Protect Your Admin - Version 1.1

Version Description

  • Add new option for restrict registered users from wp-admin
    • Add logout options after add/update admin new url
    • Fixed permalink update issue after add/update admin new url. Now no need to update your permalink
    • Add option for redirect user to new admin url after update the new admin url
Download this release

Release Info

Developer india-web-developer
Plugin Icon 128x128 Protect Your Admin
Version 1.1
Comparing to
See all releases

Code changes from version 1.0 to 1.1

Files changed (3) hide show
  1. protect-wp-admin.php +20 -7
  2. pwa-class.php +134 -73
  3. readme.txt +21 -12
protect-wp-admin.php CHANGED
@@ -5,7 +5,7 @@ Plugin URI: http://www.mrwebsolution.in/
5
  Description: "protect-wp-admin" is a very help full plugin to make wordpress admin more secure. Protect WP-Admin plugin is provide the options for change the wp-admin url and make the login page private(directly user can't access the login page).
6
  Author: Raghunath
7
  Author URI: http://www.mrwebsolution.in/
8
- Version: 1.0
9
  */
10
 
11
  /*** Copyright 2014 Raghunath (email : raghunath.0087@gmail.com)
@@ -43,7 +43,9 @@ add_action('admin_init','init_pwa_options_fields');
43
  /** Register "Protect WP-Admin" options */
44
  function init_pwa_options_fields(){
45
  register_setting('pwa_setting_options','pwa_active');
46
- register_setting('pwa_setting_options','pwa_rewrite_text');
 
 
47
  }
48
 
49
 
@@ -61,15 +63,24 @@ function init_pwa_admin_option_page(){ ?>
61
  <!-- Start Options Form -->
62
  <form action="options.php" method="post" id="pwa-settings-form-admin">
63
 
64
- <div id="pwa-tab-menu"><a id="pwa-general" class="pwa-tab-links active" >General</a> <a id="pwa-support" class="pwa-tab-links">Support</a> </div>
65
 
66
  <div class="pwa-setting">
67
  <!-- General Setting -->
68
  <div class="first pwa-tab" id="div-pwa-general">
69
  <h2>General Settings</h2>
70
- <p><strong>Note!:</strong> After update the new admin url,you have need to update the site permalink!</p>
71
  <p><label>Enable:</label><input type="checkbox" id="pwa_active" name="pwa_active" value='1' <?php if(get_option('pwa_active')!=''){ echo ' checked="checked"'; }?>/></p>
72
- <p><label>New Admin URL:</label><input type="text" id="pwa_rewrite_text" name="pwa_rewrite_text" value="<?php echo esc_attr(get_option('pwa_rewrite_text')); ?>" placeholder="wp-admin"></p>
 
 
 
 
 
 
 
 
 
73
  </div>
74
 
75
  <!-- Support -->
@@ -82,7 +93,7 @@ function init_pwa_admin_option_page(){ ?>
82
  <p><a href="mailto:raghunath.0087@gmail.com" target="_blank" class="contact-author">Contact Author</a></p>
83
  <p><strong>My Other Plugins:</strong><br>
84
  <ul>
85
- <li><a href="https://wordpress.org/plugins/custom-share-buttons-with-floating-sidebar" target="_blank">Simple Testimonial Rutator</a></li>
86
  <li><a href="https://wordpress.org/plugins/simple-testimonial-rutator/" target="_blank">Simple Testimonial Rutator</a></li>
87
  <li><a href="https://wordpress.org/plugins/wp-easy-recipe/" target="_blank">WP Easy Recipe</a></li>
88
  <li><a href="https://wordpress.org/plugins/wp-social-buttons/" target="_blank">WP Social Buttons</a></li>
@@ -145,7 +156,9 @@ if( function_exists('register_uninstall_hook') ){
145
  //Delete all options after uninstall the plugin
146
  function init_uninstall_pwa_plugins(){
147
  delete_option('pwa_active');
148
- delete_option('pwa_rewrite_text');
 
 
149
  }
150
  require dirname(__FILE__).'/pwa-class.php';
151
 
5
  Description: "protect-wp-admin" is a very help full plugin to make wordpress admin more secure. Protect WP-Admin plugin is provide the options for change the wp-admin url and make the login page private(directly user can't access the login page).
6
  Author: Raghunath
7
  Author URI: http://www.mrwebsolution.in/
8
+ Version: 1.1
9
  */
10
 
11
  /*** Copyright 2014 Raghunath (email : raghunath.0087@gmail.com)
43
  /** Register "Protect WP-Admin" options */
44
  function init_pwa_options_fields(){
45
  register_setting('pwa_setting_options','pwa_active');
46
+ register_setting('pwa_setting_options','pwa_rewrite_text');
47
+ register_setting('pwa_setting_options','pwa_restrict');
48
+ register_setting('pwa_setting_options','pwa_logout');
49
  }
50
 
51
 
63
  <!-- Start Options Form -->
64
  <form action="options.php" method="post" id="pwa-settings-form-admin">
65
 
66
+ <div id="pwa-tab-menu"><a id="pwa-general" class="pwa-tab-links active" >General</a> <a id="pwa-advance" class="pwa-tab-links">Advance Settings</a> <a id="pwa-support" class="pwa-tab-links">Support</a> </div>
67
 
68
  <div class="pwa-setting">
69
  <!-- General Setting -->
70
  <div class="first pwa-tab" id="div-pwa-general">
71
  <h2>General Settings</h2>
72
+ <p><strong>Note!:</strong> After update the new admin url,if nothing happen then you can re-check it after update the site permalink!</p>
73
  <p><label>Enable:</label><input type="checkbox" id="pwa_active" name="pwa_active" value='1' <?php if(get_option('pwa_active')!=''){ echo ' checked="checked"'; }?>/></p>
74
+ <p><label>Add New Admin URL:</label><input type="text" id="pwa_rewrite_text" name="pwa_rewrite_text" value="<?php echo esc_attr(get_option('pwa_rewrite_text')); ?>" placeholder="wp-admin"></p>
75
+ </div>
76
+
77
+ <!-- Advance Setting -->
78
+ <div class="pwa-tab" id="div-pwa-advance">
79
+ <h2>Advance Settings</h2>
80
+
81
+ <p><label>Restrict registered users from wp-admin :</label><input type="checkbox" id="pwa_restrict" name="pwa_restrict" value='1' <?php if(get_option('pwa_restrict')!=''){ echo ' checked="checked"'; }?>/></p>
82
+ <p><label>Logout Admin After Add/Update New Admin URL(Optional) :</label><input type="checkbox" id="pwa_logout" name="pwa_logout" value='1' <?php if(get_option('pwa_logout')==''){ echo ''; }else{echo 'checked="checked"';}?>/> (This is only for security purpose)</p>
83
+
84
  </div>
85
 
86
  <!-- Support -->
93
  <p><a href="mailto:raghunath.0087@gmail.com" target="_blank" class="contact-author">Contact Author</a></p>
94
  <p><strong>My Other Plugins:</strong><br>
95
  <ul>
96
+ <li><a href="https://wordpress.org/plugins/custom-share-buttons-with-floating-sidebar" target="_blank">Custom Share Buttons with Floating Sidebar</a></li>
97
  <li><a href="https://wordpress.org/plugins/simple-testimonial-rutator/" target="_blank">Simple Testimonial Rutator</a></li>
98
  <li><a href="https://wordpress.org/plugins/wp-easy-recipe/" target="_blank">WP Easy Recipe</a></li>
99
  <li><a href="https://wordpress.org/plugins/wp-social-buttons/" target="_blank">WP Social Buttons</a></li>
156
  //Delete all options after uninstall the plugin
157
  function init_uninstall_pwa_plugins(){
158
  delete_option('pwa_active');
159
+ delete_option('pwa_rewrite_text');
160
+ delete_option('pwa_restrict');
161
+ delete_option('pwa_logout');
162
  }
163
  require dirname(__FILE__).'/pwa-class.php';
164
 
pwa-class.php CHANGED
@@ -1,73 +1,134 @@
1
- <?php
2
- /*
3
- * Protect WP-Admin (C)
4
- * @register_install_hook()
5
- * @register_uninstall_hook()
6
- * */
7
- ?>
8
- <?php
9
- /** Get all options value */
10
- function get_pwa_setting_options() {
11
- global $wpdb;
12
- $pwaOptions = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE option_name LIKE 'pwa_%'");
13
-
14
- foreach ($pwaOptions as $option) {
15
- $pwaOptions[$option->option_name] = $option->option_value;
16
- }
17
-
18
- return $pwaOptions;
19
- }
20
- $getPwaOptions=get_pwa_setting_options();
21
- if(isset($getPwaOptions['pwa_active']) && '1'==$getPwaOptions['pwa_active'])
22
- {
23
- add_action('init', 'pwa_flush_rewrite');
24
- add_action( 'init', 'init_pwa_admin_rewrite_rules' );
25
- add_action( 'init', 'pwa_admin_url_redirect_conditions' );
26
- }
27
- /** Flush rewrite rules after update the permalink */
28
- function pwa_flush_rewrite() {
29
- global $wp_rewrite;
30
- $wp_rewrite->flush_rules();
31
- }
32
- /** Create a new rewrite rule for change to wp-admin url */
33
- function init_pwa_admin_rewrite_rules() {
34
- $getPwaOptions=get_pwa_setting_options();
35
- if(isset($getPwaOptions['pwa_active']) && ''!=$getPwaOptions['pwa_rewrite_text']){
36
- $newurl=strip_tags($getPwaOptions['pwa_rewrite_text']);
37
- add_rewrite_rule( $newurl.'/?$', 'wp-login.php', 'top' );
38
- }
39
- }
40
-
41
- function pwa_admin_url_redirect_conditions()
42
- {
43
- $wordpresActualURL =home_url('/wp-login.php');
44
- $request_url = pwa_get_current_page_url($_SERVER);
45
- $newUrl = explode('?',$request_url);
46
-
47
- if(! is_user_logged_in() && $wordpresActualURL==$newUrl[0] )
48
- {
49
- //echo "{False}";
50
- wp_redirect(home_url('/'));
51
- }else
52
- {
53
- //echo "{Ture}";
54
- }
55
- }
56
-
57
- /** Get the current url*/
58
- function pwa_current_path_protocol($s, $use_forwarded_host=false)
59
- {
60
- $pwahttp = (!empty($s['HTTPS']) && $s['HTTPS'] == 'on') ? true:false;
61
- $pwasprotocal = strtolower($s['SERVER_PROTOCOL']);
62
- $pwa_protocol = substr($pwasprotocal, 0, strpos($pwasprotocal, '/')) . (($pwahttp) ? 's' : '');
63
- $port = $s['SERVER_PORT'];
64
- $port = ((!$pwahttp && $port=='80') || ($pwahttp && $port=='443')) ? '' : ':'.$port;
65
- $host = ($use_forwarded_host && isset($s['HTTP_X_FORWARDED_HOST'])) ? $s['HTTP_X_FORWARDED_HOST'] : (isset($s['HTTP_HOST']) ? $s['HTTP_HOST'] : null);
66
- $host = isset($host) ? $host : $s['SERVER_NAME'] . $port;
67
- return $pwa_protocol . '://' . $host;
68
- }
69
- function pwa_get_current_page_url($s, $use_forwarded_host=false)
70
- {
71
- return pwa_current_path_protocol($s, $use_forwarded_host) . $s['REQUEST_URI'];
72
- }
73
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /*
3
+ * Protect WP-Admin (C)
4
+ * @register_install_hook()
5
+ * @register_uninstall_hook()
6
+ * */
7
+ ?>
8
+ <?php
9
+
10
+ /** Get all options value */
11
+ function get_pwa_setting_options() {
12
+ global $wpdb;
13
+ $pwaOptions = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE option_name LIKE 'pwa_%'");
14
+
15
+ foreach ($pwaOptions as $option) {
16
+ $pwaOptions[$option->option_name] = $option->option_value;
17
+ }
18
+
19
+ return $pwaOptions;
20
+ }
21
+
22
+
23
+ $getPwaOptions=get_pwa_setting_options();
24
+
25
+ if(isset($getPwaOptions['pwa_active']) && '1'==$getPwaOptions['pwa_active'])
26
+ {
27
+ add_action('init', 'pwa_flush_rewrite');
28
+ add_action('init', 'init_pwa_admin_rewrite_rules' );
29
+ add_action('init', 'pwa_admin_url_redirect_conditions' );
30
+
31
+ }
32
+
33
+
34
+ if(isset($getPwaOptions['pwa_logout']))
35
+ {
36
+ add_action('admin_init', 'pwa_logout_user_after_settings_save');
37
+ add_action('admin_init', 'pwa_logout_user_after_settings_save');
38
+ }
39
+
40
+ function pwa_logout_user_after_settings_save()
41
+ {
42
+ $getPwaOptions=get_pwa_setting_options();
43
+ if(isset($_GET['settings-updated']) && $_GET['settings-updated'] && isset($_GET['page']) && $_GET['page']=='pwa-settings')
44
+ {
45
+ flush_rewrite_rules();
46
+ }
47
+
48
+ if(isset($_GET['settings-updated']) && $_GET['settings-updated'] && isset($_GET['page']) && $_GET['page']=='pwa-settings' && isset($getPwaOptions['pwa_logout']) && $getPwaOptions['pwa_logout']==1)
49
+ {
50
+ $URL=str_replace('&amp;','&',wp_logout_url());
51
+ session_destroy();
52
+ if(isset($getPwaOptions['pwa_rewrite_text']) && isset($getPwaOptions['pwa_logout']) && $getPwaOptions['pwa_logout']==1 && $getPwaOptions['pwa_rewrite_text']!=''){
53
+ wp_redirect(home_url('/'.$getPwaOptions['pwa_rewrite_text']));
54
+ }else
55
+ {
56
+ //silent
57
+ }
58
+ //wp_redirect($URL);
59
+ }
60
+
61
+ /* $request_url = pwa_get_current_page_url($_SERVER);
62
+ if(isset($getPwaOptions['pwa_rewrite_text']) && $getPwaOptions['pwa_logout']==1 && $request_url==home_url('/wp-login.php?loggedout=true'))
63
+ {
64
+ echo "helloss";
65
+ wp_redirect(home_url('/'.$getPwaOptions['pwa_rewrite_text']));
66
+
67
+ }
68
+ */
69
+
70
+ }
71
+
72
+ /** Flush rewrite rules after update the permalink */
73
+ function pwa_flush_rewrite() {
74
+ global $wp_rewrite;
75
+ $wp_rewrite->flush_rules();
76
+
77
+ }
78
+ /** Create a new rewrite rule for change to wp-admin url */
79
+ function init_pwa_admin_rewrite_rules() {
80
+ $getPwaOptions=get_pwa_setting_options();
81
+ if(isset($getPwaOptions['pwa_active']) && ''!=$getPwaOptions['pwa_rewrite_text']){
82
+ $newurl=strip_tags($getPwaOptions['pwa_rewrite_text']);
83
+ add_rewrite_rule( $newurl.'/?$', 'wp-login.php', 'top' );
84
+ }
85
+ }
86
+
87
+ function pwa_admin_url_redirect_conditions()
88
+ {
89
+ $getPwaOptions=get_pwa_setting_options();
90
+
91
+
92
+ $wordpresActualURL =home_url('/wp-login.php');
93
+ $request_url = pwa_get_current_page_url($_SERVER);
94
+ $newUrl = explode('?',$request_url);
95
+ if(! is_user_logged_in() && $wordpresActualURL==$newUrl[0] )
96
+ {
97
+ wp_redirect(home_url('/'));
98
+
99
+ }else if(isset($getPwaOptions['pwa_restrict']) && $getPwaOptions['pwa_restrict']==1 && is_user_logged_in())
100
+ {
101
+ global $current_user;
102
+ $user_roles = $current_user->roles;
103
+ $user_role = array_shift($user_roles);
104
+ if($user_role=='administrator')
105
+ {
106
+ //silent is gold
107
+ }else
108
+ {
109
+ wp_redirect(home_url('/'));
110
+ }
111
+ }else
112
+ {
113
+ //silent is gold
114
+ }
115
+
116
+ }
117
+
118
+ /** Get the current url*/
119
+ function pwa_current_path_protocol($s, $use_forwarded_host=false)
120
+ {
121
+ $pwahttp = (!empty($s['HTTPS']) && $s['HTTPS'] == 'on') ? true:false;
122
+ $pwasprotocal = strtolower($s['SERVER_PROTOCOL']);
123
+ $pwa_protocol = substr($pwasprotocal, 0, strpos($pwasprotocal, '/')) . (($pwahttp) ? 's' : '');
124
+ $port = $s['SERVER_PORT'];
125
+ $port = ((!$pwahttp && $port=='80') || ($pwahttp && $port=='443')) ? '' : ':'.$port;
126
+ $host = ($use_forwarded_host && isset($s['HTTP_X_FORWARDED_HOST'])) ? $s['HTTP_X_FORWARDED_HOST'] : (isset($s['HTTP_HOST']) ? $s['HTTP_HOST'] : null);
127
+ $host = isset($host) ? $host : $s['SERVER_NAME'] . $port;
128
+ return $pwa_protocol . '://' . $host;
129
+ }
130
+ function pwa_get_current_page_url($s, $use_forwarded_host=false)
131
+ {
132
+ return pwa_current_path_protocol($s, $use_forwarded_host) . $s['REQUEST_URI'];
133
+ }
134
+ ?>
readme.txt CHANGED
@@ -1,32 +1,35 @@
1
  === Protect WP-Admin ===
2
  Contributors:india-web-developer
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=WN785E5V492L4
4
- Tags: Protect WP-Admin,wp-admin,Protect wordpress admin,Secure Admin, Wordpress Admin
5
  Requires at least: 3.0
6
  Tested up to: 4.0
7
- Stable tag: 1.0
8
 
9
- Protect Your WordPress Site Admin Against Hackers
10
 
11
  == Description ==
12
 
13
- "protect-wp-admin" is a very help full plugin to make wordpress admin more secure. Protect WP-Admin plugin is provide the options for change the wp-admin url and make the admin login page private(spam user can't access the admin login page).
 
 
 
 
 
 
14
 
15
- * Note : You have must need to update the site permalink after add/update the new admin url.
16
 
17
  == Installation ==
18
 
19
- Step 1. Upload "protect-wp-admin" folder to the `/wp-content/plugins/` directory
20
-
21
- Step 2. Activate the plugin through the Plugins menu in WordPress
22
-
23
- Step 3. Go to Settings "Protect WP-Admin" and configure the plugin settings.
24
 
25
  == Frequently Asked Questions ==
26
 
27
- 1.Nothing happen after enable and add the new wordpress admin url?
28
 
29
- Don't worry, Just update the site permalink ("Settings" >> "Permalinks") and re-check,Now this time it will be work fine
30
  == Screenshots ==
31
 
32
  1. screenshot-1.png
@@ -36,5 +39,11 @@ Don't worry, Just update the site permalink ("Settings" >> "Permalinks") and re-
36
 
37
  == Changelog ==
38
 
 
 
 
 
 
 
39
  = 1.0 =
40
  * First stable release
1
  === Protect WP-Admin ===
2
  Contributors:india-web-developer
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=WN785E5V492L4
4
+ Tags: Protect WP-Admin,wp-admin,Protect wordpress admin,Secure Admin,Admin,Scure Wordpress Admin,Rename Admin URL, Rename Wordpress Admin URL,Change wp-admin url,Change Admin URL,Change Admin Path,Restrict wp-admin
5
  Requires at least: 3.0
6
  Tested up to: 4.0
7
+ Stable tag: 1.1
8
 
9
+ Protect Your Website Admin Against Hackers By Change Default Admin URL To Secure Admin URL (i.e http://yourdomain.com/myadmin)
10
 
11
  == Description ==
12
 
13
+ If you run a WordPress website, you should absolutely use "protect-wp-admin" to secure it against hackers. "protect-wp-admin" will be help you to make your site admin more secure. Protect WP-Admin plugin is provide the option for change the wp-admin url to new secure url (i.e http://yourdomain.com/myadmin).This plugin is provide an option to restrict the wp-admin OR wp-login.php page from Guest user.
14
+
15
+ = Features =
16
+
17
+ * Rename/Change wp-admin url to new url (i.e http://yourdomain.com/myadmin)
18
+ * Restrict guest users for access to wp-admin
19
+ * Restrict registered users from wp-admin
20
 
 
21
 
22
  == Installation ==
23
 
24
+ * Step 1. Upload "protect-wp-admin" folder to the `/wp-content/plugins/` directory
25
+ * Step 2. Activate the plugin through the Plugins menu in WordPress
26
+ * Step 3. Go to Settings "Protect WP-Admin" and configure the plugin settings.
 
 
27
 
28
  == Frequently Asked Questions ==
29
 
30
+ * 1.Nothing happen after enable and add the new wordpress admin url?
31
 
32
+ Don't worry, Just update the site permalink ("Settings" >> "Permalinks") and re-check,Now this time it will be work fine
33
  == Screenshots ==
34
 
35
  1. screenshot-1.png
39
 
40
  == Changelog ==
41
 
42
+ = 1.1 =
43
+ * Add new option for restrict registered users from wp-admin
44
+ * Add logout options after add/update admin new url
45
+ * Fixed permalink update issue after add/update admin new url. Now no need to update your permalink
46
+ * Add option for redirect user to new admin url after update the new admin url
47
+
48
  = 1.0 =
49
  * First stable release