />
|
| 1323 |
<select name="bps_isl" class="form-250">
|
|
|
|
| 1324 |
<option value="Off" <?php selected('Off', $ISL_on_off); ?>><?php _e('ISL Off', 'bulletproof-security'); ?></option>
|
| 1325 |
+
<option value="On" <?php selected('On', $ISL_on_off); ?>><?php _e('ISL On', 'bulletproof-security'); ?></option>
|
| 1326 |
</select>
|
| 1327 |
</td>
|
| 1328 |
</tr>
|
| 1349 |
<td>
|
| 1350 |
<label for="LSLog"><?php _e('Idle Session Logout Exclude URLs|URIs:', 'bulletproof-security'); ?></label><br />
|
| 1351 |
<label><strong><i><?php _e('Enter URIs separated by a comma and a space: /some-post/, /some-page/', 'bulletproof-security'); ?></i></strong></label><br />
|
| 1352 |
+
<textarea style="width:450px" class="PFW-Allow-From-Text-Area" name="bps_isl_uri_exclusions" tabindex="1"><?php echo $ISL_exclusions; ?></textarea>
|
| 1353 |
<input type="hidden" name="scrolltoISLMessage" id="scrolltoISLMessage" value="<?php echo esc_html( $scrolltoISLMessage ); ?>" />
|
| 1354 |
</td>
|
| 1355 |
</tr>
|
| 1356 |
<tr>
|
| 1357 |
<td>
|
| 1358 |
<label for="LSLog"><?php _e('Idle Session Logout Page Custom Message:', 'bulletproof-security'); ?></label><br />
|
| 1359 |
+
<textarea style="width:450px" class="PFW-Allow-From-Text-Area" name="bps_isl_custom_message" tabindex="1"><?php echo $ISL_message; ?></textarea>
|
| 1360 |
<input type="hidden" name="scrolltoISLMessage" id="scrolltoISLMessage" value="<?php echo esc_html( $scrolltoISLMessage ); ?>" />
|
| 1361 |
</td>
|
| 1362 |
</tr>
|
| 1363 |
<tr>
|
| 1364 |
<td>
|
| 1365 |
<label for="LSLog"><?php _e('Idle Session Logout Page Custom CSS Style:', 'bulletproof-security'); ?></label><br />
|
| 1366 |
+
<label><strong><?php echo 'body CSS property'; ?></strong></label><br />
|
| 1367 |
+
<input type="text" id="crypt33" name="bps_isl_custom_css_1" class="regular-text-450" value="<?php echo $ISL_css_1; ?>" />
|
| 1368 |
+
<br />
|
| 1369 |
+
<label><strong><?php echo '#bpsMessage CSS property'; ?></strong></label><br />
|
| 1370 |
+
<input type="text" id="crypt34" name="bps_isl_custom_css_2" class="regular-text-450" value="<?php echo $ISL_css_2; ?>" />
|
| 1371 |
+
<br />
|
| 1372 |
+
<label><strong><?php echo '#bpsMessageTextBox CSS property'; ?></strong></label><br />
|
| 1373 |
+
<input type="text" id="crypt35" name="bps_isl_custom_css_3" class="regular-text-450" value="<?php echo $ISL_css_3; ?>" />
|
| 1374 |
+
<br />
|
| 1375 |
+
<label><strong><?php echo 'p CSS property'; ?></strong></label><br />
|
| 1376 |
+
<input type="text" id="crypt36" name="bps_isl_custom_css_4" class="regular-text-450" value="<?php echo $ISL_css_4; ?>" />
|
| 1377 |
+
<br />
|
| 1378 |
</td>
|
| 1379 |
</tr>
|
| 1380 |
<tr>
|
| 1388 |
<tr>
|
| 1389 |
<td>
|
| 1390 |
<label><strong><?php _e('Enable|Disable Idle Session Logouts For These User Roles: ', 'bulletproof-security'); ?></strong></label><br />
|
| 1391 |
+
<label><strong><i><?php _e('Check to Enable. Uncheck to Disable. See the Question Mark help button for details.', 'bulletproof-security'); ?></i></strong></label><br />
|
| 1392 |
<div id="Roles-scroller">
|
| 1393 |
<input type="checkbox" name="bps_isl_administrator" value="1" <?php if ( empty( $BPS_ISL_options['bps_isl_administrator'] ) ) { echo ''; } else { checked( $BPS_ISL_options['bps_isl_administrator'], 1 ); } ?> /><label><?php _e(' Administrator', 'bulletproof-security'); ?></label><br />
|
| 1394 |
<input type="checkbox" name="bps_isl_editor" value="1" <?php if ( empty( $BPS_ISL_options['bps_isl_editor'] ) ) { echo ''; } else { checked( $BPS_ISL_options['bps_isl_editor'], 1 ); } ?> /><label><?php _e(' Editor', 'bulletproof-security'); ?></label><br />
|
| 1417 |
<tr>
|
| 1418 |
<td>
|
| 1419 |
<label><strong><?php _e('Enable|Disable Idle Session Logouts For TinyMCE Editors: ', 'bulletproof-security'); ?></strong></label><br />
|
| 1420 |
+
<label><strong><i><?php _e('Check to Disable. Uncheck to Enable. See the Question Mark help button for details.', 'bulletproof-security'); ?></i></strong></label><br />
|
| 1421 |
<input type="checkbox" name="bps_isl_tinymce" value="1" <?php if ( empty( $BPS_ISL_options['bps_isl_tinymce'] ) ) { echo ''; } else { checked( $BPS_ISL_options['bps_isl_tinymce'], 1 ); } ?> /><label><?php _e(' Enable|Disable ISL For TinyMCE Editor', 'bulletproof-security'); ?></label><br /><br />
|
| 1422 |
|
| 1423 |
+
<?php echo '<div id="jtc-tooltip" style="margin:0px 0px 10px 0px;max-width:640px"><label for="bps-mscan-label" style="">'.__('If you see an error or are unable to save your ISL option settings then click the Encrypt ISL Code button first and then click the Save Options button. Mouse over the question mark image to the right for help info.', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:5px;" /><span>'.__('If your web host currently has ModSecurity installed or installs ModSecurity at a later time then ModSecurity will prevent you from saving your ISL option settings and CSS code unless you encrypt it first by clicking the Encrypt ISL Code button.', 'bulletproof-security').'<br><br>'.__('If you click the Encrypt ISL Code button and then want to edit your CSS code again click the Decrypt ISL Code button. After you are done editing click the Encrypt ISL Code button before clicking the Save Options button.', 'bulletproof-security').'<br><br>'.__('Click the Idle Session Logout|Auth Cookie Expiration Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong></div>'; ?>
|
| 1424 |
|
| 1425 |
<input type="submit" name="Submit-ISL-Options" class="button bps-button" style="margin:5px 0px 15px 0px;" value="<?php esc_attr_e('Save Options', 'bulletproof-security') ?>" onclick="return confirm('<?php $text = __('Click OK to Proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')"/>
|
| 1426 |
</form>
|
| 1432 |
|
| 1433 |
</div>
|
| 1434 |
|
| 1435 |
+
<button onclick="bpsISLEncrypt()" class="button bps-encrypt-button"><?php esc_attr_e('Encrypt ISL Code', 'bulletproof-security'); ?></button>
|
| 1436 |
+
<button onclick="bpsISLDecrypt()" class="button bps-decrypt-button"><?php esc_attr_e('Decrypt ISL Code', 'bulletproof-security'); ?></button>
|
| 1437 |
|
| 1438 |
<script type="text/javascript">
|
| 1439 |
/* <![CDATA[ */
|
| 1611 |
<td>
|
| 1612 |
<label for="LSLog"><?php _e('Turn On|Turn Off:', 'bulletproof-security'); ?></label><br />
|
| 1613 |
<select name="bps_ace" class="form-250"><br />
|
|
|
|
| 1614 |
<option value="Off" <?php selected('Off', $ACE_on_off); ?>><?php _e('ACE Off', 'bulletproof-security'); ?></option>
|
| 1615 |
+
<option value="On" <?php selected('On', $ACE_on_off); ?>><?php _e('ACE On', 'bulletproof-security'); ?></option>
|
| 1616 |
</select>
|
| 1617 |
</td>
|
| 1618 |
</tr>
|
| 1633 |
<tr>
|
| 1634 |
<td>
|
| 1635 |
<label><strong><?php _e('Enable|Disable Remember Me Checkbox:', 'bulletproof-security'); ?></strong></label><br />
|
| 1636 |
+
<label><strong><i><?php _e('Check to Disable. Uncheck to Enable. See the Question Mark help button for details.', 'bulletproof-security'); ?></i></strong></label><br />
|
| 1637 |
<input type="checkbox" name="bps_ace_rememberme_disable" value="1" <?php if ( empty( $BPS_ACE_options['bps_ace_rememberme_disable'] ) ) { echo ''; } else { checked( $BPS_ACE_options['bps_ace_rememberme_disable'], 1 ); } ?> /><label><?php _e(' Disable & do not display the Remember Me checkbox', 'bulletproof-security'); ?></label><br />
|
| 1638 |
</td>
|
| 1639 |
</tr>
|
| 1648 |
<tr>
|
| 1649 |
<td>
|
| 1650 |
<label><strong><?php _e('Enable|Disable Auth Cookie Expiration Time For These User Roles: ', 'bulletproof-security'); ?></strong></label><br />
|
| 1651 |
+
<label><strong><i><?php _e('Check to Enable. Uncheck to Disable. See the Question Mark help button for details.', 'bulletproof-security'); ?></i></strong></label><br />
|
| 1652 |
<div id="Roles-scroller">
|
| 1653 |
<input type="checkbox" name="bps_ace_administrator" value="1" <?php if ( empty( $BPS_ACE_options['bps_ace_administrator'] ) ) { echo ''; } else { checked( $BPS_ACE_options['bps_ace_administrator'], 1 ); } ?> /><label><?php _e(' Administrator', 'bulletproof-security'); ?></label><br />
|
| 1654 |
<input type="checkbox" name="bps_ace_editor" value="1" <?php if ( empty( $BPS_ACE_options['bps_ace_editor'] ) ) { echo ''; } else { checked( $BPS_ACE_options['bps_ace_editor'], 1 ); } ?> /><label><?php _e(' Editor', 'bulletproof-security'); ?></label><br />
|
| 1694 |
|
| 1695 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1696 |
<tr>
|
| 1697 |
+
<td class="bps-table_title"></td>
|
| 1698 |
</tr>
|
| 1699 |
<tr>
|
| 1700 |
<td class="bps-table_cell_help" style="max-width:800px;">
|
| 1701 |
|
| 1702 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Force Strong Passwords', 'bulletproof-security'); ?> <button id="bps-open-modal4" class="button bps-modal-button">
|
| 1703 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1704 |
|
| 1705 |
<div id="bps-modal-content4" class="bps-dialog-hide" title="<?php _e('Force Strong Passwords', 'bulletproof-security'); ?>">
|
| 1706 |
<p>
|
| 1707 |
|
| 1708 |
<?php
|
| 1709 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1710 |
echo $text;
|
| 1711 |
+
|
| 1712 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1713 |
+
echo $bpsPro_text;
|
| 1714 |
+
|
| 1715 |
echo $bps_modal_content4;
|
| 1716 |
?>
|
| 1717 |
|
| 1773 |
<table border="0">
|
| 1774 |
<tr>
|
| 1775 |
<td><label for="LSLog"><?php _e('Turn FSP On|Turn FSP Off:', 'bulletproof-security'); ?></label></td>
|
| 1776 |
+
<td><select name="bps_fsp_on_off" class="regular-text-150" style="width:120px;">
|
| 1777 |
<option value="Off" <?php selected('Off', $bps_fsp_on_off); ?>><?php _e('FSP Off', 'bulletproof-security'); ?></option>
|
| 1778 |
<option value="On" <?php selected('On', $bps_fsp_on_off); ?>><?php _e('FSP On', 'bulletproof-security'); ?></option>
|
| 1779 |
</select>
|
| 1781 |
</tr>
|
| 1782 |
<tr>
|
| 1783 |
<td><label for="LSLog"><?php _e('Password Character Length:', 'bulletproof-security'); ?></label></td>
|
| 1784 |
+
<td><input type="text" name="bps_fsp_char_length" class="regular-text-150" style="width:120px;" value="<?php echo trim($bps_fsp_char_length); ?>" /></td>
|
| 1785 |
<td><label for="LSLog" style="margin:0px 0px 0px 5px;font-style:italic;font-weight:normal;"><?php _e('Example: 12', 'bulletproof-security'); ?></label></td>
|
| 1786 |
</tr>
|
| 1787 |
</table>
|
| 1819 |
|
| 1820 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1821 |
<tr>
|
| 1822 |
+
<td class="bps-table_title"></td>
|
| 1823 |
</tr>
|
| 1824 |
<tr>
|
| 1825 |
<td class="bps-table_cell_help_links">
|
| 1826 |
+
|
| 1827 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 1828 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 1829 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 1830 |
+
|
| 1831 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 1832 |
+
|
| 1833 |
</td>
|
| 1834 |
</tr>
|
| 1835 |
</table>
|
admin/login/lsm-export.php
CHANGED
|
@@ -75,7 +75,7 @@ function bps_Zip_LSM_Table_CSV() {
|
|
| 75 |
|
| 76 |
// Use PclZip
|
| 77 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/login/' );
|
| 78 |
-
require_once
|
| 79 |
|
| 80 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 81 |
$previous_encoding = mb_internal_encoding();
|
| 75 |
|
| 76 |
// Use PclZip
|
| 77 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/login/' );
|
| 78 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 79 |
|
| 80 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 81 |
$previous_encoding = mb_internal_encoding();
|
admin/maintenance/maintenance.php
CHANGED
|
@@ -12,7 +12,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
-
<div id="bps-container" class="wrap"
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
|
@@ -21,29 +21,20 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) &&
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
| 31 |
-
<?php
|
| 32 |
-
echo '<div class="bps-star-container">';
|
| 33 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 34 |
-
echo '<div class="bps-downloaded">';
|
| 35 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 36 |
-
echo '</div>';
|
| 37 |
-
echo '</div>';
|
| 38 |
-
?>
|
| 39 |
-
|
| 40 |
<h2 class="bps-tab-title">
|
| 41 |
|
| 42 |
<?php
|
| 43 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 44 |
-
_e('
|
| 45 |
} else {
|
| 46 |
-
_e('Maintenance Mode
|
| 47 |
}
|
| 48 |
?>
|
| 49 |
</h2>
|
|
@@ -53,7 +44,7 @@ _e('Maintenance Mode ~ FrontEnd ~ BackEnd', 'bulletproof-security');
|
|
| 53 |
<?php
|
| 54 |
// General all purpose "Settings Saved." message for forms
|
| 55 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 56 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 57 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 58 |
echo $text;
|
| 59 |
}
|
|
@@ -142,7 +133,8 @@ function bpsPro_maintenance_mode_preview_ip() {
|
|
| 142 |
}
|
| 143 |
|
| 144 |
$create_denyall_htaccess_file = WP_PLUGIN_DIR . '/bulletproof-security/admin/maintenance/.htaccess';
|
| 145 |
-
|
|
|
|
| 146 |
if ( ! file_exists($create_denyall_htaccess_file) ) {
|
| 147 |
$handle = fopen( $create_denyall_htaccess_file, 'w+b' );
|
| 148 |
fwrite( $handle, $denyall_content );
|
|
@@ -159,6 +151,7 @@ function bpsPro_maintenance_mode_preview_ip() {
|
|
| 159 |
fclose( $handle );
|
| 160 |
}
|
| 161 |
}
|
|
|
|
| 162 |
}
|
| 163 |
}
|
| 164 |
bpsPro_maintenance_mode_preview_ip();
|
|
@@ -196,40 +189,33 @@ $bps_bottomDiv = '</p></div>';
|
|
| 196 |
|
| 197 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 198 |
<tr>
|
| 199 |
-
<td class="bps-table_title">
|
| 200 |
-
|
| 201 |
-
<?php
|
| 202 |
-
if ( is_multisite() && $blog_id != 1 ) {
|
| 203 |
-
$text = '<h2>'.__('FrontEnd Maintenance Mode Page ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Display a website under maintenance page to website visitors', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text;
|
| 204 |
-
} else {
|
| 205 |
-
$text = '<h2>'.__('FrontEnd & BackEnd Maintenance Mode ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Display a website under maintenance page to website visitors ~ Lock wp-admin BackEnd by IP Address', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text;
|
| 206 |
-
}
|
| 207 |
-
?>
|
| 208 |
-
|
| 209 |
-
</td>
|
| 210 |
</tr>
|
| 211 |
<tr>
|
| 212 |
<td class="bps-table_cell_help">
|
| 213 |
|
| 214 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Maintenance Mode', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button"
|
|
|
|
| 215 |
|
| 216 |
<div id="bps-modal-content1" class="bps-dialog-hide" style="background-color:#fff; padding:0px 10px 10px 10px;" title="<?php _e('Maintenance Mode', 'bulletproof-security'); ?>">
|
| 217 |
<p>
|
| 218 |
<?php
|
| 219 |
-
$text = '<strong>'.__('This
|
| 220 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 221 |
// Forum Help Links or of course both
|
| 222 |
-
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong>';
|
| 223 |
echo $text;
|
| 224 |
?>
|
| 225 |
<strong><a href="https://forum.ait-pro.com/forums/topic/maintenance-mode-guide-read-me-first/" title="Maintenance Mode Guide" target="_blank"><?php _e('Maintenance Mode Guide', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 226 |
|
| 227 |
-
<?php $text = '<strong>'.__('Create/add whatever messages, images, videos, etc. you want to display to website visitors with the MMode Editor, select your MMode options/settings, click the Save Options button, Preview your Maintenance Mode page and click the Turn On button. Rinse and repeat if you make any new changes to your options/settings.', 'bulletproof-security').'</strong><br><br><strong>'.__('For more extensive help info, CSS, HTML code examples, Image & Video embedding code examples to add in the MMode Editor see Forum Help Links at the top of this
|
| 228 |
'.'<br><br><strong>'.__('Send Email Reminder when Maintenance Mode Countdown Timer has completed:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to enable the javascript Countdown Timer to send you an email reminder when the Countdown Timer reaches 0/is completed. More importantly when this option is selected you will receive another email reminder each time a visitor visits your website in Maintenance Mode. When the Countdown Timer reaches 0/has completed your website will still be in Maintenance Mode until you turn Off Maintenance Mode. An additional option will be added in the future to automatically turn off Maintenance Mode when the Countdown Timer reaches 0/has completed.', 'bulletproof-security').'<br><br><strong>'.__('Testing the Countdown Timer Send Email Option:', 'bulletproof-security').'</strong><br>'.__('There is a 1 minute buffer so that when the Maintenance Mode page is created an email will not be sent immediately. To test the Send Email option use 2 minutes for the Maintenance Mode Time, click the Save Options button and click the Preview button. Leave the Preview Browser Window/Tab open. When the Countdown Timer has completed (reached 0) an email will be sent. You may receive the email immediately or it may take several minutes depending on how fast your Mail Server sends the email to you.', 'bulletproof-security').'<br><br><strong>'.__('Send Countdown Timer Email:', 'bulletproof-security').'</strong><br>'.__('Enter the email addresses that you would like the Countdown Timer reminder email sent to, from, cc or bcc.', 'bulletproof-security').'<br><br><strong>'.__('Network/Multisite Primary Site Options ONLY:', 'bulletproof-security').'</strong><br>'.__('These options/settings are for Network/Multisite ONLY and are ONLY displayed on the Primary Network/Multisite site. Checking these options on a Single/Standard WordPress installation have no effect since these options are ONLY for Network/Multisite WordPress installations.', 'bulletproof-security').'<br><br><strong>'.__('Steps to use these special Network/Multisite options:', 'bulletproof-security').'</strong><br>'.__('To turn On either of these special options, check the checkbox, click the Save Options button and click the Turn On button. To turn Off either of these options, uncheck the checkbox, click the Save Options button and click the Turn On button - you would not click the Turn Off button. You are resaving your options and then writing those saved option settings to the Maintenance template files. Or in other words, you have removed those options settings and are creating another new template file without these special option settings in that template file.', 'bulletproof-security').'<br><br><strong>'.__('Put The Primary Site And All Subsites In Maintenance Mode:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to put all of the sites into Maintenance Mode.', 'bulletproof-security').'<br><br><strong>'.__('Put All Subsites In Maintenance Mode, But Not The Primary Site:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to put all of the subsites into Maintenance Mode except for the Primary site.', 'bulletproof-security').'<br><br><strong>'.__('Save Options Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Save Options button does 2 things: Saves all your options/settings to your Database and creates all necessary Maintenance Mode files/Forms. Clicking the Save Options button does NOT Turn On Maintenance Mode. Click the Turn On button after clicking the Save Options button.', 'bulletproof-security').'<br><br><strong>'.__('Preview Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Preview button allows you to preview the Maintenance Mode files/Forms that were created when you clicked the Save Options button. Preview allows you to view what will be displayed to visitors to your website when you turn On Maintenance Mode. Maintenance Mode is not turned On when you click the Preview button. Maintenance Mode is turned On by clicking the Turn On button.', 'bulletproof-security').'<br><br><strong>'.__('Turn On Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Turn On button turns On Maintenance Mode. Turn On is conditional and allows you to make changes to your Maintenance Mode page that is displayed to your website visitors. You can make any new changes to your options/settings, click the Save Options button again, click the Turn On button again and your new changes/settings will be immediately displayed on your Maintenance Mode page.', 'bulletproof-security').'<br><br><strong>'.__('Turn Off Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Turn Off button turns Off Maintenance Mode. Turn Off is non-conditional and works like a Form Reset, but does not remove any of your Saved Options/settings. All active/enabled maintenance mode files/Forms are removed from your site and of course maintenance mode is turned Off. If you have a Network/Multisite site then some Maintenance Mode files need to remain in your website root folder, but Maintenance Mode will be turned Off.', 'bulletproof-security').'<br><br><strong>'.__('BPS help links can be found in the Help & FAQ pages.', 'bulletproof-security').'</strong>'; echo $text; ?></p>
|
| 229 |
</div>
|
| 230 |
|
| 231 |
-
<h3><?php $text = '<strong><a href="https://forum.ait-pro.com/forums/topic/maintenance-mode-guide-read-me-first/" target="_blank" title="Link opens in a new Browser window">'.__('Maintenance Mode Guide', 'bulletproof-security').'</a></strong>'; echo $text; ?></h3>
|
| 232 |
-
|
| 233 |
<?php
|
| 234 |
// Maintenance Mode Values Form Single/GWIOD/Network - Saves DB Options & creates bps-maintenance-values.php
|
| 235 |
// Uses $current_blog->path for Network file naming bps-maintenance-values-{subsite-uri}.php & bps-maintenance-{subsite-uri}.php
|
|
@@ -399,7 +385,7 @@ $bps_maint_content = '<?php'."\n".'# BEGIN BPS MAINTENANCE MODE'."\n"
|
|
| 399 |
|
| 400 |
$bps_maintenance_file_include = '/#\sBEGIN\sBPS\sINCLUDE(\s*(.*)){3}\s*#\sEND\sBPS\sINCLUDE/';
|
| 401 |
|
| 402 |
-
if (
|
| 403 |
$stringReplaceMaint = file_get_contents($subsite_maintenance_file);
|
| 404 |
}
|
| 405 |
|
|
@@ -412,7 +398,7 @@ $bps_maint_content = '<?php'."\n".'# BEGIN BPS MAINTENANCE MODE'."\n"
|
|
| 412 |
// ARQ condition not used in BPS free
|
| 413 |
}
|
| 414 |
|
| 415 |
-
|
| 416 |
|
| 417 |
$stringReplace = file_get_contents($bps_maintenance_values_network);
|
| 418 |
$stringReplace = $bps_maint_content;
|
|
@@ -508,21 +494,21 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 508 |
if ( isset( $_SERVER['HTTP_CLIENT_IP'] ) ) {
|
| 509 |
$ip = esc_html( $_SERVER['HTTP_CLIENT_IP'] );
|
| 510 |
$octets_ip = preg_match( $pattern, $_SERVER['HTTP_CLIENT_IP'], $matches );
|
| 511 |
-
echo '<font color="#
|
| 512 |
print_r($matches[0]);
|
| 513 |
echo '</strong></font><br>';
|
| 514 |
|
| 515 |
} elseif ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
|
| 516 |
$ip = esc_html( $_SERVER['HTTP_X_FORWARDED_FOR'] );
|
| 517 |
$octets_ip = preg_match( $pattern, $_SERVER['HTTP_X_FORWARDED_FOR'], $matches );
|
| 518 |
-
echo '<font color="#
|
| 519 |
print_r($matches[0]);
|
| 520 |
echo '</strong></font><br>';
|
| 521 |
|
| 522 |
} elseif ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
|
| 523 |
$ip = esc_html( $_SERVER['REMOTE_ADDR'] );
|
| 524 |
$octets_ip = preg_match( $pattern, $_SERVER['REMOTE_ADDR'], $matches );
|
| 525 |
-
echo '<font color="#
|
| 526 |
print_r($matches[0]);
|
| 527 |
echo '</strong></font><br>';
|
| 528 |
}
|
|
@@ -557,7 +543,7 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 557 |
<div id="mmode-accordion-inner">
|
| 558 |
|
| 559 |
<label for="mmode"><?php _e('Maintenance Mode Text, CSS Style Code, Images, Videos Displayed To Website Visitors:', 'bulletproof-security'); ?></label><br />
|
| 560 |
-
<label for="mmode"><?php _e('Click the Maintenance Mode Guide link above for CSS Code, Image & Video Embed examples.', 'bulletproof-security'); ?></label><br /><br />
|
| 561 |
|
| 562 |
<!-- Note: wp_editor/TinyMCE causes XAMPP Apache server crash: XAMPP: 1.8.1, pcre.dll, PHP 5.4.7 (VC9 X86 32bit thread safe) + PEAR -->
|
| 563 |
<div class="mmode-tinymce">
|
|
@@ -572,7 +558,7 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 572 |
<input type="checkbox" name="mmode_countdown_timer" style="margin-top:5px;" value="1" <?php if ( empty( $MMoptions['bps_maint_countdown_timer'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_countdown_timer'], 1 ); } ?> /><label for="mmode"><?php _e('Enable Countdown Timer', 'bulletproof-security'); ?></label><br /><br />
|
| 573 |
|
| 574 |
<label for="mmode"><?php _e('Countdown Timer Text Color:', 'bulletproof-security'); ?></label><br />
|
| 575 |
-
<select name="mmode_countdown_timer_color" class="form-
|
| 576 |
<option value="lime" <?php selected('lime', $bps_maint_countdown_timer_color); ?>><?php _e('LCD|Lime Green', 'bulletproof-security'); ?></option>
|
| 577 |
<option value="white" <?php selected('white', $bps_maint_countdown_timer_color); ?>><?php _e('White', 'bulletproof-security'); ?></option>
|
| 578 |
<option value="silver" <?php selected('silver', $bps_maint_countdown_timer_color); ?>><?php _e('Silver', 'bulletproof-security'); ?></option>
|
|
@@ -581,40 +567,37 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 581 |
|
| 582 |
<label for="mmode"><?php _e('Maintenance Mode Time (in Minutes):', 'bulletproof-security'); ?></label><br />
|
| 583 |
<label for="mmode"><?php _e('Example: 10 = 10 minutes, 180 = 3 hours, 1440 = 24 hours.', 'bulletproof-security'); ?></label><br />
|
| 584 |
-
<input type="text" name="mmode_time" class="regular-text-
|
| 585 |
|
| 586 |
-
<label for="mmode"><?php _e('Header Retry-After (
|
| 587 |
<label for="mmode"><?php _e('Example: 10 = 10 minutes, 180 = 3 hours, 1440 = 24 hours.', 'bulletproof-security'); ?></label><br />
|
| 588 |
-
<input type="text" name="mmode_retry_after" class="regular-text-
|
| 589 |
|
| 590 |
<input type="checkbox" name="mmode_frontend" value="1" <?php if ( empty( $MMoptions['bps_maint_frontend'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_frontend'], 1 ); } ?> /><label for="mmode"><?php _e('Enable FrontEnd Maintenance Mode', 'bulletproof-security'); ?></label><br /><br />
|
| 591 |
|
| 592 |
<?php if ( is_multisite() && $blog_id != 1 ) { echo '<div style="margin:0px 0px 0px 0px;"></div>'; } else { ?>
|
| 593 |
|
| 594 |
<div id="mmode-caution">
|
| 595 |
-
<?php $text = '<font color="#fb0101">'.__('CAUTION: ', 'bulletproof-security').'</font><font color="blue">'.__('You MUST enter Your Current IP Address or the
|
|
|
|
| 596 |
<input type="checkbox" name="mmode_backend" value="1" <?php if ( empty( $MMoptions['bps_maint_backend'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_backend'], 1 ); } ?> /><label for="mmode"><?php _e('Enable BackEnd Maintenance Mode ', 'bulletproof-security'); ?></label><br /><br />
|
| 597 |
|
| 598 |
-
<?php }
|
|
|
|
|
|
|
|
|
|
|
|
|
| 599 |
|
| 600 |
<!-- important note: in a text area you cannot leave whitespace within the form code or that whitespace will be echoed -->
|
| 601 |
-
<label for="mmode"><?php _e('Maintenance Mode IP Address Whitelist Text Box:', 'bulletproof-security'); ?></label
|
| 602 |
-
|
| 603 |
-
<span class="mmode-small-text">
|
| 604 |
-
<?php _e('Enter The IP Address That Can View The Website Normally (not in Maintenance Mode).', 'bulletproof-security'); ?><br />
|
| 605 |
-
<?php _e('Enter Multiple IP addresses separated by a comma and a single space.', 'bulletproof-security'); ?><br />
|
| 606 |
-
<?php _e('Example IPv4 IP Addresses: 100.99.88.77, 200.66.55.44, 44.33.22.1', 'bulletproof-security'); ?><br />
|
| 607 |
-
<?php _e('Example IPv6 IP Addresses: 0:0:0:0:0:ffff:6463:584d, 0:0:0:0:0:ffff:c842:372c', 'bulletproof-security'); ?><br />
|
| 608 |
-
</span>
|
| 609 |
-
</div>
|
| 610 |
-
|
| 611 |
<?php bps_get_proxy_real_ip_address_maint(); ?>
|
| 612 |
|
| 613 |
<input type="hidden" name="scrolltommode1" id="scrolltommode1" value="<?php echo esc_html( $scrolltommode1 ); ?>" />
|
| 614 |
-
<textarea class="PFW-Allow-From-Text-Area" name="mmode_ip_allowed" id="mmode_ip_allowed" tabindex="1"><?php echo trim( $bps_maint_ip_allowed, ", \t\n\r"); ?></textarea><br /><br />
|
| 615 |
|
| 616 |
<label for="mmode"><?php _e('Background Images:', 'bulletproof-security'); ?></label><br />
|
| 617 |
-
<select name="mmode_background_images" class="form-
|
| 618 |
<option value="0" <?php selected('0', $bps_maint_background_images); ?>><?php _e('No Background Image', 'bulletproof-security'); ?></option>
|
| 619 |
<option value="<?php echo $blackHL; ?>" <?php selected($blackHL, $bps_maint_background_images); ?>><?php _e('Black Honeycomb Large', 'bulletproof-security'); ?></option>
|
| 620 |
<option value="<?php echo $blackHLG; ?>" <?php selected($blackHLG, $bps_maint_background_images); ?>><?php _e('Black Honeycomb Large Grey Line', 'bulletproof-security'); ?></option>
|
|
@@ -639,7 +622,7 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 639 |
</select><br /><br />
|
| 640 |
|
| 641 |
<label for="mmode"><?php _e('Center Images:', 'bulletproof-security'); ?></label><br />
|
| 642 |
-
<select name="mmode_center_images" class="form-
|
| 643 |
<option value="0" <?php selected('0', $bps_maint_center_images); ?>><?php _e('No Center Image', 'bulletproof-security'); ?></option>
|
| 644 |
<option value="<?php echo $basicBlack; ?>" <?php selected($basicBlack, $bps_maint_center_images); ?>><?php _e('Basic Black', 'bulletproof-security'); ?></option>
|
| 645 |
<option value="<?php echo $blackVeins; ?>" <?php selected($blackVeins, $bps_maint_center_images); ?>><?php _e('Black Veins', 'bulletproof-security'); ?></option>
|
|
@@ -659,7 +642,7 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 659 |
</select><br /><br />
|
| 660 |
|
| 661 |
<label for="mmode"><?php _e('Background Colors (If not using a Background Image):', 'bulletproof-security'); ?></label><br />
|
| 662 |
-
<select name="mmode_background_color" class="form-
|
| 663 |
<option value="white" <?php selected('white', $bps_maint_background_color); ?>><?php _e('No Background Color', 'bulletproof-security'); ?></option>
|
| 664 |
<option value="white" <?php selected('white', $bps_maint_background_color); ?>><?php _e('White', 'bulletproof-security'); ?></option>
|
| 665 |
<option value="black" <?php selected('black', $bps_maint_background_color); ?>><?php _e('Black', 'bulletproof-security'); ?></option>
|
|
@@ -670,20 +653,20 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 670 |
|
| 671 |
<input type="checkbox" name="mmode_login_link" value="1" <?php if ( empty( $MMoptions['bps_maint_show_login_link'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_show_login_link'], 1 ); } ?> /><label for="mmode"><?php _e('Display Admin|Login Link', 'bulletproof-security'); ?></label><br /><br />
|
| 672 |
|
| 673 |
-
<input type="checkbox" name="mmode_dashboard_reminder" value="1" <?php if ( empty( $MMoptions['bps_maint_dashboard_reminder'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_dashboard_reminder'], 1 ); } ?> /><label for="mmode"><?php _e('Display Dashboard Reminder Message
|
| 674 |
|
| 675 |
<input type="checkbox" name="mmode_log_visitors" value="1" <?php if ( empty( $MMoptions['bps_maint_log_visitors'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_log_visitors'], 1 ); } ?> /><label for="mmode"><?php _e('Enable Visitor Logging', 'bulletproof-security'); ?></label><br /><br />
|
| 676 |
|
| 677 |
-
<input type="checkbox" name="mmode_countdown_email" value="1" <?php if ( empty( $MMoptions['bps_maint_countdown_email'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_countdown_email'], 1 ); } ?> /><label for="mmode"><?php _e('Send Email
|
| 678 |
|
| 679 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email To:', 'bulletproof-security'); ?> </label></strong><br />
|
| 680 |
-
<input type="text" name="mmode_email_to" class="regular-text-
|
| 681 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email From:', 'bulletproof-security'); ?> </label></strong><br />
|
| 682 |
-
<input type="text" name="mmode_email_from" class="regular-text-
|
| 683 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email Cc:', 'bulletproof-security'); ?> </label></strong><br />
|
| 684 |
-
<input type="text" name="mmode_email_cc" class="regular-text-
|
| 685 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email Bcc:', 'bulletproof-security'); ?> </label></strong><br />
|
| 686 |
-
<input type="text" name="mmode_email_bcc" class="regular-text-
|
| 687 |
|
| 688 |
</div>
|
| 689 |
|
|
@@ -694,7 +677,7 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 694 |
|
| 695 |
<?php if ( is_multisite() && $blog_id != 1 ) { echo '<div style="margin:0px 0px 10px 0px;"></div>'; } else { ?>
|
| 696 |
|
| 697 |
-
<strong><label for="mmode" style="color:#
|
| 698 |
<input type="checkbox" name="mmode_mu_entire_site" value="1" <?php if ( empty( $MMoptions['bps_maint_mu_entire_site'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_mu_entire_site'], 1 ); } ?> /><label for="mmode"><?php _e('Put The Primary Site And All Subsites In Maintenance Mode', 'bulletproof-security'); ?></label><br /><br />
|
| 699 |
|
| 700 |
<input type="checkbox" name="mmode_mu_subsites_only" value="1" <?php if ( empty( $MMoptions['bps_maint_mu_subsites_only'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_mu_subsites_only'], 1 ); } ?> /><label for="mmode"><?php _e('Put All Subsites In Maintenance Mode, But Not The Primary Site', 'bulletproof-security'); ?></label><br /><br />
|
|
@@ -721,9 +704,30 @@ jQuery(document).ready(function($){
|
|
| 721 |
</script>
|
| 722 |
|
| 723 |
<?php
|
| 724 |
-
// Maintenance Mode Preview
|
|
|
|
|
|
|
|
|
|
|
|
|
| 725 |
if ( isset( $_POST['maintenance-mode-preview-submit'] ) && current_user_can('manage_options') ) {
|
| 726 |
check_admin_referer( 'bulletproof_security_maintenance_preview' );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 727 |
}
|
| 728 |
?>
|
| 729 |
|
|
@@ -734,27 +738,25 @@ if ( isset( $_POST['maintenance-mode-preview-submit'] ) && current_user_can('man
|
|
| 734 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 735 |
|
| 736 |
if ( is_subdomain_install() ) {
|
| 737 |
-
|
| 738 |
$subsite_remove_slashes = str_replace( '.', "-", $current_blog->domain );
|
| 739 |
-
|
| 740 |
} else {
|
| 741 |
-
|
| 742 |
$subsite_remove_slashes = str_replace( '/', "", $current_blog->path );
|
| 743 |
}
|
| 744 |
?>
|
| 745 |
|
| 746 |
-
<form name="MaintenanceModePreview" method="post" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" target="" onSubmit="window.open('<?php echo plugins_url('/bulletproof-security/admin/htaccess/bps-maintenance-'.$subsite_remove_slashes.'.php'); ?>','','scrollbars=yes,menubar=yes,
|
| 747 |
<?php wp_nonce_field('bulletproof_security_maintenance_preview'); ?>
|
| 748 |
-
|
|
|
|
| 749 |
<input type="submit" name="maintenance-mode-preview-submit" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Preview', 'bulletproof-security') ?>" />
|
| 750 |
-
</
|
| 751 |
</form>
|
| 752 |
|
| 753 |
<?php } else { ?>
|
| 754 |
|
| 755 |
-
<form name="MaintenanceModePreview" method="post" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" target="" onSubmit="window.open('<?php echo plugins_url('/bulletproof-security/admin/htaccess/bps-maintenance.php'); ?>','','scrollbars=yes,menubar=yes,
|
| 756 |
<?php wp_nonce_field('bulletproof_security_maintenance_preview'); ?>
|
| 757 |
-
<p class="submit" style="float:left;margin:
|
| 758 |
<input type="submit" name="maintenance-mode-preview-submit" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Preview', 'bulletproof-security') ?>" />
|
| 759 |
</p>
|
| 760 |
</form>
|
|
@@ -763,16 +765,16 @@ if ( isset( $_POST['maintenance-mode-preview-submit'] ) && current_user_can('man
|
|
| 763 |
|
| 764 |
<form name="bpsMaintenanceModeOn" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" method="post">
|
| 765 |
<?php wp_nonce_field('bulletproof_security_mmode_on'); ?>
|
| 766 |
-
<
|
| 767 |
<input type="submit" name="Submit-maintenance-mode-on" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Turn On', 'bulletproof-security') ?>" />
|
| 768 |
-
</
|
| 769 |
</form>
|
| 770 |
|
| 771 |
<form name="bpsMaintenanceModeOff" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" method="post">
|
| 772 |
<?php wp_nonce_field('bulletproof_security_mmode_off'); ?>
|
| 773 |
-
<
|
| 774 |
<input type="submit" name="Submit-maintenance-mode-off" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Turn Off', 'bulletproof-security') ?>" />
|
| 775 |
-
</
|
| 776 |
</form>
|
| 777 |
|
| 778 |
</div>
|
|
@@ -783,7 +785,7 @@ function bpsPro_mmode_single_gwiod_turn_on() {
|
|
| 783 |
global $bps_topDiv, $bps_bottomDiv;
|
| 784 |
|
| 785 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 786 |
-
$permsIndex =
|
| 787 |
$sapi_type = php_sapi_name();
|
| 788 |
$root_index_file = ABSPATH . 'index.php';
|
| 789 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
|
@@ -835,12 +837,12 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 835 |
|
| 836 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 837 |
|
| 838 |
-
if (
|
| 839 |
$lock = '0400';
|
| 840 |
}
|
| 841 |
|
| 842 |
-
if (
|
| 843 |
-
|
| 844 |
}
|
| 845 |
|
| 846 |
$index_contents = file_get_contents($root_index_file);
|
|
@@ -851,13 +853,13 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 851 |
}
|
| 852 |
|
| 853 |
// first, second, third clicks...
|
| 854 |
-
|
| 855 |
|
| 856 |
// first click only, but someone may want to modify the Master mmode template file so copy it again
|
| 857 |
-
|
| 858 |
|
| 859 |
// first, second, third clicks...
|
| 860 |
-
|
| 861 |
|
| 862 |
echo $bps_topDiv;
|
| 863 |
$text = '<font color="green"><strong>'.__('FrontEnd Maintenance Mode has been Turned On.', 'bulletproof-security').'</strong></font>';
|
|
@@ -865,7 +867,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 865 |
echo $bps_bottomDiv;
|
| 866 |
|
| 867 |
if ( $lock == '0400') {
|
| 868 |
-
|
| 869 |
}
|
| 870 |
}
|
| 871 |
}
|
|
@@ -890,7 +892,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 890 |
|
| 891 |
$MMAllowFromTXT = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode.txt';
|
| 892 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 893 |
-
$permsHtaccess =
|
| 894 |
$sapi_type = php_sapi_name();
|
| 895 |
# BPS .52.5: new pattern|new IfModule conditions
|
| 896 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
|
@@ -899,12 +901,12 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 899 |
|
| 900 |
if ( $MMoptions['bps_maint_ip_allowed'] != '' && $MMoptions['bps_maint_backend'] == '1' ) {
|
| 901 |
|
| 902 |
-
if (
|
| 903 |
$lock = '0404';
|
| 904 |
}
|
| 905 |
|
| 906 |
-
if (
|
| 907 |
-
|
| 908 |
}
|
| 909 |
|
| 910 |
$wpadmin_allow_from = array_filter( explode(', ', trim( $MMoptions['bps_maint_ip_allowed'], ", \t\n\r") ) );
|
|
@@ -949,7 +951,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 949 |
}
|
| 950 |
|
| 951 |
if ( $lock == '0404') {
|
| 952 |
-
|
| 953 |
}
|
| 954 |
|
| 955 |
echo $bps_topDiv;
|
|
@@ -966,7 +968,7 @@ function bpsPro_mmode_network_turn_on() {
|
|
| 966 |
global $current_blog, $blog_id, $bps_topDiv, $bps_bottomDiv;
|
| 967 |
|
| 968 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 969 |
-
$permsIndex =
|
| 970 |
$sapi_type = php_sapi_name();
|
| 971 |
$root_index_file = ABSPATH . 'index.php';
|
| 972 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
|
@@ -1033,7 +1035,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1033 |
|
| 1034 |
// backup the original WP root index.php file ONLY once the first time mmode is turned On and never again.
|
| 1035 |
if ( !file_exists($root_index_file_backup) ) {
|
| 1036 |
-
|
| 1037 |
}
|
| 1038 |
|
| 1039 |
// Primary Network Site
|
|
@@ -1055,17 +1057,17 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1055 |
|
| 1056 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1057 |
|
| 1058 |
-
if (
|
| 1059 |
$lock = '0400';
|
| 1060 |
}
|
| 1061 |
|
| 1062 |
-
if (
|
| 1063 |
-
|
| 1064 |
}
|
| 1065 |
|
| 1066 |
-
|
| 1067 |
-
|
| 1068 |
-
|
| 1069 |
|
| 1070 |
echo $bps_topDiv;
|
| 1071 |
$text = '<font color="green"><strong>'.__('FrontEnd Maintenance Mode has been Turned On.', 'bulletproof-security').'</strong></font>';
|
|
@@ -1078,7 +1080,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1078 |
}
|
| 1079 |
|
| 1080 |
if ( $lock == '0400') {
|
| 1081 |
-
|
| 1082 |
}
|
| 1083 |
}
|
| 1084 |
}
|
|
@@ -1155,19 +1157,19 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1155 |
|
| 1156 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1157 |
|
| 1158 |
-
if (
|
| 1159 |
$lock = '0400';
|
| 1160 |
}
|
| 1161 |
|
| 1162 |
-
if (
|
| 1163 |
-
|
| 1164 |
}
|
| 1165 |
|
| 1166 |
-
|
| 1167 |
-
|
| 1168 |
-
|
| 1169 |
-
|
| 1170 |
-
|
| 1171 |
|
| 1172 |
echo $bps_topDiv;
|
| 1173 |
$text = '<font color="green"><strong>'.__('FrontEnd Maintenance Mode has been Turned On.', 'bulletproof-security').'</strong></font>';
|
|
@@ -1180,7 +1182,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1180 |
}
|
| 1181 |
|
| 1182 |
if ( $lock == '0400') {
|
| 1183 |
-
|
| 1184 |
}
|
| 1185 |
}
|
| 1186 |
}
|
|
@@ -1208,7 +1210,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1208 |
|
| 1209 |
$MMAllowFromTXT = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode.txt';
|
| 1210 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1211 |
-
$permsHtaccess =
|
| 1212 |
$sapi_type = php_sapi_name();
|
| 1213 |
# BPS .52.5: new pattern|new IfModule conditions
|
| 1214 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
|
@@ -1217,12 +1219,12 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1217 |
|
| 1218 |
if ( $MMoptions['bps_maint_ip_allowed'] != '' && $MMoptions['bps_maint_backend'] == '1' ) {
|
| 1219 |
|
| 1220 |
-
if (
|
| 1221 |
$lock = '0404';
|
| 1222 |
}
|
| 1223 |
|
| 1224 |
-
if (
|
| 1225 |
-
|
| 1226 |
}
|
| 1227 |
|
| 1228 |
$wpadmin_allow_from = array_filter( explode(', ', trim( $MMoptions['bps_maint_ip_allowed'], ", \t\n\r") ) );
|
|
@@ -1267,7 +1269,7 @@ $format_error_2 = '/,[^\s]/'; // no whitespaces between commas
|
|
| 1267 |
}
|
| 1268 |
|
| 1269 |
if ( $lock == '0404') {
|
| 1270 |
-
|
| 1271 |
}
|
| 1272 |
|
| 1273 |
echo $bps_topDiv;
|
|
@@ -1359,7 +1361,7 @@ $gwiod_pattern_ip = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*(.*)\s*#\sEND\sBPS\
|
|
| 1359 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1360 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1361 |
$gwiod_root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_gwiod_index.php';
|
| 1362 |
-
$gwiod_permsIndex =
|
| 1363 |
$sapi_type = php_sapi_name();
|
| 1364 |
|
| 1365 |
if ( ! file_exists( $gwiod_root_index_file ) ) {
|
|
@@ -1385,12 +1387,12 @@ $gwiod_pattern_ip = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*(.*)\s*#\sEND\sBPS\
|
|
| 1385 |
|
| 1386 |
if ( file_put_contents($gwiod_MMindexMaster, $gwiod_stringReplace) ) {
|
| 1387 |
|
| 1388 |
-
if (
|
| 1389 |
$lock = '0400';
|
| 1390 |
}
|
| 1391 |
|
| 1392 |
-
if (
|
| 1393 |
-
|
| 1394 |
}
|
| 1395 |
|
| 1396 |
$gwiod_index_contents = file_get_contents($gwiod_root_index_file);
|
|
@@ -1400,10 +1402,10 @@ $gwiod_pattern_ip = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*(.*)\s*#\sEND\sBPS\
|
|
| 1400 |
copy( $gwiod_root_index_file, $gwiod_root_index_file_backup );
|
| 1401 |
}
|
| 1402 |
|
| 1403 |
-
|
| 1404 |
|
| 1405 |
if ( $lock == '0400') {
|
| 1406 |
-
|
| 1407 |
}
|
| 1408 |
}
|
| 1409 |
}
|
|
@@ -1425,7 +1427,7 @@ $actual_wp_install_url = get_site_option('siteurl');
|
|
| 1425 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1426 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1427 |
$gwiod_root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_gwiod_index.php';
|
| 1428 |
-
$gwiod_permsIndex =
|
| 1429 |
$sapi_type = php_sapi_name();
|
| 1430 |
|
| 1431 |
if ( ! file_exists( $gwiod_root_index_file ) ) {
|
|
@@ -1437,12 +1439,12 @@ $actual_wp_install_url = get_site_option('siteurl');
|
|
| 1437 |
|
| 1438 |
} else {
|
| 1439 |
|
| 1440 |
-
if (
|
| 1441 |
$lock = '0400';
|
| 1442 |
}
|
| 1443 |
|
| 1444 |
-
if (
|
| 1445 |
-
|
| 1446 |
}
|
| 1447 |
|
| 1448 |
if ( !file_exists($gwiod_root_index_file_backup) ) {
|
|
@@ -1468,7 +1470,7 @@ $actual_wp_install_url = get_site_option('siteurl');
|
|
| 1468 |
if ( file_put_contents($gwiod_root_index_file, $gwiod_stringReplace) ) {
|
| 1469 |
|
| 1470 |
if ( $lock == '0400') {
|
| 1471 |
-
|
| 1472 |
}
|
| 1473 |
}
|
| 1474 |
}
|
|
@@ -1483,7 +1485,7 @@ function bpsPro_mmode_single_gwiod_turn_off_frontend() {
|
|
| 1483 |
global $bps_topDiv, $bps_bottomDiv;
|
| 1484 |
|
| 1485 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1486 |
-
$permsIndex =
|
| 1487 |
$sapi_type = php_sapi_name();
|
| 1488 |
$root_index_file = ABSPATH . 'index.php';
|
| 1489 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
|
@@ -1492,26 +1494,26 @@ $root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values.php';
|
|
| 1492 |
|
| 1493 |
if ( file_exists($root_index_file_backup) ) {
|
| 1494 |
|
| 1495 |
-
if (
|
| 1496 |
$lock = '0400';
|
| 1497 |
}
|
| 1498 |
|
| 1499 |
-
if (
|
| 1500 |
-
|
| 1501 |
}
|
| 1502 |
|
| 1503 |
-
if (
|
| 1504 |
|
| 1505 |
$delete_files = array($root_folder_maintenance, $root_folder_maintenance_values);
|
| 1506 |
|
| 1507 |
foreach ( $delete_files as $file ) {
|
| 1508 |
if ( file_exists($file) ) {
|
| 1509 |
-
|
| 1510 |
}
|
| 1511 |
}
|
| 1512 |
|
| 1513 |
if ( $lock == '0400') {
|
| 1514 |
-
|
| 1515 |
}
|
| 1516 |
|
| 1517 |
echo $bps_topDiv;
|
|
@@ -1529,22 +1531,22 @@ $root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values.php';
|
|
| 1529 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1530 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1531 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1532 |
-
$gwiod_permsIndex =
|
| 1533 |
|
| 1534 |
if ( file_exists($gwiod_root_index_file_backup) ) {
|
| 1535 |
|
| 1536 |
-
if (
|
| 1537 |
$lock = '0400';
|
| 1538 |
}
|
| 1539 |
|
| 1540 |
-
if (
|
| 1541 |
-
|
| 1542 |
}
|
| 1543 |
|
| 1544 |
-
|
| 1545 |
|
| 1546 |
if ( $lock == '0400') {
|
| 1547 |
-
|
| 1548 |
}
|
| 1549 |
}
|
| 1550 |
}
|
|
@@ -1556,7 +1558,7 @@ function bpsPro_mmode_network_turn_off_frontend() {
|
|
| 1556 |
global $current_blog, $blog_id, $bps_topDiv, $bps_bottomDiv;
|
| 1557 |
|
| 1558 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1559 |
-
$permsIndex =
|
| 1560 |
$sapi_type = php_sapi_name();
|
| 1561 |
$root_index_file = ABSPATH . 'index.php';
|
| 1562 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
|
@@ -1565,18 +1567,18 @@ $root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values.php';
|
|
| 1565 |
$root_folder_maintenance = ABSPATH . 'bps-maintenance.php';
|
| 1566 |
$MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode-index-MU.php';
|
| 1567 |
|
| 1568 |
-
if (
|
| 1569 |
$lock = '0400';
|
| 1570 |
}
|
| 1571 |
|
| 1572 |
-
if (
|
| 1573 |
-
|
| 1574 |
}
|
| 1575 |
|
| 1576 |
// Primary Network Site
|
| 1577 |
if ( is_multisite() && $blog_id == 1 ) {
|
| 1578 |
|
| 1579 |
-
$stringReplace =
|
| 1580 |
|
| 1581 |
if ( preg_match( '/#\sBEGIN\sPRIMARY\sSITE\sSTATUS\s*(.*)\s*#\sEND\sPRIMARY\sSITE\sSTATUS/', $stringReplace, $matches ) ) {
|
| 1582 |
|
|
@@ -1584,8 +1586,8 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1584 |
}
|
| 1585 |
|
| 1586 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1587 |
-
|
| 1588 |
-
|
| 1589 |
}
|
| 1590 |
|
| 1591 |
// Network Subsites
|
|
@@ -1605,7 +1607,7 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1605 |
$subsite_root_folder_maintenance = ABSPATH . 'bps-maintenance-'.$subsite_remove_slashes.'.php';
|
| 1606 |
$subsite_root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values-'.$subsite_remove_slashes.'.php';
|
| 1607 |
|
| 1608 |
-
$stringReplace =
|
| 1609 |
|
| 1610 |
if ( is_multisite() && ! is_subdomain_install() ) {
|
| 1611 |
|
|
@@ -1623,20 +1625,20 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1623 |
}
|
| 1624 |
|
| 1625 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1626 |
-
|
| 1627 |
}
|
| 1628 |
|
| 1629 |
$delete_files = array($subsite_root_folder_maintenance, $subsite_root_folder_maintenance_values);
|
| 1630 |
|
| 1631 |
foreach ( $delete_files as $file ) {
|
| 1632 |
if ( file_exists($file) ) {
|
| 1633 |
-
|
| 1634 |
}
|
| 1635 |
}
|
| 1636 |
}
|
| 1637 |
|
| 1638 |
if ( $lock == '0400') {
|
| 1639 |
-
|
| 1640 |
}
|
| 1641 |
|
| 1642 |
echo $bps_topDiv;
|
|
@@ -1651,17 +1653,17 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1651 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1652 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1653 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1654 |
-
$gwiod_permsIndex =
|
| 1655 |
|
| 1656 |
-
if (
|
| 1657 |
$lock = '0400';
|
| 1658 |
}
|
| 1659 |
|
| 1660 |
-
if (
|
| 1661 |
-
|
| 1662 |
}
|
| 1663 |
|
| 1664 |
-
if (
|
| 1665 |
|
| 1666 |
$gwiod_stringReplace = file_get_contents($gwiod_root_index_file);
|
| 1667 |
}
|
|
@@ -1679,7 +1681,7 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1679 |
if ( file_put_contents($gwiod_root_index_file, $gwiod_stringReplace) ) {
|
| 1680 |
|
| 1681 |
if ( $lock == '0400') {
|
| 1682 |
-
|
| 1683 |
}
|
| 1684 |
}
|
| 1685 |
}
|
|
@@ -1696,7 +1698,7 @@ $sapi_type = php_sapi_name();
|
|
| 1696 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1697 |
$pattern3 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP(.*\s*){8}(Allow(.*)\s*){1,}<\/IfModule>\s*<\/IfModule>\s*#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1698 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1699 |
-
$permsHtaccess =
|
| 1700 |
|
| 1701 |
// .53.6: htaccess Files Disabled
|
| 1702 |
$HFiles_options = get_option('bulletproof_security_options_htaccess_files');
|
|
@@ -1711,12 +1713,12 @@ $permsHtaccess = @substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
|
| 1711 |
|
| 1712 |
if ( file_exists($wpadminHtaccess) ) {
|
| 1713 |
|
| 1714 |
-
if (
|
| 1715 |
$lock = '0404';
|
| 1716 |
}
|
| 1717 |
|
| 1718 |
-
if (
|
| 1719 |
-
|
| 1720 |
}
|
| 1721 |
|
| 1722 |
$stringReplace = file_get_contents($wpadminHtaccess);
|
|
@@ -1739,7 +1741,7 @@ $permsHtaccess = @substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
|
| 1739 |
if ( file_put_contents($wpadminHtaccess, $stringReplace) ) {
|
| 1740 |
|
| 1741 |
if ( $lock == '0404') {
|
| 1742 |
-
|
| 1743 |
}
|
| 1744 |
|
| 1745 |
echo $bps_topDiv;
|
|
@@ -1758,7 +1760,7 @@ function bpsPro_mmode_single_gwiod_turn_off() {
|
|
| 1758 |
global $bps_topDiv, $bps_bottomDiv;
|
| 1759 |
|
| 1760 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1761 |
-
$permsIndex =
|
| 1762 |
$sapi_type = php_sapi_name();
|
| 1763 |
$root_index_file = ABSPATH . 'index.php';
|
| 1764 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
|
@@ -1769,30 +1771,30 @@ $pattern = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*(.*)\s*#\sEND\sBPS\sMAINTENA
|
|
| 1769 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1770 |
$pattern3 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP(.*\s*){8}(Allow(.*)\s*){1,}<\/IfModule>\s*<\/IfModule>\s*#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1771 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1772 |
-
$permsHtaccess =
|
| 1773 |
|
| 1774 |
if ( file_exists($root_index_file_backup) ) {
|
| 1775 |
|
| 1776 |
-
if (
|
| 1777 |
$lock = '0400';
|
| 1778 |
}
|
| 1779 |
|
| 1780 |
-
if (
|
| 1781 |
-
|
| 1782 |
}
|
| 1783 |
|
| 1784 |
-
if (
|
| 1785 |
|
| 1786 |
$delete_files = array($root_folder_maintenance, $root_folder_maintenance_values);
|
| 1787 |
|
| 1788 |
foreach ( $delete_files as $file ) {
|
| 1789 |
if ( file_exists($file) ) {
|
| 1790 |
-
|
| 1791 |
}
|
| 1792 |
}
|
| 1793 |
|
| 1794 |
if ( $lock == '0400') {
|
| 1795 |
-
|
| 1796 |
}
|
| 1797 |
|
| 1798 |
echo $bps_topDiv;
|
|
@@ -1809,22 +1811,22 @@ $permsHtaccess = @substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
|
| 1809 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1810 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1811 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1812 |
-
$gwiod_permsIndex =
|
| 1813 |
|
| 1814 |
if ( file_exists($gwiod_root_index_file_backup) ) {
|
| 1815 |
|
| 1816 |
-
if (
|
| 1817 |
$lock = '0400';
|
| 1818 |
}
|
| 1819 |
|
| 1820 |
-
if (
|
| 1821 |
-
|
| 1822 |
}
|
| 1823 |
|
| 1824 |
-
|
| 1825 |
|
| 1826 |
if ( $lock == '0400') {
|
| 1827 |
-
|
| 1828 |
}
|
| 1829 |
}
|
| 1830 |
|
|
@@ -1842,12 +1844,12 @@ $permsHtaccess = @substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
|
| 1842 |
// wp-admin .htaccess
|
| 1843 |
if ( file_exists($wpadminHtaccess) ) {
|
| 1844 |
|
| 1845 |
-
if (
|
| 1846 |
$lock = '0404';
|
| 1847 |
}
|
| 1848 |
|
| 1849 |
-
if (
|
| 1850 |
-
|
| 1851 |
}
|
| 1852 |
|
| 1853 |
$stringReplace = file_get_contents($wpadminHtaccess);
|
|
@@ -1865,7 +1867,7 @@ $permsHtaccess = @substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
|
| 1865 |
if ( file_put_contents($wpadminHtaccess, $stringReplace) ) {
|
| 1866 |
|
| 1867 |
if ( $lock == '0404') {
|
| 1868 |
-
|
| 1869 |
}
|
| 1870 |
|
| 1871 |
echo $bps_topDiv;
|
|
@@ -1885,7 +1887,7 @@ function bpsPro_mmode_network_turn_off() {
|
|
| 1885 |
global $current_blog, $blog_id, $bps_topDiv, $bps_bottomDiv;
|
| 1886 |
|
| 1887 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1888 |
-
$permsIndex =
|
| 1889 |
$sapi_type = php_sapi_name();
|
| 1890 |
$root_index_file = ABSPATH . 'index.php';
|
| 1891 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
|
@@ -1897,21 +1899,21 @@ $pattern = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*(.*)\s*#\sEND\sBPS\sMAINTENA
|
|
| 1897 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1898 |
$pattern3 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP(.*\s*){8}(Allow(.*)\s*){1,}<\/IfModule>\s*<\/IfModule>\s*#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1899 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1900 |
-
$permsHtaccess =
|
| 1901 |
$MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode-index-MU.php';
|
| 1902 |
|
| 1903 |
-
if (
|
| 1904 |
$lock = '0400';
|
| 1905 |
}
|
| 1906 |
|
| 1907 |
-
if (
|
| 1908 |
-
|
| 1909 |
}
|
| 1910 |
|
| 1911 |
// Primary Network Site
|
| 1912 |
if ( is_multisite() && $blog_id == 1 ) {
|
| 1913 |
|
| 1914 |
-
$stringReplace =
|
| 1915 |
|
| 1916 |
if ( preg_match( '/#\sBEGIN\sPRIMARY\sSITE\sSTATUS\s*(.*)\s*#\sEND\sPRIMARY\sSITE\sSTATUS/', $stringReplace, $matches ) ) {
|
| 1917 |
|
|
@@ -1919,8 +1921,8 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1919 |
}
|
| 1920 |
|
| 1921 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1922 |
-
|
| 1923 |
-
|
| 1924 |
}
|
| 1925 |
|
| 1926 |
// Network Subsites
|
|
@@ -1940,7 +1942,7 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1940 |
$subsite_root_folder_maintenance = ABSPATH . 'bps-maintenance-'.$subsite_remove_slashes.'.php';
|
| 1941 |
$subsite_root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values-'.$subsite_remove_slashes.'.php';
|
| 1942 |
|
| 1943 |
-
$stringReplace =
|
| 1944 |
//$subsite_subdomain_variable = str_replace( '.', "_", $current_blog->domain );
|
| 1945 |
|
| 1946 |
if ( is_multisite() && ! is_subdomain_install() ) {
|
|
@@ -1959,20 +1961,20 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1959 |
}
|
| 1960 |
|
| 1961 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1962 |
-
|
| 1963 |
}
|
| 1964 |
|
| 1965 |
$delete_files = array( $subsite_root_folder_maintenance, $subsite_root_folder_maintenance_values );
|
| 1966 |
|
| 1967 |
foreach ( $delete_files as $file ) {
|
| 1968 |
if ( file_exists($file) ) {
|
| 1969 |
-
|
| 1970 |
}
|
| 1971 |
}
|
| 1972 |
}
|
| 1973 |
|
| 1974 |
if ( $lock == '0400') {
|
| 1975 |
-
|
| 1976 |
}
|
| 1977 |
|
| 1978 |
echo $bps_topDiv;
|
|
@@ -1987,17 +1989,17 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 1987 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1988 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1989 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1990 |
-
$gwiod_permsIndex =
|
| 1991 |
|
| 1992 |
-
if (
|
| 1993 |
$lock = '0400';
|
| 1994 |
}
|
| 1995 |
|
| 1996 |
-
if (
|
| 1997 |
-
|
| 1998 |
}
|
| 1999 |
|
| 2000 |
-
if (
|
| 2001 |
|
| 2002 |
$gwiod_stringReplace = file_get_contents($gwiod_root_index_file);
|
| 2003 |
}
|
|
@@ -2015,7 +2017,7 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 2015 |
if ( file_put_contents($gwiod_root_index_file, $gwiod_stringReplace) ) {
|
| 2016 |
|
| 2017 |
if ( $lock == '0400') {
|
| 2018 |
-
|
| 2019 |
}
|
| 2020 |
}
|
| 2021 |
|
|
@@ -2033,12 +2035,12 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 2033 |
// wp-admin .htaccess
|
| 2034 |
if ( is_multisite() && $blog_id == 1 && file_exists($wpadminHtaccess) ) {
|
| 2035 |
|
| 2036 |
-
if (
|
| 2037 |
$lock = '0404';
|
| 2038 |
}
|
| 2039 |
|
| 2040 |
-
if (
|
| 2041 |
-
|
| 2042 |
}
|
| 2043 |
|
| 2044 |
$stringReplace = file_get_contents($wpadminHtaccess);
|
|
@@ -2056,7 +2058,7 @@ $MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenan
|
|
| 2056 |
if ( file_put_contents($wpadminHtaccess, $stringReplace) ) {
|
| 2057 |
|
| 2058 |
if ( $lock == '0404') {
|
| 2059 |
-
|
| 2060 |
}
|
| 2061 |
|
| 2062 |
echo $bps_topDiv;
|
|
@@ -2142,14 +2144,18 @@ if ( isset( $_POST['Submit-maintenance-mode-off'] ) && current_user_can('manage_
|
|
| 2142 |
|
| 2143 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2144 |
<tr>
|
| 2145 |
-
<td class="bps-table_title"
|
| 2146 |
</tr>
|
| 2147 |
<tr>
|
| 2148 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 2149 |
<a href="https://forum.ait-pro.com/forums/topic/maintenance-mode-guide-read-me-first/" target="_blank"><?php _e('Maintenance Mode Guide', 'bulletproof-security'); ?></a><br /><br />
|
| 2150 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 2151 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 2152 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 2153 |
</td>
|
| 2154 |
</tr>
|
| 2155 |
</table>
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
+
<div id="bps-container" class="wrap">
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 31 |
<h2 class="bps-tab-title">
|
| 32 |
|
| 33 |
<?php
|
| 34 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 35 |
+
_e('Maintenance Mode', 'bulletproof-security');
|
| 36 |
} else {
|
| 37 |
+
_e('Maintenance Mode', 'bulletproof-security');
|
| 38 |
}
|
| 39 |
?>
|
| 40 |
</h2>
|
| 44 |
<?php
|
| 45 |
// General all purpose "Settings Saved." message for forms
|
| 46 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 47 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 48 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 49 |
echo $text;
|
| 50 |
}
|
| 133 |
}
|
| 134 |
|
| 135 |
$create_denyall_htaccess_file = WP_PLUGIN_DIR . '/bulletproof-security/admin/maintenance/.htaccess';
|
| 136 |
+
$bps_htaccess_folder_htaccess = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/.htaccess';
|
| 137 |
+
|
| 138 |
if ( ! file_exists($create_denyall_htaccess_file) ) {
|
| 139 |
$handle = fopen( $create_denyall_htaccess_file, 'w+b' );
|
| 140 |
fwrite( $handle, $denyall_content );
|
| 151 |
fclose( $handle );
|
| 152 |
}
|
| 153 |
}
|
| 154 |
+
copy($create_denyall_htaccess_file, $bps_htaccess_folder_htaccess);
|
| 155 |
}
|
| 156 |
}
|
| 157 |
bpsPro_maintenance_mode_preview_ip();
|
| 189 |
|
| 190 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 191 |
<tr>
|
| 192 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 193 |
</tr>
|
| 194 |
<tr>
|
| 195 |
<td class="bps-table_cell_help">
|
| 196 |
|
| 197 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Maintenance Mode', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 198 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 199 |
|
| 200 |
<div id="bps-modal-content1" class="bps-dialog-hide" style="background-color:#fff; padding:0px 10px 10px 10px;" title="<?php _e('Maintenance Mode', 'bulletproof-security'); ?>">
|
| 201 |
<p>
|
| 202 |
<?php
|
| 203 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 204 |
echo $text;
|
| 205 |
+
|
| 206 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 207 |
+
echo $bpsPro_text;
|
| 208 |
+
|
| 209 |
// Forum Help Links or of course both
|
| 210 |
+
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 211 |
echo $text;
|
| 212 |
?>
|
| 213 |
<strong><a href="https://forum.ait-pro.com/forums/topic/maintenance-mode-guide-read-me-first/" title="Maintenance Mode Guide" target="_blank"><?php _e('Maintenance Mode Guide', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 214 |
|
| 215 |
+
<?php $text = '<strong>'.__('Create/add whatever messages, images, videos, etc. you want to display to website visitors with the MMode Editor, select your MMode options/settings, click the Save Options button, Preview your Maintenance Mode page and click the Turn On button. Rinse and repeat if you make any new changes to your options/settings.', 'bulletproof-security').'</strong><br><br><strong>'.__('For more extensive help info, CSS, HTML code examples, Image & Video embedding code examples to add in the MMode Editor see Forum Help Links at the top of this Question Mark help window.', 'bulletproof-security').'</strong><br><br><strong>'.__('Maintenance Mode Text, CSS Style Code, Images, Videos Displayed To Website Visitors:', 'bulletproof-security').'</strong><br>'.__('This is a standard WordPress TinyMCE WYSIWYG editor that has a Visual Editor and a Text Editor for adding CSS or HTML code. Enter plain text, CSS, HTML code, insert images, videos, etc. For examples/example code of embedding images or YouTube videos using CSS and HTML code, which you can copy and paste into the Text editor, go to the Maintenance Mode Guide Forum Help Link above. After you copy and paste the example code into the Text Editor you can edit it, add/change links/code or whatever you want change and click the Save Options button to save your edits.', 'bulletproof-security').'<br><br><strong>'.__('Enable Countdown Timer:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to enable a javascript Countdown Timer that will be displayed to visitors. When the Countdown Timer reaches 0/has completed your website will still be in Maintenance Mode until you turn Off Maintenance Mode. An additional option will be added in the future to automatically turn off Maintenance Mode when the Countdown Timer reaches 0/has completed.', 'bulletproof-security').'<br><br><strong>'.__('Countdown Timer Text Color:', 'bulletproof-security').'</strong><br>'.__('Select the text color for the Countdown Timer.', 'bulletproof-security').'<br><br><strong>'.__('Maintenance Mode Time (in Minutes):', 'bulletproof-security').'</strong><br>'.__('Enter the amount of time that you want to put your site into Maintenance Mode in minutes. Example: 10 = 10 minutes, 180 = 3 hours, 1440 = 24 hours, 4320 = 3 days.', 'bulletproof-security').'<br><br><strong>'.__('Header Retry-After (enter the same time as Maintenance Mode Time above):', 'bulletproof-security').'</strong><br>'.__('This is the amount of time that you are telling Search Engines to wait before visiting your website again. Enter the same time in minutes that you entered for Maintenance Mode Time.', 'bulletproof-security').'<br><br><strong>'.__('Enable FrontEnd Maintenance Mode:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to enable FrontEnd Maintenance Mode. When you Turn On FrontEnd Maintenance Mode your website Maintenance Mode page will be displayed to website visitors instead of your website. Hint: besides using Preview to see what your site will look like to visitors you can also not enter your IP address in the Maintenance Mode IP Address Whitelist Text Box - CAUTION: do not enable BackEnd Maintenance Mode if you do that or you will be locked out of your WordPress Dashboard.', 'bulletproof-security').'<br><br><strong>'.__('Enable BackEnd Maintenance Mode:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to enable BackEnd Maintenance Mode. Be sure to enter the Your IP address/the Recommended IP address in the Maintenance Mode IP Address Whitelist Text Box before you click the Save Options button and click the Turn On button. If you Turn On BackEnd Maintenance Mode and your IP address is not entered and saved then you will be locked out of your WordPress Dashboard. To get back into your WordPress Dashboard, FTP to your website and delete the /wp-admin/.htaccess file to be able to log back into your WordPress Dashboard.', 'bulletproof-security').'<br><br><strong>'.__('Maintenance Mode IP Address Whitelist Text Box:', 'bulletproof-security').'</strong><br>'.__('Enter The IP Address That Can View The Website Normally (not in Maintenance Mode):', 'bulletproof-security').'<br>'.__('Enter Multiple IP addresses separated by a comma and a single space. Example: 100.99.88.77, 200.66.55.44, 44.33.22.1 It is recommended that you use the Recommended IP address that is displayed to you. IP addresses are dynamic and will be changed frequently by your ISP. The Recommended IP address is 3 octets (xxx.xxx.xxx.) of your IP address instead of 4 octets (xxx.xxx.xxx.xxx). ISP\'s typically only change the 4th octet of IP addresses that are assigned to you. You can use/enter either 1 octet, 2 octets, 3 octets or your current IP address to whitelist your IP address.', 'bulletproof-security').'<br><br><strong>'.__('Background Images:', 'bulletproof-security').'</strong><br>'.__('Select a background image that you want to use. BPS includes 20 background images and 15 center images (text box images) that you can mix and match to your design/color scheme preference.', 'bulletproof-security').'<br><br><strong>'.__('Center Images:', 'bulletproof-security').'</strong><br>'.__('Select a center image that you want to use. BPS includes 20 background images and 15 center images (text box images) that you can mix and match to your design/color scheme preference.', 'bulletproof-security').'<br><br><strong>'.__('Background Colors (If not using a Background Image):', 'bulletproof-security').'</strong><br>'.__('Select a background color that you want to use. If you do not want to use a background image then you can instead choose a background color.', 'bulletproof-security').'<br><br><strong>'.__('Display Visitor IP Address:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to display the website visitor\'s IP addresses.', 'bulletproof-security').'<br><br><strong>'.__('Display Admin|Login Link', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to display a Login link that points to your wp-admin folder/Login page.', 'bulletproof-security').'<br><br><strong>'.__('Display Dashboard Reminder Message when site is in Maintenance Mode:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to display a WordPress Dashboard Reminder Notice that your website is in Maintenance Mode.', 'bulletproof-security').'<br><br><strong>'.__('Enable Visitor Logging:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to enable visitor logging. Logs all visitors to your site while your site is in Maintenance Mode. Log entries are created in the BPS Security Log file. ', 'bulletproof-security').'Example Log Entry:<br>[Maintenance Mode - Visitor Logged: March 31, 2016 - 11:45 am]<br>REMOTE_ADDR: 127.0.0.1<br>Host Name: xxxxx<br>SERVER_PROTOCOL: HTTP/1.1<br>HTTP_CLIENT_IP:<br>HTTP_FORWARDED:<br>HTTP_X_FORWARDED_FOR:<br>HTTP_X_CLUSTER_CLIENT_IP:<br>REQUEST_METHOD: GET<br>HTTP_REFERER: http://www.example.com/<br>REQUEST_URI: /<br>QUERY_STRING:<br>HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36
|
| 216 |
'.'<br><br><strong>'.__('Send Email Reminder when Maintenance Mode Countdown Timer has completed:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to enable the javascript Countdown Timer to send you an email reminder when the Countdown Timer reaches 0/is completed. More importantly when this option is selected you will receive another email reminder each time a visitor visits your website in Maintenance Mode. When the Countdown Timer reaches 0/has completed your website will still be in Maintenance Mode until you turn Off Maintenance Mode. An additional option will be added in the future to automatically turn off Maintenance Mode when the Countdown Timer reaches 0/has completed.', 'bulletproof-security').'<br><br><strong>'.__('Testing the Countdown Timer Send Email Option:', 'bulletproof-security').'</strong><br>'.__('There is a 1 minute buffer so that when the Maintenance Mode page is created an email will not be sent immediately. To test the Send Email option use 2 minutes for the Maintenance Mode Time, click the Save Options button and click the Preview button. Leave the Preview Browser Window/Tab open. When the Countdown Timer has completed (reached 0) an email will be sent. You may receive the email immediately or it may take several minutes depending on how fast your Mail Server sends the email to you.', 'bulletproof-security').'<br><br><strong>'.__('Send Countdown Timer Email:', 'bulletproof-security').'</strong><br>'.__('Enter the email addresses that you would like the Countdown Timer reminder email sent to, from, cc or bcc.', 'bulletproof-security').'<br><br><strong>'.__('Network/Multisite Primary Site Options ONLY:', 'bulletproof-security').'</strong><br>'.__('These options/settings are for Network/Multisite ONLY and are ONLY displayed on the Primary Network/Multisite site. Checking these options on a Single/Standard WordPress installation have no effect since these options are ONLY for Network/Multisite WordPress installations.', 'bulletproof-security').'<br><br><strong>'.__('Steps to use these special Network/Multisite options:', 'bulletproof-security').'</strong><br>'.__('To turn On either of these special options, check the checkbox, click the Save Options button and click the Turn On button. To turn Off either of these options, uncheck the checkbox, click the Save Options button and click the Turn On button - you would not click the Turn Off button. You are resaving your options and then writing those saved option settings to the Maintenance template files. Or in other words, you have removed those options settings and are creating another new template file without these special option settings in that template file.', 'bulletproof-security').'<br><br><strong>'.__('Put The Primary Site And All Subsites In Maintenance Mode:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to put all of the sites into Maintenance Mode.', 'bulletproof-security').'<br><br><strong>'.__('Put All Subsites In Maintenance Mode, But Not The Primary Site:', 'bulletproof-security').'</strong><br>'.__('Check this checkbox to put all of the subsites into Maintenance Mode except for the Primary site.', 'bulletproof-security').'<br><br><strong>'.__('Save Options Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Save Options button does 2 things: Saves all your options/settings to your Database and creates all necessary Maintenance Mode files/Forms. Clicking the Save Options button does NOT Turn On Maintenance Mode. Click the Turn On button after clicking the Save Options button.', 'bulletproof-security').'<br><br><strong>'.__('Preview Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Preview button allows you to preview the Maintenance Mode files/Forms that were created when you clicked the Save Options button. Preview allows you to view what will be displayed to visitors to your website when you turn On Maintenance Mode. Maintenance Mode is not turned On when you click the Preview button. Maintenance Mode is turned On by clicking the Turn On button.', 'bulletproof-security').'<br><br><strong>'.__('Turn On Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Turn On button turns On Maintenance Mode. Turn On is conditional and allows you to make changes to your Maintenance Mode page that is displayed to your website visitors. You can make any new changes to your options/settings, click the Save Options button again, click the Turn On button again and your new changes/settings will be immediately displayed on your Maintenance Mode page.', 'bulletproof-security').'<br><br><strong>'.__('Turn Off Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Turn Off button turns Off Maintenance Mode. Turn Off is non-conditional and works like a Form Reset, but does not remove any of your Saved Options/settings. All active/enabled maintenance mode files/Forms are removed from your site and of course maintenance mode is turned Off. If you have a Network/Multisite site then some Maintenance Mode files need to remain in your website root folder, but Maintenance Mode will be turned Off.', 'bulletproof-security').'<br><br><strong>'.__('BPS help links can be found in the Help & FAQ pages.', 'bulletproof-security').'</strong>'; echo $text; ?></p>
|
| 217 |
</div>
|
| 218 |
|
|
|
|
|
|
|
| 219 |
<?php
|
| 220 |
// Maintenance Mode Values Form Single/GWIOD/Network - Saves DB Options & creates bps-maintenance-values.php
|
| 221 |
// Uses $current_blog->path for Network file naming bps-maintenance-values-{subsite-uri}.php & bps-maintenance-{subsite-uri}.php
|
| 385 |
|
| 386 |
$bps_maintenance_file_include = '/#\sBEGIN\sBPS\sINCLUDE(\s*(.*)){3}\s*#\sEND\sBPS\sINCLUDE/';
|
| 387 |
|
| 388 |
+
if ( copy($bps_maintenance_file, $subsite_maintenance_file) ) {
|
| 389 |
$stringReplaceMaint = file_get_contents($subsite_maintenance_file);
|
| 390 |
}
|
| 391 |
|
| 398 |
// ARQ condition not used in BPS free
|
| 399 |
}
|
| 400 |
|
| 401 |
+
copy($bps_maintenance_values, $bps_maintenance_values_network);
|
| 402 |
|
| 403 |
$stringReplace = file_get_contents($bps_maintenance_values_network);
|
| 404 |
$stringReplace = $bps_maint_content;
|
| 494 |
if ( isset( $_SERVER['HTTP_CLIENT_IP'] ) ) {
|
| 495 |
$ip = esc_html( $_SERVER['HTTP_CLIENT_IP'] );
|
| 496 |
$octets_ip = preg_match( $pattern, $_SERVER['HTTP_CLIENT_IP'], $matches );
|
| 497 |
+
echo '<font color="#2271b1" style="font-size:14px;"><strong>'.__('Your Current IP Address: ', 'bulletproof-security').$ip.'<br>'.__('Recommended IP Address: ', 'bulletproof-security');
|
| 498 |
print_r($matches[0]);
|
| 499 |
echo '</strong></font><br>';
|
| 500 |
|
| 501 |
} elseif ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
|
| 502 |
$ip = esc_html( $_SERVER['HTTP_X_FORWARDED_FOR'] );
|
| 503 |
$octets_ip = preg_match( $pattern, $_SERVER['HTTP_X_FORWARDED_FOR'], $matches );
|
| 504 |
+
echo '<font color="#2271b1" style="font-size:14px;"><strong>'.__('Your Current IP Address: ', 'bulletproof-security').$ip.'<br>'.__('Recommended IP Address: ', 'bulletproof-security');
|
| 505 |
print_r($matches[0]);
|
| 506 |
echo '</strong></font><br>';
|
| 507 |
|
| 508 |
} elseif ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
|
| 509 |
$ip = esc_html( $_SERVER['REMOTE_ADDR'] );
|
| 510 |
$octets_ip = preg_match( $pattern, $_SERVER['REMOTE_ADDR'], $matches );
|
| 511 |
+
echo '<font color="#2271b1" style="font-size:14px;"><strong>'.__('Your Current IP Address: ', 'bulletproof-security').$ip.'<br>'.__('Recommended IP Address: ', 'bulletproof-security');
|
| 512 |
print_r($matches[0]);
|
| 513 |
echo '</strong></font><br>';
|
| 514 |
}
|
| 543 |
<div id="mmode-accordion-inner">
|
| 544 |
|
| 545 |
<label for="mmode"><?php _e('Maintenance Mode Text, CSS Style Code, Images, Videos Displayed To Website Visitors:', 'bulletproof-security'); ?></label><br />
|
| 546 |
+
<label for="mmode"><?php _e('Click the Maintenance Mode Guide link in the Question Mark help button above for CSS Code, Image & Video Embed examples.', 'bulletproof-security'); ?></label><br /><br />
|
| 547 |
|
| 548 |
<!-- Note: wp_editor/TinyMCE causes XAMPP Apache server crash: XAMPP: 1.8.1, pcre.dll, PHP 5.4.7 (VC9 X86 32bit thread safe) + PEAR -->
|
| 549 |
<div class="mmode-tinymce">
|
| 558 |
<input type="checkbox" name="mmode_countdown_timer" style="margin-top:5px;" value="1" <?php if ( empty( $MMoptions['bps_maint_countdown_timer'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_countdown_timer'], 1 ); } ?> /><label for="mmode"><?php _e('Enable Countdown Timer', 'bulletproof-security'); ?></label><br /><br />
|
| 559 |
|
| 560 |
<label for="mmode"><?php _e('Countdown Timer Text Color:', 'bulletproof-security'); ?></label><br />
|
| 561 |
+
<select name="mmode_countdown_timer_color" class="form-340">
|
| 562 |
<option value="lime" <?php selected('lime', $bps_maint_countdown_timer_color); ?>><?php _e('LCD|Lime Green', 'bulletproof-security'); ?></option>
|
| 563 |
<option value="white" <?php selected('white', $bps_maint_countdown_timer_color); ?>><?php _e('White', 'bulletproof-security'); ?></option>
|
| 564 |
<option value="silver" <?php selected('silver', $bps_maint_countdown_timer_color); ?>><?php _e('Silver', 'bulletproof-security'); ?></option>
|
| 567 |
|
| 568 |
<label for="mmode"><?php _e('Maintenance Mode Time (in Minutes):', 'bulletproof-security'); ?></label><br />
|
| 569 |
<label for="mmode"><?php _e('Example: 10 = 10 minutes, 180 = 3 hours, 1440 = 24 hours.', 'bulletproof-security'); ?></label><br />
|
| 570 |
+
<input type="text" name="mmode_time" class="regular-text-340" value="<?php echo $bps_maint_time; ?>" /><br /><br />
|
| 571 |
|
| 572 |
+
<label for="mmode"><?php _e('Header Retry-After (Enter the same time as above):', 'bulletproof-security'); ?></label><br />
|
| 573 |
<label for="mmode"><?php _e('Example: 10 = 10 minutes, 180 = 3 hours, 1440 = 24 hours.', 'bulletproof-security'); ?></label><br />
|
| 574 |
+
<input type="text" name="mmode_retry_after" class="regular-text-340" value="<?php echo $bps_maint_retry_after; ?>" /><br /><br />
|
| 575 |
|
| 576 |
<input type="checkbox" name="mmode_frontend" value="1" <?php if ( empty( $MMoptions['bps_maint_frontend'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_frontend'], 1 ); } ?> /><label for="mmode"><?php _e('Enable FrontEnd Maintenance Mode', 'bulletproof-security'); ?></label><br /><br />
|
| 577 |
|
| 578 |
<?php if ( is_multisite() && $blog_id != 1 ) { echo '<div style="margin:0px 0px 0px 0px;"></div>'; } else { ?>
|
| 579 |
|
| 580 |
<div id="mmode-caution">
|
| 581 |
+
<?php $text = '<font color="#fb0101">'.__('CAUTION: ', 'bulletproof-security').'</font><font color="blue">'.__('You MUST enter Your Current IP Address or the Recommended IP Address if you Enable BackEnd Maintenance Mode or you will be locked out of your WordPress Dashboard.', 'bulletproof-security').'</font>'; echo $text; ?>
|
| 582 |
+
</div>
|
| 583 |
<input type="checkbox" name="mmode_backend" value="1" <?php if ( empty( $MMoptions['bps_maint_backend'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_backend'], 1 ); } ?> /><label for="mmode"><?php _e('Enable BackEnd Maintenance Mode ', 'bulletproof-security'); ?></label><br /><br />
|
| 584 |
|
| 585 |
+
<?php }
|
| 586 |
+
|
| 587 |
+
$hover_icon = '<strong><font color="black"><span class="tooltip-350-225"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('Enter The IP address or addresses that can view your website normally (not in Maintenance Mode).<br><br>Enter multiple IP addresses separated by a comma and a single space.<br><br>Example IPv4 IP addresses: 100.99.88.77, 200.66.55.44, 44.33.22.1<br><br>Example IPv6 IP addresses: 0:0:0:0:0:ffff:6463:584d, 0:0:0:0:0:ffff:c842:372c', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 588 |
+
|
| 589 |
+
?>
|
| 590 |
|
| 591 |
<!-- important note: in a text area you cannot leave whitespace within the form code or that whitespace will be echoed -->
|
| 592 |
+
<label for="mmode"><?php _e('Maintenance Mode IP Address Whitelist Text Box:', 'bulletproof-security'); echo $hover_icon; ?></label>
|
| 593 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 594 |
<?php bps_get_proxy_real_ip_address_maint(); ?>
|
| 595 |
|
| 596 |
<input type="hidden" name="scrolltommode1" id="scrolltommode1" value="<?php echo esc_html( $scrolltommode1 ); ?>" />
|
| 597 |
+
<textarea style="width:340px" class="PFW-Allow-From-Text-Area" name="mmode_ip_allowed" id="mmode_ip_allowed" tabindex="1"><?php echo trim( $bps_maint_ip_allowed, ", \t\n\r"); ?></textarea><br /><br />
|
| 598 |
|
| 599 |
<label for="mmode"><?php _e('Background Images:', 'bulletproof-security'); ?></label><br />
|
| 600 |
+
<select name="mmode_background_images" class="form-340">
|
| 601 |
<option value="0" <?php selected('0', $bps_maint_background_images); ?>><?php _e('No Background Image', 'bulletproof-security'); ?></option>
|
| 602 |
<option value="<?php echo $blackHL; ?>" <?php selected($blackHL, $bps_maint_background_images); ?>><?php _e('Black Honeycomb Large', 'bulletproof-security'); ?></option>
|
| 603 |
<option value="<?php echo $blackHLG; ?>" <?php selected($blackHLG, $bps_maint_background_images); ?>><?php _e('Black Honeycomb Large Grey Line', 'bulletproof-security'); ?></option>
|
| 622 |
</select><br /><br />
|
| 623 |
|
| 624 |
<label for="mmode"><?php _e('Center Images:', 'bulletproof-security'); ?></label><br />
|
| 625 |
+
<select name="mmode_center_images" class="form-340">
|
| 626 |
<option value="0" <?php selected('0', $bps_maint_center_images); ?>><?php _e('No Center Image', 'bulletproof-security'); ?></option>
|
| 627 |
<option value="<?php echo $basicBlack; ?>" <?php selected($basicBlack, $bps_maint_center_images); ?>><?php _e('Basic Black', 'bulletproof-security'); ?></option>
|
| 628 |
<option value="<?php echo $blackVeins; ?>" <?php selected($blackVeins, $bps_maint_center_images); ?>><?php _e('Black Veins', 'bulletproof-security'); ?></option>
|
| 642 |
</select><br /><br />
|
| 643 |
|
| 644 |
<label for="mmode"><?php _e('Background Colors (If not using a Background Image):', 'bulletproof-security'); ?></label><br />
|
| 645 |
+
<select name="mmode_background_color" class="form-340">
|
| 646 |
<option value="white" <?php selected('white', $bps_maint_background_color); ?>><?php _e('No Background Color', 'bulletproof-security'); ?></option>
|
| 647 |
<option value="white" <?php selected('white', $bps_maint_background_color); ?>><?php _e('White', 'bulletproof-security'); ?></option>
|
| 648 |
<option value="black" <?php selected('black', $bps_maint_background_color); ?>><?php _e('Black', 'bulletproof-security'); ?></option>
|
| 653 |
|
| 654 |
<input type="checkbox" name="mmode_login_link" value="1" <?php if ( empty( $MMoptions['bps_maint_show_login_link'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_show_login_link'], 1 ); } ?> /><label for="mmode"><?php _e('Display Admin|Login Link', 'bulletproof-security'); ?></label><br /><br />
|
| 655 |
|
| 656 |
+
<input type="checkbox" name="mmode_dashboard_reminder" value="1" <?php if ( empty( $MMoptions['bps_maint_dashboard_reminder'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_dashboard_reminder'], 1 ); } ?> /><label for="mmode"><?php _e('Display Dashboard Reminder Message', 'bulletproof-security'); ?></label><br /><br />
|
| 657 |
|
| 658 |
<input type="checkbox" name="mmode_log_visitors" value="1" <?php if ( empty( $MMoptions['bps_maint_log_visitors'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_log_visitors'], 1 ); } ?> /><label for="mmode"><?php _e('Enable Visitor Logging', 'bulletproof-security'); ?></label><br /><br />
|
| 659 |
|
| 660 |
+
<input type="checkbox" name="mmode_countdown_email" value="1" <?php if ( empty( $MMoptions['bps_maint_countdown_email'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_countdown_email'], 1 ); } ?> /><label for="mmode"><?php _e('Send Email when Countdown Timer has completed', 'bulletproof-security'); ?></label><br /><br />
|
| 661 |
|
| 662 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email To:', 'bulletproof-security'); ?> </label></strong><br />
|
| 663 |
+
<input type="text" name="mmode_email_to" class="regular-text-340" value="<?php echo $bps_maint_email_to; ?>" /><br />
|
| 664 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email From:', 'bulletproof-security'); ?> </label></strong><br />
|
| 665 |
+
<input type="text" name="mmode_email_from" class="regular-text-340" value="<?php echo $bps_maint_email_from; ?>" /><br />
|
| 666 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email Cc:', 'bulletproof-security'); ?> </label></strong><br />
|
| 667 |
+
<input type="text" name="mmode_email_cc" class="regular-text-340" value="<?php echo $bps_maint_email_cc; ?>" /><br />
|
| 668 |
<strong><label for="mmode-email"><?php _e('Send Countdown Timer Email Bcc:', 'bulletproof-security'); ?> </label></strong><br />
|
| 669 |
+
<input type="text" name="mmode_email_bcc" class="regular-text-340" value="<?php echo $bps_maint_email_bcc; ?>" /><br />
|
| 670 |
|
| 671 |
</div>
|
| 672 |
|
| 677 |
|
| 678 |
<?php if ( is_multisite() && $blog_id != 1 ) { echo '<div style="margin:0px 0px 10px 0px;"></div>'; } else { ?>
|
| 679 |
|
| 680 |
+
<strong><label for="mmode" style="color:#2271b1;"><?php _e('Click the Maintenance Mode Question Mark help button for the steps to use these special options:', 'bulletproof-security'); ?></label></strong><br /><br />
|
| 681 |
<input type="checkbox" name="mmode_mu_entire_site" value="1" <?php if ( empty( $MMoptions['bps_maint_mu_entire_site'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_mu_entire_site'], 1 ); } ?> /><label for="mmode"><?php _e('Put The Primary Site And All Subsites In Maintenance Mode', 'bulletproof-security'); ?></label><br /><br />
|
| 682 |
|
| 683 |
<input type="checkbox" name="mmode_mu_subsites_only" value="1" <?php if ( empty( $MMoptions['bps_maint_mu_subsites_only'] ) ) { echo ''; } else { checked( $MMoptions['bps_maint_mu_subsites_only'], 1 ); } ?> /><label for="mmode"><?php _e('Put All Subsites In Maintenance Mode, But Not The Primary Site', 'bulletproof-security'); ?></label><br /><br />
|
| 704 |
</script>
|
| 705 |
|
| 706 |
<?php
|
| 707 |
+
// Maintenance Mode Preview
|
| 708 |
+
// Using an additional redirect now because Google and other browsers have built-in popup blockers per site
|
| 709 |
+
// Notes: exit MUST be used or headers already sent php errors occur, but that exits the MMode options page, which breaks the page visually.
|
| 710 |
+
// Doing a js reload will refresh the MMode options page once before the exit.
|
| 711 |
+
// error_reporting(0); needs to be used to prevent a WP headers already sent pluggable php error from being generated/displayed.
|
| 712 |
if ( isset( $_POST['maintenance-mode-preview-submit'] ) && current_user_can('manage_options') ) {
|
| 713 |
check_admin_referer( 'bulletproof_security_maintenance_preview' );
|
| 714 |
+
|
| 715 |
+
error_reporting(0);
|
| 716 |
+
$url = plugins_url('/bulletproof-security/admin/htaccess/bps-maintenance.php');
|
| 717 |
+
|
| 718 |
+
if ( wp_safe_redirect( $url ) ) {
|
| 719 |
+
|
| 720 |
+
?>
|
| 721 |
+
|
| 722 |
+
<script type="text/javascript">
|
| 723 |
+
/* <![CDATA[ */
|
| 724 |
+
location.reload();
|
| 725 |
+
/* ]]> */
|
| 726 |
+
</script>
|
| 727 |
+
|
| 728 |
+
<?php
|
| 729 |
+
exit;
|
| 730 |
+
}
|
| 731 |
}
|
| 732 |
?>
|
| 733 |
|
| 738 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 739 |
|
| 740 |
if ( is_subdomain_install() ) {
|
|
|
|
| 741 |
$subsite_remove_slashes = str_replace( '.', "-", $current_blog->domain );
|
|
|
|
| 742 |
} else {
|
|
|
|
| 743 |
$subsite_remove_slashes = str_replace( '/', "", $current_blog->path );
|
| 744 |
}
|
| 745 |
?>
|
| 746 |
|
| 747 |
+
<form name="MaintenanceModePreview" method="post" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" target="" onSubmit="window.open('<?php echo plugins_url('/bulletproof-security/admin/htaccess/bps-maintenance-'.$subsite_remove_slashes.'.php'); ?>','popup','width=+window.innerWidth,height=+ window.innerHeight,scrollbars=yes,menubar=yes,resizable=yes,status=yes,toolbar=yes')">
|
| 748 |
<?php wp_nonce_field('bulletproof_security_maintenance_preview'); ?>
|
| 749 |
+
|
| 750 |
+
<div style="float:left;margin:5px 10px 0px -16px;">
|
| 751 |
<input type="submit" name="maintenance-mode-preview-submit" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Preview', 'bulletproof-security') ?>" />
|
| 752 |
+
</div>
|
| 753 |
</form>
|
| 754 |
|
| 755 |
<?php } else { ?>
|
| 756 |
|
| 757 |
+
<form name="MaintenanceModePreview" method="post" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" target="" onSubmit="window.open('<?php echo plugins_url('/bulletproof-security/admin/htaccess/bps-maintenance.php'); ?>','popup','width=+window.innerWidth,height=+ window.innerHeight,scrollbars=yes,menubar=yes,resizable=yes,status=yes,toolbar=yes')">
|
| 758 |
<?php wp_nonce_field('bulletproof_security_maintenance_preview'); ?>
|
| 759 |
+
<p class="submit" style="float:left;margin:5px 10px 0px -16px;">
|
| 760 |
<input type="submit" name="maintenance-mode-preview-submit" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Preview', 'bulletproof-security') ?>" />
|
| 761 |
</p>
|
| 762 |
</form>
|
| 765 |
|
| 766 |
<form name="bpsMaintenanceModeOn" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" method="post">
|
| 767 |
<?php wp_nonce_field('bulletproof_security_mmode_on'); ?>
|
| 768 |
+
<div style="float:left;margin:15px 10px 0px 0px;">
|
| 769 |
<input type="submit" name="Submit-maintenance-mode-on" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Turn On', 'bulletproof-security') ?>" />
|
| 770 |
+
</div>
|
| 771 |
</form>
|
| 772 |
|
| 773 |
<form name="bpsMaintenanceModeOff" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/maintenance/maintenance.php' ); ?>" method="post">
|
| 774 |
<?php wp_nonce_field('bulletproof_security_mmode_off'); ?>
|
| 775 |
+
<div style="float:left;margin:15px 10px 0px 0px;">
|
| 776 |
<input type="submit" name="Submit-maintenance-mode-off" class="button bps-button" style="width:72px;height:auto;white-space:normal" value="<?php esc_attr_e('Turn Off', 'bulletproof-security') ?>" />
|
| 777 |
+
</div>
|
| 778 |
</form>
|
| 779 |
|
| 780 |
</div>
|
| 785 |
global $bps_topDiv, $bps_bottomDiv;
|
| 786 |
|
| 787 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 788 |
+
$permsIndex = substr(sprintf('%o', fileperms($root_index_file)), -4);
|
| 789 |
$sapi_type = php_sapi_name();
|
| 790 |
$root_index_file = ABSPATH . 'index.php';
|
| 791 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
| 837 |
|
| 838 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 839 |
|
| 840 |
+
if ( $permsIndex == '0400') {
|
| 841 |
$lock = '0400';
|
| 842 |
}
|
| 843 |
|
| 844 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsIndex != '0666' || $permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 845 |
+
chmod($root_index_file, 0644);
|
| 846 |
}
|
| 847 |
|
| 848 |
$index_contents = file_get_contents($root_index_file);
|
| 853 |
}
|
| 854 |
|
| 855 |
// first, second, third clicks...
|
| 856 |
+
copy($bps_maintenance_values, $root_folder_maintenance_values);
|
| 857 |
|
| 858 |
// first click only, but someone may want to modify the Master mmode template file so copy it again
|
| 859 |
+
copy($bps_maintenance_file, $root_folder_maintenance);
|
| 860 |
|
| 861 |
// first, second, third clicks...
|
| 862 |
+
copy($MMindexMaster, $root_index_file);
|
| 863 |
|
| 864 |
echo $bps_topDiv;
|
| 865 |
$text = '<font color="green"><strong>'.__('FrontEnd Maintenance Mode has been Turned On.', 'bulletproof-security').'</strong></font>';
|
| 867 |
echo $bps_bottomDiv;
|
| 868 |
|
| 869 |
if ( $lock == '0400') {
|
| 870 |
+
chmod($root_index_file, 0400);
|
| 871 |
}
|
| 872 |
}
|
| 873 |
}
|
| 892 |
|
| 893 |
$MMAllowFromTXT = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode.txt';
|
| 894 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 895 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
| 896 |
$sapi_type = php_sapi_name();
|
| 897 |
# BPS .52.5: new pattern|new IfModule conditions
|
| 898 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 901 |
|
| 902 |
if ( $MMoptions['bps_maint_ip_allowed'] != '' && $MMoptions['bps_maint_backend'] == '1' ) {
|
| 903 |
|
| 904 |
+
if ( $permsHtaccess == '0404') {
|
| 905 |
$lock = '0404';
|
| 906 |
}
|
| 907 |
|
| 908 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 909 |
+
chmod($wpadminHtaccess, 0644);
|
| 910 |
}
|
| 911 |
|
| 912 |
$wpadmin_allow_from = array_filter( explode(', ', trim( $MMoptions['bps_maint_ip_allowed'], ", \t\n\r") ) );
|
| 951 |
}
|
| 952 |
|
| 953 |
if ( $lock == '0404') {
|
| 954 |
+
chmod($wpadminHtaccess, 0404);
|
| 955 |
}
|
| 956 |
|
| 957 |
echo $bps_topDiv;
|
| 968 |
global $current_blog, $blog_id, $bps_topDiv, $bps_bottomDiv;
|
| 969 |
|
| 970 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 971 |
+
$permsIndex = substr(sprintf('%o', fileperms($root_index_file)), -4);
|
| 972 |
$sapi_type = php_sapi_name();
|
| 973 |
$root_index_file = ABSPATH . 'index.php';
|
| 974 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
| 1035 |
|
| 1036 |
// backup the original WP root index.php file ONLY once the first time mmode is turned On and never again.
|
| 1037 |
if ( !file_exists($root_index_file_backup) ) {
|
| 1038 |
+
copy( $root_index_file, $root_index_file_backup );
|
| 1039 |
}
|
| 1040 |
|
| 1041 |
// Primary Network Site
|
| 1057 |
|
| 1058 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1059 |
|
| 1060 |
+
if ( $permsIndex == '0400') {
|
| 1061 |
$lock = '0400';
|
| 1062 |
}
|
| 1063 |
|
| 1064 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsIndex != '0666' || $permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1065 |
+
chmod($root_index_file, 0644);
|
| 1066 |
}
|
| 1067 |
|
| 1068 |
+
copy($bps_maintenance_values, $root_folder_maintenance_values);
|
| 1069 |
+
copy($bps_maintenance_file, $root_folder_maintenance);
|
| 1070 |
+
copy($MMindexMaster, $root_index_file);
|
| 1071 |
|
| 1072 |
echo $bps_topDiv;
|
| 1073 |
$text = '<font color="green"><strong>'.__('FrontEnd Maintenance Mode has been Turned On.', 'bulletproof-security').'</strong></font>';
|
| 1080 |
}
|
| 1081 |
|
| 1082 |
if ( $lock == '0400') {
|
| 1083 |
+
chmod($root_index_file, 0400);
|
| 1084 |
}
|
| 1085 |
}
|
| 1086 |
}
|
| 1157 |
|
| 1158 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1159 |
|
| 1160 |
+
if ( $permsIndex == '0400') {
|
| 1161 |
$lock = '0400';
|
| 1162 |
}
|
| 1163 |
|
| 1164 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsIndex != '0666' || $permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1165 |
+
chmod($root_index_file, 0644);
|
| 1166 |
}
|
| 1167 |
|
| 1168 |
+
copy($subsite_maintenance_values, $subsite_root_folder_maintenance_values);
|
| 1169 |
+
copy($bps_maintenance_values, $root_folder_maintenance_values);
|
| 1170 |
+
copy($subsite_maintenance_file, $subsite_root_folder_maintenance);
|
| 1171 |
+
copy($bps_maintenance_file, $root_folder_maintenance);
|
| 1172 |
+
copy($MMindexMaster, $root_index_file);
|
| 1173 |
|
| 1174 |
echo $bps_topDiv;
|
| 1175 |
$text = '<font color="green"><strong>'.__('FrontEnd Maintenance Mode has been Turned On.', 'bulletproof-security').'</strong></font>';
|
| 1182 |
}
|
| 1183 |
|
| 1184 |
if ( $lock == '0400') {
|
| 1185 |
+
chmod($root_index_file, 0400);
|
| 1186 |
}
|
| 1187 |
}
|
| 1188 |
}
|
| 1210 |
|
| 1211 |
$MMAllowFromTXT = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode.txt';
|
| 1212 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1213 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
| 1214 |
$sapi_type = php_sapi_name();
|
| 1215 |
# BPS .52.5: new pattern|new IfModule conditions
|
| 1216 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1219 |
|
| 1220 |
if ( $MMoptions['bps_maint_ip_allowed'] != '' && $MMoptions['bps_maint_backend'] == '1' ) {
|
| 1221 |
|
| 1222 |
+
if ( $permsHtaccess == '0404') {
|
| 1223 |
$lock = '0404';
|
| 1224 |
}
|
| 1225 |
|
| 1226 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 1227 |
+
chmod($wpadminHtaccess, 0644);
|
| 1228 |
}
|
| 1229 |
|
| 1230 |
$wpadmin_allow_from = array_filter( explode(', ', trim( $MMoptions['bps_maint_ip_allowed'], ", \t\n\r") ) );
|
| 1269 |
}
|
| 1270 |
|
| 1271 |
if ( $lock == '0404') {
|
| 1272 |
+
chmod($wpadminHtaccess, 0404);
|
| 1273 |
}
|
| 1274 |
|
| 1275 |
echo $bps_topDiv;
|
| 1361 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1362 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1363 |
$gwiod_root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_gwiod_index.php';
|
| 1364 |
+
$gwiod_permsIndex = substr(sprintf('%o', fileperms($gwiod_root_index_file)), -4);
|
| 1365 |
$sapi_type = php_sapi_name();
|
| 1366 |
|
| 1367 |
if ( ! file_exists( $gwiod_root_index_file ) ) {
|
| 1387 |
|
| 1388 |
if ( file_put_contents($gwiod_MMindexMaster, $gwiod_stringReplace) ) {
|
| 1389 |
|
| 1390 |
+
if ( $gwiod_permsIndex == '0400') {
|
| 1391 |
$lock = '0400';
|
| 1392 |
}
|
| 1393 |
|
| 1394 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $gwiod_permsIndex != '0666' || $gwiod_permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1395 |
+
chmod($gwiod_root_index_file, 0644);
|
| 1396 |
}
|
| 1397 |
|
| 1398 |
$gwiod_index_contents = file_get_contents($gwiod_root_index_file);
|
| 1402 |
copy( $gwiod_root_index_file, $gwiod_root_index_file_backup );
|
| 1403 |
}
|
| 1404 |
|
| 1405 |
+
copy($gwiod_MMindexMaster, $gwiod_root_index_file);
|
| 1406 |
|
| 1407 |
if ( $lock == '0400') {
|
| 1408 |
+
chmod($gwiod_root_index_file, 0400);
|
| 1409 |
}
|
| 1410 |
}
|
| 1411 |
}
|
| 1427 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1428 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1429 |
$gwiod_root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_gwiod_index.php';
|
| 1430 |
+
$gwiod_permsIndex = substr(sprintf('%o', fileperms($gwiod_root_index_file)), -4);
|
| 1431 |
$sapi_type = php_sapi_name();
|
| 1432 |
|
| 1433 |
if ( ! file_exists( $gwiod_root_index_file ) ) {
|
| 1439 |
|
| 1440 |
} else {
|
| 1441 |
|
| 1442 |
+
if ( $gwiod_permsIndex == '0400') {
|
| 1443 |
$lock = '0400';
|
| 1444 |
}
|
| 1445 |
|
| 1446 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $gwiod_permsIndex != '0666' || $gwiod_permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1447 |
+
chmod($gwiod_root_index_file, 0644);
|
| 1448 |
}
|
| 1449 |
|
| 1450 |
if ( !file_exists($gwiod_root_index_file_backup) ) {
|
| 1470 |
if ( file_put_contents($gwiod_root_index_file, $gwiod_stringReplace) ) {
|
| 1471 |
|
| 1472 |
if ( $lock == '0400') {
|
| 1473 |
+
chmod($gwiod_root_index_file, 0400);
|
| 1474 |
}
|
| 1475 |
}
|
| 1476 |
}
|
| 1485 |
global $bps_topDiv, $bps_bottomDiv;
|
| 1486 |
|
| 1487 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1488 |
+
$permsIndex = substr(sprintf('%o', fileperms($root_index_file)), -4);
|
| 1489 |
$sapi_type = php_sapi_name();
|
| 1490 |
$root_index_file = ABSPATH . 'index.php';
|
| 1491 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
| 1494 |
|
| 1495 |
if ( file_exists($root_index_file_backup) ) {
|
| 1496 |
|
| 1497 |
+
if ( $permsIndex == '0400') {
|
| 1498 |
$lock = '0400';
|
| 1499 |
}
|
| 1500 |
|
| 1501 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsIndex != '0666' || $permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1502 |
+
chmod($root_index_file, 0644);
|
| 1503 |
}
|
| 1504 |
|
| 1505 |
+
if ( copy($root_index_file_backup, $root_index_file) ) {
|
| 1506 |
|
| 1507 |
$delete_files = array($root_folder_maintenance, $root_folder_maintenance_values);
|
| 1508 |
|
| 1509 |
foreach ( $delete_files as $file ) {
|
| 1510 |
if ( file_exists($file) ) {
|
| 1511 |
+
unlink($file);
|
| 1512 |
}
|
| 1513 |
}
|
| 1514 |
|
| 1515 |
if ( $lock == '0400') {
|
| 1516 |
+
chmod($root_index_file, 0400);
|
| 1517 |
}
|
| 1518 |
|
| 1519 |
echo $bps_topDiv;
|
| 1531 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1532 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1533 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1534 |
+
$gwiod_permsIndex = substr(sprintf('%o', fileperms($gwiod_root_index_file)), -4);
|
| 1535 |
|
| 1536 |
if ( file_exists($gwiod_root_index_file_backup) ) {
|
| 1537 |
|
| 1538 |
+
if ( $gwiod_permsIndex == '0400') {
|
| 1539 |
$lock = '0400';
|
| 1540 |
}
|
| 1541 |
|
| 1542 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $gwiod_permsIndex != '0666' || $gwiod_permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1543 |
+
chmod($gwiod_root_index_file, 0644);
|
| 1544 |
}
|
| 1545 |
|
| 1546 |
+
copy($gwiod_root_index_file_backup, $gwiod_root_index_file);
|
| 1547 |
|
| 1548 |
if ( $lock == '0400') {
|
| 1549 |
+
chmod($gwiod_root_index_file, 0400);
|
| 1550 |
}
|
| 1551 |
}
|
| 1552 |
}
|
| 1558 |
global $current_blog, $blog_id, $bps_topDiv, $bps_bottomDiv;
|
| 1559 |
|
| 1560 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1561 |
+
$permsIndex = substr(sprintf('%o', fileperms($root_index_file)), -4);
|
| 1562 |
$sapi_type = php_sapi_name();
|
| 1563 |
$root_index_file = ABSPATH . 'index.php';
|
| 1564 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
| 1567 |
$root_folder_maintenance = ABSPATH . 'bps-maintenance.php';
|
| 1568 |
$MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode-index-MU.php';
|
| 1569 |
|
| 1570 |
+
if ( $permsIndex == '0400') {
|
| 1571 |
$lock = '0400';
|
| 1572 |
}
|
| 1573 |
|
| 1574 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsIndex != '0666' || $permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1575 |
+
chmod($root_index_file, 0644);
|
| 1576 |
}
|
| 1577 |
|
| 1578 |
// Primary Network Site
|
| 1579 |
if ( is_multisite() && $blog_id == 1 ) {
|
| 1580 |
|
| 1581 |
+
$stringReplace = file_get_contents($MMindexMaster);
|
| 1582 |
|
| 1583 |
if ( preg_match( '/#\sBEGIN\sPRIMARY\sSITE\sSTATUS\s*(.*)\s*#\sEND\sPRIMARY\sSITE\sSTATUS/', $stringReplace, $matches ) ) {
|
| 1584 |
|
| 1586 |
}
|
| 1587 |
|
| 1588 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1589 |
+
copy( $MMindexMaster, $root_index_file );
|
| 1590 |
+
copy( $bps_maintenance_values, $root_folder_maintenance_values );
|
| 1591 |
}
|
| 1592 |
|
| 1593 |
// Network Subsites
|
| 1607 |
$subsite_root_folder_maintenance = ABSPATH . 'bps-maintenance-'.$subsite_remove_slashes.'.php';
|
| 1608 |
$subsite_root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values-'.$subsite_remove_slashes.'.php';
|
| 1609 |
|
| 1610 |
+
$stringReplace = file_get_contents($MMindexMaster);
|
| 1611 |
|
| 1612 |
if ( is_multisite() && ! is_subdomain_install() ) {
|
| 1613 |
|
| 1625 |
}
|
| 1626 |
|
| 1627 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1628 |
+
copy( $MMindexMaster, $root_index_file );
|
| 1629 |
}
|
| 1630 |
|
| 1631 |
$delete_files = array($subsite_root_folder_maintenance, $subsite_root_folder_maintenance_values);
|
| 1632 |
|
| 1633 |
foreach ( $delete_files as $file ) {
|
| 1634 |
if ( file_exists($file) ) {
|
| 1635 |
+
unlink($file);
|
| 1636 |
}
|
| 1637 |
}
|
| 1638 |
}
|
| 1639 |
|
| 1640 |
if ( $lock == '0400') {
|
| 1641 |
+
chmod($root_index_file, 0400);
|
| 1642 |
}
|
| 1643 |
|
| 1644 |
echo $bps_topDiv;
|
| 1653 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1654 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1655 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1656 |
+
$gwiod_permsIndex = substr(sprintf('%o', fileperms($gwiod_root_index_file)), -4);
|
| 1657 |
|
| 1658 |
+
if ( $gwiod_permsIndex == '0400') {
|
| 1659 |
$lock = '0400';
|
| 1660 |
}
|
| 1661 |
|
| 1662 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $gwiod_permsIndex != '0666' || $gwiod_permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1663 |
+
chmod($gwiod_root_index_file, 0644);
|
| 1664 |
}
|
| 1665 |
|
| 1666 |
+
if ( copy( $MMindexMaster, $gwiod_root_index_file ) ) {
|
| 1667 |
|
| 1668 |
$gwiod_stringReplace = file_get_contents($gwiod_root_index_file);
|
| 1669 |
}
|
| 1681 |
if ( file_put_contents($gwiod_root_index_file, $gwiod_stringReplace) ) {
|
| 1682 |
|
| 1683 |
if ( $lock == '0400') {
|
| 1684 |
+
chmod($gwiod_root_index_file, 0400);
|
| 1685 |
}
|
| 1686 |
}
|
| 1687 |
}
|
| 1698 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1699 |
$pattern3 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP(.*\s*){8}(Allow(.*)\s*){1,}<\/IfModule>\s*<\/IfModule>\s*#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1700 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1701 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
| 1702 |
|
| 1703 |
// .53.6: htaccess Files Disabled
|
| 1704 |
$HFiles_options = get_option('bulletproof_security_options_htaccess_files');
|
| 1713 |
|
| 1714 |
if ( file_exists($wpadminHtaccess) ) {
|
| 1715 |
|
| 1716 |
+
if ( $permsHtaccess == '0404') {
|
| 1717 |
$lock = '0404';
|
| 1718 |
}
|
| 1719 |
|
| 1720 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 1721 |
+
chmod($wpadminHtaccess, 0644);
|
| 1722 |
}
|
| 1723 |
|
| 1724 |
$stringReplace = file_get_contents($wpadminHtaccess);
|
| 1741 |
if ( file_put_contents($wpadminHtaccess, $stringReplace) ) {
|
| 1742 |
|
| 1743 |
if ( $lock == '0404') {
|
| 1744 |
+
chmod($wpadminHtaccess, 0404);
|
| 1745 |
}
|
| 1746 |
|
| 1747 |
echo $bps_topDiv;
|
| 1760 |
global $bps_topDiv, $bps_bottomDiv;
|
| 1761 |
|
| 1762 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1763 |
+
$permsIndex = substr(sprintf('%o', fileperms($root_index_file)), -4);
|
| 1764 |
$sapi_type = php_sapi_name();
|
| 1765 |
$root_index_file = ABSPATH . 'index.php';
|
| 1766 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
| 1771 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1772 |
$pattern3 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP(.*\s*){8}(Allow(.*)\s*){1,}<\/IfModule>\s*<\/IfModule>\s*#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1773 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1774 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
| 1775 |
|
| 1776 |
if ( file_exists($root_index_file_backup) ) {
|
| 1777 |
|
| 1778 |
+
if ( $permsIndex == '0400') {
|
| 1779 |
$lock = '0400';
|
| 1780 |
}
|
| 1781 |
|
| 1782 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsIndex != '0666' || $permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1783 |
+
chmod($root_index_file, 0644);
|
| 1784 |
}
|
| 1785 |
|
| 1786 |
+
if ( copy($root_index_file_backup, $root_index_file) ) {
|
| 1787 |
|
| 1788 |
$delete_files = array($root_folder_maintenance, $root_folder_maintenance_values);
|
| 1789 |
|
| 1790 |
foreach ( $delete_files as $file ) {
|
| 1791 |
if ( file_exists($file) ) {
|
| 1792 |
+
unlink($file);
|
| 1793 |
}
|
| 1794 |
}
|
| 1795 |
|
| 1796 |
if ( $lock == '0400') {
|
| 1797 |
+
chmod($root_index_file, 0400);
|
| 1798 |
}
|
| 1799 |
|
| 1800 |
echo $bps_topDiv;
|
| 1811 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1812 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1813 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1814 |
+
$gwiod_permsIndex = substr(sprintf('%o', fileperms($gwiod_root_index_file)), -4);
|
| 1815 |
|
| 1816 |
if ( file_exists($gwiod_root_index_file_backup) ) {
|
| 1817 |
|
| 1818 |
+
if ( $gwiod_permsIndex == '0400') {
|
| 1819 |
$lock = '0400';
|
| 1820 |
}
|
| 1821 |
|
| 1822 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $gwiod_permsIndex != '0666' || $gwiod_permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1823 |
+
chmod($gwiod_root_index_file, 0644);
|
| 1824 |
}
|
| 1825 |
|
| 1826 |
+
copy($gwiod_root_index_file_backup, $gwiod_root_index_file);
|
| 1827 |
|
| 1828 |
if ( $lock == '0400') {
|
| 1829 |
+
chmod($gwiod_root_index_file, 0400);
|
| 1830 |
}
|
| 1831 |
}
|
| 1832 |
|
| 1844 |
// wp-admin .htaccess
|
| 1845 |
if ( file_exists($wpadminHtaccess) ) {
|
| 1846 |
|
| 1847 |
+
if ( $permsHtaccess == '0404') {
|
| 1848 |
$lock = '0404';
|
| 1849 |
}
|
| 1850 |
|
| 1851 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 1852 |
+
chmod($wpadminHtaccess, 0644);
|
| 1853 |
}
|
| 1854 |
|
| 1855 |
$stringReplace = file_get_contents($wpadminHtaccess);
|
| 1867 |
if ( file_put_contents($wpadminHtaccess, $stringReplace) ) {
|
| 1868 |
|
| 1869 |
if ( $lock == '0404') {
|
| 1870 |
+
chmod($wpadminHtaccess, 0404);
|
| 1871 |
}
|
| 1872 |
|
| 1873 |
echo $bps_topDiv;
|
| 1887 |
global $current_blog, $blog_id, $bps_topDiv, $bps_bottomDiv;
|
| 1888 |
|
| 1889 |
$MMoptions = get_option('bulletproof_security_options_maint_mode');
|
| 1890 |
+
$permsIndex = substr(sprintf('%o', fileperms($root_index_file)), -4);
|
| 1891 |
$sapi_type = php_sapi_name();
|
| 1892 |
$root_index_file = ABSPATH . 'index.php';
|
| 1893 |
$root_index_file_backup = WP_CONTENT_DIR . '/bps-backup/master-backups/backup_index.php';
|
| 1899 |
$pattern2 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP\s*Order(.*)\s*(Allow(.*)\s*){1,}#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1900 |
$pattern3 = '/#\sBEGIN\sBPS\sMAINTENANCE\sMODE\sIP(.*\s*){8}(Allow(.*)\s*){1,}<\/IfModule>\s*<\/IfModule>\s*#\sEND\sBPS\sMAINTENANCE\sMODE\sIP/';
|
| 1901 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 1902 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($wpadminHtaccess)), -4);
|
| 1903 |
$MMindexMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/maintenance-mode-index-MU.php';
|
| 1904 |
|
| 1905 |
+
if ( $permsIndex == '0400') {
|
| 1906 |
$lock = '0400';
|
| 1907 |
}
|
| 1908 |
|
| 1909 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $permsIndex != '0666' || $permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1910 |
+
chmod($root_index_file, 0644);
|
| 1911 |
}
|
| 1912 |
|
| 1913 |
// Primary Network Site
|
| 1914 |
if ( is_multisite() && $blog_id == 1 ) {
|
| 1915 |
|
| 1916 |
+
$stringReplace = file_get_contents($MMindexMaster);
|
| 1917 |
|
| 1918 |
if ( preg_match( '/#\sBEGIN\sPRIMARY\sSITE\sSTATUS\s*(.*)\s*#\sEND\sPRIMARY\sSITE\sSTATUS/', $stringReplace, $matches ) ) {
|
| 1919 |
|
| 1921 |
}
|
| 1922 |
|
| 1923 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1924 |
+
copy( $MMindexMaster, $root_index_file );
|
| 1925 |
+
copy( $bps_maintenance_values, $root_folder_maintenance_values );
|
| 1926 |
}
|
| 1927 |
|
| 1928 |
// Network Subsites
|
| 1942 |
$subsite_root_folder_maintenance = ABSPATH . 'bps-maintenance-'.$subsite_remove_slashes.'.php';
|
| 1943 |
$subsite_root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values-'.$subsite_remove_slashes.'.php';
|
| 1944 |
|
| 1945 |
+
$stringReplace = file_get_contents($MMindexMaster);
|
| 1946 |
//$subsite_subdomain_variable = str_replace( '.', "_", $current_blog->domain );
|
| 1947 |
|
| 1948 |
if ( is_multisite() && ! is_subdomain_install() ) {
|
| 1961 |
}
|
| 1962 |
|
| 1963 |
if ( file_put_contents($MMindexMaster, $stringReplace) ) {
|
| 1964 |
+
copy( $MMindexMaster, $root_index_file );
|
| 1965 |
}
|
| 1966 |
|
| 1967 |
$delete_files = array( $subsite_root_folder_maintenance, $subsite_root_folder_maintenance_values );
|
| 1968 |
|
| 1969 |
foreach ( $delete_files as $file ) {
|
| 1970 |
if ( file_exists($file) ) {
|
| 1971 |
+
unlink($file);
|
| 1972 |
}
|
| 1973 |
}
|
| 1974 |
}
|
| 1975 |
|
| 1976 |
if ( $lock == '0400') {
|
| 1977 |
+
chmod($root_index_file, 0400);
|
| 1978 |
}
|
| 1979 |
|
| 1980 |
echo $bps_topDiv;
|
| 1989 |
$gwiod_url = str_replace( $publicly_displayed_url, "", $actual_wp_install_url );
|
| 1990 |
$gwiod_url_path = str_replace( '\\', '/', ABSPATH );
|
| 1991 |
$gwiod_root_index_file = dirname( $gwiod_url_path ) . '/index.php';
|
| 1992 |
+
$gwiod_permsIndex = substr(sprintf('%o', fileperms($gwiod_root_index_file)), -4);
|
| 1993 |
|
| 1994 |
+
if ( $gwiod_permsIndex == '0400') {
|
| 1995 |
$lock = '0400';
|
| 1996 |
}
|
| 1997 |
|
| 1998 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && $gwiod_permsIndex != '0666' || $gwiod_permsIndex != '0777') { // Windows IIS, XAMPP, etc
|
| 1999 |
+
chmod($gwiod_root_index_file, 0644);
|
| 2000 |
}
|
| 2001 |
|
| 2002 |
+
if ( copy( $MMindexMaster, $gwiod_root_index_file ) ) {
|
| 2003 |
|
| 2004 |
$gwiod_stringReplace = file_get_contents($gwiod_root_index_file);
|
| 2005 |
}
|
| 2017 |
if ( file_put_contents($gwiod_root_index_file, $gwiod_stringReplace) ) {
|
| 2018 |
|
| 2019 |
if ( $lock == '0400') {
|
| 2020 |
+
chmod($gwiod_root_index_file, 0400);
|
| 2021 |
}
|
| 2022 |
}
|
| 2023 |
|
| 2035 |
// wp-admin .htaccess
|
| 2036 |
if ( is_multisite() && $blog_id == 1 && file_exists($wpadminHtaccess) ) {
|
| 2037 |
|
| 2038 |
+
if ( $permsHtaccess == '0404') {
|
| 2039 |
$lock = '0404';
|
| 2040 |
}
|
| 2041 |
|
| 2042 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 2043 |
+
chmod($wpadminHtaccess, 0644);
|
| 2044 |
}
|
| 2045 |
|
| 2046 |
$stringReplace = file_get_contents($wpadminHtaccess);
|
| 2058 |
if ( file_put_contents($wpadminHtaccess, $stringReplace) ) {
|
| 2059 |
|
| 2060 |
if ( $lock == '0404') {
|
| 2061 |
+
chmod($wpadminHtaccess, 0404);
|
| 2062 |
}
|
| 2063 |
|
| 2064 |
echo $bps_topDiv;
|
| 2144 |
|
| 2145 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2146 |
<tr>
|
| 2147 |
+
<td class="bps-table_title"></td>
|
| 2148 |
</tr>
|
| 2149 |
<tr>
|
| 2150 |
<td class="bps-table_cell_help_links">
|
| 2151 |
+
|
| 2152 |
<a href="https://forum.ait-pro.com/forums/topic/maintenance-mode-guide-read-me-first/" target="_blank"><?php _e('Maintenance Mode Guide', 'bulletproof-security'); ?></a><br /><br />
|
| 2153 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 2154 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 2155 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 2156 |
+
|
| 2157 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 2158 |
+
|
| 2159 |
</td>
|
| 2160 |
</tr>
|
| 2161 |
</table>
|
admin/mscan/mscan-help-text.php
CHANGED
|
@@ -9,9 +9,9 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 9 |
/** MScan **/
|
| 10 |
$bps_modal_content1 = '<strong><font color="blue">'.__('For more extensive help info and answers to common issues or problems click the MScan Malware Scanner Guide link above. For troubleshooting help or to post suspicious code click the MScan Troubleshooting & Code Posting link above.', 'bulletproof-security').'</font></strong>
|
| 11 |
|
| 12 |
-
<br><br><strong>'.__('MScan
|
| 13 |
|
| 14 |
-
'<br><br><strong>'.__('Scanning Other WordPress Sites', 'bulletproof-security').'</strong><br>'.__('Website folder checkboxes cannot be checked for other WordPress sites under your hosting account. To scan other WordPress sites under your hosting account run MScan
|
| 15 |
|
| 16 |
'<br><br><strong>'.__('Estimated Scan Time Exceeded', 'bulletproof-security').'</strong><br>'.__('If you see "Estimated Scan Time Exceeded: Still scanning files" that means that the current scan that you are running is taking longer than the estimated scan time. The scan will complete successfully.', 'bulletproof-security').
|
| 17 |
|
|
@@ -62,28 +62,22 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 62 |
'<br><br><strong>'.__('View|Ignore Suspicious DB Entries', 'bulletproof-security').'</strong><br>'.__('This form allows you to view, ignore or unignore suspicious DB Entries. Note: The view option displays the DB Table, Column, Row ID and the MScan Pattern Match that was detected by the MScan scan. Use phpMyAdmin or a similar tool to check your database Row where the suspicious code was found. When you ignore a DB Entry it will no longer be scanned in any future scans. When you unignore an ignored DB Entry it will be scanned in future scans.', 'bulletproof-security');
|
| 63 |
|
| 64 |
/** MScan Log **/
|
| 65 |
-
$bps_modal_content2 = '<strong>'.__('
|
| 66 |
-
|
| 67 |
-
__('MScan Log General Information', 'bulletproof-security').'</strong><br>'.__('Your MScan Log file is a plain text static file and not a dynamic file or dynamic display to keep your website resource usage at a bare minimum and keep your website performance at a maximum. Log entries are logged in descending order by Date and Time. You can copy, edit and delete this plain text file. You can choose S-Monitor Email Alerting & Log File Options to automatically email your MScan Log file to you and delete it when it reaches a certain size (256KB, 500KB or 1MB).', 'bulletproof-security').
|
| 68 |
|
| 69 |
'<strong><br><br>'.__('MScan Logging', 'bulletproof-security').'</strong><br>'.__('Logs extensive details about each scan that you run.', 'bulletproof-security').
|
| 70 |
|
| 71 |
'<strong><br><br>'.__('MScan Log File Size', 'bulletproof-security').'</strong><br>'.__('Displays the size of your MScan Log file. If your log file is larger than 2MB then you will see a Red warning message displayed: The S-Monitor Email Alerting & Log File Options will only send log files up to 2MB in size. Copy and paste the MScan Log file contents into a Notepad text file on your computer and save it. Then click the Delete Log button to delete the contents of this Log file.', 'bulletproof-security').'<br><br><strong>'.__('MScan Log Last Modified Time', 'bulletproof-security').
|
| 72 |
|
| 73 |
-
'</strong><br>'.__('The Reset Last Modified Time in DB option/feature is
|
| 74 |
|
| 75 |
'<br><br><strong>'.__('Delete Log Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Delete Log button will delete the entire contents of your MScan Log File. If you have setup S-Monitor Email Alerting & Log Options then the only time you would probably need to use the Delete Log button is if your MScan Log file exceeds 2MB in size.', 'bulletproof-security');
|
| 76 |
|
| 77 |
/** MScan Report **/
|
| 78 |
-
$bps_modal_content3 = '<strong>'.__('
|
| 79 |
-
|
| 80 |
-
__('MScan Report General Information', 'bulletproof-security').'</strong><br>'.__('After running a scan your extensive scan results data is displayed on this tab page. If you would like to save your scan results data click the Save MScan Report button. You can save up to 20 scan reports. You can view or delete scan reports on the MScan Saved Reports tab page using the MScan Saved Reports Form.', 'bulletproof-security').
|
| 81 |
|
| 82 |
-
'<br><br><strong>'.__('No File Hashes for This Plugin or No File Hashes for This Theme', 'bulletproof-security').'</strong><br>'.__('If you see either of these status messages under Plugin File Hashes or Theme File Hashes then go to the main MScan
|
| 83 |
|
| 84 |
/** MScan Saved Reports **/
|
| 85 |
-
$bps_modal_content4 = '<strong>'.__('
|
| 86 |
-
|
| 87 |
-
__('MScan Saved Reports General Information', 'bulletproof-security').'</strong><br>'.__('You can save up to 20 scan reports. You can view or delete scan reports. If you would like to view a saved scan report select the View Report checkbox for the scan report you would like to view and click the View|Delete Reports button. Scan report data is displayed below the MScan Saved Reports Form. If you would like to delete a saved scan report select the Delete Report checkbox for the scan report you would like to delete and click the View|Delete Reports button. Refresh/reload the MScan Saved Reports tab page when deleting scan reports to see the current MScan Saved Reports Form data.', 'bulletproof-security');
|
| 88 |
|
| 89 |
?>
|
| 9 |
/** MScan **/
|
| 10 |
$bps_modal_content1 = '<strong><font color="blue">'.__('For more extensive help info and answers to common issues or problems click the MScan Malware Scanner Guide link above. For troubleshooting help or to post suspicious code click the MScan Troubleshooting & Code Posting link above.', 'bulletproof-security').'</font></strong>
|
| 11 |
|
| 12 |
+
<br><br><strong>'.__('MScan Scan General Info', 'bulletproof-security').'</strong><br>'.__('MScan Scan scans WP Core, Plugin and Theme files using file hash comparisons, which is 100% accurate vs conventional pattern matching, which is typically around 75% - 85% accurate. MScan scans all other website files (non-WordPress files) using conventional pattern matching scanning. The pattern matching code is much more extensive in MScan Scan and will hopefully achieve a 95% or higher detection rate. False positives are inevitable when using conventional pattern matching scanning, but since MScan Scan uses file hash comparison scanning for all WP Core, Plugin and Theme files then there will not be any false positives detected for any/all WordPress files (WP Core, Plugins and Themes). MScan Scan automatically downloads WordPress, Plugin and Theme zip files, extracts the zip files, creates file hashes for all files and then deletes the zip files. WP Core, Plugin and Theme zip downloads only occur on the first MScan scan or when a new WordPress, Plugin or Theme version is installed/updated on a website.', 'bulletproof-security').
|
| 13 |
|
| 14 |
+
'<br><br><strong>'.__('Scanning Other WordPress Sites', 'bulletproof-security').'</strong><br>'.__('Website folder checkboxes cannot be checked for other WordPress sites under your hosting account. To scan other WordPress sites under your hosting account run MScan Scan from each site. There are several technical reasons for doing this: Each site may have a different version of WordPress installed and different Plugins and Themes installed. MScan Scan now uses file hash comparisons for each individual site based on the WordPress, Plugin and Theme versions installed on each individual website.', 'bulletproof-security').
|
| 15 |
|
| 16 |
'<br><br><strong>'.__('Estimated Scan Time Exceeded', 'bulletproof-security').'</strong><br>'.__('If you see "Estimated Scan Time Exceeded: Still scanning files" that means that the current scan that you are running is taking longer than the estimated scan time. The scan will complete successfully.', 'bulletproof-security').
|
| 17 |
|
| 62 |
'<br><br><strong>'.__('View|Ignore Suspicious DB Entries', 'bulletproof-security').'</strong><br>'.__('This form allows you to view, ignore or unignore suspicious DB Entries. Note: The view option displays the DB Table, Column, Row ID and the MScan Pattern Match that was detected by the MScan scan. Use phpMyAdmin or a similar tool to check your database Row where the suspicious code was found. When you ignore a DB Entry it will no longer be scanned in any future scans. When you unignore an ignored DB Entry it will be scanned in future scans.', 'bulletproof-security');
|
| 63 |
|
| 64 |
/** MScan Log **/
|
| 65 |
+
$bps_modal_content2 = '<strong>'.__('MScan Log General Information', 'bulletproof-security').'</strong><br>'.__('Your MScan Log file is a plain text static file and not a dynamic file or dynamic display to keep your website resource usage at a bare minimum and keep your website performance at a maximum. Log entries are logged in descending order by Date and Time. You can copy, edit and delete this plain text file. You can choose S-Monitor Email Alerting & Log File Options to automatically email your MScan Log file to you and delete it when it reaches a certain size (256KB, 500KB or 1MB).', 'bulletproof-security').
|
|
|
|
|
|
|
| 66 |
|
| 67 |
'<strong><br><br>'.__('MScan Logging', 'bulletproof-security').'</strong><br>'.__('Logs extensive details about each scan that you run.', 'bulletproof-security').
|
| 68 |
|
| 69 |
'<strong><br><br>'.__('MScan Log File Size', 'bulletproof-security').'</strong><br>'.__('Displays the size of your MScan Log file. If your log file is larger than 2MB then you will see a Red warning message displayed: The S-Monitor Email Alerting & Log File Options will only send log files up to 2MB in size. Copy and paste the MScan Log file contents into a Notepad text file on your computer and save it. Then click the Delete Log button to delete the contents of this Log file.', 'bulletproof-security').'<br><br><strong>'.__('MScan Log Last Modified Time', 'bulletproof-security').
|
| 70 |
|
| 71 |
+
'</strong><br>'.__('The Reset Last Modified Time in DB option/feature is completely automated and does not require any manual steps performed by you.', 'bulletproof-security').
|
| 72 |
|
| 73 |
'<br><br><strong>'.__('Delete Log Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Delete Log button will delete the entire contents of your MScan Log File. If you have setup S-Monitor Email Alerting & Log Options then the only time you would probably need to use the Delete Log button is if your MScan Log file exceeds 2MB in size.', 'bulletproof-security');
|
| 74 |
|
| 75 |
/** MScan Report **/
|
| 76 |
+
$bps_modal_content3 = '<strong>'.__('MScan Report General Information', 'bulletproof-security').'</strong><br>'.__('After running a scan your extensive scan results data is displayed on this tab page. If you would like to save your scan results data click the Save MScan Report button. You can save up to 20 scan reports. You can view or delete scan reports on the MScan Saved Reports tab page using the MScan Saved Reports Form.', 'bulletproof-security').
|
|
|
|
|
|
|
| 77 |
|
| 78 |
+
'<br><br><strong>'.__('No File Hashes for This Plugin or No File Hashes for This Theme', 'bulletproof-security').'</strong><br>'.__('If you see either of these status messages under Plugin File Hashes or Theme File Hashes then go to the main MScan Scan tab page, click the MScan Scan Question Mark help button and read the "Upload Plugin Zip Files" or "Upload Theme Zip Files" help section.', 'bulletproof-security');
|
| 79 |
|
| 80 |
/** MScan Saved Reports **/
|
| 81 |
+
$bps_modal_content4 = '<strong>'.__('MScan Saved Reports General Information', 'bulletproof-security').'</strong><br>'.__('You can save up to 20 scan reports. You can view or delete scan reports. If you would like to view a saved scan report select the View Report checkbox for the scan report you would like to view and click the View|Delete Reports button. Scan report data is displayed below the MScan Saved Reports Form. If you would like to delete a saved scan report select the Delete Report checkbox for the scan report you would like to delete and click the View|Delete Reports button. Refresh/reload the MScan Saved Reports tab page when deleting scan reports to see the current MScan Saved Reports Form data.', 'bulletproof-security');
|
|
|
|
|
|
|
| 82 |
|
| 83 |
?>
|
admin/mscan/mscan.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
div.notice{display:none}
|
| 5 |
</style>
|
| 6 |
|
| 7 |
-
<div id="bps-container" class="wrap"
|
| 8 |
|
| 9 |
<!-- MUST be in my page container div. hide notices from other plugins so they don't break the MScan iFrame-->
|
| 10 |
<style>
|
|
@@ -14,13 +14,6 @@ div.notice{display:none}
|
|
| 14 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 15 |
|
| 16 |
<?php
|
| 17 |
-
echo '<div class="bps-star-container">';
|
| 18 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 19 |
-
echo '<div class="bps-downloaded">';
|
| 20 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 21 |
-
echo '</div>';
|
| 22 |
-
echo '</div>';
|
| 23 |
-
|
| 24 |
## 2.9: Created new file for mscan pattern matching code. If web host deletes or nulls that file or Dir then mscan will not work, but BPS Pro will still work.
|
| 25 |
## 4.8: Major rebuild: Plugin and Theme files will be checked using MD5 file hash comparisons. Will still offer pattern matching, but am recommending
|
| 26 |
## Premium/custom plugin and theme zip uploads so that MD5 hashes can be made from those plugin and theme files.
|
|
@@ -81,7 +74,7 @@ $bps_bottomDiv = '</p></div>';
|
|
| 81 |
|
| 82 |
// General all purpose "Settings Saved." message for forms
|
| 83 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 84 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 85 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 86 |
echo $text;
|
| 87 |
}
|
|
@@ -206,13 +199,13 @@ bpsPro_Core_mscan_deny_all();
|
|
| 206 |
?>
|
| 207 |
</div>
|
| 208 |
|
| 209 |
-
<h2 class="bps-tab-title"><?php _e('
|
| 210 |
|
| 211 |
<!-- jQuery UI Tab Menu -->
|
| 212 |
<div id="bps-tabs" class="bps-menu">
|
| 213 |
<div id="bpsHead"><img src="<?php echo plugins_url('/bulletproof-security/admin/images/bps-plugin-logo.jpg'); ?>" /></div>
|
| 214 |
<ul>
|
| 215 |
-
<li><a href="#bps-tabs-1"><?php _e('MScan
|
| 216 |
<li><a href="#bps-tabs-2"><?php _e('MScan Log', 'bulletproof-security'); ?></a></li>
|
| 217 |
<li><a href="#bps-tabs-3"><?php _e('MScan Report', 'bulletproof-security'); ?></a></li>
|
| 218 |
<li><a href="#bps-tabs-4"><?php _e('MScan Saved Reports', 'bulletproof-security'); ?></a></li>
|
|
@@ -223,19 +216,23 @@ bpsPro_Core_mscan_deny_all();
|
|
| 223 |
|
| 224 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 225 |
<tr>
|
| 226 |
-
<td class="bps-table_title"
|
| 227 |
-
</td>
|
| 228 |
</tr>
|
| 229 |
<tr>
|
| 230 |
<td class="bps-table_cell_help">
|
| 231 |
|
| 232 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan
|
|
|
|
| 233 |
|
| 234 |
-
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('MScan
|
| 235 |
<p>
|
| 236 |
<?php
|
| 237 |
-
$text = '<strong>'.__('This
|
| 238 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 239 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 240 |
echo $text;
|
| 241 |
?>
|
|
@@ -962,7 +959,7 @@ bpsPro_save_mscan_options();
|
|
| 962 |
|
| 963 |
if ( file_exists($wp_index_file) && preg_match( $pattern, $check_string ) && file_exists($wp_blog_header_file) && file_exists($wp_cron_file) && file_exists($wp_load_file) && file_exists($wp_login_file) && file_exists($wp_settings_file) || file_exists($home_wp_index_file) && preg_match( $pattern, $home_check_string ) && file_exists($home_wp_blog_header_file) && file_exists($home_wp_cron_file) && file_exists($home_wp_load_file) && file_exists($home_wp_login_file) && file_exists($home_wp_settings_file) ) {
|
| 964 |
|
| 965 |
-
$hover_icon = '<strong><font color="black"><span class="tooltip-250-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('This folder contains another WordPress website. This checkbox cannot be checked. To scan that site run MScan from that site. Click the MScan
|
| 966 |
|
| 967 |
echo "<td><input type=\"checkbox\" id=\"mscandirs\" name=\"mscan[$key]\" value=\"\" class=\"MScanALL\" $checked /></td>";
|
| 968 |
echo '<td>'.$key.$hover_icon.'</td>';
|
|
@@ -1005,7 +1002,7 @@ bpsPro_save_mscan_options();
|
|
| 1005 |
echo '<input type="text" name="mscan_max_time_limit" class="regular-text-50-fixed" style="margin-bottom:5px" value="'; if ( isset( $_POST['mscan_max_time_limit'] ) && preg_match( '/\d/', $_POST['mscan_max_time_limit'] ) ) { echo esc_html($max_time_limit); } else { echo esc_html(trim(stripslashes($max_time_limit))); } echo '" /> Seconds';
|
| 1006 |
echo '<br>';
|
| 1007 |
|
| 1008 |
-
echo '<label for="bps-mscan-label" style="">'.__('Exclude Individual Folders', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('Enter one folder path per line. Include folder slashes.', 'bulletproof-security').'<br>'.__('Example:', 'bulletproof-security').'<br>/parent-folder-1/child-folder-1/<br>/parent-folder-2/child-folder-2/<br><br>'.__('Click the MScan
|
| 1009 |
// trimming whitespace does not work because I am not trimming newlines or returns
|
| 1010 |
echo '<textarea class="text-area-340x60" name="mscan_exclude_dirs" style="width:340px;height:60px;margin-bottom:5px" tabindex="1">'.esc_html( trim(stripslashes($mscan_exclude_dirs), " \t\0\x0B") ).'</textarea>';
|
| 1011 |
echo '<input type="hidden" name="scrolltoExcludeDirs" id="scrolltoExcludeDirs" value="'.esc_html( $scrolltoExcludeDirs ).'" />';
|
|
@@ -1017,7 +1014,7 @@ bpsPro_save_mscan_options();
|
|
| 1017 |
echo '<option value="Off"'. selected('Off', $mscan_scan_database).'>'.__('Database Scan Off', 'bulletproof-security').'</option>';
|
| 1018 |
echo '</select><br>';
|
| 1019 |
|
| 1020 |
-
echo '<label for="bps-mscan-label">'.__('Scan Skipped Files Only', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('When Skipped File Scan is On only skipped files will be scanned. Note: No other MScan option settings have any effect while Skipped File Scan is set to On.', 'bulletproof-security').'<br><br>'.__('Click the MScan
|
| 1021 |
echo '<select name="mscan_scan_skipped_files_select" class="form-340" style="margin-bottom:10px">';
|
| 1022 |
echo '<option value="Off"'. selected('Off', $mscan_scan_skipped_files).'>'.__('Skipped File Scan Off', 'bulletproof-security').'</option>';
|
| 1023 |
echo '<option value="On"'. selected('On', $mscan_scan_skipped_files).'>'.__('Skipped File Scan On', 'bulletproof-security').'</option>';
|
|
@@ -1029,7 +1026,7 @@ bpsPro_save_mscan_options();
|
|
| 1029 |
echo '<option value="On"'. selected('On', $mscan_scan_delete_tmp_files).'>'.__('Delete Tmp Files On', 'bulletproof-security').'</option>';
|
| 1030 |
echo '</select><br>';
|
| 1031 |
|
| 1032 |
-
echo '<label for="bps-mscan-label" style="">'.__('Exclude /tmp Files', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('Enter one file name per line.', 'bulletproof-security').'<br>'.__('Example:', 'bulletproof-security').'<br>mysql.sock<br>.s.PGSQL.5432<br>.per-user<br>'.__('Click the MScan
|
| 1033 |
// trimming whitespace does not work because I am not trimming newlines or returns
|
| 1034 |
echo '<textarea class="text-area-340x60" name="mscan_exclude_tmp_files" style="width:340px;height:60px;margin-bottom:5px" tabindex="1">'.esc_html( trim(stripslashes($mscan_exclude_tmp_files), " \t\0\x0B") ).'</textarea>';
|
| 1035 |
echo '<input type="hidden" name="scrolltoExcludeTmpFiles" id="scrolltoExcludeTmpFiles" value="'.esc_html( $scrolltoExcludeTmpFiles ).'" />';
|
|
@@ -1055,13 +1052,13 @@ bpsPro_save_mscan_options();
|
|
| 1055 |
/*
|
| 1056 |
echo '<form name="MScanTimeEstimate" action="'.admin_url( 'admin.php?page=bulletproof-security/admin/mscan/mscan.php' ).'" method="post">';
|
| 1057 |
wp_nonce_field('bulletproof_security_mscan_time_estimate');
|
| 1058 |
-
echo "<input type=\"submit\" id=\"bps-mscan-time-estimate-button\" name=\"Submit-MScan-Time-Estimate\" value=\"".esc_attr__('Scan Time Estimate Tool', 'bulletproof-security')."\" class=\"button bps-button\" style=\"width:175px;height:auto;white-space:normal\" onclick=\"return confirm('".__('IMPORTANT: You can stop the scan time estimate if it hangs or is taking too long by clicking the Stop Scan button.\n\n-------------------------------------------------------------\n\nThis tool allows you to check the estimated total scan time of a scan based on your MScan option settings without actually performing/running a scan. Note: This tool does not affect or change any previous scan results except for the Total Scan Time, which will be changed to the estimated scan time.\n\n-------------------------------------------------------------\n\nExample Usage: You can check or uncheck Hosting Account Root Folders checkboxes and change any other MScan option settings, save your MScan option settings and then run the Scan Time Estimate Tool to get the total estimated time that the actual scan will take. For additional help information click the MScan
|
| 1059 |
echo '</form><br>';
|
| 1060 |
*/
|
| 1061 |
|
| 1062 |
echo '<form name="MScanDeleteHashes" action="'.admin_url( 'admin.php?page=bulletproof-security/admin/mscan/mscan.php' ).'" method="post">';
|
| 1063 |
wp_nonce_field('bulletproof_security_mscan_delete_hashes');
|
| 1064 |
-
echo "<input type=\"submit\" name=\"Submit-MScan-Delete-Hashes\" value=\"".esc_attr__('Delete File Hashes Tool', 'bulletproof-security')."\" class=\"button bps-button\" style=\"width:175px;height:auto;white-space:normal\" onclick=\"return confirm('".__('CAUTION: Please click the MScan
|
| 1065 |
echo '</form>';
|
| 1066 |
?>
|
| 1067 |
|
|
@@ -1102,8 +1099,8 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 1102 |
check_admin_referer( 'bulletproof_security_plugin_zip_upload' );
|
| 1103 |
|
| 1104 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes' ) ) {
|
| 1105 |
-
|
| 1106 |
-
|
| 1107 |
}
|
| 1108 |
|
| 1109 |
echo $bps_topDiv;
|
|
@@ -1216,8 +1213,8 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 1216 |
check_admin_referer( 'bulletproof_security_theme_zip_upload' );
|
| 1217 |
|
| 1218 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/theme-hashes' ) ) {
|
| 1219 |
-
|
| 1220 |
-
|
| 1221 |
}
|
| 1222 |
|
| 1223 |
echo $bps_topDiv;
|
|
@@ -1321,9 +1318,7 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 1321 |
}
|
| 1322 |
}
|
| 1323 |
|
| 1324 |
-
|
| 1325 |
-
|
| 1326 |
-
if ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] == 'blue' ) { ?>
|
| 1327 |
|
| 1328 |
<script type="text/javascript">
|
| 1329 |
/* <![CDATA[ */
|
|
@@ -1333,8 +1328,6 @@ jQuery(document).ready(function($) {
|
|
| 1333 |
/* ]]> */
|
| 1334 |
</script>
|
| 1335 |
|
| 1336 |
-
<?php } ?>
|
| 1337 |
-
|
| 1338 |
<script type="text/javascript">
|
| 1339 |
/* <![CDATA[ */
|
| 1340 |
jQuery(document).ready(function($){
|
|
@@ -1457,7 +1450,7 @@ if ( isset( $_POST['Submit-MScan-Suspect-Form'] ) && current_user_can('manage_op
|
|
| 1457 |
$path_parts = pathinfo($row->mscan_path);
|
| 1458 |
$filename = $path_parts['basename'];
|
| 1459 |
|
| 1460 |
-
|
| 1461 |
$delete_row = $wpdb->query( $wpdb->prepare( "DELETE FROM $MStable WHERE mscan_path = %s", $delete_file));
|
| 1462 |
|
| 1463 |
$text = '<strong><font color="green">'.$filename.__(' has been deleted.', 'bulletproof-security').'</font></strong><br>';
|
|
@@ -1524,7 +1517,7 @@ if ( isset( $_POST['Submit-MScan-Suspect-Form'] ) && current_user_can('manage_op
|
|
| 1524 |
|
| 1525 |
if ( $ext == 'png' || $ext == 'gif' || $ext == 'bmp' || $ext == 'jpg' || $ext == 'jpeg' || $ext == 'tif' || $ext == 'tiff' ) {
|
| 1526 |
|
| 1527 |
-
$text = '<div style="margin:0px 0px 5px 0px;font-size:1.13em;font-weight:600"><span style="width:100px;margin:0px;padding:0px 6px 0px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.admin_url( "admin.php?page=bulletproof-security/admin/mscan/mscan.php&mscan_view_file=view_file&_wpnonce=$nonce" ).'" style="text-decoration:none;">'.__('Close File', 'bulletproof-security').'</a></span> '.$filename.' : '.__('MScan Pattern Match', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_pattern).'</span><br>'.__('Only the MScan Pattern Match is displayed for images instead of the image file code.', 'bulletproof-security').'<br>'.__('Opening image files to view image file code does not work well in a Browser.', 'bulletproof-security').'<br>'.__('You can download suspicious image files and use a code editor like Notepad++ to check image file code for any malicious code.', 'bulletproof-security').'<br>'.__('If you are not sure what to check for or what is and is not malicious code then click the MScan
|
| 1528 |
|
| 1529 |
echo $text;
|
| 1530 |
echo '<pre style="max-width:100%;">';
|
|
@@ -1533,7 +1526,7 @@ if ( isset( $_POST['Submit-MScan-Suspect-Form'] ) && current_user_can('manage_op
|
|
| 1533 |
|
| 1534 |
} else {
|
| 1535 |
|
| 1536 |
-
$text = '<div style="margin:0px 0px 5px 0px;font-size:1.13em;font-weight:600"><span style="width:100px;margin:0px;padding:0px 6px 0px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.admin_url( "admin.php?page=bulletproof-security/admin/mscan/mscan.php&mscan_view_file=view_file&_wpnonce=$nonce" ).'" style="text-decoration:none;">'.__('Close File', 'bulletproof-security').'</a></span> '.$filename.' : '.__('MScan Pattern Match', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_pattern).'</span><br>'.__('You can use your Browser\'s Search or Find feature to search the file contents/code displayed below using the MScan Pattern Match above for the suspicious code that was detected by MScan.', 'bulletproof-security').'<br>'.__('You can download suspicious files if you would like to check the file contents/code more extensively with a code editor like Notepad++.', 'bulletproof-security').'<br>'.__('If you are not sure what to check for or what is and is not malicious code then click the MScan
|
| 1537 |
|
| 1538 |
echo $text;
|
| 1539 |
echo '<pre style="max-width:70%;height:200px;white-space:pre-wrap;white-space:-moz-pre-wrap;white-space:-pre-wrap;white-space:-o-pre-wrap;word-wrap:break-word;">';
|
|
@@ -1647,11 +1640,6 @@ if ( isset( $_POST['Submit-MScan-Suspect-Form'] ) && current_user_can('manage_op
|
|
| 1647 |
|
| 1648 |
?>
|
| 1649 |
|
| 1650 |
-
<?php
|
| 1651 |
-
$UIoptions = get_option('bulletproof_security_options_theme_skin');
|
| 1652 |
-
|
| 1653 |
-
if ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] == 'blue' ) { ?>
|
| 1654 |
-
|
| 1655 |
<script type="text/javascript">
|
| 1656 |
/* <![CDATA[ */
|
| 1657 |
jQuery(document).ready(function($) {
|
|
@@ -1660,8 +1648,6 @@ jQuery(document).ready(function($) {
|
|
| 1660 |
/* ]]> */
|
| 1661 |
</script>
|
| 1662 |
|
| 1663 |
-
<?php } ?>
|
| 1664 |
-
|
| 1665 |
<script type="text/javascript">
|
| 1666 |
/* <![CDATA[ */
|
| 1667 |
jQuery(document).ready(function($){
|
|
@@ -1840,7 +1826,7 @@ if ( isset( $_POST['Submit-MScan-Suspect-DB-Form'] ) && current_user_can('manage
|
|
| 1840 |
|
| 1841 |
} else {
|
| 1842 |
|
| 1843 |
-
$text = '<div style="margin:0px 0px 5px 0px;font-size:1.13em;font-weight:600"><span style="width:100px;margin:0px;padding:0px 6px 0px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.admin_url( "admin.php?page=bulletproof-security/admin/mscan/mscan.php&mscan_view_db=view_db_entry&_wpnonce=$nonce" ).'" style="text-decoration:none;">'.__('Close', 'bulletproof-security').'</a></span> '.__('DB Table, Column and Row ID', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_db_table).' : '.esc_html($row->mscan_db_column).' : '.esc_html($row->mscan_db_pkid).'</span> : '.__('MScan Pattern Match', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_pattern).'</span><br>'.__('Steps to view the database data that MScan detected as suspicious', 'bulletproof-security').': '.__('Login to your web host control panel, login to your WP Database using phpMyAdmin and check the data in the DB Table, Column and Row ID shown above. Note: Look for code that matches the MScan Pattern Match.', 'bulletproof-security').'<br>'.__('If you are not sure what to check for or what is and is not malicious code then click the MScan
|
| 1844 |
echo $text;
|
| 1845 |
}
|
| 1846 |
}
|
|
@@ -1926,9 +1912,7 @@ if ( isset( $_POST['Submit-MScan-Suspect-DB-Form'] ) && current_user_can('manage
|
|
| 1926 |
echo "<input type=\"button\" name=\"cancel\" value=\"".__('Clear|Refresh', 'bulletproof-security')."\" class=\"button bps-button\" style=\"margin-left:20px\" onclick=\"javascript:history.go(0)\" />";
|
| 1927 |
echo '</form>';
|
| 1928 |
|
| 1929 |
-
|
| 1930 |
-
|
| 1931 |
-
if ( isset($UIoptions['bps_ui_theme_skin']) && $UIoptions['bps_ui_theme_skin'] == 'blue' ) { ?>
|
| 1932 |
|
| 1933 |
<script type="text/javascript">
|
| 1934 |
/* <![CDATA[ */
|
|
@@ -1938,8 +1922,6 @@ jQuery(document).ready(function($) {
|
|
| 1938 |
/* ]]> */
|
| 1939 |
</script>
|
| 1940 |
|
| 1941 |
-
<?php } ?>
|
| 1942 |
-
|
| 1943 |
<script type="text/javascript">
|
| 1944 |
/* <![CDATA[ */
|
| 1945 |
jQuery(document).ready(function($){
|
|
@@ -1973,15 +1955,27 @@ jQuery(document).ready(function($){
|
|
| 1973 |
|
| 1974 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1975 |
<tr>
|
| 1976 |
-
<td class="bps-table_title"
|
| 1977 |
</tr>
|
| 1978 |
<tr>
|
| 1979 |
<td class="bps-table_cell_help">
|
| 1980 |
|
| 1981 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan Log', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button"
|
|
|
|
| 1982 |
|
| 1983 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('MScan Log', 'bulletproof-security'); ?>">
|
| 1984 |
-
<p
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1985 |
</div>
|
| 1986 |
|
| 1987 |
<?php
|
|
@@ -2027,7 +2021,7 @@ if ( file_exists($filename) ) {
|
|
| 2027 |
$logSize = filesize($filename);
|
| 2028 |
|
| 2029 |
if ( $logSize < 2097152 ) {
|
| 2030 |
-
$text = '<span style="font-size:13px;"><strong>'. __('MScan Log File Size: ', 'bulletproof-security').'<font color="#
|
| 2031 |
echo $text;
|
| 2032 |
} else {
|
| 2033 |
$text = '<span style="font-size:13px;"><strong>'. __('MScan Log File Size: ', 'bulletproof-security').'<font color="#fb0101">'. round($logSize / 1024, 2) .' KB<br>'.__('The S-Monitor Email Logging options will only send log files up to 2MB in size.', 'bulletproof-security').'</font></strong><br>'.__('Copy and paste the MScan Log file contents into a Notepad text file on your computer and save it.', 'bulletproof-security').'<br>'.__('Then click the Delete Log button to delete the contents of this Log file.', 'bulletproof-security').'</span><br><br>';
|
|
@@ -2046,7 +2040,7 @@ bpsPro_MScan_LogSize();
|
|
| 2046 |
<label for="QLog"><strong><?php _e('MScan Log Last Modified Time:', 'bulletproof-security'); ?></strong></label><br />
|
| 2047 |
<label for="QLog"><strong><?php echo bpsPro_MScan_ModTimeDiff(); ?></strong><?php echo $bps_mscan_log_date_mod; ?></label><br />
|
| 2048 |
<label for="QLog" style="vertical-align:top;"><strong><?php _e('Last Modified Time in File:', 'bulletproof-security'); ?></strong></label>
|
| 2049 |
-
<input type="text" name="bulletproof_security_options_MScan_log[bps_mscan_log_date_mod]" style="color:#
|
| 2050 |
<input type="submit" name="Submit-MScan-Mod" class="button bps-button" style="margin:10px 0px 0px 0px;" value="<?php esc_attr_e('Reset Last Modified Time in DB', 'bulletproof-security') ?>" />
|
| 2051 |
</form>
|
| 2052 |
|
|
@@ -2168,8 +2162,9 @@ $scrolltomsblog = isset($_REQUEST['scrolltomsblog']) ? (int) $_REQUEST['scrollto
|
|
| 2168 |
<div id="MScanLog">
|
| 2169 |
<textarea class="bps-text-area-600x700" name="newcontent_mscan" id="newcontent_mscan" tabindex="1"><?php echo bpsPro_MScan_get_contents(); ?></textarea>
|
| 2170 |
<input type="hidden" name="scrolltomsblog" id="scrolltomsblog" value="<?php echo esc_html( $scrolltomsblog ); ?>" />
|
| 2171 |
-
<
|
| 2172 |
-
<input type="submit" name="Submit-MScan-Log" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 2173 |
</div>
|
| 2174 |
</form>
|
| 2175 |
|
|
@@ -2194,15 +2189,27 @@ jQuery(document).ready(function($){
|
|
| 2194 |
|
| 2195 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2196 |
<tr>
|
| 2197 |
-
<td class="bps-table_title"
|
| 2198 |
</tr>
|
| 2199 |
<tr>
|
| 2200 |
<td class="bps-table_cell_help">
|
| 2201 |
|
| 2202 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan Report', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button"
|
|
|
|
| 2203 |
|
| 2204 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('MScan Report', 'bulletproof-security'); ?>">
|
| 2205 |
-
<p
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2206 |
</div>
|
| 2207 |
|
| 2208 |
<form name="MScanSaveReport" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/mscan/mscan.php#bps-tabs-3' ); ?>" method="post">
|
|
@@ -2455,9 +2462,9 @@ global $wpdb, $wp_version, $bps_topDiv, $bps_bottomDiv;
|
|
| 2455 |
|
| 2456 |
$plugins_array_merged = array_merge($active_plugins_array, $inactive_plugins_array, $hello_dolly_plugin_array);
|
| 2457 |
|
| 2458 |
-
$hover_icon_plugin_hash = '<strong><font color="black"><span class="tooltip-350-150"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('File hashes do not exist for this plugin. This plugin\'s files were not scanned. If you would like to scan this plugin\'s files then use the "Upload Plugin Zip Files" Form to upload a zip file for this plugin. Click the MScan
|
| 2459 |
|
| 2460 |
-
$hover_icon_theme_hash = '<strong><font color="black"><span class="tooltip-350-150"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('File hashes do not exist for this theme. This theme\'s files were not scanned. If you would like to scan this themes\'s files then use the "Upload Theme Zip Files" Form to upload a zip file for this theme. Click the MScan
|
| 2461 |
|
| 2462 |
if ( is_array( $mscan_plugin_hash['bps_mscan_plugin_hash_version_check'] ) && ! is_null( $mscan_plugin_hash['bps_mscan_plugin_hash_version_check'] ) ) {
|
| 2463 |
|
|
@@ -2554,7 +2561,7 @@ global $wpdb, $wp_version, $bps_topDiv, $bps_bottomDiv;
|
|
| 2554 |
$mscan_report_scan_results_title = '<div class="mscan-report-row-title-large" style="border-top:2px solid #999999;padding-top:10px">'.__('Scan Results ', 'bulletproof-security').'</div>';
|
| 2555 |
echo $mscan_report_scan_results_title;
|
| 2556 |
|
| 2557 |
-
$mscan_report_file_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('File hash comparison scan results are 100% accurate. WP Core, Plugin and Theme files are scanned using file hash comparison scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results are less accurate and will usually detect some false positive matches. All other files that are not WP Core, Plugin and Theme files are scanned using pattern matching scanning.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Delete files detected as suspicious using the View|Ignore|Delete Suspicious Files Form on the MScan
|
| 2558 |
echo $mscan_report_file_scan_help_text;
|
| 2559 |
|
| 2560 |
$mscan_report_scan_results_file_scan_array = array();
|
|
@@ -2634,7 +2641,7 @@ global $wpdb, $wp_version, $bps_topDiv, $bps_bottomDiv;
|
|
| 2634 |
echo '</table>';
|
| 2635 |
echo '</div>';
|
| 2636 |
|
| 2637 |
-
$mscan_report_db_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('Database scanning uses pattern matching scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results will usually detect some false positive matches.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Unignore suspicious DB Entries using the View|Ignore Suspicious DB Entries Form on the MScan
|
| 2638 |
echo $mscan_report_db_scan_help_text;
|
| 2639 |
|
| 2640 |
$mscan_report_scan_results_db_scan_array = array();
|
|
@@ -2895,15 +2902,27 @@ bpsPro_mscan_report();
|
|
| 2895 |
|
| 2896 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2897 |
<tr>
|
| 2898 |
-
<td class="bps-table_title"
|
| 2899 |
</tr>
|
| 2900 |
<tr>
|
| 2901 |
<td class="bps-table_cell_help">
|
| 2902 |
|
| 2903 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan Saved Reports', 'bulletproof-security'); ?> <button id="bps-open-modal4" class="button bps-modal-button"
|
|
|
|
| 2904 |
|
| 2905 |
<div id="bps-modal-content4" class="bps-dialog-hide" title="<?php _e('MScan Saved Reports', 'bulletproof-security'); ?>">
|
| 2906 |
-
<p
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2907 |
</div>
|
| 2908 |
|
| 2909 |
<?php
|
|
@@ -3376,7 +3395,7 @@ if ( isset( $_POST['Submit-MScan-View-Delete'] ) && current_user_can('manage_opt
|
|
| 3376 |
$mscan_report_scan_results_title = '<div class="mscan-report-row-title-large" style="border-top:2px solid #999999;padding-top:10px">'.__('Scan Results ', 'bulletproof-security').'</div>';
|
| 3377 |
echo $mscan_report_scan_results_title;
|
| 3378 |
|
| 3379 |
-
$mscan_report_file_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('File hash comparison scan results are 100% accurate. WP Core, Plugin and Theme files are scanned using file hash comparison scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results are less accurate and will usually detect some false positive matches. All other files that are not WP Core, Plugin and Theme files are scanned using pattern matching scanning.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Delete files detected as suspicious using the View|Ignore|Delete Suspicious Files Form on the MScan
|
| 3380 |
echo $mscan_report_file_scan_help_text;
|
| 3381 |
|
| 3382 |
echo '<div id="MScanSuspectcheckall" style="">';
|
|
@@ -3420,7 +3439,7 @@ if ( isset( $_POST['Submit-MScan-View-Delete'] ) && current_user_can('manage_opt
|
|
| 3420 |
echo '</table>';
|
| 3421 |
echo '</div>';
|
| 3422 |
|
| 3423 |
-
$mscan_report_db_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('Database scanning uses pattern matching scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results will usually detect some false positive matches.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Unignore suspicious DB Entries using the View|Ignore Suspicious DB Entries Form on the MScan
|
| 3424 |
echo $mscan_report_db_scan_help_text;
|
| 3425 |
|
| 3426 |
$mscan_report_scan_results_db_scan_array = array();
|
|
@@ -3503,14 +3522,18 @@ jQuery(document).ready(function($){
|
|
| 3503 |
|
| 3504 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 3505 |
<tr>
|
| 3506 |
-
<td class="bps-table_title"
|
| 3507 |
</tr>
|
| 3508 |
<tr>
|
| 3509 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 3510 |
<a href="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/whatsnew/whatsnew.php' ); ?>" target="_blank"><?php _e('Whats New in ', 'bulletproof-security'); echo BULLETPROOF_VERSION; ?></a><br /><br />
|
| 3511 |
<a href="https://forum.ait-pro.com/forums/topic/bulletproof-security-pro-version-release-dates/" target="_blank"><?php _e('BPS Pro Features & Version Release Dates', 'bulletproof-security'); ?></a><br /><br />
|
| 3512 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Video Tutorials', 'bulletproof-security'); ?></a><br /><br />
|
| 3513 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 3514 |
</td>
|
| 3515 |
</tr>
|
| 3516 |
</table>
|
| 4 |
div.notice{display:none}
|
| 5 |
</style>
|
| 6 |
|
| 7 |
+
<div id="bps-container" class="wrap">
|
| 8 |
|
| 9 |
<!-- MUST be in my page container div. hide notices from other plugins so they don't break the MScan iFrame-->
|
| 10 |
<style>
|
| 14 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 15 |
|
| 16 |
<?php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 17 |
## 2.9: Created new file for mscan pattern matching code. If web host deletes or nulls that file or Dir then mscan will not work, but BPS Pro will still work.
|
| 18 |
## 4.8: Major rebuild: Plugin and Theme files will be checked using MD5 file hash comparisons. Will still offer pattern matching, but am recommending
|
| 19 |
## Premium/custom plugin and theme zip uploads so that MD5 hashes can be made from those plugin and theme files.
|
| 74 |
|
| 75 |
// General all purpose "Settings Saved." message for forms
|
| 76 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 77 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 78 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 79 |
echo $text;
|
| 80 |
}
|
| 199 |
?>
|
| 200 |
</div>
|
| 201 |
|
| 202 |
+
<h2 class="bps-tab-title"><?php _e('MScan Malware Scanner', 'bulletproof-security'); ?></h2>
|
| 203 |
|
| 204 |
<!-- jQuery UI Tab Menu -->
|
| 205 |
<div id="bps-tabs" class="bps-menu">
|
| 206 |
<div id="bpsHead"><img src="<?php echo plugins_url('/bulletproof-security/admin/images/bps-plugin-logo.jpg'); ?>" /></div>
|
| 207 |
<ul>
|
| 208 |
+
<li><a href="#bps-tabs-1"><?php _e('MScan Scan', 'bulletproof-security'); ?></a></li>
|
| 209 |
<li><a href="#bps-tabs-2"><?php _e('MScan Log', 'bulletproof-security'); ?></a></li>
|
| 210 |
<li><a href="#bps-tabs-3"><?php _e('MScan Report', 'bulletproof-security'); ?></a></li>
|
| 211 |
<li><a href="#bps-tabs-4"><?php _e('MScan Saved Reports', 'bulletproof-security'); ?></a></li>
|
| 216 |
|
| 217 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 218 |
<tr>
|
| 219 |
+
<td class="bps-table_title"></td>
|
|
|
|
| 220 |
</tr>
|
| 221 |
<tr>
|
| 222 |
<td class="bps-table_cell_help">
|
| 223 |
|
| 224 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan Scan', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 225 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 226 |
|
| 227 |
+
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('MScan', 'bulletproof-security'); ?>">
|
| 228 |
<p>
|
| 229 |
<?php
|
| 230 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 231 |
echo $text;
|
| 232 |
+
|
| 233 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 234 |
+
echo $bpsPro_text;
|
| 235 |
+
|
| 236 |
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 237 |
echo $text;
|
| 238 |
?>
|
| 959 |
|
| 960 |
if ( file_exists($wp_index_file) && preg_match( $pattern, $check_string ) && file_exists($wp_blog_header_file) && file_exists($wp_cron_file) && file_exists($wp_load_file) && file_exists($wp_login_file) && file_exists($wp_settings_file) || file_exists($home_wp_index_file) && preg_match( $pattern, $home_check_string ) && file_exists($home_wp_blog_header_file) && file_exists($home_wp_cron_file) && file_exists($home_wp_load_file) && file_exists($home_wp_login_file) && file_exists($home_wp_settings_file) ) {
|
| 961 |
|
| 962 |
+
$hover_icon = '<strong><font color="black"><span class="tooltip-250-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('This folder contains another WordPress website. This checkbox cannot be checked. To scan that site run MScan from that site. Click the MScan Question Mark help button above and read the "Scanning Other WordPress Sites" help section.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 963 |
|
| 964 |
echo "<td><input type=\"checkbox\" id=\"mscandirs\" name=\"mscan[$key]\" value=\"\" class=\"MScanALL\" $checked /></td>";
|
| 965 |
echo '<td>'.$key.$hover_icon.'</td>';
|
| 1002 |
echo '<input type="text" name="mscan_max_time_limit" class="regular-text-50-fixed" style="margin-bottom:5px" value="'; if ( isset( $_POST['mscan_max_time_limit'] ) && preg_match( '/\d/', $_POST['mscan_max_time_limit'] ) ) { echo esc_html($max_time_limit); } else { echo esc_html(trim(stripslashes($max_time_limit))); } echo '" /> Seconds';
|
| 1003 |
echo '<br>';
|
| 1004 |
|
| 1005 |
+
echo '<label for="bps-mscan-label" style="">'.__('Exclude Individual Folders', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('Enter one folder path per line. Include folder slashes.', 'bulletproof-security').'<br>'.__('Example:', 'bulletproof-security').'<br>/parent-folder-1/child-folder-1/<br>/parent-folder-2/child-folder-2/<br><br>'.__('Click the MScan Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 1006 |
// trimming whitespace does not work because I am not trimming newlines or returns
|
| 1007 |
echo '<textarea class="text-area-340x60" name="mscan_exclude_dirs" style="width:340px;height:60px;margin-bottom:5px" tabindex="1">'.esc_html( trim(stripslashes($mscan_exclude_dirs), " \t\0\x0B") ).'</textarea>';
|
| 1008 |
echo '<input type="hidden" name="scrolltoExcludeDirs" id="scrolltoExcludeDirs" value="'.esc_html( $scrolltoExcludeDirs ).'" />';
|
| 1014 |
echo '<option value="Off"'. selected('Off', $mscan_scan_database).'>'.__('Database Scan Off', 'bulletproof-security').'</option>';
|
| 1015 |
echo '</select><br>';
|
| 1016 |
|
| 1017 |
+
echo '<label for="bps-mscan-label">'.__('Scan Skipped Files Only', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('When Skipped File Scan is On only skipped files will be scanned. Note: No other MScan option settings have any effect while Skipped File Scan is set to On.', 'bulletproof-security').'<br><br>'.__('Click the MScan Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 1018 |
echo '<select name="mscan_scan_skipped_files_select" class="form-340" style="margin-bottom:10px">';
|
| 1019 |
echo '<option value="Off"'. selected('Off', $mscan_scan_skipped_files).'>'.__('Skipped File Scan Off', 'bulletproof-security').'</option>';
|
| 1020 |
echo '<option value="On"'. selected('On', $mscan_scan_skipped_files).'>'.__('Skipped File Scan On', 'bulletproof-security').'</option>';
|
| 1026 |
echo '<option value="On"'. selected('On', $mscan_scan_delete_tmp_files).'>'.__('Delete Tmp Files On', 'bulletproof-security').'</option>';
|
| 1027 |
echo '</select><br>';
|
| 1028 |
|
| 1029 |
+
echo '<label for="bps-mscan-label" style="">'.__('Exclude /tmp Files', 'bulletproof-security').'</label><strong><font color="black"><span class="tooltip-350-120"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('Enter one file name per line.', 'bulletproof-security').'<br>'.__('Example:', 'bulletproof-security').'<br>mysql.sock<br>.s.PGSQL.5432<br>.per-user<br>'.__('Click the MScan Question Mark help button for more help info.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 1030 |
// trimming whitespace does not work because I am not trimming newlines or returns
|
| 1031 |
echo '<textarea class="text-area-340x60" name="mscan_exclude_tmp_files" style="width:340px;height:60px;margin-bottom:5px" tabindex="1">'.esc_html( trim(stripslashes($mscan_exclude_tmp_files), " \t\0\x0B") ).'</textarea>';
|
| 1032 |
echo '<input type="hidden" name="scrolltoExcludeTmpFiles" id="scrolltoExcludeTmpFiles" value="'.esc_html( $scrolltoExcludeTmpFiles ).'" />';
|
| 1052 |
/*
|
| 1053 |
echo '<form name="MScanTimeEstimate" action="'.admin_url( 'admin.php?page=bulletproof-security/admin/mscan/mscan.php' ).'" method="post">';
|
| 1054 |
wp_nonce_field('bulletproof_security_mscan_time_estimate');
|
| 1055 |
+
echo "<input type=\"submit\" id=\"bps-mscan-time-estimate-button\" name=\"Submit-MScan-Time-Estimate\" value=\"".esc_attr__('Scan Time Estimate Tool', 'bulletproof-security')."\" class=\"button bps-button\" style=\"width:175px;height:auto;white-space:normal\" onclick=\"return confirm('".__('IMPORTANT: You can stop the scan time estimate if it hangs or is taking too long by clicking the Stop Scan button.\n\n-------------------------------------------------------------\n\nThis tool allows you to check the estimated total scan time of a scan based on your MScan option settings without actually performing/running a scan. Note: This tool does not affect or change any previous scan results except for the Total Scan Time, which will be changed to the estimated scan time.\n\n-------------------------------------------------------------\n\nExample Usage: You can check or uncheck Hosting Account Root Folders checkboxes and change any other MScan option settings, save your MScan option settings and then run the Scan Time Estimate Tool to get the total estimated time that the actual scan will take. For additional help information click the MScan Question Mark help button.\n\n-------------------------------------------------------------\n\nClick OK to get a scan time estimate or click Cancel', 'bulletproof-security')."')\" />";
|
| 1056 |
echo '</form><br>';
|
| 1057 |
*/
|
| 1058 |
|
| 1059 |
echo '<form name="MScanDeleteHashes" action="'.admin_url( 'admin.php?page=bulletproof-security/admin/mscan/mscan.php' ).'" method="post">';
|
| 1060 |
wp_nonce_field('bulletproof_security_mscan_delete_hashes');
|
| 1061 |
+
echo "<input type=\"submit\" name=\"Submit-MScan-Delete-Hashes\" value=\"".esc_attr__('Delete File Hashes Tool', 'bulletproof-security')."\" class=\"button bps-button\" style=\"width:175px;height:auto;white-space:normal\" onclick=\"return confirm('".__('CAUTION: Please click the MScan Question Mark help button before using this tool. This tool allows you to delete the Plugin and Theme file hashes.\n\n-------------------------------------------------------------\n\nThis tool should ONLY be used if there is a problem when scanning Plugin and Theme files.\n\n-------------------------------------------------------------\n\nClick OK to delete Plugin and Theme file hashes or click Cancel', 'bulletproof-security')."')\" />";
|
| 1062 |
echo '</form>';
|
| 1063 |
?>
|
| 1064 |
|
| 1099 |
check_admin_referer( 'bulletproof_security_plugin_zip_upload' );
|
| 1100 |
|
| 1101 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes' ) ) {
|
| 1102 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes', 0755, true );
|
| 1103 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/plugin-hashes/', 0755 );
|
| 1104 |
}
|
| 1105 |
|
| 1106 |
echo $bps_topDiv;
|
| 1213 |
check_admin_referer( 'bulletproof_security_theme_zip_upload' );
|
| 1214 |
|
| 1215 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/theme-hashes' ) ) {
|
| 1216 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/theme-hashes', 0755, true );
|
| 1217 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/theme-hashes/', 0755 );
|
| 1218 |
}
|
| 1219 |
|
| 1220 |
echo $bps_topDiv;
|
| 1318 |
}
|
| 1319 |
}
|
| 1320 |
|
| 1321 |
+
?>
|
|
|
|
|
|
|
| 1322 |
|
| 1323 |
<script type="text/javascript">
|
| 1324 |
/* <![CDATA[ */
|
| 1328 |
/* ]]> */
|
| 1329 |
</script>
|
| 1330 |
|
|
|
|
|
|
|
| 1331 |
<script type="text/javascript">
|
| 1332 |
/* <![CDATA[ */
|
| 1333 |
jQuery(document).ready(function($){
|
| 1450 |
$path_parts = pathinfo($row->mscan_path);
|
| 1451 |
$filename = $path_parts['basename'];
|
| 1452 |
|
| 1453 |
+
unlink($row->mscan_path);
|
| 1454 |
$delete_row = $wpdb->query( $wpdb->prepare( "DELETE FROM $MStable WHERE mscan_path = %s", $delete_file));
|
| 1455 |
|
| 1456 |
$text = '<strong><font color="green">'.$filename.__(' has been deleted.', 'bulletproof-security').'</font></strong><br>';
|
| 1517 |
|
| 1518 |
if ( $ext == 'png' || $ext == 'gif' || $ext == 'bmp' || $ext == 'jpg' || $ext == 'jpeg' || $ext == 'tif' || $ext == 'tiff' ) {
|
| 1519 |
|
| 1520 |
+
$text = '<div style="margin:0px 0px 5px 0px;font-size:1.13em;font-weight:600"><span style="width:100px;margin:0px;padding:0px 6px 0px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.admin_url( "admin.php?page=bulletproof-security/admin/mscan/mscan.php&mscan_view_file=view_file&_wpnonce=$nonce" ).'" style="text-decoration:none;">'.__('Close File', 'bulletproof-security').'</a></span> '.$filename.' : '.__('MScan Pattern Match', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_pattern).'</span><br>'.__('Only the MScan Pattern Match is displayed for images instead of the image file code.', 'bulletproof-security').'<br>'.__('Opening image files to view image file code does not work well in a Browser.', 'bulletproof-security').'<br>'.__('You can download suspicious image files and use a code editor like Notepad++ to check image file code for any malicious code.', 'bulletproof-security').'<br>'.__('If you are not sure what to check for or what is and is not malicious code then click the MScan Question Mark help button.', 'bulletproof-security').'</div>';
|
| 1521 |
|
| 1522 |
echo $text;
|
| 1523 |
echo '<pre style="max-width:100%;">';
|
| 1526 |
|
| 1527 |
} else {
|
| 1528 |
|
| 1529 |
+
$text = '<div style="margin:0px 0px 5px 0px;font-size:1.13em;font-weight:600"><span style="width:100px;margin:0px;padding:0px 6px 0px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.admin_url( "admin.php?page=bulletproof-security/admin/mscan/mscan.php&mscan_view_file=view_file&_wpnonce=$nonce" ).'" style="text-decoration:none;">'.__('Close File', 'bulletproof-security').'</a></span> '.$filename.' : '.__('MScan Pattern Match', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_pattern).'</span><br>'.__('You can use your Browser\'s Search or Find feature to search the file contents/code displayed below using the MScan Pattern Match above for the suspicious code that was detected by MScan.', 'bulletproof-security').'<br>'.__('You can download suspicious files if you would like to check the file contents/code more extensively with a code editor like Notepad++.', 'bulletproof-security').'<br>'.__('If you are not sure what to check for or what is and is not malicious code then click the MScan Question Mark help button.', 'bulletproof-security').'</div>';
|
| 1530 |
|
| 1531 |
echo $text;
|
| 1532 |
echo '<pre style="max-width:70%;height:200px;white-space:pre-wrap;white-space:-moz-pre-wrap;white-space:-pre-wrap;white-space:-o-pre-wrap;word-wrap:break-word;">';
|
| 1640 |
|
| 1641 |
?>
|
| 1642 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1643 |
<script type="text/javascript">
|
| 1644 |
/* <![CDATA[ */
|
| 1645 |
jQuery(document).ready(function($) {
|
| 1648 |
/* ]]> */
|
| 1649 |
</script>
|
| 1650 |
|
|
|
|
|
|
|
| 1651 |
<script type="text/javascript">
|
| 1652 |
/* <![CDATA[ */
|
| 1653 |
jQuery(document).ready(function($){
|
| 1826 |
|
| 1827 |
} else {
|
| 1828 |
|
| 1829 |
+
$text = '<div style="margin:0px 0px 5px 0px;font-size:1.13em;font-weight:600"><span style="width:100px;margin:0px;padding:0px 6px 0px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.admin_url( "admin.php?page=bulletproof-security/admin/mscan/mscan.php&mscan_view_db=view_db_entry&_wpnonce=$nonce" ).'" style="text-decoration:none;">'.__('Close', 'bulletproof-security').'</a></span> '.__('DB Table, Column and Row ID', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_db_table).' : '.esc_html($row->mscan_db_column).' : '.esc_html($row->mscan_db_pkid).'</span> : '.__('MScan Pattern Match', 'bulletproof-security').': <span style="background-color:yellow;">'.esc_html($row->mscan_pattern).'</span><br>'.__('Steps to view the database data that MScan detected as suspicious', 'bulletproof-security').': '.__('Login to your web host control panel, login to your WP Database using phpMyAdmin and check the data in the DB Table, Column and Row ID shown above. Note: Look for code that matches the MScan Pattern Match.', 'bulletproof-security').'<br>'.__('If you are not sure what to check for or what is and is not malicious code then click the MScan Question Mark help button.', 'bulletproof-security').'</div>';
|
| 1830 |
echo $text;
|
| 1831 |
}
|
| 1832 |
}
|
| 1912 |
echo "<input type=\"button\" name=\"cancel\" value=\"".__('Clear|Refresh', 'bulletproof-security')."\" class=\"button bps-button\" style=\"margin-left:20px\" onclick=\"javascript:history.go(0)\" />";
|
| 1913 |
echo '</form>';
|
| 1914 |
|
| 1915 |
+
?>
|
|
|
|
|
|
|
| 1916 |
|
| 1917 |
<script type="text/javascript">
|
| 1918 |
/* <![CDATA[ */
|
| 1922 |
/* ]]> */
|
| 1923 |
</script>
|
| 1924 |
|
|
|
|
|
|
|
| 1925 |
<script type="text/javascript">
|
| 1926 |
/* <![CDATA[ */
|
| 1927 |
jQuery(document).ready(function($){
|
| 1955 |
|
| 1956 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1957 |
<tr>
|
| 1958 |
+
<td class="bps-table_title"></td>
|
| 1959 |
</tr>
|
| 1960 |
<tr>
|
| 1961 |
<td class="bps-table_cell_help">
|
| 1962 |
|
| 1963 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan Log', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button">
|
| 1964 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1965 |
|
| 1966 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('MScan Log', 'bulletproof-security'); ?>">
|
| 1967 |
+
<p>
|
| 1968 |
+
<?php
|
| 1969 |
+
|
| 1970 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1971 |
+
echo $text;
|
| 1972 |
+
|
| 1973 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1974 |
+
echo $bpsPro_text;
|
| 1975 |
+
|
| 1976 |
+
echo $bps_modal_content2;
|
| 1977 |
+
?>
|
| 1978 |
+
</p>
|
| 1979 |
</div>
|
| 1980 |
|
| 1981 |
<?php
|
| 2021 |
$logSize = filesize($filename);
|
| 2022 |
|
| 2023 |
if ( $logSize < 2097152 ) {
|
| 2024 |
+
$text = '<span style="font-size:13px;"><strong>'. __('MScan Log File Size: ', 'bulletproof-security').'<font color="#2271b1">'. round($logSize / 1024, 2) .' KB</font></strong></span><br><br>';
|
| 2025 |
echo $text;
|
| 2026 |
} else {
|
| 2027 |
$text = '<span style="font-size:13px;"><strong>'. __('MScan Log File Size: ', 'bulletproof-security').'<font color="#fb0101">'. round($logSize / 1024, 2) .' KB<br>'.__('The S-Monitor Email Logging options will only send log files up to 2MB in size.', 'bulletproof-security').'</font></strong><br>'.__('Copy and paste the MScan Log file contents into a Notepad text file on your computer and save it.', 'bulletproof-security').'<br>'.__('Then click the Delete Log button to delete the contents of this Log file.', 'bulletproof-security').'</span><br><br>';
|
| 2040 |
<label for="QLog"><strong><?php _e('MScan Log Last Modified Time:', 'bulletproof-security'); ?></strong></label><br />
|
| 2041 |
<label for="QLog"><strong><?php echo bpsPro_MScan_ModTimeDiff(); ?></strong><?php echo $bps_mscan_log_date_mod; ?></label><br />
|
| 2042 |
<label for="QLog" style="vertical-align:top;"><strong><?php _e('Last Modified Time in File:', 'bulletproof-security'); ?></strong></label>
|
| 2043 |
+
<input type="text" name="bulletproof_security_options_MScan_log[bps_mscan_log_date_mod]" style="color:#2271b1;font-size:13px;width:200px;margin-top:-6px;padding-left:4px;font-weight:600;border:none;background:none;outline:none;-webkit-box-shadow:none;box-shadow:none;-webkit-transition:none;transition:none;" value="<?php echo bpsPro_MScan_Log_LastMod(); ?>" /><br />
|
| 2044 |
<input type="submit" name="Submit-MScan-Mod" class="button bps-button" style="margin:10px 0px 0px 0px;" value="<?php esc_attr_e('Reset Last Modified Time in DB', 'bulletproof-security') ?>" />
|
| 2045 |
</form>
|
| 2046 |
|
| 2162 |
<div id="MScanLog">
|
| 2163 |
<textarea class="bps-text-area-600x700" name="newcontent_mscan" id="newcontent_mscan" tabindex="1"><?php echo bpsPro_MScan_get_contents(); ?></textarea>
|
| 2164 |
<input type="hidden" name="scrolltomsblog" id="scrolltomsblog" value="<?php echo esc_html( $scrolltomsblog ); ?>" />
|
| 2165 |
+
<div style="margin:10px 0px">
|
| 2166 |
+
<input type="submit" name="Submit-MScan-Log" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 2167 |
+
</div>
|
| 2168 |
</div>
|
| 2169 |
</form>
|
| 2170 |
|
| 2189 |
|
| 2190 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2191 |
<tr>
|
| 2192 |
+
<td class="bps-table_title"></td>
|
| 2193 |
</tr>
|
| 2194 |
<tr>
|
| 2195 |
<td class="bps-table_cell_help">
|
| 2196 |
|
| 2197 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan Report', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button">
|
| 2198 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 2199 |
|
| 2200 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('MScan Report', 'bulletproof-security'); ?>">
|
| 2201 |
+
<p>
|
| 2202 |
+
<?php
|
| 2203 |
+
|
| 2204 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 2205 |
+
echo $text;
|
| 2206 |
+
|
| 2207 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 2208 |
+
echo $bpsPro_text;
|
| 2209 |
+
|
| 2210 |
+
echo $bps_modal_content3;
|
| 2211 |
+
?>
|
| 2212 |
+
</p>
|
| 2213 |
</div>
|
| 2214 |
|
| 2215 |
<form name="MScanSaveReport" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/mscan/mscan.php#bps-tabs-3' ); ?>" method="post">
|
| 2462 |
|
| 2463 |
$plugins_array_merged = array_merge($active_plugins_array, $inactive_plugins_array, $hello_dolly_plugin_array);
|
| 2464 |
|
| 2465 |
+
$hover_icon_plugin_hash = '<strong><font color="black"><span class="tooltip-350-150"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('File hashes do not exist for this plugin. This plugin\'s files were not scanned. If you would like to scan this plugin\'s files then use the "Upload Plugin Zip Files" Form to upload a zip file for this plugin. Click the MScan Scan Question Mark help button on the MScan Scan tab page and read the "Upload Plugin Zip Files" help section for more help info.', 'bulletproof-security').'</span></span></font></strong>';
|
| 2466 |
|
| 2467 |
+
$hover_icon_theme_hash = '<strong><font color="black"><span class="tooltip-350-150"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;left:10px;" /><span>'.__('File hashes do not exist for this theme. This theme\'s files were not scanned. If you would like to scan this themes\'s files then use the "Upload Theme Zip Files" Form to upload a zip file for this theme. Click the MScan Scan Question Mark help button on the MScan Scan tab page and read the "Upload Theme Zip Files" help section for more help info.', 'bulletproof-security').'</span></span></font></strong>';
|
| 2468 |
|
| 2469 |
if ( is_array( $mscan_plugin_hash['bps_mscan_plugin_hash_version_check'] ) && ! is_null( $mscan_plugin_hash['bps_mscan_plugin_hash_version_check'] ) ) {
|
| 2470 |
|
| 2561 |
$mscan_report_scan_results_title = '<div class="mscan-report-row-title-large" style="border-top:2px solid #999999;padding-top:10px">'.__('Scan Results ', 'bulletproof-security').'</div>';
|
| 2562 |
echo $mscan_report_scan_results_title;
|
| 2563 |
|
| 2564 |
+
$mscan_report_file_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('File hash comparison scan results are 100% accurate. WP Core, Plugin and Theme files are scanned using file hash comparison scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results are less accurate and will usually detect some false positive matches. All other files that are not WP Core, Plugin and Theme files are scanned using pattern matching scanning.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Delete files detected as suspicious using the View|Ignore|Delete Suspicious Files Form on the MScan Scan tab page. Before deleting any files make a backup of those files on your computer not on your hosting account.', 'bulletproof-security').'<br>'.__('And of course check the file contents of suspicious files to see if they contain hacker code or are false positive matches. Use the Ignore File checkbox option to ignore false postive matches.', 'bulletproof-security').'<br>'.__('When you ignore a file it will no longer be scanned in any future scans. When you unignore an ignored file it will be scanned in future scans.', 'bulletproof-security').'</strong></div>';
|
| 2565 |
echo $mscan_report_file_scan_help_text;
|
| 2566 |
|
| 2567 |
$mscan_report_scan_results_file_scan_array = array();
|
| 2641 |
echo '</table>';
|
| 2642 |
echo '</div>';
|
| 2643 |
|
| 2644 |
+
$mscan_report_db_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('Database scanning uses pattern matching scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results will usually detect some false positive matches.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Unignore suspicious DB Entries using the View|Ignore Suspicious DB Entries Form on the MScan Scan tab page. Before deleting any database data make a backup of your database.', 'bulletproof-security').'<br>'.__('Use phpMyAdmin or a similar tool to check your database Row where the suspicious code was found.', 'bulletproof-security').'<br>'.__('When you ignore a DB Entry it will no longer be scanned in any future scans. When you unignore an ignored DB Entry it will be scanned in future scans.', 'bulletproof-security').'</strong></div>';
|
| 2645 |
echo $mscan_report_db_scan_help_text;
|
| 2646 |
|
| 2647 |
$mscan_report_scan_results_db_scan_array = array();
|
| 2902 |
|
| 2903 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 2904 |
<tr>
|
| 2905 |
+
<td class="bps-table_title"></td>
|
| 2906 |
</tr>
|
| 2907 |
<tr>
|
| 2908 |
<td class="bps-table_cell_help">
|
| 2909 |
|
| 2910 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('MScan Saved Reports', 'bulletproof-security'); ?> <button id="bps-open-modal4" class="button bps-modal-button">
|
| 2911 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 2912 |
|
| 2913 |
<div id="bps-modal-content4" class="bps-dialog-hide" title="<?php _e('MScan Saved Reports', 'bulletproof-security'); ?>">
|
| 2914 |
+
<p>
|
| 2915 |
+
<?php
|
| 2916 |
+
|
| 2917 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 2918 |
+
echo $text;
|
| 2919 |
+
|
| 2920 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 2921 |
+
echo $bpsPro_text;
|
| 2922 |
+
|
| 2923 |
+
echo $bps_modal_content4;
|
| 2924 |
+
?>
|
| 2925 |
+
</p>
|
| 2926 |
</div>
|
| 2927 |
|
| 2928 |
<?php
|
| 3395 |
$mscan_report_scan_results_title = '<div class="mscan-report-row-title-large" style="border-top:2px solid #999999;padding-top:10px">'.__('Scan Results ', 'bulletproof-security').'</div>';
|
| 3396 |
echo $mscan_report_scan_results_title;
|
| 3397 |
|
| 3398 |
+
$mscan_report_file_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('File hash comparison scan results are 100% accurate. WP Core, Plugin and Theme files are scanned using file hash comparison scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results are less accurate and will usually detect some false positive matches. All other files that are not WP Core, Plugin and Theme files are scanned using pattern matching scanning.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Delete files detected as suspicious using the View|Ignore|Delete Suspicious Files Form on the MScan Scan tab page. Before deleting any files make a backup of those files on your computer not on your hosting account.', 'bulletproof-security').'<br>'.__('And of course check the file contents of suspicious files to see if they contain hacker code or are false positive matches. Use the Ignore File checkbox option to ignore false postive matches.', 'bulletproof-security').'<br>'.__('When you ignore a file it will no longer be scanned in any future scans. When you unignore an ignored file it will be scanned in future scans.', 'bulletproof-security').'</strong></div>';
|
| 3399 |
echo $mscan_report_file_scan_help_text;
|
| 3400 |
|
| 3401 |
echo '<div id="MScanSuspectcheckall" style="">';
|
| 3439 |
echo '</table>';
|
| 3440 |
echo '</div>';
|
| 3441 |
|
| 3442 |
+
$mscan_report_db_scan_help_text = '<div class="mscan-report-row-small"><strong>'.__('Database scanning uses pattern matching scanning.', 'bulletproof-security').'<br>'.__('Pattern matching scan results will usually detect some false positive matches.', 'bulletproof-security').'<br>'.__('You can View, Ignore and Unignore suspicious DB Entries using the View|Ignore Suspicious DB Entries Form on the MScan Scan tab page. Before deleting any database data make a backup of your database.', 'bulletproof-security').'<br>'.__('Use phpMyAdmin or a similar tool to check your database Row where the suspicious code was found.', 'bulletproof-security').'<br>'.__('When you ignore a DB Entry it will no longer be scanned in any future scans. When you unignore an ignored DB Entry it will be scanned in future scans.', 'bulletproof-security').'</strong></div>';
|
| 3443 |
echo $mscan_report_db_scan_help_text;
|
| 3444 |
|
| 3445 |
$mscan_report_scan_results_db_scan_array = array();
|
| 3522 |
|
| 3523 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 3524 |
<tr>
|
| 3525 |
+
<td class="bps-table_title"></td>
|
| 3526 |
</tr>
|
| 3527 |
<tr>
|
| 3528 |
<td class="bps-table_cell_help_links">
|
| 3529 |
+
|
| 3530 |
<a href="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/whatsnew/whatsnew.php' ); ?>" target="_blank"><?php _e('Whats New in ', 'bulletproof-security'); echo BULLETPROOF_VERSION; ?></a><br /><br />
|
| 3531 |
<a href="https://forum.ait-pro.com/forums/topic/bulletproof-security-pro-version-release-dates/" target="_blank"><?php _e('BPS Pro Features & Version Release Dates', 'bulletproof-security'); ?></a><br /><br />
|
| 3532 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Video Tutorials', 'bulletproof-security'); ?></a><br /><br />
|
| 3533 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 3534 |
+
|
| 3535 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 3536 |
+
|
| 3537 |
</td>
|
| 3538 |
</tr>
|
| 3539 |
</table>
|
admin/security-log/security-log.php
CHANGED
|
@@ -12,7 +12,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
-
<div id="bps-container" class="wrap"
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
|
@@ -21,29 +21,20 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-SecLog-Search'] ) || isset( $_GET['settings-updated'] ) &&
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
| 31 |
-
|
| 32 |
-
echo '<div class="bps-star-container">';
|
| 33 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 34 |
-
echo '<div class="bps-downloaded">';
|
| 35 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 36 |
-
echo '</div>';
|
| 37 |
-
echo '</div>';
|
| 38 |
-
?>
|
| 39 |
-
|
| 40 |
-
<h2 class="bps-tab-title"><?php _e('BulletProof Security ~ Security Log', 'bulletproof-security'); ?></h2>
|
| 41 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 42 |
|
| 43 |
<?php
|
| 44 |
// General all purpose "Settings Saved." message for forms
|
| 45 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 46 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 47 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 48 |
echo $text;
|
| 49 |
}
|
|
@@ -66,22 +57,23 @@ if ( isset( $_POST['Submit-Error-Log-Off'] ) && current_user_can('manage_options
|
|
| 66 |
|
| 67 |
$AutoLockoptions = get_option('bulletproof_security_options_autolock');
|
| 68 |
$filename = ABSPATH . '.htaccess';
|
| 69 |
-
$permsHtaccess =
|
| 70 |
$sapi_type = php_sapi_name();
|
| 71 |
$stringReplace = file_get_contents($filename);
|
| 72 |
$pattern1 = '/#{1,}(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 73 |
$pattern2 = '/(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 74 |
-
$bps_get_wp_root_secure = bps_wp_get_root_folder();
|
|
|
|
| 75 |
|
| 76 |
// need to get the $lock value first because permissions are cached
|
| 77 |
-
if ( file_exists($filename) &&
|
| 78 |
$lock = '0404';
|
| 79 |
}
|
| 80 |
|
| 81 |
if ( file_exists($filename) && preg_match($pattern1, $stringReplace, $matches) ) {
|
| 82 |
|
| 83 |
-
if (
|
| 84 |
-
|
| 85 |
}
|
| 86 |
|
| 87 |
$stringReplace = preg_replace('/#{1,}(\s|){1,}ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "#ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\n#ErrorDocument 401 default\n#ErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\n#ErrorDocument 404 $bps_get_wp_root_secure"."404.php\n#ErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\n#ErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
|
@@ -94,16 +86,16 @@ if ( isset( $_POST['Submit-Error-Log-Off'] ) && current_user_can('manage_options
|
|
| 94 |
|
| 95 |
} else {
|
| 96 |
|
| 97 |
-
if (
|
| 98 |
-
|
| 99 |
}
|
| 100 |
}
|
| 101 |
}
|
| 102 |
|
| 103 |
if ( file_exists($filename) && preg_match($pattern2, $stringReplace, $matches) ) {
|
| 104 |
|
| 105 |
-
if (
|
| 106 |
-
|
| 107 |
}
|
| 108 |
|
| 109 |
$stringReplace = preg_replace('/ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "#ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\n#ErrorDocument 401 default\n#ErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\n#ErrorDocument 404 $bps_get_wp_root_secure"."404.php\n#ErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\n#ErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
|
@@ -116,8 +108,8 @@ if ( isset( $_POST['Submit-Error-Log-Off'] ) && current_user_can('manage_options
|
|
| 116 |
|
| 117 |
} else {
|
| 118 |
|
| 119 |
-
if (
|
| 120 |
-
|
| 121 |
}
|
| 122 |
|
| 123 |
echo $bps_topDiv;
|
|
@@ -134,16 +126,17 @@ if ( isset( $_POST['Submit-Error-Log-On'] ) && current_user_can('manage_options'
|
|
| 134 |
|
| 135 |
$AutoLockoptions = get_option('bulletproof_security_options_autolock');
|
| 136 |
$filename = ABSPATH . '.htaccess';
|
| 137 |
-
$permsHtaccess =
|
| 138 |
$sapi_type = php_sapi_name();
|
| 139 |
$stringReplace = file_get_contents($filename);
|
| 140 |
$pattern1 = '/#{1,}(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 141 |
$pattern2 = '/(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 142 |
$bps_get_wp_root_secure = bps_wp_get_root_folder();
|
| 143 |
$htaccessARQ = WP_CONTENT_DIR . '/bps-backup/autorestore/root-files/auto_.htaccess';
|
| 144 |
-
|
|
|
|
| 145 |
// need to get the $lock value first because permissions are cached
|
| 146 |
-
if ( file_exists($filename) &&
|
| 147 |
$lock = '0404';
|
| 148 |
}
|
| 149 |
|
|
@@ -151,8 +144,8 @@ if ( isset( $_POST['Submit-Error-Log-On'] ) && current_user_can('manage_options'
|
|
| 151 |
// Create a new ErrorDocument .htaccess block of code with all ErrorDocument directives uncommented
|
| 152 |
if ( file_exists($filename) && preg_match($pattern1, $stringReplace, $matches) ) {
|
| 153 |
|
| 154 |
-
if (
|
| 155 |
-
|
| 156 |
}
|
| 157 |
|
| 158 |
$stringReplace = preg_replace('/ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\nErrorDocument 401 default\nErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\nErrorDocument 404 $bps_get_wp_root_secure"."404.php\nErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\nErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
|
@@ -165,8 +158,8 @@ if ( isset( $_POST['Submit-Error-Log-On'] ) && current_user_can('manage_options'
|
|
| 165 |
|
| 166 |
} else {
|
| 167 |
|
| 168 |
-
if (
|
| 169 |
-
|
| 170 |
}
|
| 171 |
|
| 172 |
echo $bps_topDiv;
|
|
@@ -178,8 +171,8 @@ if ( isset( $_POST['Submit-Error-Log-On'] ) && current_user_can('manage_options'
|
|
| 178 |
|
| 179 |
if ( file_exists($filename) && preg_match($pattern2, $stringReplace, $matches) ) {
|
| 180 |
|
| 181 |
-
if (
|
| 182 |
-
|
| 183 |
}
|
| 184 |
|
| 185 |
$stringReplace = preg_replace('/#{1,}(\s|){1,}ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\nErrorDocument 401 default\nErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\nErrorDocument 404 $bps_get_wp_root_secure"."404.php\nErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\nErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
|
@@ -192,8 +185,8 @@ if ( isset( $_POST['Submit-Error-Log-On'] ) && current_user_can('manage_options'
|
|
| 192 |
|
| 193 |
} else {
|
| 194 |
|
| 195 |
-
if (
|
| 196 |
-
|
| 197 |
}
|
| 198 |
}
|
| 199 |
}
|
|
@@ -214,20 +207,23 @@ if ( isset( $_POST['Submit-Error-Log-On'] ) && current_user_can('manage_options'
|
|
| 214 |
|
| 215 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 216 |
<tr>
|
| 217 |
-
<td class="bps-table_title">
|
| 218 |
-
<?php $text = '<h2>'.__('Security Log ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Logs Blocked Hackers & Spammers ~ HTTP 400, 403, 404, 405 & 410 Logging ~ Troubleshooting Tool', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 219 |
-
</td>
|
| 220 |
</tr>
|
| 221 |
<tr>
|
| 222 |
<td class="bps-table_cell_help">
|
| 223 |
|
| 224 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Security Log', 'bulletproof-security'); ?> <button id="bps-open-modal9" class="button bps-modal-button"
|
|
|
|
| 225 |
|
| 226 |
<div id="bps-modal-content9" class="bps-dialog-hide" title="<?php _e('Security Log', 'bulletproof-security'); ?>">
|
| 227 |
<p>
|
| 228 |
<?php
|
| 229 |
-
$text = '<strong>'.__('This
|
| 230 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 231 |
// Forum Help Links or of course both
|
| 232 |
$text = '<strong><font color="blue">'.__('Forum Help Links & Bonus Custom Code: ', 'bulletproof-security').'</font></strong><br>';
|
| 233 |
echo $text;
|
|
@@ -235,7 +231,7 @@ if ( isset( $_POST['Submit-Error-Log-On'] ) && current_user_can('manage_options'
|
|
| 235 |
<strong><a href="https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting" title="BPS Troubleshooting Steps" target="_blank"><?php _e('BPS Troubleshooting Steps', 'bulletproof-security'); ?></a></strong><br />
|
| 236 |
<strong><a href="https://forum.ait-pro.com/forums/topic/post-request-protection-post-attack-protection-post-request-blocker/" title="POST Request Attack Protection Bonus Custom Code" target="_blank"><?php _e('POST Request Attack Protection', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 237 |
|
| 238 |
-
<?php $text = '<strong>'.__('Security Log General Information', 'bulletproof-security').'</strong><br>'.__('To view your Security Log click the View Log button. Your Security Log file is a plain text static file and not a dynamic file or dynamic display to keep your website resource usage at a bare minimum and keep your website performance at a maximum. Log entries are logged in descending order by Date and Time. You can copy, edit and delete this plain text file.', 'bulletproof-security').'<br><br><strong>'.__('Note: ', 'bulletproof-security').'</strong>'.__('Security Log Email Alert and Log file option settings are on the Email|Log Settings page.', 'bulletproof-security').'<strong><br><br>'.__('NOTE: ', 'bulletproof-security').'</strong>'.__('If a particular User Agent|Bot is generating excessive log entries you can add it to Add User Agents|Bots to Ignore|Not Log tool and that User Agent|Bot will no longer be logged. See the Ignoring|Not Logging User Agents|Bots help section.', 'bulletproof-security').'<strong><br><br>'.__('NOTE: ', 'bulletproof-security').'</strong>'.__('BPS logs all 403 errors, but a 403 error may not necessarily be caused by BPS. Use the troubleshooting steps in the BPS Troubleshooting Steps link at the top of this Read Me help window to confirm or eliminate that the 403 error is being caused by BPS.', 'bulletproof-security').'<br><br>'.__('The Security Log logs 400, 403, 405 and 410 HTTP Response Status Codes by default. You can also log 404 HTTP Response Status Codes by opening this BPS 404 Template file - /bulletproof-security/404.php and copying the logging code into your Theme\'s 404 Template file. When you open the BPS Pro 404.php file you will see simple instructions on how to add the 404 logging code to your Theme\'s 404 Template file. The Security Log also logs other events. See the ', 'bulletproof-security').'<strong>'.__('Total # of Security Log Entries by Type', 'bulletproof-security').'</strong>'.__(' help section below for a complete list of BPS Security Log Entry Types.', 'bulletproof-security').'<br><br><strong>'.__('Total # of Security Log Entries by Type', 'bulletproof-security').'</strong><br>'.__('Displays the total number of each type of Security Log Entry in your Security Log file. The Total # of Security Log Entries by Type is also added to each Security Log file when it is zipped and emailed to you and also added directly in the automated Security Log email. Complete list of BPS Security Log Entry Types: 400 POST Bad Request, 400 GET Bad Request, 403 GET Request, 403 POST Request, 404 GET Not Found Request, 404 POST Not Found Request, 405 HEAD Request, 410 Gone POST Request, 410 Gone GET Request, Idle Session Logout, Maintenance Mode - Visitor Logged. BPS has a total of 11 Security Log Entry Types. BPS Pro has a total of 27 Security Log Entry Types.', 'bulletproof-security').'<br><br><strong>'.__('HTTP Response Status Codes', 'bulletproof-security').'</strong><br>'.__('400 Bad Request - The request could not be understood by the server due to malformed syntax.', 'bulletproof-security').'<br><br>'.__('403 Forbidden - The Server understood the request, but is refusing to fulfill it.', 'bulletproof-security').'<br><br>'.__('404 Not Found - The Server has not found anything matching the Request-URI|URL. No indication is given of whether the condition is temporary or permanent.', 'bulletproof-security').'<br><br>'.__('405 Method Not Allowed - The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource. BPS blocks HEAD Requests using a 405 ErrorDocument Redirect. The BPS 405 Template has an Allow header field for the GET, POST and PUT HTTP Methods.', 'bulletproof-security').'<br><br>'.__('410 Gone - The requested resource is no longer available at the Server/site and no forwarding address is known. This condition is expected to be considered permanent.', 'bulletproof-security').'<br><br><strong>'.__('Security Log File Size', 'bulletproof-security').'</strong><br>'.__('Displays the size of your Security Log file. 500KB is the optimum recommended log file size setting that you should choose for your log file to be automatically zipped, emailed and replaced with a new blank Security Log file.', 'bulletproof-security').'<br><br><strong>'.__('Security Log Status:', 'bulletproof-security').'</strong><br>'.__('Displays either Logging is Turned On or Logging is Turned Off.', 'bulletproof-security').'<br><br><strong>'.__('Security Log Last Modified Time:', 'bulletproof-security').'</strong><br>'.__('Displays the last time a Security Log entry was logged.', 'bulletproof-security').'<br><br><strong>'.__('Turn Off Logging', 'bulletproof-security').'</strong><br>'.__('Turns Off HTTP 400, 403, 404, 405 & 410 Security Logging.', 'bulletproof-security').'<br><br><strong>'.__('Turn On Logging', 'bulletproof-security').'</strong><br>'.__('Turns On HTTP 400, 403, 404, 405 & 410 Security Logging.', 'bulletproof-security').'<br><br><strong>'.__('Delete Log Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Delete Log button will delete the entire contents of your Security Log File.', 'bulletproof-security').'<br><br><strong>'.__('POST Request Body Data', 'bulletproof-security').'</strong><br>'.__('The POST Request Body Data option settings only affect the REQUEST BODY Security Log field in your Security Log entries when a POST Request is blocked and logged by BPS. To capture/log all POST Request Attacks against your website you will need to add the POST Request Attack Protection Bonus Custom Code. A link to that Bonus Custom Code is at the top of this Read Me help window. If you do not want to add the Bonus Custom Code then some, but not all POST Request Attacks will be captured/logged in the Security Log.', 'bulletproof-security').'<br><br>'.__('The default POST Request Body Data option setting is "Do Not Log POST Request Body Data (0KB)", which means do not capture/log the POST Request data that was sent in the attack. You will see this text in the REQUEST BODY Security Log entry field: "REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data" instead of the actual POST Request Body data used in the attack on your website. The reason the default setting is set to: "Do Not Log POST Request Body Data (0KB)" is because some web hosts falsely interpret the BPS Security Log text file as malicious since hacker code used to attack your website can be captured/logged in the Security Log text file if you are using the "Log Minimum..." or "Log Maximum..." POST Request Body Data option settings.', 'bulletproof-security').'<br><br>'.__('The "Log Minimum POST Request Body Data (5KB)" option setting will capture/log the first 500 characters or 5KB of hacker code used to attack your website in a POST Request attack and log that hacker code in the REQUEST BODY Security Log entry field. The "Log Maximum POST Request Body Data (250KB)" option setting will capture/log the first 250000 characters or roughly 250KB of hacker code used to attack your website in a POST Request attack and log that hacker code in the REQUEST BODY Security Log entry field. Hacker scripts typically range in size from 20KB to 100KB on average.', 'bulletproof-security').'<br><br><strong>'.__('Important Notes: ', 'bulletproof-security').'</strong>'.__('If you are using email security protection on your computer then your automatically zipped and emailed BPS Security Log files may be seen as containing a virus (hacker script/code) and they could be automatically deleted by your email protection application on your computer. Your computer security protection software may also see the Security Log file as malicious and block it. If your web host falsely sees the BPS Security Log file as a malicious hacker file then you will need to change your POST Request Body Data option setting and use the "Do Not Log POST Request Body Data (0KB)" option setting instead.', 'bulletproof-security').'<br><br><strong>'.__('Ignoring|Not Logging User Agents|Bots - Allowing|Logging User Agents|Bots', 'bulletproof-security').'</strong><br>'.__('Adding or Removing User Agents|Bots adds or removes User Agents|Bots to your Database and also writes new code to the 403.php Security Logging template. The 403.php Security Logging file is where the check occurs whether or not to log or not log a User Agent|Bot. It would be foolish and costly to website performance to have your WordPress database handle the task/function/burden of checking which User Agents|Bots to log or not log. WordPress database queries are the most resource draining function of a WordPress website. The more database queries that are happening at the same time on your website the slower your website will perform and load. For this reason the Security Logging check is done from code in the 403.php Security Logging file.', 'bulletproof-security').'<br><br>'.__('If a particular User Agent|Bot is being logged excessively in your Security Log file you can Ignore|Not Log that particular User Agent|Bot based on the HTTP_USER_AGENT string in your Security Log. Example User Agent strings: Mozilla/5.0 (compatible; 008/0.85; http://www.80legs.com/webcrawler.html) Gecko/2008032620 and facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php). You could enter 008 or 80legs or webcrawler to Ignore|Not Log the 80legs User Agent|Bot. You could enter facebookexternalhit or facebook or externalhit_uatext to Ignore|Not Log the facebook User Agent|Bot.', 'bulletproof-security').'<br><br><strong>'.__('Add User Agents|Bots to Ignore|Not Log', 'bulletproof-security').'</strong><br>'.__('Add the User Agent|Bot names you would like to Ignore|Not Log in your Security Log. These code characters are not allowed to be used: ', 'bulletproof-security').'/ | < > \' "<br><br><strong>'.__('Removing User Agents|Bots to Allow|Log', 'bulletproof-security').'</strong><br>'.__('To search for ALL User Agents|Bots to remove/delete from your database leave the text box blank and click the Remove|Allow button. You will see a Dynamically generated Radio Button Form that will display the User Agents|Bots in the BPS User Agent|Bot database Table, Remove or Do Not Remove Radio buttons and the Timestamp when the User Agent|Bot was added to your DB. Select the Remove Radio buttons for the User Agents|Bots you want to remove/delete from your database and click the Remove button. Removing/deleting User Agents|Bots from your database means that you want to have these User Agents|Bots logged again in your Security Log.', 'bulletproof-security').'<br><br><strong>'.__('View Log', 'bulletproof-security').'</strong><br>'.__('In previous versions of BPS the Security Log was displayed open by default. The Security Log is now closed by default due to problems with ModSecurity CRS seeing the Security Log entries as malicious and blocking access to the Security Log page. If you are unable to open/view your Security Log file you can view your Security Log file by using FTP or your web host control panel file manager and opening the Security Log file located here ', 'bulletproof-security').'/'.$bps_wpcontent_dir.'/bps-backup/logs/http_error_log.txt. '.__('The new View Log feature also resolves another problem, which is if the Security Log file automation is not working due to WP Cron jobs being disabled on a website then the Security Log file will not be automatically zipped, emailed to you and replaced with a new blank log file at regular cron intervals by the Security Log file Cron job automation. If your Security Log file is extremely large and you are unable to open/view it then you can manually download a copy of the Security Log file using FTP or your web host control panel file manager and then delete it using the Delete Log button.', 'bulletproof-security'); echo $text; ?></p>
|
| 239 |
</div>
|
| 240 |
|
| 241 |
<?php
|
|
@@ -247,7 +243,7 @@ function bpsPro_SecLog_Entry_Counter() {
|
|
| 247 |
|
| 248 |
if ( file_exists($bpsProLog) ) {
|
| 249 |
|
| 250 |
-
$check_string =
|
| 251 |
|
| 252 |
// Only creates Total Log entry listings for Log Entry types that match.
|
| 253 |
// Leave all 27 BPS Pro Log Entry Types in case I add some more Log Entry Types in BPS free in the future. BPS free only has 11 total Log Entry Types.
|
|
@@ -284,11 +280,11 @@ echo '</div>';
|
|
| 284 |
function bps_getSecurityLogSize() {
|
| 285 |
$filename = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 286 |
|
| 287 |
-
if (
|
| 288 |
$logSize = filesize($filename);
|
| 289 |
|
| 290 |
if ( $logSize < 2097152 ) {
|
| 291 |
-
$text = '<span style="font-size:13px;"><strong>'. __('Security Log File Size: ', 'bulletproof-security').'<font color="#
|
| 292 |
echo $text;
|
| 293 |
} else {
|
| 294 |
$text = '<span style="font-size:13px;"><strong>'. __('Security Log File Size: ', 'bulletproof-security').'<font color="#fb0101">'. round($logSize / 1024, 2) .' KB<br>'.__('Your Security Log file is larger than 2MB. It appears that BPS is unable to automatically zip, email and delete your Security Log file.', 'bulletproof-security').'</font></strong><br>'.__('Check your Email Alerts & Log File Options.', 'bulletproof-security').'<br>'.__('You can manually delete the contents of this log file by clicking the Delete Log button.', 'bulletproof-security').'</span><br>';
|
|
@@ -305,10 +301,10 @@ $check_string = file_get_contents($filename);
|
|
| 305 |
$pattern = '/#{1,}(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 306 |
|
| 307 |
if ( file_exists($filename) && preg_match($pattern, $check_string, $matches) ) {
|
| 308 |
-
$text = '<span style="font-size:13px;"><strong>'.__('Security Log Status: ', 'bulletproof-security').'<font color="#
|
| 309 |
echo $text;
|
| 310 |
} else {
|
| 311 |
-
$text = '<span style="font-size:13px;"><strong>'.__('Security Log Status: ', 'bulletproof-security').'<font color="#
|
| 312 |
echo $text;
|
| 313 |
}
|
| 314 |
}
|
|
@@ -320,9 +316,9 @@ $filename = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
|
| 320 |
|
| 321 |
if ( file_exists($filename) ) {
|
| 322 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 323 |
-
$timestamp = date_i18n(get_option('date_format').' - '.get_option('time_format'),
|
| 324 |
|
| 325 |
-
$text = '<span style="font-size:13px;"><strong>'. __('Security Log Last Modified Time: ', 'bulletproof-security').'<font color="#
|
| 326 |
echo $text;
|
| 327 |
}
|
| 328 |
}
|
|
@@ -399,10 +395,10 @@ $search = '';
|
|
| 399 |
file_put_contents($userAgentMaster, $UserAgentRules);
|
| 400 |
}
|
| 401 |
|
| 402 |
-
$UserAgentRulesT =
|
| 403 |
-
$stringReplace =
|
| 404 |
|
| 405 |
-
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif (
|
| 406 |
|
| 407 |
if ( $userAgent != '' ) {
|
| 408 |
|
|
@@ -443,7 +439,7 @@ $search = '';
|
|
| 443 |
<form action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/security-log/security-log.php' ); ?>" method="post">
|
| 444 |
<?php wp_nonce_field('bulletproof_security_useragent_ignore'); ?>
|
| 445 |
<strong><label for="UA-ignore"><?php _e('Add User Agents|Bots to Ignore|Not Log', 'bulletproof-security'); ?></label></strong><br />
|
| 446 |
-
<strong><label for="UA-ignore"><?php _e('Click the
|
| 447 |
<input type="text" name="user-agent-ignore" class="regular-text-320" value="" />
|
| 448 |
<input type="submit" name="Submit-UserAgent-Ignore" value="<?php esc_attr_e('Add|Ignore', 'bulletproof-security') ?>" class="button bps-button" style="width:104px;height:auto;white-space:normal" onclick="return confirm('<?php $text = __('Clicking OK will Add the User Agent|Bot name you have entered to your DB and the 403.php Security Logging template.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Security logging checks are done by the 403.php Security Logging file and not by DB Queries.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('To remove User Agents|Bots from being ignored/not logged use the Remove|Allow tool.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')" />
|
| 449 |
</form>
|
|
@@ -508,7 +504,7 @@ if ( isset( $_POST['Submit-SecLog-Search'] ) && current_user_can('manage_options
|
|
| 508 |
$search = $_POST['userAgentSearchRemove'];
|
| 509 |
$bpspro_seclog_table = $wpdb->prefix . "bpspro_seclog_ignore";
|
| 510 |
$bps403File = WP_PLUGIN_DIR . '/bulletproof-security/403.php';
|
| 511 |
-
$stringReplace =
|
| 512 |
$searchAll = '';
|
| 513 |
|
| 514 |
if ( ! file_exists($bps403File) ) {
|
|
@@ -522,7 +518,7 @@ $searchAll = '';
|
|
| 522 |
|
| 523 |
if ( $wpdb->num_rows == 0 ) { // if no rows exist in DB add the BPSUserAgentPlaceHolder back into the 403.php security logging template
|
| 524 |
|
| 525 |
-
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif (
|
| 526 |
|
| 527 |
if ( ! file_put_contents($bps403File, $stringReplace) ) {
|
| 528 |
echo $bps_topDiv;
|
|
@@ -562,7 +558,7 @@ $searchALLD = '';
|
|
| 562 |
}
|
| 563 |
}
|
| 564 |
|
| 565 |
-
|
| 566 |
|
| 567 |
if ( ! empty($remove_rows) ) {
|
| 568 |
|
|
@@ -583,10 +579,10 @@ $searchALLD = '';
|
|
| 583 |
} // foreach ($remove_rows as $remove_row) {
|
| 584 |
|
| 585 |
// Important these variables MUST BE HERE inside the switch
|
| 586 |
-
$UserAgentRulesT =
|
| 587 |
-
$stringReplace =
|
| 588 |
|
| 589 |
-
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif (
|
| 590 |
|
| 591 |
if ( ! file_put_contents($bps403File, $stringReplace) ) {
|
| 592 |
echo $bps_topDiv;
|
|
@@ -596,11 +592,11 @@ $searchALLD = '';
|
|
| 596 |
|
| 597 |
} else {
|
| 598 |
// need to run the Query again just in case there are 0 DB rows
|
| 599 |
-
|
| 600 |
|
| 601 |
if ( $wpdb->num_rows == 0 ) { // if no rows exist in DB add the BPSUserAgentPlaceHolder back into the 403.php security logging template
|
| 602 |
|
| 603 |
-
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif (
|
| 604 |
file_put_contents($bps403File, $stringReplace);
|
| 605 |
}
|
| 606 |
|
|
@@ -640,7 +636,7 @@ echo '<div id="message" class="updated" style="background-color:#dfecf2;border:1
|
|
| 640 |
}
|
| 641 |
|
| 642 |
$bpspro_seclog_table = $wpdb->prefix . "bpspro_seclog_ignore";
|
| 643 |
-
$search = esc_html(
|
| 644 |
$getSecLogTableSearchForm = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $bpspro_seclog_table WHERE user_agent_bot LIKE %s", "%$search%") );
|
| 645 |
|
| 646 |
echo '<h3>'.__('Search Results For User Agents|Bots To Remove', 'bulletproof-security').'</h3>';
|
|
@@ -779,8 +775,9 @@ $scrolltoSecLog = isset($_REQUEST['scrolltoSecLog']) ? (int) $_REQUEST['scrollto
|
|
| 779 |
<div id="bpsSecLog">
|
| 780 |
<textarea class="bps-text-area-600x700" name="newcontentSecLog" id="newcontentSecLog" tabindex="1"><?php echo bps_get_security_log(); ?></textarea>
|
| 781 |
<input type="hidden" name="scrolltoSecLog" id="scrolltoSecLog" value="<?php echo esc_html( $scrolltoSecLog ); ?>" />
|
| 782 |
-
<
|
| 783 |
-
<input type="submit" name="submit-security-log" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>"
|
|
|
|
| 784 |
</div>
|
| 785 |
</form>
|
| 786 |
<script type="text/javascript">
|
|
@@ -803,13 +800,17 @@ jQuery(document).ready(function($){
|
|
| 803 |
|
| 804 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 805 |
<tr>
|
| 806 |
-
<td class="bps-table_title"
|
| 807 |
</tr>
|
| 808 |
<tr>
|
| 809 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 810 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 811 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 812 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 813 |
</td>
|
| 814 |
</tr>
|
| 815 |
</table>
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
+
<div id="bps-container" class="wrap">
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
| 21 |
|
| 22 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 23 |
|
| 24 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' && ! isset( $_POST['Submit-SecLog-Search'] ) || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 25 |
|
| 26 |
bpsPro_Browser_UA_scroll_animation();
|
| 27 |
}
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
| 31 |
+
<h2 class="bps-tab-title"><?php _e('Security Log', 'bulletproof-security'); ?></h2>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 32 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 33 |
|
| 34 |
<?php
|
| 35 |
// General all purpose "Settings Saved." message for forms
|
| 36 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 37 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 38 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 39 |
echo $text;
|
| 40 |
}
|
| 57 |
|
| 58 |
$AutoLockoptions = get_option('bulletproof_security_options_autolock');
|
| 59 |
$filename = ABSPATH . '.htaccess';
|
| 60 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($filename)), -4);
|
| 61 |
$sapi_type = php_sapi_name();
|
| 62 |
$stringReplace = file_get_contents($filename);
|
| 63 |
$pattern1 = '/#{1,}(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 64 |
$pattern2 = '/(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 65 |
+
$bps_get_wp_root_secure = bps_wp_get_root_folder();
|
| 66 |
+
$lock = '';
|
| 67 |
|
| 68 |
// need to get the $lock value first because permissions are cached
|
| 69 |
+
if ( file_exists($filename) && $permsHtaccess == '0404' ) {
|
| 70 |
$lock = '0404';
|
| 71 |
}
|
| 72 |
|
| 73 |
if ( file_exists($filename) && preg_match($pattern1, $stringReplace, $matches) ) {
|
| 74 |
|
| 75 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777' ) { // Windows IIS, XAMPP, etc
|
| 76 |
+
chmod($filename, 0644);
|
| 77 |
}
|
| 78 |
|
| 79 |
$stringReplace = preg_replace('/#{1,}(\s|){1,}ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "#ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\n#ErrorDocument 401 default\n#ErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\n#ErrorDocument 404 $bps_get_wp_root_secure"."404.php\n#ErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\n#ErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
| 86 |
|
| 87 |
} else {
|
| 88 |
|
| 89 |
+
if ( $lock == '0404' || $AutoLockoptions['bps_root_htaccess_autolock'] == 'On' ) {
|
| 90 |
+
chmod($filename, 0404);
|
| 91 |
}
|
| 92 |
}
|
| 93 |
}
|
| 94 |
|
| 95 |
if ( file_exists($filename) && preg_match($pattern2, $stringReplace, $matches) ) {
|
| 96 |
|
| 97 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777' ) { // Windows IIS, XAMPP, etc
|
| 98 |
+
chmod($filename, 0644);
|
| 99 |
}
|
| 100 |
|
| 101 |
$stringReplace = preg_replace('/ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "#ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\n#ErrorDocument 401 default\n#ErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\n#ErrorDocument 404 $bps_get_wp_root_secure"."404.php\n#ErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\n#ErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
| 108 |
|
| 109 |
} else {
|
| 110 |
|
| 111 |
+
if ( $lock == '0404' || $AutoLockoptions['bps_root_htaccess_autolock'] == 'On' ) {
|
| 112 |
+
chmod($filename, 0404);
|
| 113 |
}
|
| 114 |
|
| 115 |
echo $bps_topDiv;
|
| 126 |
|
| 127 |
$AutoLockoptions = get_option('bulletproof_security_options_autolock');
|
| 128 |
$filename = ABSPATH . '.htaccess';
|
| 129 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($filename)), -4);
|
| 130 |
$sapi_type = php_sapi_name();
|
| 131 |
$stringReplace = file_get_contents($filename);
|
| 132 |
$pattern1 = '/#{1,}(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 133 |
$pattern2 = '/(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 134 |
$bps_get_wp_root_secure = bps_wp_get_root_folder();
|
| 135 |
$htaccessARQ = WP_CONTENT_DIR . '/bps-backup/autorestore/root-files/auto_.htaccess';
|
| 136 |
+
$lock = '';
|
| 137 |
+
|
| 138 |
// need to get the $lock value first because permissions are cached
|
| 139 |
+
if ( file_exists($filename) && $permsHtaccess == '0404' ) {
|
| 140 |
$lock = '0404';
|
| 141 |
}
|
| 142 |
|
| 144 |
// Create a new ErrorDocument .htaccess block of code with all ErrorDocument directives uncommented
|
| 145 |
if ( file_exists($filename) && preg_match($pattern1, $stringReplace, $matches) ) {
|
| 146 |
|
| 147 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777' ) { // Windows IIS, XAMPP, etc
|
| 148 |
+
chmod($filename, 0644);
|
| 149 |
}
|
| 150 |
|
| 151 |
$stringReplace = preg_replace('/ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\nErrorDocument 401 default\nErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\nErrorDocument 404 $bps_get_wp_root_secure"."404.php\nErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\nErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
| 158 |
|
| 159 |
} else {
|
| 160 |
|
| 161 |
+
if ( $lock == '0404' || $AutoLockoptions['bps_root_htaccess_autolock'] == 'On' ) {
|
| 162 |
+
chmod($filename, 0404);
|
| 163 |
}
|
| 164 |
|
| 165 |
echo $bps_topDiv;
|
| 171 |
|
| 172 |
if ( file_exists($filename) && preg_match($pattern2, $stringReplace, $matches) ) {
|
| 173 |
|
| 174 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777' ) { // Windows IIS, XAMPP, etc
|
| 175 |
+
chmod($filename, 0644);
|
| 176 |
}
|
| 177 |
|
| 178 |
$stringReplace = preg_replace('/#{1,}(\s|){1,}ErrorDocument\s400(.*)ErrorDocument\s410\s(.*)\/410\.php/s', "ErrorDocument 400 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/400.php\nErrorDocument 401 default\nErrorDocument 403 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/403.php\nErrorDocument 404 $bps_get_wp_root_secure"."404.php\nErrorDocument 405 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/405.php\nErrorDocument 410 $bps_get_wp_root_secure"."$bps_plugin_dir/bulletproof-security/410.php", $stringReplace);
|
| 185 |
|
| 186 |
} else {
|
| 187 |
|
| 188 |
+
if ( $lock == '0404' || $AutoLockoptions['bps_root_htaccess_autolock'] == 'On' ) {
|
| 189 |
+
chmod($filename, 0404);
|
| 190 |
}
|
| 191 |
}
|
| 192 |
}
|
| 207 |
|
| 208 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 209 |
<tr>
|
| 210 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 211 |
</tr>
|
| 212 |
<tr>
|
| 213 |
<td class="bps-table_cell_help">
|
| 214 |
|
| 215 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('Security Log', 'bulletproof-security'); ?> <button id="bps-open-modal9" class="button bps-modal-button">
|
| 216 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 217 |
|
| 218 |
<div id="bps-modal-content9" class="bps-dialog-hide" title="<?php _e('Security Log', 'bulletproof-security'); ?>">
|
| 219 |
<p>
|
| 220 |
<?php
|
| 221 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 222 |
echo $text;
|
| 223 |
+
|
| 224 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 225 |
+
echo $bpsPro_text;
|
| 226 |
+
|
| 227 |
// Forum Help Links or of course both
|
| 228 |
$text = '<strong><font color="blue">'.__('Forum Help Links & Bonus Custom Code: ', 'bulletproof-security').'</font></strong><br>';
|
| 229 |
echo $text;
|
| 231 |
<strong><a href="https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting" title="BPS Troubleshooting Steps" target="_blank"><?php _e('BPS Troubleshooting Steps', 'bulletproof-security'); ?></a></strong><br />
|
| 232 |
<strong><a href="https://forum.ait-pro.com/forums/topic/post-request-protection-post-attack-protection-post-request-blocker/" title="POST Request Attack Protection Bonus Custom Code" target="_blank"><?php _e('POST Request Attack Protection', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 233 |
|
| 234 |
+
<?php $text = '<strong>'.__('Security Log General Information', 'bulletproof-security').'</strong><br>'.__('To view your Security Log click the View Log button. Your Security Log file is a plain text static file and not a dynamic file or dynamic display to keep your website resource usage at a bare minimum and keep your website performance at a maximum. Log entries are logged in descending order by Date and Time. You can copy, edit and delete this plain text file.', 'bulletproof-security').'<br><br><strong>'.__('Note: ', 'bulletproof-security').'</strong>'.__('Security Log Email Alert and Log file option settings are on the Email|Log Settings page.', 'bulletproof-security').'<strong><br><br>'.__('NOTE: ', 'bulletproof-security').'</strong>'.__('If a particular User Agent|Bot is generating excessive log entries you can add it to Add User Agents|Bots to Ignore|Not Log tool and that User Agent|Bot will no longer be logged. See the Ignoring|Not Logging User Agents|Bots help section.', 'bulletproof-security').'<strong><br><br>'.__('NOTE: ', 'bulletproof-security').'</strong>'.__('BPS logs all 403 errors, but a 403 error may not necessarily be caused by BPS. Use the troubleshooting steps in the BPS Troubleshooting Steps link at the top of this Question Mark help window to confirm or eliminate that the 403 error is being caused by BPS.', 'bulletproof-security').'<br><br>'.__('The Security Log logs 400, 403, 405 and 410 HTTP Response Status Codes by default. You can also log 404 HTTP Response Status Codes by opening this BPS 404 Template file - /bulletproof-security/404.php and copying the logging code into your Theme\'s 404 Template file. When you open the BPS Pro 404.php file you will see simple instructions on how to add the 404 logging code to your Theme\'s 404 Template file. The Security Log also logs other events. See the ', 'bulletproof-security').'<strong>'.__('Total # of Security Log Entries by Type', 'bulletproof-security').'</strong>'.__(' help section below for a complete list of BPS Security Log Entry Types.', 'bulletproof-security').'<br><br><strong>'.__('Total # of Security Log Entries by Type', 'bulletproof-security').'</strong><br>'.__('Displays the total number of each type of Security Log Entry in your Security Log file. The Total # of Security Log Entries by Type is also added to each Security Log file when it is zipped and emailed to you and also added directly in the automated Security Log email. Complete list of BPS Security Log Entry Types: 400 POST Bad Request, 400 GET Bad Request, 403 GET Request, 403 POST Request, 404 GET Not Found Request, 404 POST Not Found Request, 405 HEAD Request, 410 Gone POST Request, 410 Gone GET Request, Idle Session Logout, Maintenance Mode - Visitor Logged. BPS has a total of 11 Security Log Entry Types. BPS Pro has a total of 27 Security Log Entry Types.', 'bulletproof-security').'<br><br><strong>'.__('HTTP Response Status Codes', 'bulletproof-security').'</strong><br>'.__('400 Bad Request - The request could not be understood by the server due to malformed syntax.', 'bulletproof-security').'<br><br>'.__('403 Forbidden - The Server understood the request, but is refusing to fulfill it.', 'bulletproof-security').'<br><br>'.__('404 Not Found - The Server has not found anything matching the Request-URI|URL. No indication is given of whether the condition is temporary or permanent.', 'bulletproof-security').'<br><br>'.__('405 Method Not Allowed - The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource. BPS blocks HEAD Requests using a 405 ErrorDocument Redirect. The BPS 405 Template has an Allow header field for the GET, POST and PUT HTTP Methods.', 'bulletproof-security').'<br><br>'.__('410 Gone - The requested resource is no longer available at the Server/site and no forwarding address is known. This condition is expected to be considered permanent.', 'bulletproof-security').'<br><br><strong>'.__('Security Log File Size', 'bulletproof-security').'</strong><br>'.__('Displays the size of your Security Log file. 500KB is the optimum recommended log file size setting that you should choose for your log file to be automatically zipped, emailed and replaced with a new blank Security Log file.', 'bulletproof-security').'<br><br><strong>'.__('Security Log Status:', 'bulletproof-security').'</strong><br>'.__('Displays either Logging is Turned On or Logging is Turned Off.', 'bulletproof-security').'<br><br><strong>'.__('Security Log Last Modified Time:', 'bulletproof-security').'</strong><br>'.__('Displays the last time a Security Log entry was logged.', 'bulletproof-security').'<br><br><strong>'.__('Turn Off Logging', 'bulletproof-security').'</strong><br>'.__('Turns Off HTTP 400, 403, 404, 405 & 410 Security Logging.', 'bulletproof-security').'<br><br><strong>'.__('Turn On Logging', 'bulletproof-security').'</strong><br>'.__('Turns On HTTP 400, 403, 404, 405 & 410 Security Logging.', 'bulletproof-security').'<br><br><strong>'.__('Delete Log Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Delete Log button will delete the entire contents of your Security Log File.', 'bulletproof-security').'<br><br><strong>'.__('POST Request Body Data', 'bulletproof-security').'</strong><br>'.__('The POST Request Body Data option settings only affect the REQUEST BODY Security Log field in your Security Log entries when a POST Request is blocked and logged by BPS. To capture/log all POST Request Attacks against your website you will need to add the POST Request Attack Protection Bonus Custom Code. A link to that Bonus Custom Code is at the top of this Question Mark help window. If you do not want to add the Bonus Custom Code then some, but not all POST Request Attacks will be captured/logged in the Security Log.', 'bulletproof-security').'<br><br>'.__('The default POST Request Body Data option setting is "Do Not Log POST Request Body Data (0KB)", which means do not capture/log the POST Request data that was sent in the attack. You will see this text in the REQUEST BODY Security Log entry field: "REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data" instead of the actual POST Request Body data used in the attack on your website. The reason the default setting is set to: "Do Not Log POST Request Body Data (0KB)" is because some web hosts falsely interpret the BPS Security Log text file as malicious since hacker code used to attack your website can be captured/logged in the Security Log text file if you are using the "Log Minimum..." or "Log Maximum..." POST Request Body Data option settings.', 'bulletproof-security').'<br><br>'.__('The "Log Minimum POST Request Body Data (5KB)" option setting will capture/log the first 500 characters or 5KB of hacker code used to attack your website in a POST Request attack and log that hacker code in the REQUEST BODY Security Log entry field. The "Log Maximum POST Request Body Data (250KB)" option setting will capture/log the first 250000 characters or roughly 250KB of hacker code used to attack your website in a POST Request attack and log that hacker code in the REQUEST BODY Security Log entry field. Hacker scripts typically range in size from 20KB to 100KB on average.', 'bulletproof-security').'<br><br><strong>'.__('Important Notes: ', 'bulletproof-security').'</strong>'.__('If you are using email security protection on your computer then your automatically zipped and emailed BPS Security Log files may be seen as containing a virus (hacker script/code) and they could be automatically deleted by your email protection application on your computer. Your computer security protection software may also see the Security Log file as malicious and block it. If your web host falsely sees the BPS Security Log file as a malicious hacker file then you will need to change your POST Request Body Data option setting and use the "Do Not Log POST Request Body Data (0KB)" option setting instead.', 'bulletproof-security').'<br><br><strong>'.__('Ignoring|Not Logging User Agents|Bots - Allowing|Logging User Agents|Bots', 'bulletproof-security').'</strong><br>'.__('Adding or Removing User Agents|Bots adds or removes User Agents|Bots to your Database and also writes new code to the 403.php Security Logging template. The 403.php Security Logging file is where the check occurs whether or not to log or not log a User Agent|Bot. It would be foolish and costly to website performance to have your WordPress database handle the task/function/burden of checking which User Agents|Bots to log or not log. WordPress database queries are the most resource draining function of a WordPress website. The more database queries that are happening at the same time on your website the slower your website will perform and load. For this reason the Security Logging check is done from code in the 403.php Security Logging file.', 'bulletproof-security').'<br><br>'.__('If a particular User Agent|Bot is being logged excessively in your Security Log file you can Ignore|Not Log that particular User Agent|Bot based on the HTTP_USER_AGENT string in your Security Log. Example User Agent strings: Mozilla/5.0 (compatible; 008/0.85; http://www.80legs.com/webcrawler.html) Gecko/2008032620 and facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php). You could enter 008 or 80legs or webcrawler to Ignore|Not Log the 80legs User Agent|Bot. You could enter facebookexternalhit or facebook or externalhit_uatext to Ignore|Not Log the facebook User Agent|Bot.', 'bulletproof-security').'<br><br><strong>'.__('Add User Agents|Bots to Ignore|Not Log', 'bulletproof-security').'</strong><br>'.__('Add the User Agent|Bot names you would like to Ignore|Not Log in your Security Log. These code characters are not allowed to be used: ', 'bulletproof-security').'/ | < > \' "<br><br><strong>'.__('Removing User Agents|Bots to Allow|Log', 'bulletproof-security').'</strong><br>'.__('To search for ALL User Agents|Bots to remove/delete from your database leave the text box blank and click the Remove|Allow button. You will see a Dynamically generated Radio Button Form that will display the User Agents|Bots in the BPS User Agent|Bot database Table, Remove or Do Not Remove Radio buttons and the Timestamp when the User Agent|Bot was added to your DB. Select the Remove Radio buttons for the User Agents|Bots you want to remove/delete from your database and click the Remove button. Removing/deleting User Agents|Bots from your database means that you want to have these User Agents|Bots logged again in your Security Log.', 'bulletproof-security').'<br><br><strong>'.__('View Log', 'bulletproof-security').'</strong><br>'.__('In previous versions of BPS the Security Log was displayed open by default. The Security Log is now closed by default due to problems with ModSecurity CRS seeing the Security Log entries as malicious and blocking access to the Security Log page. If you are unable to open/view your Security Log file you can view your Security Log file by using FTP or your web host control panel file manager and opening the Security Log file located here ', 'bulletproof-security').'/'.$bps_wpcontent_dir.'/bps-backup/logs/http_error_log.txt. '.__('The new View Log feature also resolves another problem, which is if the Security Log file automation is not working due to WP Cron jobs being disabled on a website then the Security Log file will not be automatically zipped, emailed to you and replaced with a new blank log file at regular cron intervals by the Security Log file Cron job automation. If your Security Log file is extremely large and you are unable to open/view it then you can manually download a copy of the Security Log file using FTP or your web host control panel file manager and then delete it using the Delete Log button.', 'bulletproof-security'); echo $text; ?></p>
|
| 235 |
</div>
|
| 236 |
|
| 237 |
<?php
|
| 243 |
|
| 244 |
if ( file_exists($bpsProLog) ) {
|
| 245 |
|
| 246 |
+
$check_string = file_get_contents($bpsProLog);
|
| 247 |
|
| 248 |
// Only creates Total Log entry listings for Log Entry types that match.
|
| 249 |
// Leave all 27 BPS Pro Log Entry Types in case I add some more Log Entry Types in BPS free in the future. BPS free only has 11 total Log Entry Types.
|
| 280 |
function bps_getSecurityLogSize() {
|
| 281 |
$filename = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 282 |
|
| 283 |
+
if ( file_exists($filename) ) {
|
| 284 |
$logSize = filesize($filename);
|
| 285 |
|
| 286 |
if ( $logSize < 2097152 ) {
|
| 287 |
+
$text = '<span style="font-size:13px;"><strong>'. __('Security Log File Size: ', 'bulletproof-security').'<font color="#2271b1">'. round($logSize / 1024, 2) .' KB</font></strong></span><br>';
|
| 288 |
echo $text;
|
| 289 |
} else {
|
| 290 |
$text = '<span style="font-size:13px;"><strong>'. __('Security Log File Size: ', 'bulletproof-security').'<font color="#fb0101">'. round($logSize / 1024, 2) .' KB<br>'.__('Your Security Log file is larger than 2MB. It appears that BPS is unable to automatically zip, email and delete your Security Log file.', 'bulletproof-security').'</font></strong><br>'.__('Check your Email Alerts & Log File Options.', 'bulletproof-security').'<br>'.__('You can manually delete the contents of this log file by clicking the Delete Log button.', 'bulletproof-security').'</span><br>';
|
| 301 |
$pattern = '/#{1,}(\s|){1,}ErrorDocument\s403(.*)\/bulletproof-security\/403\.php/';
|
| 302 |
|
| 303 |
if ( file_exists($filename) && preg_match($pattern, $check_string, $matches) ) {
|
| 304 |
+
$text = '<span style="font-size:13px;"><strong>'.__('Security Log Status: ', 'bulletproof-security').'<font color="#2271b1">'.__('Logging is Turned Off', 'bulletproof-security').'</font></strong></span><br>';
|
| 305 |
echo $text;
|
| 306 |
} else {
|
| 307 |
+
$text = '<span style="font-size:13px;"><strong>'.__('Security Log Status: ', 'bulletproof-security').'<font color="#2271b1">'.__('Logging is Turned On', 'bulletproof-security').'</font></strong></span><br>';
|
| 308 |
echo $text;
|
| 309 |
}
|
| 310 |
}
|
| 316 |
|
| 317 |
if ( file_exists($filename) ) {
|
| 318 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 319 |
+
$timestamp = date_i18n(get_option('date_format').' - '.get_option('time_format'), filemtime($filename) + $gmt_offset);
|
| 320 |
|
| 321 |
+
$text = '<span style="font-size:13px;"><strong>'. __('Security Log Last Modified Time: ', 'bulletproof-security').'<font color="#2271b1">'.$timestamp.'</font></strong></span><br><br>';
|
| 322 |
echo $text;
|
| 323 |
}
|
| 324 |
}
|
| 395 |
file_put_contents($userAgentMaster, $UserAgentRules);
|
| 396 |
}
|
| 397 |
|
| 398 |
+
$UserAgentRulesT = file_get_contents($userAgentMaster);
|
| 399 |
+
$stringReplace = file_get_contents($bps403File);
|
| 400 |
|
| 401 |
+
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif ( !preg_match('/".trim($UserAgentRulesT, "|")."/', \$_SERVER['HTTP_USER_AGENT']) ) {\n# END USERAGENT FILTER", $stringReplace);
|
| 402 |
|
| 403 |
if ( $userAgent != '' ) {
|
| 404 |
|
| 439 |
<form action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/security-log/security-log.php' ); ?>" method="post">
|
| 440 |
<?php wp_nonce_field('bulletproof_security_useragent_ignore'); ?>
|
| 441 |
<strong><label for="UA-ignore"><?php _e('Add User Agents|Bots to Ignore|Not Log', 'bulletproof-security'); ?></label></strong><br />
|
| 442 |
+
<strong><label for="UA-ignore"><?php _e('Click the Question Mark Help button for examples', 'bulletproof-security'); ?></label></strong><br />
|
| 443 |
<input type="text" name="user-agent-ignore" class="regular-text-320" value="" />
|
| 444 |
<input type="submit" name="Submit-UserAgent-Ignore" value="<?php esc_attr_e('Add|Ignore', 'bulletproof-security') ?>" class="button bps-button" style="width:104px;height:auto;white-space:normal" onclick="return confirm('<?php $text = __('Clicking OK will Add the User Agent|Bot name you have entered to your DB and the 403.php Security Logging template.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Security logging checks are done by the 403.php Security Logging file and not by DB Queries.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('To remove User Agents|Bots from being ignored/not logged use the Remove|Allow tool.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')" />
|
| 445 |
</form>
|
| 504 |
$search = $_POST['userAgentSearchRemove'];
|
| 505 |
$bpspro_seclog_table = $wpdb->prefix . "bpspro_seclog_ignore";
|
| 506 |
$bps403File = WP_PLUGIN_DIR . '/bulletproof-security/403.php';
|
| 507 |
+
$stringReplace = file_get_contents($bps403File);
|
| 508 |
$searchAll = '';
|
| 509 |
|
| 510 |
if ( ! file_exists($bps403File) ) {
|
| 518 |
|
| 519 |
if ( $wpdb->num_rows == 0 ) { // if no rows exist in DB add the BPSUserAgentPlaceHolder back into the 403.php security logging template
|
| 520 |
|
| 521 |
+
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif ( !preg_match('/BPSUserAgentPlaceHolder/', \$_SERVER['HTTP_USER_AGENT']) ) {\n# END USERAGENT FILTER", $stringReplace);
|
| 522 |
|
| 523 |
if ( ! file_put_contents($bps403File, $stringReplace) ) {
|
| 524 |
echo $bps_topDiv;
|
| 558 |
}
|
| 559 |
}
|
| 560 |
|
| 561 |
+
$donotremove = substr($donotremove, 2);
|
| 562 |
|
| 563 |
if ( ! empty($remove_rows) ) {
|
| 564 |
|
| 579 |
} // foreach ($remove_rows as $remove_row) {
|
| 580 |
|
| 581 |
// Important these variables MUST BE HERE inside the switch
|
| 582 |
+
$UserAgentRulesT = file_get_contents($userAgentMaster);
|
| 583 |
+
$stringReplace = file_get_contents($bps403File);
|
| 584 |
|
| 585 |
+
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif ( !preg_match('/".trim($UserAgentRulesT, "|")."/', \$_SERVER['HTTP_USER_AGENT']) ) {\n# END USERAGENT FILTER", $stringReplace);
|
| 586 |
|
| 587 |
if ( ! file_put_contents($bps403File, $stringReplace) ) {
|
| 588 |
echo $bps_topDiv;
|
| 592 |
|
| 593 |
} else {
|
| 594 |
// need to run the Query again just in case there are 0 DB rows
|
| 595 |
+
$getSecLogTableRemove = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $bpspro_seclog_table WHERE user_agent_bot LIKE %s", "%$searchAll%" ) );
|
| 596 |
|
| 597 |
if ( $wpdb->num_rows == 0 ) { // if no rows exist in DB add the BPSUserAgentPlaceHolder back into the 403.php security logging template
|
| 598 |
|
| 599 |
+
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif ( !preg_match('/BPSUserAgentPlaceHolder/', \$_SERVER['HTTP_USER_AGENT']) ) {\n# END USERAGENT FILTER", $stringReplace);
|
| 600 |
file_put_contents($bps403File, $stringReplace);
|
| 601 |
}
|
| 602 |
|
| 636 |
}
|
| 637 |
|
| 638 |
$bpspro_seclog_table = $wpdb->prefix . "bpspro_seclog_ignore";
|
| 639 |
+
$search = esc_html( $_POST['userAgentSearchRemove'] );
|
| 640 |
$getSecLogTableSearchForm = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $bpspro_seclog_table WHERE user_agent_bot LIKE %s", "%$search%") );
|
| 641 |
|
| 642 |
echo '<h3>'.__('Search Results For User Agents|Bots To Remove', 'bulletproof-security').'</h3>';
|
| 775 |
<div id="bpsSecLog">
|
| 776 |
<textarea class="bps-text-area-600x700" name="newcontentSecLog" id="newcontentSecLog" tabindex="1"><?php echo bps_get_security_log(); ?></textarea>
|
| 777 |
<input type="hidden" name="scrolltoSecLog" id="scrolltoSecLog" value="<?php echo esc_html( $scrolltoSecLog ); ?>" />
|
| 778 |
+
<div style="margin:10px 0px">
|
| 779 |
+
<input type="submit" name="submit-security-log" class="button bps-button" value="<?php esc_attr_e('Update File', 'bulletproof-security') ?>" />
|
| 780 |
+
</div>
|
| 781 |
</div>
|
| 782 |
</form>
|
| 783 |
<script type="text/javascript">
|
| 800 |
|
| 801 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 802 |
<tr>
|
| 803 |
+
<td class="bps-table_title"></td>
|
| 804 |
</tr>
|
| 805 |
<tr>
|
| 806 |
<td class="bps-table_cell_help_links">
|
| 807 |
+
|
| 808 |
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 809 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 810 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 811 |
+
|
| 812 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 813 |
+
|
| 814 |
</td>
|
| 815 |
</tr>
|
| 816 |
</table>
|
admin/system-info/system-info.php
CHANGED
|
@@ -12,7 +12,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
-
<div id="bps-container" class="wrap"
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
|
@@ -28,22 +28,13 @@ if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scr
|
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
| 31 |
-
|
| 32 |
-
echo '<div class="bps-star-container">';
|
| 33 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 34 |
-
echo '<div class="bps-downloaded">';
|
| 35 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 36 |
-
echo '</div>';
|
| 37 |
-
echo '</div>';
|
| 38 |
-
?>
|
| 39 |
-
|
| 40 |
-
<h2 class="bps-tab-title"><?php _e('BulletProof Security ~ System Information', 'bulletproof-security'); ?></h2>
|
| 41 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 42 |
|
| 43 |
<?php
|
| 44 |
// General all purpose "Settings Saved." message for forms
|
| 45 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 46 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 47 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 48 |
echo $text;
|
| 49 |
}
|
|
@@ -78,20 +69,25 @@ $bps_bottomDiv = '</p></div>';
|
|
| 78 |
|
| 79 |
<div id="SysInfoBorder">
|
| 80 |
|
| 81 |
-
<h3><?php _e('File|Folder Permissions & UID', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button"
|
|
|
|
| 82 |
|
| 83 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('File|Folder Permissions & UID', 'bulletproof-security'); ?>">
|
| 84 |
<p>
|
| 85 |
<?php
|
| 86 |
-
$text = '<strong>'.__('This
|
| 87 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 88 |
// Forum Help Links or of course both
|
| 89 |
-
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong>';
|
| 90 |
echo $text;
|
| 91 |
?>
|
| 92 |
<strong><a href="https://forum.ait-pro.com/forums/topic/dso-setup-steps/" title="DSO Server Setup Steps" target="_blank"><?php _e('DSO Server Setup Steps', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 93 |
|
| 94 |
-
<?php $text = '<strong>'.__('File|Folder Diagnostic & Troubleshooting Info','bulletproof-security').'</strong><br>'.__('The file/folder permissions and UID checks are mainly for diagnostic troubleshooting so that you can check permissions or the UID of mission critical WP & BPS folders and files at a glance. There is some security benefit to changing file and folder permissions to more secure permissions, but this is not an essential or critical thing to do these days.', 'bulletproof-security').'<br><br><strong>'.__('Script Owner User ID (UID)|File Owner User ID','bulletproof-security').'</strong><br>'.__('Your Script Owner User ID (UID) and File Owner User ID should match. If they do not match for any folders then you will need to change the Owner of that folder so that both match. If you have a DSO server type see the DSO Server Setup Steps Forum Help Link at the top of this
|
| 95 |
</div>
|
| 96 |
</div>
|
| 97 |
|
|
@@ -105,9 +101,9 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 105 |
|
| 106 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-system_info_table">
|
| 107 |
<tr>
|
| 108 |
-
<td width="49%" class="bps-table_title"><?php _e('Website|Server|
|
| 109 |
<td width="2%"> </td>
|
| 110 |
-
<td width="49%" class="bps-table_title"><?php _e('
|
| 111 |
</tr>
|
| 112 |
<tr>
|
| 113 |
<td class="bps-table_cell">
|
|
@@ -140,14 +136,14 @@ if ( is_admin() && wp_script_is( 'bps-accordion', $list = 'queue' ) && current_u
|
|
| 140 |
$domain_labels = array( $matches_3[0] );
|
| 141 |
}
|
| 142 |
|
| 143 |
-
|
| 144 |
$labels = array_filter( $domain_labels, 'strlen' );
|
| 145 |
|
| 146 |
foreach ( $labels as $domain ) {
|
| 147 |
|
| 148 |
if ( filter_var( gethostbyname($domain), FILTER_VALIDATE_IP ) ) {
|
| 149 |
|
| 150 |
-
$bpsGetDNS =
|
| 151 |
|
| 152 |
if ( empty( $bpsGetDNS[0]['target'] ) ) {
|
| 153 |
|
|
@@ -195,7 +191,7 @@ function bps_get_server_ip_address_sysinfo() {
|
|
| 195 |
$ip = esc_html( gethostbyname( $_SERVER['HTTP_HOST'] ) );
|
| 196 |
echo '<strong><span class="sysinfo-label-text">'.__('Server|Website IP Address: ', 'bulletproof-security').'</span></strong>'.$ip.'<br>';
|
| 197 |
} else {
|
| 198 |
-
$ip =
|
| 199 |
echo '<strong><span class="sysinfo-label-text">'.__('Server|Website IP Address: ', 'bulletproof-security').'</span></strong>'.$ip[0]['ip'].'<br>';
|
| 200 |
}
|
| 201 |
}
|
|
@@ -364,7 +360,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 364 |
bps_get_server_ip_address_sysinfo();
|
| 365 |
echo '<strong><span class="sysinfo-label-text">'.__('Server Port', 'bulletproof-security').':</span></strong> ' . esc_html( $_SERVER['SERVER_PORT'] ) . '<br>';
|
| 366 |
echo '<strong><span class="sysinfo-label-text">'.__('Server Protocol', 'bulletproof-security').':</span></strong> ' . esc_html( $_SERVER['SERVER_PROTOCOL'] ) . '<br>';
|
| 367 |
-
echo '<strong><span class="sysinfo-label-text">'.__('Host by Address', 'bulletproof-security').':</span></strong> ' . esc_html(
|
| 368 |
echo '<strong><span class="sysinfo-label-text">'.__('DNS Name Server', 'bulletproof-security').':</span></strong> ';
|
| 369 |
|
| 370 |
if ( empty( $bpsTarget ) && empty( $bpsTargetNS ) ) {
|
|
@@ -386,7 +382,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 386 |
echo '<strong><span class="sysinfo-label-text">'.__('WP Filesystem API Method', 'bulletproof-security').':</span></strong> ' . get_filesystem_method() . '<br>';
|
| 387 |
if ( get_filesystem_method() != 'direct' && function_exists('getmyuid') && function_exists('fileowner') ) {
|
| 388 |
echo '<strong><span class="sysinfo-label-text">'.__('Script Owner ID', 'bulletproof-security').':</span></strong> ' . getmyuid() . '</strong><br>';
|
| 389 |
-
echo '<strong><span class="sysinfo-label-text">'.__('File Owner ID', 'bulletproof-security').':</span></strong> ' .
|
| 390 |
}
|
| 391 |
if ( get_filesystem_method() != 'direct' && function_exists('get_current_user') ) {
|
| 392 |
echo '<strong><span class="sysinfo-label-text">'.__('Script Owner Name', 'bulletproof-security').':</span></strong> ' . get_current_user() . '<br>';
|
|
@@ -394,7 +390,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 394 |
echo '<strong><span class="sysinfo-label-text">'.__('Server API', 'bulletproof-security').':</span></strong> ';
|
| 395 |
|
| 396 |
$sapi_type = php_sapi_name();
|
| 397 |
-
if (
|
| 398 |
echo $sapi_type.__(' CGI Host Server Type', 'bulletproof-security');
|
| 399 |
} else {
|
| 400 |
echo $sapi_type.__(' DSO Host Server Type', 'bulletproof-security');
|
|
@@ -537,7 +533,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 537 |
|
| 538 |
<?php
|
| 539 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 540 |
-
echo '<span class="sysinfo-label-text"><strong>'.__('
|
| 541 |
|
| 542 |
} else {
|
| 543 |
|
|
@@ -564,7 +560,8 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 564 |
}
|
| 565 |
}
|
| 566 |
|
| 567 |
-
$text = '<strong><span class="sysinfo-label-text">'.__('
|
|
|
|
| 568 |
echo $text;
|
| 569 |
echo bps_wpdb_errors_off();
|
| 570 |
|
|
@@ -637,7 +634,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 637 |
|
| 638 |
?>
|
| 639 |
|
| 640 |
-
<h3><button id="bps-open-modal600" class="button bps-
|
| 641 |
|
| 642 |
<div id="bps-modal-content600" class="bps-dialog-hide" title="<?php _e('Get Plugins|Themes List', 'bulletproof-security'); ?>">
|
| 643 |
<p><?php $text = '<strong>'.__('This window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
|
@@ -757,7 +754,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 757 |
|
| 758 |
if ( function_exists('sys_get_temp_dir') ) {
|
| 759 |
$sys_get_temp_dir = sys_get_temp_dir();
|
| 760 |
-
if (
|
| 761 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Temp Dir: ', 'bulletproof-security').'</span></strong> ' . $sys_get_temp_dir . '<br>';
|
| 762 |
} else {
|
| 763 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Temp Dir: ', 'bulletproof-security').'</span></strong> ' .__('Not set/defined or directory is not writable', 'bulletproof-security'). '<br>';
|
|
@@ -768,7 +765,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 768 |
// Must be writable by whatever user PHP is running as. If not specified PHP will use the system's default.
|
| 769 |
// WP will use sys_get_temp_dir() for the temporary uploads folder.
|
| 770 |
$upload_tmp_dir = ini_get('upload_tmp_dir');
|
| 771 |
-
if (
|
| 772 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Upload Temp Dir: ', 'bulletproof-security').'</span></strong> ' . $upload_tmp_dir . '<br>';
|
| 773 |
} else {
|
| 774 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Upload Temp Dir: ', 'bulletproof-security').'</span></strong> ' .__('Not set/defined or directory is not writable', 'bulletproof-security'). '<br>';
|
|
@@ -776,7 +773,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 776 |
|
| 777 |
// Current directory used to save session data.
|
| 778 |
$session_save_path = ini_get('session.save_path');
|
| 779 |
-
if (
|
| 780 |
echo '<strong><span class="sysinfo-label-text">'.__('Session Save Path: ', 'bulletproof-security').'</span></strong> ' . $session_save_path . '<br>';
|
| 781 |
} else {
|
| 782 |
echo '<strong><span class="sysinfo-label-text">'.__('Session Save Path: ', 'bulletproof-security').'</span></strong> ' .__('Not set/defined or directory is not writable', 'bulletproof-security'). '<br>';
|
|
@@ -951,7 +948,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 951 |
$db_backup = str_replace( array( '\\', '//'), "/", $bps_db_backup_folder );
|
| 952 |
$wpcontent_single_slash = str_replace( array( '\\', '//'), "/", WP_CONTENT_DIR );
|
| 953 |
|
| 954 |
-
if (
|
| 955 |
|
| 956 |
echo '<div style=\'padding:0px 0px 5px 5px;color:#000;\'><strong>'; _e('CGI File and Folder Permissions|Recommendations', 'bulletproof-security'); echo '</strong></div>';
|
| 957 |
echo '<table style="width:100%;color:#000;background-color:#A9F5A0;border-bottom:1px solid black;border-top:1px solid black;">';
|
|
@@ -1071,7 +1068,7 @@ function bpsPro_count_network_activated_plugins($count) {
|
|
| 1071 |
|
| 1072 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1073 |
<tr>
|
| 1074 |
-
<td class="bps-table_title"
|
| 1075 |
</tr>
|
| 1076 |
<tr>
|
| 1077 |
<td class="bps-table_cell_help">
|
|
@@ -1122,12 +1119,15 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 1122 |
<?php wp_nonce_field('bpsHeaderCheckGet'); ?>
|
| 1123 |
<div><label for="bpsHeaders"><strong><?php _e('Enter a Website URL - Example: ', 'bulletproof-security'); echo get_site_url(); ?></strong></label><br />
|
| 1124 |
<input type="text" name="bpsURLGET" class="form-300" value="" /> <br />
|
| 1125 |
-
<
|
| 1126 |
-
<input type="submit" name="Submit-Headers-Check-Get" class="button bps-button" value="<?php esc_attr_e('Check Headers GET Request', 'bulletproof-security') ?>" onclick="return confirm('<?php $text = __('This Headers check makes a GET Request using the WordPress wp_remote_get function.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('You can use the Check Headers HEAD Request tool to check headers using HEAD instead of GET.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')"
|
|
|
|
| 1127 |
</div>
|
| 1128 |
<?php bps_sysinfo_get_headers_get(); ?>
|
| 1129 |
</form>
|
| 1130 |
|
|
|
|
|
|
|
| 1131 |
</td>
|
| 1132 |
</tr>
|
| 1133 |
</table>
|
|
@@ -1138,12 +1138,17 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 1138 |
|
| 1139 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1140 |
<tr>
|
| 1141 |
-
<td class="bps-table_title"
|
| 1142 |
</tr>
|
| 1143 |
<tr>
|
| 1144 |
-
<td class="bps-table_cell_help_links"
|
|
|
|
|
|
|
| 1145 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 1146 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 1147 |
</td>
|
| 1148 |
</tr>
|
| 1149 |
</table>
|
| 12 |
#wpwrap{min-height:100.1%};
|
| 13 |
</style>
|
| 14 |
|
| 15 |
+
<div id="bps-container" class="wrap">
|
| 16 |
|
| 17 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 18 |
|
| 28 |
}
|
| 29 |
?>
|
| 30 |
|
| 31 |
+
<h2 class="bps-tab-title"><?php _e('System Info', 'bulletproof-security'); ?></h2>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 32 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 33 |
|
| 34 |
<?php
|
| 35 |
// General all purpose "Settings Saved." message for forms
|
| 36 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 37 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 38 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 39 |
echo $text;
|
| 40 |
}
|
| 69 |
|
| 70 |
<div id="SysInfoBorder">
|
| 71 |
|
| 72 |
+
<h3><?php _e('File|Folder Permissions & UID', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 73 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 74 |
|
| 75 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('File|Folder Permissions & UID', 'bulletproof-security'); ?>">
|
| 76 |
<p>
|
| 77 |
<?php
|
| 78 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 79 |
echo $text;
|
| 80 |
+
|
| 81 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 82 |
+
echo $bpsPro_text;
|
| 83 |
+
|
| 84 |
// Forum Help Links or of course both
|
| 85 |
+
$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 86 |
echo $text;
|
| 87 |
?>
|
| 88 |
<strong><a href="https://forum.ait-pro.com/forums/topic/dso-setup-steps/" title="DSO Server Setup Steps" target="_blank"><?php _e('DSO Server Setup Steps', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 89 |
|
| 90 |
+
<?php $text = '<strong>'.__('File|Folder Diagnostic & Troubleshooting Info','bulletproof-security').'</strong><br>'.__('The file/folder permissions and UID checks are mainly for diagnostic troubleshooting so that you can check permissions or the UID of mission critical WP & BPS folders and files at a glance. There is some security benefit to changing file and folder permissions to more secure permissions, but this is not an essential or critical thing to do these days.', 'bulletproof-security').'<br><br><strong>'.__('Script Owner User ID (UID)|File Owner User ID','bulletproof-security').'</strong><br>'.__('Your Script Owner User ID (UID) and File Owner User ID should match. If they do not match for any folders then you will need to change the Owner of that folder so that both match. If you have a DSO server type see the DSO Server Setup Steps Forum Help Link at the top of this Question Mark help window.', 'bulletproof-security').'<br><br><strong>'.__('CGI And DSO File And Folder Permission Recommendations','bulletproof-security').'</strong><br>'.__('If your Server API (SAPI) is CGI you will see a table displayed with recommendations for file and folder permissions for CGI. If your SAPI is DSO/Apache/mod_php you will see a table listing file and folder permission recommendations for DSO.', 'bulletproof-security').'<br><br>'.__('If your Host is using CGI, but they do not allow you to set your folder permissions more restrictive to 705 and file permissions more restrictive to 604 then most likely when you change your folder and file permissions they will automatically be changed back to 755 and 644 by your Host or you may see a 403 or 500 error and will need to change the folder permissions back to what they were before. CGI 705 folder permissions have been thoroughly tested with WordPress and no problems have been discovered with WP or with WP Plugins on several different Web Hosts, but all web hosts have different things that they specifically allow or do not allow.', 'bulletproof-security').'<br><br>'.__('Most Hosts now use 705 Root folder permissions. Your Host might not be doing this or allow this, but typically 755 is fine for your Root folder. CGI 604 file permissions have been thoroughly tested with WordPress and no problems have been discovered with WP or with WP Plugins.','bulletproof-security').'<br><br><strong>'.__('The /', 'bulletproof-security').$bps_wpcontent_dir.__('/bps-backup/ folder permission recommendation is 755 for CGI or DSO for compatibility reasons. The /bps-backup folder has a deny all htaccess file in it so that it cannot be accessed by anyone other than you so the folder permissions for this folder are irrelevant.','bulletproof-security').'</strong><br><br>'.__('Your current file and folder permissions are shown below with suggested/recommended file and folder permissions. ','bulletproof-security').'<strong>'.__('Not all web hosts will allow you to set your folder permissions to these Recommended folder permissions.', 'bulletproof-security').'</strong> '.__('If you see 500 errors after changing your folder permissions than change them back to what they were before.','bulletproof-security').'<br><br><strong>'.__('BPS Pro Video Tutorial links can be found in the Help & FAQ pages.','bulletproof-security').'</strong>'; echo $text; ?></p>
|
| 91 |
</div>
|
| 92 |
</div>
|
| 93 |
|
| 101 |
|
| 102 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-system_info_table">
|
| 103 |
<tr>
|
| 104 |
+
<td width="49%" class="bps-table_title"><?php _e('Website|Server Info|Apache Modules|Directives', 'bulletproof-security'); ?></td>
|
| 105 |
<td width="2%"> </td>
|
| 106 |
+
<td width="49%" class="bps-table_title"><?php _e('Database Info|WordPress Site Info|Misc Checks', 'bulletproof-security'); ?></td>
|
| 107 |
</tr>
|
| 108 |
<tr>
|
| 109 |
<td class="bps-table_cell">
|
| 136 |
$domain_labels = array( $matches_3[0] );
|
| 137 |
}
|
| 138 |
|
| 139 |
+
//$domain_labels = array( $matches_1[0], $matches_2[0], $matches_3[0] );
|
| 140 |
$labels = array_filter( $domain_labels, 'strlen' );
|
| 141 |
|
| 142 |
foreach ( $labels as $domain ) {
|
| 143 |
|
| 144 |
if ( filter_var( gethostbyname($domain), FILTER_VALIDATE_IP ) ) {
|
| 145 |
|
| 146 |
+
$bpsGetDNS = dns_get_record( $domain, DNS_NS );
|
| 147 |
|
| 148 |
if ( empty( $bpsGetDNS[0]['target'] ) ) {
|
| 149 |
|
| 191 |
$ip = esc_html( gethostbyname( $_SERVER['HTTP_HOST'] ) );
|
| 192 |
echo '<strong><span class="sysinfo-label-text">'.__('Server|Website IP Address: ', 'bulletproof-security').'</span></strong>'.$ip.'<br>';
|
| 193 |
} else {
|
| 194 |
+
$ip = dns_get_record( bpsGetDomainRoot(), DNS_ALL );
|
| 195 |
echo '<strong><span class="sysinfo-label-text">'.__('Server|Website IP Address: ', 'bulletproof-security').'</span></strong>'.$ip[0]['ip'].'<br>';
|
| 196 |
}
|
| 197 |
}
|
| 360 |
bps_get_server_ip_address_sysinfo();
|
| 361 |
echo '<strong><span class="sysinfo-label-text">'.__('Server Port', 'bulletproof-security').':</span></strong> ' . esc_html( $_SERVER['SERVER_PORT'] ) . '<br>';
|
| 362 |
echo '<strong><span class="sysinfo-label-text">'.__('Server Protocol', 'bulletproof-security').':</span></strong> ' . esc_html( $_SERVER['SERVER_PROTOCOL'] ) . '<br>';
|
| 363 |
+
echo '<strong><span class="sysinfo-label-text">'.__('Host by Address', 'bulletproof-security').':</span></strong> ' . esc_html( gethostbyaddr( $_SERVER['SERVER_ADDR'] ) ) . '<br>';
|
| 364 |
echo '<strong><span class="sysinfo-label-text">'.__('DNS Name Server', 'bulletproof-security').':</span></strong> ';
|
| 365 |
|
| 366 |
if ( empty( $bpsTarget ) && empty( $bpsTargetNS ) ) {
|
| 382 |
echo '<strong><span class="sysinfo-label-text">'.__('WP Filesystem API Method', 'bulletproof-security').':</span></strong> ' . get_filesystem_method() . '<br>';
|
| 383 |
if ( get_filesystem_method() != 'direct' && function_exists('getmyuid') && function_exists('fileowner') ) {
|
| 384 |
echo '<strong><span class="sysinfo-label-text">'.__('Script Owner ID', 'bulletproof-security').':</span></strong> ' . getmyuid() . '</strong><br>';
|
| 385 |
+
echo '<strong><span class="sysinfo-label-text">'.__('File Owner ID', 'bulletproof-security').':</span></strong> ' . fileowner( WP_PLUGIN_DIR . '/bulletproof-security/admin/system-info/system-info.php' ).'<br>';
|
| 386 |
}
|
| 387 |
if ( get_filesystem_method() != 'direct' && function_exists('get_current_user') ) {
|
| 388 |
echo '<strong><span class="sysinfo-label-text">'.__('Script Owner Name', 'bulletproof-security').':</span></strong> ' . get_current_user() . '<br>';
|
| 390 |
echo '<strong><span class="sysinfo-label-text">'.__('Server API', 'bulletproof-security').':</span></strong> ';
|
| 391 |
|
| 392 |
$sapi_type = php_sapi_name();
|
| 393 |
+
if ( substr( $sapi_type, 0, 6) != 'apache' ) {
|
| 394 |
echo $sapi_type.__(' CGI Host Server Type', 'bulletproof-security');
|
| 395 |
} else {
|
| 396 |
echo $sapi_type.__(' DSO Host Server Type', 'bulletproof-security');
|
| 533 |
|
| 534 |
<?php
|
| 535 |
if ( is_multisite() && $blog_id != 1 ) {
|
| 536 |
+
echo '<span class="sysinfo-label-text"><strong>'.__('DB Info is not displayed on Network/Multisite subsites', 'bulletproof-security').'</strong></span><br><br>';
|
| 537 |
|
| 538 |
} else {
|
| 539 |
|
| 560 |
}
|
| 561 |
}
|
| 562 |
|
| 563 |
+
$text = '<strong><span class="sysinfo-label-text">'.__('Database Server Version: ', 'bulletproof-security').'</span></strong>'.$sqlversion.'<br><strong><span class="sysinfo-label-text">'.__('Database Client Version: ', 'bulletproof-security').'</span></strong>'.bps_mysqli_get_client_info().'<br><strong><span class="sysinfo-label-text">'.__('Database Hostname: ', 'bulletproof-security').'</span></strong>'.DB_HOST.'<br><strong><span class="sysinfo-label-text">'.__('Database Name: ', 'bulletproof-security').'</span></strong>'.DB_NAME.'<br><strong><span class="sysinfo-label-text">'.__('DB Table Prefix: ', 'bulletproof-security').'</span></strong>'.$wpdb->base_prefix.'<br><strong><span class="sysinfo-label-text">'.__('DB Charset: ', 'bulletproof-security').'</span></strong>'.$wpdb->charset.'<br><strong><span class="sysinfo-label-text">'.__('DB Collation: ', 'bulletproof-security').'</span></strong>'.$wpdb->collate.'<br><strong><span class="sysinfo-label-text">'.__('SQL Mode: ', 'bulletproof-security').'</span></strong>'.$sql_mode.'<br>';
|
| 564 |
+
|
| 565 |
echo $text;
|
| 566 |
echo bps_wpdb_errors_off();
|
| 567 |
|
| 634 |
|
| 635 |
?>
|
| 636 |
|
| 637 |
+
<h3><button id="bps-open-modal600" class="button bps-encrypt-button"><?php _e('Get Plugins|Themes List', 'bulletproof-security'); ?></button></h3>
|
| 638 |
|
| 639 |
<div id="bps-modal-content600" class="bps-dialog-hide" title="<?php _e('Get Plugins|Themes List', 'bulletproof-security'); ?>">
|
| 640 |
<p><?php $text = '<strong>'.__('This window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 754 |
|
| 755 |
if ( function_exists('sys_get_temp_dir') ) {
|
| 756 |
$sys_get_temp_dir = sys_get_temp_dir();
|
| 757 |
+
if ( is_dir( $sys_get_temp_dir ) && wp_is_writable( $sys_get_temp_dir ) ) {
|
| 758 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Temp Dir: ', 'bulletproof-security').'</span></strong> ' . $sys_get_temp_dir . '<br>';
|
| 759 |
} else {
|
| 760 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Temp Dir: ', 'bulletproof-security').'</span></strong> ' .__('Not set/defined or directory is not writable', 'bulletproof-security'). '<br>';
|
| 765 |
// Must be writable by whatever user PHP is running as. If not specified PHP will use the system's default.
|
| 766 |
// WP will use sys_get_temp_dir() for the temporary uploads folder.
|
| 767 |
$upload_tmp_dir = ini_get('upload_tmp_dir');
|
| 768 |
+
if ( is_dir( $upload_tmp_dir ) && wp_is_writable( $upload_tmp_dir ) ) {
|
| 769 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Upload Temp Dir: ', 'bulletproof-security').'</span></strong> ' . $upload_tmp_dir . '<br>';
|
| 770 |
} else {
|
| 771 |
echo '<strong><span class="sysinfo-label-text">'.__('PHP Upload Temp Dir: ', 'bulletproof-security').'</span></strong> ' .__('Not set/defined or directory is not writable', 'bulletproof-security'). '<br>';
|
| 773 |
|
| 774 |
// Current directory used to save session data.
|
| 775 |
$session_save_path = ini_get('session.save_path');
|
| 776 |
+
if ( is_dir( $session_save_path ) && wp_is_writable( $session_save_path ) ) {
|
| 777 |
echo '<strong><span class="sysinfo-label-text">'.__('Session Save Path: ', 'bulletproof-security').'</span></strong> ' . $session_save_path . '<br>';
|
| 778 |
} else {
|
| 779 |
echo '<strong><span class="sysinfo-label-text">'.__('Session Save Path: ', 'bulletproof-security').'</span></strong> ' .__('Not set/defined or directory is not writable', 'bulletproof-security'). '<br>';
|
| 948 |
$db_backup = str_replace( array( '\\', '//'), "/", $bps_db_backup_folder );
|
| 949 |
$wpcontent_single_slash = str_replace( array( '\\', '//'), "/", WP_CONTENT_DIR );
|
| 950 |
|
| 951 |
+
if ( substr($sapi_type, 0, 6) != 'apache' ) {
|
| 952 |
|
| 953 |
echo '<div style=\'padding:0px 0px 5px 5px;color:#000;\'><strong>'; _e('CGI File and Folder Permissions|Recommendations', 'bulletproof-security'); echo '</strong></div>';
|
| 954 |
echo '<table style="width:100%;color:#000;background-color:#A9F5A0;border-bottom:1px solid black;border-top:1px solid black;">';
|
| 1068 |
|
| 1069 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1070 |
<tr>
|
| 1071 |
+
<td class="bps-table_title"></td>
|
| 1072 |
</tr>
|
| 1073 |
<tr>
|
| 1074 |
<td class="bps-table_cell_help">
|
| 1119 |
<?php wp_nonce_field('bpsHeaderCheckGet'); ?>
|
| 1120 |
<div><label for="bpsHeaders"><strong><?php _e('Enter a Website URL - Example: ', 'bulletproof-security'); echo get_site_url(); ?></strong></label><br />
|
| 1121 |
<input type="text" name="bpsURLGET" class="form-300" value="" /> <br />
|
| 1122 |
+
<div style="margin:10px 0px">
|
| 1123 |
+
<input type="submit" name="Submit-Headers-Check-Get" class="button bps-button" value="<?php esc_attr_e('Check Headers GET Request', 'bulletproof-security') ?>" onclick="return confirm('<?php $text = __('This Headers check makes a GET Request using the WordPress wp_remote_get function.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('You can use the Check Headers HEAD Request tool to check headers using HEAD instead of GET.', 'bulletproof-security').'\n\n'.$bpsSpacePop.'\n\n'.__('Click OK to proceed or click Cancel.', 'bulletproof-security'); echo $text; ?>')" />
|
| 1124 |
+
</div>
|
| 1125 |
</div>
|
| 1126 |
<?php bps_sysinfo_get_headers_get(); ?>
|
| 1127 |
</form>
|
| 1128 |
|
| 1129 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 1130 |
+
|
| 1131 |
</td>
|
| 1132 |
</tr>
|
| 1133 |
</table>
|
| 1138 |
|
| 1139 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1140 |
<tr>
|
| 1141 |
+
<td class="bps-table_title"></td>
|
| 1142 |
</tr>
|
| 1143 |
<tr>
|
| 1144 |
+
<td class="bps-table_cell_help_links">
|
| 1145 |
+
|
| 1146 |
+
<a href="https://forum.ait-pro.com/forums/topic/security-log-event-codes/" target="_blank"><?php _e('Security Log Event Codes', 'bulletproof-security'); ?></a><br /><br />
|
| 1147 |
<a href="https://www.ait-pro.com/aitpro-blog/category/bulletproof-security-contributors/" target="_blank"><?php _e('Contributors Page', 'bulletproof-security'); ?></a><br /><br />
|
| 1148 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 1149 |
+
|
| 1150 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 1151 |
+
|
| 1152 |
</td>
|
| 1153 |
</tr>
|
| 1154 |
</table>
|
admin/theme-skin/theme-skin.php
CHANGED
|
@@ -17,7 +17,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 17 |
#wpwrap{min-height:100.1%};
|
| 18 |
</style>
|
| 19 |
|
| 20 |
-
<div id="bps-container" class="wrap"
|
| 21 |
|
| 22 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 23 |
|
|
@@ -26,29 +26,20 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 26 |
|
| 27 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 28 |
|
| 29 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) &&
|
| 30 |
|
| 31 |
bpsPro_Browser_UA_scroll_animation();
|
| 32 |
}
|
| 33 |
}
|
| 34 |
?>
|
| 35 |
|
| 36 |
-
|
| 37 |
-
echo '<div class="bps-star-container">';
|
| 38 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 39 |
-
echo '<div class="bps-downloaded">';
|
| 40 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 41 |
-
echo '</div>';
|
| 42 |
-
echo '</div>';
|
| 43 |
-
?>
|
| 44 |
-
|
| 45 |
-
<h2 class="bps-tab-title"><?php _e('BulletProof Security ~ UI|UX Settings', 'bulletproof-security'); ?></h2>
|
| 46 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 47 |
|
| 48 |
<?php
|
| 49 |
// General all purpose "Settings Saved." message for forms
|
| 50 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 51 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 52 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 53 |
echo $text;
|
| 54 |
}
|
|
@@ -80,34 +71,23 @@ $bps_bottomDiv = '</p></div>';
|
|
| 80 |
|
| 81 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 82 |
<tr>
|
| 83 |
-
<td class="bps-table_title">
|
| 84 |
-
<?php $text = '<h2>'.__('UI|UX Settings ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Change UI|UX visual preferences & functionality', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 85 |
-
</td>
|
| 86 |
</tr>
|
| 87 |
<tr>
|
| 88 |
<td class="bps-table_cell_help">
|
| 89 |
|
| 90 |
-
<h3 style="margin:0px 0px 10px 0px;"><?php _e('UI|UX Settings', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button"
|
|
|
|
| 91 |
|
| 92 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('UI|UX Settings', 'bulletproof-security'); ?>">
|
| 93 |
-
<p><?php $text = '<strong>'.__('This
|
| 94 |
-
|
| 95 |
-
|
| 96 |
-
|
| 97 |
-
<
|
| 98 |
-
|
| 99 |
-
|
| 100 |
-
|
| 101 |
-
?>
|
| 102 |
-
|
| 103 |
-
<label for="UI-Skin"><?php _e('Select a UI Theme Skin:', 'bulletproof-security'); ?></label>
|
| 104 |
-
<select name="bulletproof_security_options_theme_skin[bps_ui_theme_skin]" class="form-275">
|
| 105 |
-
<option value="blue" <?php selected('blue', $bps_ui_theme_skin); ?>><?php _e('Blue|Light Blue|White UI Theme', 'bulletproof-security'); ?></option>
|
| 106 |
-
<option value="black" <?php selected('black', $bps_ui_theme_skin); ?>><?php _e('Black|Dark Grey|Silver UI Theme', 'bulletproof-security'); ?></option>
|
| 107 |
-
<option value="grey" <?php selected('grey', $bps_ui_theme_skin); ?>><?php _e('Grey|Light Grey|Silver|White UI Theme', 'bulletproof-security'); ?></option>
|
| 108 |
-
</select>
|
| 109 |
-
<input type="submit" name="Submit-UI-Theme-Skin-Options" class="button bps-button" style="margin:10px 0px 10px 0px;" value="<?php esc_attr_e('Save Option', 'bulletproof-security') ?>" />
|
| 110 |
-
</form>
|
| 111 |
</div>
|
| 112 |
|
| 113 |
<div id="Inpage-Status-Display" style="max-width:340px;">
|
|
@@ -167,7 +147,7 @@ $bps_bottomDiv = '</p></div>';
|
|
| 167 |
?>
|
| 168 |
|
| 169 |
<label for="UI-WP-Toolbar"><?php _e('WP Toolbar Functionality In BPS Plugin Pages:', 'bulletproof-security'); ?></label><br />
|
| 170 |
-
<label for="UI-WP-Toolbar" style="color:#
|
| 171 |
<select name="bulletproof_security_options_wpt_nodes[bps_wpt_nodes]" class="form-275">
|
| 172 |
<option value="wpnodesonly" <?php selected('wpnodesonly', $bps_wpt_nodes); ?>><?php _e('Load Only The Default WP Toolbar', 'bulletproof-security'); ?></option>
|
| 173 |
<option value="allnodes" <?php selected('allnodes', $bps_wpt_nodes); ?>><?php _e('Load WP Toolbar With All Menu Items', 'bulletproof-security'); ?></option>
|
|
@@ -211,7 +191,7 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 211 |
?>
|
| 212 |
|
| 213 |
<label for="SLF"><?php _e('Script|Style Loader Filter (SLF) In BPS Plugin Pages:', 'bulletproof-security'); ?></label><br />
|
| 214 |
-
<label for="SLF" style="color:#
|
| 215 |
<select name="bps_slf_filter" class="form-275">
|
| 216 |
<option value="On" <?php selected('On', $bps_slf_filter); ?>><?php _e('SLF On', 'bulletproof-security'); ?></option>
|
| 217 |
<option value="Off" <?php selected('Off', $bps_slf_filter); ?>><?php _e('SLF Off', 'bulletproof-security'); ?></option>
|
|
@@ -229,7 +209,7 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 229 |
?>
|
| 230 |
|
| 231 |
<label for="debug"><?php _e('BPS UI|UX|AutoFix Debug:', 'bulletproof-security'); ?></label><br />
|
| 232 |
-
<label for="debug" style="color:#
|
| 233 |
<select name="bulletproof_security_options_debug[bps_debug]" class="form-275">
|
| 234 |
<option value="Off" <?php selected('Off', $bps_debug); ?>><?php _e('Debug Off', 'bulletproof-security'); ?></option>
|
| 235 |
<option value="On" <?php selected('On', $bps_debug); ?>><?php _e('Debug On', 'bulletproof-security'); ?></option>
|
|
@@ -248,14 +228,18 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 248 |
|
| 249 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 250 |
<tr>
|
| 251 |
-
<td class="bps-table_title"
|
| 252 |
</tr>
|
| 253 |
<tr>
|
| 254 |
<td class="bps-table_cell_help_links">
|
|
|
|
| 255 |
<a href="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/whatsnew/whatsnew.php' ); ?>" target="_blank"><?php _e('Whats New in ', 'bulletproof-security'); echo BULLETPROOF_VERSION; ?></a><br /><br />
|
| 256 |
<a href="https://forum.ait-pro.com/forums/topic/bulletproof-security-pro-version-release-dates/" target="_blank"><?php _e('BPS Pro Features & Version Release Dates', 'bulletproof-security'); ?></a><br /><br />
|
| 257 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Video Tutorials', 'bulletproof-security'); ?></a><br /><br />
|
| 258 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
|
|
|
|
|
|
|
|
|
| 259 |
</td>
|
| 260 |
</tr>
|
| 261 |
</table>
|
| 17 |
#wpwrap{min-height:100.1%};
|
| 18 |
</style>
|
| 19 |
|
| 20 |
+
<div id="bps-container" class="wrap">
|
| 21 |
|
| 22 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 23 |
|
| 26 |
|
| 27 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 28 |
|
| 29 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 30 |
|
| 31 |
bpsPro_Browser_UA_scroll_animation();
|
| 32 |
}
|
| 33 |
}
|
| 34 |
?>
|
| 35 |
|
| 36 |
+
<h2 class="bps-tab-title"><?php _e('UI|UX Settings', 'bulletproof-security'); ?></h2>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 37 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 38 |
|
| 39 |
<?php
|
| 40 |
// General all purpose "Settings Saved." message for forms
|
| 41 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 42 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 43 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 44 |
echo $text;
|
| 45 |
}
|
| 71 |
|
| 72 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 73 |
<tr>
|
| 74 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 75 |
</tr>
|
| 76 |
<tr>
|
| 77 |
<td class="bps-table_cell_help">
|
| 78 |
|
| 79 |
+
<h3 style="margin:0px 0px 10px 0px;"><?php _e('UI|UX Settings', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 80 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 81 |
|
| 82 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('UI|UX Settings', 'bulletproof-security'); ?>">
|
| 83 |
+
<p><?php $text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 84 |
+
|
| 85 |
+
echo $text;
|
| 86 |
+
|
| 87 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 88 |
+
echo $bpsPro_text;
|
| 89 |
+
|
| 90 |
+
$text = '<strong>'.__('Inpage Status Display', 'bulletproof-security').'</strong><br>'.__('The Inpage Status Display displays the status of BPS features, options and your site security in real-time. The Inpage Status Display automatically turns itself off when a Form is submitted using POST and displays a Reload BPS Status Display button. Automatically turning off the Status Display during Form processing is a performance enhancement|optimization. Clicking the Reload BPS Status Display button reloads|displays the Inpage Status Display.', 'bulletproof-security').'<br><br><strong>'.__('Turn On|Off The Processing Spinner:', 'bulletproof-security').'</strong><br>'.__('The Processing Spinner is displayed during processing of the Forms listed below. The Processing Spinner includes a Cancel button to cancel the Form processing. The Processing Spinner can be turned off if you do not want to see it. If the Processing Spinner is not displaying correctly or at all then either your theme or another plugin is interfering with it. Since the Processing Spinner is just a visual enhancement it is not critical that it is being displayed.', 'bulletproof-security').'<br><br><strong>'.__('Forms That Display The Processing Spinner:', 'bulletproof-security').'</strong><br>'.__('DB Backup Job Processing, DB Table Names & Character Length Table, DB Table Prefix Changer and Setup Wizard.', 'bulletproof-security').'<br><br><strong>'.__('Turn On|Off jQuery ScrollTop Animation:', 'bulletproof-security').'</strong><br>'.__('The jQuery ScrollTop Animation is the scrolling animation that you see after submitting BPS Forms, which automatically scrolls to the top of BPS plugin pages to display success or error messages. The jQuery ScrollTop animation code is conditional based on your Browser User Agent or Rendering Engine. The jQuery ScrollTop animation has been customized for each major Browser individually for best visual animation/appearance. jQuery ScrollTop Animation can be turned On or Off.', 'bulletproof-security').'<br><br><strong>'.__('WP Toolbar Functionality In BPS Plugin Pages:', 'bulletproof-security').'</strong><br>'.__('This option affects the WP Toolbar in BPS plugin pages ONLY and does not affect the WP Toolbar anywhere else on your site. WP Toolbar additional menu items (nodes) added by other plugins and themes can cause problems for BPS when the WP Toolbar is loaded in BPS plugin pages. This option allows you to load only the default WP Toolbar without any additional menu items (nodes) loading/displayed on BPS plugin pages or to load the WP Toolbar with any/all other menu items (nodes) that have been added by other plugins and themes. The default setting is: Load Only The Default WP Toolbar (without loading any additional menu items (nodes) from other plugins or themes). If the BPS Processing Spinner is not working/displaying correctly then set this option to the default setting: Load Only The Default WP Toolbar.', 'bulletproof-security').'<br><br><strong>'.__('Script|Style Loader Filter (SLF) In BPS Plugin Pages:', 'bulletproof-security').'</strong><br>'.__('SLF is set to On by default. This option prevents other plugin and theme scripts from loading in BPS plugin pages, which can break BPS js and CSS scripts and cause BPS plugin pages to display visually broken.', 'bulletproof-security').'<br><br><strong>'.__('BPS UI|UX|AutoFix Debug:', 'bulletproof-security').'</strong><br>'.__('BPS UI|UX|AutoFix Debug is set to Off by default. Turning On the BPS UI|UX|AutoFix Debug option will display: plugin or theme Scripts that were Dequeued (prevented) from loading in BPS plugin pages, any plugin or theme Scripts that are loading in BPS plugin pages, WP Toolbar nodes|menu items that were Removed from the WP Toolbar in BPS plugin pages, plugin or theme names and the BPS Custom Code text box where plugins or themes should be creating Custom Code whitelist rules. Usage: If the BPS Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) Notice is still being displayed after running the Pre-Installation Wizard and Setup Wizard then the BPS UI|UX|AutoFix Debug option should be turned On to find the exact plugin or theme and the Custom Code text box where the problem is occurring. Example Debug Displayed message: CC Root Text Box 10: WooCommerce Plugin. This option could also be used generally to see which plugins and themes BPS AutoFix is creating Custom Code whitelist rules for and which Custom Code text boxes the AutoFix whitelist rules will be created in.', 'bulletproof-security'); echo $text; ?></p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 91 |
</div>
|
| 92 |
|
| 93 |
<div id="Inpage-Status-Display" style="max-width:340px;">
|
| 147 |
?>
|
| 148 |
|
| 149 |
<label for="UI-WP-Toolbar"><?php _e('WP Toolbar Functionality In BPS Plugin Pages:', 'bulletproof-security'); ?></label><br />
|
| 150 |
+
<label for="UI-WP-Toolbar" style="color:#2271b1;"><?php _e('Click the Question Mark help button for information', 'bulletproof-security'); ?></label><br />
|
| 151 |
<select name="bulletproof_security_options_wpt_nodes[bps_wpt_nodes]" class="form-275">
|
| 152 |
<option value="wpnodesonly" <?php selected('wpnodesonly', $bps_wpt_nodes); ?>><?php _e('Load Only The Default WP Toolbar', 'bulletproof-security'); ?></option>
|
| 153 |
<option value="allnodes" <?php selected('allnodes', $bps_wpt_nodes); ?>><?php _e('Load WP Toolbar With All Menu Items', 'bulletproof-security'); ?></option>
|
| 191 |
?>
|
| 192 |
|
| 193 |
<label for="SLF"><?php _e('Script|Style Loader Filter (SLF) In BPS Plugin Pages:', 'bulletproof-security'); ?></label><br />
|
| 194 |
+
<label for="SLF" style="color:#2271b1;"><?php _e('Click the Question Mark help button for information', 'bulletproof-security'); ?></label><br />
|
| 195 |
<select name="bps_slf_filter" class="form-275">
|
| 196 |
<option value="On" <?php selected('On', $bps_slf_filter); ?>><?php _e('SLF On', 'bulletproof-security'); ?></option>
|
| 197 |
<option value="Off" <?php selected('Off', $bps_slf_filter); ?>><?php _e('SLF Off', 'bulletproof-security'); ?></option>
|
| 209 |
?>
|
| 210 |
|
| 211 |
<label for="debug"><?php _e('BPS UI|UX|AutoFix Debug:', 'bulletproof-security'); ?></label><br />
|
| 212 |
+
<label for="debug" style="color:#2271b1;"><?php _e('Click the Question Mark help button for information', 'bulletproof-security'); ?></label><br />
|
| 213 |
<select name="bulletproof_security_options_debug[bps_debug]" class="form-275">
|
| 214 |
<option value="Off" <?php selected('Off', $bps_debug); ?>><?php _e('Debug Off', 'bulletproof-security'); ?></option>
|
| 215 |
<option value="On" <?php selected('On', $bps_debug); ?>><?php _e('Debug On', 'bulletproof-security'); ?></option>
|
| 228 |
|
| 229 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 230 |
<tr>
|
| 231 |
+
<td class="bps-table_title"></td>
|
| 232 |
</tr>
|
| 233 |
<tr>
|
| 234 |
<td class="bps-table_cell_help_links">
|
| 235 |
+
|
| 236 |
<a href="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/whatsnew/whatsnew.php' ); ?>" target="_blank"><?php _e('Whats New in ', 'bulletproof-security'); echo BULLETPROOF_VERSION; ?></a><br /><br />
|
| 237 |
<a href="https://forum.ait-pro.com/forums/topic/bulletproof-security-pro-version-release-dates/" target="_blank"><?php _e('BPS Pro Features & Version Release Dates', 'bulletproof-security'); ?></a><br /><br />
|
| 238 |
<a href="https://forum.ait-pro.com/video-tutorials/" target="_blank"><?php _e('Video Tutorials', 'bulletproof-security'); ?></a><br /><br />
|
| 239 |
<a href="https://forum.ait-pro.com/forums/topic/plugin-conflicts-actively-blocked-plugins-plugin-compatibility/" target="_blank"><?php _e('Forum: Search, Troubleshooting Steps & Post Questions For Assistance', 'bulletproof-security'); ?></a>
|
| 240 |
+
|
| 241 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 242 |
+
|
| 243 |
</td>
|
| 244 |
</tr>
|
| 245 |
</table>
|
admin/wizard/pwizard-autofix-setup.php
CHANGED
|
@@ -92,9 +92,9 @@ global $cache_enabled, $super_cache_enabled, $wp_cache_mod_rewrite;
|
|
| 92 |
if ( file_exists( $wpconfig ) ) {
|
| 93 |
$sapi_type = php_sapi_name();
|
| 94 |
$wpconfigBackup = WP_CONTENT_DIR . '/bps-backup/autorestore/root-files/wp-config.php';
|
| 95 |
-
$perms_wpconfig =
|
| 96 |
|
| 97 |
-
if (
|
| 98 |
chmod( $wpconfig, 0644 );
|
| 99 |
}
|
| 100 |
}
|
|
@@ -248,13 +248,13 @@ global $cache_enabled, $super_cache_enabled, $wp_cache_mod_rewrite;
|
|
| 248 |
|
| 249 |
if ( file_exists($rootHtaccess) ) {
|
| 250 |
$sapi_type = php_sapi_name();
|
| 251 |
-
$permsRootHtaccess =
|
| 252 |
|
| 253 |
-
if (
|
| 254 |
chmod( $rootHtaccess, 0644 );
|
| 255 |
}
|
| 256 |
|
| 257 |
-
$root_htaccess_file_contents =
|
| 258 |
|
| 259 |
if ( preg_match( '/#\sBEGIN\sWPSuperCache(.*)#\sEND\sWPSuperCache/s', $root_htaccess_file_contents, $matches ) ) {
|
| 260 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sWPSuperCache(.*)#\sEND\sWPSuperCache/s', "", $root_htaccess_file_contents);
|
|
@@ -269,7 +269,7 @@ global $cache_enabled, $super_cache_enabled, $wp_cache_mod_rewrite;
|
|
| 269 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 270 |
|
| 271 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 272 |
-
|
| 273 |
}
|
| 274 |
|
| 275 |
$text = '<strong><font color="green">'.__('WP Super Cache (WPSC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all WPSC htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have WPSC installed and are still planning on using WPSC then re-run the Setup Wizards after you have activated the WPSC plugin again and resaved your WPSC plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
|
@@ -395,7 +395,7 @@ function bpsPro_Pwizard_Autofix_W3TC() {
|
|
| 395 |
## The W3TC Order of Markers in the root htaccess file appear to be: Browser Cache, Page Cache core & Skip 404 error...
|
| 396 |
// Get each block of W3TC code and put them in arrays and then merge the arrays.
|
| 397 |
## Remove the W3TC htaccess code from the Root htaccess file after putting any W3TC code into arrays and updating the CC DB options.
|
| 398 |
-
$root_htaccess_file_contents =
|
| 399 |
|
| 400 |
$browser_cache = array();
|
| 401 |
$page_cache_core = array();
|
|
@@ -507,7 +507,7 @@ function bpsPro_Pwizard_Autofix_W3TC() {
|
|
| 507 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 508 |
|
| 509 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 510 |
-
|
| 511 |
}
|
| 512 |
}
|
| 513 |
}
|
|
@@ -610,13 +610,13 @@ function bpsPro_Pwizard_Autofix_W3TC() {
|
|
| 610 |
|
| 611 |
if ( file_exists($rootHtaccess) ) {
|
| 612 |
$sapi_type = php_sapi_name();
|
| 613 |
-
$permsRootHtaccess =
|
| 614 |
|
| 615 |
-
if (
|
| 616 |
chmod( $rootHtaccess, 0644 );
|
| 617 |
}
|
| 618 |
|
| 619 |
-
$root_htaccess_file_contents =
|
| 620 |
|
| 621 |
if ( preg_match( '/#\sBEGIN\sW3TC\sBrowser\sCache(.*)#\sEND\sW3TC\sBrowser\sCache/s', $root_htaccess_file_contents, $matches ) ) {
|
| 622 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sW3TC\sBrowser\sCache(.*)#\sEND\sW3TC\sBrowser\sCache/s', "", $root_htaccess_file_contents);
|
|
@@ -655,7 +655,7 @@ function bpsPro_Pwizard_Autofix_W3TC() {
|
|
| 655 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 656 |
|
| 657 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 658 |
-
|
| 659 |
}
|
| 660 |
|
| 661 |
$text = '<strong><font color="green">'.__('W3 Total Cache (W3TC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all W3TC htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have W3TC installed and are still planning on using W3TC then re-run the Setup Wizards after you have activated the W3TC plugin again and resaved your W3TC plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
|
@@ -742,22 +742,22 @@ function bpsPro_Pwizard_Autofix_Comet_Cache() {
|
|
| 742 |
if ( file_exists($rootHtaccess) ) {
|
| 743 |
|
| 744 |
$sapi_type = php_sapi_name();
|
| 745 |
-
$permsRootHtaccess =
|
| 746 |
|
| 747 |
if ( file_exists( $wpconfig ) ) {
|
| 748 |
|
| 749 |
-
$perms_wpconfig =
|
| 750 |
|
| 751 |
-
if (
|
| 752 |
chmod( $wpconfig, 0644 );
|
| 753 |
}
|
| 754 |
}
|
| 755 |
|
| 756 |
-
if (
|
| 757 |
chmod( $rootHtaccess, 0644 );
|
| 758 |
}
|
| 759 |
|
| 760 |
-
$root_htaccess_file_contents =
|
| 761 |
|
| 762 |
if ( preg_match( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', $root_htaccess_file_contents, $matches ) ) {
|
| 763 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', "", $root_htaccess_file_contents);
|
|
@@ -768,7 +768,7 @@ function bpsPro_Pwizard_Autofix_Comet_Cache() {
|
|
| 768 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 769 |
|
| 770 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 771 |
-
|
| 772 |
}
|
| 773 |
|
| 774 |
## Get new Comet Cache htaccess code from template files.
|
|
@@ -983,13 +983,13 @@ function bpsPro_Pwizard_Autofix_Comet_Cache() {
|
|
| 983 |
|
| 984 |
if ( file_exists($rootHtaccess) ) {
|
| 985 |
$sapi_type = php_sapi_name();
|
| 986 |
-
$permsRootHtaccess =
|
| 987 |
|
| 988 |
-
if (
|
| 989 |
chmod( $rootHtaccess, 0644 );
|
| 990 |
}
|
| 991 |
|
| 992 |
-
$root_htaccess_file_contents =
|
| 993 |
|
| 994 |
if ( preg_match( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', $root_htaccess_file_contents, $matches ) ) {
|
| 995 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', "", $root_htaccess_file_contents);
|
|
@@ -1000,7 +1000,7 @@ function bpsPro_Pwizard_Autofix_Comet_Cache() {
|
|
| 1000 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1001 |
|
| 1002 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1003 |
-
|
| 1004 |
}
|
| 1005 |
|
| 1006 |
$text = '<strong><font color="green">'.__('Comet Cache Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all Comet Cache htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have Comet Cache installed and are still planning on using Comet Cache then re-run the Setup Wizards after you have activated the Comet Cache plugin again and resaved your Comet Cache plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
|
@@ -1081,13 +1081,13 @@ function bpsPro_Pwizard_Autofix_Endurance() {
|
|
| 1081 |
if ( file_exists($rootHtaccess) ) {
|
| 1082 |
|
| 1083 |
$sapi_type = php_sapi_name();
|
| 1084 |
-
$permsRootHtaccess =
|
| 1085 |
|
| 1086 |
-
if (
|
| 1087 |
chmod( $rootHtaccess, 0644 );
|
| 1088 |
}
|
| 1089 |
|
| 1090 |
-
$root_htaccess_file_contents =
|
| 1091 |
|
| 1092 |
$wp_default_rewrite_code = '/<IfModule\smod_rewrite\.c>\s*RewriteEngine\sOn\s*RewriteBase(.*)\s*RewriteRule(.*)\s*RewriteCond((.*)\s*){2}RewriteRule(.*)\s*<\/IfModule>\n/';
|
| 1093 |
$epc_htaccess_code = array();
|
|
@@ -1100,7 +1100,7 @@ function bpsPro_Pwizard_Autofix_Endurance() {
|
|
| 1100 |
|
| 1101 |
// Suppress the coding mistake/php error "Illegal string offset" in the EPC plugin.
|
| 1102 |
// The endurance_cache_level DB option value is not saved as an array and is incorrectly saved as a string value instead.
|
| 1103 |
-
if ( empty($epc_htaccess_code) &&
|
| 1104 |
$text = '<strong><font color="#fb0101">'.__('Error: Endurance Page Cache (EPC) Plugin AutoSetup Unsuccessful - ', 'bulletproof-security').'</font><font color="blue">'.__('The Setup Wizard did not find any Endurance Page Cache htaccess code in your Root htaccess file. Do these steps to fix the problem: Go to the BPS htaccess File Editor page, click the Unlock htaccess File button, go to the WordPress Settings > General page, scroll down to Endurance Cache settings, click the Save Changes button, go back to this Setup Wizard page and run the Pre-Installation Wizard and Setup Wizard again.', 'bulletproof-security').'</font></strong><br>';
|
| 1105 |
echo $text;
|
| 1106 |
return;
|
|
@@ -1164,7 +1164,7 @@ function bpsPro_Pwizard_Autofix_Endurance() {
|
|
| 1164 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1165 |
|
| 1166 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1167 |
-
|
| 1168 |
}
|
| 1169 |
}
|
| 1170 |
}
|
|
@@ -1243,13 +1243,13 @@ function bpsPro_Pwizard_Autofix_Endurance() {
|
|
| 1243 |
|
| 1244 |
if ( file_exists($rootHtaccess) ) {
|
| 1245 |
|
| 1246 |
-
$permsRootHtaccess =
|
| 1247 |
|
| 1248 |
-
if (
|
| 1249 |
chmod( $rootHtaccess, 0644 );
|
| 1250 |
}
|
| 1251 |
|
| 1252 |
-
$root_htaccess_file_contents =
|
| 1253 |
|
| 1254 |
if ( preg_match( '/#\sBEGIN\sWordPress(.*)endurance-page-cache(.*)#\sEND\sWordPress/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1255 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sWordPress(.*)endurance-page-cache(.*)#\sEND\sWordPress/s', "", $root_htaccess_file_contents);
|
|
@@ -1260,7 +1260,7 @@ function bpsPro_Pwizard_Autofix_Endurance() {
|
|
| 1260 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1261 |
|
| 1262 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1263 |
-
|
| 1264 |
}
|
| 1265 |
|
| 1266 |
$text = '<strong><font color="green">'.__('Endurance Page Cache (EPC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all Endurance Page Cache htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have disabled the Endurance Page Cache plugin and are still planning on using Endurance Page Cache then re-run the Setup Wizards after you have enabled the Endurance Page Cache plugin again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
|
@@ -1339,13 +1339,13 @@ function bpsPro_Pwizard_Autofix_WPFC() {
|
|
| 1339 |
if ( file_exists($rootHtaccess) ) {
|
| 1340 |
|
| 1341 |
$sapi_type = php_sapi_name();
|
| 1342 |
-
$permsRootHtaccess =
|
| 1343 |
|
| 1344 |
-
if (
|
| 1345 |
chmod( $rootHtaccess, 0644 );
|
| 1346 |
}
|
| 1347 |
|
| 1348 |
-
$root_htaccess_file_contents =
|
| 1349 |
|
| 1350 |
$wpfc_default_code = array();
|
| 1351 |
$wpfc_gzip_code = array();
|
|
@@ -1377,7 +1377,7 @@ function bpsPro_Pwizard_Autofix_WPFC() {
|
|
| 1377 |
}
|
| 1378 |
|
| 1379 |
// Check the WPFC wpFastestCacheStatus == on db option value for the default Cache System enable|disable: creates default & page caching htaccess code.
|
| 1380 |
-
if (
|
| 1381 |
|
| 1382 |
$text = '<strong><font color="#fb0101">'.__('Error: WP Fastest Cache (WPFC) Plugin AutoSetup Unsuccessful: ', 'bulletproof-security').'</font><font color="black">'.__('The Setup Wizard did not find any WPFC htaccess code in your Root htaccess file. Do these steps to fix the problem: Go to the BPS htaccess File Editor page, click the Unlock htaccess File button, go to the WPFC plugin Settings page, click the Submit button, go back to this Setup Wizard page and run the Pre-Installation Wizard and Setup Wizard again.', 'bulletproof-security').'</font></strong><br>';
|
| 1383 |
echo $text;
|
|
@@ -1445,7 +1445,7 @@ function bpsPro_Pwizard_Autofix_WPFC() {
|
|
| 1445 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1446 |
|
| 1447 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1448 |
-
|
| 1449 |
}
|
| 1450 |
}
|
| 1451 |
}
|
|
@@ -1520,13 +1520,13 @@ function bpsPro_Pwizard_Autofix_WPFC() {
|
|
| 1520 |
|
| 1521 |
if ( file_exists($rootHtaccess) ) {
|
| 1522 |
$sapi_type = php_sapi_name();
|
| 1523 |
-
$permsRootHtaccess =
|
| 1524 |
|
| 1525 |
-
if (
|
| 1526 |
chmod( $rootHtaccess, 0644 );
|
| 1527 |
}
|
| 1528 |
|
| 1529 |
-
$root_htaccess_file_contents =
|
| 1530 |
|
| 1531 |
if ( preg_match( '/#\sBEGIN(.*)WpFastestCache(.*)#\sEND(.*)WpFastestCache/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1532 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN(.*)WpFastestCache(.*)#\sEND(.*)WpFastestCache/s', "", $root_htaccess_file_contents);
|
|
@@ -1537,7 +1537,7 @@ function bpsPro_Pwizard_Autofix_WPFC() {
|
|
| 1537 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1538 |
|
| 1539 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1540 |
-
|
| 1541 |
}
|
| 1542 |
|
| 1543 |
$text = '<strong><font color="green">'.__('WP Fastest Cache (WPFC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all WPFC htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have WPFC installed and are still planning on using WPFC then re-run the Setup Wizards after you have activated the WPFC plugin again and resaved your WPFC plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
|
@@ -1626,22 +1626,22 @@ function bpsPro_Pwizard_Autofix_WPR() {
|
|
| 1626 |
if ( file_exists($rootHtaccess) ) {
|
| 1627 |
|
| 1628 |
$sapi_type = php_sapi_name();
|
| 1629 |
-
$permsRootHtaccess =
|
| 1630 |
|
| 1631 |
if ( file_exists( $wpconfig ) ) {
|
| 1632 |
|
| 1633 |
-
$perms_wpconfig =
|
| 1634 |
|
| 1635 |
-
if (
|
| 1636 |
chmod( $wpconfig, 0644 );
|
| 1637 |
}
|
| 1638 |
}
|
| 1639 |
|
| 1640 |
-
if (
|
| 1641 |
chmod( $rootHtaccess, 0644 );
|
| 1642 |
}
|
| 1643 |
|
| 1644 |
-
$root_htaccess_file_contents =
|
| 1645 |
|
| 1646 |
$wpr_htaccess_code = array();
|
| 1647 |
|
|
@@ -1716,7 +1716,7 @@ function bpsPro_Pwizard_Autofix_WPR() {
|
|
| 1716 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1717 |
|
| 1718 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1719 |
-
|
| 1720 |
}
|
| 1721 |
}
|
| 1722 |
|
|
@@ -1811,13 +1811,13 @@ function bpsPro_Pwizard_Autofix_WPR() {
|
|
| 1811 |
|
| 1812 |
if ( file_exists($rootHtaccess) ) {
|
| 1813 |
$sapi_type = php_sapi_name();
|
| 1814 |
-
$permsRootHtaccess =
|
| 1815 |
|
| 1816 |
-
if (
|
| 1817 |
chmod( $rootHtaccess, 0644 );
|
| 1818 |
}
|
| 1819 |
|
| 1820 |
-
$root_htaccess_file_contents =
|
| 1821 |
|
| 1822 |
if ( preg_match( '/#\sBEGIN\sWP\sRocket(.*)#\sEND\sWP\sRocket/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1823 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sWP\sRocket(.*)#\sEND\sWP\sRocket/s', "", $root_htaccess_file_contents);
|
|
@@ -1832,7 +1832,7 @@ function bpsPro_Pwizard_Autofix_WPR() {
|
|
| 1832 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1833 |
|
| 1834 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1835 |
-
|
| 1836 |
}
|
| 1837 |
|
| 1838 |
$text = '<strong><font color="green">'.__('WP Rocket Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all WP Rocket htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have WP Rocket installed and are still planning on using WP Rocket then re-run the Setup Wizards after you have activated the WP Rocket plugin again and resaved your WP Rocket plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
|
@@ -1918,22 +1918,22 @@ function bpsPro_Pwizard_Autofix_LSCACHE() {
|
|
| 1918 |
if ( file_exists($rootHtaccess) ) {
|
| 1919 |
|
| 1920 |
$sapi_type = php_sapi_name();
|
| 1921 |
-
$permsRootHtaccess =
|
| 1922 |
|
| 1923 |
if ( file_exists( $wpconfig ) ) {
|
| 1924 |
|
| 1925 |
-
$perms_wpconfig =
|
| 1926 |
|
| 1927 |
-
if (
|
| 1928 |
chmod( $wpconfig, 0644 );
|
| 1929 |
}
|
| 1930 |
}
|
| 1931 |
|
| 1932 |
-
if (
|
| 1933 |
chmod( $rootHtaccess, 0644 );
|
| 1934 |
}
|
| 1935 |
|
| 1936 |
-
$root_htaccess_file_contents =
|
| 1937 |
|
| 1938 |
$lscache_htaccess_code = array();
|
| 1939 |
|
|
@@ -2008,7 +2008,7 @@ function bpsPro_Pwizard_Autofix_LSCACHE() {
|
|
| 2008 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 2009 |
|
| 2010 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 2011 |
-
|
| 2012 |
}
|
| 2013 |
}
|
| 2014 |
|
|
@@ -2086,13 +2086,13 @@ function bpsPro_Pwizard_Autofix_LSCACHE() {
|
|
| 2086 |
|
| 2087 |
if ( file_exists($rootHtaccess) ) {
|
| 2088 |
$sapi_type = php_sapi_name();
|
| 2089 |
-
$permsRootHtaccess =
|
| 2090 |
|
| 2091 |
-
if (
|
| 2092 |
chmod( $rootHtaccess, 0644 );
|
| 2093 |
}
|
| 2094 |
|
| 2095 |
-
$root_htaccess_file_contents =
|
| 2096 |
|
| 2097 |
if ( preg_match( '/#\sBEGIN\sLSCACHE(.*)#\sEND\sNON_LSCACHE/s', $root_htaccess_file_contents, $matches ) ) {
|
| 2098 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sLSCACHE(.*)#\sEND\sNON_LSCACHE/s', "", $root_htaccess_file_contents);
|
|
@@ -2103,7 +2103,7 @@ function bpsPro_Pwizard_Autofix_LSCACHE() {
|
|
| 2103 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 2104 |
|
| 2105 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 2106 |
-
|
| 2107 |
}
|
| 2108 |
|
| 2109 |
$text = '<strong><font color="green">'.__('LiteSpeed Cache Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all LiteSpeed Cache htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have LiteSpeed Cache installed and are still planning on using LiteSpeed Cache then re-run the Setup Wizards after you have activated the LiteSpeed Cache plugin again and resaved your LiteSpeed Cache plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 92 |
if ( file_exists( $wpconfig ) ) {
|
| 93 |
$sapi_type = php_sapi_name();
|
| 94 |
$wpconfigBackup = WP_CONTENT_DIR . '/bps-backup/autorestore/root-files/wp-config.php';
|
| 95 |
+
$perms_wpconfig = substr(sprintf('%o', fileperms($wpconfig)), -4); // 0644 / 0404
|
| 96 |
|
| 97 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $perms_wpconfig != '0666' || $perms_wpconfig != '0777' ) { // Windows IIS, XAMPP, etc
|
| 98 |
chmod( $wpconfig, 0644 );
|
| 99 |
}
|
| 100 |
}
|
| 248 |
|
| 249 |
if ( file_exists($rootHtaccess) ) {
|
| 250 |
$sapi_type = php_sapi_name();
|
| 251 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 252 |
|
| 253 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 254 |
chmod( $rootHtaccess, 0644 );
|
| 255 |
}
|
| 256 |
|
| 257 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 258 |
|
| 259 |
if ( preg_match( '/#\sBEGIN\sWPSuperCache(.*)#\sEND\sWPSuperCache/s', $root_htaccess_file_contents, $matches ) ) {
|
| 260 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sWPSuperCache(.*)#\sEND\sWPSuperCache/s', "", $root_htaccess_file_contents);
|
| 269 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 270 |
|
| 271 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 272 |
+
chmod($rootHtaccess, 0404);
|
| 273 |
}
|
| 274 |
|
| 275 |
$text = '<strong><font color="green">'.__('WP Super Cache (WPSC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all WPSC htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have WPSC installed and are still planning on using WPSC then re-run the Setup Wizards after you have activated the WPSC plugin again and resaved your WPSC plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 395 |
## The W3TC Order of Markers in the root htaccess file appear to be: Browser Cache, Page Cache core & Skip 404 error...
|
| 396 |
// Get each block of W3TC code and put them in arrays and then merge the arrays.
|
| 397 |
## Remove the W3TC htaccess code from the Root htaccess file after putting any W3TC code into arrays and updating the CC DB options.
|
| 398 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 399 |
|
| 400 |
$browser_cache = array();
|
| 401 |
$page_cache_core = array();
|
| 507 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 508 |
|
| 509 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 510 |
+
chmod($rootHtaccess, 0404);
|
| 511 |
}
|
| 512 |
}
|
| 513 |
}
|
| 610 |
|
| 611 |
if ( file_exists($rootHtaccess) ) {
|
| 612 |
$sapi_type = php_sapi_name();
|
| 613 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 614 |
|
| 615 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 616 |
chmod( $rootHtaccess, 0644 );
|
| 617 |
}
|
| 618 |
|
| 619 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 620 |
|
| 621 |
if ( preg_match( '/#\sBEGIN\sW3TC\sBrowser\sCache(.*)#\sEND\sW3TC\sBrowser\sCache/s', $root_htaccess_file_contents, $matches ) ) {
|
| 622 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sW3TC\sBrowser\sCache(.*)#\sEND\sW3TC\sBrowser\sCache/s', "", $root_htaccess_file_contents);
|
| 655 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 656 |
|
| 657 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 658 |
+
chmod($rootHtaccess, 0404);
|
| 659 |
}
|
| 660 |
|
| 661 |
$text = '<strong><font color="green">'.__('W3 Total Cache (W3TC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all W3TC htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have W3TC installed and are still planning on using W3TC then re-run the Setup Wizards after you have activated the W3TC plugin again and resaved your W3TC plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 742 |
if ( file_exists($rootHtaccess) ) {
|
| 743 |
|
| 744 |
$sapi_type = php_sapi_name();
|
| 745 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 746 |
|
| 747 |
if ( file_exists( $wpconfig ) ) {
|
| 748 |
|
| 749 |
+
$perms_wpconfig = substr(sprintf('%o', fileperms($wpconfig)), -4);
|
| 750 |
|
| 751 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $perms_wpconfig != '0666' || $perms_wpconfig != '0777' ) { // Windows IIS, XAMPP, etc
|
| 752 |
chmod( $wpconfig, 0644 );
|
| 753 |
}
|
| 754 |
}
|
| 755 |
|
| 756 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 757 |
chmod( $rootHtaccess, 0644 );
|
| 758 |
}
|
| 759 |
|
| 760 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 761 |
|
| 762 |
if ( preg_match( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', $root_htaccess_file_contents, $matches ) ) {
|
| 763 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', "", $root_htaccess_file_contents);
|
| 768 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 769 |
|
| 770 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 771 |
+
chmod($rootHtaccess, 0404);
|
| 772 |
}
|
| 773 |
|
| 774 |
## Get new Comet Cache htaccess code from template files.
|
| 983 |
|
| 984 |
if ( file_exists($rootHtaccess) ) {
|
| 985 |
$sapi_type = php_sapi_name();
|
| 986 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 987 |
|
| 988 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 989 |
chmod( $rootHtaccess, 0644 );
|
| 990 |
}
|
| 991 |
|
| 992 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 993 |
|
| 994 |
if ( preg_match( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', $root_htaccess_file_contents, $matches ) ) {
|
| 995 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sComet\sCache(.*)#\sEND\sComet\sCache\sWmVuQ2FjaGU/s', "", $root_htaccess_file_contents);
|
| 1000 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1001 |
|
| 1002 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1003 |
+
chmod($rootHtaccess, 0404);
|
| 1004 |
}
|
| 1005 |
|
| 1006 |
$text = '<strong><font color="green">'.__('Comet Cache Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all Comet Cache htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have Comet Cache installed and are still planning on using Comet Cache then re-run the Setup Wizards after you have activated the Comet Cache plugin again and resaved your Comet Cache plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 1081 |
if ( file_exists($rootHtaccess) ) {
|
| 1082 |
|
| 1083 |
$sapi_type = php_sapi_name();
|
| 1084 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1085 |
|
| 1086 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1087 |
chmod( $rootHtaccess, 0644 );
|
| 1088 |
}
|
| 1089 |
|
| 1090 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1091 |
|
| 1092 |
$wp_default_rewrite_code = '/<IfModule\smod_rewrite\.c>\s*RewriteEngine\sOn\s*RewriteBase(.*)\s*RewriteRule(.*)\s*RewriteCond((.*)\s*){2}RewriteRule(.*)\s*<\/IfModule>\n/';
|
| 1093 |
$epc_htaccess_code = array();
|
| 1100 |
|
| 1101 |
// Suppress the coding mistake/php error "Illegal string offset" in the EPC plugin.
|
| 1102 |
// The endurance_cache_level DB option value is not saved as an array and is incorrectly saved as a string value instead.
|
| 1103 |
+
if ( empty($epc_htaccess_code) && $epc_cache_level_options['endurance_cache_level'] > 0 ) {
|
| 1104 |
$text = '<strong><font color="#fb0101">'.__('Error: Endurance Page Cache (EPC) Plugin AutoSetup Unsuccessful - ', 'bulletproof-security').'</font><font color="blue">'.__('The Setup Wizard did not find any Endurance Page Cache htaccess code in your Root htaccess file. Do these steps to fix the problem: Go to the BPS htaccess File Editor page, click the Unlock htaccess File button, go to the WordPress Settings > General page, scroll down to Endurance Cache settings, click the Save Changes button, go back to this Setup Wizard page and run the Pre-Installation Wizard and Setup Wizard again.', 'bulletproof-security').'</font></strong><br>';
|
| 1105 |
echo $text;
|
| 1106 |
return;
|
| 1164 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1165 |
|
| 1166 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1167 |
+
chmod($rootHtaccess, 0404);
|
| 1168 |
}
|
| 1169 |
}
|
| 1170 |
}
|
| 1243 |
|
| 1244 |
if ( file_exists($rootHtaccess) ) {
|
| 1245 |
|
| 1246 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1247 |
|
| 1248 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1249 |
chmod( $rootHtaccess, 0644 );
|
| 1250 |
}
|
| 1251 |
|
| 1252 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1253 |
|
| 1254 |
if ( preg_match( '/#\sBEGIN\sWordPress(.*)endurance-page-cache(.*)#\sEND\sWordPress/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1255 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sWordPress(.*)endurance-page-cache(.*)#\sEND\sWordPress/s', "", $root_htaccess_file_contents);
|
| 1260 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1261 |
|
| 1262 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1263 |
+
chmod($rootHtaccess, 0404);
|
| 1264 |
}
|
| 1265 |
|
| 1266 |
$text = '<strong><font color="green">'.__('Endurance Page Cache (EPC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all Endurance Page Cache htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have disabled the Endurance Page Cache plugin and are still planning on using Endurance Page Cache then re-run the Setup Wizards after you have enabled the Endurance Page Cache plugin again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 1339 |
if ( file_exists($rootHtaccess) ) {
|
| 1340 |
|
| 1341 |
$sapi_type = php_sapi_name();
|
| 1342 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1343 |
|
| 1344 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1345 |
chmod( $rootHtaccess, 0644 );
|
| 1346 |
}
|
| 1347 |
|
| 1348 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1349 |
|
| 1350 |
$wpfc_default_code = array();
|
| 1351 |
$wpfc_gzip_code = array();
|
| 1377 |
}
|
| 1378 |
|
| 1379 |
// Check the WPFC wpFastestCacheStatus == on db option value for the default Cache System enable|disable: creates default & page caching htaccess code.
|
| 1380 |
+
if ( /*$wpfc_options['wpFastestCacheStatus'] == 'on' && */ empty($wpfc_default_code) ) {
|
| 1381 |
|
| 1382 |
$text = '<strong><font color="#fb0101">'.__('Error: WP Fastest Cache (WPFC) Plugin AutoSetup Unsuccessful: ', 'bulletproof-security').'</font><font color="black">'.__('The Setup Wizard did not find any WPFC htaccess code in your Root htaccess file. Do these steps to fix the problem: Go to the BPS htaccess File Editor page, click the Unlock htaccess File button, go to the WPFC plugin Settings page, click the Submit button, go back to this Setup Wizard page and run the Pre-Installation Wizard and Setup Wizard again.', 'bulletproof-security').'</font></strong><br>';
|
| 1383 |
echo $text;
|
| 1445 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1446 |
|
| 1447 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1448 |
+
chmod($rootHtaccess, 0404);
|
| 1449 |
}
|
| 1450 |
}
|
| 1451 |
}
|
| 1520 |
|
| 1521 |
if ( file_exists($rootHtaccess) ) {
|
| 1522 |
$sapi_type = php_sapi_name();
|
| 1523 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1524 |
|
| 1525 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1526 |
chmod( $rootHtaccess, 0644 );
|
| 1527 |
}
|
| 1528 |
|
| 1529 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1530 |
|
| 1531 |
if ( preg_match( '/#\sBEGIN(.*)WpFastestCache(.*)#\sEND(.*)WpFastestCache/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1532 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN(.*)WpFastestCache(.*)#\sEND(.*)WpFastestCache/s', "", $root_htaccess_file_contents);
|
| 1537 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1538 |
|
| 1539 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1540 |
+
chmod($rootHtaccess, 0404);
|
| 1541 |
}
|
| 1542 |
|
| 1543 |
$text = '<strong><font color="green">'.__('WP Fastest Cache (WPFC) Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all WPFC htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have WPFC installed and are still planning on using WPFC then re-run the Setup Wizards after you have activated the WPFC plugin again and resaved your WPFC plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 1626 |
if ( file_exists($rootHtaccess) ) {
|
| 1627 |
|
| 1628 |
$sapi_type = php_sapi_name();
|
| 1629 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1630 |
|
| 1631 |
if ( file_exists( $wpconfig ) ) {
|
| 1632 |
|
| 1633 |
+
$perms_wpconfig = substr(sprintf('%o', fileperms($wpconfig)), -4);
|
| 1634 |
|
| 1635 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $perms_wpconfig != '0666' || $perms_wpconfig != '0777' ) { // Windows IIS, XAMPP, etc
|
| 1636 |
chmod( $wpconfig, 0644 );
|
| 1637 |
}
|
| 1638 |
}
|
| 1639 |
|
| 1640 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1641 |
chmod( $rootHtaccess, 0644 );
|
| 1642 |
}
|
| 1643 |
|
| 1644 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1645 |
|
| 1646 |
$wpr_htaccess_code = array();
|
| 1647 |
|
| 1716 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1717 |
|
| 1718 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1719 |
+
chmod($rootHtaccess, 0404);
|
| 1720 |
}
|
| 1721 |
}
|
| 1722 |
|
| 1811 |
|
| 1812 |
if ( file_exists($rootHtaccess) ) {
|
| 1813 |
$sapi_type = php_sapi_name();
|
| 1814 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1815 |
|
| 1816 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1817 |
chmod( $rootHtaccess, 0644 );
|
| 1818 |
}
|
| 1819 |
|
| 1820 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1821 |
|
| 1822 |
if ( preg_match( '/#\sBEGIN\sWP\sRocket(.*)#\sEND\sWP\sRocket/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1823 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sWP\sRocket(.*)#\sEND\sWP\sRocket/s', "", $root_htaccess_file_contents);
|
| 1832 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1833 |
|
| 1834 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 1835 |
+
chmod($rootHtaccess, 0404);
|
| 1836 |
}
|
| 1837 |
|
| 1838 |
$text = '<strong><font color="green">'.__('WP Rocket Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all WP Rocket htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have WP Rocket installed and are still planning on using WP Rocket then re-run the Setup Wizards after you have activated the WP Rocket plugin again and resaved your WP Rocket plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
| 1918 |
if ( file_exists($rootHtaccess) ) {
|
| 1919 |
|
| 1920 |
$sapi_type = php_sapi_name();
|
| 1921 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1922 |
|
| 1923 |
if ( file_exists( $wpconfig ) ) {
|
| 1924 |
|
| 1925 |
+
$perms_wpconfig = substr(sprintf('%o', fileperms($wpconfig)), -4);
|
| 1926 |
|
| 1927 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $perms_wpconfig != '0666' || $perms_wpconfig != '0777' ) { // Windows IIS, XAMPP, etc
|
| 1928 |
chmod( $wpconfig, 0644 );
|
| 1929 |
}
|
| 1930 |
}
|
| 1931 |
|
| 1932 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1933 |
chmod( $rootHtaccess, 0644 );
|
| 1934 |
}
|
| 1935 |
|
| 1936 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1937 |
|
| 1938 |
$lscache_htaccess_code = array();
|
| 1939 |
|
| 2008 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 2009 |
|
| 2010 |
if ( $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 2011 |
+
chmod($rootHtaccess, 0404);
|
| 2012 |
}
|
| 2013 |
}
|
| 2014 |
|
| 2086 |
|
| 2087 |
if ( file_exists($rootHtaccess) ) {
|
| 2088 |
$sapi_type = php_sapi_name();
|
| 2089 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 2090 |
|
| 2091 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 2092 |
chmod( $rootHtaccess, 0644 );
|
| 2093 |
}
|
| 2094 |
|
| 2095 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 2096 |
|
| 2097 |
if ( preg_match( '/#\sBEGIN\sLSCACHE(.*)#\sEND\sNON_LSCACHE/s', $root_htaccess_file_contents, $matches ) ) {
|
| 2098 |
$root_htaccess_file_contents = preg_replace( '/#\sBEGIN\sLSCACHE(.*)#\sEND\sNON_LSCACHE/s', "", $root_htaccess_file_contents);
|
| 2103 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 2104 |
|
| 2105 |
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ) {
|
| 2106 |
+
chmod($rootHtaccess, 0404);
|
| 2107 |
}
|
| 2108 |
|
| 2109 |
$text = '<strong><font color="green">'.__('LiteSpeed Cache Plugin AutoCleanup Successful: ', 'bulletproof-security').'</font><font color="black"><span class="arq-tooltip-sw-60"><img src="'.plugins_url('/bulletproof-security/admin/images/question-mark.png').'" style="position:relative;top:3px;right:1px;" /><span>'.__('AutoCleanup has removed all LiteSpeed Cache htaccess code from BPS Custom Code and your Root htaccess file if it existed. If you have LiteSpeed Cache installed and are still planning on using LiteSpeed Cache then re-run the Setup Wizards after you have activated the LiteSpeed Cache plugin again and resaved your LiteSpeed Cache plugin settings again.', 'bulletproof-security').'</span></span></font></strong><br>';
|
admin/wizard/pwizard-autofix.php
CHANGED
|
@@ -1385,8 +1385,40 @@ RewriteRule ^(.*)$ - [F]
|
|
| 1385 |
$r23 = array();
|
| 1386 |
}
|
| 1387 |
|
| 1388 |
-
|
| 1389 |
-
$
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1390 |
|
| 1391 |
if ( $CC_Options_root['bps_customcode_bpsqse'] != '' ) {
|
| 1392 |
$bps_customcode_bpsqse_replace = preg_replace($pattern_array, $replace_array, $bps_customcode_bpsqse_array);
|
|
@@ -1440,7 +1472,7 @@ RewriteRule ^(.*)$ - [F]
|
|
| 1440 |
update_option('bulletproof_security_options_customcode', $Root_CC_Options);
|
| 1441 |
}
|
| 1442 |
|
| 1443 |
-
$success_array = array($woo_PagSeguro_fix, $event_espresso_fix, $woo_serial_key_fix, $woo_worldpay_fix, $kama_click_counter_fix, $riva_slider_pro_fix, $wp_auto_spinner_fix, $AgriTurismo_theme_fix, $wccp_pro_fix, $panopress_fix, $essb_code_canyon_fix, $mainwp_fix, $clevercourse_theme_fix, $wp_estore_fix, $wp_emember_fix, $easy_digital_downloads_fix, $mailpoet_fix, $mailchimp_fix, $DAPLiveLinks_fix, $wp_newsletter_fix, $sctocr_fix, $nextend_social_login_fix, $business_directory_plugin_fix);
|
| 1444 |
|
| 1445 |
foreach ( $success_array as $successMessage ) {
|
| 1446 |
|
| 1385 |
$r23 = array();
|
| 1386 |
}
|
| 1387 |
|
| 1388 |
+
## Constant Contact + WooCommerce Plugin: whitelist rules
|
| 1389 |
+
$constant_contact_woocommerce_plugin = 'constant-contact-woocommerce/plugin.php';
|
| 1390 |
+
$constant_contact_woocommerce_plugin_active = in_array( $constant_contact_woocommerce_plugin, apply_filters('active_plugins', get_option('active_plugins')));
|
| 1391 |
+
$constant_contact_woocommerce_plugin_fix = '';
|
| 1392 |
+
|
| 1393 |
+
if ( $constant_contact_woocommerce_plugin_active == 1 || is_plugin_active_for_network( $constant_contact_woocommerce_plugin ) ) {
|
| 1394 |
+
$constant_contact_woocommerce_plugin_fix = __('Constant Contact + WooCommerce Plugin BPSQSE AutoWhitelist successful', 'bulletproof-security');
|
| 1395 |
+
|
| 1396 |
+
$p24 = array('/RewriteCond\s%\{QUERY_STRING}\s\[a-zA-Z0-9_\]=\(http\|https\):\/\/\s\[NC,OR\]/', '/RewriteCond\s%\{QUERY_STRING\}\s\[a-zA-Z0-9_\]=\/\(\[a-z0-9_\.\]\/\/\?\)\+\s\[NC,OR\]/', '/RewriteCond\s%\{QUERY_STRING\}\s\(http\|https\)\\\:\s\[NC,OR\]/');
|
| 1397 |
+
$r24 = array("# BPS AutoWhitelist QS2: Constant Contact + WooCommerce Plugin", "# BPS AutoWhitelist QS3: Constant Contact + WooCommerce Plugin", "# BPS AutoWhitelist QS4: Constant Contact + WooCommerce Plugin");
|
| 1398 |
+
|
| 1399 |
+
} else {
|
| 1400 |
+
$p24 = array();
|
| 1401 |
+
$r24 = array();
|
| 1402 |
+
}
|
| 1403 |
+
|
| 1404 |
+
## Constant Contact Forms Plugin: whitelist rules
|
| 1405 |
+
$constant_contact_forms_plugin = 'constant-contact-forms/constant-contact-forms.php';
|
| 1406 |
+
$constant_contact_forms_plugin_active = in_array( $constant_contact_forms_plugin, apply_filters('active_plugins', get_option('active_plugins')));
|
| 1407 |
+
$constant_contact_forms_plugin_fix = '';
|
| 1408 |
+
|
| 1409 |
+
if ( $constant_contact_forms_plugin_active == 1 || is_plugin_active_for_network( $constant_contact_forms_plugin ) ) {
|
| 1410 |
+
$constant_contact_forms_plugin_fix = __('Constant Contact Forms Plugin BPSQSE AutoWhitelist successful', 'bulletproof-security');
|
| 1411 |
+
|
| 1412 |
+
$p25 = array('/RewriteCond\s%\{QUERY_STRING}\s\[a-zA-Z0-9_\]=\(http\|https\):\/\/\s\[NC,OR\]/', '/RewriteCond\s%\{QUERY_STRING\}\s\[a-zA-Z0-9_\]=\/\(\[a-z0-9_\.\]\/\/\?\)\+\s\[NC,OR\]/', '/RewriteCond\s%\{QUERY_STRING\}\s\(http\|https\)\\\:\s\[NC,OR\]/');
|
| 1413 |
+
$r25 = array("# BPS AutoWhitelist QS2: Constant Contact Forms Plugin", "# BPS AutoWhitelist QS3: Constant Contact Forms Plugin", "# BPS AutoWhitelist QS4: Constant Contact Forms Plugin");
|
| 1414 |
+
|
| 1415 |
+
} else {
|
| 1416 |
+
$p25 = array();
|
| 1417 |
+
$r25 = array();
|
| 1418 |
+
}
|
| 1419 |
+
|
| 1420 |
+
$pattern_array = array_merge($p1, $p2, $p3, $p4, $p5, $p6, $p7, $p8, $p9, $p10, $p11, $p12, $p13, $p14, $p15, $p16, $p17, $p18, $p19, $p20, $p21, $p22, $p23, $p24, $p25);
|
| 1421 |
+
$replace_array = array_merge($r1, $r2, $r3, $r4, $r5, $r6, $r7, $r8, $r9, $r10, $r11, $r12, $r13, $r14, $r15, $r16, $r17, $r18, $r19, $r20, $r21, $r22, $r23, $r24, $r25);
|
| 1422 |
|
| 1423 |
if ( $CC_Options_root['bps_customcode_bpsqse'] != '' ) {
|
| 1424 |
$bps_customcode_bpsqse_replace = preg_replace($pattern_array, $replace_array, $bps_customcode_bpsqse_array);
|
| 1472 |
update_option('bulletproof_security_options_customcode', $Root_CC_Options);
|
| 1473 |
}
|
| 1474 |
|
| 1475 |
+
$success_array = array($woo_PagSeguro_fix, $event_espresso_fix, $woo_serial_key_fix, $woo_worldpay_fix, $kama_click_counter_fix, $riva_slider_pro_fix, $wp_auto_spinner_fix, $AgriTurismo_theme_fix, $wccp_pro_fix, $panopress_fix, $essb_code_canyon_fix, $mainwp_fix, $clevercourse_theme_fix, $wp_estore_fix, $wp_emember_fix, $easy_digital_downloads_fix, $mailpoet_fix, $mailchimp_fix, $DAPLiveLinks_fix, $wp_newsletter_fix, $sctocr_fix, $nextend_social_login_fix, $business_directory_plugin_fix, $constant_contact_woocommerce_plugin_fix, $constant_contact_forms_plugin_fix);
|
| 1476 |
|
| 1477 |
foreach ( $success_array as $successMessage ) {
|
| 1478 |
|
admin/wizard/setup-wizard-export.php
CHANGED
|
@@ -0,0 +1,811 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
<?php
|
| 2 |
+
## ---------------------------------------------
|
| 3 |
+
## BulletProof Security Setup Wizard Export
|
| 4 |
+
## Support: https://forum.ait-pro.com/
|
| 5 |
+
## Export Time: November 28, 2021 7:15 am
|
| 6 |
+
## Website: http://demo2.local
|
| 7 |
+
## WP ABSPATH: C:\xampp\htdocs9\demo2/
|
| 8 |
+
## ---------------------------------------------
|
| 9 |
+
|
| 10 |
+
## BPS Plugin Options
|
| 11 |
+
|
| 12 |
+
$bulletproof_security_options_auth_cookie = 'bulletproof_security_options_auth_cookie';
|
| 13 |
+
$bulletproof_security_options_auth_cookie_array = array(
|
| 14 |
+
'bps_ace' => 'On',
|
| 15 |
+
'bps_ace_expiration' => '2880',
|
| 16 |
+
'bps_ace_rememberme_expiration' => '20160',
|
| 17 |
+
'bps_ace_user_account_exceptions' => 'ED5000',
|
| 18 |
+
'bps_ace_administrator' => '1',
|
| 19 |
+
'bps_ace_editor' => '1',
|
| 20 |
+
'bps_ace_author' => '1',
|
| 21 |
+
'bps_ace_contributor' => '1',
|
| 22 |
+
'bps_ace_subscriber' => '1',
|
| 23 |
+
'bps_ace_rememberme_disable' => '',
|
| 24 |
+
);
|
| 25 |
+
|
| 26 |
+
if ( ! get_option( $bulletproof_security_options_auth_cookie ) ) {
|
| 27 |
+
foreach( $bulletproof_security_options_auth_cookie_array as $key => $value ) {
|
| 28 |
+
update_option('bulletproof_security_options_auth_cookie', $bulletproof_security_options_auth_cookie_array);
|
| 29 |
+
}
|
| 30 |
+
|
| 31 |
+
} else {
|
| 32 |
+
|
| 33 |
+
foreach( $bulletproof_security_options_auth_cookie_array as $key => $value ) {
|
| 34 |
+
update_option('bulletproof_security_options_auth_cookie', $bulletproof_security_options_auth_cookie_array);
|
| 35 |
+
}
|
| 36 |
+
}
|
| 37 |
+
|
| 38 |
+
$bulletproof_security_options_autolock = 'bulletproof_security_options_autolock';
|
| 39 |
+
$bulletproof_security_options_autolock_array = array(
|
| 40 |
+
'bps_root_htaccess_autolock' => 'Off',
|
| 41 |
+
);
|
| 42 |
+
|
| 43 |
+
if ( ! get_option( $bulletproof_security_options_autolock ) ) {
|
| 44 |
+
foreach( $bulletproof_security_options_autolock_array as $key => $value ) {
|
| 45 |
+
update_option('bulletproof_security_options_autolock', $bulletproof_security_options_autolock_array);
|
| 46 |
+
}
|
| 47 |
+
|
| 48 |
+
} else {
|
| 49 |
+
|
| 50 |
+
foreach( $bulletproof_security_options_autolock_array as $key => $value ) {
|
| 51 |
+
update_option('bulletproof_security_options_autolock', $bulletproof_security_options_autolock_array);
|
| 52 |
+
}
|
| 53 |
+
}
|
| 54 |
+
|
| 55 |
+
$bulletproof_security_options_customcode = 'bulletproof_security_options_customcode';
|
| 56 |
+
$bulletproof_security_options_customcode_array = array(
|
| 57 |
+
'bps_customcode_one' => '',
|
| 58 |
+
'bps_customcode_server_signature' => '',
|
| 59 |
+
'bps_customcode_directory_index' => '',
|
| 60 |
+
'bps_customcode_server_protocol' => '',
|
| 61 |
+
'bps_customcode_error_logging' => '',
|
| 62 |
+
'bps_customcode_deny_dot_folders' => '',
|
| 63 |
+
'bps_customcode_admin_includes' => '',
|
| 64 |
+
'bps_customcode_wp_rewrite_start' => '',
|
| 65 |
+
'bps_customcode_request_methods' => '',
|
| 66 |
+
'bps_customcode_two' => '',
|
| 67 |
+
'bps_customcode_timthumb_misc' => '# TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
|
| 68 |
+
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
|
| 69 |
+
# Remote File Inclusion (RFI) security rules
|
| 70 |
+
# Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files
|
| 71 |
+
RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
|
| 72 |
+
RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
|
| 73 |
+
RewriteRule .* index.php [F]
|
| 74 |
+
#
|
| 75 |
+
# Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)
|
| 76 |
+
RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
|
| 77 |
+
# Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*
|
| 78 |
+
RewriteCond %{HTTP_REFERER} ^.*demo2.local.*
|
| 79 |
+
RewriteRule . - [S=1]',
|
| 80 |
+
'bps_customcode_bpsqse' => '# BEGIN BPSQSE BPS QUERY STRING EXPLOITS
|
| 81 |
+
# The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too.
|
| 82 |
+
# Good sites such as W3C use it for their W3C-LinkChecker.
|
| 83 |
+
# Use BPS Custom Code to add or remove user agents temporarily or permanently from the
|
| 84 |
+
# User Agent filters directly below or to modify/edit/change any of the other security code rules below.
|
| 85 |
+
RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
|
| 86 |
+
RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
|
| 87 |
+
RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
|
| 88 |
+
RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)(http|https)(:/|/) [NC,OR]
|
| 89 |
+
RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
|
| 90 |
+
RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
|
| 91 |
+
RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR]
|
| 92 |
+
RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR]
|
| 93 |
+
RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
|
| 94 |
+
RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR]
|
| 95 |
+
RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR]
|
| 96 |
+
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(http|https):// [NC,OR]
|
| 97 |
+
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR]
|
| 98 |
+
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
|
| 99 |
+
RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
|
| 100 |
+
RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR]
|
| 101 |
+
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
|
| 102 |
+
RewriteCond %{QUERY_STRING} (http|https)\: [NC,OR]
|
| 103 |
+
RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
|
| 104 |
+
RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
|
| 105 |
+
RewriteCond %{QUERY_STRING} ^(.*)cPath=(http|https)://(.*)$ [NC,OR]
|
| 106 |
+
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
|
| 107 |
+
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
|
| 108 |
+
RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR]
|
| 109 |
+
RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR]
|
| 110 |
+
RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR]
|
| 111 |
+
RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR]
|
| 112 |
+
RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
|
| 113 |
+
RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
|
| 114 |
+
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
|
| 115 |
+
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
|
| 116 |
+
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
|
| 117 |
+
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
|
| 118 |
+
RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR]
|
| 119 |
+
RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR]
|
| 120 |
+
RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
|
| 121 |
+
RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR]
|
| 122 |
+
RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
|
| 123 |
+
RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
|
| 124 |
+
RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
|
| 125 |
+
RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
|
| 126 |
+
RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
|
| 127 |
+
RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR]
|
| 128 |
+
RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
|
| 129 |
+
RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
|
| 130 |
+
RewriteRule ^(.*)$ - [F]
|
| 131 |
+
# END BPSQSE BPS QUERY STRING EXPLOITS',
|
| 132 |
+
'bps_customcode_deny_files' => '',
|
| 133 |
+
'bps_customcode_three' => '',
|
| 134 |
+
);
|
| 135 |
+
|
| 136 |
+
if ( ! get_option( $bulletproof_security_options_customcode ) ) {
|
| 137 |
+
foreach( $bulletproof_security_options_customcode_array as $key => $value ) {
|
| 138 |
+
update_option('bulletproof_security_options_customcode', $bulletproof_security_options_customcode_array);
|
| 139 |
+
}
|
| 140 |
+
|
| 141 |
+
} else {
|
| 142 |
+
|
| 143 |
+
foreach( $bulletproof_security_options_customcode_array as $key => $value ) {
|
| 144 |
+
update_option('bulletproof_security_options_customcode', $bulletproof_security_options_customcode_array);
|
| 145 |
+
}
|
| 146 |
+
}
|
| 147 |
+
|
| 148 |
+
$bulletproof_security_options_customcode_WPA = 'bulletproof_security_options_customcode_WPA';
|
| 149 |
+
$bulletproof_security_options_customcode_WPA_array = array(
|
| 150 |
+
'bps_customcode_deny_files_wpa' => '',
|
| 151 |
+
'bps_customcode_one_wpa' => '',
|
| 152 |
+
'bps_customcode_two_wpa' => '',
|
| 153 |
+
'bps_customcode_bpsqse_wpa' => '# BEGIN BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS
|
| 154 |
+
# WORDPRESS WILL BREAK IF ALL THE BPSQSE FILTERS ARE DELETED
|
| 155 |
+
# Use BPS wp-admin Custom Code to modify/edit/change this code and to save it permanently.
|
| 156 |
+
RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
|
| 157 |
+
RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
|
| 158 |
+
RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)(http|https)(:/|/) [NC,OR]
|
| 159 |
+
RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
|
| 160 |
+
RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
|
| 161 |
+
RewriteCond %{THE_REQUEST} (%0A|%0D) [NC,OR]
|
| 162 |
+
RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR]
|
| 163 |
+
RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
|
| 164 |
+
RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR]
|
| 165 |
+
RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR]
|
| 166 |
+
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(http|https):// [NC,OR]
|
| 167 |
+
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR]
|
| 168 |
+
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
|
| 169 |
+
RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
|
| 170 |
+
RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR]
|
| 171 |
+
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
|
| 172 |
+
RewriteCond %{QUERY_STRING} (http|https)\: [NC,OR]
|
| 173 |
+
RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
|
| 174 |
+
RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
|
| 175 |
+
RewriteCond %{QUERY_STRING} ^(.*)cPath=(http|https)://(.*)$ [NC,OR]
|
| 176 |
+
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
|
| 177 |
+
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
|
| 178 |
+
RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
|
| 179 |
+
RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
|
| 180 |
+
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
|
| 181 |
+
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
|
| 182 |
+
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
|
| 183 |
+
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
|
| 184 |
+
RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>).* [NC,OR]
|
| 185 |
+
RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
|
| 186 |
+
RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR]
|
| 187 |
+
RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
|
| 188 |
+
RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
|
| 189 |
+
RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
|
| 190 |
+
RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
|
| 191 |
+
RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
|
| 192 |
+
RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
|
| 193 |
+
RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
|
| 194 |
+
RewriteRule ^(.*)$ - [F]
|
| 195 |
+
# END BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS
|
| 196 |
+
',
|
| 197 |
+
);
|
| 198 |
+
|
| 199 |
+
if ( ! get_option( $bulletproof_security_options_customcode_WPA ) ) {
|
| 200 |
+
foreach( $bulletproof_security_options_customcode_WPA_array as $key => $value ) {
|
| 201 |
+
update_option('bulletproof_security_options_customcode_WPA', $bulletproof_security_options_customcode_WPA_array);
|
| 202 |
+
}
|
| 203 |
+
|
| 204 |
+
} else {
|
| 205 |
+
|
| 206 |
+
foreach( $bulletproof_security_options_customcode_WPA_array as $key => $value ) {
|
| 207 |
+
update_option('bulletproof_security_options_customcode_WPA', $bulletproof_security_options_customcode_WPA_array);
|
| 208 |
+
}
|
| 209 |
+
}
|
| 210 |
+
|
| 211 |
+
$bulletproof_security_options_debug = 'bulletproof_security_options_debug';
|
| 212 |
+
$bulletproof_security_options_debug_array = array(
|
| 213 |
+
'bps_debug' => 'Off',
|
| 214 |
+
);
|
| 215 |
+
|
| 216 |
+
if ( ! get_option( $bulletproof_security_options_debug ) ) {
|
| 217 |
+
foreach( $bulletproof_security_options_debug_array as $key => $value ) {
|
| 218 |
+
update_option('bulletproof_security_options_debug', $bulletproof_security_options_debug_array);
|
| 219 |
+
}
|
| 220 |
+
|
| 221 |
+
} else {
|
| 222 |
+
|
| 223 |
+
foreach( $bulletproof_security_options_debug_array as $key => $value ) {
|
| 224 |
+
update_option('bulletproof_security_options_debug', $bulletproof_security_options_debug_array);
|
| 225 |
+
}
|
| 226 |
+
}
|
| 227 |
+
|
| 228 |
+
$bulletproof_security_options_email = 'bulletproof_security_options_email';
|
| 229 |
+
$bulletproof_security_options_email_array = array(
|
| 230 |
+
'bps_send_email_to' => 'edward@ait-pro.com',
|
| 231 |
+
'bps_send_email_from' => 'edward@ait-pro.com',
|
| 232 |
+
'bps_send_email_cc' => '',
|
| 233 |
+
'bps_send_email_bcc' => '',
|
| 234 |
+
'bps_login_security_email' => 'lockoutOnly',
|
| 235 |
+
'bps_security_log_size' => '500KB',
|
| 236 |
+
'bps_security_log_emailL' => 'email',
|
| 237 |
+
'bps_dbb_log_email' => 'email',
|
| 238 |
+
'bps_dbb_log_size' => '500KB',
|
| 239 |
+
'bps_mscan_log_size' => '500KB',
|
| 240 |
+
'bps_mscan_log_email' => 'email',
|
| 241 |
+
'bps_plugin_updates_frequency' => '1Hour',
|
| 242 |
+
'bps_plugin_updates_email' => 'no',
|
| 243 |
+
'bps_theme_updates_frequency' => '1Hour',
|
| 244 |
+
'bps_theme_updates_email' => 'no',
|
| 245 |
+
);
|
| 246 |
+
|
| 247 |
+
if ( ! get_option( $bulletproof_security_options_email ) ) {
|
| 248 |
+
foreach( $bulletproof_security_options_email_array as $key => $value ) {
|
| 249 |
+
update_option('bulletproof_security_options_email', $bulletproof_security_options_email_array);
|
| 250 |
+
}
|
| 251 |
+
|
| 252 |
+
} else {
|
| 253 |
+
|
| 254 |
+
foreach( $bulletproof_security_options_email_array as $key => $value ) {
|
| 255 |
+
update_option('bulletproof_security_options_email', $bulletproof_security_options_email_array);
|
| 256 |
+
}
|
| 257 |
+
}
|
| 258 |
+
|
| 259 |
+
$bulletproof_security_options_fsp = 'bulletproof_security_options_fsp';
|
| 260 |
+
$bulletproof_security_options_fsp_array = array(
|
| 261 |
+
'bps_fsp_on_off' => 'Off',
|
| 262 |
+
'bps_fsp_char_length' => '12',
|
| 263 |
+
'bps_fsp_lower_case' => '1',
|
| 264 |
+
'bps_fsp_upper_case' => '1',
|
| 265 |
+
'bps_fsp_number' => '1',
|
| 266 |
+
'bps_fsp_special_char' => '1',
|
| 267 |
+
'bps_fsp_message' => 'Password must contain 1 lowercase letter, 1 uppercase letter, 1 number, 1 special character and be a minimum of 12 characters long.',
|
| 268 |
+
);
|
| 269 |
+
|
| 270 |
+
if ( ! get_option( $bulletproof_security_options_fsp ) ) {
|
| 271 |
+
foreach( $bulletproof_security_options_fsp_array as $key => $value ) {
|
| 272 |
+
update_option('bulletproof_security_options_fsp', $bulletproof_security_options_fsp_array);
|
| 273 |
+
}
|
| 274 |
+
|
| 275 |
+
} else {
|
| 276 |
+
|
| 277 |
+
foreach( $bulletproof_security_options_fsp_array as $key => $value ) {
|
| 278 |
+
update_option('bulletproof_security_options_fsp', $bulletproof_security_options_fsp_array);
|
| 279 |
+
}
|
| 280 |
+
}
|
| 281 |
+
|
| 282 |
+
$bulletproof_security_options_GDMW = 'bulletproof_security_options_GDMW';
|
| 283 |
+
$bulletproof_security_options_GDMW_array = array(
|
| 284 |
+
'bps_gdmw_hosting' => 'no',
|
| 285 |
+
);
|
| 286 |
+
|
| 287 |
+
if ( ! get_option( $bulletproof_security_options_GDMW ) ) {
|
| 288 |
+
foreach( $bulletproof_security_options_GDMW_array as $key => $value ) {
|
| 289 |
+
update_option('bulletproof_security_options_GDMW', $bulletproof_security_options_GDMW_array);
|
| 290 |
+
}
|
| 291 |
+
|
| 292 |
+
} else {
|
| 293 |
+
|
| 294 |
+
foreach( $bulletproof_security_options_GDMW_array as $key => $value ) {
|
| 295 |
+
update_option('bulletproof_security_options_GDMW', $bulletproof_security_options_GDMW_array);
|
| 296 |
+
}
|
| 297 |
+
}
|
| 298 |
+
|
| 299 |
+
$bulletproof_security_options_gdpr = 'bulletproof_security_options_gdpr';
|
| 300 |
+
$bulletproof_security_options_gdpr_array = array(
|
| 301 |
+
'bps_gdpr_on_off' => 'Off',
|
| 302 |
+
);
|
| 303 |
+
|
| 304 |
+
if ( ! get_option( $bulletproof_security_options_gdpr ) ) {
|
| 305 |
+
foreach( $bulletproof_security_options_gdpr_array as $key => $value ) {
|
| 306 |
+
update_option('bulletproof_security_options_gdpr', $bulletproof_security_options_gdpr_array);
|
| 307 |
+
}
|
| 308 |
+
|
| 309 |
+
} else {
|
| 310 |
+
|
| 311 |
+
foreach( $bulletproof_security_options_gdpr_array as $key => $value ) {
|
| 312 |
+
update_option('bulletproof_security_options_gdpr', $bulletproof_security_options_gdpr_array);
|
| 313 |
+
}
|
| 314 |
+
}
|
| 315 |
+
|
| 316 |
+
$bulletproof_security_options_hidden_plugins = 'bulletproof_security_options_hidden_plugins';
|
| 317 |
+
$bulletproof_security_options_hidden_plugins_array = array(
|
| 318 |
+
'bps_hidden_plugins_check' => 'test',
|
| 319 |
+
);
|
| 320 |
+
|
| 321 |
+
if ( ! get_option( $bulletproof_security_options_hidden_plugins ) ) {
|
| 322 |
+
foreach( $bulletproof_security_options_hidden_plugins_array as $key => $value ) {
|
| 323 |
+
update_option('bulletproof_security_options_hidden_plugins', $bulletproof_security_options_hidden_plugins_array);
|
| 324 |
+
}
|
| 325 |
+
|
| 326 |
+
} else {
|
| 327 |
+
|
| 328 |
+
foreach( $bulletproof_security_options_hidden_plugins_array as $key => $value ) {
|
| 329 |
+
update_option('bulletproof_security_options_hidden_plugins', $bulletproof_security_options_hidden_plugins_array);
|
| 330 |
+
}
|
| 331 |
+
}
|
| 332 |
+
|
| 333 |
+
$bulletproof_security_options_hpf_cron = 'bulletproof_security_options_hpf_cron';
|
| 334 |
+
$bulletproof_security_options_hpf_cron_array = array(
|
| 335 |
+
'bps_hidden_plugins_cron' => 'On',
|
| 336 |
+
'bps_hidden_plugins_cron_frequency' => '15',
|
| 337 |
+
'bps_hidden_plugins_cron_email' => '',
|
| 338 |
+
'bps_hidden_plugins_cron_alert' => '',
|
| 339 |
+
);
|
| 340 |
+
|
| 341 |
+
if ( ! get_option( $bulletproof_security_options_hpf_cron ) ) {
|
| 342 |
+
foreach( $bulletproof_security_options_hpf_cron_array as $key => $value ) {
|
| 343 |
+
update_option('bulletproof_security_options_hpf_cron', $bulletproof_security_options_hpf_cron_array);
|
| 344 |
+
}
|
| 345 |
+
|
| 346 |
+
} else {
|
| 347 |
+
|
| 348 |
+
foreach( $bulletproof_security_options_hpf_cron_array as $key => $value ) {
|
| 349 |
+
update_option('bulletproof_security_options_hpf_cron', $bulletproof_security_options_hpf_cron_array);
|
| 350 |
+
}
|
| 351 |
+
}
|
| 352 |
+
|
| 353 |
+
$bulletproof_security_options_htaccess_files = 'bulletproof_security_options_htaccess_files';
|
| 354 |
+
$bulletproof_security_options_htaccess_files_array = array(
|
| 355 |
+
'bps_htaccess_files' => 'enabled',
|
| 356 |
+
);
|
| 357 |
+
|
| 358 |
+
if ( ! get_option( $bulletproof_security_options_htaccess_files ) ) {
|
| 359 |
+
foreach( $bulletproof_security_options_htaccess_files_array as $key => $value ) {
|
| 360 |
+
update_option('bulletproof_security_options_htaccess_files', $bulletproof_security_options_htaccess_files_array);
|
| 361 |
+
}
|
| 362 |
+
|
| 363 |
+
} else {
|
| 364 |
+
|
| 365 |
+
foreach( $bulletproof_security_options_htaccess_files_array as $key => $value ) {
|
| 366 |
+
update_option('bulletproof_security_options_htaccess_files', $bulletproof_security_options_htaccess_files_array);
|
| 367 |
+
}
|
| 368 |
+
}
|
| 369 |
+
|
| 370 |
+
$bulletproof_security_options_htaccess_res = 'bulletproof_security_options_htaccess_res';
|
| 371 |
+
$bulletproof_security_options_htaccess_res_array = array(
|
| 372 |
+
'bps_wpadmin_restriction' => 'enabled',
|
| 373 |
+
);
|
| 374 |
+
|
| 375 |
+
if ( ! get_option( $bulletproof_security_options_htaccess_res ) ) {
|
| 376 |
+
foreach( $bulletproof_security_options_htaccess_res_array as $key => $value ) {
|
| 377 |
+
update_option('bulletproof_security_options_htaccess_res', $bulletproof_security_options_htaccess_res_array);
|
| 378 |
+
}
|
| 379 |
+
|
| 380 |
+
} else {
|
| 381 |
+
|
| 382 |
+
foreach( $bulletproof_security_options_htaccess_res_array as $key => $value ) {
|
| 383 |
+
update_option('bulletproof_security_options_htaccess_res', $bulletproof_security_options_htaccess_res_array);
|
| 384 |
+
}
|
| 385 |
+
}
|
| 386 |
+
|
| 387 |
+
$bulletproof_security_options_idle_session = 'bulletproof_security_options_idle_session';
|
| 388 |
+
$bulletproof_security_options_idle_session_array = array(
|
| 389 |
+
'bps_isl' => 'On',
|
| 390 |
+
'bps_isl_timeout' => '60',
|
| 391 |
+
'bps_isl_logout_url' => 'http://demo2.local/wp-content/plugins/bulletproof-security/isl-logout.php',
|
| 392 |
+
'bps_isl_login_url' => 'http://demo2.local/wp-login.php',
|
| 393 |
+
'bps_isl_custom_message' => '',
|
| 394 |
+
'bps_isl_custom_css_1' => 'background-color:#fff;line-height:normal;',
|
| 395 |
+
'bps_isl_custom_css_2' => 'position:fixed;top:20%;left:0%;text-align:center;height:100%;width:100%;',
|
| 396 |
+
'bps_isl_custom_css_3' => 'border:5px solid gray;background-color:#BCE2F1;',
|
| 397 |
+
'bps_isl_custom_css_4' => 'font-family:Verdana, Arial, Helvetica, sans-serif;font-size:18px;font-weight:bold;',
|
| 398 |
+
'bps_isl_user_account_exceptions' => 'ED5000',
|
| 399 |
+
'bps_isl_administrator' => '1',
|
| 400 |
+
'bps_isl_editor' => '1',
|
| 401 |
+
'bps_isl_author' => '1',
|
| 402 |
+
'bps_isl_contributor' => '1',
|
| 403 |
+
'bps_isl_subscriber' => '1',
|
| 404 |
+
'bps_isl_tinymce' => '',
|
| 405 |
+
'bps_isl_uri_exclusions' => '',
|
| 406 |
+
);
|
| 407 |
+
|
| 408 |
+
if ( ! get_option( $bulletproof_security_options_idle_session ) ) {
|
| 409 |
+
foreach( $bulletproof_security_options_idle_session_array as $key => $value ) {
|
| 410 |
+
update_option('bulletproof_security_options_idle_session', $bulletproof_security_options_idle_session_array);
|
| 411 |
+
}
|
| 412 |
+
|
| 413 |
+
} else {
|
| 414 |
+
|
| 415 |
+
foreach( $bulletproof_security_options_idle_session_array as $key => $value ) {
|
| 416 |
+
update_option('bulletproof_security_options_idle_session', $bulletproof_security_options_idle_session_array);
|
| 417 |
+
}
|
| 418 |
+
}
|
| 419 |
+
|
| 420 |
+
$bulletproof_security_options_login_security = 'bulletproof_security_options_login_security';
|
| 421 |
+
$bulletproof_security_options_login_security_array = array(
|
| 422 |
+
'bps_max_logins' => '3',
|
| 423 |
+
'bps_lockout_duration' => '15',
|
| 424 |
+
'bps_manual_lockout_duration' => '60',
|
| 425 |
+
'bps_max_db_rows_display' => '',
|
| 426 |
+
'bps_login_security_OnOff' => 'On',
|
| 427 |
+
'bps_login_security_logging' => 'logAll',
|
| 428 |
+
'bps_login_security_errors' => 'wpErrors',
|
| 429 |
+
'bps_login_security_remaining' => 'On',
|
| 430 |
+
'bps_login_security_pw_reset' => 'enable',
|
| 431 |
+
'bps_login_security_sort' => 'descending',
|
| 432 |
+
'bps_enable_lsm_woocommerce' => '',
|
| 433 |
+
);
|
| 434 |
+
|
| 435 |
+
if ( ! get_option( $bulletproof_security_options_login_security ) ) {
|
| 436 |
+
foreach( $bulletproof_security_options_login_security_array as $key => $value ) {
|
| 437 |
+
update_option('bulletproof_security_options_login_security', $bulletproof_security_options_login_security_array);
|
| 438 |
+
}
|
| 439 |
+
|
| 440 |
+
} else {
|
| 441 |
+
|
| 442 |
+
foreach( $bulletproof_security_options_login_security_array as $key => $value ) {
|
| 443 |
+
update_option('bulletproof_security_options_login_security', $bulletproof_security_options_login_security_array);
|
| 444 |
+
}
|
| 445 |
+
}
|
| 446 |
+
|
| 447 |
+
$bulletproof_security_options_login_security_jtc = 'bulletproof_security_options_login_security_jtc';
|
| 448 |
+
$bulletproof_security_options_login_security_jtc_array = array(
|
| 449 |
+
'bps_tooltip_captcha_key' => 'jtc',
|
| 450 |
+
'bps_tooltip_captcha_hover_text' => 'Type/Enter: jtc',
|
| 451 |
+
'bps_tooltip_captcha_title' => 'Hover or click the text box below',
|
| 452 |
+
'bps_tooltip_captcha_logging' => 'Off',
|
| 453 |
+
'bps_jtc_login_form' => '1',
|
| 454 |
+
'bps_jtc_register_form' => '',
|
| 455 |
+
'bps_jtc_lostpassword_form' => '',
|
| 456 |
+
'bps_jtc_comment_form' => '',
|
| 457 |
+
'bps_jtc_mu_register_form' => '',
|
| 458 |
+
'bps_jtc_buddypress_register_form' => '',
|
| 459 |
+
'bps_jtc_buddypress_sidebar_form' => '',
|
| 460 |
+
'bps_jtc_administrator' => '',
|
| 461 |
+
'bps_jtc_editor' => '',
|
| 462 |
+
'bps_jtc_author' => '',
|
| 463 |
+
'bps_jtc_contributor' => '',
|
| 464 |
+
'bps_jtc_subscriber' => '',
|
| 465 |
+
'bps_jtc_comment_form_error' => '<strong>ERROR</strong>: Incorrect JTC CAPTCHA Entered. Click your Browser back button and re-enter the JTC CAPTCHA.',
|
| 466 |
+
'bps_jtc_comment_form_label' => 'position:relative;top:0px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;',
|
| 467 |
+
'bps_jtc_comment_form_input' => 'position:relative;top:0px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;',
|
| 468 |
+
'bps_enable_jtc_woocommerce' => '',
|
| 469 |
+
'bps_jtc_custom_form_error' => '<strong>ERROR</strong>: Incorrect CAPTCHA Entered.',
|
| 470 |
+
);
|
| 471 |
+
|
| 472 |
+
if ( ! get_option( $bulletproof_security_options_login_security_jtc ) ) {
|
| 473 |
+
foreach( $bulletproof_security_options_login_security_jtc_array as $key => $value ) {
|
| 474 |
+
update_option('bulletproof_security_options_login_security_jtc', $bulletproof_security_options_login_security_jtc_array);
|
| 475 |
+
}
|
| 476 |
+
|
| 477 |
+
} else {
|
| 478 |
+
|
| 479 |
+
foreach( $bulletproof_security_options_login_security_jtc_array as $key => $value ) {
|
| 480 |
+
update_option('bulletproof_security_options_login_security_jtc', $bulletproof_security_options_login_security_jtc_array);
|
| 481 |
+
}
|
| 482 |
+
}
|
| 483 |
+
|
| 484 |
+
$bulletproof_security_options_maint_mode = 'bulletproof_security_options_maint_mode';
|
| 485 |
+
$bulletproof_security_options_maint_mode_array = array(
|
| 486 |
+
'bps_maint_on_off' => 'Off',
|
| 487 |
+
'bps_maint_countdown_timer' => '1',
|
| 488 |
+
'bps_maint_countdown_timer_color' => 'white',
|
| 489 |
+
'bps_maint_time' => '180',
|
| 490 |
+
'bps_maint_retry_after' => '180',
|
| 491 |
+
'bps_maint_frontend' => '1',
|
| 492 |
+
'bps_maint_backend' => '',
|
| 493 |
+
'bps_maint_ip_allowed' => '127.0.0.',
|
| 494 |
+
'bps_maint_text' => '<div id=\"image-text-top\" style=\"position: absolute; top: -250px; left: -375px; margin: 0px 0px 0px 20px;\">
|
| 495 |
+
<h1>Maintenance Mode Example</h1>
|
| 496 |
+
<span style=\"margin: 0px 0px 0px 20px;\">Message to display to website visitors</span>
|
| 497 |
+
|
| 498 |
+
</div>
|
| 499 |
+
<div id=\"image-position\" style=\"z-index: -1; position: absolute; top: -325px; left: -560px; background-size: auto; padding: 0px; -moz-box-shadow: 4px 4px 4px #888888; -webkit-box-shadow: 4px 4px 4px #888888; box-shadow: 4px 4px 4px #888888;\"><img class=\"alignnone size-full wp-image-5\" src=\"http://demo2.local/wp-content/uploads/2021/11/ventura-coast.jpg\" alt=\"\" width=\"1612\" height=\"1075\" /></div>',
|
| 500 |
+
'bps_maint_background_images' => '0',
|
| 501 |
+
'bps_maint_center_images' => '0',
|
| 502 |
+
'bps_maint_background_color' => 'white',
|
| 503 |
+
'bps_maint_show_visitor_ip' => '1',
|
| 504 |
+
'bps_maint_show_login_link' => '1',
|
| 505 |
+
'bps_maint_dashboard_reminder' => '1',
|
| 506 |
+
'bps_maint_log_visitors' => '1',
|
| 507 |
+
'bps_maint_countdown_email' => '1',
|
| 508 |
+
'bps_maint_email_to' => 'edward@ait-pro.com',
|
| 509 |
+
'bps_maint_email_from' => 'edward@ait-pro.com',
|
| 510 |
+
'bps_maint_email_cc' => 'edward@ait-pro.com',
|
| 511 |
+
'bps_maint_email_bcc' => 'edward@ait-pro.com',
|
| 512 |
+
'bps_maint_mu_entire_site' => '',
|
| 513 |
+
'bps_maint_mu_subsites_only' => '',
|
| 514 |
+
);
|
| 515 |
+
|
| 516 |
+
if ( ! get_option( $bulletproof_security_options_maint_mode ) ) {
|
| 517 |
+
foreach( $bulletproof_security_options_maint_mode_array as $key => $value ) {
|
| 518 |
+
update_option('bulletproof_security_options_maint_mode', $bulletproof_security_options_maint_mode_array);
|
| 519 |
+
}
|
| 520 |
+
|
| 521 |
+
} else {
|
| 522 |
+
|
| 523 |
+
foreach( $bulletproof_security_options_maint_mode_array as $key => $value ) {
|
| 524 |
+
update_option('bulletproof_security_options_maint_mode', $bulletproof_security_options_maint_mode_array);
|
| 525 |
+
}
|
| 526 |
+
}
|
| 527 |
+
|
| 528 |
+
$bulletproof_security_options_MScan = 'bulletproof_security_options_MScan';
|
| 529 |
+
$bulletproof_security_options_MScan_array = array(
|
| 530 |
+
'mscan_max_file_size' => '1000',
|
| 531 |
+
'mscan_max_time_limit' => '300',
|
| 532 |
+
'mscan_scan_database' => 'On',
|
| 533 |
+
'mscan_scan_images' => 'Off',
|
| 534 |
+
'mscan_scan_skipped_files' => 'Off',
|
| 535 |
+
'mscan_scan_delete_tmp_files' => 'Off',
|
| 536 |
+
'mscan_scan_frequency' => 'Off',
|
| 537 |
+
'mscan_exclude_dirs' => '',
|
| 538 |
+
'mscan_exclude_tmp_files' => '
|
| 539 |
+
',
|
| 540 |
+
'mscan_file_size_limit_hidden' => '14',
|
| 541 |
+
);
|
| 542 |
+
|
| 543 |
+
if ( ! get_option( $bulletproof_security_options_MScan ) ) {
|
| 544 |
+
foreach( $bulletproof_security_options_MScan_array as $key => $value ) {
|
| 545 |
+
update_option('bulletproof_security_options_MScan', $bulletproof_security_options_MScan_array);
|
| 546 |
+
}
|
| 547 |
+
|
| 548 |
+
} else {
|
| 549 |
+
|
| 550 |
+
foreach( $bulletproof_security_options_MScan_array as $key => $value ) {
|
| 551 |
+
update_option('bulletproof_security_options_MScan', $bulletproof_security_options_MScan_array);
|
| 552 |
+
}
|
| 553 |
+
}
|
| 554 |
+
|
| 555 |
+
$bulletproof_security_options_mscan_patterns = 'bulletproof_security_options_mscan_patterns';
|
| 556 |
+
$bulletproof_security_options_mscan_patterns_array = array(
|
| 557 |
+
);
|
| 558 |
+
|
| 559 |
+
if ( ! get_option( $bulletproof_security_options_mscan_patterns ) ) {
|
| 560 |
+
foreach( $bulletproof_security_options_mscan_patterns_array as $key => $value ) {
|
| 561 |
+
update_option('bulletproof_security_options_mscan_patterns', $bulletproof_security_options_mscan_patterns_array);
|
| 562 |
+
}
|
| 563 |
+
|
| 564 |
+
} else {
|
| 565 |
+
|
| 566 |
+
foreach( $bulletproof_security_options_mscan_patterns_array as $key => $value ) {
|
| 567 |
+
update_option('bulletproof_security_options_mscan_patterns', $bulletproof_security_options_mscan_patterns_array);
|
| 568 |
+
}
|
| 569 |
+
}
|
| 570 |
+
|
| 571 |
+
$bulletproof_security_options_mscan_report = 'bulletproof_security_options_mscan_report';
|
| 572 |
+
$bulletproof_security_options_mscan_report_array = array(
|
| 573 |
+
);
|
| 574 |
+
|
| 575 |
+
if ( ! get_option( $bulletproof_security_options_mscan_report ) ) {
|
| 576 |
+
foreach( $bulletproof_security_options_mscan_report_array as $key => $value ) {
|
| 577 |
+
update_option('bulletproof_security_options_mscan_report', $bulletproof_security_options_mscan_report_array);
|
| 578 |
+
}
|
| 579 |
+
|
| 580 |
+
} else {
|
| 581 |
+
|
| 582 |
+
foreach( $bulletproof_security_options_mscan_report_array as $key => $value ) {
|
| 583 |
+
update_option('bulletproof_security_options_mscan_report', $bulletproof_security_options_mscan_report_array);
|
| 584 |
+
}
|
| 585 |
+
}
|
| 586 |
+
|
| 587 |
+
$bulletproof_security_options_mu_sysinfo = 'bulletproof_security_options_mu_sysinfo';
|
| 588 |
+
$bulletproof_security_options_mu_sysinfo_array = array(
|
| 589 |
+
'bps_sysinfo_hide_display' => 'display',
|
| 590 |
+
);
|
| 591 |
+
|
| 592 |
+
if ( ! get_option( $bulletproof_security_options_mu_sysinfo ) ) {
|
| 593 |
+
foreach( $bulletproof_security_options_mu_sysinfo_array as $key => $value ) {
|
| 594 |
+
update_option('bulletproof_security_options_mu_sysinfo', $bulletproof_security_options_mu_sysinfo_array);
|
| 595 |
+
}
|
| 596 |
+
|
| 597 |
+
} else {
|
| 598 |
+
|
| 599 |
+
foreach( $bulletproof_security_options_mu_sysinfo_array as $key => $value ) {
|
| 600 |
+
update_option('bulletproof_security_options_mu_sysinfo', $bulletproof_security_options_mu_sysinfo_array);
|
| 601 |
+
}
|
| 602 |
+
}
|
| 603 |
+
|
| 604 |
+
$bulletproof_security_options_mynotes = 'bulletproof_security_options_mynotes';
|
| 605 |
+
$bulletproof_security_options_mynotes_array = array(
|
| 606 |
+
'bps_my_notes' => '',
|
| 607 |
+
);
|
| 608 |
+
|
| 609 |
+
if ( ! get_option( $bulletproof_security_options_mynotes ) ) {
|
| 610 |
+
foreach( $bulletproof_security_options_mynotes_array as $key => $value ) {
|
| 611 |
+
update_option('bulletproof_security_options_mynotes', $bulletproof_security_options_mynotes_array);
|
| 612 |
+
}
|
| 613 |
+
|
| 614 |
+
} else {
|
| 615 |
+
|
| 616 |
+
foreach( $bulletproof_security_options_mynotes_array as $key => $value ) {
|
| 617 |
+
update_option('bulletproof_security_options_mynotes', $bulletproof_security_options_mynotes_array);
|
| 618 |
+
}
|
| 619 |
+
}
|
| 620 |
+
|
| 621 |
+
$bulletproof_security_options_new_feature = 'bulletproof_security_options_new_feature';
|
| 622 |
+
$bulletproof_security_options_new_feature_array = array(
|
| 623 |
+
'bps_mscan_rebuild' => 'upgrade',
|
| 624 |
+
);
|
| 625 |
+
|
| 626 |
+
if ( ! get_option( $bulletproof_security_options_new_feature ) ) {
|
| 627 |
+
foreach( $bulletproof_security_options_new_feature_array as $key => $value ) {
|
| 628 |
+
update_option('bulletproof_security_options_new_feature', $bulletproof_security_options_new_feature_array);
|
| 629 |
+
}
|
| 630 |
+
|
| 631 |
+
} else {
|
| 632 |
+
|
| 633 |
+
foreach( $bulletproof_security_options_new_feature_array as $key => $value ) {
|
| 634 |
+
update_option('bulletproof_security_options_new_feature', $bulletproof_security_options_new_feature_array);
|
| 635 |
+
}
|
| 636 |
+
}
|
| 637 |
+
|
| 638 |
+
$bulletproof_security_options_php_memory_limit = 'bulletproof_security_options_php_memory_limit';
|
| 639 |
+
$bulletproof_security_options_php_memory_limit_array = array(
|
| 640 |
+
'bps_php_memory_limit' => '512M',
|
| 641 |
+
);
|
| 642 |
+
|
| 643 |
+
if ( ! get_option( $bulletproof_security_options_php_memory_limit ) ) {
|
| 644 |
+
foreach( $bulletproof_security_options_php_memory_limit_array as $key => $value ) {
|
| 645 |
+
update_option('bulletproof_security_options_php_memory_limit', $bulletproof_security_options_php_memory_limit_array);
|
| 646 |
+
}
|
| 647 |
+
|
| 648 |
+
} else {
|
| 649 |
+
|
| 650 |
+
foreach( $bulletproof_security_options_php_memory_limit_array as $key => $value ) {
|
| 651 |
+
update_option('bulletproof_security_options_php_memory_limit', $bulletproof_security_options_php_memory_limit_array);
|
| 652 |
+
}
|
| 653 |
+
}
|
| 654 |
+
|
| 655 |
+
$bulletproof_security_options_scrolltop = 'bulletproof_security_options_scrolltop';
|
| 656 |
+
$bulletproof_security_options_scrolltop_array = array(
|
| 657 |
+
'bps_scrolltop' => 'On',
|
| 658 |
+
);
|
| 659 |
+
|
| 660 |
+
if ( ! get_option( $bulletproof_security_options_scrolltop ) ) {
|
| 661 |
+
foreach( $bulletproof_security_options_scrolltop_array as $key => $value ) {
|
| 662 |
+
update_option('bulletproof_security_options_scrolltop', $bulletproof_security_options_scrolltop_array);
|
| 663 |
+
}
|
| 664 |
+
|
| 665 |
+
} else {
|
| 666 |
+
|
| 667 |
+
foreach( $bulletproof_security_options_scrolltop_array as $key => $value ) {
|
| 668 |
+
update_option('bulletproof_security_options_scrolltop', $bulletproof_security_options_scrolltop_array);
|
| 669 |
+
}
|
| 670 |
+
}
|
| 671 |
+
|
| 672 |
+
$bulletproof_security_options_sec_log_post_limit = 'bulletproof_security_options_sec_log_post_limit';
|
| 673 |
+
$bulletproof_security_options_sec_log_post_limit_array = array(
|
| 674 |
+
'bps_security_log_post_limit' => '',
|
| 675 |
+
'bps_security_log_post_none' => '1',
|
| 676 |
+
'bps_security_log_post_max' => '',
|
| 677 |
+
);
|
| 678 |
+
|
| 679 |
+
if ( ! get_option( $bulletproof_security_options_sec_log_post_limit ) ) {
|
| 680 |
+
foreach( $bulletproof_security_options_sec_log_post_limit_array as $key => $value ) {
|
| 681 |
+
update_option('bulletproof_security_options_sec_log_post_limit', $bulletproof_security_options_sec_log_post_limit_array);
|
| 682 |
+
}
|
| 683 |
+
|
| 684 |
+
} else {
|
| 685 |
+
|
| 686 |
+
foreach( $bulletproof_security_options_sec_log_post_limit_array as $key => $value ) {
|
| 687 |
+
update_option('bulletproof_security_options_sec_log_post_limit', $bulletproof_security_options_sec_log_post_limit_array);
|
| 688 |
+
}
|
| 689 |
+
}
|
| 690 |
+
|
| 691 |
+
$bulletproof_security_options_SLF = 'bulletproof_security_options_SLF';
|
| 692 |
+
$bulletproof_security_options_SLF_array = array(
|
| 693 |
+
'bps_slf_filter' => 'On',
|
| 694 |
+
'bps_slf_filter_new' => '14',
|
| 695 |
+
);
|
| 696 |
+
|
| 697 |
+
if ( ! get_option( $bulletproof_security_options_SLF ) ) {
|
| 698 |
+
foreach( $bulletproof_security_options_SLF_array as $key => $value ) {
|
| 699 |
+
update_option('bulletproof_security_options_SLF', $bulletproof_security_options_SLF_array);
|
| 700 |
+
}
|
| 701 |
+
|
| 702 |
+
} else {
|
| 703 |
+
|
| 704 |
+
foreach( $bulletproof_security_options_SLF_array as $key => $value ) {
|
| 705 |
+
update_option('bulletproof_security_options_SLF', $bulletproof_security_options_SLF_array);
|
| 706 |
+
}
|
| 707 |
+
}
|
| 708 |
+
|
| 709 |
+
$bulletproof_security_options_spinner = 'bulletproof_security_options_spinner';
|
| 710 |
+
$bulletproof_security_options_spinner_array = array(
|
| 711 |
+
'bps_spinner' => 'On',
|
| 712 |
+
);
|
| 713 |
+
|
| 714 |
+
if ( ! get_option( $bulletproof_security_options_spinner ) ) {
|
| 715 |
+
foreach( $bulletproof_security_options_spinner_array as $key => $value ) {
|
| 716 |
+
update_option('bulletproof_security_options_spinner', $bulletproof_security_options_spinner_array);
|
| 717 |
+
}
|
| 718 |
+
|
| 719 |
+
} else {
|
| 720 |
+
|
| 721 |
+
foreach( $bulletproof_security_options_spinner_array as $key => $value ) {
|
| 722 |
+
update_option('bulletproof_security_options_spinner', $bulletproof_security_options_spinner_array);
|
| 723 |
+
}
|
| 724 |
+
}
|
| 725 |
+
|
| 726 |
+
$bulletproof_security_options_status_display = 'bulletproof_security_options_status_display';
|
| 727 |
+
$bulletproof_security_options_status_display_array = array(
|
| 728 |
+
'bps_status_display' => 'On',
|
| 729 |
+
);
|
| 730 |
+
|
| 731 |
+
if ( ! get_option( $bulletproof_security_options_status_display ) ) {
|
| 732 |
+
foreach( $bulletproof_security_options_status_display_array as $key => $value ) {
|
| 733 |
+
update_option('bulletproof_security_options_status_display', $bulletproof_security_options_status_display_array);
|
| 734 |
+
}
|
| 735 |
+
|
| 736 |
+
} else {
|
| 737 |
+
|
| 738 |
+
foreach( $bulletproof_security_options_status_display_array as $key => $value ) {
|
| 739 |
+
update_option('bulletproof_security_options_status_display', $bulletproof_security_options_status_display_array);
|
| 740 |
+
}
|
| 741 |
+
}
|
| 742 |
+
|
| 743 |
+
$bulletproof_security_options_theme_skin = 'bulletproof_security_options_theme_skin';
|
| 744 |
+
$bulletproof_security_options_theme_skin_array = array(
|
| 745 |
+
'bps_ui_theme_skin' => 'blue',
|
| 746 |
+
);
|
| 747 |
+
|
| 748 |
+
if ( ! get_option( $bulletproof_security_options_theme_skin ) ) {
|
| 749 |
+
foreach( $bulletproof_security_options_theme_skin_array as $key => $value ) {
|
| 750 |
+
update_option('bulletproof_security_options_theme_skin', $bulletproof_security_options_theme_skin_array);
|
| 751 |
+
}
|
| 752 |
+
|
| 753 |
+
} else {
|
| 754 |
+
|
| 755 |
+
foreach( $bulletproof_security_options_theme_skin_array as $key => $value ) {
|
| 756 |
+
update_option('bulletproof_security_options_theme_skin', $bulletproof_security_options_theme_skin_array);
|
| 757 |
+
}
|
| 758 |
+
}
|
| 759 |
+
|
| 760 |
+
$bulletproof_security_options_wizard_autofix = 'bulletproof_security_options_wizard_autofix';
|
| 761 |
+
$bulletproof_security_options_wizard_autofix_array = array(
|
| 762 |
+
'bps_wizard_autofix' => 'On',
|
| 763 |
+
);
|
| 764 |
+
|
| 765 |
+
if ( ! get_option( $bulletproof_security_options_wizard_autofix ) ) {
|
| 766 |
+
foreach( $bulletproof_security_options_wizard_autofix_array as $key => $value ) {
|
| 767 |
+
update_option('bulletproof_security_options_wizard_autofix', $bulletproof_security_options_wizard_autofix_array);
|
| 768 |
+
}
|
| 769 |
+
|
| 770 |
+
} else {
|
| 771 |
+
|
| 772 |
+
foreach( $bulletproof_security_options_wizard_autofix_array as $key => $value ) {
|
| 773 |
+
update_option('bulletproof_security_options_wizard_autofix', $bulletproof_security_options_wizard_autofix_array);
|
| 774 |
+
}
|
| 775 |
+
}
|
| 776 |
+
|
| 777 |
+
$bulletproof_security_options_wpt_nodes = 'bulletproof_security_options_wpt_nodes';
|
| 778 |
+
$bulletproof_security_options_wpt_nodes_array = array(
|
| 779 |
+
'bps_wpt_nodes' => 'allnodes',
|
| 780 |
+
);
|
| 781 |
+
|
| 782 |
+
if ( ! get_option( $bulletproof_security_options_wpt_nodes ) ) {
|
| 783 |
+
foreach( $bulletproof_security_options_wpt_nodes_array as $key => $value ) {
|
| 784 |
+
update_option('bulletproof_security_options_wpt_nodes', $bulletproof_security_options_wpt_nodes_array);
|
| 785 |
+
}
|
| 786 |
+
|
| 787 |
+
} else {
|
| 788 |
+
|
| 789 |
+
foreach( $bulletproof_security_options_wpt_nodes_array as $key => $value ) {
|
| 790 |
+
update_option('bulletproof_security_options_wpt_nodes', $bulletproof_security_options_wpt_nodes_array);
|
| 791 |
+
}
|
| 792 |
+
}
|
| 793 |
+
|
| 794 |
+
$bulletproof_security_options_zip_fix = 'bulletproof_security_options_zip_fix';
|
| 795 |
+
$bulletproof_security_options_zip_fix_array = array(
|
| 796 |
+
'bps_zip_download_fix' => 'Off',
|
| 797 |
+
);
|
| 798 |
+
|
| 799 |
+
if ( ! get_option( $bulletproof_security_options_zip_fix ) ) {
|
| 800 |
+
foreach( $bulletproof_security_options_zip_fix_array as $key => $value ) {
|
| 801 |
+
update_option('bulletproof_security_options_zip_fix', $bulletproof_security_options_zip_fix_array);
|
| 802 |
+
}
|
| 803 |
+
|
| 804 |
+
} else {
|
| 805 |
+
|
| 806 |
+
foreach( $bulletproof_security_options_zip_fix_array as $key => $value ) {
|
| 807 |
+
update_option('bulletproof_security_options_zip_fix', $bulletproof_security_options_zip_fix_array);
|
| 808 |
+
}
|
| 809 |
+
}
|
| 810 |
+
|
| 811 |
+
?>
|
admin/wizard/wizard-backup.php
CHANGED
|
@@ -139,7 +139,7 @@ function bps_zip_root_htaccess_file() {
|
|
| 139 |
|
| 140 |
// Use PclZip
|
| 141 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/' );
|
| 142 |
-
require_once
|
| 143 |
|
| 144 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 145 |
$previous_encoding = mb_internal_encoding();
|
|
@@ -205,7 +205,7 @@ function bpsPro_root_precheck_download() {
|
|
| 205 |
|
| 206 |
if ( file_exists($root_htaccess_file) ) {
|
| 207 |
|
| 208 |
-
$get_root_contents =
|
| 209 |
|
| 210 |
if ( strpos( $get_root_contents, "BULLETPROOF" ) ) {
|
| 211 |
return;
|
|
@@ -243,7 +243,7 @@ function bpsPro_root_precheck_download() {
|
|
| 243 |
}
|
| 244 |
|
| 245 |
echo $bps_topDiv;
|
| 246 |
-
$text = '<font color="green"><strong>'.__('Custom additional htaccess code was found in your
|
| 247 |
echo $text;
|
| 248 |
echo $bps_bottomDiv;
|
| 249 |
}
|
|
@@ -284,7 +284,7 @@ function bpsPro_root_precheck_download() {
|
|
| 284 |
}
|
| 285 |
|
| 286 |
echo $bps_topDiv;
|
| 287 |
-
$text = '<font color="green"><strong>'.__('Custom additional htaccess code was found in your
|
| 288 |
echo $text;
|
| 289 |
echo $bps_bottomDiv;
|
| 290 |
}
|
| 139 |
|
| 140 |
// Use PclZip
|
| 141 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/' );
|
| 142 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 143 |
|
| 144 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 145 |
$previous_encoding = mb_internal_encoding();
|
| 205 |
|
| 206 |
if ( file_exists($root_htaccess_file) ) {
|
| 207 |
|
| 208 |
+
$get_root_contents = file_get_contents($root_htaccess_file);
|
| 209 |
|
| 210 |
if ( strpos( $get_root_contents, "BULLETPROOF" ) ) {
|
| 211 |
return;
|
| 243 |
}
|
| 244 |
|
| 245 |
echo $bps_topDiv;
|
| 246 |
+
$text = '<font color="green"><strong>'.__('Custom additional htaccess code was found in your root htaccess file. Your root and wp-admin htaccess files have been backed up and zipped in this zip file: /bulletproof-security/admin/wizard/htaccess-files.zip. Click the Download Root htaccess File button below to download your htaccess-files.zip file to your computer.', 'bulletproof-security').'<br>'.__('Click this forum link: ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/forums/topic/setup-wizard-root-htaccess-file-backup/" target="_blank" style="text-decoration:underline;">'.__('Setup Wizard Root and wp-admin htaccess File Backup', 'bulletproof-security').'</a>'.__(' for help information about what this means and what to do.', 'bulletproof-security').'<br>'.__('If you see a 403 error and/or are unable to download the zip file then click here: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php#bps-tabs-2' ).'" target="_blank">'.__('Setup Wizard Options', 'bulletproof-security').'</a>'.__(' and select the Zip File Download Fix On setting for the Zile File Download Fix option. You should now be able to download the htaccess-files.zip file. If you are still unable to download the zip file then click the forum link above for what to do next.', 'bulletproof-security').'</strong></font><br><div style="width:200px;font-size:1em;text-align:center;margin:10px 0px 5px 0px;padding:4px 6px 4px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.plugins_url( '/bulletproof-security/admin/wizard/htaccess-files.zip' ).'" style="font-size:1em;font-weight:bold;text-decoration:none;">'.__('Download htaccess-files.zip File', 'bulletproof-security').'</a></div><font color="blue"><strong>'.__('Additional Plain Text htaccess file backups: ', 'bulletproof-security').'</strong></font><br><strong>'.__('Root htaccess File: ', 'bulletproof-security').'</strong>'.$rootHtaccessBackupTime.'<br><strong>'.__('wp-admin htaccess File: ', 'bulletproof-security').'</strong>'.$wpadminHtaccessBackupTime;
|
| 247 |
echo $text;
|
| 248 |
echo $bps_bottomDiv;
|
| 249 |
}
|
| 284 |
}
|
| 285 |
|
| 286 |
echo $bps_topDiv;
|
| 287 |
+
$text = '<font color="green"><strong>'.__('Custom additional htaccess code was found in your root htaccess file. Your root and wp-admin htaccess files have been backed up and zipped in this zip file: /bulletproof-security/admin/wizard/htaccess-files.zip. Click the Download Root htaccess File button below to download your htaccess-files.zip file to your computer.', 'bulletproof-security').'<br>'.__('Click this forum link: ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/forums/topic/setup-wizard-root-htaccess-file-backup/" target="_blank" style="text-decoration:underline;">'.__('Setup Wizard Root and wp-admin htaccess File Backup', 'bulletproof-security').'</a>'.__(' for help information about what this means and what to do.', 'bulletproof-security').'<br>'.__('If you see a 403 error and/or are unable to download the zip file then click here: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php#bps-tabs-2' ).'" target="_blank">'.__('Setup Wizard Options', 'bulletproof-security').'</a>'.__(' and select the Zip File Download Fix On setting for the Zile File Download Fix option. You should now be able to download the htaccess-files.zip file. If you are still unable to download the zip file then click the forum link above for what to do next.', 'bulletproof-security').'</strong></font><br><div style="width:200px;font-size:1em;text-align:center;margin:10px 0px 5px 0px;padding:4px 6px 4px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.plugins_url( '/bulletproof-security/admin/wizard/htaccess-files.zip' ).'" style="font-size:1em;font-weight:bold;text-decoration:none;">'.__('Download htaccess-files.zip File', 'bulletproof-security').'</a></div><font color="blue"><strong>'.__('Additional Plain Text htaccess file backups: ', 'bulletproof-security').'</strong></font><br><strong>'.__('Root htaccess File: ', 'bulletproof-security').'</strong>'.$rootHtaccessBackupTime.'<br><strong>'.__('wp-admin htaccess File: ', 'bulletproof-security').'</strong>'.$wpadminHtaccessBackupTime;
|
| 288 |
echo $text;
|
| 289 |
echo $bps_bottomDiv;
|
| 290 |
}
|
admin/wizard/wizard-functions.php
CHANGED
|
@@ -456,7 +456,7 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 456 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bps_secure_content_wpadmin.$bpsBeginWP.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bps_secure_wp_rewrite_loop_end.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 457 |
|
| 458 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 459 |
-
|
| 460 |
|
| 461 |
echo $bpsSuccessMessageSec;
|
| 462 |
|
|
@@ -476,7 +476,7 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 476 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bpsMUSDirTop.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bpsMUSDirBottom.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 477 |
|
| 478 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 479 |
-
|
| 480 |
|
| 481 |
echo $bpsSuccessMessageSec;
|
| 482 |
|
|
@@ -496,14 +496,14 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 496 |
$rootHtaccessBackupTime = WP_CONTENT_DIR . '/bps-backup/master-backups/root.htaccess-'.date( 'Y-m-d-g-i-s-a', time() + $gmt_offset );
|
| 497 |
|
| 498 |
if ( is_dir( WP_CONTENT_DIR . '/bps-backup/master-backups' ) ) {
|
| 499 |
-
|
| 500 |
// root htaccess file backup with timestamp: root.htaccess-2017-11-02-3-00-00
|
| 501 |
copy($bps_auto_write_secure_file_root, $rootHtaccessBackupTime);
|
| 502 |
echo $successTextBegin.$bps_master_backup_root_file.__(' Root .htaccess File backup Successful! ', 'bulletproof-security').$rootHtaccessBackupTime.$successTextEnd;
|
| 503 |
}
|
| 504 |
|
| 505 |
// PHP/php.ini handler check: continue or return and do not create a root htaccess file
|
| 506 |
-
$rootHtaccessContents =
|
| 507 |
|
| 508 |
preg_match_all( '/AddHandler|SetEnv PHPRC|suPHP_ConfigPath|Action application/', $rootHtaccessContents, $Rootmatches );
|
| 509 |
preg_match_all( '/AddHandler|SetEnv PHPRC|suPHP_ConfigPath|Action application/', $BPSCustomCodeOptions['bps_customcode_one'], $DBmatches );
|
|
@@ -514,22 +514,22 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 514 |
return;
|
| 515 |
}
|
| 516 |
|
| 517 |
-
$permsRootHtaccess =
|
| 518 |
$sapi_type = php_sapi_name();
|
| 519 |
$lock = '';
|
| 520 |
|
| 521 |
-
if ( file_exists( $bps_auto_write_secure_file_root) &&
|
| 522 |
$lock = '0404';
|
| 523 |
-
} elseif ( file_exists( $bps_auto_write_secure_file_root) &&
|
| 524 |
$lock = '0444';
|
| 525 |
-
} elseif ( file_exists( $bps_auto_write_secure_file_root) &&
|
| 526 |
$lock = '0604';
|
| 527 |
-
} elseif ( file_exists( $bps_auto_write_secure_file_root) &&
|
| 528 |
$lock = '0644';
|
| 529 |
}
|
| 530 |
|
| 531 |
-
if ( file_exists( $bps_auto_write_secure_file_root) &&
|
| 532 |
-
|
| 533 |
}
|
| 534 |
|
| 535 |
// Single/Standard WordPress site type: Create secure.htaccess Master File
|
|
@@ -541,7 +541,7 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 541 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bps_secure_content_wpadmin.$bpsBeginWP.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bps_secure_wp_rewrite_loop_end.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 542 |
|
| 543 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 544 |
-
|
| 545 |
|
| 546 |
echo $bpsSuccessMessageSec;
|
| 547 |
|
|
@@ -551,12 +551,12 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 551 |
}
|
| 552 |
}
|
| 553 |
|
| 554 |
-
if (
|
| 555 |
-
|
| 556 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 404 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 557 |
}
|
| 558 |
-
if (
|
| 559 |
-
|
| 560 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 444 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 561 |
}
|
| 562 |
}
|
|
@@ -570,7 +570,7 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 570 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bpsMUSDirTop.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bpsMUSDirBottom.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 571 |
|
| 572 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 573 |
-
|
| 574 |
|
| 575 |
echo $bpsSuccessMessageSec;
|
| 576 |
|
|
@@ -581,11 +581,11 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 581 |
}
|
| 582 |
|
| 583 |
if ( $lock == '0404' ) {
|
| 584 |
-
|
| 585 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 404 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 586 |
}
|
| 587 |
if ( $lock == '0444' ) {
|
| 588 |
-
|
| 589 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 444 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 590 |
}
|
| 591 |
}
|
|
@@ -593,7 +593,7 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 593 |
// AutoLock: Off by default on new installations or echo saved DB option.
|
| 594 |
// A recommendation is made to lock and AutoLock the root htaccess file. each person needs to make that choice.
|
| 595 |
// For 444 permissions do not do anything with lock or autolock settings
|
| 596 |
-
if (
|
| 597 |
|
| 598 |
$BPS_autolock_options = get_option('bulletproof_security_options_autolock');
|
| 599 |
$bps_autolock_options = 'bulletproof_security_options_autolock';
|
|
@@ -619,9 +619,9 @@ $bps_secure_bottom_misc_code = "# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/
|
|
| 619 |
}
|
| 620 |
|
| 621 |
// 4.3: New check and recommendation to Lock the Root htaccess file and turn on AutoLock.
|
| 622 |
-
if (
|
| 623 |
if ( $lock == '0604' || $lock == '0644' ) {
|
| 624 |
-
echo '<strong><font color="blue">'.__('Your
|
| 625 |
}
|
| 626 |
}
|
| 627 |
}
|
|
@@ -648,7 +648,7 @@ $bpsFailMessageSec = '<font color="#fb0101"><strong>'.__('Error: The wpadmin-sec
|
|
| 648 |
$wpadminActiveHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 649 |
$permsHtaccess = '';
|
| 650 |
if ( file_exists($wpadminActiveHtaccess) ) {
|
| 651 |
-
$permsHtaccess =
|
| 652 |
}
|
| 653 |
$sapi_type = php_sapi_name();
|
| 654 |
$bpsString1 = "# CCWTOP";
|
|
@@ -664,23 +664,23 @@ $bpsFailMessageSec = '<font color="#fb0101"><strong>'.__('Error: The wpadmin-sec
|
|
| 664 |
if ( file_exists($wpadminActiveHtaccess) ) {
|
| 665 |
|
| 666 |
if ( is_dir( WP_CONTENT_DIR . '/bps-backup/master-backups' ) ) {
|
| 667 |
-
|
| 668 |
echo '<font color="green"><strong>'.$bps_master_backup_wpadmin_file.__(' wp-admin .htaccess File backup Successful!', 'bulletproof-security').'</strong></font><br>';
|
| 669 |
}
|
| 670 |
}
|
| 671 |
|
| 672 |
-
if (
|
| 673 |
-
|
| 674 |
}
|
| 675 |
|
| 676 |
-
if (
|
| 677 |
echo $bpsSuccessMessageSec;
|
| 678 |
} else {
|
| 679 |
echo $bpsFailMessageSec;
|
| 680 |
}
|
| 681 |
|
| 682 |
if ( file_exists($wpadminActiveHtaccess) ) {
|
| 683 |
-
$bpsBaseContent =
|
| 684 |
|
| 685 |
if ( $options['bps_customcode_deny_files_wpa'] != '') {
|
| 686 |
$bpsBaseContent = preg_replace('/#\sBEGIN\sBPS\sWPADMIN\sDENY\sACCESS\sTO\sFILES(.*)#\sEND\sBPS\sWPADMIN\sDENY\sACCESS\sTO\sFILES/s', $bpsReplace3, $bpsBaseContent);
|
|
@@ -691,7 +691,7 @@ $bpsFailMessageSec = '<font color="#fb0101"><strong>'.__('Error: The wpadmin-sec
|
|
| 691 |
}
|
| 692 |
$bpsBaseContent = str_replace($bpsString1, $bpsReplace1, $bpsBaseContent);
|
| 693 |
$bpsBaseContent = str_replace($bpsString2, $bpsReplace2, $bpsBaseContent);
|
| 694 |
-
|
| 695 |
|
| 696 |
}
|
| 697 |
}
|
|
@@ -949,7 +949,7 @@ $search = '';
|
|
| 949 |
$UserAgentRulesT = file_get_contents($userAgentMaster);
|
| 950 |
$stringReplace = file_get_contents($bps403File);
|
| 951 |
|
| 952 |
-
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif (
|
| 953 |
|
| 954 |
file_put_contents($bps403File, $stringReplace);
|
| 955 |
|
| 456 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bps_secure_content_wpadmin.$bpsBeginWP.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bps_secure_wp_rewrite_loop_end.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 457 |
|
| 458 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 459 |
+
copy($bps_auto_write_secure_file, $bps_auto_write_secure_file_root);
|
| 460 |
|
| 461 |
echo $bpsSuccessMessageSec;
|
| 462 |
|
| 476 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bpsMUSDirTop.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bpsMUSDirBottom.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 477 |
|
| 478 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 479 |
+
copy($bps_auto_write_secure_file, $bps_auto_write_secure_file_root);
|
| 480 |
|
| 481 |
echo $bpsSuccessMessageSec;
|
| 482 |
|
| 496 |
$rootHtaccessBackupTime = WP_CONTENT_DIR . '/bps-backup/master-backups/root.htaccess-'.date( 'Y-m-d-g-i-s-a', time() + $gmt_offset );
|
| 497 |
|
| 498 |
if ( is_dir( WP_CONTENT_DIR . '/bps-backup/master-backups' ) ) {
|
| 499 |
+
copy($bps_auto_write_secure_file_root, $bps_master_backup_root_file);
|
| 500 |
// root htaccess file backup with timestamp: root.htaccess-2017-11-02-3-00-00
|
| 501 |
copy($bps_auto_write_secure_file_root, $rootHtaccessBackupTime);
|
| 502 |
echo $successTextBegin.$bps_master_backup_root_file.__(' Root .htaccess File backup Successful! ', 'bulletproof-security').$rootHtaccessBackupTime.$successTextEnd;
|
| 503 |
}
|
| 504 |
|
| 505 |
// PHP/php.ini handler check: continue or return and do not create a root htaccess file
|
| 506 |
+
$rootHtaccessContents = file_get_contents($bps_auto_write_secure_file_root);
|
| 507 |
|
| 508 |
preg_match_all( '/AddHandler|SetEnv PHPRC|suPHP_ConfigPath|Action application/', $rootHtaccessContents, $Rootmatches );
|
| 509 |
preg_match_all( '/AddHandler|SetEnv PHPRC|suPHP_ConfigPath|Action application/', $BPSCustomCodeOptions['bps_customcode_one'], $DBmatches );
|
| 514 |
return;
|
| 515 |
}
|
| 516 |
|
| 517 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($bps_auto_write_secure_file_root)), -4);
|
| 518 |
$sapi_type = php_sapi_name();
|
| 519 |
$lock = '';
|
| 520 |
|
| 521 |
+
if ( file_exists( $bps_auto_write_secure_file_root) && $permsRootHtaccess == '0404' ) {
|
| 522 |
$lock = '0404';
|
| 523 |
+
} elseif ( file_exists( $bps_auto_write_secure_file_root) && $permsRootHtaccess == '0444' ) {
|
| 524 |
$lock = '0444';
|
| 525 |
+
} elseif ( file_exists( $bps_auto_write_secure_file_root) && $permsRootHtaccess == '0604' ) {
|
| 526 |
$lock = '0604';
|
| 527 |
+
} elseif ( file_exists( $bps_auto_write_secure_file_root) && $permsRootHtaccess == '0644' ) {
|
| 528 |
$lock = '0644';
|
| 529 |
}
|
| 530 |
|
| 531 |
+
if ( file_exists( $bps_auto_write_secure_file_root) && substr( $sapi_type, 0, 6) != 'apache' && $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 532 |
+
chmod($bps_auto_write_secure_file_root, 0644);
|
| 533 |
}
|
| 534 |
|
| 535 |
// Single/Standard WordPress site type: Create secure.htaccess Master File
|
| 541 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bps_secure_content_wpadmin.$bpsBeginWP.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bps_secure_wp_rewrite_loop_end.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 542 |
|
| 543 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 544 |
+
copy($bps_auto_write_secure_file, $bps_auto_write_secure_file_root);
|
| 545 |
|
| 546 |
echo $bpsSuccessMessageSec;
|
| 547 |
|
| 551 |
}
|
| 552 |
}
|
| 553 |
|
| 554 |
+
if ( $lock == '0404' ) {
|
| 555 |
+
chmod($bps_auto_write_secure_file_root, 0404);
|
| 556 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 404 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 557 |
}
|
| 558 |
+
if ( $lock == '0444' ) {
|
| 559 |
+
chmod($bps_auto_write_secure_file_root, 0444);
|
| 560 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 444 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 561 |
}
|
| 562 |
}
|
| 570 |
$stringReplace = $bps_secure_content_top.$bps_secure_phpini_cache.$bps_server_signature.$bps_secure_directory_list_index.$bps_secure_brute_force_login.$bps_secure_error_logging.$bps_secure_dot_server_files.$bpsMUSDirTop.$bps_secure_request_methods.$bps_secure_begin_plugins_skip_rules_text.$bps_secure_plugins_themes_skip_rules.$bps_secure_default_skip_rules.$bps_secure_timthumb_misc.$bps_secure_BPSQSE.$bpsMUSDirBottom.$bps_secure_deny_browser_access.$bps_secure_bottom_misc_code;
|
| 571 |
|
| 572 |
if ( file_put_contents( $bps_auto_write_secure_file, $stringReplace ) ) {
|
| 573 |
+
copy($bps_auto_write_secure_file, $bps_auto_write_secure_file_root);
|
| 574 |
|
| 575 |
echo $bpsSuccessMessageSec;
|
| 576 |
|
| 581 |
}
|
| 582 |
|
| 583 |
if ( $lock == '0404' ) {
|
| 584 |
+
chmod($bps_auto_write_secure_file_root, 0404);
|
| 585 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 404 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 586 |
}
|
| 587 |
if ( $lock == '0444' ) {
|
| 588 |
+
chmod($bps_auto_write_secure_file_root, 0444);
|
| 589 |
echo $successTextBegin.__('Root .htaccess File writing completed. File Locked with 444 file permissions.', 'bulletproof-security').$successTextEnd;
|
| 590 |
}
|
| 591 |
}
|
| 593 |
// AutoLock: Off by default on new installations or echo saved DB option.
|
| 594 |
// A recommendation is made to lock and AutoLock the root htaccess file. each person needs to make that choice.
|
| 595 |
// For 444 permissions do not do anything with lock or autolock settings
|
| 596 |
+
if ( $lock != '0444' ) {
|
| 597 |
|
| 598 |
$BPS_autolock_options = get_option('bulletproof_security_options_autolock');
|
| 599 |
$bps_autolock_options = 'bulletproof_security_options_autolock';
|
| 619 |
}
|
| 620 |
|
| 621 |
// 4.3: New check and recommendation to Lock the Root htaccess file and turn on AutoLock.
|
| 622 |
+
if ( substr($sapi_type, 0, 6) != 'apache' ) {
|
| 623 |
if ( $lock == '0604' || $lock == '0644' ) {
|
| 624 |
+
echo '<strong><font color="blue">'.__('Your Root .htaccess file is not locked. It is recommended that you lock your Root .htaccess file on the htaccess File Options > htaccess File Editor page. Click the Lock htaccess File and Turn On AutoLock buttons on the htaccess File Editor page.', 'bulletproof-security').'</font></strong><br>';
|
| 625 |
}
|
| 626 |
}
|
| 627 |
}
|
| 648 |
$wpadminActiveHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 649 |
$permsHtaccess = '';
|
| 650 |
if ( file_exists($wpadminActiveHtaccess) ) {
|
| 651 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($wpadminActiveHtaccess)), -4);
|
| 652 |
}
|
| 653 |
$sapi_type = php_sapi_name();
|
| 654 |
$bpsString1 = "# CCWTOP";
|
| 664 |
if ( file_exists($wpadminActiveHtaccess) ) {
|
| 665 |
|
| 666 |
if ( is_dir( WP_CONTENT_DIR . '/bps-backup/master-backups' ) ) {
|
| 667 |
+
copy($wpadminActiveHtaccess, $bps_master_backup_wpadmin_file);
|
| 668 |
echo '<font color="green"><strong>'.$bps_master_backup_wpadmin_file.__(' wp-admin .htaccess File backup Successful!', 'bulletproof-security').'</strong></font><br>';
|
| 669 |
}
|
| 670 |
}
|
| 671 |
|
| 672 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || file_exists($permsHtaccess) && $permsHtaccess != '0666' || file_exists($permsHtaccess) && $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 673 |
+
chmod($wpadminActiveHtaccess, 0644);
|
| 674 |
}
|
| 675 |
|
| 676 |
+
if ( copy($wpadminMasterHtaccess, $wpadminActiveHtaccess) ) {
|
| 677 |
echo $bpsSuccessMessageSec;
|
| 678 |
} else {
|
| 679 |
echo $bpsFailMessageSec;
|
| 680 |
}
|
| 681 |
|
| 682 |
if ( file_exists($wpadminActiveHtaccess) ) {
|
| 683 |
+
$bpsBaseContent = file_get_contents($wpadminActiveHtaccess);
|
| 684 |
|
| 685 |
if ( $options['bps_customcode_deny_files_wpa'] != '') {
|
| 686 |
$bpsBaseContent = preg_replace('/#\sBEGIN\sBPS\sWPADMIN\sDENY\sACCESS\sTO\sFILES(.*)#\sEND\sBPS\sWPADMIN\sDENY\sACCESS\sTO\sFILES/s', $bpsReplace3, $bpsBaseContent);
|
| 691 |
}
|
| 692 |
$bpsBaseContent = str_replace($bpsString1, $bpsReplace1, $bpsBaseContent);
|
| 693 |
$bpsBaseContent = str_replace($bpsString2, $bpsReplace2, $bpsBaseContent);
|
| 694 |
+
file_put_contents($wpadminActiveHtaccess, $bpsBaseContent);
|
| 695 |
|
| 696 |
}
|
| 697 |
}
|
| 949 |
$UserAgentRulesT = file_get_contents($userAgentMaster);
|
| 950 |
$stringReplace = file_get_contents($bps403File);
|
| 951 |
|
| 952 |
+
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif ( !preg_match('/".trim($UserAgentRulesT, "|")."/', \$_SERVER['HTTP_USER_AGENT']) ) {\n# END USERAGENT FILTER", $stringReplace);
|
| 953 |
|
| 954 |
file_put_contents($bps403File, $stringReplace);
|
| 955 |
|
admin/wizard/wizard.php
CHANGED
|
@@ -18,7 +18,7 @@ if ( ! current_user_can('manage_options') ) {
|
|
| 18 |
#wpwrap{min-height:100.1%};
|
| 19 |
</style>
|
| 20 |
|
| 21 |
-
<div id="bps-container" class="wrap"
|
| 22 |
|
| 23 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 24 |
|
|
@@ -27,7 +27,7 @@ $ScrollTop_options = get_option('bulletproof_security_options_scrolltop');
|
|
| 27 |
|
| 28 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 29 |
|
| 30 |
-
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) &&
|
| 31 |
|
| 32 |
bpsPro_Browser_UA_scroll_animation();
|
| 33 |
}
|
|
@@ -54,14 +54,14 @@ function bpsPro_w3tc_dashboard_iframe_preload() {
|
|
| 54 |
|
| 55 |
$wpconfig = ABSPATH . 'wp-config.php';
|
| 56 |
$sapi_type = php_sapi_name();
|
| 57 |
-
$perms_wpconfig =
|
| 58 |
-
$permsRootHtaccess =
|
| 59 |
|
| 60 |
-
if (
|
| 61 |
-
|
| 62 |
}
|
| 63 |
|
| 64 |
-
if (
|
| 65 |
chmod( $rootHtaccess, 0644 );
|
| 66 |
}
|
| 67 |
|
|
@@ -77,15 +77,6 @@ function bpsPro_w3tc_dashboard_iframe_preload() {
|
|
| 77 |
bpsPro_w3tc_dashboard_iframe_preload();
|
| 78 |
?>
|
| 79 |
|
| 80 |
-
<?php
|
| 81 |
-
echo '<div class="bps-star-container">';
|
| 82 |
-
echo '<div class="bps-star"><img src="'.plugins_url('/bulletproof-security/admin/images/star.png').'" /></div>';
|
| 83 |
-
echo '<div class="bps-downloaded">';
|
| 84 |
-
echo '<div class="bps-star-link"><a href="https://wordpress.org/support/view/plugin-reviews/bulletproof-security#postform" target="_blank" title="Add a Star Rating for the BPS plugin">'.__('Rate BPS', 'bulletproof-security').'</a><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Upgrade to BulletProof Security Pro">Upgrade to Pro</a></div>';
|
| 85 |
-
echo '</div>';
|
| 86 |
-
echo '</div>';
|
| 87 |
-
?>
|
| 88 |
-
|
| 89 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 90 |
|
| 91 |
<?php
|
|
@@ -94,9 +85,9 @@ $bps_wpcontent_dir = str_replace( ABSPATH, '', WP_CONTENT_DIR );
|
|
| 94 |
$bpsSpacePop = '-------------------------------------------------------------';
|
| 95 |
|
| 96 |
if ( isset( $_POST['Submit-Setup-Wizard'] ) ) {
|
| 97 |
-
require_once
|
| 98 |
-
require_once
|
| 99 |
-
require_once
|
| 100 |
}
|
| 101 |
|
| 102 |
// Wizard Prep: Apache Module directive check to get and create the apache modules and htaccess files enabled|disabled DB options/values.
|
|
@@ -117,7 +108,7 @@ function bpsPro_pre_installation_prep() {
|
|
| 117 |
|
| 118 |
bpsPro_pre_installation_prep();
|
| 119 |
|
| 120 |
-
require_once
|
| 121 |
|
| 122 |
bpsPro_Wizard_deny_all();
|
| 123 |
bpsPro_root_precheck_download();
|
|
@@ -180,7 +171,7 @@ $failTextEnd = '</strong></font><br>';
|
|
| 180 |
|
| 181 |
// General all purpose "Settings Saved." message for forms
|
| 182 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 183 |
-
if ( isset( $_GET['settings-updated'] ) &&
|
| 184 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 185 |
echo $text;
|
| 186 |
}
|
|
@@ -201,7 +192,7 @@ $failTextEnd = '</strong></font><br>';
|
|
| 201 |
$sapi_type = php_sapi_name();
|
| 202 |
|
| 203 |
echo '<h3>'.__('Setup Wizard Pre-Installation Checks:', 'bulletproof-security').'</h3>
|
| 204 |
-
<div style="font-size:12px;margin:-10px 0px 10px 0px;font-weight:bold;">'.__('If you see any Red font or Blue font messages displayed below, click the
|
| 205 |
|
| 206 |
echo '<div id="Wizard-background" style="max-height:250px;width:85%;overflow:auto;margin:0px;padding:10px;background-color:#dfecf2;border:2px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);">';
|
| 207 |
|
|
@@ -210,16 +201,16 @@ $sapi_type = php_sapi_name();
|
|
| 210 |
echo '<div style="color:black;font-size:1.13em;font-weight:bold;margin-bottom:0px;margin-top:10px;">'.__('Compatibility & Basic Checks', 'bulletproof-security').'</div>';
|
| 211 |
echo '<div id="pw-compatibility" style="border-top:3px solid #999999;border-bottom:3px solid #999999;margin-top:0px;"><p>';
|
| 212 |
|
| 213 |
-
if (
|
| 214 |
echo $successTextBegin.__('Pass! Compatible Server Configuration: Server API: CGI | WP Filesystem API Method: direct.', 'bulletproof-security').$successTextEnd;
|
| 215 |
}
|
| 216 |
-
elseif (
|
| 217 |
echo $successTextBegin.__('Pass! Compatible Server Configuration: Server Type Apache: XAMPP, WAMP, MAMP or LAMP | WP Filesystem API Method: direct.', 'bulletproof-security').$successTextEnd;
|
| 218 |
}
|
| 219 |
-
elseif (
|
| 220 |
echo $successTextBegin.__('Pass! Compatible Server Configuration: Server API: DSO | WP Filesystem API Method: direct.', 'bulletproof-security').$successTextEnd;
|
| 221 |
}
|
| 222 |
-
elseif (
|
| 223 |
echo $failTextBegin.__('Server API: Apache DSO Server Configuration | WP Filesystem API Method: ', 'bulletproof-security').get_filesystem_method().$failTextEnd.'<br>'.__('Your Server type is DSO and the WP Filesystem API Method is NOT "direct". You can use the Setup Wizard, but you must first make some one-time manual changes to your website before running the Setup Wizard. Please click this Forum Link for instructions: ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/forums/topic/dso-setup-steps/" target="_blank" title="Link opens in a new Browser window"><strong>'.__('DSO Setup Steps', 'bulletproof-security').'</a></strong><br><br>';
|
| 224 |
}
|
| 225 |
|
|
@@ -404,7 +395,7 @@ $HFiles_options = get_option('bulletproof_security_options_htaccess_files');
|
|
| 404 |
|
| 405 |
echo '<h3>'.__('BPS Setup Verification & Error Checks', 'bulletproof-security').'</h3>';
|
| 406 |
|
| 407 |
-
echo '<div style="font-size:12px;margin:-10px 0px 10px 0px;font-weight:bold;">'.__('If you see all Green font messages displayed below, the Setup Wizard setup completed successfully.', 'bulletproof-security').'<br>'.__('If you see any Red font or Blue font messages displayed below, click the
|
| 408 |
|
| 409 |
echo '<div id="Wizard-background" style="max-height:250px;width:85%;overflow:auto;margin:0px;padding:10px;background-color:#dfecf2;border:2px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);">';
|
| 410 |
|
|
@@ -1036,7 +1027,7 @@ bpsPro_plugin_updates_htaccess_files_disabled();
|
|
| 1036 |
|
| 1037 |
</div>
|
| 1038 |
|
| 1039 |
-
<h2 class="bps-tab-title"><?php _e('
|
| 1040 |
|
| 1041 |
<!-- jQuery UI Tab Menu -->
|
| 1042 |
<div id="bps-tabs" class="bps-menu">
|
|
@@ -1113,14 +1104,13 @@ bpsPro_hfiles_inpage_message();
|
|
| 1113 |
|
| 1114 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1115 |
<tr>
|
| 1116 |
-
<td class="bps-table_title">
|
| 1117 |
-
<?php $text = '<h2>'.__('Setup Wizard ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('One-Click Complete Setup', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 1118 |
-
</td>
|
| 1119 |
</tr>
|
| 1120 |
<tr>
|
| 1121 |
<td class="bps-table_cell_help">
|
| 1122 |
|
| 1123 |
-
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Setup Wizard', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button"
|
|
|
|
| 1124 |
|
| 1125 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Setup Wizard', 'bulletproof-security'); ?>">
|
| 1126 |
|
|
@@ -1129,12 +1119,17 @@ bpsPro_hfiles_inpage_message();
|
|
| 1129 |
<td class="bps-readme-table-td">
|
| 1130 |
|
| 1131 |
<?php
|
| 1132 |
-
$text = '<strong>'.__('This
|
| 1133 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1134 |
$text = '<strong><font color="blue">'.__('Recommended Video Tutorials: ', 'bulletproof-security').'</font></strong><br>';
|
| 1135 |
echo $text;
|
| 1136 |
?>
|
| 1137 |
|
|
|
|
| 1138 |
<strong><a href="https://forum.ait-pro.com/video-tutorials/#custom-code" title="Custom Code Video Tutorial" target="_blank"><?php _e('Custom Code Video Tutorial', 'bulletproof-security'); ?></a></strong><br />
|
| 1139 |
<strong><a href="https://forum.ait-pro.com/video-tutorials/#security-log-firewall" title="Security Log Video Tutorial" target="_blank"><?php _e('Security Log Video Tutorial', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 1140 |
|
|
@@ -1156,11 +1151,7 @@ bpsPro_hfiles_inpage_message();
|
|
| 1156 |
</div>
|
| 1157 |
|
| 1158 |
<?php
|
| 1159 |
-
$text = '<span class="setup-wizard-inpage-text"><div class="setup-wizard-video-link" style="margin:15px 0px 20px 0px;"><a href="https://forum.ait-pro.com/video-tutorials/#setup-overview-free" target="_blank" title="This Setup Wizard link opens in a new Browser window">'.__('Setup Wizard & Overview Video Tutorial', 'bulletproof-security').'</a></div></span>';
|
| 1160 |
-
echo $text;
|
| 1161 |
-
|
| 1162 |
bpsSetupWizardPrechecks();
|
| 1163 |
-
|
| 1164 |
?>
|
| 1165 |
|
| 1166 |
<form name="bpsSetupWizard" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ); ?>" method="post">
|
|
@@ -1182,14 +1173,13 @@ bpsSetupWizardPrechecks();
|
|
| 1182 |
|
| 1183 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1184 |
<tr>
|
| 1185 |
-
<td class="bps-table_title">
|
| 1186 |
-
<?php $text = '<h2>'.__('Setup Wizard Options ~ ', 'bulletproof-security').'<span style="font-size:.75em;">'.__('Click the Setup Wizard Options Read Me help button for help info about each option setting', 'bulletproof-security').'</span></h2><div class="promo-text">'.__('Want even more security protection?', 'bulletproof-security').'<br>'.__('Protect all of your website files with AutoRestore|Quarantine Intrusion Detection & Prevention System: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro ARQ IDPS">'.__('Get BPS Pro ARQ IDPS', 'bulletproof-security').'</a><br>'.__('Protect against SpamBot & HackerBot (auto-registering, auto-logins, auto-posting, auto-commenting): ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro JTC Anti-Spam|Anti-Hacker">'.__('Get BPS Pro JTC Anti-Spam|Anti-Hacker', 'bulletproof-security').'</a><br>'.__('Protect all of your Plugins (plugin folders and files) with an IP Firewall: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Plugin Firewall">'.__('Get BPS Pro Plugin Firewall', 'bulletproof-security').'</a><br>'.__('Protect your WordPress uploads folder against remote access or execution of files: ', 'bulletproof-security').'<a href="https://affiliates.ait-pro.com/po/" target="_blank" title="BPS Pro Uploads Anti-Exploit Guard">'.__('Get BPS Pro Uploads Anti-Exploit Guard', 'bulletproof-security').'</a></div>'; echo $text; ?>
|
| 1187 |
-
</td>
|
| 1188 |
</tr>
|
| 1189 |
<tr>
|
| 1190 |
<td class="bps-table_cell_help">
|
| 1191 |
|
| 1192 |
-
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Setup Wizard Options', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button"
|
|
|
|
| 1193 |
|
| 1194 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('Setup Wizard Options', 'bulletproof-security'); ?>">
|
| 1195 |
|
|
@@ -1197,8 +1187,15 @@ bpsSetupWizardPrechecks();
|
|
| 1197 |
<tr>
|
| 1198 |
<td class="bps-readme-table-td">
|
| 1199 |
|
| 1200 |
-
<?php
|
| 1201 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1202 |
?>
|
| 1203 |
|
| 1204 |
<strong><a href="https://forum.ait-pro.com/forums/topic/gdmw/" title="Go Daddy Managed WordPress Hosting (GDMW)" target="_blank"><?php _e('Go Daddy Managed WordPress Hosting (GDMW)', 'bulletproof-security'); ?></a></strong><br />
|
|
@@ -1207,8 +1204,8 @@ bpsSetupWizardPrechecks();
|
|
| 1207 |
<strong><a href="https://forum.ait-pro.com/forums/topic/bps-gdpr-compliance/" title="GDPR Compliance" target="_blank"><?php _e('GDPR Compliance Forum Topic', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 1208 |
|
| 1209 |
<?php
|
| 1210 |
-
$
|
| 1211 |
-
echo $
|
| 1212 |
?>
|
| 1213 |
|
| 1214 |
</td>
|
|
@@ -1264,7 +1261,7 @@ bpsSetupWizardPrechecks();
|
|
| 1264 |
?>
|
| 1265 |
|
| 1266 |
<label for="wizard-curl"><?php _e('Enable|Disable htaccess Files:', 'bulletproof-security'); ?></label><br />
|
| 1267 |
-
<label for="wizard-curl" class="setup-wizard-blue-small-text" style="color:#
|
| 1268 |
<select name="bulletproof_security_options_htaccess_files[bps_htaccess_files]" class="form-300">
|
| 1269 |
<option value="enabled" <?php selected('enabled', $bps_htaccess_files); ?>><?php _e('htaccess Files Enabled', 'bulletproof-security'); ?></option>
|
| 1270 |
<option value="disabled" <?php selected('disabled', $bps_htaccess_files); ?>><?php _e('htaccess Files Disabled', 'bulletproof-security'); ?></option>
|
|
@@ -1696,18 +1693,23 @@ function bpsPro_network_subsites_fsp_settings() {
|
|
| 1696 |
|
| 1697 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1698 |
<tr>
|
| 1699 |
-
<td class="bps-table_title"
|
| 1700 |
</tr>
|
| 1701 |
<tr>
|
| 1702 |
<td class="bps-table_cell_help">
|
| 1703 |
|
| 1704 |
-
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Setup Wizard Export|Import', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button"
|
|
|
|
| 1705 |
|
| 1706 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('Setup Wizard Export|Import', 'bulletproof-security'); ?>">
|
| 1707 |
<p>
|
| 1708 |
<?php
|
| 1709 |
-
$text = '<strong>'.__('This
|
| 1710 |
echo $text;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1711 |
// Forum Help Links or of course both
|
| 1712 |
//$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 1713 |
//echo $text;
|
|
@@ -1715,7 +1717,7 @@ function bpsPro_network_subsites_fsp_settings() {
|
|
| 1715 |
<!--<strong><a href="https://forum.ait-pro.com/forums/topic/gdmw/" title="GDMW Hosting" target="_blank">
|
| 1716 |
<?php _e('GDMW Hosting', 'bulletproof-security'); ?></a></strong><br />-->
|
| 1717 |
|
| 1718 |
-
<?php $
|
| 1719 |
</div>
|
| 1720 |
|
| 1721 |
<div id="CC-Import" style="margin:20px 0px 20px 0px">
|
|
@@ -1736,6 +1738,7 @@ $text = __('Clicking OK will Export your BPS plugin settings into the bps-settin
|
|
| 1736 |
</form>
|
| 1737 |
</div>
|
| 1738 |
|
|
|
|
| 1739 |
|
| 1740 |
<?php
|
| 1741 |
|
|
@@ -1766,7 +1769,7 @@ function bpsPro_zip_setup_wizard_export_file() {
|
|
| 1766 |
|
| 1767 |
// Use PclZip
|
| 1768 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/' );
|
| 1769 |
-
require_once
|
| 1770 |
|
| 1771 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 1772 |
$previous_encoding = mb_internal_encoding();
|
|
@@ -1882,7 +1885,7 @@ function bpsPro_SW_DB_Update() {
|
|
| 1882 |
|
| 1883 |
if ( file_exists($SW_export) ) {
|
| 1884 |
|
| 1885 |
-
require_once
|
| 1886 |
|
| 1887 |
// Update the Admin email address option settings in Email|Log Settings and MMode to the current site's Admin email address
|
| 1888 |
$admin_email = get_option('admin_email');
|
|
@@ -2061,7 +2064,7 @@ global $bps_topDiv, $bps_bottomDiv;
|
|
| 2061 |
|
| 2062 |
// NOTE: last modified date of files is not changed with PclZip
|
| 2063 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/' );
|
| 2064 |
-
require_once
|
| 2065 |
|
| 2066 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 2067 |
$previous_encoding = mb_internal_encoding();
|
| 18 |
#wpwrap{min-height:100.1%};
|
| 19 |
</style>
|
| 20 |
|
| 21 |
+
<div id="bps-container" class="wrap">
|
| 22 |
|
| 23 |
<noscript><div id="message" class="updated" style="font-weight:600;font-size:13px;padding:5px;background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><span style="color:blue">BPS Warning: JavaScript is disabled in your Browser</span><br />BPS plugin pages will not display visually correct and all BPS JavaScript functionality will not work correctly.</div></noscript>
|
| 24 |
|
| 27 |
|
| 28 |
if ( isset( $ScrollTop_options['bps_scrolltop'] ) && $ScrollTop_options['bps_scrolltop'] != 'Off' ) {
|
| 29 |
|
| 30 |
+
if ( esc_html($_SERVER['REQUEST_METHOD']) == 'POST' || isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true ) {
|
| 31 |
|
| 32 |
bpsPro_Browser_UA_scroll_animation();
|
| 33 |
}
|
| 54 |
|
| 55 |
$wpconfig = ABSPATH . 'wp-config.php';
|
| 56 |
$sapi_type = php_sapi_name();
|
| 57 |
+
$perms_wpconfig = substr(sprintf('%o', fileperms($wpconfig)), -4);
|
| 58 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 59 |
|
| 60 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $perms_wpconfig != '0666' || $perms_wpconfig != '0777' ) {
|
| 61 |
+
chmod( $wpconfig, 0644 );
|
| 62 |
}
|
| 63 |
|
| 64 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 65 |
chmod( $rootHtaccess, 0644 );
|
| 66 |
}
|
| 67 |
|
| 77 |
bpsPro_w3tc_dashboard_iframe_preload();
|
| 78 |
?>
|
| 79 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 80 |
<div id="message" class="updated" style="border:1px solid #999;background-color:#000;">
|
| 81 |
|
| 82 |
<?php
|
| 85 |
$bpsSpacePop = '-------------------------------------------------------------';
|
| 86 |
|
| 87 |
if ( isset( $_POST['Submit-Setup-Wizard'] ) ) {
|
| 88 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/wizard-functions.php';
|
| 89 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/pwizard-autofix.php';
|
| 90 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/pwizard-autofix-setup.php';
|
| 91 |
}
|
| 92 |
|
| 93 |
// Wizard Prep: Apache Module directive check to get and create the apache modules and htaccess files enabled|disabled DB options/values.
|
| 108 |
|
| 109 |
bpsPro_pre_installation_prep();
|
| 110 |
|
| 111 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/wizard-backup.php';
|
| 112 |
|
| 113 |
bpsPro_Wizard_deny_all();
|
| 114 |
bpsPro_root_precheck_download();
|
| 171 |
|
| 172 |
// General all purpose "Settings Saved." message for forms
|
| 173 |
if ( current_user_can('manage_options') && wp_script_is( 'bps-accordion', $list = 'queue' ) ) {
|
| 174 |
+
if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] == true) {
|
| 175 |
$text = '<p style="font-size:1em;font-weight:bold;padding:2px 0px 2px 5px;margin:0px -11px 0px -11px;background-color:#dfecf2;-webkit-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px 0px rgba(153,153,153,0.7);""><font color="green"><strong>'.__('Settings Saved', 'bulletproof-security').'</strong></font></p>';
|
| 176 |
echo $text;
|
| 177 |
}
|
| 192 |
$sapi_type = php_sapi_name();
|
| 193 |
|
| 194 |
echo '<h3>'.__('Setup Wizard Pre-Installation Checks:', 'bulletproof-security').'</h3>
|
| 195 |
+
<div style="font-size:12px;margin:-10px 0px 10px 0px;font-weight:bold;">'.__('If you see any Red font or Blue font messages displayed below, click the Question Mark help button above and read the "Notes" help section before clicking the Setup Wizard button.', 'bulletproof-security').'</div>';
|
| 196 |
|
| 197 |
echo '<div id="Wizard-background" style="max-height:250px;width:85%;overflow:auto;margin:0px;padding:10px;background-color:#dfecf2;border:2px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);">';
|
| 198 |
|
| 201 |
echo '<div style="color:black;font-size:1.13em;font-weight:bold;margin-bottom:0px;margin-top:10px;">'.__('Compatibility & Basic Checks', 'bulletproof-security').'</div>';
|
| 202 |
echo '<div id="pw-compatibility" style="border-top:3px solid #999999;border-bottom:3px solid #999999;margin-top:0px;"><p>';
|
| 203 |
|
| 204 |
+
if ( substr($sapi_type, 0, 6) != 'apache' && get_filesystem_method() == 'direct') {
|
| 205 |
echo $successTextBegin.__('Pass! Compatible Server Configuration: Server API: CGI | WP Filesystem API Method: direct.', 'bulletproof-security').$successTextEnd;
|
| 206 |
}
|
| 207 |
+
elseif ( substr($sapi_type, 0, 6) == 'apache' && preg_match('#\\\\#', ABSPATH, $matches) && get_filesystem_method() == 'direct') {
|
| 208 |
echo $successTextBegin.__('Pass! Compatible Server Configuration: Server Type Apache: XAMPP, WAMP, MAMP or LAMP | WP Filesystem API Method: direct.', 'bulletproof-security').$successTextEnd;
|
| 209 |
}
|
| 210 |
+
elseif ( substr($sapi_type, 0, 6) == 'apache' && ! preg_match('#\\\\#', ABSPATH, $matches) && get_filesystem_method() == 'direct') {
|
| 211 |
echo $successTextBegin.__('Pass! Compatible Server Configuration: Server API: DSO | WP Filesystem API Method: direct.', 'bulletproof-security').$successTextEnd;
|
| 212 |
}
|
| 213 |
+
elseif ( substr($sapi_type, 0, 6) == 'apache' && get_filesystem_method() != 'direct') {
|
| 214 |
echo $failTextBegin.__('Server API: Apache DSO Server Configuration | WP Filesystem API Method: ', 'bulletproof-security').get_filesystem_method().$failTextEnd.'<br>'.__('Your Server type is DSO and the WP Filesystem API Method is NOT "direct". You can use the Setup Wizard, but you must first make some one-time manual changes to your website before running the Setup Wizard. Please click this Forum Link for instructions: ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/forums/topic/dso-setup-steps/" target="_blank" title="Link opens in a new Browser window"><strong>'.__('DSO Setup Steps', 'bulletproof-security').'</a></strong><br><br>';
|
| 215 |
}
|
| 216 |
|
| 395 |
|
| 396 |
echo '<h3>'.__('BPS Setup Verification & Error Checks', 'bulletproof-security').'</h3>';
|
| 397 |
|
| 398 |
+
echo '<div style="font-size:12px;margin:-10px 0px 10px 0px;font-weight:bold;">'.__('If you see all Green font messages displayed below, the Setup Wizard setup completed successfully.', 'bulletproof-security').'<br>'.__('If you see any Red font or Blue font messages displayed below, click the Question Mark help button above and read the "Notes" help section.', 'bulletproof-security').'<br>'.__('Click the Question Mark help button above for a list of recommended BPS Video Tutorials to watch.', 'bulletproof-security').'</div>';
|
| 399 |
|
| 400 |
echo '<div id="Wizard-background" style="max-height:250px;width:85%;overflow:auto;margin:0px;padding:10px;background-color:#dfecf2;border:2px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);">';
|
| 401 |
|
| 1027 |
|
| 1028 |
</div>
|
| 1029 |
|
| 1030 |
+
<h2 class="bps-tab-title"><?php _e('Setup Wizard', 'bulletproof-security'); ?></h2>
|
| 1031 |
|
| 1032 |
<!-- jQuery UI Tab Menu -->
|
| 1033 |
<div id="bps-tabs" class="bps-menu">
|
| 1104 |
|
| 1105 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1106 |
<tr>
|
| 1107 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 1108 |
</tr>
|
| 1109 |
<tr>
|
| 1110 |
<td class="bps-table_cell_help">
|
| 1111 |
|
| 1112 |
+
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Setup Wizard', 'bulletproof-security'); ?> <button id="bps-open-modal1" class="button bps-modal-button">
|
| 1113 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1114 |
|
| 1115 |
<div id="bps-modal-content1" class="bps-dialog-hide" title="<?php _e('Setup Wizard', 'bulletproof-security'); ?>">
|
| 1116 |
|
| 1119 |
<td class="bps-readme-table-td">
|
| 1120 |
|
| 1121 |
<?php
|
| 1122 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1123 |
echo $text;
|
| 1124 |
+
|
| 1125 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1126 |
+
echo $bpsPro_text;
|
| 1127 |
+
|
| 1128 |
$text = '<strong><font color="blue">'.__('Recommended Video Tutorials: ', 'bulletproof-security').'</font></strong><br>';
|
| 1129 |
echo $text;
|
| 1130 |
?>
|
| 1131 |
|
| 1132 |
+
<strong><a href="https://forum.ait-pro.com/video-tutorials/#setup-overview-free" title="Setup Wizard Video Tutorial" target="_blank"><?php _e('Setup Wizard Video Tutorial', 'bulletproof-security'); ?></a></strong><br />
|
| 1133 |
<strong><a href="https://forum.ait-pro.com/video-tutorials/#custom-code" title="Custom Code Video Tutorial" target="_blank"><?php _e('Custom Code Video Tutorial', 'bulletproof-security'); ?></a></strong><br />
|
| 1134 |
<strong><a href="https://forum.ait-pro.com/video-tutorials/#security-log-firewall" title="Security Log Video Tutorial" target="_blank"><?php _e('Security Log Video Tutorial', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 1135 |
|
| 1151 |
</div>
|
| 1152 |
|
| 1153 |
<?php
|
|
|
|
|
|
|
|
|
|
| 1154 |
bpsSetupWizardPrechecks();
|
|
|
|
| 1155 |
?>
|
| 1156 |
|
| 1157 |
<form name="bpsSetupWizard" action="<?php echo admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ); ?>" method="post">
|
| 1173 |
|
| 1174 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1175 |
<tr>
|
| 1176 |
+
<td class="bps-table_title"></td>
|
|
|
|
|
|
|
| 1177 |
</tr>
|
| 1178 |
<tr>
|
| 1179 |
<td class="bps-table_cell_help">
|
| 1180 |
|
| 1181 |
+
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Setup Wizard Options', 'bulletproof-security'); ?> <button id="bps-open-modal2" class="button bps-modal-button">
|
| 1182 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1183 |
|
| 1184 |
<div id="bps-modal-content2" class="bps-dialog-hide" title="<?php _e('Setup Wizard Options', 'bulletproof-security'); ?>">
|
| 1185 |
|
| 1187 |
<tr>
|
| 1188 |
<td class="bps-readme-table-td">
|
| 1189 |
|
| 1190 |
+
<?php
|
| 1191 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1192 |
+
echo $text;
|
| 1193 |
+
|
| 1194 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1195 |
+
echo $bpsPro_text;
|
| 1196 |
+
|
| 1197 |
+
$text = '<strong><font color="blue">'.__('Forum Help Links:', 'bulletproof-security').'</font></strong><br>';
|
| 1198 |
+
echo $text;
|
| 1199 |
?>
|
| 1200 |
|
| 1201 |
<strong><a href="https://forum.ait-pro.com/forums/topic/gdmw/" title="Go Daddy Managed WordPress Hosting (GDMW)" target="_blank"><?php _e('Go Daddy Managed WordPress Hosting (GDMW)', 'bulletproof-security'); ?></a></strong><br />
|
| 1204 |
<strong><a href="https://forum.ait-pro.com/forums/topic/bps-gdpr-compliance/" title="GDPR Compliance" target="_blank"><?php _e('GDPR Compliance Forum Topic', 'bulletproof-security'); ?></a></strong><br /><br />
|
| 1205 |
|
| 1206 |
<?php
|
| 1207 |
+
$text = '<strong>'.__('AutoFix (AutoWhitelist|AutoSetup|AutoCleanup)', 'bulletproof-security').'</strong><br>'.__('Setup Wizard AutoFix is turned On by default. When AutoFix is turned On the Setup Wizard will automatically create htaccess whitelist rules in BPS Custom Code and your Live htaccess files for other plugins and themes that you have installed that require htaccess code whitelist rules. Setup Wizard AutoFix will also automatically setup or cleanup htaccess code in BPS Custom Code for these caching plugins: WP Super Cache, W3 Total Cache, Comet Cache Plugin (free & Pro), WP Fastest Cache Plugin (free & Premium), LiteSpeed Cache and WP Rocket. If a problem occurs with AutoFix you can turn On the AutoFix Debugger on the BPS UI|UX Settings page > BPS UI|UX|AutoFix Debug option to check the plugin or theme name and the BPS Custom Code text box where the problem is occurring. You can also turn Off AutoFix and AutoFix will not try to detect or create Custom Code whitelist rules or setup or cleanup caching plugins htaccess code. If a problem does occur with AutoFix turn On the BPS UI|UX|AutoFix Debug option, copy the AutoFix Debug information that is displayed to you and then click the AutoFix Forum Topic link at the top of this Question Mark help window and post a forum Reply with your AutoFix Debug information so that we can figure out what the problem is.', 'bulletproof-security').'<br><br><strong>'.__('GDPR Compliance (IP Address Logging On|Off)', 'bulletproof-security').'</strong><br>'.__('The GDPR Compliance option setting is set to Off by default. Choosing the GDPR Compliance On option setting will disable IP address logging in all BPS features that log IP addresses. This plain text will be logged instead of IP addresses: GDPR Compliance On. List of BPS features that log IP addresses: Security Log, Login Security and Maintenance Mode. Note: For simplicity and ease of use this GDPR Compliance Setup Wizard Options setting is the only option setting that needs to be set instead of creating individual option settings in all BPS features that perform IP address logging. For more information about GDPR Compliance click the GDPR Compliance Forum Topic link at the top of this Question Mark help window.', 'bulletproof-security').'<br><br><strong>'.__('Go Daddy Managed WordPress Hosting (GDMW):', 'bulletproof-security').'</strong><br>'.__('This option is ONLY for a special type of Go Daddy Hosting account called "Managed WordPress Hosting" and is NOT for regular/standard Go Daddy Hosting account types. Leave the default setting set to No, unless you have a Go Daddy Managed WordPress Hosting account. See the Forum Help Links section above for more information.', 'bulletproof-security').'<br><br><strong>'.__('Enable|Disable htaccess Files:', 'bulletproof-security').'</strong><br>'.__('Before changing this option setting, click the ', 'bulletproof-security').'<strong><font color="blue">'.__('Enable|Disable htaccess Files', 'bulletproof-security').'</font></strong>'.__(' Forum Help Link at the top of this Question Mark help window to find out exactly what this option setting does and when it should or should not be used. htaccess Files Disabled: Will disable all BPS htaccess features and files. htaccess Files Enabled: Will enable all BPS htaccess freatures and files.', 'bulletproof-security').'<br><br><strong>'.__('Enable|Disable wp-admin BulletProof Mode', 'bulletproof-security').'</strong><br>'.__('The default setting is already set to: wp-admin BulletProof Mode Enabled. If you would like to disable wp-admin BulletProof Mode select wp-admin BulletProof Mode Disabled.', 'bulletproof-security').'<br><br><strong>'.__('Zip File Download Fix (Incapsula, Proxy, Other Cause):', 'bulletproof-security').'</strong><br>'.__('This option should only be set to On if you are seeing a 403 error and/or unable to download these Zip files: Custom Code Export Zip file, Login Security Table Export Zip file or the Setup Wizard Root htaccess file backup Zip file. The Setup Wizard Root htaccess file backup Zip file link is only displayed if BPS detects that your Root htaccess file is not a BPS Root htaccess file. If you are still unable to download zip files after setting this option to On then you will need to whitelist your Proxy IP address in the Plugin Firewall Whitelist by Hostname (domain name) and IP Address tool under the Plugin Firewall Additional Whitelist Tools accordion tab. If that does not work then you will need to deactivate the Plugin Firewall temporarily, download the zip file and then activate the Plugin Firewall again.', 'bulletproof-security').'<br><br><strong>'.__('Multisite Hide|Display System Info Page for Subsites:', 'bulletproof-security').'</strong><br>'.__('This option is for Network|Multisite sites only. Choosing Hide System Info Page will hide the System Info menu link under the BPS navigational menus. Choosing Display System Info page will display the System Info menu link under the BPS navigational mensus.', 'bulletproof-security').'<br><br><strong>'.__('Network|Multisite Sitewide Login Security Settings', 'bulletproof-security').'</strong><br>'.__('This option is for Network|Multisite sites only. This is an independent option Form that creates and saves Login Security DB option settings for all Network sites when you click the Save Network LSM Options Sitewide button. If Login Security option settings have already been setup and saved for any Network site then those Login Security option settings will NOT be changed. If Login Security options settings have NOT already been setup and saved for any Network site then those Login Security option settings will be created and saved with these default settings: Max Login Attempts: 3, Automatic Lockout Time: 60, Manual Lockout Time: 60, Max DB Rows To Show: blank show all rows, Turn On|Turn Off: Turn On Login Security, Logging Options: Log Only Account Lockouts, Error Messages: Standard WP Login Errors, Attempts Remaining: Show Login Attempts Remaining, Password Reset: Enable Password Reset, Sort DB Rows: Ascending - Show Oldest Login First.', 'bulletproof-security').'<br><br><strong>'.__('Network|Multisite Sitewide JTC-Lite Settings', 'bulletproof-security').'</strong><br>'.__('This option is for Network|Multisite sites only. This is an independent option Form that creates and saves JTC-Lite DB option settings for all Network sites when you click the Save Network JTC Options Sitewide button. If JTC option settings have already been setup and saved for any Network site then those JTC option settings will not be changed. If JTC options settings have not already been setup and saved for any Network site then those JTC option settings will be created and saved with these default settings: JTC CAPTCHA: jtc, JTC ToolTip: Type/Enter: jtc, JTC Title|Text: Hover or click the text box below, Enable|Disable JTC Anti-Spam For These Forms: Login Form checkbox is checked and will display the JTC CAPTCHA text box on the Login Form.', 'bulletproof-security').'<br><br><strong>'.__('Network|Multisite Sitewide Force Strong Passwords Settings', 'bulletproof-security').'</strong><br>'.__('This option is for Network|Multisite sites ONLY. This is an independent option Form that creates and saves FSP DB option settings for all Network sites when you click the Save Network FSP Options Sitewide button. If FSP option settings have already been setup and saved for any Network site then those FSP option settings will NOT be changed. If FSP options settings have NOT already been setup and saved for any Network site then those FSP option settings will be created and saved with these default settings: FSP: Off, Password Character Length: 12, Password Criteria Requirements checkboxes: all checked and Displayed Message/Error Message: default FSP message.', 'bulletproof-security');
|
| 1208 |
+
echo $text;
|
| 1209 |
?>
|
| 1210 |
|
| 1211 |
</td>
|
| 1261 |
?>
|
| 1262 |
|
| 1263 |
<label for="wizard-curl"><?php _e('Enable|Disable htaccess Files:', 'bulletproof-security'); ?></label><br />
|
| 1264 |
+
<label for="wizard-curl" class="setup-wizard-blue-small-text" style="color:#2271b1;"><?php _e('CAUTION: Click the Question Mark help button before changing this option setting', 'bulletproof-security'); ?></label><br />
|
| 1265 |
<select name="bulletproof_security_options_htaccess_files[bps_htaccess_files]" class="form-300">
|
| 1266 |
<option value="enabled" <?php selected('enabled', $bps_htaccess_files); ?>><?php _e('htaccess Files Enabled', 'bulletproof-security'); ?></option>
|
| 1267 |
<option value="disabled" <?php selected('disabled', $bps_htaccess_files); ?>><?php _e('htaccess Files Disabled', 'bulletproof-security'); ?></option>
|
| 1693 |
|
| 1694 |
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bps-help_faq_table">
|
| 1695 |
<tr>
|
| 1696 |
+
<td class="bps-table_title"></td>
|
| 1697 |
</tr>
|
| 1698 |
<tr>
|
| 1699 |
<td class="bps-table_cell_help">
|
| 1700 |
|
| 1701 |
+
<h3 style="margin:0px 0px 5px 0px;"><?php _e('Setup Wizard Export|Import', 'bulletproof-security'); ?> <button id="bps-open-modal3" class="button bps-modal-button">
|
| 1702 |
+
<img src="<?php echo plugins_url('/bulletproof-security/admin/images/question-mark-large.jpg'); ?>" style="margin:0px 0px 0px -10px" /></button></h3>
|
| 1703 |
|
| 1704 |
<div id="bps-modal-content3" class="bps-dialog-hide" title="<?php _e('Setup Wizard Export|Import', 'bulletproof-security'); ?>">
|
| 1705 |
<p>
|
| 1706 |
<?php
|
| 1707 |
+
$text = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br>';
|
| 1708 |
echo $text;
|
| 1709 |
+
|
| 1710 |
+
$bpsPro_text = '<strong><font color="blue">'.__('Want even more security protection for the ridiculously cheap one-time price of $69.95', 'bulletproof-security').'</font><br>'.__('BPS Pro comes with free unlimited installations, upgrades & support for life. No yearly subscriptions or additional costs.', 'bulletproof-security').'<br><br>'.__('BBS Pro has an amazing track record. BPS Pro is installed on 60,000+ websites. Not a single one of those websites has been hacked in 10+ years.', 'bulletproof-security').'<br><br><a href="https://affiliates.ait-pro.com/po/" target="_blank" title="Get BPS Pro">'.__('Get BPS Pro', 'bulletproof-security').'</a><br><a href="https://www.ait-pro.com/bps-features/" target="_blank" title="BPS Pro Features">'.__('BPS Pro Features', 'bulletproof-security').'</a></strong><br><br>';
|
| 1711 |
+
echo $bpsPro_text;
|
| 1712 |
+
|
| 1713 |
// Forum Help Links or of course both
|
| 1714 |
//$text = '<strong><font color="blue">'.__('Forum Help Links: ', 'bulletproof-security').'</font></strong><br>';
|
| 1715 |
//echo $text;
|
| 1717 |
<!--<strong><a href="https://forum.ait-pro.com/forums/topic/gdmw/" title="GDMW Hosting" target="_blank">
|
| 1718 |
<?php _e('GDMW Hosting', 'bulletproof-security'); ?></a></strong><br />-->
|
| 1719 |
|
| 1720 |
+
<?php $text = '<strong>'.__('Setup Wizard Export', 'bulletproof-security').'</strong><br>'.__('The Setup Wizard Export feature exports all BPS plugin option settings except for website specific settings that need to be setup by running the Setup Wizard after you have imported the BPS plugin option settings into a new website. The name of the exported zip file is: bps-settings-export.zip', 'bulletproof-security').'<br><br><strong>'.__('Setup Wizard Import', 'bulletproof-security').'</strong><br>'.__('To import BPS plugin option settings click the Choose File button, navigate to where you downloaded/saved the bps-settings-export.zip file on your computer, select the zip file and click the Open button. Then click the Import button. IMPORTANT: Run the Setup Wizard after the import completes. After running the Setup Wizard go to the BPS Security > htaccess Core > Custom Code tab page and check all of your custom htaccess code for any website specific custom htaccess code. Example: If you find any custom htaccess code that has a website URL for your other website that you exported BPS plugin settings from, then either edit that custom htaccess code or remove it from BPS Custom Code.', 'bulletproof-security').'<br><br><strong>'.__('Network|Multisite Help Info', 'bulletproof-security').'</strong><br>'.__('Setup Wizard Export|Import works for Network|Multisite site types, but only the Primary site\'s BPS plugin option settings are exported and imported. BPS plugin option settings are not exported or imported for Subsites. Note: These Setup Wizard Options > Network|Multisite Sitewide Login Security Settings, Network|Multisite Sitewide JTC Anti-Spam|Anti-Hacker Settings and Network|Multisite Sitewide Force Strong Passwords Settings can be run after importing BPS plugin option settings to apply BPS LSM, JTC and FSP plugin option settings from the Primary site to all Subsites.', 'bulletproof-security'); echo $text; ?></p>
|
| 1721 |
</div>
|
| 1722 |
|
| 1723 |
<div id="CC-Import" style="margin:20px 0px 20px 0px">
|
| 1738 |
</form>
|
| 1739 |
</div>
|
| 1740 |
|
| 1741 |
+
<div id="bps-whitespace-275" style="min-height:275px"></div>
|
| 1742 |
|
| 1743 |
<?php
|
| 1744 |
|
| 1769 |
|
| 1770 |
// Use PclZip
|
| 1771 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/' );
|
| 1772 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 1773 |
|
| 1774 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 1775 |
$previous_encoding = mb_internal_encoding();
|
| 1885 |
|
| 1886 |
if ( file_exists($SW_export) ) {
|
| 1887 |
|
| 1888 |
+
require_once WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/setup-wizard-export.php';
|
| 1889 |
|
| 1890 |
// Update the Admin email address option settings in Email|Log Settings and MMode to the current site's Admin email address
|
| 1891 |
$admin_email = get_option('admin_email');
|
| 2064 |
|
| 2065 |
// NOTE: last modified date of files is not changed with PclZip
|
| 2066 |
define( 'PCLZIP_TEMPORARY_DIR', WP_PLUGIN_DIR . '/bulletproof-security/admin/wizard/' );
|
| 2067 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 2068 |
|
| 2069 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 2070 |
$previous_encoding = mb_internal_encoding();
|
bulletproof-security.php
CHANGED
|
@@ -4,8 +4,8 @@ Plugin Name: BulletProof Security
|
|
| 4 |
Plugin URI: https://forum.ait-pro.com/read-me-first/
|
| 5 |
Text Domain: bulletproof-security
|
| 6 |
Domain Path: /languages/
|
| 7 |
-
Description: <strong>Feature Highlights:</strong> Setup Wizard • MScan Malware Scanner • .htaccess Website Security Protection (Firewalls) • Security Logging|HTTP Error Logging • DB Backup • DB Table Prefix Changer • Login Security & Monitoring • JTC-Lite Login Form Bot Lockout Protection • Idle Session Logout (ISL) • Auth Cookie Expiration (ACE) •
|
| 8 |
-
Version: 5.
|
| 9 |
Author: AITpro Website Security
|
| 10 |
Author URI: https://forum.ait-pro.com/read-me-first/
|
| 11 |
*/
|
|
@@ -33,9 +33,9 @@ Author URI: https://forum.ait-pro.com/read-me-first/
|
|
| 33 |
// and cannot access the global variables within functions in BPS. Luckily this does not break BPS or WordPress in any way and PHP.net states this is technically not an error.
|
| 34 |
global $bps_last_version, $bps_version, $aitpro_bullet, $bps_topDiv, $bps_bottomDiv, $bpsPro_remote_addr, $bpsPro_http_client_ip, $bpsPro_http_forwarded, $bpsPro_http_x_forwarded_for, $bpsPro_http_x_cluster_client_ip, $bps_wpcontent_dir, $bps_plugin_dir, $plugin_hashes, $theme_hashes;
|
| 35 |
|
| 36 |
-
define( 'BULLETPROOF_VERSION', '5.
|
| 37 |
-
$bps_last_version = '5.
|
| 38 |
-
$bps_version = '5.
|
| 39 |
$aitpro_bullet = '<img src="'.plugins_url('/bulletproof-security/admin/images/aitpro-bullet.png').'" style="padding:0px 3px 0px 3px;" />';
|
| 40 |
// Top div & bottom div
|
| 41 |
$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
|
@@ -79,7 +79,7 @@ if ( isset( $GDPR_Options['bps_gdpr_on_off'] ) && $GDPR_Options['bps_gdpr_on_off
|
|
| 79 |
}
|
| 80 |
|
| 81 |
// Load BPS Global class - not doing anything with this Class in BPS Free
|
| 82 |
-
//require_once
|
| 83 |
|
| 84 |
add_action( 'init', 'bulletproof_security_load_plugin_textdomain' );
|
| 85 |
|
| 4 |
Plugin URI: https://forum.ait-pro.com/read-me-first/
|
| 5 |
Text Domain: bulletproof-security
|
| 6 |
Domain Path: /languages/
|
| 7 |
+
Description: <strong>Feature Highlights:</strong> Setup Wizard • MScan Malware Scanner • .htaccess Website Security Protection (Firewalls) • Security Logging|HTTP Error Logging • DB Backup • DB Table Prefix Changer • Login Security & Monitoring • JTC-Lite Login Form Bot Lockout Protection • Idle Session Logout (ISL) • Auth Cookie Expiration (ACE) • System Info: Extensive System, Server and Security Status Information • FrontEnd|BackEnd Maintenance Mode • WP Automatic Update Options (BPS MU Tools must-use plugin) • Force Strong Passwords • Email Alerts When New Plugins And Themes Are Available.
|
| 8 |
+
Version: 5.5
|
| 9 |
Author: AITpro Website Security
|
| 10 |
Author URI: https://forum.ait-pro.com/read-me-first/
|
| 11 |
*/
|
| 33 |
// and cannot access the global variables within functions in BPS. Luckily this does not break BPS or WordPress in any way and PHP.net states this is technically not an error.
|
| 34 |
global $bps_last_version, $bps_version, $aitpro_bullet, $bps_topDiv, $bps_bottomDiv, $bpsPro_remote_addr, $bpsPro_http_client_ip, $bpsPro_http_forwarded, $bpsPro_http_x_forwarded_for, $bpsPro_http_x_cluster_client_ip, $bps_wpcontent_dir, $bps_plugin_dir, $plugin_hashes, $theme_hashes;
|
| 35 |
|
| 36 |
+
define( 'BULLETPROOF_VERSION', '5.5' );
|
| 37 |
+
$bps_last_version = '5.4';
|
| 38 |
+
$bps_version = '5.5';
|
| 39 |
$aitpro_bullet = '<img src="'.plugins_url('/bulletproof-security/admin/images/aitpro-bullet.png').'" style="padding:0px 3px 0px 3px;" />';
|
| 40 |
// Top div & bottom div
|
| 41 |
$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 79 |
}
|
| 80 |
|
| 81 |
// Load BPS Global class - not doing anything with this Class in BPS Free
|
| 82 |
+
//require_once WP_PLUGIN_DIR . '/bulletproof-security/includes/class.php';
|
| 83 |
|
| 84 |
add_action( 'init', 'bulletproof_security_load_plugin_textdomain' );
|
| 85 |
|
includes/db-security.php
CHANGED
|
@@ -302,13 +302,13 @@ $time_start = microtime( true );
|
|
| 302 |
$zip->addFile( $db_backup, DB_NAME . ".sql" );
|
| 303 |
$zip->close();
|
| 304 |
|
| 305 |
-
|
| 306 |
|
| 307 |
} else {
|
| 308 |
|
| 309 |
// Use PCLZip
|
| 310 |
define( 'PCLZIP_TEMPORARY_DIR', $DBBoptions['bps_db_backup_folder'] . '/' );
|
| 311 |
-
require_once
|
| 312 |
|
| 313 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 314 |
$previous_encoding = mb_internal_encoding();
|
|
@@ -321,7 +321,7 @@ $time_start = microtime( true );
|
|
| 321 |
$db_backup_folder = str_replace( DB_NAME . '.sql', "", $db_backup );
|
| 322 |
$v_list = $archive->create( $db_backup_folder . $sql_filename, PCLZIP_OPT_REMOVE_PATH, $db_backup_folder );
|
| 323 |
|
| 324 |
-
|
| 325 |
}
|
| 326 |
}
|
| 327 |
|
|
@@ -410,7 +410,7 @@ $time_start = microtime( true );
|
|
| 410 |
$mailed = wp_mail( $bps_email_to, $subject, $message, $headers, $attachments );
|
| 411 |
}
|
| 412 |
|
| 413 |
-
if (
|
| 414 |
unlink($filename);
|
| 415 |
}
|
| 416 |
}
|
| 302 |
$zip->addFile( $db_backup, DB_NAME . ".sql" );
|
| 303 |
$zip->close();
|
| 304 |
|
| 305 |
+
unlink($db_backup);
|
| 306 |
|
| 307 |
} else {
|
| 308 |
|
| 309 |
// Use PCLZip
|
| 310 |
define( 'PCLZIP_TEMPORARY_DIR', $DBBoptions['bps_db_backup_folder'] . '/' );
|
| 311 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 312 |
|
| 313 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 314 |
$previous_encoding = mb_internal_encoding();
|
| 321 |
$db_backup_folder = str_replace( DB_NAME . '.sql', "", $db_backup );
|
| 322 |
$v_list = $archive->create( $db_backup_folder . $sql_filename, PCLZIP_OPT_REMOVE_PATH, $db_backup_folder );
|
| 323 |
|
| 324 |
+
unlink($db_backup);
|
| 325 |
}
|
| 326 |
}
|
| 327 |
|
| 410 |
$mailed = wp_mail( $bps_email_to, $subject, $message, $headers, $attachments );
|
| 411 |
}
|
| 412 |
|
| 413 |
+
if ( $mailed && $email_zip == 'Delete' ) {
|
| 414 |
unlink($filename);
|
| 415 |
}
|
| 416 |
}
|
includes/functions.php
CHANGED
|
@@ -172,7 +172,7 @@ global $wpdb;
|
|
| 172 |
$UserAgentRulesT = file_get_contents($userAgentMaster);
|
| 173 |
$stringReplace = file_get_contents($bps403File);
|
| 174 |
|
| 175 |
-
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif (
|
| 176 |
|
| 177 |
file_put_contents($bps403File, $stringReplace);
|
| 178 |
}
|
|
@@ -232,7 +232,7 @@ function bps_root_htaccess_status_dashboard() {
|
|
| 232 |
var bpsPage = "<?php echo $wp_admin_url . 'admin.php?' . $_SERVER['QUERY_STRING']; ?>"
|
| 233 |
var hash = window.location.hash;
|
| 234 |
|
| 235 |
-
document.getElementById("url-hash").innerHTML = '<div id="bps-status-display" style="float:left;margin:6px 0px 0px 2px;padding:3px 5px 3px 5px;background-color:#e8e8e8;border:1px solid gray;"><a href="' + bpsPage + hash + '" style="text-decoration:none;font-weight:bold;">Reload BPS Status Display</a></div>';
|
| 236 |
/* ]]> */
|
| 237 |
</script>
|
| 238 |
|
|
@@ -241,7 +241,7 @@ function bps_root_htaccess_status_dashboard() {
|
|
| 241 |
}
|
| 242 |
}
|
| 243 |
|
| 244 |
-
if ( isset($_POST['Submit-DBB-Run-Job']) &&
|
| 245 |
|
| 246 |
$bpsPro_Spinner = get_option('bulletproof_security_options_spinner');
|
| 247 |
|
|
@@ -293,15 +293,15 @@ function bps_root_htaccess_status_dashboard() {
|
|
| 293 |
|
| 294 |
if ( file_exists($filename) ) {
|
| 295 |
|
| 296 |
-
$permsHtaccess =
|
| 297 |
-
$sapi_type =
|
| 298 |
-
$check_string =
|
| 299 |
-
$section =
|
| 300 |
$bps_get_domain_root = bpsGetDomainRoot();
|
| 301 |
$bps_get_wp_root_secure = bps_wp_get_root_folder();
|
| 302 |
$bps_plugin_dir = str_replace( ABSPATH, '', WP_PLUGIN_DIR );
|
| 303 |
$bps_root_upgrade = '';
|
| 304 |
-
$hostaddress = esc_html(
|
| 305 |
|
| 306 |
$patterna = '/RedirectMatch\s403\s\/\\\.\.\*\$/';
|
| 307 |
//$pattern0 = '/ErrorDocument\s404\s(.*)\/404\.php\s*ErrorDocument\s410\s(.*)410\.php/s';
|
|
@@ -394,7 +394,7 @@ switch ( $bps_version ) {
|
|
| 394 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 395 |
}
|
| 396 |
|
| 397 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('BPS Alert! Your site may not be protected by BulletProof Security', 'bulletproof-security').'</font><br>'.__('The BPS version: BULLETPROOF x.x SECURE .HTACCESS line of code was not found at the top of your Root htaccess file.', 'bulletproof-security').'<br>'.__('The BPS version line of code MUST be at the very top of your Root htaccess file.', 'bulletproof-security').'<br><a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'">'.esc_attr__('Click Here', 'bulletproof-security').'</a>'.__(' to go to the BPS Setup Wizard page and click the Setup Wizard button to setup the BPS plugin again.', 'bulletproof-security').'<br>'.__('Important Note: If you manually added other htaccess code above the BPS version line of code in your root htaccess file, you can copy that code to BPS Root Custom Code so that your code is saved in the correct place in the BPS root htaccess file. ', 'bulletproof-security').'<br><a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ).'">'.esc_attr__('Click Here', 'bulletproof-security').'</a>'.__(' to go to the BPS Custom Code page, add your Root custom htaccess code in an appropriate Root Custom Code text box and click the Save Root Custom Code button before running the Setup Wizard again.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 398 |
echo $text;
|
| 399 |
}
|
| 400 |
}
|
|
@@ -411,11 +411,11 @@ switch ( $bps_version ) {
|
|
| 411 |
// Recreate the User Agent filters in the 403.php file on BPS upgrade
|
| 412 |
bpsPro_autoupdate_useragent_filters();
|
| 413 |
|
| 414 |
-
if (
|
| 415 |
-
|
| 416 |
}
|
| 417 |
|
| 418 |
-
$stringReplace =
|
| 419 |
|
| 420 |
if ( preg_match($BPSVpattern, $stringReplace) ) {
|
| 421 |
$stringReplace = preg_replace($BPSVpattern, $BPSVreplace, $stringReplace);
|
|
@@ -559,7 +559,7 @@ switch ( $bps_version ) {
|
|
| 559 |
file_put_contents($filename, $stringReplace);
|
| 560 |
|
| 561 |
if ( $options['bps_root_htaccess_autolock'] == 'On') {
|
| 562 |
-
|
| 563 |
}
|
| 564 |
|
| 565 |
if ( getBPSInstallTime() == getBPSRootHtaccessLasModTime_minutes() || getBPSInstallTime_plusone() == getBPSRootHtaccessLasModTime_minutes() ) {
|
|
@@ -637,9 +637,9 @@ function bps_wpadmin_htaccess_status_dashboard() {
|
|
| 637 |
|
| 638 |
if ( file_exists($filename) ) {
|
| 639 |
|
| 640 |
-
$permsHtaccess =
|
| 641 |
-
$check_string =
|
| 642 |
-
$section =
|
| 643 |
$bps_wpadmin_upgrade = '';
|
| 644 |
|
| 645 |
$pattern10a = '/RewriteCond\s%\{THE_REQUEST\}\s(.*)\?(.*)\sHTTP\/\s\[NC,OR\]\s*RewriteCond\s%\{THE_REQUEST\}\s(.*)\*(.*)\sHTTP\/\s\[NC,OR\]/';
|
|
@@ -697,11 +697,11 @@ switch ( $bps_version ) {
|
|
| 697 |
$Apache_Mod_options = get_option('bulletproof_security_options_apache_modules');
|
| 698 |
$sapi_type = php_sapi_name();
|
| 699 |
|
| 700 |
-
if (
|
| 701 |
-
|
| 702 |
}
|
| 703 |
|
| 704 |
-
$stringReplace =
|
| 705 |
|
| 706 |
if ( preg_match($BPSVpattern, $stringReplace) ) {
|
| 707 |
$stringReplace = preg_replace($BPSVpattern, $BPSVreplace, $stringReplace);
|
|
@@ -1094,7 +1094,7 @@ global $aitpro_bullet;
|
|
| 1094 |
// GET HTTP Status Response from /mod-test/ images to determine which Apache Modules are Loaded,
|
| 1095 |
// Directive Backward Compatibility & if Host is allowing/processing IfModule conditions (Known Hosts: HostGator).
|
| 1096 |
// System Info page updates the DB option on page load in real-time, but does not create htaccess files.
|
| 1097 |
-
// htaccess
|
| 1098 |
// BPS plugin upgrades & Pre-Installation Wizard checks: new htaccess files created if needed.
|
| 1099 |
// bpsPro_apache_mod_create_htaccess_files() executed in this function which creates new htaccess files if needed.
|
| 1100 |
// .52.6: fallback to mod_access_compat. see .53.6
|
|
@@ -1210,7 +1210,7 @@ function bpsPro_apache_mod_directive_check() {
|
|
| 1210 |
|
| 1211 |
$apache_ifmodule = 'Yes';
|
| 1212 |
|
| 1213 |
-
$text = '<font color="#
|
| 1214 |
echo $text;
|
| 1215 |
}
|
| 1216 |
|
|
@@ -1228,7 +1228,7 @@ function bpsPro_apache_mod_directive_check() {
|
|
| 1228 |
|
| 1229 |
} elseif ( 403 != $status_code3 && 403 != $status_code4 ) {
|
| 1230 |
|
| 1231 |
-
$text = '<font color="#
|
| 1232 |
echo $text;
|
| 1233 |
}
|
| 1234 |
|
|
@@ -1247,7 +1247,7 @@ function bpsPro_apache_mod_directive_check() {
|
|
| 1247 |
|
| 1248 |
} elseif ( 403 != $status_code5 && 403 != $status_code6 ) {
|
| 1249 |
|
| 1250 |
-
$text = '<font color="#
|
| 1251 |
echo $text;
|
| 1252 |
}
|
| 1253 |
|
|
@@ -1259,7 +1259,7 @@ function bpsPro_apache_mod_directive_check() {
|
|
| 1259 |
|
| 1260 |
} else {
|
| 1261 |
|
| 1262 |
-
$text = '<font color="#
|
| 1263 |
echo $text;
|
| 1264 |
}
|
| 1265 |
//} // End: Fubar condition
|
|
@@ -1305,10 +1305,10 @@ function bpsPro_apache_mod_directive_check() {
|
|
| 1305 |
if ( 403 == $status_code12 || 403 == $status_code13 ) {
|
| 1306 |
|
| 1307 |
if ( 403 == $status_code12 ) {
|
| 1308 |
-
$text = '<font color="#
|
| 1309 |
echo $text;
|
| 1310 |
} elseif ( 403 == $status_code13 ) {
|
| 1311 |
-
$text = '<font color="#
|
| 1312 |
echo $text;
|
| 1313 |
}
|
| 1314 |
|
|
@@ -1649,19 +1649,19 @@ function bpsPro_apache_mod_create_htaccess_files() {
|
|
| 1649 |
if ( ! file_exists($file) ) {
|
| 1650 |
|
| 1651 |
if ( isset($Apache_Mod_options['bps_apache_mod_ifmodule']) && $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'Yes' ) {
|
| 1652 |
-
|
| 1653 |
} elseif ( isset($Apache_Mod_options['bps_apache_mod_ifmodule']) && $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'No' ) {
|
| 1654 |
-
|
| 1655 |
}
|
| 1656 |
}
|
| 1657 |
|
| 1658 |
if ( file_exists($file) ) {
|
| 1659 |
-
$check_string =
|
| 1660 |
|
| 1661 |
if ( $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'Yes' && ! strpos( $check_string, "BPS mod_authz_core IfModule BC" ) ) {
|
| 1662 |
-
|
| 1663 |
} elseif ( $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'No' && ! strpos( $check_string, "BPS mod_access_compat" ) ) {
|
| 1664 |
-
|
| 1665 |
}
|
| 1666 |
}
|
| 1667 |
}
|
|
@@ -1690,4 +1690,9 @@ function bpsPro_filter_scheduled_events( $tests ) {
|
|
| 1690 |
|
| 1691 |
add_filter( 'site_status_tests', 'bpsPro_filter_scheduled_events' );
|
| 1692 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1693 |
?>
|
| 172 |
$UserAgentRulesT = file_get_contents($userAgentMaster);
|
| 173 |
$stringReplace = file_get_contents($bps403File);
|
| 174 |
|
| 175 |
+
$stringReplace = preg_replace('/# BEGIN USERAGENT FILTER(.*)# END USERAGENT FILTER/s', "# BEGIN USERAGENT FILTER\nif ( !preg_match('/".trim($UserAgentRulesT, "|")."/', \$_SERVER['HTTP_USER_AGENT']) ) {\n# END USERAGENT FILTER", $stringReplace);
|
| 176 |
|
| 177 |
file_put_contents($bps403File, $stringReplace);
|
| 178 |
}
|
| 232 |
var bpsPage = "<?php echo $wp_admin_url . 'admin.php?' . $_SERVER['QUERY_STRING']; ?>"
|
| 233 |
var hash = window.location.hash;
|
| 234 |
|
| 235 |
+
document.getElementById("url-hash").innerHTML = '<div id="bps-status-display" style="float:left;margin:6px 0px 0px 2px;padding:3px 5px 3px 5px;background-color:#e8e8e8;border:1px solid gray;"><a href="' + bpsPage + hash + '" style="text-decoration:none;font-weight:bold;">Reload BPS Status Display</a></div><div style="clear:both;"></div>';
|
| 236 |
/* ]]> */
|
| 237 |
</script>
|
| 238 |
|
| 241 |
}
|
| 242 |
}
|
| 243 |
|
| 244 |
+
if ( isset($_POST['Submit-DBB-Run-Job']) && $_POST['Submit-DBB-Run-Job'] == true || isset($_POST['Submit-DB-Table-Prefix']) && $_POST['Submit-DB-Table-Prefix'] == true || isset($_POST['Submit-DB-Prefix-Table-Refresh']) && $_POST['Submit-DB-Prefix-Table-Refresh'] == true ) {
|
| 245 |
|
| 246 |
$bpsPro_Spinner = get_option('bulletproof_security_options_spinner');
|
| 247 |
|
| 293 |
|
| 294 |
if ( file_exists($filename) ) {
|
| 295 |
|
| 296 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($filename)), -4);
|
| 297 |
+
$sapi_type = php_sapi_name();
|
| 298 |
+
$check_string = file_get_contents($filename);
|
| 299 |
+
$section = file_get_contents($filename, NULL, NULL, 3, 38);
|
| 300 |
$bps_get_domain_root = bpsGetDomainRoot();
|
| 301 |
$bps_get_wp_root_secure = bps_wp_get_root_folder();
|
| 302 |
$bps_plugin_dir = str_replace( ABSPATH, '', WP_PLUGIN_DIR );
|
| 303 |
$bps_root_upgrade = '';
|
| 304 |
+
$hostaddress = esc_html( gethostbyaddr( $_SERVER['SERVER_ADDR'] ) );
|
| 305 |
|
| 306 |
$patterna = '/RedirectMatch\s403\s\/\\\.\.\*\$/';
|
| 307 |
//$pattern0 = '/ErrorDocument\s404\s(.*)\/404\.php\s*ErrorDocument\s410\s(.*)410\.php/s';
|
| 394 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 395 |
}
|
| 396 |
|
| 397 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('BPS Alert! Your site may not be protected by BulletProof Security', 'bulletproof-security').'</font><br>'.__('The BPS version: BULLETPROOF x.x SECURE .HTACCESS line of code was not found at the top of your Root htaccess file.', 'bulletproof-security').'<br>'.__('The BPS version line of code MUST be at the very top of your Root htaccess file.', 'bulletproof-security').'<br><a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'">'.esc_attr__('Click Here', 'bulletproof-security').'</a>'.__(' to go to the BPS Setup Wizard page and click the Setup Wizard button to setup the BPS plugin again.', 'bulletproof-security').'<br>'.__('Important Note: If you manually added other htaccess code above the BPS version line of code in your root htaccess file, you can copy that code to BPS Root Custom Code so that your code is saved in the correct place in the BPS root htaccess file. ', 'bulletproof-security').'<br><a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7' ).'">'.esc_attr__('Click Here', 'bulletproof-security').'</a>'.__(' to go to the BPS Custom Code page, add your Root custom htaccess code in an appropriate Root Custom Code text box and click the Save Root Custom Code button before running the Setup Wizard again.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_root_version_check_nag_ignore=0'.'" style="text-decoration:none;font-weight:bold;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 398 |
echo $text;
|
| 399 |
}
|
| 400 |
}
|
| 411 |
// Recreate the User Agent filters in the 403.php file on BPS upgrade
|
| 412 |
bpsPro_autoupdate_useragent_filters();
|
| 413 |
|
| 414 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 415 |
+
chmod($filename, 0644);
|
| 416 |
}
|
| 417 |
|
| 418 |
+
$stringReplace = file_get_contents($filename);
|
| 419 |
|
| 420 |
if ( preg_match($BPSVpattern, $stringReplace) ) {
|
| 421 |
$stringReplace = preg_replace($BPSVpattern, $BPSVreplace, $stringReplace);
|
| 559 |
file_put_contents($filename, $stringReplace);
|
| 560 |
|
| 561 |
if ( $options['bps_root_htaccess_autolock'] == 'On') {
|
| 562 |
+
chmod($filename, 0404);
|
| 563 |
}
|
| 564 |
|
| 565 |
if ( getBPSInstallTime() == getBPSRootHtaccessLasModTime_minutes() || getBPSInstallTime_plusone() == getBPSRootHtaccessLasModTime_minutes() ) {
|
| 637 |
|
| 638 |
if ( file_exists($filename) ) {
|
| 639 |
|
| 640 |
+
$permsHtaccess = substr(sprintf('%o', fileperms($filename)), -4);
|
| 641 |
+
$check_string = file_get_contents($filename);
|
| 642 |
+
$section = file_get_contents($filename, NULL, NULL, 3, 46);
|
| 643 |
$bps_wpadmin_upgrade = '';
|
| 644 |
|
| 645 |
$pattern10a = '/RewriteCond\s%\{THE_REQUEST\}\s(.*)\?(.*)\sHTTP\/\s\[NC,OR\]\s*RewriteCond\s%\{THE_REQUEST\}\s(.*)\*(.*)\sHTTP\/\s\[NC,OR\]/';
|
| 697 |
$Apache_Mod_options = get_option('bulletproof_security_options_apache_modules');
|
| 698 |
$sapi_type = php_sapi_name();
|
| 699 |
|
| 700 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsHtaccess != '0666' || $permsHtaccess != '0777') { // Windows IIS, XAMPP, etc
|
| 701 |
+
chmod($filename, 0644);
|
| 702 |
}
|
| 703 |
|
| 704 |
+
$stringReplace = file_get_contents($filename);
|
| 705 |
|
| 706 |
if ( preg_match($BPSVpattern, $stringReplace) ) {
|
| 707 |
$stringReplace = preg_replace($BPSVpattern, $BPSVreplace, $stringReplace);
|
| 1094 |
// GET HTTP Status Response from /mod-test/ images to determine which Apache Modules are Loaded,
|
| 1095 |
// Directive Backward Compatibility & if Host is allowing/processing IfModule conditions (Known Hosts: HostGator).
|
| 1096 |
// System Info page updates the DB option on page load in real-time, but does not create htaccess files.
|
| 1097 |
+
// htaccess File Options updates/creates the DB option and creates htaccess files if needed inpage on page load based on timestamp: once per 15 minute time restriction.
|
| 1098 |
// BPS plugin upgrades & Pre-Installation Wizard checks: new htaccess files created if needed.
|
| 1099 |
// bpsPro_apache_mod_create_htaccess_files() executed in this function which creates new htaccess files if needed.
|
| 1100 |
// .52.6: fallback to mod_access_compat. see .53.6
|
| 1210 |
|
| 1211 |
$apache_ifmodule = 'Yes';
|
| 1212 |
|
| 1213 |
+
$text = '<font color="#2271b1"><strong>'.$status_code2.':</strong></font> '.__('mod_access_compat is not Loaded|IfModule: Yes', 'bulletproof-security').'<br>';
|
| 1214 |
echo $text;
|
| 1215 |
}
|
| 1216 |
|
| 1228 |
|
| 1229 |
} elseif ( 403 != $status_code3 && 403 != $status_code4 ) {
|
| 1230 |
|
| 1231 |
+
$text = '<font color="#2271b1"><strong>'.$status_code3.':</strong></font> '.__('mod_authz_core is not Loaded|IfModule: Yes', 'bulletproof-security').'<br>';
|
| 1232 |
echo $text;
|
| 1233 |
}
|
| 1234 |
|
| 1247 |
|
| 1248 |
} elseif ( 403 != $status_code5 && 403 != $status_code6 ) {
|
| 1249 |
|
| 1250 |
+
$text = '<font color="#2271b1"><strong>'.$status_code6.':</strong></font> '.__('mod_authz_host is not Loaded|IfModule: Yes', 'bulletproof-security').'<br>';
|
| 1251 |
echo $text;
|
| 1252 |
}
|
| 1253 |
|
| 1259 |
|
| 1260 |
} else {
|
| 1261 |
|
| 1262 |
+
$text = '<font color="#2271b1"><strong>'.$status_code9.':</strong></font> '.__('mod_rewrite Inconclusive: Status is not 200, 301, 302, 403 or 404', 'bulletproof-security').'<br>';
|
| 1263 |
echo $text;
|
| 1264 |
}
|
| 1265 |
//} // End: Fubar condition
|
| 1305 |
if ( 403 == $status_code12 || 403 == $status_code13 ) {
|
| 1306 |
|
| 1307 |
if ( 403 == $status_code12 ) {
|
| 1308 |
+
$text = '<font color="#2271b1"><strong>'.$status_code12.':</strong></font> '.__('mod_security Module is Loaded|Enabled|IfModule: Yes', 'bulletproof-security').'<br>';
|
| 1309 |
echo $text;
|
| 1310 |
} elseif ( 403 == $status_code13 ) {
|
| 1311 |
+
$text = '<font color="#2271b1"><strong>'.$status_code13.':</strong></font> '.__('mod_security2 Module is Loaded|Enabled|IfModule: Yes', 'bulletproof-security').'<br>';
|
| 1312 |
echo $text;
|
| 1313 |
}
|
| 1314 |
|
| 1649 |
if ( ! file_exists($file) ) {
|
| 1650 |
|
| 1651 |
if ( isset($Apache_Mod_options['bps_apache_mod_ifmodule']) && $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'Yes' ) {
|
| 1652 |
+
copy($denyall_ifmodule_htaccess, $file);
|
| 1653 |
} elseif ( isset($Apache_Mod_options['bps_apache_mod_ifmodule']) && $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'No' ) {
|
| 1654 |
+
copy($denyall_htaccess, $file);
|
| 1655 |
}
|
| 1656 |
}
|
| 1657 |
|
| 1658 |
if ( file_exists($file) ) {
|
| 1659 |
+
$check_string = file_get_contents($file);
|
| 1660 |
|
| 1661 |
if ( $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'Yes' && ! strpos( $check_string, "BPS mod_authz_core IfModule BC" ) ) {
|
| 1662 |
+
copy($denyall_ifmodule_htaccess, $file);
|
| 1663 |
} elseif ( $Apache_Mod_options['bps_apache_mod_ifmodule'] == 'No' && ! strpos( $check_string, "BPS mod_access_compat" ) ) {
|
| 1664 |
+
copy($denyall_htaccess, $file);
|
| 1665 |
}
|
| 1666 |
}
|
| 1667 |
}
|
| 1690 |
|
| 1691 |
add_filter( 'site_status_tests', 'bpsPro_filter_scheduled_events' );
|
| 1692 |
|
| 1693 |
+
// 5.5: disables the Rank Math plugin htaccess file editor - ModSecurity blocks the editor and prevents Rank Math options from being saved.
|
| 1694 |
+
add_filter( 'rank_math/settings/general', function( $tabs) {
|
| 1695 |
+
unset( $tabs['htaccess'] );
|
| 1696 |
+
return $tabs;
|
| 1697 |
+
})
|
| 1698 |
?>
|
includes/general-functions.php
CHANGED
|
@@ -177,8 +177,8 @@ function bpsGetDomainRoot() {
|
|
| 177 |
// File and Folder Permission Checking
|
| 178 |
function bps_check_perms($path, $perm) {
|
| 179 |
clearstatcache();
|
| 180 |
-
$current_perms =
|
| 181 |
-
$stat =
|
| 182 |
|
| 183 |
echo '<table style="width:100%;background-color:#fff;">';
|
| 184 |
echo '<tr>';
|
|
@@ -186,7 +186,7 @@ $stat = @stat($path);
|
|
| 186 |
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' . $perm . '</td>';
|
| 187 |
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' . $current_perms . '</td>';
|
| 188 |
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' . $stat['uid'] . '</td>';
|
| 189 |
-
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' .
|
| 190 |
echo '</tr>';
|
| 191 |
echo '</table>';
|
| 192 |
}
|
|
@@ -318,13 +318,13 @@ if ( current_user_can('manage_options') ) {
|
|
| 318 |
$indexPHP = ABSPATH . 'index.php';
|
| 319 |
|
| 320 |
if ( file_exists($indexPHP) ) {
|
| 321 |
-
$check_string_index =
|
| 322 |
}
|
| 323 |
|
| 324 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 325 |
|
| 326 |
if ( file_exists($wpadminHtaccess) ) {
|
| 327 |
-
$check_string_wpadmin =
|
| 328 |
}
|
| 329 |
|
| 330 |
if ( isset($MMoptions['bps_maint_on_off']) && $MMoptions['bps_maint_on_off'] == 'On' && isset($MMoptions['bps_maint_dashboard_reminder']) && $MMoptions['bps_maint_dashboard_reminder'] == '1' ) {
|
|
@@ -347,17 +347,17 @@ if ( current_user_can('manage_options') ) {
|
|
| 347 |
|
| 348 |
$root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values.php';
|
| 349 |
if ( file_exists($root_folder_maintenance_values) ) {
|
| 350 |
-
$check_string_values =
|
| 351 |
}
|
| 352 |
|
| 353 |
$indexPHP = ABSPATH . 'index.php';
|
| 354 |
if ( file_exists($indexPHP) ) {
|
| 355 |
-
$check_string_index =
|
| 356 |
}
|
| 357 |
|
| 358 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 359 |
if ( file_exists($wpadminHtaccess) ) {
|
| 360 |
-
$check_string_wpadmin =
|
| 361 |
}
|
| 362 |
|
| 363 |
if ( $blog_id == 1 && isset($MMoptions['bps_maint_dashboard_reminder']) && $MMoptions['bps_maint_dashboard_reminder'] == '1' ) {
|
|
@@ -465,29 +465,29 @@ function bpsPro_htaccess_manual_update_notice() {
|
|
| 465 |
|
| 466 |
if ( file_exists($filename) ) {
|
| 467 |
|
| 468 |
-
$check_string =
|
| 469 |
$pattern = '/#\sBEGIN\sWordPress\s*<IfModule\smod_rewrite\.c>\s*RewriteEngine\sOn\s*RewriteBase(.*)\s*RewriteRule(.*)\s*RewriteCond((.*)\s*){2}RewriteRule(.*)\s*<\/IfModule>\s*#\sEND\sWordPress/';
|
| 470 |
|
| 471 |
if ( strpos( $check_string, "BULLETPROOF" ) && preg_match( $pattern, $check_string, $flush_matches ) ) {
|
| 472 |
|
| 473 |
-
$root_perms =
|
| 474 |
$sapi_type = php_sapi_name();
|
| 475 |
$autolock = get_option('bulletproof_security_options_autolock');
|
| 476 |
|
| 477 |
-
if (
|
| 478 |
$lock = '0404';
|
| 479 |
}
|
| 480 |
|
| 481 |
-
if (
|
| 482 |
-
|
| 483 |
}
|
| 484 |
|
| 485 |
$stringReplace = preg_replace('/#\sBEGIN\sWordPress\s*<IfModule\smod_rewrite\.c>\s*RewriteEngine\sOn\s*RewriteBase(.*)\s*RewriteRule(.*)\s*RewriteCond((.*)\s*){2}RewriteRule(.*)\s*<\/IfModule>\s*#\sEND\sWordPress/', "", $check_string);
|
| 486 |
|
| 487 |
if ( file_put_contents($filename, $stringReplace) ) {
|
| 488 |
|
| 489 |
-
if ( $autolock['bps_root_htaccess_autolock'] == 'On' ||
|
| 490 |
-
|
| 491 |
}
|
| 492 |
}
|
| 493 |
}
|
|
@@ -683,7 +683,7 @@ $file = ABSPATH . '.htaccess';
|
|
| 683 |
|
| 684 |
if ( file_exists($file) ) {
|
| 685 |
|
| 686 |
-
$file_contents =
|
| 687 |
$CustomCodeoptions = get_option('bulletproof_security_options_customcode');
|
| 688 |
preg_match( '/Wordfence WAF/', $CustomCodeoptions['bps_customcode_one'], $DBmatches );
|
| 689 |
|
|
@@ -892,15 +892,16 @@ function bpsPro_mu_tools_plugin_copy() {
|
|
| 892 |
|
| 893 |
if ( file_exists($BPS_MU_tools_copy) ) {
|
| 894 |
|
| 895 |
-
$check_string =
|
| 896 |
$pos1 = strpos( $check_string, 'Version: 1.0' );
|
| 897 |
$pos2 = strpos( $check_string, 'Version: 2.0' );
|
| 898 |
$pos3 = strpos( $check_string, 'Version: 3.0' );
|
| 899 |
$pos4 = strpos( $check_string, 'Version: 4.0' );
|
| 900 |
$pos5 = strpos( $check_string, 'Version: 5.0' );
|
| 901 |
$pos6 = strpos( $check_string, 'Version: 6.0' );
|
| 902 |
-
|
| 903 |
-
|
|
|
|
| 904 |
copy($BPS_MU_tools, $BPS_MU_tools_copy);
|
| 905 |
}
|
| 906 |
}
|
|
@@ -1124,17 +1125,17 @@ function bpsPro_wp_rocket_marker_fix() {
|
|
| 1124 |
|
| 1125 |
$sapi_type = php_sapi_name();
|
| 1126 |
$lock = '';
|
| 1127 |
-
$permsRootHtaccess =
|
| 1128 |
|
| 1129 |
-
if (
|
| 1130 |
$lock = '0404';
|
| 1131 |
}
|
| 1132 |
|
| 1133 |
-
if (
|
| 1134 |
chmod( $rootHtaccess, 0644 );
|
| 1135 |
}
|
| 1136 |
|
| 1137 |
-
$root_htaccess_file_contents =
|
| 1138 |
|
| 1139 |
if ( preg_match( '/#\sWP\sRocket\splugin\sskip\/bypass\srule(\s*){1}RewriteCond(.*)wp-rocket\/\s\[NC\](\s*){1}RewriteRule\s\.\s\-\s\[S=\d{1,2}\]/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1140 |
|
|
@@ -1145,8 +1146,8 @@ function bpsPro_wp_rocket_marker_fix() {
|
|
| 1145 |
|
| 1146 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1147 |
|
| 1148 |
-
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' ||
|
| 1149 |
-
|
| 1150 |
}
|
| 1151 |
}
|
| 1152 |
|
|
@@ -1270,11 +1271,11 @@ function bpsPro_new_version_db_options_files_autoupdate() {
|
|
| 1270 |
|
| 1271 |
if ( file_exists($bpsProDBBLogARQ) ) {
|
| 1272 |
|
| 1273 |
-
$check_string =
|
| 1274 |
$pos = strpos( $check_string, 'Zip Backup File Name' );
|
| 1275 |
|
| 1276 |
if ( $pos !== false ) {
|
| 1277 |
-
|
| 1278 |
}
|
| 1279 |
}
|
| 1280 |
|
|
@@ -1824,7 +1825,7 @@ function bpsPro_new_version_db_options_files_autoupdate() {
|
|
| 1824 |
$ccr10 = ! isset($ccr['bps_customcode_two']) ? '' : $ccr['bps_customcode_two'];
|
| 1825 |
$ccr11 = ! isset($ccr['bps_customcode_timthumb_misc']) ? '' : $ccr['bps_customcode_timthumb_misc'];
|
| 1826 |
$ccr12 = ! isset($ccr['bps_customcode_bpsqse']) ? '' : $ccr['bps_customcode_bpsqse'];
|
| 1827 |
-
$ccr12m =
|
| 1828 |
$ccr13 = ! isset($ccr['bps_customcode_deny_files']) ? '' : $ccr['bps_customcode_deny_files'];
|
| 1829 |
$ccr14 = ! isset($ccr['bps_customcode_three']) ? '' : $ccr['bps_customcode_three'];
|
| 1830 |
|
| 177 |
// File and Folder Permission Checking
|
| 178 |
function bps_check_perms($path, $perm) {
|
| 179 |
clearstatcache();
|
| 180 |
+
$current_perms = substr(sprintf('%o', fileperms($path)), -4);
|
| 181 |
+
$stat = stat($path);
|
| 182 |
|
| 183 |
echo '<table style="width:100%;background-color:#fff;">';
|
| 184 |
echo '<tr>';
|
| 186 |
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' . $perm . '</td>';
|
| 187 |
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' . $current_perms . '</td>';
|
| 188 |
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' . $stat['uid'] . '</td>';
|
| 189 |
+
echo '<td style="color:#000;background-color:#fff;padding:2px;width:15%;">' . fileowner( $path ) . '</td>';
|
| 190 |
echo '</tr>';
|
| 191 |
echo '</table>';
|
| 192 |
}
|
| 318 |
$indexPHP = ABSPATH . 'index.php';
|
| 319 |
|
| 320 |
if ( file_exists($indexPHP) ) {
|
| 321 |
+
$check_string_index = file_get_contents($indexPHP);
|
| 322 |
}
|
| 323 |
|
| 324 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 325 |
|
| 326 |
if ( file_exists($wpadminHtaccess) ) {
|
| 327 |
+
$check_string_wpadmin = file_get_contents($wpadminHtaccess);
|
| 328 |
}
|
| 329 |
|
| 330 |
if ( isset($MMoptions['bps_maint_on_off']) && $MMoptions['bps_maint_on_off'] == 'On' && isset($MMoptions['bps_maint_dashboard_reminder']) && $MMoptions['bps_maint_dashboard_reminder'] == '1' ) {
|
| 347 |
|
| 348 |
$root_folder_maintenance_values = ABSPATH . 'bps-maintenance-values.php';
|
| 349 |
if ( file_exists($root_folder_maintenance_values) ) {
|
| 350 |
+
$check_string_values = file_get_contents($root_folder_maintenance_values);
|
| 351 |
}
|
| 352 |
|
| 353 |
$indexPHP = ABSPATH . 'index.php';
|
| 354 |
if ( file_exists($indexPHP) ) {
|
| 355 |
+
$check_string_index = file_get_contents($indexPHP);
|
| 356 |
}
|
| 357 |
|
| 358 |
$wpadminHtaccess = ABSPATH . 'wp-admin/.htaccess';
|
| 359 |
if ( file_exists($wpadminHtaccess) ) {
|
| 360 |
+
$check_string_wpadmin = file_get_contents($wpadminHtaccess);
|
| 361 |
}
|
| 362 |
|
| 363 |
if ( $blog_id == 1 && isset($MMoptions['bps_maint_dashboard_reminder']) && $MMoptions['bps_maint_dashboard_reminder'] == '1' ) {
|
| 465 |
|
| 466 |
if ( file_exists($filename) ) {
|
| 467 |
|
| 468 |
+
$check_string = file_get_contents($filename);
|
| 469 |
$pattern = '/#\sBEGIN\sWordPress\s*<IfModule\smod_rewrite\.c>\s*RewriteEngine\sOn\s*RewriteBase(.*)\s*RewriteRule(.*)\s*RewriteCond((.*)\s*){2}RewriteRule(.*)\s*<\/IfModule>\s*#\sEND\sWordPress/';
|
| 470 |
|
| 471 |
if ( strpos( $check_string, "BULLETPROOF" ) && preg_match( $pattern, $check_string, $flush_matches ) ) {
|
| 472 |
|
| 473 |
+
$root_perms = substr(sprintf('%o', fileperms($filename)), -4);
|
| 474 |
$sapi_type = php_sapi_name();
|
| 475 |
$autolock = get_option('bulletproof_security_options_autolock');
|
| 476 |
|
| 477 |
+
if ( $root_perms == '0404') {
|
| 478 |
$lock = '0404';
|
| 479 |
}
|
| 480 |
|
| 481 |
+
if ( substr( $sapi_type, 0, 6 ) != 'apache' || $root_perms != '0666' || $root_perms != '0777' ) { // Windows IIS, XAMPP, etc
|
| 482 |
+
chmod($filename, 0644);
|
| 483 |
}
|
| 484 |
|
| 485 |
$stringReplace = preg_replace('/#\sBEGIN\sWordPress\s*<IfModule\smod_rewrite\.c>\s*RewriteEngine\sOn\s*RewriteBase(.*)\s*RewriteRule(.*)\s*RewriteCond((.*)\s*){2}RewriteRule(.*)\s*<\/IfModule>\s*#\sEND\sWordPress/', "", $check_string);
|
| 486 |
|
| 487 |
if ( file_put_contents($filename, $stringReplace) ) {
|
| 488 |
|
| 489 |
+
if ( $autolock['bps_root_htaccess_autolock'] == 'On' || $lock == '0404' ) {
|
| 490 |
+
chmod($filename, 0404);
|
| 491 |
}
|
| 492 |
}
|
| 493 |
}
|
| 683 |
|
| 684 |
if ( file_exists($file) ) {
|
| 685 |
|
| 686 |
+
$file_contents = file_get_contents($file);
|
| 687 |
$CustomCodeoptions = get_option('bulletproof_security_options_customcode');
|
| 688 |
preg_match( '/Wordfence WAF/', $CustomCodeoptions['bps_customcode_one'], $DBmatches );
|
| 689 |
|
| 892 |
|
| 893 |
if ( file_exists($BPS_MU_tools_copy) ) {
|
| 894 |
|
| 895 |
+
$check_string = file_get_contents($BPS_MU_tools_copy);
|
| 896 |
$pos1 = strpos( $check_string, 'Version: 1.0' );
|
| 897 |
$pos2 = strpos( $check_string, 'Version: 2.0' );
|
| 898 |
$pos3 = strpos( $check_string, 'Version: 3.0' );
|
| 899 |
$pos4 = strpos( $check_string, 'Version: 4.0' );
|
| 900 |
$pos5 = strpos( $check_string, 'Version: 5.0' );
|
| 901 |
$pos6 = strpos( $check_string, 'Version: 6.0' );
|
| 902 |
+
$pos7 = strpos( $check_string, 'Version: 7.0' );
|
| 903 |
+
|
| 904 |
+
if ( $pos1 !== false || $pos2 !== false || $pos3 !== false || $pos4 !== false || $pos5 !== false || $pos6 !== false || $pos7 !== false ) {
|
| 905 |
copy($BPS_MU_tools, $BPS_MU_tools_copy);
|
| 906 |
}
|
| 907 |
}
|
| 1125 |
|
| 1126 |
$sapi_type = php_sapi_name();
|
| 1127 |
$lock = '';
|
| 1128 |
+
$permsRootHtaccess = substr(sprintf('%o', fileperms($rootHtaccess)), -4);
|
| 1129 |
|
| 1130 |
+
if ( $permsRootHtaccess == '0404') {
|
| 1131 |
$lock = '0404';
|
| 1132 |
}
|
| 1133 |
|
| 1134 |
+
if ( substr($sapi_type, 0, 6) != 'apache' || $permsRootHtaccess != '0666' || $permsRootHtaccess != '0777' ) {
|
| 1135 |
chmod( $rootHtaccess, 0644 );
|
| 1136 |
}
|
| 1137 |
|
| 1138 |
+
$root_htaccess_file_contents = file_get_contents($rootHtaccess);
|
| 1139 |
|
| 1140 |
if ( preg_match( '/#\sWP\sRocket\splugin\sskip\/bypass\srule(\s*){1}RewriteCond(.*)wp-rocket\/\s\[NC\](\s*){1}RewriteRule\s\.\s\-\s\[S=\d{1,2}\]/s', $root_htaccess_file_contents, $matches ) ) {
|
| 1141 |
|
| 1146 |
|
| 1147 |
$Root_Autolock = get_option('bulletproof_security_options_autolock');
|
| 1148 |
|
| 1149 |
+
if ( isset($Root_Autolock['bps_root_htaccess_autolock']) && $Root_Autolock['bps_root_htaccess_autolock'] == 'On' || $lock == '0404' ) {
|
| 1150 |
+
chmod($rootHtaccess, 0404);
|
| 1151 |
}
|
| 1152 |
}
|
| 1153 |
|
| 1271 |
|
| 1272 |
if ( file_exists($bpsProDBBLogARQ) ) {
|
| 1273 |
|
| 1274 |
+
$check_string = file_get_contents($bpsProDBBLogARQ);
|
| 1275 |
$pos = strpos( $check_string, 'Zip Backup File Name' );
|
| 1276 |
|
| 1277 |
if ( $pos !== false ) {
|
| 1278 |
+
unlink($bpsProDBBLogARQ);
|
| 1279 |
}
|
| 1280 |
}
|
| 1281 |
|
| 1825 |
$ccr10 = ! isset($ccr['bps_customcode_two']) ? '' : $ccr['bps_customcode_two'];
|
| 1826 |
$ccr11 = ! isset($ccr['bps_customcode_timthumb_misc']) ? '' : $ccr['bps_customcode_timthumb_misc'];
|
| 1827 |
$ccr12 = ! isset($ccr['bps_customcode_bpsqse']) ? '' : $ccr['bps_customcode_bpsqse'];
|
| 1828 |
+
$ccr12m = ! isset($ccr['bps_customcode_wp_rewrite_end']) ? '' : $ccr['bps_customcode_wp_rewrite_end'];
|
| 1829 |
$ccr13 = ! isset($ccr['bps_customcode_deny_files']) ? '' : $ccr['bps_customcode_deny_files'];
|
| 1830 |
$ccr14 = ! isset($ccr['bps_customcode_three']) ? '' : $ccr['bps_customcode_three'];
|
| 1831 |
|
includes/hidden-plugin-folders-cron.php
CHANGED
|
@@ -255,7 +255,7 @@ function bpsPro_hidden_plugins_check_alert() {
|
|
| 255 |
if ( ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/).*(\\\|\/)/', $files ) ) {
|
| 256 |
|
| 257 |
if ( file_exists($hello_dolly) ) {
|
| 258 |
-
$check_string_hd =
|
| 259 |
|
| 260 |
if ( preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)hello\.php/', $files ) && ! strpos( $check_string_hd, "Plugin Name: Hello Dolly" ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 261 |
|
|
@@ -270,7 +270,7 @@ function bpsPro_hidden_plugins_check_alert() {
|
|
| 270 |
}
|
| 271 |
|
| 272 |
if ( file_exists($plugins_index) ) {
|
| 273 |
-
$check_string_index =
|
| 274 |
|
| 275 |
if ( preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)index\.php/', $files ) && preg_match( '/[\=\%\{\}\(\)\,\;@\'\"\&\+\!]/', $check_string_index ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 276 |
|
|
@@ -285,7 +285,7 @@ function bpsPro_hidden_plugins_check_alert() {
|
|
| 285 |
}
|
| 286 |
|
| 287 |
if ( file_exists($plugins_htaccess) ) {
|
| 288 |
-
$check_string_ht =
|
| 289 |
|
| 290 |
if ( preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)\.htaccess/', $files ) && ! strpos( $check_string_ht, "BULLETPROOF" ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 291 |
|
|
@@ -302,7 +302,7 @@ function bpsPro_hidden_plugins_check_alert() {
|
|
| 302 |
// list any other files found in the /plugins/ folder except for ignored file names.
|
| 303 |
if ( ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)hello\.php/', $files ) && ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)index\.php/', $files ) && ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)\.htaccess/', $files ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 304 |
|
| 305 |
-
$file_contents =
|
| 306 |
|
| 307 |
if ( $hpf_alert_submit != true ) {
|
| 308 |
$alert4 = 'alert';
|
| 255 |
if ( ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/).*(\\\|\/)/', $files ) ) {
|
| 256 |
|
| 257 |
if ( file_exists($hello_dolly) ) {
|
| 258 |
+
$check_string_hd = file_get_contents($hello_dolly);
|
| 259 |
|
| 260 |
if ( preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)hello\.php/', $files ) && ! strpos( $check_string_hd, "Plugin Name: Hello Dolly" ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 261 |
|
| 270 |
}
|
| 271 |
|
| 272 |
if ( file_exists($plugins_index) ) {
|
| 273 |
+
$check_string_index = file_get_contents($plugins_index);
|
| 274 |
|
| 275 |
if ( preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)index\.php/', $files ) && preg_match( '/[\=\%\{\}\(\)\,\;@\'\"\&\+\!]/', $check_string_index ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 276 |
|
| 285 |
}
|
| 286 |
|
| 287 |
if ( file_exists($plugins_htaccess) ) {
|
| 288 |
+
$check_string_ht = file_get_contents($plugins_htaccess);
|
| 289 |
|
| 290 |
if ( preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)\.htaccess/', $files ) && ! strpos( $check_string_ht, "BULLETPROOF" ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 291 |
|
| 302 |
// list any other files found in the /plugins/ folder except for ignored file names.
|
| 303 |
if ( ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)hello\.php/', $files ) && ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)index\.php/', $files ) && ! preg_match( '/\/'.$plugins_dir_name.'(\\\|\/)\.htaccess/', $files ) && ! in_array( $files->getFilename(), $hidden_plugins_array ) ) {
|
| 304 |
|
| 305 |
+
$file_contents = file_get_contents($files->getPathname());
|
| 306 |
|
| 307 |
if ( $hpf_alert_submit != true ) {
|
| 308 |
$alert4 = 'alert';
|
includes/hud-autofix-setup.php
CHANGED
|
@@ -19,8 +19,8 @@ function bps_HUD_autofix_setup_WP_Dashboard() {
|
|
| 19 |
//bpsPro_EPC_plugin_check();
|
| 20 |
$w3tc_plugin = 'w3-total-cache/w3-total-cache.php';
|
| 21 |
$wpsc_plugin = 'wp-super-cache/wp-cache.php';
|
| 22 |
-
|
| 23 |
-
|
| 24 |
bpsPro_comet_cache_htaccess_check();
|
| 25 |
bpsPro_wpfc_htaccess_check();
|
| 26 |
bpsPro_wp_rocket_htaccess_check();
|
|
@@ -47,7 +47,7 @@ function bpsPro_EPC_plugin_check() {
|
|
| 47 |
$epc_options = get_option( 'mm_cache_settings' );
|
| 48 |
$epc_cache_level_options = get_option( 'endurance_cache_level' );
|
| 49 |
|
| 50 |
-
if ( file_exists($EPC_plugin_file) && $epc_options['page'] == 'enabled' &&
|
| 51 |
|
| 52 |
global $current_user;
|
| 53 |
$user_id = $current_user->ID;
|
|
@@ -72,7 +72,7 @@ function bpsPro_EPC_plugin_check() {
|
|
| 72 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 73 |
}
|
| 74 |
|
| 75 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('BPS Notice: The Endurance Page Cache (EPC) must-use plugin is installed', 'bulletproof-security').'</font><br>'.__('The EPC must-use plugin has been automatically installed by your Web Host and requires these additional BPS setup steps to make sure everything is setup correctly:', 'bulletproof-security').'<br>'.__('Go to the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-6' ).'" title="htaccess File Editor">'.__('BPS htaccess File Editor page', 'bulletproof-security').'</a>,'.__(' click the Unlock htaccess File button, go to the WordPress Settings > General page, scroll down to Endurance Cache settings,', 'bulletproof-security').'<br>'.__('click the Save Changes button, click this link: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'" title="Setup Wizard">'.__('BPS Setup Wizard', 'bulletproof-security').'</a>'.__(' and click the Setup Wizard button.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 76 |
echo $text;
|
| 77 |
}
|
| 78 |
}
|
|
@@ -370,7 +370,7 @@ function bpsPro_wpfc_htaccess_check() {
|
|
| 370 |
return;
|
| 371 |
}
|
| 372 |
|
| 373 |
-
if (
|
| 374 |
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('WP Fastest Cache (WPFC) htaccess code was not found in your Root htaccess file', 'bulletproof-security').'</font><br>'.__('If you have deactivated Root Folder BulletProof Mode temporarily then disregard this message. When you activate Root Folder BulletProof Mode again this message will go away automatically.', 'bulletproof-security').'<br>'.__('If you just installed WP Fastest Cache then go to the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-6' ).'" title="htaccess File Editor">'.__('BPS htaccess File Editor page', 'bulletproof-security').'</a>,'.__(' click the Unlock htaccess File button, then go to the WPFC plugin settings page, choose and save the WPFC plugin settings that you want to use and then run the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'" title="Setup Wizard">'.__('BPS Setup Wizard', 'bulletproof-security').'</a>'.__(' to automatically setup/combine WPFC and BPS htaccess code together.', 'bulletproof-security').'</div>';
|
| 375 |
echo $text;
|
| 376 |
}
|
| 19 |
//bpsPro_EPC_plugin_check();
|
| 20 |
$w3tc_plugin = 'w3-total-cache/w3-total-cache.php';
|
| 21 |
$wpsc_plugin = 'wp-super-cache/wp-cache.php';
|
| 22 |
+
bpsPro_w3tc_htaccess_check($w3tc_plugin);
|
| 23 |
+
bpsPro_wpsc_htaccess_check($wpsc_plugin);
|
| 24 |
bpsPro_comet_cache_htaccess_check();
|
| 25 |
bpsPro_wpfc_htaccess_check();
|
| 26 |
bpsPro_wp_rocket_htaccess_check();
|
| 47 |
$epc_options = get_option( 'mm_cache_settings' );
|
| 48 |
$epc_cache_level_options = get_option( 'endurance_cache_level' );
|
| 49 |
|
| 50 |
+
if ( file_exists($EPC_plugin_file) && $epc_options['page'] == 'enabled' && $epc_cache_level_options['endurance_cache_level'] > 0 ) {
|
| 51 |
|
| 52 |
global $current_user;
|
| 53 |
$user_id = $current_user->ID;
|
| 72 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 73 |
}
|
| 74 |
|
| 75 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('BPS Notice: The Endurance Page Cache (EPC) must-use plugin is installed', 'bulletproof-security').'</font><br>'.__('The EPC must-use plugin has been automatically installed by your Web Host and requires these additional BPS setup steps to make sure everything is setup correctly:', 'bulletproof-security').'<br>'.__('Go to the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-6' ).'" title="htaccess File Editor">'.__('BPS htaccess File Editor page', 'bulletproof-security').'</a>,'.__(' click the Unlock htaccess File button, go to the WordPress Settings > General page, scroll down to Endurance Cache settings,', 'bulletproof-security').'<br>'.__('click the Save Changes button, click this link: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'" title="Setup Wizard">'.__('BPS Setup Wizard', 'bulletproof-security').'</a>'.__(' and click the Setup Wizard button.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bpsPro_EPC_plugin_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 76 |
echo $text;
|
| 77 |
}
|
| 78 |
}
|
| 370 |
return;
|
| 371 |
}
|
| 372 |
|
| 373 |
+
if ( /*$wpfc_options['wpFastestCacheStatus'] == 'on' && */ ! strpos($string, "WpFastestCache" ) ) {
|
| 374 |
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('WP Fastest Cache (WPFC) htaccess code was not found in your Root htaccess file', 'bulletproof-security').'</font><br>'.__('If you have deactivated Root Folder BulletProof Mode temporarily then disregard this message. When you activate Root Folder BulletProof Mode again this message will go away automatically.', 'bulletproof-security').'<br>'.__('If you just installed WP Fastest Cache then go to the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-6' ).'" title="htaccess File Editor">'.__('BPS htaccess File Editor page', 'bulletproof-security').'</a>,'.__(' click the Unlock htaccess File button, then go to the WPFC plugin settings page, choose and save the WPFC plugin settings that you want to use and then run the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'" title="Setup Wizard">'.__('BPS Setup Wizard', 'bulletproof-security').'</a>'.__(' to automatically setup/combine WPFC and BPS htaccess code together.', 'bulletproof-security').'</div>';
|
| 375 |
echo $text;
|
| 376 |
}
|
includes/hud-autofix-whitelist.php
CHANGED
|
@@ -373,6 +373,10 @@ function bpsPro_HUD_autofix_whitelist_check() {
|
|
| 373 |
$nextend_social_login_active = in_array( $nextend_social_login, apply_filters('active_plugins', get_option('active_plugins')));
|
| 374 |
$business_directory_plugin = 'business-directory-plugin/business-directory-plugin.php';
|
| 375 |
$business_directory_plugin_active = in_array( $business_directory_plugin, apply_filters('active_plugins', get_option('active_plugins')));
|
|
|
|
|
|
|
|
|
|
|
|
|
| 376 |
|
| 377 |
## BPSQSE RegEx Patterns
|
| 378 |
// 3 variations for both UA rules below: only java, java and curl, java, curl and wget
|
|
@@ -533,6 +537,18 @@ function bpsPro_HUD_autofix_whitelist_check() {
|
|
| 533 |
$debug_BPSQSE .= __('CC Root Text Box 12: Business Directory Plugin', 'bulletproof-security').'<br>';
|
| 534 |
}
|
| 535 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 536 |
|
| 537 |
## 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
|
| 538 |
$bps_customcode_two_wpa = htmlspecialchars_decode( $CC_Options_wpadmin['bps_customcode_two_wpa'], ENT_QUOTES );
|
|
@@ -842,7 +858,7 @@ function bpsPro_HUD_autofix_whitelist_check() {
|
|
| 842 |
|
| 843 |
## Display Setup Wizard AutoFix WP Dashboard message
|
| 844 |
if ( $autofix_message == 1 ) {
|
| 845 |
-
$text_wp = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('BPS Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) Notice', 'bulletproof-security').'</font><br>'.__('One or more of your plugins or your theme requires a BPS Custom Code whitelist rule to be automatically created by the Setup Wizard.', 'bulletproof-security').'<br>'.__('Click this ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'" title="Setup Wizard AutoFix">'.__('Setup Wizard link', 'bulletproof-security').'</a>'.__(' and click the Setup Wizard button to automatically create BPS Custom Code whitelist rules.', 'bulletproof-security').'<br>'.__('This BPS AutoFix check can be turned Off on the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php#bps-tabs-2' ).'" title="Setup Wizard Options">'.__('Setup Wizard Options', 'bulletproof-security').'</a>'.__(' page if you do not want BPS to check for any plugin or theme whitelist rules.', 'bulletproof-security').'<br>'.__('If this Notice does not go away after running the Setup Wizard, use the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/theme-skin/theme-skin.php' ).'" title="BPS UI|UX|AutoFix Debug tool">'.__('BPS UI|UX|AutoFix Debug tool', 'bulletproof-security').'</a>.'.__(' Click the UI|UX Settings page
|
| 846 |
echo $text_wp;
|
| 847 |
}
|
| 848 |
|
| 373 |
$nextend_social_login_active = in_array( $nextend_social_login, apply_filters('active_plugins', get_option('active_plugins')));
|
| 374 |
$business_directory_plugin = 'business-directory-plugin/business-directory-plugin.php';
|
| 375 |
$business_directory_plugin_active = in_array( $business_directory_plugin, apply_filters('active_plugins', get_option('active_plugins')));
|
| 376 |
+
$constant_contact_woocommerce_plugin = 'constant-contact-woocommerce/plugin.php';
|
| 377 |
+
$constant_contact_woocommerce_plugin_active = in_array( $constant_contact_woocommerce_plugin, apply_filters('active_plugins', get_option('active_plugins')));
|
| 378 |
+
$constant_contact_forms_plugin = 'constant-contact-forms/constant-contact-forms.php';
|
| 379 |
+
$constant_contact_forms_plugin_active = in_array( $constant_contact_forms_plugin, apply_filters('active_plugins', get_option('active_plugins')));
|
| 380 |
|
| 381 |
## BPSQSE RegEx Patterns
|
| 382 |
// 3 variations for both UA rules below: only java, java and curl, java, curl and wget
|
| 537 |
$debug_BPSQSE .= __('CC Root Text Box 12: Business Directory Plugin', 'bulletproof-security').'<br>';
|
| 538 |
}
|
| 539 |
}
|
| 540 |
+
if ( $constant_contact_woocommerce_plugin_active == 1 || is_plugin_active_for_network( $constant_contact_woocommerce_plugin ) ) {
|
| 541 |
+
if ( ! preg_match( $marker2, $bps_customcode_bpsqse ) || ! preg_match( $marker3, $bps_customcode_bpsqse ) || ! preg_match( $marker4, $bps_customcode_bpsqse ) ) {
|
| 542 |
+
$autofix_message = 1;
|
| 543 |
+
$debug_BPSQSE .= __('CC Root Text Box 12: Constant Contact + WooCommerce Plugin', 'bulletproof-security').'<br>';
|
| 544 |
+
}
|
| 545 |
+
}
|
| 546 |
+
if ( $constant_contact_forms_plugin_active == 1 || is_plugin_active_for_network( $constant_contact_forms_plugin ) ) {
|
| 547 |
+
if ( ! preg_match( $marker2, $bps_customcode_bpsqse ) || ! preg_match( $marker3, $bps_customcode_bpsqse ) || ! preg_match( $marker4, $bps_customcode_bpsqse ) ) {
|
| 548 |
+
$autofix_message = 1;
|
| 549 |
+
$debug_BPSQSE .= __('CC Root Text Box 12: Constant Contact Forms Plugin', 'bulletproof-security').'<br>';
|
| 550 |
+
}
|
| 551 |
+
}
|
| 552 |
|
| 553 |
## 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
|
| 554 |
$bps_customcode_two_wpa = htmlspecialchars_decode( $CC_Options_wpadmin['bps_customcode_two_wpa'], ENT_QUOTES );
|
| 858 |
|
| 859 |
## Display Setup Wizard AutoFix WP Dashboard message
|
| 860 |
if ( $autofix_message == 1 ) {
|
| 861 |
+
$text_wp = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('BPS Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) Notice', 'bulletproof-security').'</font><br>'.__('One or more of your plugins or your theme requires a BPS Custom Code whitelist rule to be automatically created by the Setup Wizard.', 'bulletproof-security').'<br>'.__('Click this ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'" title="Setup Wizard AutoFix">'.__('Setup Wizard link', 'bulletproof-security').'</a>'.__(' and click the Setup Wizard button to automatically create BPS Custom Code whitelist rules.', 'bulletproof-security').'<br>'.__('This BPS AutoFix check can be turned Off on the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php#bps-tabs-2' ).'" title="Setup Wizard Options">'.__('Setup Wizard Options', 'bulletproof-security').'</a>'.__(' page if you do not want BPS to check for any plugin or theme whitelist rules.', 'bulletproof-security').'<br>'.__('If this Notice does not go away after running the Setup Wizard, use the ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/theme-skin/theme-skin.php' ).'" title="BPS UI|UX|AutoFix Debug tool">'.__('BPS UI|UX|AutoFix Debug tool', 'bulletproof-security').'</a>.'.__(' Click the UI|UX Settings page Question Mark help button for more information.', 'bulletproof-security').'</div>';
|
| 862 |
echo $text_wp;
|
| 863 |
}
|
| 864 |
|
includes/hud-dismiss-functions.php
CHANGED
|
@@ -23,7 +23,7 @@ function bps_HUD_WP_Dashboard() {
|
|
| 23 |
bps_hud_check_bpsbackup();
|
| 24 |
//bpsPro_bonus_custom_code_dismiss_notices();
|
| 25 |
bps_hud_PhpiniHandlerCheck();
|
| 26 |
-
bps_hud_check_sucuri();
|
| 27 |
bps_hud_check_wordpress_firewall2();
|
| 28 |
bps_hud_BPSQSE_old_code_check();
|
| 29 |
bpsPro_BBM_htaccess_check();
|
|
@@ -38,6 +38,7 @@ function bps_HUD_WP_Dashboard() {
|
|
| 38 |
bpsPro_mu_wp_automatic_updates_notice();
|
| 39 |
bpsPro_hud_new_feature_notice();
|
| 40 |
bpsPro_hud_owner_uid_check_notice();
|
|
|
|
| 41 |
}
|
| 42 |
}
|
| 43 |
add_action('admin_notices', 'bps_HUD_WP_Dashboard');
|
|
@@ -72,7 +73,7 @@ function bps_check_safemode() {
|
|
| 72 |
}
|
| 73 |
|
| 74 |
if ( ! get_user_meta($user_id, 'bps_ignore_safemode_notice') ) {
|
| 75 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('WARNING! BPS has detected that Safe Mode is set to On in your php.ini file.', 'bulletproof-security').'</font><br>'.__('If you see errors that BPS was unable to automatically create the backup folders this is probably the reason why.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 76 |
echo $text;
|
| 77 |
}
|
| 78 |
}
|
|
@@ -106,7 +107,7 @@ function bps_check_permalinks_error() {
|
|
| 106 |
}
|
| 107 |
|
| 108 |
if ( ! get_user_meta($user_id, 'bps_ignore_Permalinks_notice') ) {
|
| 109 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: Custom Permalinks are NOT being used.', 'bulletproof-security').'</font><br>'.__('It is recommended that you use Custom Permalinks: ', 'bulletproof-security').'<a href="https://www.ait-pro.com/aitpro-blog/2304/wordpress-tips-tricks-fixes/permalinks-wordpress-custom-permalinks-wordpress-best-wordpress-permalinks-structure/" target="_blank" title="Link opens in a new Browser window">'.__('How to setup Custom Permalinks', 'bulletproof-security').'</a><br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 110 |
echo $text;
|
| 111 |
}
|
| 112 |
}
|
|
@@ -139,7 +140,7 @@ $user_id = $current_user->ID;
|
|
| 139 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 140 |
}
|
| 141 |
|
| 142 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('WARNING! BPS has detected that your Server is a Windows IIS Server that does not support htaccess rewriting.', 'bulletproof-security').'</font><br>'.__('Do NOT activate BulletProof Modes unless you know what you are doing.', 'bulletproof-security').'<br>'.__('Your Server Type is: ', 'bulletproof-security').esc_html( $_SERVER['SERVER_SOFTWARE'] ).'<br><a href="http://codex.wordpress.org/Using_Permalinks" target="_blank" title="This link will open in a new browser window.">'.__('WordPress Codex - Using Permalinks - see IIS section', 'bulletproof-security').'</a><br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 143 |
echo $text;
|
| 144 |
}
|
| 145 |
}
|
|
@@ -201,7 +202,7 @@ $user_id = $current_user->ID;
|
|
| 201 |
|
| 202 |
if ( get_user_meta($user_id, 'bps_bonus_code_dismiss_all_notice') && ! get_user_meta($user_id, 'bps_post_request_attack_notice') ) {
|
| 203 |
|
| 204 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('Bonus Custom Code:', 'bulletproof-security').'</font><br>'.__('Click the links below to get Bonus Custom Code or click the Dismiss Notice links or click this ', 'bulletproof-security').'<span style=""><a href="'.$bps_base.'bps_bonus_code_dismiss_all_nag_ignore=0&bps_post_request_attack_nag_ignore=0'.'" style="">'.__('Dismiss All Notices', 'bulletproof-security').'</a></span>'.__(' link. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 205 |
|
| 206 |
|
| 207 |
$text .= '<div id="BC5" style="margin-top:2px;">'.__('Get ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/forums/topic/post-request-protection-post-attack-protection-post-request-blocker/" title="Protects against POST Request Attacks" target="_blank">'.__('POST Request Attack Protection Code', 'bulletproof-security').'</a>'.__(' or ', 'bulletproof-security').'<span style=""><a href="'.$bps_base.'bps_post_request_attack_nag_ignore=0'.'" style="">'.__('Dismiss Notice', 'bulletproof-security').'</a></span></div>';
|
|
@@ -213,7 +214,7 @@ $user_id = $current_user->ID;
|
|
| 213 |
|
| 214 |
if ( ! get_user_meta($user_id, 'bps_brute_force_login_protection_notice') || ! get_user_meta($user_id, 'bps_speed_boost_cache_notice') || ! get_user_meta($user_id, 'bps_author_enumeration_notice') || ! get_user_meta($user_id, 'bps_xmlrpc_ddos_notice') || ! get_user_meta($user_id, 'bps_post_request_attack_notice') || ! get_user_meta($user_id, 'bps_sniff_driveby_notice') || ! get_user_meta($user_id, 'bps_iframe_clickjack_notice') ) {
|
| 215 |
|
| 216 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('Bonus Custom Code:', 'bulletproof-security').'</font><br>'.__('Click the links below to get Bonus Custom Code or click the Dismiss Notice links or click this ', 'bulletproof-security').'<span style=""><a href="'.$bps_base.'bps_bonus_code_dismiss_all_nag_ignore=0&bps_post_request_attack_nag_ignore=0'.'" style="">'.__('Dismiss All Notices', 'bulletproof-security').'</a></span>'.__(' link. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 217 |
|
| 218 |
}
|
| 219 |
|
|
@@ -331,7 +332,7 @@ $pre_background_image_url = site_url( '/wp-content/plugins/bulletproof-security/
|
|
| 331 |
|
| 332 |
if ( file_exists($file) ) {
|
| 333 |
|
| 334 |
-
$file_contents =
|
| 335 |
$CustomCodeoptions = get_option('bulletproof_security_options_customcode');
|
| 336 |
$bps_customcode_one = ! isset($CustomCodeoptions['bps_customcode_one']) ? '' : $CustomCodeoptions['bps_customcode_one'];
|
| 337 |
|
|
@@ -352,12 +353,12 @@ $pre_background_image_url = site_url( '/wp-content/plugins/bulletproof-security/
|
|
| 352 |
|
| 353 |
if ( stripos( $file_contents, "Wordfence WAF" ) ) {
|
| 354 |
|
| 355 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: Wordfence PHP/php.ini handler htaccess code detected', 'bulletproof-security').'</font><br>'.__('Wordfence PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/wordfence-firewall-wp-contentwflogsconfig-php-file-quarantined/#wordfence-php-handler" target="_blank" title="Wordfence PHP Handler Fix">'.__('Click Here', 'bulletproof-security').'</a>'.__(' for the steps to fix this Wordfence problem before running the Setup Wizard.', 'bulletproof-security').'<br><font color="#fb0101">'.__('CAUTION: ', 'bulletproof-security').'</font>'.__('Using the Wordfence WAF Firewall may cause serious/critical problems for your website and BPS.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 356 |
echo $text;
|
| 357 |
|
| 358 |
} else {
|
| 359 |
|
| 360 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: PHP/php.ini handler htaccess code check', 'bulletproof-security').'</font><br>'.__('PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br>'.__('To automatically fix this click here: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'">'.esc_attr__('Setup Wizard Pre-Installation Checks', 'bulletproof-security').'</a><br>'.__('The Setup Wizard Pre-Installation Checks feature will automatically fix this just by visiting the Setup Wizard page.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 361 |
echo $text;
|
| 362 |
echo '<pre id="shown" style="overflow:auto;white-space:pre-wrap;height:65px;width:66%;margin:5px 0px 0px 2px;padding:5px;background:#fff url('.$pre_background_image_url.') top left repeat;border:1px solid #999;color:#000;display:block;font-family:"Courier New", Courier, monospace;font-size:11px;line-height:14px;">';
|
| 363 |
echo '# PHP/php.ini handler htaccess code<br>';
|
|
@@ -375,7 +376,7 @@ $pre_background_image_url = site_url( '/wp-content/plugins/bulletproof-security/
|
|
| 375 |
|
| 376 |
if ( file_exists($file) ) {
|
| 377 |
|
| 378 |
-
$file_contents =
|
| 379 |
$CustomCodeoptions = get_option('bulletproof_security_options_customcode');
|
| 380 |
$bps_customcode_one = ! isset($CustomCodeoptions['bps_customcode_one']) ? '' : $CustomCodeoptions['bps_customcode_one'];
|
| 381 |
|
|
@@ -396,12 +397,12 @@ $pre_background_image_url = site_url( '/wp-content/plugins/bulletproof-security/
|
|
| 396 |
|
| 397 |
if ( stripos( $file_contents, "Wordfence WAF" ) ) {
|
| 398 |
|
| 399 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: Wordfence PHP/php.ini handler htaccess code detected', 'bulletproof-security').'</font><br>'.__('Wordfence PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/wordfence-firewall-wp-contentwflogsconfig-php-file-quarantined/#wordfence-php-handler" target="_blank" title="Wordfence PHP Handler Fix">'.__('Click Here', 'bulletproof-security').'</a>'.__(' for the steps to fix this Wordfence problem.', 'bulletproof-security').'<br><font color="#fb0101">'.__('CAUTION: ', 'bulletproof-security').'</font>'.__('Using the Wordfence WAF Firewall may cause serious/critical problems for your website and BPS.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 400 |
echo $text;
|
| 401 |
|
| 402 |
} else {
|
| 403 |
|
| 404 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: PHP/php.ini handler htaccess code check', 'bulletproof-security').'</font><br>'.__('PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br>'.__('To automatically fix this click here: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'">'.esc_attr__('Setup Wizard Pre-Installation Checks', 'bulletproof-security').'</a><br>'.__('The Setup Wizard Pre-Installation Checks feature will automatically fix this just by visiting the Setup Wizard page.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 405 |
echo $text;
|
| 406 |
echo '<pre id="shown" style="overflow:auto;white-space:pre-wrap;height:65px;width:66%;margin:5px 0px 0px 2px;padding:5px;background:#fff url('.$pre_background_image_url.') top left repeat;border:1px solid #999;color:#000;display:block;font-family:"Courier New", Courier, monospace;font-size:11px;line-height:14px;">';
|
| 407 |
echo '# PHP/php.ini handler htaccess code<br>';
|
|
@@ -427,56 +428,6 @@ $user_id = $current_user->ID;
|
|
| 427 |
}
|
| 428 |
}
|
| 429 |
|
| 430 |
-
// Heads Up Display w/ Dismiss - Sucuri Restrict wp-content access Hardening Option wp-content .htaccess file problem - breaks BPS and lots of other stuff
|
| 431 |
-
// Unfortunately the limited whitelisting options provided by Sucuri in their settings don't provide any workable solutions for BPS.
|
| 432 |
-
// Defender Security also does this retarded thing.
|
| 433 |
-
## 3.5: updated this check due to changes in the Sucuri wp-content htaccess file.
|
| 434 |
-
## 3.7: updated the error message to include Defender Security.
|
| 435 |
-
## 3.8: updated the error message to include older versions of iThemes Security. Newer versions of iThemes Security now create root htaccess code that does not break things.
|
| 436 |
-
function bps_hud_check_sucuri() {
|
| 437 |
-
$filename = WP_CONTENT_DIR . '/.htaccess';
|
| 438 |
-
|
| 439 |
-
if ( ! file_exists($filename) ) {
|
| 440 |
-
return;
|
| 441 |
-
}
|
| 442 |
-
|
| 443 |
-
$file_contents = @file_get_contents($filename);
|
| 444 |
-
|
| 445 |
-
if ( file_exists($filename) ) {
|
| 446 |
-
|
| 447 |
-
if ( preg_match( '/(Require\sall\sdenied|Deny\sfrom\sall)/', $file_contents ) ) {
|
| 448 |
-
|
| 449 |
-
global $current_user;
|
| 450 |
-
$user_id = $current_user->ID;
|
| 451 |
-
|
| 452 |
-
if ( ! get_user_meta($user_id, 'bps_ignore_sucuri_notice') ) {
|
| 453 |
-
|
| 454 |
-
if ( esc_html($_SERVER['QUERY_STRING']) == '' && basename(esc_html($_SERVER['REQUEST_URI'])) != 'wp-admin' ) {
|
| 455 |
-
$bps_base = basename(esc_html($_SERVER['REQUEST_URI'])) . '?';
|
| 456 |
-
} elseif ( esc_html($_SERVER['QUERY_STRING']) == '' && basename(esc_html($_SERVER['REQUEST_URI'])) == 'wp-admin' ) {
|
| 457 |
-
$bps_base = basename( str_replace( 'wp-admin', 'index.php?', esc_html($_SERVER['REQUEST_URI'])));
|
| 458 |
-
} else {
|
| 459 |
-
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 460 |
-
}
|
| 461 |
-
|
| 462 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('If you have or had the Sucuri, Defender, iThemes Security or SiteGround Security plugins installed, they create a wp-content htaccess file that breaks several things in BPS Pro and other plugins as well.', 'bulletproof-security').'<br>'.__('To fix the Sucuri problem go to the Sucuri Settings page, click the Hardening tab and click the Revert Hardening button for the Block PHP Files in WP-CONTENT Directory option setting.', 'bulletproof-security').'<br>'.__('To fix the Defender Security problem go to the Security Tweaks page, click the PHP Execution option setting and click the Revert button.', 'bulletproof-security').'<br>'.__('To fix the iThemes problem go to the System Tweaks page, uncheck the Disable PHP in Plugins option setting.', 'bulletproof-security').'<br>'.__('To fix the SiteGround Security problem go to SG Security, Site Security, Lock and Protect System Folders and change the Toggle setting to Off.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Custom Code page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_sucuri_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 463 |
-
echo $text;
|
| 464 |
-
}
|
| 465 |
-
}
|
| 466 |
-
}
|
| 467 |
-
}
|
| 468 |
-
|
| 469 |
-
add_action('admin_init', 'bps_sucuri_nag_ignore');
|
| 470 |
-
|
| 471 |
-
function bps_sucuri_nag_ignore() {
|
| 472 |
-
global $current_user;
|
| 473 |
-
$user_id = $current_user->ID;
|
| 474 |
-
|
| 475 |
-
if ( isset( $_GET['bps_sucuri_nag_ignore'] ) && '0' == $_GET['bps_sucuri_nag_ignore'] ) {
|
| 476 |
-
add_user_meta($user_id, 'bps_ignore_sucuri_notice', 'true', true);
|
| 477 |
-
}
|
| 478 |
-
}
|
| 479 |
-
|
| 480 |
// Heads Up Display w/ Dismiss - WordPress Firewall 2 plugin - breaks BPS and lots of other stuff
|
| 481 |
function bps_hud_check_wordpress_firewall2() {
|
| 482 |
$firewall2 = 'wordpress-firewall-2/wordpress-firewall-2.php';
|
|
@@ -501,7 +452,7 @@ $firewall2_active = in_array( $firewall2, apply_filters('active_plugins', get_op
|
|
| 501 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 502 |
}
|
| 503 |
|
| 504 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('The WordPress Firewall 2 plugin is installed and activated', 'bulletproof-security').'</font><br>'.__('It is recommended that you delete the WordPress Firewall 2 plugin.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/wordpress-firewall-2-plugin-unable-to-save-custom-code/" target="_blank" title="Link opens in a new Browser window">'.__('Click Here', 'bulletproof-security').'</a>'.__(' for more information.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 505 |
echo $text;
|
| 506 |
}
|
| 507 |
}
|
|
@@ -591,7 +542,7 @@ function bpsPro_hud_speed_boost_cache_code() {
|
|
| 591 |
|
| 592 |
if ( preg_match( $pattern1, htmlspecialchars_decode( $bps_customcode_one, ENT_QUOTES ), $matches1 ) && preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_one, ENT_QUOTES ), $matches2 ) ) {
|
| 593 |
|
| 594 |
-
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('New Improved BPS Speed Boost Cache Code', 'bulletproof-security').'</font><br>'.__('Older BPS Speed Boost Cache Code was found saved in this BPS Custom Code text box: CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE', 'bulletproof-security').'.<br>'.__('Newer improved BPS Speed Boost Cache Code has been created, which should improve website load speed performance even more.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/htaccess-caching-code-speed-boost-cache-code/" target="_blank" title="BPS Speed Boost Cache Code">'.__('Get The New Improved BPS Speed Boost Cache Code', 'bulletproof-security').'</a>'.__('. To dismiss this Notice click the Dismiss Notice button below.', 'bulletproof-security').'<br>'.__('To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the
|
| 595 |
echo $text;
|
| 596 |
}
|
| 597 |
|
|
@@ -787,7 +738,7 @@ function bpsPro_mu_wp_automatic_updates_notice() {
|
|
| 787 |
|
| 788 |
if ( file_exists($wpconfig_file) ) {
|
| 789 |
|
| 790 |
-
$file_contents =
|
| 791 |
$wp_auto_update_options = get_option('bulletproof_security_options_mu_wp_autoupdate');
|
| 792 |
|
| 793 |
if ( $wp_auto_update_options['bps_automatic_updater_disabled'] == 'enabled' || $wp_auto_update_options['bps_auto_update_core_updates_disabled'] == 'enabled' || $wp_auto_update_options['bps_auto_update_core'] == 'enabled' || $wp_auto_update_options['bps_allow_dev_auto_core_updates'] == 'enabled' || $wp_auto_update_options['bps_allow_minor_auto_core_updates'] == 'enabled' || $wp_auto_update_options['bps_allow_major_auto_core_updates'] == 'enabled' ) {
|
|
@@ -907,9 +858,9 @@ function bpsPro_hud_owner_uid_check_notice() {
|
|
| 907 |
foreach ( $folder_array as $key => $value ) {
|
| 908 |
|
| 909 |
if ( $value != '' ) {
|
| 910 |
-
$stat = stat($value);
|
| 911 |
$folder_script_uid_array[$value] = $stat['uid'];
|
| 912 |
-
$folder_fileowner_uid_array[$value] = fileowner( $value );
|
| 913 |
}
|
| 914 |
}
|
| 915 |
|
|
@@ -950,4 +901,55 @@ $user_id = $current_user->ID;
|
|
| 950 |
add_user_meta($user_id, 'bpsPro_hud_owner_uid_check_notice', 'true', true);
|
| 951 |
}
|
| 952 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 953 |
?>
|
| 23 |
bps_hud_check_bpsbackup();
|
| 24 |
//bpsPro_bonus_custom_code_dismiss_notices();
|
| 25 |
bps_hud_PhpiniHandlerCheck();
|
| 26 |
+
//bps_hud_check_sucuri();
|
| 27 |
bps_hud_check_wordpress_firewall2();
|
| 28 |
bps_hud_BPSQSE_old_code_check();
|
| 29 |
bpsPro_BBM_htaccess_check();
|
| 38 |
bpsPro_mu_wp_automatic_updates_notice();
|
| 39 |
bpsPro_hud_new_feature_notice();
|
| 40 |
bpsPro_hud_owner_uid_check_notice();
|
| 41 |
+
bpsPro_wpcontent_htaccess_file_fix();
|
| 42 |
}
|
| 43 |
}
|
| 44 |
add_action('admin_notices', 'bps_HUD_WP_Dashboard');
|
| 73 |
}
|
| 74 |
|
| 75 |
if ( ! get_user_meta($user_id, 'bps_ignore_safemode_notice') ) {
|
| 76 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('WARNING! BPS has detected that Safe Mode is set to On in your php.ini file.', 'bulletproof-security').'</font><br>'.__('If you see errors that BPS was unable to automatically create the backup folders this is probably the reason why.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_safemode_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 77 |
echo $text;
|
| 78 |
}
|
| 79 |
}
|
| 107 |
}
|
| 108 |
|
| 109 |
if ( ! get_user_meta($user_id, 'bps_ignore_Permalinks_notice') ) {
|
| 110 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: Custom Permalinks are NOT being used.', 'bulletproof-security').'</font><br>'.__('It is recommended that you use Custom Permalinks: ', 'bulletproof-security').'<a href="https://www.ait-pro.com/aitpro-blog/2304/wordpress-tips-tricks-fixes/permalinks-wordpress-custom-permalinks-wordpress-best-wordpress-permalinks-structure/" target="_blank" title="Link opens in a new Browser window">'.__('How to setup Custom Permalinks', 'bulletproof-security').'</a><br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_Permalinks_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 111 |
echo $text;
|
| 112 |
}
|
| 113 |
}
|
| 140 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 141 |
}
|
| 142 |
|
| 143 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('WARNING! BPS has detected that your Server is a Windows IIS Server that does not support htaccess rewriting.', 'bulletproof-security').'</font><br>'.__('Do NOT activate BulletProof Modes unless you know what you are doing.', 'bulletproof-security').'<br>'.__('Your Server Type is: ', 'bulletproof-security').esc_html( $_SERVER['SERVER_SOFTWARE'] ).'<br><a href="http://codex.wordpress.org/Using_Permalinks" target="_blank" title="This link will open in a new browser window.">'.__('WordPress Codex - Using Permalinks - see IIS section', 'bulletproof-security').'</a><br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_iis_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 144 |
echo $text;
|
| 145 |
}
|
| 146 |
}
|
| 202 |
|
| 203 |
if ( get_user_meta($user_id, 'bps_bonus_code_dismiss_all_notice') && ! get_user_meta($user_id, 'bps_post_request_attack_notice') ) {
|
| 204 |
|
| 205 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('Bonus Custom Code:', 'bulletproof-security').'</font><br>'.__('Click the links below to get Bonus Custom Code or click the Dismiss Notice links or click this ', 'bulletproof-security').'<span style=""><a href="'.$bps_base.'bps_bonus_code_dismiss_all_nag_ignore=0&bps_post_request_attack_nag_ignore=0'.'" style="">'.__('Dismiss All Notices', 'bulletproof-security').'</a></span>'.__(' link. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br>';
|
| 206 |
|
| 207 |
|
| 208 |
$text .= '<div id="BC5" style="margin-top:2px;">'.__('Get ', 'bulletproof-security').'<a href="https://forum.ait-pro.com/forums/topic/post-request-protection-post-attack-protection-post-request-blocker/" title="Protects against POST Request Attacks" target="_blank">'.__('POST Request Attack Protection Code', 'bulletproof-security').'</a>'.__(' or ', 'bulletproof-security').'<span style=""><a href="'.$bps_base.'bps_post_request_attack_nag_ignore=0'.'" style="">'.__('Dismiss Notice', 'bulletproof-security').'</a></span></div>';
|
| 214 |
|
| 215 |
if ( ! get_user_meta($user_id, 'bps_brute_force_login_protection_notice') || ! get_user_meta($user_id, 'bps_speed_boost_cache_notice') || ! get_user_meta($user_id, 'bps_author_enumeration_notice') || ! get_user_meta($user_id, 'bps_xmlrpc_ddos_notice') || ! get_user_meta($user_id, 'bps_post_request_attack_notice') || ! get_user_meta($user_id, 'bps_sniff_driveby_notice') || ! get_user_meta($user_id, 'bps_iframe_clickjack_notice') ) {
|
| 216 |
|
| 217 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('Bonus Custom Code:', 'bulletproof-security').'</font><br>'.__('Click the links below to get Bonus Custom Code or click the Dismiss Notice links or click this ', 'bulletproof-security').'<span style=""><a href="'.$bps_base.'bps_bonus_code_dismiss_all_nag_ignore=0&bps_post_request_attack_nag_ignore=0'.'" style="">'.__('Dismiss All Notices', 'bulletproof-security').'</a></span>'.__(' link. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br>';
|
| 218 |
|
| 219 |
}
|
| 220 |
|
| 332 |
|
| 333 |
if ( file_exists($file) ) {
|
| 334 |
|
| 335 |
+
$file_contents = file_get_contents($file);
|
| 336 |
$CustomCodeoptions = get_option('bulletproof_security_options_customcode');
|
| 337 |
$bps_customcode_one = ! isset($CustomCodeoptions['bps_customcode_one']) ? '' : $CustomCodeoptions['bps_customcode_one'];
|
| 338 |
|
| 353 |
|
| 354 |
if ( stripos( $file_contents, "Wordfence WAF" ) ) {
|
| 355 |
|
| 356 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: Wordfence PHP/php.ini handler htaccess code detected', 'bulletproof-security').'</font><br>'.__('Wordfence PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/wordfence-firewall-wp-contentwflogsconfig-php-file-quarantined/#wordfence-php-handler" target="_blank" title="Wordfence PHP Handler Fix">'.__('Click Here', 'bulletproof-security').'</a>'.__(' for the steps to fix this Wordfence problem before running the Setup Wizard.', 'bulletproof-security').'<br><font color="#fb0101">'.__('CAUTION: ', 'bulletproof-security').'</font>'.__('Using the Wordfence WAF Firewall may cause serious/critical problems for your website and BPS.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_PhpiniHandler_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 357 |
echo $text;
|
| 358 |
|
| 359 |
} else {
|
| 360 |
|
| 361 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: PHP/php.ini handler htaccess code check', 'bulletproof-security').'</font><br>'.__('PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br>'.__('To automatically fix this click here: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'">'.esc_attr__('Setup Wizard Pre-Installation Checks', 'bulletproof-security').'</a><br>'.__('The Setup Wizard Pre-Installation Checks feature will automatically fix this just by visiting the Setup Wizard page.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_PhpiniHandler_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 362 |
echo $text;
|
| 363 |
echo '<pre id="shown" style="overflow:auto;white-space:pre-wrap;height:65px;width:66%;margin:5px 0px 0px 2px;padding:5px;background:#fff url('.$pre_background_image_url.') top left repeat;border:1px solid #999;color:#000;display:block;font-family:"Courier New", Courier, monospace;font-size:11px;line-height:14px;">';
|
| 364 |
echo '# PHP/php.ini handler htaccess code<br>';
|
| 376 |
|
| 377 |
if ( file_exists($file) ) {
|
| 378 |
|
| 379 |
+
$file_contents = file_get_contents($file);
|
| 380 |
$CustomCodeoptions = get_option('bulletproof_security_options_customcode');
|
| 381 |
$bps_customcode_one = ! isset($CustomCodeoptions['bps_customcode_one']) ? '' : $CustomCodeoptions['bps_customcode_one'];
|
| 382 |
|
| 397 |
|
| 398 |
if ( stripos( $file_contents, "Wordfence WAF" ) ) {
|
| 399 |
|
| 400 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: Wordfence PHP/php.ini handler htaccess code detected', 'bulletproof-security').'</font><br>'.__('Wordfence PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/wordfence-firewall-wp-contentwflogsconfig-php-file-quarantined/#wordfence-php-handler" target="_blank" title="Wordfence PHP Handler Fix">'.__('Click Here', 'bulletproof-security').'</a>'.__(' for the steps to fix this Wordfence problem.', 'bulletproof-security').'<br><font color="#fb0101">'.__('CAUTION: ', 'bulletproof-security').'</font>'.__('Using the Wordfence WAF Firewall may cause serious/critical problems for your website and BPS.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_PhpiniHandler_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 401 |
echo $text;
|
| 402 |
|
| 403 |
} else {
|
| 404 |
|
| 405 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('HUD Check: PHP/php.ini handler htaccess code check', 'bulletproof-security').'</font><br>'.__('PHP/php.ini handler htaccess code was found in your root .htaccess file, but was NOT found in BPS Custom Code.', 'bulletproof-security').'<br>'.__('To automatically fix this click here: ', 'bulletproof-security').'<a href="'.admin_url( 'admin.php?page=bulletproof-security/admin/wizard/wizard.php' ).'">'.esc_attr__('Setup Wizard Pre-Installation Checks', 'bulletproof-security').'</a><br>'.__('The Setup Wizard Pre-Installation Checks feature will automatically fix this just by visiting the Setup Wizard page.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_PhpiniHandler_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 406 |
echo $text;
|
| 407 |
echo '<pre id="shown" style="overflow:auto;white-space:pre-wrap;height:65px;width:66%;margin:5px 0px 0px 2px;padding:5px;background:#fff url('.$pre_background_image_url.') top left repeat;border:1px solid #999;color:#000;display:block;font-family:"Courier New", Courier, monospace;font-size:11px;line-height:14px;">';
|
| 408 |
echo '# PHP/php.ini handler htaccess code<br>';
|
| 428 |
}
|
| 429 |
}
|
| 430 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 431 |
// Heads Up Display w/ Dismiss - WordPress Firewall 2 plugin - breaks BPS and lots of other stuff
|
| 432 |
function bps_hud_check_wordpress_firewall2() {
|
| 433 |
$firewall2 = 'wordpress-firewall-2/wordpress-firewall-2.php';
|
| 452 |
$bps_base = str_replace( admin_url(), '', esc_html($_SERVER['REQUEST_URI']) ) . '&';
|
| 453 |
}
|
| 454 |
|
| 455 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="#fb0101">'.__('The WordPress Firewall 2 plugin is installed and activated', 'bulletproof-security').'</font><br>'.__('It is recommended that you delete the WordPress Firewall 2 plugin.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/wordpress-firewall-2-plugin-unable-to-save-custom-code/" target="_blank" title="Link opens in a new Browser window">'.__('Click Here', 'bulletproof-security').'</a>'.__(' for more information.', 'bulletproof-security').'<br>'.__('To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bps_wpfirewall2_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 456 |
echo $text;
|
| 457 |
}
|
| 458 |
}
|
| 542 |
|
| 543 |
if ( preg_match( $pattern1, htmlspecialchars_decode( $bps_customcode_one, ENT_QUOTES ), $matches1 ) && preg_match( $pattern2, htmlspecialchars_decode( $bps_customcode_one, ENT_QUOTES ), $matches2 ) ) {
|
| 544 |
|
| 545 |
+
$text = '<div class="update-nag" style="background-color:#dfecf2;border:1px solid #999;font-size:1em;font-weight:600;padding:2px 5px;margin-top:2px;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><font color="blue">'.__('New Improved BPS Speed Boost Cache Code', 'bulletproof-security').'</font><br>'.__('Older BPS Speed Boost Cache Code was found saved in this BPS Custom Code text box: CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE', 'bulletproof-security').'.<br>'.__('Newer improved BPS Speed Boost Cache Code has been created, which should improve website load speed performance even more.', 'bulletproof-security').'<br><a href="https://forum.ait-pro.com/forums/topic/htaccess-caching-code-speed-boost-cache-code/" target="_blank" title="BPS Speed Boost Cache Code">'.__('Get The New Improved BPS Speed Boost Cache Code', 'bulletproof-security').'</a>'.__('. To dismiss this Notice click the Dismiss Notice button below.', 'bulletproof-security').'<br>'.__('To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Email|Log Settings page.', 'bulletproof-security').'<br><div style="float:left;margin:3px 0px 3px 0px;padding:2px 6px 2px 6px;background-color:#e8e8e8;border:1px solid gray;"><a href="'.$bps_base.'bpsPro_hud_speed_boost_nag_ignore=0'.'" style="text-decoration:none;font-weight:600;">'.__('Dismiss Notice', 'bulletproof-security').'</a></div></div>';
|
| 546 |
echo $text;
|
| 547 |
}
|
| 548 |
|
| 738 |
|
| 739 |
if ( file_exists($wpconfig_file) ) {
|
| 740 |
|
| 741 |
+
$file_contents = file_get_contents($wpconfig_file);
|
| 742 |
$wp_auto_update_options = get_option('bulletproof_security_options_mu_wp_autoupdate');
|
| 743 |
|
| 744 |
if ( $wp_auto_update_options['bps_automatic_updater_disabled'] == 'enabled' || $wp_auto_update_options['bps_auto_update_core_updates_disabled'] == 'enabled' || $wp_auto_update_options['bps_auto_update_core'] == 'enabled' || $wp_auto_update_options['bps_allow_dev_auto_core_updates'] == 'enabled' || $wp_auto_update_options['bps_allow_minor_auto_core_updates'] == 'enabled' || $wp_auto_update_options['bps_allow_major_auto_core_updates'] == 'enabled' ) {
|
| 858 |
foreach ( $folder_array as $key => $value ) {
|
| 859 |
|
| 860 |
if ( $value != '' ) {
|
| 861 |
+
$stat = @stat($value);
|
| 862 |
$folder_script_uid_array[$value] = $stat['uid'];
|
| 863 |
+
$folder_fileowner_uid_array[$value] = @fileowner( $value );
|
| 864 |
}
|
| 865 |
}
|
| 866 |
|
| 901 |
add_user_meta($user_id, 'bpsPro_hud_owner_uid_check_notice', 'true', true);
|
| 902 |
}
|
| 903 |
}
|
| 904 |
+
|
| 905 |
+
// Automatically adds a whitelist rule for the BPS plugin folder to any wp-content .htaccess files that break the BPS plugin.
|
| 906 |
+
// Sucuri, Defender, SiteGround Security, etc. plugins
|
| 907 |
+
// Notes: Order Allow,Deny needs to be changed to Deny,Allow in order for the BPS folder whitelist rule to work.
|
| 908 |
+
// iThemes Security now adds their plugins folder blocking (and other) htaccess code in the root htaccess file, but it doesn't
|
| 909 |
+
// break BPS Pro plugin files that are whitelisted in the BPS Pro Plugin Firewall.
|
| 910 |
+
// For BPS free I have created a new .htaccess file in the BPS root plugin folder that whitelists frontloading BPS plugin files.
|
| 911 |
+
function bpsPro_wpcontent_htaccess_file_fix() {
|
| 912 |
+
|
| 913 |
+
$filename = WP_CONTENT_DIR . '/.htaccess';
|
| 914 |
+
$pattern1 = '/Require\sall\sdenied/';
|
| 915 |
+
$bps_code1 = '/Require\senv\swhitelist/';
|
| 916 |
+
$pattern2 = '/Order\sAllow,Deny\s*Deny\sfrom\sall/i';
|
| 917 |
+
$bps_code2 = '/Allow\sfrom\senv=whitelist/';
|
| 918 |
+
$pattern3 = '/Order\sDeny,Allow\s*Deny\sfrom\sall/i';
|
| 919 |
+
$pattern4 = '/<FilesMatch\s"\\\.\(\?i:php\)\$">\s*<IfModule\s!mod_authz_core\.c>\s*Order\sallow,deny\s*Deny\sfrom\sall\s*<\/IfModule>\s*<IfModule\smod_authz_core\.c>\s*Require\sall\sdenied\s*<\/IfModule>\s*<\/FilesMatch>/';
|
| 920 |
+
$bps_code4 = '/SetEnvIf\sRequest_URI\s"bulletproof-security\/\.\*\$"\swhitelist/';
|
| 921 |
+
|
| 922 |
+
if ( file_exists($filename) ) {
|
| 923 |
+
|
| 924 |
+
$file_contents = file_get_contents($filename);
|
| 925 |
+
|
| 926 |
+
if ( preg_match( $pattern1, $file_contents ) && ! preg_match( $bps_code1, $file_contents ) ) {
|
| 927 |
+
|
| 928 |
+
$stringReplace1 = preg_replace( $pattern1, "<IfModule mod_setenvif.c>\nSetEnvIf Request_URI \"bulletproof-security/.*$\" whitelist\nRequire env whitelist\nRequire all denied\n</IfModule>", $file_contents );
|
| 929 |
+
|
| 930 |
+
file_put_contents( $filename, $stringReplace1 );
|
| 931 |
+
}
|
| 932 |
+
|
| 933 |
+
if ( preg_match( $pattern2, $file_contents ) && ! preg_match( $bps_code2, $file_contents ) ) {
|
| 934 |
+
|
| 935 |
+
$stringReplace2 = preg_replace( $pattern2, "<IfModule mod_setenvif.c>\nSetEnvIf Request_URI \"bulletproof-security/.*$\" whitelist\nOrder Deny,Allow\nDeny from all\nAllow from env=whitelist\n</IfModule>", $file_contents );
|
| 936 |
+
|
| 937 |
+
file_put_contents( $filename, $stringReplace2 );
|
| 938 |
+
}
|
| 939 |
+
|
| 940 |
+
if ( preg_match( $pattern3, $file_contents ) && ! preg_match( $bps_code2, $file_contents ) ) {
|
| 941 |
+
|
| 942 |
+
$stringReplace3 = preg_replace( $pattern3, "<IfModule mod_setenvif.c>\nSetEnvIf Request_URI \"bulletproof-security/.*$\" whitelist\nOrder Deny,Allow\nDeny from all\nAllow from env=whitelist\n</IfModule>", $file_contents );
|
| 943 |
+
|
| 944 |
+
file_put_contents( $filename, $stringReplace3 );
|
| 945 |
+
}
|
| 946 |
+
|
| 947 |
+
if ( preg_match( $pattern4, $file_contents ) && preg_match( $bps_code4, $file_contents ) ) {
|
| 948 |
+
|
| 949 |
+
$stringReplace4 = preg_replace( $pattern4, "", $file_contents );
|
| 950 |
+
|
| 951 |
+
file_put_contents( $filename, $stringReplace4 );
|
| 952 |
+
}
|
| 953 |
+
}
|
| 954 |
+
}
|
| 955 |
?>
|
includes/idle-session-logout.php
CHANGED
|
@@ -43,7 +43,7 @@ $BPS_ISL_options = get_option('bulletproof_security_options_idle_session');
|
|
| 43 |
$user_roles = $current_user->roles;
|
| 44 |
$user_role = array_shift($user_roles);
|
| 45 |
|
| 46 |
-
if (
|
| 47 |
|
| 48 |
if ( $user_role == 'administrator' && $BPS_ISL_options['bps_isl_administrator'] == '1' || $user_role == 'editor' && $BPS_ISL_options['bps_isl_editor'] == '1' || $user_role == 'author' && $BPS_ISL_options['bps_isl_author'] == '1' || $user_role == 'contributor' && $BPS_ISL_options['bps_isl_contributor'] == '1' || $user_role == 'subscriber' && $BPS_ISL_options['bps_isl_subscriber'] == '1' ) {
|
| 49 |
|
| 43 |
$user_roles = $current_user->roles;
|
| 44 |
$user_role = array_shift($user_roles);
|
| 45 |
|
| 46 |
+
if ( ! preg_match( '/'.$current_user->user_login.'/i', $BPS_ISL_options['bps_isl_user_account_exceptions'], $matches ) ) {
|
| 47 |
|
| 48 |
if ( $user_role == 'administrator' && $BPS_ISL_options['bps_isl_administrator'] == '1' || $user_role == 'editor' && $BPS_ISL_options['bps_isl_editor'] == '1' || $user_role == 'author' && $BPS_ISL_options['bps_isl_author'] == '1' || $user_role == 'contributor' && $BPS_ISL_options['bps_isl_contributor'] == '1' || $user_role == 'subscriber' && $BPS_ISL_options['bps_isl_subscriber'] == '1' ) {
|
| 49 |
|
includes/login-security.php
CHANGED
|
@@ -15,7 +15,7 @@
|
|
| 15 |
$bpsPro_woocommerce_active = in_array( $bpsPro_woocommerce, apply_filters('active_plugins', get_option('active_plugins')));
|
| 16 |
|
| 17 |
if ( ! function_exists( 'is_plugin_active_for_network' ) ) {
|
| 18 |
-
require_once
|
| 19 |
}
|
| 20 |
|
| 21 |
if ( $bpsPro_woocommerce_active == 1 || is_plugin_active_for_network( $bpsPro_woocommerce ) ) {
|
|
@@ -116,8 +116,10 @@ if ( $BPSoptions['bps_login_security_OnOff'] == 'On' && $BPSoptions['bps_login_s
|
|
| 116 |
if ( ! $user && strpos( $username, '@' ) ) {
|
| 117 |
$user = get_user_by( 'email', $username );
|
| 118 |
}
|
| 119 |
-
|
| 120 |
-
$
|
|
|
|
|
|
|
| 121 |
|
| 122 |
foreach ( $LoginSecurityRows as $row ) {
|
| 123 |
|
|
@@ -488,7 +490,9 @@ if ( $BPSoptions['bps_login_security_OnOff'] == 'On' && $BPSoptions['bps_login_s
|
|
| 488 |
$user = get_user_by( 'email', $username );
|
| 489 |
}
|
| 490 |
|
| 491 |
-
$
|
|
|
|
|
|
|
| 492 |
|
| 493 |
foreach ( $LoginSecurityRows as $row ) {
|
| 494 |
|
| 15 |
$bpsPro_woocommerce_active = in_array( $bpsPro_woocommerce, apply_filters('active_plugins', get_option('active_plugins')));
|
| 16 |
|
| 17 |
if ( ! function_exists( 'is_plugin_active_for_network' ) ) {
|
| 18 |
+
require_once ABSPATH . '/wp-admin/includes/plugin.php';
|
| 19 |
}
|
| 20 |
|
| 21 |
if ( $bpsPro_woocommerce_active == 1 || is_plugin_active_for_network( $bpsPro_woocommerce ) ) {
|
| 116 |
if ( ! $user && strpos( $username, '@' ) ) {
|
| 117 |
$user = get_user_by( 'email', $username );
|
| 118 |
}
|
| 119 |
+
|
| 120 |
+
$user_id = isset($user->ID) ? $user->ID : null;
|
| 121 |
+
|
| 122 |
+
$LoginSecurityRows = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $bpspro_login_table WHERE user_id = %d", $user_id ) );
|
| 123 |
|
| 124 |
foreach ( $LoginSecurityRows as $row ) {
|
| 125 |
|
| 490 |
$user = get_user_by( 'email', $username );
|
| 491 |
}
|
| 492 |
|
| 493 |
+
$user_id = isset($user->ID) ? $user->ID : null;
|
| 494 |
+
|
| 495 |
+
$LoginSecurityRows = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $bpspro_login_table WHERE user_id = %d", $user_id ) );
|
| 496 |
|
| 497 |
foreach ( $LoginSecurityRows as $row ) {
|
| 498 |
|
includes/mscan-ajax-functions.php
CHANGED
|
@@ -1654,7 +1654,7 @@ global $wp_version, $wpdb, $plugin_hashes, $theme_hashes;
|
|
| 1654 |
|
| 1655 |
// Figure this error out L8R: PHP Warning: Undefined property: stdClass::$option_name in mscan-ajax-functions.php on line 1489
|
| 1656 |
// Probably happening since I have nested foreach loops. May need to create arrays instead.
|
| 1657 |
-
if (
|
| 1658 |
|
| 1659 |
$getKey = $wpdb->get_results( "SHOW KEYS FROM $Table->Name WHERE Key_name = 'PRIMARY'" );
|
| 1660 |
|
|
@@ -2078,7 +2078,7 @@ function bpsPro_delete_temp_files() {
|
|
| 2078 |
foreach ( $local_tmp_files_array_diff as $file ) {
|
| 2079 |
|
| 2080 |
if ( $file != '.' && $file != '..' && $file != 'why.tmp' ) {
|
| 2081 |
-
|
| 2082 |
}
|
| 2083 |
}
|
| 2084 |
}
|
| 1654 |
|
| 1655 |
// Figure this error out L8R: PHP Warning: Undefined property: stdClass::$option_name in mscan-ajax-functions.php on line 1489
|
| 1656 |
// Probably happening since I have nested foreach loops. May need to create arrays instead.
|
| 1657 |
+
if ( ! preg_match( '/_transient_feed_(.*)/', $results->option_name ) && ! preg_match( '/bulletproof_security_options_mscan_(.*)/', $results->option_name ) ) {
|
| 1658 |
|
| 1659 |
$getKey = $wpdb->get_results( "SHOW KEYS FROM $Table->Name WHERE Key_name = 'PRIMARY'" );
|
| 1660 |
|
| 2078 |
foreach ( $local_tmp_files_array_diff as $file ) {
|
| 2079 |
|
| 2080 |
if ( $file != '.' && $file != '..' && $file != 'why.tmp' ) {
|
| 2081 |
+
unlink($upload_tmp_dir.'/'.$file);
|
| 2082 |
}
|
| 2083 |
}
|
| 2084 |
}
|
includes/mscan-plugin-hash-maker.php
CHANGED
|
@@ -15,8 +15,8 @@ global $wp_version;
|
|
| 15 |
$handle = fopen( $mscan_log, 'a' );
|
| 16 |
|
| 17 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes' ) ) {
|
| 18 |
-
|
| 19 |
-
|
| 20 |
}
|
| 21 |
|
| 22 |
$plugin_hashes_dir = WP_CONTENT_DIR . '/bps-backup/plugin-hashes';
|
|
@@ -132,7 +132,7 @@ global $wp_version;
|
|
| 132 |
}
|
| 133 |
}
|
| 134 |
|
| 135 |
-
|
| 136 |
|
| 137 |
// If the BPS DB option plugin version matches then don't download another zip file and just log a log entry.
|
| 138 |
// Note: Any plugins not in the WP Plugin Repository will be listed in the array for later use.
|
|
@@ -339,7 +339,7 @@ global $wp_version;
|
|
| 339 |
fwrite( $handle, "Plugin Zip File Extraction: Start PclZip zip file extraction.\r\n" );
|
| 340 |
|
| 341 |
define( 'PCLZIP_TEMPORARY_DIR', WP_CONTENT_DIR . '/bps-backup/plugin-hashes/' );
|
| 342 |
-
require_once
|
| 343 |
|
| 344 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 345 |
$previous_encoding = mb_internal_encoding();
|
|
@@ -744,7 +744,7 @@ global $wp_version;
|
|
| 744 |
if ( $file->isFile() ) {
|
| 745 |
|
| 746 |
if ( $file->getFilename() != 'plugin-hashes.php' ) {
|
| 747 |
-
|
| 748 |
}
|
| 749 |
|
| 750 |
} else {
|
| 15 |
$handle = fopen( $mscan_log, 'a' );
|
| 16 |
|
| 17 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes' ) ) {
|
| 18 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/plugin-hashes', 0755, true );
|
| 19 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/plugin-hashes/', 0755 );
|
| 20 |
}
|
| 21 |
|
| 22 |
$plugin_hashes_dir = WP_CONTENT_DIR . '/bps-backup/plugin-hashes';
|
| 132 |
}
|
| 133 |
}
|
| 134 |
|
| 135 |
+
$bps_mscan_plugin_hash_version_check = isset($mscan_plugin_hash['bps_mscan_plugin_hash_version_check']) ? $mscan_plugin_hash['bps_mscan_plugin_hash_version_check']["$plugin_name"] : '';
|
| 136 |
|
| 137 |
// If the BPS DB option plugin version matches then don't download another zip file and just log a log entry.
|
| 138 |
// Note: Any plugins not in the WP Plugin Repository will be listed in the array for later use.
|
| 339 |
fwrite( $handle, "Plugin Zip File Extraction: Start PclZip zip file extraction.\r\n" );
|
| 340 |
|
| 341 |
define( 'PCLZIP_TEMPORARY_DIR', WP_CONTENT_DIR . '/bps-backup/plugin-hashes/' );
|
| 342 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 343 |
|
| 344 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 345 |
$previous_encoding = mb_internal_encoding();
|
| 744 |
if ( $file->isFile() ) {
|
| 745 |
|
| 746 |
if ( $file->getFilename() != 'plugin-hashes.php' ) {
|
| 747 |
+
unlink( $file->getRealPath() );
|
| 748 |
}
|
| 749 |
|
| 750 |
} else {
|
includes/mscan-theme-hash-maker.php
CHANGED
|
@@ -15,8 +15,8 @@ global $wp_version;
|
|
| 15 |
$handle = fopen( $mscan_log, 'a' );
|
| 16 |
|
| 17 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/theme-hashes' ) ) {
|
| 18 |
-
|
| 19 |
-
|
| 20 |
}
|
| 21 |
|
| 22 |
$theme_hashes_dir = WP_CONTENT_DIR . '/bps-backup/theme-hashes';
|
|
@@ -88,7 +88,7 @@ global $wp_version;
|
|
| 88 |
}
|
| 89 |
}
|
| 90 |
|
| 91 |
-
|
| 92 |
|
| 93 |
// If the BPS DB option theme version matches then don't download another zip file and just log a log entry.
|
| 94 |
// Note: Any themes not in the WP Theme Repository will be listed in the array for later use.
|
|
@@ -295,7 +295,7 @@ global $wp_version;
|
|
| 295 |
fwrite( $handle, "Theme Zip File Extraction: Start PclZip zip file extraction.\r\n" );
|
| 296 |
|
| 297 |
define( 'PCLZIP_TEMPORARY_DIR', WP_CONTENT_DIR . '/bps-backup/theme-hashes/' );
|
| 298 |
-
require_once
|
| 299 |
|
| 300 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 301 |
$previous_encoding = mb_internal_encoding();
|
|
@@ -646,7 +646,7 @@ global $wp_version;
|
|
| 646 |
if ( $file->isFile() ) {
|
| 647 |
|
| 648 |
if ( $file->getFilename() != 'theme-hashes.php' ) {
|
| 649 |
-
|
| 650 |
}
|
| 651 |
|
| 652 |
} else {
|
| 15 |
$handle = fopen( $mscan_log, 'a' );
|
| 16 |
|
| 17 |
if ( ! is_dir( WP_CONTENT_DIR . '/bps-backup/theme-hashes' ) ) {
|
| 18 |
+
mkdir( WP_CONTENT_DIR . '/bps-backup/theme-hashes', 0755, true );
|
| 19 |
+
chmod( WP_CONTENT_DIR . '/bps-backup/theme-hashes/', 0755 );
|
| 20 |
}
|
| 21 |
|
| 22 |
$theme_hashes_dir = WP_CONTENT_DIR . '/bps-backup/theme-hashes';
|
| 88 |
}
|
| 89 |
}
|
| 90 |
|
| 91 |
+
$bps_mscan_theme_hash_version_check = isset($mscan_theme_hash['bps_mscan_theme_hash_version_check']) ? $mscan_theme_hash['bps_mscan_theme_hash_version_check']["$theme_name"] : '';
|
| 92 |
|
| 93 |
// If the BPS DB option theme version matches then don't download another zip file and just log a log entry.
|
| 94 |
// Note: Any themes not in the WP Theme Repository will be listed in the array for later use.
|
| 295 |
fwrite( $handle, "Theme Zip File Extraction: Start PclZip zip file extraction.\r\n" );
|
| 296 |
|
| 297 |
define( 'PCLZIP_TEMPORARY_DIR', WP_CONTENT_DIR . '/bps-backup/theme-hashes/' );
|
| 298 |
+
require_once ABSPATH . 'wp-admin/includes/class-pclzip.php';
|
| 299 |
|
| 300 |
if ( ini_get( 'mbstring.func_overload' ) && function_exists( 'mb_internal_encoding' ) ) {
|
| 301 |
$previous_encoding = mb_internal_encoding();
|
| 646 |
if ( $file->isFile() ) {
|
| 647 |
|
| 648 |
if ( $file->getFilename() != 'theme-hashes.php' ) {
|
| 649 |
+
unlink( $file->getRealPath() );
|
| 650 |
}
|
| 651 |
|
| 652 |
} else {
|
includes/zip-email-cron-functions.php
CHANGED
|
@@ -176,7 +176,7 @@ $SecurityLogMaster = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/http_
|
|
| 176 |
$zip_filename = get_option('bulletproof_security_options_zip_filename');
|
| 177 |
$SecurityLogZip = WP_CONTENT_DIR . '/bps-backup/logs/' . $zip_filename['bps_security_log_zip_file'];
|
| 178 |
$SecLogMasterTXT = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/sec-log-master.txt';
|
| 179 |
-
$SecLogMasterTXT_contents =
|
| 180 |
$pattern = '/Total/';
|
| 181 |
$SecLogEntries = preg_replace( $pattern, "<br />Total", $SecLogMasterTXT_contents );
|
| 182 |
|
|
@@ -306,7 +306,7 @@ function bpsPro_SecLog_Entry_Counter_add_to_zip() {
|
|
| 306 |
|
| 307 |
if ( file_exists($bpsProLog) ) {
|
| 308 |
|
| 309 |
-
$check_string =
|
| 310 |
|
| 311 |
// Only creates Total Log entry listings for Log Entry types that match.
|
| 312 |
// Leave all 27 BPS Pro Log Entry Types in case I add some more Log Entry Types in BPS free in the future. BPS free only has 11 total Log Entry Types.
|
|
@@ -329,8 +329,8 @@ function bpsPro_SecLog_Entry_Counter_add_to_zip() {
|
|
| 329 |
file_put_contents($SecLogMasterTXT, $log_contents);
|
| 330 |
}
|
| 331 |
|
| 332 |
-
$SecLogMasterTXT_contents =
|
| 333 |
-
$stringReplace =
|
| 334 |
$pattern = '/BPS\sSECURITY\sLOG(.*\s*){1}=================(.*\s*){1}=================/';
|
| 335 |
|
| 336 |
if ( preg_match( $pattern, $stringReplace, $matches ) ) {
|
| 176 |
$zip_filename = get_option('bulletproof_security_options_zip_filename');
|
| 177 |
$SecurityLogZip = WP_CONTENT_DIR . '/bps-backup/logs/' . $zip_filename['bps_security_log_zip_file'];
|
| 178 |
$SecLogMasterTXT = WP_PLUGIN_DIR . '/bulletproof-security/admin/htaccess/sec-log-master.txt';
|
| 179 |
+
$SecLogMasterTXT_contents = file_get_contents($SecLogMasterTXT);
|
| 180 |
$pattern = '/Total/';
|
| 181 |
$SecLogEntries = preg_replace( $pattern, "<br />Total", $SecLogMasterTXT_contents );
|
| 182 |
|
| 306 |
|
| 307 |
if ( file_exists($bpsProLog) ) {
|
| 308 |
|
| 309 |
+
$check_string = file_get_contents($bpsProLog);
|
| 310 |
|
| 311 |
// Only creates Total Log entry listings for Log Entry types that match.
|
| 312 |
// Leave all 27 BPS Pro Log Entry Types in case I add some more Log Entry Types in BPS free in the future. BPS free only has 11 total Log Entry Types.
|
| 329 |
file_put_contents($SecLogMasterTXT, $log_contents);
|
| 330 |
}
|
| 331 |
|
| 332 |
+
$SecLogMasterTXT_contents = file_get_contents($SecLogMasterTXT);
|
| 333 |
+
$stringReplace = file_get_contents($bpsProLog);
|
| 334 |
$pattern = '/BPS\sSECURITY\sLOG(.*\s*){1}=================(.*\s*){1}=================/';
|
| 335 |
|
| 336 |
if ( preg_match( $pattern, $stringReplace, $matches ) ) {
|
isl-logout.php
CHANGED
|
@@ -7,16 +7,16 @@ wp_logout(): Log the current user out, by destroying the current user session.
|
|
| 7 |
removeEventListener: is Client Browser specific and does not affect anyone else except for the Browser that calls this template file.
|
| 8 |
*/
|
| 9 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 10 |
-
require_once
|
| 11 |
}
|
| 12 |
|
| 13 |
-
require
|
| 14 |
|
| 15 |
wp_logout();
|
| 16 |
|
| 17 |
$BPS_ISL_options = get_option('bulletproof_security_options_idle_session');
|
| 18 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 19 |
-
$hostname =
|
| 20 |
$timeNow = time();
|
| 21 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 22 |
$query_string = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
|
|
@@ -27,7 +27,12 @@ require( ABSPATH . WPINC . '/pluggable.php' );
|
|
| 27 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 28 |
}
|
| 29 |
|
| 30 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 31 |
|
| 32 |
if ( is_writable( $bpsProLog ) ) {
|
| 33 |
|
|
@@ -42,7 +47,7 @@ require( ABSPATH . WPINC . '/pluggable.php' );
|
|
| 42 |
fclose($handle);
|
| 43 |
}
|
| 44 |
|
| 45 |
-
if ( $BPS_ISL_options['bps_isl_logout_url'] != '' && $BPS_ISL_options['bps_isl_logout_url'] != plugins_url('/bulletproof-security/isl-logout.php') ) {
|
| 46 |
header("Location: ". $BPS_ISL_options['bps_isl_logout_url']);
|
| 47 |
exit;
|
| 48 |
}
|
|
@@ -54,12 +59,19 @@ require( ABSPATH . WPINC . '/pluggable.php' );
|
|
| 54 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
| 55 |
<title>Login Session Expired</title>
|
| 56 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 57 |
<style type="text/css">
|
| 58 |
<!--
|
| 59 |
-
body {<?php echo $
|
| 60 |
-
#bpsMessage {<?php echo $
|
| 61 |
-
#bpsMessageTextBox {<?php echo $
|
| 62 |
-
p {<?php echo $
|
| 63 |
-->
|
| 64 |
</style>
|
| 65 |
|
|
@@ -97,32 +109,34 @@ function bpsClearTimeout() {
|
|
| 97 |
<?php
|
| 98 |
$bps_hostname = str_replace( 'www.', '', htmlspecialchars( $_SERVER['SERVER_NAME'], ENT_QUOTES ) );
|
| 99 |
|
| 100 |
-
if ( $BPS_ISL_options['bps_isl_login_url'] != '' ) {
|
| 101 |
$url = $BPS_ISL_options['bps_isl_login_url'];
|
| 102 |
} else {
|
| 103 |
$url = site_url( '/wp-login.php' );
|
| 104 |
}
|
| 105 |
|
| 106 |
-
if ( $BPS_ISL_options['bps_isl_custom_message'] != '' ) {
|
| 107 |
|
| 108 |
echo '<div id="bpsMessageTextBox">';
|
| 109 |
$custom_message = preg_replace( '/\n/', "<br>", esc_html($BPS_ISL_options['bps_isl_custom_message']) );
|
| 110 |
echo '<p>' . $custom_message . '</p>';
|
| 111 |
-
if ( $BPS_ISL_options['bps_isl_login_url'] != 'No' && $BPS_ISL_options['bps_isl_login_url'] != 'no' ) {
|
| 112 |
echo '<p><a href="' . filter_var( $url, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED ) . '" style="text-decoration:underline;">Login</a></p>';
|
| 113 |
-
echo '<p style="font-size:12px">BPS Plugin Idle Session Logout Page</p>';
|
| 114 |
}
|
| 115 |
echo '</div>';
|
| 116 |
|
| 117 |
} else {
|
| 118 |
|
|
|
|
|
|
|
| 119 |
echo '<div id="bpsMessageTextBox">';
|
| 120 |
echo '<p>' . $bps_hostname . ' Login Session Expired</p>';
|
| 121 |
echo '<p>Your Login Session has expired due to inactivity.</p>';
|
| 122 |
-
echo '<p>Idle Session Logout (ISL) Time: ' . $
|
| 123 |
-
if ( $BPS_ISL_options['bps_isl_login_url'] != 'No' && $BPS_ISL_options['bps_isl_login_url'] != 'no' ) {
|
| 124 |
echo '<p><a href="' . filter_var( $url, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED ) . '" style="text-decoration:underline;">Login</a> again.</p>';
|
| 125 |
-
echo '<p style="font-size:12px">BPS Plugin Idle Session Logout Page</p>';
|
| 126 |
}
|
| 127 |
echo '</div>';
|
| 128 |
}
|
| 7 |
removeEventListener: is Client Browser specific and does not affect anyone else except for the Browser that calls this template file.
|
| 8 |
*/
|
| 9 |
if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
|
| 10 |
+
require_once '../../../wp-load.php';
|
| 11 |
}
|
| 12 |
|
| 13 |
+
require ABSPATH . WPINC . '/pluggable.php';
|
| 14 |
|
| 15 |
wp_logout();
|
| 16 |
|
| 17 |
$BPS_ISL_options = get_option('bulletproof_security_options_idle_session');
|
| 18 |
$bpsProLog = WP_CONTENT_DIR . '/bps-backup/logs/http_error_log.txt';
|
| 19 |
+
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
|
| 20 |
$timeNow = time();
|
| 21 |
$gmt_offset = get_option( 'gmt_offset' ) * 3600;
|
| 22 |
$query_string = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
|
| 27 |
$timestamp = date_i18n(get_option('date_format'), strtotime("11/15-1976")) . ' - ' . date_i18n(get_option('time_format'), $timeNow + $gmt_offset);
|
| 28 |
}
|
| 29 |
|
| 30 |
+
$bpsPro_http_referer = false;
|
| 31 |
+
if ( array_key_exists('HTTP_REFERER', $_SERVER) ) {
|
| 32 |
+
$bpsPro_http_referer = $_SERVER['HTTP_REFERER'];
|
| 33 |
+
}
|
| 34 |
+
|
| 35 |
+
$log_contents = "\r\n" . '[Idle Session Logout: ' . $timestamp . ']' . "\r\n" . 'BPS: ' . $bps_version . "\r\n" . 'WP: ' . $wp_version . "\r\n" . 'REMOTE_ADDR: '.$bpsPro_remote_addr . "\r\n" . 'Host Name: ' . $hostname . "\r\n" . 'SERVER_PROTOCOL: ' . $_SERVER['SERVER_PROTOCOL'] . "\r\n" . 'HTTP_CLIENT_IP: ' . $bpsPro_http_client_ip . "\r\n" . 'HTTP_FORWARDED: ' . $bpsPro_http_forwarded . "\r\n" . 'HTTP_X_FORWARDED_FOR: ' . $bpsPro_http_x_forwarded_for . "\r\n" . 'HTTP_X_CLUSTER_CLIENT_IP: ' . $bpsPro_http_x_cluster_client_ip."\r\n" . 'REQUEST_METHOD: '.$_SERVER['REQUEST_METHOD']."\r\n" . 'HTTP_REFERER: '.$bpsPro_http_referer."\r\n" . 'REQUEST_URI: '.$_SERVER['REQUEST_URI']."\r\n" . 'QUERY_STRING: '.$query_string."\r\n" . 'HTTP_USER_AGENT: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
|
| 36 |
|
| 37 |
if ( is_writable( $bpsProLog ) ) {
|
| 38 |
|
| 47 |
fclose($handle);
|
| 48 |
}
|
| 49 |
|
| 50 |
+
if ( isset($BPS_ISL_options['bps_isl_logout_url']) && $BPS_ISL_options['bps_isl_logout_url'] != '' && $BPS_ISL_options['bps_isl_logout_url'] != plugins_url('/bulletproof-security/isl-logout.php') ) {
|
| 51 |
header("Location: ". $BPS_ISL_options['bps_isl_logout_url']);
|
| 52 |
exit;
|
| 53 |
}
|
| 59 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
| 60 |
<title>Login Session Expired</title>
|
| 61 |
|
| 62 |
+
<?php
|
| 63 |
+
$bps_isl_custom_css_1 = isset($BPS_ISL_options['bps_isl_custom_css_1']) ? $BPS_ISL_options['bps_isl_custom_css_1'] : '';
|
| 64 |
+
$bps_isl_custom_css_2 = isset($BPS_ISL_options['bps_isl_custom_css_2']) ? $BPS_ISL_options['bps_isl_custom_css_2'] : '';
|
| 65 |
+
$bps_isl_custom_css_3 = isset($BPS_ISL_options['bps_isl_custom_css_3']) ? $BPS_ISL_options['bps_isl_custom_css_3'] : '';
|
| 66 |
+
$bps_isl_custom_css_4 = isset($BPS_ISL_options['bps_isl_custom_css_4']) ? $BPS_ISL_options['bps_isl_custom_css_4'] : '';
|
| 67 |
+
?>
|
| 68 |
+
|
| 69 |
<style type="text/css">
|
| 70 |
<!--
|
| 71 |
+
body {<?php echo $bps_isl_custom_css_1; ?>}
|
| 72 |
+
#bpsMessage {<?php echo $bps_isl_custom_css_2; ?>}
|
| 73 |
+
#bpsMessageTextBox {<?php echo $bps_isl_custom_css_3; ?>}
|
| 74 |
+
p {<?php echo $bps_isl_custom_css_4; ?>}
|
| 75 |
-->
|
| 76 |
</style>
|
| 77 |
|
| 109 |
<?php
|
| 110 |
$bps_hostname = str_replace( 'www.', '', htmlspecialchars( $_SERVER['SERVER_NAME'], ENT_QUOTES ) );
|
| 111 |
|
| 112 |
+
if ( isset($BPS_ISL_options['bps_isl_login_url']) && $BPS_ISL_options['bps_isl_login_url'] != '' ) {
|
| 113 |
$url = $BPS_ISL_options['bps_isl_login_url'];
|
| 114 |
} else {
|
| 115 |
$url = site_url( '/wp-login.php' );
|
| 116 |
}
|
| 117 |
|
| 118 |
+
if ( isset($BPS_ISL_options['bps_isl_custom_message']) && $BPS_ISL_options['bps_isl_custom_message'] != '' ) {
|
| 119 |
|
| 120 |
echo '<div id="bpsMessageTextBox">';
|
| 121 |
$custom_message = preg_replace( '/\n/', "<br>", esc_html($BPS_ISL_options['bps_isl_custom_message']) );
|
| 122 |
echo '<p>' . $custom_message . '</p>';
|
| 123 |
+
if ( isset($BPS_ISL_options['bps_isl_login_url']) && $BPS_ISL_options['bps_isl_login_url'] != 'No' && $BPS_ISL_options['bps_isl_login_url'] != 'no' ) {
|
| 124 |
echo '<p><a href="' . filter_var( $url, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED ) . '" style="text-decoration:underline;">Login</a></p>';
|
| 125 |
+
echo '<p style="font-size:12px">BPS Pro Plugin Idle Session Logout Page</p>';
|
| 126 |
}
|
| 127 |
echo '</div>';
|
| 128 |
|
| 129 |
} else {
|
| 130 |
|
| 131 |
+
$bps_isl_timeout = isset($BPS_ISL_options['bps_isl_timeout']) ? $BPS_ISL_options['bps_isl_timeout'] : '';
|
| 132 |
+
|
| 133 |
echo '<div id="bpsMessageTextBox">';
|
| 134 |
echo '<p>' . $bps_hostname . ' Login Session Expired</p>';
|
| 135 |
echo '<p>Your Login Session has expired due to inactivity.</p>';
|
| 136 |
+
echo '<p>Idle Session Logout (ISL) Time: ' . $bps_isl_timeout . ' minutes.</p>';
|
| 137 |
+
if ( isset($BPS_ISL_options['bps_isl_login_url']) && $BPS_ISL_options['bps_isl_login_url'] != 'No' && $BPS_ISL_options['bps_isl_login_url'] != 'no' ) {
|
| 138 |
echo '<p><a href="' . filter_var( $url, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED ) . '" style="text-decoration:underline;">Login</a> again.</p>';
|
| 139 |
+
echo '<p style="font-size:12px">BPS Pro Plugin Idle Session Logout Page</p>';
|
| 140 |
}
|
| 141 |
echo '</div>';
|
| 142 |
}
|
languages/bulletproof-security.pot
CHANGED
|
@@ -3,7 +3,7 @@ msgid ""
|
|
| 3 |
msgstr ""
|
| 4 |
"Project-Id-Version: bulletproof-security\n"
|
| 5 |
"Report-Msgid-Bugs-To: \n"
|
| 6 |
-
"POT-Creation-Date: 2021-11-
|
| 7 |
"PO-Revision-Date: 2015-06-20 19:13-0800\n"
|
| 8 |
"Last-Translator: Ed Alexander <edward@ait-pro.com>\n"
|
| 9 |
"Language-Team: AITpro <info@ait-pro.com>\n"
|
|
@@ -17,76 +17,115 @@ msgstr ""
|
|
| 17 |
"X-Poedit-SearchPath-0: .\n"
|
| 18 |
"X-Poedit-SearchPath-1: .\n"
|
| 19 |
|
| 20 |
-
#: admin/core/core-custom-code.php:
|
| 21 |
msgid "The BPS Query String Exploits Custom Code below is NOT valid."
|
| 22 |
msgstr ""
|
| 23 |
|
| 24 |
-
#: admin/core/core-custom-code.php:
|
| 25 |
msgid ""
|
| 26 |
"Delete the code shown below from the CUSTOM CODE BPSQSE BPS QUERY STRING "
|
| 27 |
"EXPLOITS: text box and click the Save Root Custom Code button."
|
| 28 |
msgstr ""
|
| 29 |
|
| 30 |
-
#: admin/core/core-custom-code.php:
|
| 31 |
msgid ""
|
| 32 |
"Default WordPress Rewrite htaccess code has been added to BPS Custom Code."
|
| 33 |
msgstr ""
|
| 34 |
|
| 35 |
-
#: admin/core/core-custom-code.php:
|
| 36 |
msgid ""
|
| 37 |
-
"The BPS plugin already uses/has Default WordPress Rewrite code. Delete
|
| 38 |
-
"Default WordPress Rewrite htaccess code shown below from the CUSTOM CODE "
|
| 39 |
"text box were it was added and click the Save Root Custom Code button."
|
| 40 |
msgstr ""
|
| 41 |
|
| 42 |
-
#: admin/core/core-custom-code.php:
|
| 43 |
msgid ""
|
| 44 |
"Root Custom Code saved successfully! Go to the Security Modes tab page and "
|
| 45 |
"click the Root Folder BulletProof Mode Activate button to add/create your "
|
| 46 |
"new Custom Code in your Root htaccess file."
|
| 47 |
msgstr ""
|
| 48 |
|
| 49 |
-
#: admin/core/core-custom-code.php:
|
| 50 |
msgid ""
|
| 51 |
"wp-admin Custom Code saved successfully! Go to the Security Modes tab page "
|
| 52 |
"and click wp-admin Folder BulletProof Mode Activate button to add/create "
|
| 53 |
"your new Custom Code in your wp-admin htaccess file."
|
| 54 |
msgstr ""
|
| 55 |
|
| 56 |
-
#: admin/core/core-custom-code.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 57 |
msgid "Root htaccess File Custom Code"
|
| 58 |
msgstr ""
|
| 59 |
|
| 60 |
-
#: admin/core/core-custom-code.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 61 |
msgid ""
|
| 62 |
-
"CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE:<br>Add php/php.ini
|
| 63 |
-
"code, cache code and/or <a href=\"https://forum.ait-pro.com/forums/
|
| 64 |
-
"htaccess-caching-code-speed-boost-cache-code/\" title=\"Link opens in
|
| 65 |
-
"Browser window\" target=\"_blank\">Speed Boost Cache Code</a>"
|
| 66 |
msgstr ""
|
| 67 |
|
| 68 |
-
#: admin/core/core-custom-code.php:
|
| 69 |
msgid ""
|
| 70 |
"ONLY add valid php/php.ini handler htaccess code and/or cache htaccess code "
|
| 71 |
"below or text commented out with a pound sign #"
|
| 72 |
msgstr ""
|
| 73 |
|
| 74 |
-
#: admin/core/core-custom-code.php:
|
| 75 |
-
msgid "CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE:"
|
| 76 |
msgstr ""
|
| 77 |
|
| 78 |
-
#: admin/core/core-custom-code.php:
|
| 79 |
msgid ""
|
| 80 |
"You MUST copy and paste the entire TURN OFF YOUR SERVER SIGNATURE section of "
|
| 81 |
"code from your root .htaccess file into this text box first. You can then "
|
| 82 |
"edit and modify the code in this text window and save your changes."
|
| 83 |
msgstr ""
|
| 84 |
|
| 85 |
-
#: admin/core/core-custom-code.php:
|
| 86 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 87 |
msgstr ""
|
| 88 |
|
| 89 |
-
#: admin/core/core-custom-code.php:
|
| 90 |
msgid ""
|
| 91 |
"You MUST copy and paste the entire DO NOT SHOW DIRECTORY LISTING and "
|
| 92 |
"DIRECTORY INDEX sections of code from your root .htaccess file into this "
|
|
@@ -94,32 +133,64 @@ msgid ""
|
|
| 94 |
"and save your changes."
|
| 95 |
msgstr ""
|
| 96 |
|
| 97 |
-
#: admin/core/core-custom-code.php:
|
| 98 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 99 |
msgstr ""
|
| 100 |
|
| 101 |
-
#: admin/core/core-custom-code.php:
|
| 102 |
msgid ""
|
| 103 |
"This Custom Code text box is for optional/Bonus code. To get this code click "
|
| 104 |
"the link below:"
|
| 105 |
msgstr ""
|
| 106 |
|
| 107 |
-
#: admin/core/core-custom-code.php:
|
| 108 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 109 |
msgstr ""
|
| 110 |
|
| 111 |
-
#: admin/core/core-custom-code.php:
|
| 112 |
msgid ""
|
| 113 |
"You MUST copy and paste the entire ERROR LOGGING AND TRACKING section of "
|
| 114 |
"code from your root .htaccess file into this text box first. You can then "
|
| 115 |
"edit and modify the code in this text window and save your changes."
|
| 116 |
msgstr ""
|
| 117 |
|
| 118 |
-
#: admin/core/core-custom-code.php:
|
| 119 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 120 |
msgstr ""
|
| 121 |
|
| 122 |
-
#: admin/core/core-custom-code.php:
|
| 123 |
msgid ""
|
| 124 |
"You MUST copy and paste the entire DENY ACCESS TO PROTECTED SERVER FILES AND "
|
| 125 |
"FOLDERS section of code from your root .htaccess file into this text box "
|
|
@@ -127,73 +198,137 @@ msgid ""
|
|
| 127 |
"your changes."
|
| 128 |
msgstr ""
|
| 129 |
|
| 130 |
-
#: admin/core/core-custom-code.php:
|
| 131 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 132 |
msgstr ""
|
| 133 |
|
| 134 |
-
#: admin/core/core-custom-code.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 135 |
msgid ""
|
| 136 |
"Add one pound sign # below to prevent the WP-ADMIN/INCLUDES section of code "
|
| 137 |
"from being created in your root .htaccess file"
|
| 138 |
msgstr ""
|
| 139 |
|
| 140 |
-
#: admin/core/core-custom-code.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 141 |
msgid ""
|
| 142 |
-
"CUSTOM CODE WP REWRITE LOOP START: www/non-www http/https Rewrite code
|
|
|
|
| 143 |
msgstr ""
|
| 144 |
|
| 145 |
-
#: admin/core/core-custom-code.php:
|
| 146 |
msgid ""
|
| 147 |
"You MUST copy and paste the entire WP REWRITE LOOP START section of code "
|
| 148 |
"from your root .htaccess file into this text box first. You can then edit "
|
| 149 |
"and modify the code in this text window and save your changes."
|
| 150 |
msgstr ""
|
| 151 |
|
| 152 |
-
#: admin/core/core-custom-code.php:
|
| 153 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 154 |
msgstr ""
|
| 155 |
|
| 156 |
-
#: admin/core/core-custom-code.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
| 157 |
msgid "Whitelist User Agents and allow HEAD Requests"
|
| 158 |
msgstr ""
|
| 159 |
|
| 160 |
-
#: admin/core/core-custom-code.php:
|
| 161 |
msgid ""
|
| 162 |
"You MUST copy and paste the entire REQUEST METHODS FILTERED section of code "
|
| 163 |
"from your root .htaccess file into this text box first. You can then edit "
|
| 164 |
"and modify the code in this text window and save your changes. To Allow HEAD "
|
| 165 |
-
"Requests click the
|
| 166 |
-
"for instructions and examples."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 167 |
msgstr ""
|
| 168 |
|
| 169 |
-
#: admin/core/core-custom-code.php:
|
| 170 |
msgid ""
|
| 171 |
-
"CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES:<br>Add personal plugin/theme "
|
| 172 |
"skip/bypass rules here"
|
| 173 |
msgstr ""
|
| 174 |
|
| 175 |
-
#: admin/core/core-custom-code.php:
|
| 176 |
-
#: admin/core/core-custom-code.php:
|
| 177 |
msgid ""
|
| 178 |
"ONLY add valid htaccess code below or text commented out with a pound sign #"
|
| 179 |
msgstr ""
|
| 180 |
|
| 181 |
-
#: admin/core/core-custom-code.php:
|
| 182 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 183 |
msgstr ""
|
| 184 |
|
| 185 |
-
#: admin/core/core-custom-code.php:
|
| 186 |
msgid ""
|
| 187 |
"You MUST copy and paste the entire TIMTHUMB FORBID RFI section of code from "
|
| 188 |
"your root .htaccess file into this text box first. You can then edit and "
|
| 189 |
"modify the code in this text window and save your changes."
|
| 190 |
msgstr ""
|
| 191 |
|
| 192 |
-
#: admin/core/core-custom-code.php:
|
| 193 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 194 |
msgstr ""
|
| 195 |
|
| 196 |
-
#: admin/core/core-custom-code.php:
|
| 197 |
msgid ""
|
| 198 |
"You MUST copy and paste the entire BPSQSE QUERY STRING EXPLOITS section of "
|
| 199 |
"code from your root .htaccess file from # BEGIN BPSQSE BPS QUERY STRING "
|
|
@@ -202,35 +337,67 @@ msgid ""
|
|
| 202 |
"changes."
|
| 203 |
msgstr ""
|
| 204 |
|
| 205 |
-
#: admin/core/core-custom-code.php:
|
| 206 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 207 |
msgstr ""
|
| 208 |
|
| 209 |
-
#: admin/core/core-custom-code.php:
|
| 210 |
msgid ""
|
| 211 |
"This is a Special Custom Code text box that should only be used if the "
|
| 212 |
"correct WP REWRITE LOOP END code is not being created in your root .htaccess "
|
| 213 |
-
"file. See the
|
| 214 |
msgstr ""
|
| 215 |
|
| 216 |
-
#: admin/core/core-custom-code.php:
|
| 217 |
-
msgid "
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 218 |
msgstr ""
|
| 219 |
|
| 220 |
-
#: admin/core/core-custom-code.php:
|
| 221 |
msgid ""
|
| 222 |
"You MUST copy and paste the entire DENY BROWSER ACCESS section of code from "
|
| 223 |
"your root .htaccess file into this text box first. You can then edit and "
|
| 224 |
"modify the code in this text window and save your changes."
|
| 225 |
msgstr ""
|
| 226 |
|
| 227 |
-
#: admin/core/core-custom-code.php:
|
| 228 |
msgid ""
|
| 229 |
-
"
|
| 230 |
-
"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 231 |
msgstr ""
|
| 232 |
|
| 233 |
-
#: admin/core/core-custom-code.php:
|
| 234 |
msgid ""
|
| 235 |
"If you are unable to save Custom Code and/or see an error message when "
|
| 236 |
"trying to save Custom Code, click the Encrypt Custom Code button first and "
|
|
@@ -238,7 +405,7 @@ msgid ""
|
|
| 238 |
"image to the right for help info."
|
| 239 |
msgstr ""
|
| 240 |
|
| 241 |
-
#: admin/core/core-custom-code.php:
|
| 242 |
msgid ""
|
| 243 |
"If your web host currently has ModSecurity installed or installs ModSecurity "
|
| 244 |
"at a later time then ModSecurity will prevent you from saving your custom "
|
|
@@ -246,7 +413,7 @@ msgid ""
|
|
| 246 |
"Code button."
|
| 247 |
msgstr ""
|
| 248 |
|
| 249 |
-
#: admin/core/core-custom-code.php:
|
| 250 |
msgid ""
|
| 251 |
"If you click the Encrypt Custom Code button, but then want to add or edit "
|
| 252 |
"additional custom code click the Decrypt Custom Code button. After you are "
|
|
@@ -254,38 +421,79 @@ msgid ""
|
|
| 254 |
"before clicking the Save Root Custom Code button."
|
| 255 |
msgstr ""
|
| 256 |
|
| 257 |
-
#: admin/core/core-custom-code.php:
|
| 258 |
msgid ""
|
| 259 |
"Additional Encrypt and Decrypt buttons have been added at the top of the "
|
| 260 |
"Root Custom Code Form."
|
| 261 |
msgstr ""
|
| 262 |
|
| 263 |
-
#: admin/core/core-custom-code.php:
|
| 264 |
-
#: admin/core/core.php:
|
| 265 |
-
msgid "Click the Custom Code
|
| 266 |
msgstr ""
|
| 267 |
|
| 268 |
-
#: admin/core/core-custom-code.php:
|
| 269 |
msgid ""
|
| 270 |
"IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first "
|
| 271 |
"before saving your Root Custom Code?"
|
| 272 |
msgstr ""
|
| 273 |
|
| 274 |
-
#: admin/core/core-custom-code.php:
|
| 275 |
msgid "Click OK to save your Root Custom Code or click Cancel."
|
| 276 |
msgstr ""
|
| 277 |
|
| 278 |
-
#: admin/core/core-custom-code.php:
|
| 279 |
msgid "wp-admin htaccess File Custom Code"
|
| 280 |
msgstr ""
|
| 281 |
|
| 282 |
-
#: admin/core/core-custom-code.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 283 |
msgid ""
|
| 284 |
-
"CUSTOM CODE WPADMIN DENY BROWSER ACCESS TO FILES:<br>Add additional wp-
|
| 285 |
-
"files that you would like to block here"
|
| 286 |
msgstr ""
|
| 287 |
|
| 288 |
-
#: admin/core/core-custom-code.php:
|
| 289 |
msgid ""
|
| 290 |
"You MUST copy and paste the entire WPADMIN DENY BROWSER ACCESS TO FILES "
|
| 291 |
"section of code from your wp-admin .htaccess file into this text box first. "
|
|
@@ -295,25 +503,25 @@ msgid ""
|
|
| 295 |
"htaccess file"
|
| 296 |
msgstr ""
|
| 297 |
|
| 298 |
-
#: admin/core/core-custom-code.php:
|
| 299 |
msgid ""
|
| 300 |
-
"CUSTOM CODE WPADMIN TOP:<br>wp-admin password protection & miscellaneous "
|
| 301 |
"custom code here"
|
| 302 |
msgstr ""
|
| 303 |
|
| 304 |
-
#: admin/core/core-custom-code.php:
|
| 305 |
msgid ""
|
| 306 |
-
"CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES:<br>Add wp-admin plugin/file
|
| 307 |
-
"rules code here"
|
| 308 |
msgstr ""
|
| 309 |
|
| 310 |
-
#: admin/core/core-custom-code.php:
|
| 311 |
msgid ""
|
| 312 |
-
"CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS:<br>Modify "
|
| 313 |
"Query String Exploit code here"
|
| 314 |
msgstr ""
|
| 315 |
|
| 316 |
-
#: admin/core/core-custom-code.php:
|
| 317 |
msgid ""
|
| 318 |
"You MUST copy and paste the entire BPS QUERY STRING EXPLOITS section of code "
|
| 319 |
"from your wp-admin .htaccess file from # BEGIN BPSQSE-check BPS QUERY STRING "
|
|
@@ -322,7 +530,7 @@ msgid ""
|
|
| 322 |
"this text window and save your changes."
|
| 323 |
msgstr ""
|
| 324 |
|
| 325 |
-
#: admin/core/core-custom-code.php:
|
| 326 |
msgid ""
|
| 327 |
"If you are unable to save Custom Code and/or see an error message when "
|
| 328 |
"trying to save Custom Code, click the Encrypt Custom Code button first and "
|
|
@@ -330,7 +538,7 @@ msgid ""
|
|
| 330 |
"mark image to the right for help info."
|
| 331 |
msgstr ""
|
| 332 |
|
| 333 |
-
#: admin/core/core-custom-code.php:
|
| 334 |
msgid ""
|
| 335 |
"If you click the Encrypt Custom Code button, but then want to add or edit "
|
| 336 |
"additional custom code click the Decrypt Custom Code button. After you are "
|
|
@@ -338,19 +546,19 @@ msgid ""
|
|
| 338 |
"before clicking the Save wp-admin Custom Code button."
|
| 339 |
msgstr ""
|
| 340 |
|
| 341 |
-
#: admin/core/core-custom-code.php:
|
| 342 |
msgid ""
|
| 343 |
"Additional Encrypt and Decrypt buttons have been added at the top of the wp-"
|
| 344 |
"admin Custom Code Form."
|
| 345 |
msgstr ""
|
| 346 |
|
| 347 |
-
#: admin/core/core-custom-code.php:
|
| 348 |
msgid ""
|
| 349 |
"IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first "
|
| 350 |
"before saving your wp-admin Custom Code?"
|
| 351 |
msgstr ""
|
| 352 |
|
| 353 |
-
#: admin/core/core-custom-code.php:
|
| 354 |
msgid "Click OK to save your wp-admin Custom Code or click Cancel."
|
| 355 |
msgstr ""
|
| 356 |
|
|
@@ -362,7 +570,7 @@ msgstr ""
|
|
| 362 |
|
| 363 |
#: admin/core/core-export-import.php:115 admin/login/lsm-export.php:49
|
| 364 |
#: admin/wizard/wizard-backup.php:246 admin/wizard/wizard-backup.php:287
|
| 365 |
-
#: admin/wizard/wizard.php:
|
| 366 |
msgid ""
|
| 367 |
"If you see a 403 error and/or are unable to download the zip file then click "
|
| 368 |
"here: "
|
|
@@ -370,9 +578,9 @@ msgstr ""
|
|
| 370 |
|
| 371 |
#: admin/core/core-export-import.php:115 admin/login/lsm-export.php:49
|
| 372 |
#: admin/wizard/wizard-backup.php:246 admin/wizard/wizard-backup.php:287
|
| 373 |
-
#: admin/wizard/wizard.php:
|
| 374 |
-
#: admin/wizard/wizard.php:
|
| 375 |
-
#: includes/hud-autofix-whitelist.php:
|
| 376 |
msgid "Setup Wizard Options"
|
| 377 |
msgstr ""
|
| 378 |
|
|
@@ -383,15 +591,15 @@ msgid ""
|
|
| 383 |
msgstr ""
|
| 384 |
|
| 385 |
#: admin/core/core-export-import.php:115 admin/login/lsm-export.php:49
|
| 386 |
-
#: admin/wizard/wizard.php:
|
| 387 |
msgid "Download Zip Export"
|
| 388 |
msgstr ""
|
| 389 |
|
| 390 |
-
#: admin/core/core-export-import.php:144 admin/wizard/wizard.php:
|
| 391 |
msgid "Zip File Upload Successful."
|
| 392 |
msgstr ""
|
| 393 |
|
| 394 |
-
#: admin/core/core-export-import.php:155 admin/wizard/wizard.php:
|
| 395 |
msgid "Zip File Exraction Successful. Method: ZipArchive class."
|
| 396 |
msgstr ""
|
| 397 |
|
|
@@ -421,19 +629,19 @@ msgstr ""
|
|
| 421 |
msgid "3. Click the wp-admin Folder BulletProof Mode Activate button."
|
| 422 |
msgstr ""
|
| 423 |
|
| 424 |
-
#: admin/core/core-export-import.php:169 admin/wizard/wizard.php:
|
| 425 |
msgid "ERROR: Zip File Extraction Failed. Method: ZipArchive class."
|
| 426 |
msgstr ""
|
| 427 |
|
| 428 |
-
#: admin/core/core-export-import.php:189 admin/wizard/wizard.php:
|
| 429 |
msgid "Zip File Extraction Successful. Method: PclZip."
|
| 430 |
msgstr ""
|
| 431 |
|
| 432 |
-
#: admin/core/core-export-import.php:203 admin/wizard/wizard.php:
|
| 433 |
msgid "ERROR: Zip File Extraction Failed. Method: PclZip."
|
| 434 |
msgstr ""
|
| 435 |
|
| 436 |
-
#: admin/core/core-export-import.php:211 admin/wizard/wizard.php:
|
| 437 |
msgid "ERROR: Zip File Upload Failed."
|
| 438 |
msgstr ""
|
| 439 |
|
|
@@ -464,7 +672,7 @@ msgid "Your Root and wp-admin Custom Code has been deleted successfully."
|
|
| 464 |
msgstr ""
|
| 465 |
|
| 466 |
#: admin/core/core-forms.php:18 admin/core/core-forms.php:104
|
| 467 |
-
#: admin/core/core.php:
|
| 468 |
msgid "htaccess Files Disabled: wp-admin htaccess file writing is disabled. "
|
| 469 |
msgstr ""
|
| 470 |
|
|
@@ -474,12 +682,12 @@ msgstr ""
|
|
| 474 |
#: admin/core/core-forms.php:370 admin/core/core-forms.php:436
|
| 475 |
#: admin/core/core-htaccess-code.php:426 admin/core/core-htaccess-code.php:510
|
| 476 |
#: admin/core/core-htaccess-code.php:579 admin/core/core-htaccess-code.php:663
|
| 477 |
-
#: admin/core/core.php:
|
| 478 |
-
#: admin/core/core.php:
|
| 479 |
-
#: admin/maintenance/maintenance.php:
|
| 480 |
-
#: admin/maintenance/maintenance.php:
|
| 481 |
-
#: admin/maintenance/maintenance.php:
|
| 482 |
-
#: admin/maintenance/maintenance.php:
|
| 483 |
msgid "Click this link for help information: "
|
| 484 |
msgstr ""
|
| 485 |
|
|
@@ -489,13 +697,13 @@ msgstr ""
|
|
| 489 |
#: admin/core/core-forms.php:370 admin/core/core-forms.php:436
|
| 490 |
#: admin/core/core-htaccess-code.php:426 admin/core/core-htaccess-code.php:510
|
| 491 |
#: admin/core/core-htaccess-code.php:579 admin/core/core-htaccess-code.php:663
|
| 492 |
-
#: admin/core/core.php:
|
| 493 |
-
#: admin/core/core.php:
|
| 494 |
-
#: admin/maintenance/maintenance.php:
|
| 495 |
-
#: admin/maintenance/maintenance.php:
|
| 496 |
-
#: admin/maintenance/maintenance.php:
|
| 497 |
-
#: admin/maintenance/maintenance.php:
|
| 498 |
-
#: admin/wizard/wizard.php:
|
| 499 |
msgid "htaccess Files Disabled Forum Topic"
|
| 500 |
msgstr ""
|
| 501 |
|
|
@@ -613,8 +821,7 @@ msgid "htaccess Files Disabled: htaccess file Backup is disabled. "
|
|
| 613 |
msgstr ""
|
| 614 |
|
| 615 |
#: admin/core/core-forms.php:383
|
| 616 |
-
msgid ""
|
| 617 |
-
"You do not currently have an .htaccess file in your Root folder to backup."
|
| 618 |
msgstr ""
|
| 619 |
|
| 620 |
#: admin/core/core-forms.php:391
|
|
@@ -628,13 +835,11 @@ msgid "/bps-backup folder. Folder permissions should be set to 755."
|
|
| 628 |
msgstr ""
|
| 629 |
|
| 630 |
#: admin/core/core-forms.php:398
|
| 631 |
-
msgid ""
|
| 632 |
-
"Your currently active Root .htaccess file has been backed up successfully."
|
| 633 |
msgstr ""
|
| 634 |
|
| 635 |
#: admin/core/core-forms.php:406
|
| 636 |
-
msgid ""
|
| 637 |
-
"You do not currently have an htaccess file in your wp-admin folder to backup."
|
| 638 |
msgstr ""
|
| 639 |
|
| 640 |
#: admin/core/core-forms.php:414
|
|
@@ -644,8 +849,7 @@ msgid ""
|
|
| 644 |
msgstr ""
|
| 645 |
|
| 646 |
#: admin/core/core-forms.php:421
|
| 647 |
-
msgid ""
|
| 648 |
-
"Your currently active wp-admin htaccess file has been backed up successfully."
|
| 649 |
msgstr ""
|
| 650 |
|
| 651 |
#: admin/core/core-forms.php:436
|
|
@@ -654,9 +858,9 @@ msgstr ""
|
|
| 654 |
|
| 655 |
#: admin/core/core-forms.php:457
|
| 656 |
msgid ""
|
| 657 |
-
"Failed to Restore Your Root htaccess File. Either you DO NOT
|
| 658 |
-
"
|
| 659 |
-
"
|
| 660 |
msgstr ""
|
| 661 |
|
| 662 |
#: admin/core/core-forms.php:467
|
|
@@ -665,437 +869,216 @@ msgstr ""
|
|
| 665 |
|
| 666 |
#: admin/core/core-forms.php:477
|
| 667 |
msgid ""
|
| 668 |
-
"Failed to Restore Your wp-admin htaccess File. Either you DO NOT
|
| 669 |
-
"
|
| 670 |
-
"
|
| 671 |
msgstr ""
|
| 672 |
|
| 673 |
#: admin/core/core-forms.php:484
|
| 674 |
msgid "Your wp-admin htaccess file has been Restored successfully."
|
| 675 |
msgstr ""
|
| 676 |
|
| 677 |
-
#: admin/core/core-
|
| 678 |
-
msgid "
|
| 679 |
-
msgstr ""
|
| 680 |
-
|
| 681 |
-
#: admin/core/core-forms.php:505
|
| 682 |
-
msgid "Success! The Windows IIS check is reset."
|
| 683 |
-
msgstr ""
|
| 684 |
-
|
| 685 |
-
#: admin/core/core-forms.php:510
|
| 686 |
-
msgid "The Bonus Custom Code: Dismiss All Notice is NOT set. Nothing to reset."
|
| 687 |
-
msgstr ""
|
| 688 |
-
|
| 689 |
-
#: admin/core/core-forms.php:513
|
| 690 |
-
msgid "Success! The Bonus Custom Code: Dismiss All Notice is reset."
|
| 691 |
msgstr ""
|
| 692 |
|
| 693 |
-
#: admin/core/core-
|
| 694 |
msgid ""
|
| 695 |
-
"The
|
| 696 |
-
"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 697 |
msgstr ""
|
| 698 |
|
| 699 |
-
#: admin/core/core-
|
| 700 |
-
msgid ""
|
| 701 |
-
"Success! The Bonus Custom Code: Brute Force Login Protection Notice is reset."
|
| 702 |
msgstr ""
|
| 703 |
|
| 704 |
-
#: admin/core/core-
|
| 705 |
msgid ""
|
| 706 |
-
"
|
| 707 |
-
"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 708 |
msgstr ""
|
| 709 |
|
| 710 |
-
#: admin/core/core-
|
| 711 |
-
msgid "
|
| 712 |
msgstr ""
|
| 713 |
|
| 714 |
-
#: admin/core/core-
|
| 715 |
msgid ""
|
| 716 |
-
"
|
| 717 |
-
"NOT set. Nothing to reset."
|
| 718 |
msgstr ""
|
| 719 |
|
| 720 |
-
#: admin/core/core-
|
| 721 |
msgid ""
|
| 722 |
-
"
|
| 723 |
-
"
|
|
|
|
|
|
|
|
|
|
| 724 |
msgstr ""
|
| 725 |
|
| 726 |
-
#: admin/core/core-
|
| 727 |
msgid ""
|
| 728 |
-
"
|
| 729 |
-
"
|
|
|
|
|
|
|
|
|
|
| 730 |
msgstr ""
|
| 731 |
|
| 732 |
-
#: admin/core/core-
|
| 733 |
msgid ""
|
| 734 |
-
"
|
|
|
|
|
|
|
|
|
|
|
|
|
| 735 |
msgstr ""
|
| 736 |
|
| 737 |
-
#: admin/core/core-
|
| 738 |
msgid ""
|
| 739 |
-
"
|
| 740 |
-
"
|
|
|
|
|
|
|
| 741 |
msgstr ""
|
| 742 |
|
| 743 |
-
#: admin/core/core-
|
| 744 |
msgid ""
|
| 745 |
-
"
|
| 746 |
-
"
|
| 747 |
msgstr ""
|
| 748 |
|
| 749 |
-
#: admin/core/core-
|
| 750 |
-
msgid ""
|
| 751 |
-
"The Bonus Custom Code: Mime Sniffing|Drive-by Download Attack Protection "
|
| 752 |
-
"Code Dismiss Notice is NOT set. Nothing to reset."
|
| 753 |
msgstr ""
|
| 754 |
|
| 755 |
-
#: admin/core/core-
|
| 756 |
msgid ""
|
| 757 |
-
"
|
| 758 |
-
"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 759 |
msgstr ""
|
| 760 |
|
| 761 |
-
#: admin/core/core-
|
| 762 |
-
|
| 763 |
-
|
| 764 |
-
|
|
|
|
|
|
|
| 765 |
msgstr ""
|
| 766 |
|
| 767 |
-
#: admin/core/core-
|
| 768 |
-
msgid ""
|
| 769 |
-
"Success! The Bonus Custom Code: External iFrame|Clickjacking Protection Code "
|
| 770 |
-
"Notice is reset."
|
| 771 |
msgstr ""
|
| 772 |
|
| 773 |
-
#: admin/core/core-
|
| 774 |
msgid ""
|
| 775 |
-
"
|
| 776 |
-
"Nothing to reset."
|
| 3 |
msgstr ""
|
| 4 |
"Project-Id-Version: bulletproof-security\n"
|
| 5 |
"Report-Msgid-Bugs-To: \n"
|
| 6 |
+
"POT-Creation-Date: 2021-11-29 09:56-0800\n"
|
| 7 |
"PO-Revision-Date: 2015-06-20 19:13-0800\n"
|
| 8 |
"Last-Translator: Ed Alexander <edward@ait-pro.com>\n"
|
| 9 |
"Language-Team: AITpro <info@ait-pro.com>\n"
|
| 17 |
"X-Poedit-SearchPath-0: .\n"
|
| 18 |
"X-Poedit-SearchPath-1: .\n"
|
| 19 |
|
| 20 |
+
#: admin/core/core-custom-code.php:23
|
| 21 |
msgid "The BPS Query String Exploits Custom Code below is NOT valid."
|
| 22 |
msgstr ""
|
| 23 |
|
| 24 |
+
#: admin/core/core-custom-code.php:23
|
| 25 |
msgid ""
|
| 26 |
"Delete the code shown below from the CUSTOM CODE BPSQSE BPS QUERY STRING "
|
| 27 |
"EXPLOITS: text box and click the Save Root Custom Code button."
|
| 28 |
msgstr ""
|
| 29 |
|
| 30 |
+
#: admin/core/core-custom-code.php:49
|
| 31 |
msgid ""
|
| 32 |
"Default WordPress Rewrite htaccess code has been added to BPS Custom Code."
|
| 33 |
msgstr ""
|
| 34 |
|
| 35 |
+
#: admin/core/core-custom-code.php:49
|
| 36 |
msgid ""
|
| 37 |
+
"The BPS Pro plugin already uses/has Default WordPress Rewrite code. Delete "
|
| 38 |
+
"the Default WordPress Rewrite htaccess code shown below from the CUSTOM CODE "
|
| 39 |
"text box were it was added and click the Save Root Custom Code button."
|
| 40 |
msgstr ""
|
| 41 |
|
| 42 |
+
#: admin/core/core-custom-code.php:202
|
| 43 |
msgid ""
|
| 44 |
"Root Custom Code saved successfully! Go to the Security Modes tab page and "
|
| 45 |
"click the Root Folder BulletProof Mode Activate button to add/create your "
|
| 46 |
"new Custom Code in your Root htaccess file."
|
| 47 |
msgstr ""
|
| 48 |
|
| 49 |
+
#: admin/core/core-custom-code.php:262
|
| 50 |
msgid ""
|
| 51 |
"wp-admin Custom Code saved successfully! Go to the Security Modes tab page "
|
| 52 |
"and click wp-admin Folder BulletProof Mode Activate button to add/create "
|
| 53 |
"your new Custom Code in your wp-admin htaccess file."
|
| 54 |
msgstr ""
|
| 55 |
|
| 56 |
+
#: admin/core/core-custom-code.php:295
|
| 57 |
+
msgid ""
|
| 58 |
+
"UAEG Custom Code saved successfully! Go to the Security Modes tab page and "
|
| 59 |
+
"click the UAEG BulletProof Mode Activate button to add/create your new "
|
| 60 |
+
"Custom Code in your UAEG htaccess file."
|
| 61 |
+
msgstr ""
|
| 62 |
+
|
| 63 |
+
#: admin/core/core-custom-code.php:309
|
| 64 |
msgid "Root htaccess File Custom Code"
|
| 65 |
msgstr ""
|
| 66 |
|
| 67 |
+
#: admin/core/core-custom-code.php:343
|
| 68 |
+
msgid ""
|
| 69 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 70 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 71 |
+
"reference to show you where your php/php.ini handler and/or cache htaccess "
|
| 72 |
+
"code will be created in your root htaccess file. If you have php/php.ini "
|
| 73 |
+
"handler and/or cache htaccess code, copy and paste it into this CUSTOM CODE "
|
| 74 |
+
"TOP PHP/PHP.INI HANDLER/CACHE CODE text box."
|
| 75 |
+
msgstr ""
|
| 76 |
+
|
| 77 |
+
#: admin/core/core-custom-code.php:345
|
| 78 |
+
msgid ""
|
| 79 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 80 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 81 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 82 |
+
"TURN OFF YOUR SERVER SIGNATURE text box. Go to the htaccess File Editor tab "
|
| 83 |
+
"page and copy your actual TURN OFF YOUR SERVER SIGNATURE root htaccess file "
|
| 84 |
+
"code and paste it into this CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE text "
|
| 85 |
+
"box"
|
| 86 |
+
msgstr ""
|
| 87 |
+
|
| 88 |
+
#: admin/core/core-custom-code.php:350
|
| 89 |
msgid ""
|
| 90 |
+
"1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE:<br>Add php/php.ini "
|
| 91 |
+
"handler code, cache code and/or <a href=\"https://forum.ait-pro.com/forums/"
|
| 92 |
+
"topic/htaccess-caching-code-speed-boost-cache-code/\" title=\"Link opens in "
|
| 93 |
+
"a new Browser window\" target=\"_blank\">Speed Boost Cache Code</a>"
|
| 94 |
msgstr ""
|
| 95 |
|
| 96 |
+
#: admin/core/core-custom-code.php:351
|
| 97 |
msgid ""
|
| 98 |
"ONLY add valid php/php.ini handler htaccess code and/or cache htaccess code "
|
| 99 |
"below or text commented out with a pound sign #"
|
| 100 |
msgstr ""
|
| 101 |
|
| 102 |
+
#: admin/core/core-custom-code.php:362
|
| 103 |
+
msgid "2. CUSTOM CODE TURN OFF YOUR SERVER SIGNATURE:"
|
| 104 |
msgstr ""
|
| 105 |
|
| 106 |
+
#: admin/core/core-custom-code.php:363 admin/core/core-help-text.php:40
|
| 107 |
msgid ""
|
| 108 |
"You MUST copy and paste the entire TURN OFF YOUR SERVER SIGNATURE section of "
|
| 109 |
"code from your root .htaccess file into this text box first. You can then "
|
| 110 |
"edit and modify the code in this text window and save your changes."
|
| 111 |
msgstr ""
|
| 112 |
|
| 113 |
+
#: admin/core/core-custom-code.php:373
|
| 114 |
+
msgid ""
|
| 115 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 116 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 117 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 118 |
+
"DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX text box. Go to the htaccess "
|
| 119 |
+
"File Editor tab page and copy your actual DO NOT SHOW DIRECTORY LISTING/"
|
| 120 |
+
"DIRECTORY INDEX root htaccess file code and paste it into this CUSTOM CODE "
|
| 121 |
+
"DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX text box."
|
| 122 |
+
msgstr ""
|
| 123 |
+
|
| 124 |
+
#: admin/core/core-custom-code.php:379
|
| 125 |
+
msgid "3. CUSTOM CODE DO NOT SHOW DIRECTORY LISTING/DIRECTORY INDEX:"
|
| 126 |
msgstr ""
|
| 127 |
|
| 128 |
+
#: admin/core/core-custom-code.php:380 admin/core/core-help-text.php:40
|
| 129 |
msgid ""
|
| 130 |
"You MUST copy and paste the entire DO NOT SHOW DIRECTORY LISTING and "
|
| 131 |
"DIRECTORY INDEX sections of code from your root .htaccess file into this "
|
| 133 |
"and save your changes."
|
| 134 |
msgstr ""
|
| 135 |
|
| 136 |
+
#: admin/core/core-custom-code.php:390
|
| 137 |
+
msgid ""
|
| 138 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 139 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 140 |
+
"reference to show you where your Brute Force Login Page Protection code will "
|
| 141 |
+
"be created in your root htaccess file if you decide to add the option/Bonus "
|
| 142 |
+
"code. You can get the code by clicking the Brute Force Login Page Protection "
|
| 143 |
+
"Code link. Copy and paste it into this CUSTOM CODE BRUTE FORCE LOGIN PAGE "
|
| 144 |
+
"PROTECTION text box."
|
| 145 |
+
msgstr ""
|
| 146 |
+
|
| 147 |
+
#: admin/core/core-custom-code.php:396
|
| 148 |
+
msgid "4. CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION:"
|
| 149 |
msgstr ""
|
| 150 |
|
| 151 |
+
#: admin/core/core-custom-code.php:397
|
| 152 |
msgid ""
|
| 153 |
"This Custom Code text box is for optional/Bonus code. To get this code click "
|
| 154 |
"the link below:"
|
| 155 |
msgstr ""
|
| 156 |
|
| 157 |
+
#: admin/core/core-custom-code.php:407
|
| 158 |
+
msgid ""
|
| 159 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 160 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 161 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 162 |
+
"ERROR LOGGING AND TRACKING text box. Go to the htaccess File Editor tab page "
|
| 163 |
+
"and copy your actual ERROR LOGGING AND TRACKING root htaccess file code and "
|
| 164 |
+
"paste it into this CUSTOM CODE ERROR LOGGING AND TRACKING text box."
|
| 165 |
+
msgstr ""
|
| 166 |
+
|
| 167 |
+
#: admin/core/core-custom-code.php:412
|
| 168 |
+
msgid "5. CUSTOM CODE ERROR LOGGING AND TRACKING:"
|
| 169 |
msgstr ""
|
| 170 |
|
| 171 |
+
#: admin/core/core-custom-code.php:413 admin/core/core-help-text.php:40
|
| 172 |
msgid ""
|
| 173 |
"You MUST copy and paste the entire ERROR LOGGING AND TRACKING section of "
|
| 174 |
"code from your root .htaccess file into this text box first. You can then "
|
| 175 |
"edit and modify the code in this text window and save your changes."
|
| 176 |
msgstr ""
|
| 177 |
|
| 178 |
+
#: admin/core/core-custom-code.php:423
|
| 179 |
+
msgid ""
|
| 180 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 181 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 182 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 183 |
+
"DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS text box. Go to the "
|
| 184 |
+
"htaccess File Editor tab page and copy your actual DENY ACCESS TO PROTECTED "
|
| 185 |
+
"SERVER FILES AND FOLDERS root htaccess file code and paste it into this "
|
| 186 |
+
"CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS text box."
|
| 187 |
+
msgstr ""
|
| 188 |
+
|
| 189 |
+
#: admin/core/core-custom-code.php:428
|
| 190 |
+
msgid "6. CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS:"
|
| 191 |
msgstr ""
|
| 192 |
|
| 193 |
+
#: admin/core/core-custom-code.php:429 admin/core/core-help-text.php:40
|
| 194 |
msgid ""
|
| 195 |
"You MUST copy and paste the entire DENY ACCESS TO PROTECTED SERVER FILES AND "
|
| 196 |
"FOLDERS section of code from your root .htaccess file into this text box "
|
| 198 |
"your changes."
|
| 199 |
msgstr ""
|
| 200 |
|
| 201 |
+
#: admin/core/core-custom-code.php:439
|
| 202 |
+
msgid ""
|
| 203 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 204 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 205 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 206 |
+
"WP-ADMIN/INCLUDES text box. Go to the htaccess File Editor tab page and copy "
|
| 207 |
+
"your actual WP-ADMIN/INCLUDES root htaccess file code and paste it into this "
|
| 208 |
+
"CUSTOM CODE WP-ADMIN/INCLUDES text box."
|
| 209 |
msgstr ""
|
| 210 |
|
| 211 |
+
#: admin/core/core-custom-code.php:444
|
| 212 |
+
msgid ""
|
| 213 |
+
"7. CUSTOM CODE WP-ADMIN/INCLUDES: DO NOT add wp-admin .htaccess code here"
|
| 214 |
+
msgstr ""
|
| 215 |
+
|
| 216 |
+
#: admin/core/core-custom-code.php:445
|
| 217 |
msgid ""
|
| 218 |
"Add one pound sign # below to prevent the WP-ADMIN/INCLUDES section of code "
|
| 219 |
"from being created in your root .htaccess file"
|
| 220 |
msgstr ""
|
| 221 |
|
| 222 |
+
#: admin/core/core-custom-code.php:455
|
| 223 |
+
msgid ""
|
| 224 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 225 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 226 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 227 |
+
"WP REWRITE LOOP START text box. Go to the htaccess File Editor tab page and "
|
| 228 |
+
"copy your actual WP REWRITE LOOP START root htaccess file code and paste it "
|
| 229 |
+
"into this CUSTOM CODE WP REWRITE LOOP START text box."
|
| 230 |
+
msgstr ""
|
| 231 |
+
|
| 232 |
+
#: admin/core/core-custom-code.php:460
|
| 233 |
msgid ""
|
| 234 |
+
"8. CUSTOM CODE WP REWRITE LOOP START: www/non-www http/https Rewrite code "
|
| 235 |
+
"here"
|
| 236 |
msgstr ""
|
| 237 |
|
| 238 |
+
#: admin/core/core-custom-code.php:461 admin/core/core-help-text.php:40
|
| 239 |
msgid ""
|
| 240 |
"You MUST copy and paste the entire WP REWRITE LOOP START section of code "
|
| 241 |
"from your root .htaccess file into this text box first. You can then edit "
|
| 242 |
"and modify the code in this text window and save your changes."
|
| 243 |
msgstr ""
|
| 244 |
|
| 245 |
+
#: admin/core/core-custom-code.php:471
|
| 246 |
+
msgid ""
|
| 247 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 248 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 249 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 250 |
+
"REQUEST METHODS FILTERED text box. Go to the htaccess File Editor tab page "
|
| 251 |
+
"and copy your actual REQUEST METHODS FILTERED root htaccess file code and "
|
| 252 |
+
"paste it into this CUSTOM CODE REQUEST METHODS FILTERED text box."
|
| 253 |
msgstr ""
|
| 254 |
|
| 255 |
+
#: admin/core/core-custom-code.php:477
|
| 256 |
+
msgid "9. CUSTOM CODE REQUEST METHODS FILTERED:"
|
| 257 |
+
msgstr ""
|
| 258 |
+
|
| 259 |
+
#: admin/core/core-custom-code.php:478
|
| 260 |
msgid "Whitelist User Agents and allow HEAD Requests"
|
| 261 |
msgstr ""
|
| 262 |
|
| 263 |
+
#: admin/core/core-custom-code.php:479
|
| 264 |
msgid ""
|
| 265 |
"You MUST copy and paste the entire REQUEST METHODS FILTERED section of code "
|
| 266 |
"from your root .htaccess file into this text box first. You can then edit "
|
| 267 |
"and modify the code in this text window and save your changes. To Allow HEAD "
|
| 268 |
+
"Requests click the Question Mark help button at the top of the Custom Code "
|
| 269 |
+
"page for instructions and examples."
|
| 270 |
+
msgstr ""
|
| 271 |
+
|
| 272 |
+
#: admin/core/core-custom-code.php:489
|
| 273 |
+
msgid ""
|
| 274 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 275 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 276 |
+
"reference to show you where your plugin/theme skip/bypass rules code will be "
|
| 277 |
+
"created in your root htaccess file. If you have plugin/theme skip/bypass "
|
| 278 |
+
"rules, copy and paste it into this CUSTOM CODE PLUGIN/THEME SKIP/BYPASS "
|
| 279 |
+
"RULES text box."
|
| 280 |
msgstr ""
|
| 281 |
|
| 282 |
+
#: admin/core/core-custom-code.php:494
|
| 283 |
msgid ""
|
| 284 |
+
"10. CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES:<br>Add personal plugin/theme "
|
| 285 |
"skip/bypass rules here"
|
| 286 |
msgstr ""
|
| 287 |
|
| 288 |
+
#: admin/core/core-custom-code.php:495 admin/core/core-custom-code.php:585
|
| 289 |
+
#: admin/core/core-custom-code.php:939 admin/core/core-custom-code.php:951
|
| 290 |
msgid ""
|
| 291 |
"ONLY add valid htaccess code below or text commented out with a pound sign #"
|
| 292 |
msgstr ""
|
| 293 |
|
| 294 |
+
#: admin/core/core-custom-code.php:505
|
| 295 |
+
msgid ""
|
| 296 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 297 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 298 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 299 |
+
"TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE text box. Go to the "
|
| 300 |
+
"htaccess File Editor tab page and copy your actual TIMTHUMB FORBID RFI and "
|
| 301 |
+
"MISC FILE SKIP/BYPASS RULE root htaccess file code and paste it into this "
|
| 302 |
+
"CUSTOM CODE text box."
|
| 303 |
+
msgstr ""
|
| 304 |
+
|
| 305 |
+
#: admin/core/core-custom-code.php:510
|
| 306 |
+
msgid "11. CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE:"
|
| 307 |
msgstr ""
|
| 308 |
|
| 309 |
+
#: admin/core/core-custom-code.php:511 admin/core/core-help-text.php:40
|
| 310 |
msgid ""
|
| 311 |
"You MUST copy and paste the entire TIMTHUMB FORBID RFI section of code from "
|
| 312 |
"your root .htaccess file into this text box first. You can then edit and "
|
| 313 |
"modify the code in this text window and save your changes."
|
| 314 |
msgstr ""
|
| 315 |
|
| 316 |
+
#: admin/core/core-custom-code.php:521
|
| 317 |
+
msgid ""
|
| 318 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 319 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 320 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 321 |
+
"BPSQSE BPS QUERY STRING EXPLOITS text box. Go to the htaccess File Editor "
|
| 322 |
+
"tab page and copy your actual BPSQSE BPS QUERY STRING EXPLOITS root htaccess "
|
| 323 |
+
"file code and paste it into this CUSTOM CODE BPSQSE BPS QUERY STRING "
|
| 324 |
+
"EXPLOITS text box."
|
| 325 |
+
msgstr ""
|
| 326 |
+
|
| 327 |
+
#: admin/core/core-custom-code.php:526
|
| 328 |
+
msgid "12. CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS:"
|
| 329 |
msgstr ""
|
| 330 |
|
| 331 |
+
#: admin/core/core-custom-code.php:527 admin/core/core-help-text.php:40
|
| 332 |
msgid ""
|
| 333 |
"You MUST copy and paste the entire BPSQSE QUERY STRING EXPLOITS section of "
|
| 334 |
"code from your root .htaccess file from # BEGIN BPSQSE BPS QUERY STRING "
|
| 337 |
"changes."
|
| 338 |
msgstr ""
|
| 339 |
|
| 340 |
+
#: admin/core/core-custom-code.php:540
|
| 341 |
+
msgid ""
|
| 342 |
+
"Example Code: The actual WP REWRITE LOOP END code for your website may be "
|
| 343 |
+
"different. Click the Question Mark help button at the top of the Custom Code "
|
| 344 |
+
"page for root Custom Code Setup Steps. This example code is a visual "
|
| 345 |
+
"reference to show you which root htaccess file code goes in this CUSTOM CODE "
|
| 346 |
+
"WP REWRITE LOOP END text box. Go to the htaccess File Editor tab page and "
|
| 347 |
+
"copy your actual WP REWRITE LOOP END root htaccess file code and paste it "
|
| 348 |
+
"into this CUSTOM CODE WP REWRITE LOOP END text box."
|
| 349 |
+
msgstr ""
|
| 350 |
+
|
| 351 |
+
#: admin/core/core-custom-code.php:545
|
| 352 |
+
msgid "12b. CUSTOM CODE WP REWRITE LOOP END: Add WP Rewrite Loop End code here"
|
| 353 |
msgstr ""
|
| 354 |
|
| 355 |
+
#: admin/core/core-custom-code.php:546
|
| 356 |
msgid ""
|
| 357 |
"This is a Special Custom Code text box that should only be used if the "
|
| 358 |
"correct WP REWRITE LOOP END code is not being created in your root .htaccess "
|
| 359 |
+
"file. See the Question Mark help button for more information."
|
| 360 |
msgstr ""
|
| 361 |
|
| 362 |
+
#: admin/core/core-custom-code.php:563
|
| 363 |
+
msgid ""
|
| 364 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 365 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 366 |
+
"reference to show you which root htaccess file code goes in the CUSTOM CODE "
|
| 367 |
+
"DENY BROWSER ACCESS TO THESE FILES text box. Go to the htaccess File Editor "
|
| 368 |
+
"tab page and copy your actual DENY BROWSER ACCESS TO THESE FILES root "
|
| 369 |
+
"htaccess file code and paste it into this CUSTOM CODE DENY BROWSER ACCESS TO "
|
| 370 |
+
"THESE FILES text box."
|
| 371 |
+
msgstr ""
|
| 372 |
+
|
| 373 |
+
#: admin/core/core-custom-code.php:568
|
| 374 |
+
msgid "13. CUSTOM CODE DENY BROWSER ACCESS TO THESE FILES:"
|
| 375 |
msgstr ""
|
| 376 |
|
| 377 |
+
#: admin/core/core-custom-code.php:569 admin/core/core-help-text.php:40
|
| 378 |
msgid ""
|
| 379 |
"You MUST copy and paste the entire DENY BROWSER ACCESS section of code from "
|
| 380 |
"your root .htaccess file into this text box first. You can then edit and "
|
| 381 |
"modify the code in this text window and save your changes."
|
| 382 |
msgstr ""
|
| 383 |
|
| 384 |
+
#: admin/core/core-custom-code.php:579
|
| 385 |
msgid ""
|
| 386 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 387 |
+
"Code page for root Custom Code Setup Steps. This example code is a visual "
|
| 388 |
+
"reference to show you where your custom htaccess code will be created in "
|
| 389 |
+
"your root htaccess file. If you have Hotlinking, Redirect, IP Blocking "
|
| 390 |
+
"htaccess code then copy and paste it into this CUSTOM CODE BOTTOM HOTLINKING/"
|
| 391 |
+
"FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE text box."
|
| 392 |
+
msgstr ""
|
| 393 |
+
|
| 394 |
+
#: admin/core/core-custom-code.php:584
|
| 395 |
+
msgid ""
|
| 396 |
+
"14. CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK "
|
| 397 |
+
"IP/REDIRECT CODE: Add miscellaneous code here"
|
| 398 |
msgstr ""
|
| 399 |
|
| 400 |
+
#: admin/core/core-custom-code.php:594
|
| 401 |
msgid ""
|
| 402 |
"If you are unable to save Custom Code and/or see an error message when "
|
| 403 |
"trying to save Custom Code, click the Encrypt Custom Code button first and "
|
| 405 |
"image to the right for help info."
|
| 406 |
msgstr ""
|
| 407 |
|
| 408 |
+
#: admin/core/core-custom-code.php:594 admin/core/core-custom-code.php:972
|
| 409 |
msgid ""
|
| 410 |
"If your web host currently has ModSecurity installed or installs ModSecurity "
|
| 411 |
"at a later time then ModSecurity will prevent you from saving your custom "
|
| 413 |
"Code button."
|
| 414 |
msgstr ""
|
| 415 |
|
| 416 |
+
#: admin/core/core-custom-code.php:594
|
| 417 |
msgid ""
|
| 418 |
"If you click the Encrypt Custom Code button, but then want to add or edit "
|
| 419 |
"additional custom code click the Decrypt Custom Code button. After you are "
|
| 421 |
"before clicking the Save Root Custom Code button."
|
| 422 |
msgstr ""
|
| 423 |
|
| 424 |
+
#: admin/core/core-custom-code.php:594
|
| 425 |
msgid ""
|
| 426 |
"Additional Encrypt and Decrypt buttons have been added at the top of the "
|
| 427 |
"Root Custom Code Form."
|
| 428 |
msgstr ""
|
| 429 |
|
| 430 |
+
#: admin/core/core-custom-code.php:594 admin/core/core-custom-code.php:972
|
| 431 |
+
#: admin/core/core.php:2036
|
| 432 |
+
msgid "Click the Custom Code Question Mark help button for more help info."
|
| 433 |
msgstr ""
|
| 434 |
|
| 435 |
+
#: admin/core/core-custom-code.php:597
|
| 436 |
msgid ""
|
| 437 |
"IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first "
|
| 438 |
"before saving your Root Custom Code?"
|
| 439 |
msgstr ""
|
| 440 |
|
| 441 |
+
#: admin/core/core-custom-code.php:597
|
| 442 |
msgid "Click OK to save your Root Custom Code or click Cancel."
|
| 443 |
msgstr ""
|
| 444 |
|
| 445 |
+
#: admin/core/core-custom-code.php:893
|
| 446 |
msgid "wp-admin htaccess File Custom Code"
|
| 447 |
msgstr ""
|
| 448 |
|
| 449 |
+
#: admin/core/core-custom-code.php:916
|
| 450 |
+
msgid ""
|
| 451 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 452 |
+
"Code page for wp-admin Custom Code Setup Steps. This example code is a "
|
| 453 |
+
"visual reference to show you which wp-admin htaccess file code goes in the "
|
| 454 |
+
"CUSTOM CODE WPADMIN DENY BROWSER ACCESS TO FILES text box. Go to the "
|
| 455 |
+
"htaccess File Editor tab page and copy your actual WPADMIN DENY BROWSER "
|
| 456 |
+
"ACCESS TO FILES wp-admin htaccess file code and paste it into this CUSTOM "
|
| 457 |
+
"CODE text box."
|
| 458 |
+
msgstr ""
|
| 459 |
+
|
| 460 |
+
#: admin/core/core-custom-code.php:918
|
| 461 |
+
msgid ""
|
| 462 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 463 |
+
"Code page for wp-admin Custom Code Setup Steps. This example code is a "
|
| 464 |
+
"visual reference to show you where your wp-admin custom htaccess code will "
|
| 465 |
+
"be created in your wp-admin htaccess file. If you have custom wp-admin "
|
| 466 |
+
"htaccess code, copy and paste it into this CUSTOM CODE WPADMIN TOP text box."
|
| 467 |
+
msgstr ""
|
| 468 |
+
|
| 469 |
+
#: admin/core/core-custom-code.php:920
|
| 470 |
+
msgid ""
|
| 471 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 472 |
+
"Code page for wp-admin Custom Code Setup Steps. This example code is a "
|
| 473 |
+
"visual reference to show you where your wp-admin plugin/file skip rules code "
|
| 474 |
+
"will be created in your wp-admin htaccess file. If you have wp-admin plugin/"
|
| 475 |
+
"file skip rules code, copy and paste it into this CUSTOM CODE WPADMIN PLUGIN/"
|
| 476 |
+
"FILE SKIP RULES text box."
|
| 477 |
+
msgstr ""
|
| 478 |
+
|
| 479 |
+
#: admin/core/core-custom-code.php:922
|
| 480 |
+
msgid ""
|
| 481 |
+
"Example Code: Click the Question Mark help button at the top of the Custom "
|
| 482 |
+
"Code page for wp-admin Custom Code Setup Steps. This example code is a "
|
| 483 |
+
"visual reference to show you which wp-admin htaccess file code goes in the "
|
| 484 |
+
"CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS text box. Go "
|
| 485 |
+
"to the htaccess File Editor tab page and copy your actual BPS QUERY STRING "
|
| 486 |
+
"EXPLOITS AND FILTERS wp-admin htaccess file code and paste it into this "
|
| 487 |
+
"CUSTOM CODE text box."
|
| 488 |
+
msgstr ""
|
| 489 |
+
|
| 490 |
+
#: admin/core/core-custom-code.php:927
|
| 491 |
msgid ""
|
| 492 |
+
"1. CUSTOM CODE WPADMIN DENY BROWSER ACCESS TO FILES:<br>Add additional wp-"
|
| 493 |
+
"admin files that you would like to block here"
|
| 494 |
msgstr ""
|
| 495 |
|
| 496 |
+
#: admin/core/core-custom-code.php:928
|
| 497 |
msgid ""
|
| 498 |
"You MUST copy and paste the entire WPADMIN DENY BROWSER ACCESS TO FILES "
|
| 499 |
"section of code from your wp-admin .htaccess file into this text box first. "
|
| 503 |
"htaccess file"
|
| 504 |
msgstr ""
|
| 505 |
|
| 506 |
+
#: admin/core/core-custom-code.php:938
|
| 507 |
msgid ""
|
| 508 |
+
"2. CUSTOM CODE WPADMIN TOP:<br>wp-admin password protection & miscellaneous "
|
| 509 |
"custom code here"
|
| 510 |
msgstr ""
|
| 511 |
|
| 512 |
+
#: admin/core/core-custom-code.php:950
|
| 513 |
msgid ""
|
| 514 |
+
"3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES:<br>Add wp-admin plugin/file "
|
| 515 |
+
"skip rules code here"
|
| 516 |
msgstr ""
|
| 517 |
|
| 518 |
+
#: admin/core/core-custom-code.php:962
|
| 519 |
msgid ""
|
| 520 |
+
"4. CUSTOM CODE BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS:<br>Modify "
|
| 521 |
"Query String Exploit code here"
|
| 522 |
msgstr ""
|
| 523 |
|
| 524 |
+
#: admin/core/core-custom-code.php:963 admin/core/core-help-text.php:40
|
| 525 |
msgid ""
|
| 526 |
"You MUST copy and paste the entire BPS QUERY STRING EXPLOITS section of code "
|
| 527 |
"from your wp-admin .htaccess file from # BEGIN BPSQSE-check BPS QUERY STRING "
|
| 530 |
"this text window and save your changes."
|
| 531 |
msgstr ""
|
| 532 |
|
| 533 |
+
#: admin/core/core-custom-code.php:972
|
| 534 |
msgid ""
|
| 535 |
"If you are unable to save Custom Code and/or see an error message when "
|
| 536 |
"trying to save Custom Code, click the Encrypt Custom Code button first and "
|
| 538 |
"mark image to the right for help info."
|
| 539 |
msgstr ""
|
| 540 |
|
| 541 |
+
#: admin/core/core-custom-code.php:972
|
| 542 |
msgid ""
|
| 543 |
"If you click the Encrypt Custom Code button, but then want to add or edit "
|
| 544 |
"additional custom code click the Decrypt Custom Code button. After you are "
|
| 546 |
"before clicking the Save wp-admin Custom Code button."
|
| 547 |
msgstr ""
|
| 548 |
|
| 549 |
+
#: admin/core/core-custom-code.php:972
|
| 550 |
msgid ""
|
| 551 |
"Additional Encrypt and Decrypt buttons have been added at the top of the wp-"
|
| 552 |
"admin Custom Code Form."
|
| 553 |
msgstr ""
|
| 554 |
|
| 555 |
+
#: admin/core/core-custom-code.php:975
|
| 556 |
msgid ""
|
| 557 |
"IMPORTANT!!! Did you remember to click the Encrypt Custom Code button first "
|
| 558 |
"before saving your wp-admin Custom Code?"
|
| 559 |
msgstr ""
|
| 560 |
|
| 561 |
+
#: admin/core/core-custom-code.php:975
|
| 562 |
msgid "Click OK to save your wp-admin Custom Code or click Cancel."
|
| 563 |
msgstr ""
|
| 564 |
|
| 570 |
|
| 571 |
#: admin/core/core-export-import.php:115 admin/login/lsm-export.php:49
|
| 572 |
#: admin/wizard/wizard-backup.php:246 admin/wizard/wizard-backup.php:287
|
| 573 |
+
#: admin/wizard/wizard.php:1872
|
| 574 |
msgid ""
|
| 575 |
"If you see a 403 error and/or are unable to download the zip file then click "
|
| 576 |
"here: "
|
| 578 |
|
| 579 |
#: admin/core/core-export-import.php:115 admin/login/lsm-export.php:49
|
| 580 |
#: admin/wizard/wizard-backup.php:246 admin/wizard/wizard-backup.php:287
|
| 581 |
+
#: admin/wizard/wizard.php:1084 admin/wizard/wizard.php:1181
|
| 582 |
+
#: admin/wizard/wizard.php:1184 admin/wizard/wizard.php:1872
|
| 583 |
+
#: includes/hud-autofix-whitelist.php:861
|
| 584 |
msgid "Setup Wizard Options"
|
| 585 |
msgstr ""
|
| 586 |
|
| 591 |
msgstr ""
|
| 592 |
|
| 593 |
#: admin/core/core-export-import.php:115 admin/login/lsm-export.php:49
|
| 594 |
+
#: admin/wizard/wizard.php:1872
|
| 595 |
msgid "Download Zip Export"
|
| 596 |
msgstr ""
|
| 597 |
|
| 598 |
+
#: admin/core/core-export-import.php:144 admin/wizard/wizard.php:2036
|
| 599 |
msgid "Zip File Upload Successful."
|
| 600 |
msgstr ""
|
| 601 |
|
| 602 |
+
#: admin/core/core-export-import.php:155 admin/wizard/wizard.php:2047
|
| 603 |
msgid "Zip File Exraction Successful. Method: ZipArchive class."
|
| 604 |
msgstr ""
|
| 605 |
|
| 629 |
msgid "3. Click the wp-admin Folder BulletProof Mode Activate button."
|
| 630 |
msgstr ""
|
| 631 |
|
| 632 |
+
#: admin/core/core-export-import.php:169 admin/wizard/wizard.php:2058
|
| 633 |
msgid "ERROR: Zip File Extraction Failed. Method: ZipArchive class."
|
| 634 |
msgstr ""
|
| 635 |
|
| 636 |
+
#: admin/core/core-export-import.php:189 admin/wizard/wizard.php:2078
|
| 637 |
msgid "Zip File Extraction Successful. Method: PclZip."
|
| 638 |
msgstr ""
|
| 639 |
|
| 640 |
+
#: admin/core/core-export-import.php:203 admin/wizard/wizard.php:2090
|
| 641 |
msgid "ERROR: Zip File Extraction Failed. Method: PclZip."
|
| 642 |
msgstr ""
|
| 643 |
|
| 644 |
+
#: admin/core/core-export-import.php:211 admin/wizard/wizard.php:2098
|
| 645 |
msgid "ERROR: Zip File Upload Failed."
|
| 646 |
msgstr ""
|
| 647 |
|
| 672 |
msgstr ""
|
| 673 |
|
| 674 |
#: admin/core/core-forms.php:18 admin/core/core-forms.php:104
|
| 675 |
+
#: admin/core/core.php:1297
|
| 676 |
msgid "htaccess Files Disabled: wp-admin htaccess file writing is disabled. "
|
| 677 |
msgstr ""
|
| 678 |
|
| 682 |
#: admin/core/core-forms.php:370 admin/core/core-forms.php:436
|
| 683 |
#: admin/core/core-htaccess-code.php:426 admin/core/core-htaccess-code.php:510
|
| 684 |
#: admin/core/core-htaccess-code.php:579 admin/core/core-htaccess-code.php:663
|
| 685 |
+
#: admin/core/core.php:904 admin/core/core.php:994 admin/core/core.php:1108
|
| 686 |
+
#: admin/core/core.php:1198 admin/core/core.php:1297
|
| 687 |
+
#: admin/maintenance/maintenance.php:883 admin/maintenance/maintenance.php:1199
|
| 688 |
+
#: admin/maintenance/maintenance.php:1708
|
| 689 |
+
#: admin/maintenance/maintenance.php:1838
|
| 690 |
+
#: admin/maintenance/maintenance.php:2029 admin/wizard/wizard-functions.php:44
|
| 691 |
msgid "Click this link for help information: "
|
| 692 |
msgstr ""
|
| 693 |
|
| 697 |
#: admin/core/core-forms.php:370 admin/core/core-forms.php:436
|
| 698 |
#: admin/core/core-htaccess-code.php:426 admin/core/core-htaccess-code.php:510
|
| 699 |
#: admin/core/core-htaccess-code.php:579 admin/core/core-htaccess-code.php:663
|
| 700 |
+
#: admin/core/core.php:904 admin/core/core.php:994 admin/core/core.php:1108
|
| 701 |
+
#: admin/core/core.php:1198 admin/core/core.php:1297
|
| 702 |
+
#: admin/maintenance/maintenance.php:883 admin/maintenance/maintenance.php:1199
|
| 703 |
+
#: admin/maintenance/maintenance.php:1708
|
| 704 |
+
#: admin/maintenance/maintenance.php:1838
|
| 705 |
+
#: admin/maintenance/maintenance.php:2029 admin/wizard/wizard-functions.php:44
|
| 706 |
+
#: admin/wizard/wizard.php:1096
|
| 707 |
msgid "htaccess Files Disabled Forum Topic"
|
| 708 |
msgstr ""
|
| 709 |
|
| 821 |
msgstr ""
|
| 822 |
|
| 823 |
#: admin/core/core-forms.php:383
|
| 824 |
+
msgid "You do not have an .htaccess file in your Root folder to backup."
|
|
|
|
| 825 |
msgstr ""
|
| 826 |
|
| 827 |
#: admin/core/core-forms.php:391
|
| 835 |
msgstr ""
|
| 836 |
|
| 837 |
#: admin/core/core-forms.php:398
|
| 838 |
+
msgid "Your Root .htaccess file has been backed up successfully."
|
|
|
|
| 839 |
msgstr ""
|
| 840 |
|
| 841 |
#: admin/core/core-forms.php:406
|
| 842 |
+
msgid "You do not have an htaccess file in your wp-admin folder to backup."
|
|
|
|
| 843 |
msgstr ""
|
| 844 |
|
| 845 |
#: admin/core/core-forms.php:414
|
| 849 |
msgstr ""
|
| 850 |
|
| 851 |
#: admin/core/core-forms.php:421
|
| 852 |
+
msgid "Your wp-admin htaccess file has been backed up successfully."
|
|
|
|
| 853 |
msgstr ""
|
| 854 |
|
| 855 |
#: admin/core/core-forms.php:436
|
| 858 |
|
| 859 |
#: admin/core/core-forms.php:457
|
| 860 |
msgid ""
|
| 861 |
+
"Failed to Restore Your Root htaccess File. Either you DO NOT have a Backed "
|
| 862 |
+
"up Root htaccess file or your Root htaccess file permissions do not allow "
|
| 863 |
+
"the file to be replaced/restored."
|
| 864 |
msgstr ""
|
| 865 |
|
| 866 |
#: admin/core/core-forms.php:467
|
| 869 |
|
| 870 |
#: admin/core/core-forms.php:477
|
| 871 |
msgid ""
|
| 872 |
+
"Failed to Restore Your wp-admin htaccess File. Either you DO NOT have a "
|
| 873 |
+
"Backed up wp-admin htaccess file or your wp-admin htaccess file permissions "
|
| 874 |
+
"do not allow the file to be replaced/restored."
|
| 875 |
msgstr ""
|
| 876 |
|
| 877 |
#: admin/core/core-forms.php:484
|
| 878 |
msgid "Your wp-admin htaccess file has been Restored successfully."
|
| 879 |
msgstr ""
|
| 880 |
|
| 881 |
+
#: admin/core/core-help-text.php:9
|
| 882 |
+
msgid "General Help Info"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 883 |
msgstr ""
|
| 884 |
|
| 885 |
+
#: admin/core/core-help-text.php:9
|
| 886 |
msgid ""
|
| 887 |
+
"The Setup Wizard automatically sets up and activates all BulletProof Modes "
|
| 888 |
+
"and all other BPS settings with default settings. The Setup Wizard can be re-"
|
| 889 |
+
"run at any time. If you change any BPS default settings, your custom "
|
| 890 |
+
"settings will not be changed/reset by re-running the Setup Wizard. The "
|
| 891 |
+
"manual Security Modes option settings are for doing things like changing "
|
| 892 |
+
"default settings, adding custom htaccess code to BPS Custom Code, testing "
|
| 893 |
+
"and troubleshooting by deactivating (turning Off) BulletProof Modes."
|
| 894 |
msgstr ""
|
| 895 |
|
| 896 |
+
#: admin/core/core-help-text.php:12
|
| 897 |
+
msgid "Activate|Deactivate Root Folder BulletProof Mode (RBM)"
|
|
|
|
| 898 |
msgstr ""
|
| 899 |
|
| 900 |
+
#: admin/core/core-help-text.php:12
|
| 901 |
msgid ""
|
| 902 |
+
"Clicking the Activate button turns On Root Folder BulletProof Mode (RBM) by "
|
| 903 |
+
"creating a BPS htaccess file in your WordPress root installation folder "
|
| 904 |
+
"(same folder as the wp-config.php file). Clicking the Deactivate button "
|
| 905 |
+
"turns Off Root Folder BulletProof Mode (RBM) by creating a generic/default "
|
| 906 |
+
"WordPress htaccess file in your WordPress root installation folder. "
|
| 907 |
+
"Deactivating Root Folder BulletProof Mode (RBM) is used for testing and "
|
| 908 |
+
"troubleshooting. Click the BPS Troubleshooting Steps link at the top of this "
|
| 909 |
+
"Question Mark help file for BPS troubleshooting steps."
|
| 910 |
msgstr ""
|
| 911 |
|
| 912 |
+
#: admin/core/core-help-text.php:12
|
| 913 |
+
msgid "Notes:"
|
| 914 |
msgstr ""
|
| 915 |
|
| 916 |
+
#: admin/core/core-help-text.php:12 admin/core/core-help-text.php:15
|
| 917 |
msgid ""
|
| 918 |
+
"Viewing, Editing, Modifying, Creating, Saving and Testing htaccess Code/Files"
|
|
|
|
| 919 |
msgstr ""
|
| 920 |
|
| 921 |
+
#: admin/core/core-help-text.php:12 admin/core/core-help-text.php:15
|
| 922 |
msgid ""
|
| 923 |
+
"To check, view or edit BPS htaccess files/code manually/directly for testing "
|
| 924 |
+
"you can use the htaccess File Editor. Click the htaccess File Editor "
|
| 925 |
+
"Question Mark help button for more detailed help information. To save "
|
| 926 |
+
"htaccess code permanently use BPS Custom Code. Click the Custom Code "
|
| 927 |
+
"Question Mark help button for more detailed help information."
|
| 928 |
msgstr ""
|
| 929 |
|
| 930 |
+
#: admin/core/core-help-text.php:12 admin/core/core-help-text.php:15
|
| 931 |
msgid ""
|
| 932 |
+
"BPS has built-in troubleshooting capability - all features/options can be "
|
| 933 |
+
"turned Off/On independently for troubleshooting. Deactivating/activating or "
|
| 934 |
+
"uninstalling/reinstalling the BPS plugin is not the correct way to "
|
| 935 |
+
"troubleshoot issues or problems. See the BPS Troubleshooting Steps link at "
|
| 936 |
+
"the top of this Question Mark help file."
|
| 937 |
msgstr ""
|
| 938 |
|
| 939 |
+
#: admin/core/core-help-text.php:12 admin/core/core-help-text.php:15
|
| 940 |
msgid ""
|
| 941 |
+
"The BPS Security Log logs all 403 errors and anything that BPS is blocking - "
|
| 942 |
+
"hackers, spammers or something legitimate in another plugin or theme. If you "
|
| 943 |
+
"think BPS is blocking something legitimate in another plugin or theme click "
|
| 944 |
+
"the BPS Pro Troubleshooting Steps link at the top of this Question Mark help "
|
| 945 |
+
"file."
|
| 946 |
msgstr ""
|
| 947 |
|
| 948 |
+
#: admin/core/core-help-text.php:12 admin/core/core-help-text.php:15
|
| 949 |
msgid ""
|
| 950 |
+
"If you activate BulletProof Mode for your Root folder you should also "
|
| 951 |
+
"activate BulletProof Mode for your wp-admin folder. On some Hosts that is "
|
| 952 |
+
"required and on other Hosts that is not required for everything to work "
|
| 953 |
+
"correctly."
|
| 954 |
msgstr ""
|
| 955 |
|
| 956 |
+
#: admin/core/core-help-text.php:12 admin/core/core-help-text.php:15
|
| 957 |
msgid ""
|
| 958 |
+
"The current status of BulletProof Modes is displayed in-page. The BPS Inpage "
|
| 959 |
+
"Status Display also shows the current status of RBM and WBM."
|
| 960 |
msgstr ""
|
| 961 |
|
| 962 |
+
#: admin/core/core-help-text.php:12
|
| 963 |
+
msgid "WordPress Network (Multisite) Sites Info"
|
|
|
|
|
|
|
| 964 |
msgstr ""
|
| 965 |
|
| 966 |
+
#: admin/core/core-help-text.php:12
|
| 967 |
msgid ""
|
| 968 |
+
"BPS will automatically detect whether you have a subdomain or subdirectory "
|
| 969 |
+
"Network (Multisite) installation and create the correct htaccess code for "
|
| 970 |
+
"your website type. The BPS plugin can be Network Activated or you can allow "
|
| 971 |
+
"the BPS plugin to be activated individually on each Network/Multisite "
|
| 972 |
+
"subsite or of course you can choose not to Network Activate BPS or allow the "
|
| 973 |
+
"BPS plugin on subsites. Super Admins will see BPS Dashboard Alerts and other "
|
| 974 |
+
"Status displays on the Primary Site only. Administrators can activate or "
|
| 975 |
+
"deactivate BPS on subsites, if you allow this on your Network/Multisite."
|
| 976 |
msgstr ""
|
| 977 |
|
| 978 |
+
#: admin/core/core-help-text.php:12 admin/core/core-help-text.php:15
|
| 979 |
+
#: admin/core/core-help-text.php:18 admin/core/core-help-text.php:21
|
| 980 |
+
#: admin/core/core-help-text.php:24 admin/core/core-help-text.php:27
|
| 981 |
+
#: admin/core/core-help-text.php:30 admin/core/core-help-text.php:40
|
| 982 |
+
#: admin/login/lsm-help-text.php:10
|
| 983 |
+
msgid "BPS Video Tutorial links can be found in the Help & FAQ pages."
|
| 984 |
msgstr ""
|
| 985 |
|
| 986 |
+
#: admin/core/core-help-text.php:15
|
| 987 |
+
msgid "Activate|Deactivate wp-admin Folder BulletProof Mode (WBM)"
|
|
|
|
|
|
|
| 988 |
msgstr ""
|
| 989 |
|
| 990 |
+
#: admin/core/core-help-text.php:15
|
| 991 |
msgid ""
|
| 992 |
+
"Clicking the Activat
|
|
|
