Version Description
- Tested up to WP 4.9
- Added secure cookie notice
Download this release
Release Info
Developer | RogierLankhorst |
Plugin | Really Simple SSL |
Version | 2.5.23 |
Comparing to | |
See all releases |
Version 2.5.23
- class-admin.php +2573 -0
- class-cache.php +66 -0
- class-front-end.php +159 -0
- class-help.php +31 -0
- class-maintain-plugin-load-position.php +97 -0
- class-mixed-content-fixer.php +166 -0
- class-multisite.php +778 -0
- class-server.php +75 -0
- class-url.php +5 -0
- css/index.php +1 -0
- css/main.css +337 -0
- force-deactivate.txt +131 -0
- img/check-icon.png +0 -0
- img/cross-icon.png +0 -0
- img/index.php +1 -0
- img/warning-icon.png +0 -0
- index.php +1 -0
- languages/index.php +1 -0
- languages/really-simple-ssl-fr_FR.mo +0 -0
- languages/really-simple-ssl-fr_FR.po +420 -0
- languages/really-simple-ssl-ru_RU.mo +0 -0
- languages/really-simple-ssl-ru_RU.po +420 -0
- languages/really-simple-ssl.po +272 -0
- readme.txt +448 -0
- rlrsssl-really-simple-ssl.php +123 -0
- ssl-test-page.php +61 -0
- testssl/cdn/.htaccess +5 -0
- testssl/cdn/ssl-test-page.html +9 -0
- testssl/cloudflare/.htaccess +5 -0
- testssl/cloudflare/ssl-test-page.html +9 -0
- testssl/cloudfront/.htaccess +5 -0
- testssl/cloudfront/ssl-test-page.html +9 -0
- testssl/envhttps/.htaccess +5 -0
- testssl/envhttps/ssl-test-page.html +9 -0
- testssl/loadbalancer/.htaccess +5 -0
- testssl/loadbalancer/ssl-test-page.html +9 -0
- testssl/serverhttps1/.htaccess +5 -0
- testssl/serverhttps1/ssl-test-page.html +9 -0
- testssl/serverhttpson/.htaccess +5 -0
- testssl/serverhttpson/ssl-test-page.html +9 -0
- testssl/serverport443/.htaccess +5 -0
- testssl/serverport443/ssl-test-page.html +9 -0
- uninstall.php +14 -0
class-admin.php
ADDED
@@ -0,0 +1,2573 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
3 |
+
|
4 |
+
class rsssl_admin extends rsssl_front_end {
|
5 |
+
|
6 |
+
private static $_this;
|
7 |
+
|
8 |
+
public $wpconfig_siteurl_not_fixed = FALSE;
|
9 |
+
public $no_server_variable = FALSE;
|
10 |
+
public $errors = Array();
|
11 |
+
|
12 |
+
public $do_wpconfig_loadbalancer_fix = FALSE;
|
13 |
+
public $site_has_ssl = FALSE;
|
14 |
+
public $ssl_enabled = FALSE;
|
15 |
+
|
16 |
+
//multisite variables
|
17 |
+
public $sites = Array(); //for multisite, list of all activated sites.
|
18 |
+
|
19 |
+
//general settings
|
20 |
+
public $capability = 'activate_plugins';
|
21 |
+
|
22 |
+
public $ssl_test_page_error;
|
23 |
+
public $htaccess_test_success = FALSE;
|
24 |
+
public $plugin_version = rsssl_version; //deprecated, but used in pro plugin until 1.0.25
|
25 |
+
|
26 |
+
public $plugin_dir = "really-simple-ssl";
|
27 |
+
public $plugin_filename = "rlrsssl-really-simple-ssl.php";
|
28 |
+
public $ABSpath;
|
29 |
+
|
30 |
+
public $do_not_edit_htaccess = FALSE;
|
31 |
+
public $htaccess_redirect = FALSE;
|
32 |
+
public $htaccess_warning_shown = FALSE;
|
33 |
+
public $ssl_success_message_shown = FALSE;
|
34 |
+
public $hsts = FALSE;
|
35 |
+
public $debug = TRUE;
|
36 |
+
public $debug_log;
|
37 |
+
|
38 |
+
public $plugin_conflict = ARRAY();
|
39 |
+
public $plugin_db_version;
|
40 |
+
public $plugin_upgraded;
|
41 |
+
public $mixed_content_fixer_status = "OK";
|
42 |
+
public $ssl_type = "NA";
|
43 |
+
|
44 |
+
private $pro_url = "https://www.really-simple-ssl.com/pro";
|
45 |
+
|
46 |
+
function __construct() {
|
47 |
+
if ( isset( self::$_this ) )
|
48 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
49 |
+
|
50 |
+
self::$_this = $this;
|
51 |
+
|
52 |
+
$this->ABSpath = $this->getABSPATH();
|
53 |
+
$this->get_options();
|
54 |
+
$this->get_admin_options();
|
55 |
+
|
56 |
+
$this->get_plugin_upgraded(); //call always, otherwise db version will not match anymore.
|
57 |
+
|
58 |
+
register_deactivation_hook(dirname( __FILE__ )."/".$this->plugin_filename, array($this,'deactivate') );
|
59 |
+
|
60 |
+
|
61 |
+
}
|
62 |
+
|
63 |
+
static function this() {
|
64 |
+
return self::$_this;
|
65 |
+
}
|
66 |
+
|
67 |
+
|
68 |
+
/**
|
69 |
+
* Initializes the admin class
|
70 |
+
*
|
71 |
+
* @since 2.2
|
72 |
+
*
|
73 |
+
* @access public
|
74 |
+
*
|
75 |
+
*/
|
76 |
+
|
77 |
+
public function init() {
|
78 |
+
if (!current_user_can($this->capability)) return;
|
79 |
+
$is_on_settings_page = $this->is_settings_page();
|
80 |
+
|
81 |
+
/*
|
82 |
+
Detect configuration when:
|
83 |
+
- SSL activation just confirmed.
|
84 |
+
- on settings page
|
85 |
+
- No SSL detected
|
86 |
+
*/
|
87 |
+
|
88 |
+
//when configuration should run again
|
89 |
+
if ($this->clicked_activate_ssl() || !$this->ssl_enabled || !$this->site_has_ssl || $is_on_settings_page || is_network_admin()) {
|
90 |
+
|
91 |
+
if (is_multisite()) $this->build_domain_list();//has to come after clicked_activate_ssl, otherwise this domain won't get counted.
|
92 |
+
$this->detect_configuration();
|
93 |
+
|
94 |
+
//flush caches when just activated ssl
|
95 |
+
//flush the permalinks
|
96 |
+
if ($this->clicked_activate_ssl()) {
|
97 |
+
if (isset($_POST["rsssl_flush_rewrite_rules"])) {
|
98 |
+
add_action( 'shutdown', 'flush_rewrite_rules');
|
99 |
+
}
|
100 |
+
add_action('admin_init', array(RSSSL()->rsssl_cache,'flush'),40);
|
101 |
+
}
|
102 |
+
|
103 |
+
if (!$this->wpconfig_ok()) {
|
104 |
+
//if we were to activate ssl, this could result in a redirect loop. So warn first.
|
105 |
+
add_action("admin_notices", array($this, 'show_notice_wpconfig_needs_fixes'));
|
106 |
+
if (is_multisite()) add_action('network_admin_notices', array($this, 'show_notice_wpconfig_needs_fixes'), 10);
|
107 |
+
|
108 |
+
$this->ssl_enabled = false;
|
109 |
+
$this->save_options();
|
110 |
+
} elseif ($this->ssl_enabled) {
|
111 |
+
add_action('init',array($this,'configure_ssl'),20);
|
112 |
+
}
|
113 |
+
}
|
114 |
+
|
115 |
+
//when ssl is enabled, and not enabled by user, ask for activation.
|
116 |
+
add_action("admin_notices", array($this, 'show_notice_activate_ssl'),10);
|
117 |
+
|
118 |
+
add_action('plugins_loaded', array($this,'check_plugin_conflicts'),30);
|
119 |
+
|
120 |
+
//add the settings page for the plugin
|
121 |
+
add_action('admin_enqueue_scripts', array($this, 'enqueue_assets'));
|
122 |
+
add_action('admin_init', array($this, 'load_translation'),20);
|
123 |
+
add_action('rsssl_configuration_page', array($this, 'configuration_page_more'),10);
|
124 |
+
|
125 |
+
//settings page, form and settings link in the plugins page
|
126 |
+
add_action('admin_menu', array($this, 'add_settings_page'),40);
|
127 |
+
add_action('admin_init', array($this, 'create_form'),40);
|
128 |
+
|
129 |
+
$plugin = rsssl_plugin;
|
130 |
+
add_filter("plugin_action_links_$plugin", array($this,'plugin_settings_link'));
|
131 |
+
|
132 |
+
//check if the uninstallfile is safely renamed to php.
|
133 |
+
$this->check_for_uninstall_file();
|
134 |
+
|
135 |
+
//callbacks for the ajax dismiss buttons
|
136 |
+
add_action('wp_ajax_dismiss_htaccess_warning', array($this,'dismiss_htaccess_warning_callback') );
|
137 |
+
add_action('wp_ajax_dismiss_success_message', array($this,'dismiss_success_message_callback') );
|
138 |
+
|
139 |
+
//handle notices
|
140 |
+
add_action('admin_notices', array($this,'show_notices'));
|
141 |
+
}
|
142 |
+
|
143 |
+
|
144 |
+
//change deprecated function depending on version.
|
145 |
+
|
146 |
+
public function get_sites_bw_compatible(){
|
147 |
+
global $wp_version;
|
148 |
+
$sites = ($wp_version >= 4.6 ) ? get_sites() : wp_get_sites();
|
149 |
+
return $sites;
|
150 |
+
}
|
151 |
+
|
152 |
+
/*
|
153 |
+
The new get_sites function returns an object.
|
154 |
+
|
155 |
+
*/
|
156 |
+
|
157 |
+
public function switch_to_blog_bw_compatible($site){
|
158 |
+
|
159 |
+
global $wp_version;
|
160 |
+
if ($wp_version >= 4.6 ) {
|
161 |
+
switch_to_blog( $site->blog_id );
|
162 |
+
} else {
|
163 |
+
switch_to_blog( $site[ 'blog_id' ] );
|
164 |
+
}
|
165 |
+
}
|
166 |
+
|
167 |
+
|
168 |
+
/*
|
169 |
+
checks if the user just clicked the "activate ssl" button.
|
170 |
+
*/
|
171 |
+
|
172 |
+
private function clicked_activate_ssl() {
|
173 |
+
if (!current_user_can($this->capability)) return;
|
174 |
+
//if (!isset( $_POST['rsssl_nonce'] ) || !wp_verify_nonce( $_POST['rsssl_nonce'], 'rsssl_nonce' )) return false;
|
175 |
+
|
176 |
+
if (isset($_POST['rsssl_do_activate_ssl'])) {
|
177 |
+
$this->activate_ssl();
|
178 |
+
return true;
|
179 |
+
}
|
180 |
+
|
181 |
+
return false;
|
182 |
+
}
|
183 |
+
|
184 |
+
|
185 |
+
/*
|
186 |
+
Activate the SSL for this site
|
187 |
+
*/
|
188 |
+
|
189 |
+
public function activate_ssl(){
|
190 |
+
$this->ssl_enabled = true;
|
191 |
+
$this->wp_redirect = true;
|
192 |
+
|
193 |
+
$this->set_siteurl_to_ssl();
|
194 |
+
$this->save_options();
|
195 |
+
}
|
196 |
+
|
197 |
+
public function deactivate_ssl(){
|
198 |
+
$this->ssl_enabled = false;
|
199 |
+
$this->wp_redirect = false;
|
200 |
+
$this->htaccess_redirect = false;
|
201 |
+
|
202 |
+
$this->remove_ssl_from_siteurl();
|
203 |
+
$this->save_options();
|
204 |
+
}
|
205 |
+
|
206 |
+
|
207 |
+
|
208 |
+
public function wpconfig_ok(){
|
209 |
+
if (($this->do_wpconfig_loadbalancer_fix || $this->no_server_variable || $this->wpconfig_siteurl_not_fixed) && !$this->wpconfig_is_writable() ) {
|
210 |
+
$result = false;
|
211 |
+
} else {
|
212 |
+
$result = true;
|
213 |
+
}
|
214 |
+
|
215 |
+
return apply_filters('rsssl_wpconfig_ok_check', $result);
|
216 |
+
}
|
217 |
+
|
218 |
+
/*
|
219 |
+
This message is shown when no ssl is not enabled by the user yet
|
220 |
+
*/
|
221 |
+
|
222 |
+
public function show_notice_activate_ssl(){
|
223 |
+
if ($this->ssl_enabled) return;
|
224 |
+
|
225 |
+
if (defined("RSSSL_DISMISS_ACTIVATE_SSL_NOTICE") && RSSSL_DISMISS_ACTIVATE_SSL_NOTICE) return;
|
226 |
+
|
227 |
+
//for multisite, show only activate when a choice has been made to activate networkwide or per site.
|
228 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->selected_networkwide_or_per_site) return;
|
229 |
+
|
230 |
+
//on multistie, only show this message on the network admin. Per site activated sites have to go to the settings page.
|
231 |
+
//otherwise sites that do not need SSL possibly get to see this message.
|
232 |
+
|
233 |
+
if (is_multisite() && !is_network_admin()) return;
|
234 |
+
|
235 |
+
if (!$this->wpconfig_ok()) return;
|
236 |
+
|
237 |
+
if (!current_user_can($this->capability)) return;
|
238 |
+
|
239 |
+
if (!$this->site_has_ssl) {
|
240 |
+
global $wp;
|
241 |
+
$current_url = "https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"];
|
242 |
+
?>
|
243 |
+
<div id="message" class="error fade notice activate-ssl">
|
244 |
+
<p><?php _e("No SSL was detected. If you do have an ssl certificate, try to reload this page over https by clicking this link:","really-simple-ssl");?> <a href="<?php echo $current_url?>"><?php _e("reload over https.","really-simple-ssl");?></a>
|
245 |
+
<?php _e("You can check your certificate on","really-simple-ssl");?> <a target="_blank" href="https://www.ssllabs.com/ssltest/">Qualys SSL Labs</a>
|
246 |
+
</p>
|
247 |
+
</div>
|
248 |
+
<?php } ?>
|
249 |
+
|
250 |
+
<div id="message" class="updated fade notice activate-ssl">
|
251 |
+
<?php if ($this->site_has_ssl) { ?>
|
252 |
+
<h1><?php _e("Almost ready to migrate to SSL!","really-simple-ssl");?></h1>
|
253 |
+
<?php } ?>
|
254 |
+
<?php _e("Some things can't be done automatically. Before you migrate, please check for: ",'really-simple-ssl');?>
|
255 |
+
<p>
|
256 |
+
<ul>
|
257 |
+
<li><?php _e('Http references in your .css and .js files: change any http:// into //','really-simple-ssl');?></li>
|
258 |
+
<li><?php _e('Images, stylesheets or scripts from a domain without an ssl certificate: remove them or move to your own server.','really-simple-ssl');?></li>
|
259 |
+
</ul>
|
260 |
+
</p>
|
261 |
+
<?php $this->show_pro(); ?>
|
262 |
+
|
263 |
+
<?php RSSSL()->really_simple_ssl->show_enable_ssl_button();?>
|
264 |
+
</div>
|
265 |
+
<?php }
|
266 |
+
|
267 |
+
|
268 |
+
/**
|
269 |
+
* @since 2.3
|
270 |
+
* Returns button to enable SSL.
|
271 |
+
*/
|
272 |
+
|
273 |
+
public function show_enable_ssl_button(){
|
274 |
+
if ($this->site_has_ssl || (defined('rsssl_force_activate') && rsssl_force_activate)) {
|
275 |
+
?>
|
276 |
+
<p>
|
277 |
+
<form action="" method="post">
|
278 |
+
<?php wp_nonce_field( 'rsssl_nonce', 'rsssl_nonce' );?>
|
279 |
+
<div>
|
280 |
+
<input type="checkbox" name="rsssl_flush_rewrite_rules" checked><label><?php _e("Flush rewrite rules on activation (deselect when you encounter errors)","really-simple-ssl")?></label>
|
281 |
+
</div>
|
282 |
+
<input type="submit" class='button button-primary' value="<?php _e("Go ahead, activate SSL!","really-simple-ssl");?>" id="rsssl_do_activate_ssl" name="rsssl_do_activate_ssl">
|
283 |
+
<br><?php _e("You may need to login in again.", "really-simple-ssl")?>
|
284 |
+
</form>
|
285 |
+
</p>
|
286 |
+
<?php
|
287 |
+
}
|
288 |
+
}
|
289 |
+
|
290 |
+
/**
|
291 |
+
* @since 2.3
|
292 |
+
* Shows option to buy pro
|
293 |
+
|
294 |
+
*/
|
295 |
+
|
296 |
+
public function show_pro(){
|
297 |
+
if ( !defined("rsssl_pro_version") ) {
|
298 |
+
?>
|
299 |
+
<p><?php _e('You can also let the automatic scan of the pro version handle this for you, and get premium support, increased security with HSTS and more!','really-simple-ssl');?> <a target="_blank" href="<?php echo $this->pro_url;?>"><?php _e("Check out Really Simple SSL Premium","really-simple-ssl");?></a></p>
|
300 |
+
<?php
|
301 |
+
}
|
302 |
+
}
|
303 |
+
|
304 |
+
|
305 |
+
public function wpconfig_is_writable() {
|
306 |
+
$wpconfig_path = $this->find_wp_config_path();
|
307 |
+
if (is_writable($wpconfig_path))
|
308 |
+
return true;
|
309 |
+
else
|
310 |
+
return false;
|
311 |
+
}
|
312 |
+
|
313 |
+
/*
|
314 |
+
* Check if the uninstall file is renamed to .php
|
315 |
+
*/
|
316 |
+
|
317 |
+
protected function check_for_uninstall_file() {
|
318 |
+
if (file_exists(dirname( __FILE__ ) . '/force-deactivate.php')) {
|
319 |
+
$this->errors["DEACTIVATE_FILE_NOT_RENAMED"] = true;
|
320 |
+
}
|
321 |
+
}
|
322 |
+
|
323 |
+
/**
|
324 |
+
* Get the options for this plugin
|
325 |
+
*
|
326 |
+
* @since 2.0
|
327 |
+
*
|
328 |
+
* @access public
|
329 |
+
*
|
330 |
+
*/
|
331 |
+
|
332 |
+
public function get_admin_options(){
|
333 |
+
|
334 |
+
$options = get_option('rlrsssl_options');
|
335 |
+
if (isset($options)) {
|
336 |
+
$this->site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
337 |
+
$this->hsts = isset($options['hsts']) ? $options['hsts'] : FALSE;
|
338 |
+
$this->htaccess_warning_shown = isset($options['htaccess_warning_shown']) ? $options['htaccess_warning_shown'] : FALSE;
|
339 |
+
$this->ssl_success_message_shown = isset($options['ssl_success_message_shown']) ? $options['ssl_success_message_shown'] : FALSE;
|
340 |
+
$this->plugin_db_version = isset($options['plugin_db_version']) ? $options['plugin_db_version'] : "1.0";
|
341 |
+
$this->debug = isset($options['debug']) ? $options['debug'] : FALSE;
|
342 |
+
$this->do_not_edit_htaccess = isset($options['do_not_edit_htaccess']) ? $options['do_not_edit_htaccess'] : FALSE;
|
343 |
+
$this->htaccess_redirect = isset($options['htaccess_redirect']) ? $options['htaccess_redirect'] : FALSE;
|
344 |
+
$this->switch_mixed_content_fixer_hook = isset($options['switch_mixed_content_fixer_hook']) ? $options['switch_mixed_content_fixer_hook'] : FALSE;
|
345 |
+
$this->debug_log = isset($options['debug_log']) ? $options['debug_log'] : $this->debug_log;
|
346 |
+
}
|
347 |
+
|
348 |
+
if (is_multisite()) {
|
349 |
+
$network_options = get_site_option('rlrsssl_network_options');
|
350 |
+
$network_htaccess_redirect = isset($network_options["htaccess_redirect"]) ? $network_options["htaccess_redirect"] : false;
|
351 |
+
$network_do_not_edit_htaccess = isset($network_options["do_not_edit_htaccess"]) ? $network_options["do_not_edit_htaccess"] : false;
|
352 |
+
/*
|
353 |
+
If multiste, and networkwide, only the networkwide setting counts.
|
354 |
+
if multisite, and per site, only the networkwide setting counts if it is true.
|
355 |
+
*/
|
356 |
+
$ssl_enabled_networkwide = isset($network_options["ssl_enabled_networkwide"]) ? $network_options["ssl_enabled_networkwide"] : false;
|
357 |
+
if ($ssl_enabled_networkwide) {
|
358 |
+
$this->htaccess_redirect = $network_htaccess_redirect;
|
359 |
+
$this->do_not_edit_htaccess = $network_do_not_edit_htaccess;
|
360 |
+
} else {
|
361 |
+
if ($network_do_not_edit_htaccess) $this->do_not_edit_htaccess = $network_do_not_edit_htaccess;
|
362 |
+
if ($network_htaccess_redirect) $this->htaccess_redirect = $network_htaccess_redirect;
|
363 |
+
}
|
364 |
+
}
|
365 |
+
|
366 |
+
//if the define is true, it overrides the db setting.
|
367 |
+
if (defined( 'RLRSSSL_DO_NOT_EDIT_HTACCESS')) {
|
368 |
+
$this->do_not_edit_htaccess = RLRSSSL_DO_NOT_EDIT_HTACCESS;
|
369 |
+
}
|
370 |
+
|
371 |
+
}
|
372 |
+
|
373 |
+
/**
|
374 |
+
* Creates an array of all domains where the plugin is active AND ssl is active, only used for multisite.
|
375 |
+
*
|
376 |
+
* @since 2.1
|
377 |
+
*
|
378 |
+
* @access public
|
379 |
+
*
|
380 |
+
*/
|
381 |
+
|
382 |
+
public function build_domain_list() {
|
383 |
+
if (!is_multisite()) return;
|
384 |
+
//create list of all activated sites with ssl
|
385 |
+
$this->sites = array();
|
386 |
+
$sites = $this->get_sites_bw_compatible();
|
387 |
+
if ($this->debug) $this->trace_log("building domain list for multisite...");
|
388 |
+
foreach ( $sites as $site ) {
|
389 |
+
$this->switch_to_blog_bw_compatible($site);
|
390 |
+
$options = get_option('rlrsssl_options');
|
391 |
+
|
392 |
+
$ssl_enabled = FALSE;
|
393 |
+
if (isset($options)) {
|
394 |
+
$site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
395 |
+
$ssl_enabled = isset($options['ssl_enabled']) ? $options['ssl_enabled'] : $site_has_ssl;
|
396 |
+
}
|
397 |
+
|
398 |
+
if (is_plugin_active(rsssl_plugin) && $ssl_enabled) {
|
399 |
+
if ($this->debug) $this->trace_log("adding: ".home_url());
|
400 |
+
$this->sites[] = home_url();
|
401 |
+
}
|
402 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
403 |
+
}
|
404 |
+
|
405 |
+
$this->save_options();
|
406 |
+
}
|
407 |
+
|
408 |
+
/**
|
409 |
+
* check if the plugin was upgraded to a new version
|
410 |
+
*
|
411 |
+
* @since 2.1
|
412 |
+
*
|
413 |
+
* @access public
|
414 |
+
*
|
415 |
+
*/
|
416 |
+
|
417 |
+
public function get_plugin_upgraded() {
|
418 |
+
if ($this->plugin_db_version!= rsssl_version) {
|
419 |
+
$this->plugin_db_version = rsssl_version;
|
420 |
+
$this->plugin_upgraded = true;
|
421 |
+
$this->save_options();
|
422 |
+
}
|
423 |
+
$this->plugin_upgraded = false;
|
424 |
+
}
|
425 |
+
|
426 |
+
/**
|
427 |
+
* Log events during plugin execution
|
428 |
+
*
|
429 |
+
* @since 2.1
|
430 |
+
*
|
431 |
+
* @access public
|
432 |
+
*
|
433 |
+
*/
|
434 |
+
|
435 |
+
public function trace_log($msg) {
|
436 |
+
if (!$this->debug) return;
|
437 |
+
$this->debug_log = $this->debug_log."<br>".$msg;
|
438 |
+
$this->debug_log = strstr($this->debug_log,'** Detecting configuration **');
|
439 |
+
error_log($msg);
|
440 |
+
}
|
441 |
+
|
442 |
+
/**
|
443 |
+
* Configures the site for ssl
|
444 |
+
*
|
445 |
+
* @since 2.2
|
446 |
+
*
|
447 |
+
* @access public
|
448 |
+
*
|
449 |
+
*/
|
450 |
+
|
451 |
+
public function configure_ssl() {
|
452 |
+
if (!current_user_can($this->capability)) return;
|
453 |
+
|
454 |
+
$safe_mode = FALSE;
|
455 |
+
if (defined('RSSSL_SAFE_MODE') && RSSSL_SAFE_MODE) $safe_mode = RSSSL_SAFE_MODE;
|
456 |
+
|
457 |
+
if (!current_user_can($this->capability)) return;
|
458 |
+
$this->trace_log("** Configuring SSL **");
|
459 |
+
if ($this->site_has_ssl) {
|
460 |
+
//when one of the used server variables was found, test if the redirect works
|
461 |
+
|
462 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->ssl_type != "NA")
|
463 |
+
$this->test_htaccess_redirect();
|
464 |
+
|
465 |
+
//in a configuration reverse proxy without a set server variable https, add code to wpconfig
|
466 |
+
if ($this->do_wpconfig_loadbalancer_fix){
|
467 |
+
$this->wpconfig_loadbalancer_fix();
|
468 |
+
}
|
469 |
+
|
470 |
+
if ($this->no_server_variable)
|
471 |
+
$this->wpconfig_server_variable_fix();
|
472 |
+
|
473 |
+
if (!$safe_mode) {
|
474 |
+
$this->editHtaccess();
|
475 |
+
}
|
476 |
+
|
477 |
+
if (!$safe_mode && $this->clicked_activate_ssl()) {
|
478 |
+
$this->wp_redirect = TRUE;
|
479 |
+
$this->save_options();
|
480 |
+
}
|
481 |
+
|
482 |
+
if (!$safe_mode && $this->wpconfig_siteurl_not_fixed)
|
483 |
+
$this->fix_siteurl_defines_in_wpconfig();
|
484 |
+
|
485 |
+
if (!$safe_mode) {
|
486 |
+
$this->set_siteurl_to_ssl();
|
487 |
+
}
|
488 |
+
|
489 |
+
}
|
490 |
+
}
|
491 |
+
|
492 |
+
|
493 |
+
/**
|
494 |
+
* Check to see if we are on the settings page, action hook independent
|
495 |
+
*
|
496 |
+
* @since 2.1
|
497 |
+
*
|
498 |
+
* @access public
|
499 |
+
*
|
500 |
+
*/
|
501 |
+
|
502 |
+
public function is_settings_page() {
|
503 |
+
if (!isset($_SERVER['QUERY_STRING'])) return false;
|
504 |
+
|
505 |
+
parse_str($_SERVER['QUERY_STRING'], $params);
|
506 |
+
if (array_key_exists("page", $params) && ($params["page"]=="rlrsssl_really_simple_ssl")) {
|
507 |
+
return true;
|
508 |
+
}
|
509 |
+
return false;
|
510 |
+
}
|
511 |
+
|
512 |
+
/**
|
513 |
+
* Find the path to wp-config
|
514 |
+
*
|
515 |
+
* @since 2.1
|
516 |
+
*
|
517 |
+
* @access public
|
518 |
+
*
|
519 |
+
*/
|
520 |
+
|
521 |
+
public function find_wp_config_path() {
|
522 |
+
//limit nr of iterations to 20
|
523 |
+
$i=0;
|
524 |
+
$maxiterations = 20;
|
525 |
+
$dir = dirname(__FILE__);
|
526 |
+
do {
|
527 |
+
$i++;
|
528 |
+
if( file_exists($dir."/wp-config.php") ) {
|
529 |
+
return $dir."/wp-config.php";
|
530 |
+
}
|
531 |
+
} while( ($dir = realpath("$dir/..")) && ($i<$maxiterations) );
|
532 |
+
return null;
|
533 |
+
}
|
534 |
+
|
535 |
+
/**
|
536 |
+
* remove https from defined siteurl and homeurl in the wpconfig, if present
|
537 |
+
*
|
538 |
+
* @since 2.1
|
539 |
+
*
|
540 |
+
* @access public
|
541 |
+
*
|
542 |
+
*/
|
543 |
+
|
544 |
+
public function remove_ssl_from_siteurl_in_wpconfig() {
|
545 |
+
if (!current_user_can($this->capability)) return;
|
546 |
+
|
547 |
+
$wpconfig_path = $this->find_wp_config_path();
|
548 |
+
if (!empty($wpconfig_path)) {
|
549 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
550 |
+
|
551 |
+
$homeurl_pos = strpos($wpconfig, "define('WP_HOME','https://");
|
552 |
+
$siteurl_pos = strpos($wpconfig, "define('WP_SITEURL','https://");
|
553 |
+
|
554 |
+
if (($homeurl_pos !== false) || ($siteurl_pos !== false)) {
|
555 |
+
if (is_writable($wpconfig_path)) {
|
556 |
+
$search_array = array("define('WP_HOME','https://","define('WP_SITEURL','https://");
|
557 |
+
$ssl_array = array("define('WP_HOME','http://","define('WP_SITEURL','http://");
|
558 |
+
//now replace these urls
|
559 |
+
$wpconfig = str_replace ($search_array , $ssl_array , $wpconfig);
|
560 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
561 |
+
} else {
|
562 |
+
$this->errors['wpconfig not writable'] = TRUE;
|
563 |
+
}
|
564 |
+
}
|
565 |
+
|
566 |
+
}
|
567 |
+
}
|
568 |
+
|
569 |
+
|
570 |
+
|
571 |
+
/**
|
572 |
+
*
|
573 |
+
* Checks if the wp config contains any defined siteurl and homeurl
|
574 |
+
*
|
575 |
+
*
|
576 |
+
*/
|
577 |
+
|
578 |
+
private function check_for_siteurl_in_wpconfig(){
|
579 |
+
|
580 |
+
$wpconfig_path = $this->find_wp_config_path();
|
581 |
+
|
582 |
+
if (empty($wpconfig_path)) return;
|
583 |
+
|
584 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
585 |
+
$homeurl_pattern = '/(define\(\s*\'WP_HOME\'\s*,\s*\'http\:\/\/)/';
|
586 |
+
$siteurl_pattern = '/(define\(\s*\'WP_SITEURL\'\s*,\s*\'http\:\/\/)/';
|
587 |
+
|
588 |
+
$this->wpconfig_siteurl_not_fixed = FALSE;
|
589 |
+
if (preg_match($homeurl_pattern, $wpconfig) || preg_match($siteurl_pattern, $wpconfig) ) {
|
590 |
+
$this->wpconfig_siteurl_not_fixed = TRUE;
|
591 |
+
$this->trace_log("siteurl or home url defines found in wpconfig");
|
592 |
+
}
|
593 |
+
}
|
594 |
+
|
595 |
+
|
596 |
+
/**
|
597 |
+
* Runs only when siteurl or homeurl define was found in the wpconfig, with the check_for_siteurl_in_wpconfig function
|
598 |
+
* and only when wpconfig is writable.
|
599 |
+
*
|
600 |
+
* @since 2.1
|
601 |
+
*
|
602 |
+
* @access public
|
603 |
+
*
|
604 |
+
*/
|
605 |
+
|
606 |
+
private function fix_siteurl_defines_in_wpconfig() {
|
607 |
+
$wpconfig_path = $this->find_wp_config_path();
|
608 |
+
|
609 |
+
if (empty($wpconfig_path)) return;
|
610 |
+
|
611 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
612 |
+
$homeurl_pattern = '/(define\(\s*\'WP_HOME\'\s*,\s*\'http\:\/\/)/';
|
613 |
+
$siteurl_pattern = '/(define\(\s*\'WP_SITEURL\'\s*,\s*\'http\:\/\/)/';
|
614 |
+
|
615 |
+
if (preg_match($homeurl_pattern, $wpconfig) || preg_match($siteurl_pattern, $wpconfig) ) {
|
616 |
+
if (is_writable($wpconfig_path)) {
|
617 |
+
$this->trace_log("wp config siteurl/homeurl edited.");
|
618 |
+
$wpconfig = preg_replace($homeurl_pattern, "define('WP_HOME','https://", $wpconfig);
|
619 |
+
$wpconfig = preg_replace($siteurl_pattern, "define('WP_SITEURL','https://", $wpconfig);
|
620 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
621 |
+
}
|
622 |
+
else {
|
623 |
+
if ($this->debug) {$this->trace_log("not able to fix wpconfig siteurl/homeurl.");}
|
624 |
+
//only when siteurl or homeurl is defined in wpconfig, and wpconfig is not writable is there a possible issue because we cannot edit the defined urls.
|
625 |
+
$this->wpconfig_siteurl_not_fixed = TRUE;
|
626 |
+
}
|
627 |
+
} else {
|
628 |
+
if ($this->debug) {$this->trace_log("no siteurl/homeurl defines in wpconfig");}
|
629 |
+
}
|
630 |
+
}
|
631 |
+
|
632 |
+
|
633 |
+
/**
|
634 |
+
* Check if the wpconfig is already fixed
|
635 |
+
*
|
636 |
+
* @since 2.2
|
637 |
+
*
|
638 |
+
* @access public
|
639 |
+
*
|
640 |
+
*/
|
641 |
+
|
642 |
+
public function wpconfig_has_fixes() {
|
643 |
+
$wpconfig_path = $this->find_wp_config_path();
|
644 |
+
if (empty($wpconfig_path)) return false;
|
645 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
646 |
+
|
647 |
+
//only one of two fixes possible.
|
648 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Load balancing fix")!==FALSE ) {
|
649 |
+
return true;
|
650 |
+
}
|
651 |
+
|
652 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Server variable fix")!==FALSE ) {
|
653 |
+
return true;
|
654 |
+
}
|
655 |
+
|
656 |
+
return false;
|
657 |
+
}
|
658 |
+
|
659 |
+
|
660 |
+
/**
|
661 |
+
* In case of load balancer without server https on, add fix in wp-config
|
662 |
+
*
|
663 |
+
* @since 2.1
|
664 |
+
*
|
665 |
+
* @access public
|
666 |
+
*
|
667 |
+
*/
|
668 |
+
|
669 |
+
|
670 |
+
public function wpconfig_loadbalancer_fix() {
|
671 |
+
if (!current_user_can($this->capability)) return;
|
672 |
+
|
673 |
+
$wpconfig_path = $this->find_wp_config_path();
|
674 |
+
if (empty($wpconfig_path)) return;
|
675 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
676 |
+
$this->wpconfig_loadbalancer_fix_failed = FALSE;
|
677 |
+
//only if loadbalancer AND NOT SERVER-HTTPS-ON should the following be added. (is_ssl = false)
|
678 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Load balancing fix")===FALSE ) {
|
679 |
+
if (is_writable($wpconfig_path)) {
|
680 |
+
$rule = "\n"."//Begin Really Simple SSL Load balancing fix"."\n";
|
681 |
+
$rule .= '$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https", "HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on", "HTTP_X_FORWARDED_SSL"=>"1");'."\n";
|
682 |
+
$rule .= 'foreach( $server_opts as $option => $value ) {'."\n";
|
683 |
+
$rule .= 'if ( (isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] ) && ( strpos( $_SERVER[ $option ], $value ) !== false )) ) {'."\n";
|
684 |
+
$rule .= '$_SERVER[ "HTTPS" ] = "on";'."\n";
|
685 |
+
$rule .= 'break;'."\n";
|
686 |
+
$rule .= '}'."\n";
|
687 |
+
$rule .= '}'."\n";
|
688 |
+
$rule .= "//END Really Simple SSL"."\n";
|
689 |
+
|
690 |
+
$insert_after = "<?php";
|
691 |
+
$pos = strpos($wpconfig, $insert_after);
|
692 |
+
if ($pos !== false) {
|
693 |
+
$wpconfig = substr_replace($wpconfig,$rule,$pos+1+strlen($insert_after),0);
|
694 |
+
}
|
695 |
+
|
696 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
697 |
+
if ($this->debug) {$this->trace_log("wp config loadbalancer fix inserted");}
|
698 |
+
} else {
|
699 |
+
if ($this->debug) {$this->trace_log("wp config loadbalancer fix FAILED");}
|
700 |
+
$this->wpconfig_loadbalancer_fix_failed = TRUE;
|
701 |
+
}
|
702 |
+
} else {
|
703 |
+
if ($this->debug) {$this->trace_log("wp config loadbalancer fix already in place, great!");}
|
704 |
+
}
|
705 |
+
$this->save_options();
|
706 |
+
|
707 |
+
}
|
708 |
+
|
709 |
+
|
710 |
+
|
711 |
+
/**
|
712 |
+
* Getting Wordpress to recognize setup as being ssl when no https server variable is available
|
713 |
+
*
|
714 |
+
* @since 2.1
|
715 |
+
*
|
716 |
+
* @access public
|
717 |
+
*
|
718 |
+
*/
|
719 |
+
|
720 |
+
public function wpconfig_server_variable_fix() {
|
721 |
+
if (!current_user_can($this->capability)) return;
|
722 |
+
|
723 |
+
$wpconfig_path = $this->find_wp_config_path();
|
724 |
+
if (empty($wpconfig_path)) return;
|
725 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
726 |
+
|
727 |
+
//check permissions
|
728 |
+
if (!is_writable($wpconfig_path)) {
|
729 |
+
if ($this->debug) $this->trace_log("wp-config.php not writable");
|
730 |
+
return;
|
731 |
+
}
|
732 |
+
|
733 |
+
//when more than one blog, first remove what we have
|
734 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->is_multisite_subfolder_install() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && count($this->sites)>1) {
|
735 |
+
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL.*?\/\/END\s?Really\s?Simple\s?SSL/s", "", $wpconfig);
|
736 |
+
$wpconfig = preg_replace("/\n+/","\n", $wpconfig);
|
737 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
738 |
+
}
|
739 |
+
|
740 |
+
//now create new
|
741 |
+
|
742 |
+
//check if the fix is already there
|
743 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Server variable fix")!==FALSE ) {
|
744 |
+
if ($this->debug) {$this->trace_log("wp config server variable fix already in place, great!");}
|
745 |
+
return;
|
746 |
+
}
|
747 |
+
|
748 |
+
if ($this->debug) {$this->trace_log("Adding server variable to wpconfig");}
|
749 |
+
$rule = $this->get_server_variable_fix_code();
|
750 |
+
|
751 |
+
$insert_after = "<?php";
|
752 |
+
$pos = strpos($wpconfig, $insert_after);
|
753 |
+
if ($pos !== false) {
|
754 |
+
$wpconfig = substr_replace($wpconfig,$rule,$pos+1+strlen($insert_after),0);
|
755 |
+
}
|
756 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
757 |
+
if ($this->debug) $this->trace_log("wp config server variable fix inserted");
|
758 |
+
|
759 |
+
$this->save_options();
|
760 |
+
}
|
761 |
+
|
762 |
+
|
763 |
+
protected function get_server_variable_fix_code(){
|
764 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && RSSSL()->rsssl_multisite->is_multisite_subfolder_install()) {
|
765 |
+
if ($this->debug) $this->trace_log("per site activation on subfolder install, wp config server variable fix skipped");
|
766 |
+
return "";
|
767 |
+
}
|
768 |
+
|
769 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && count($this->sites)==0) {
|
770 |
+
if ($this->debug) $this->trace_log("no sites left with ssl, wp config server variable fix skipped");
|
771 |
+
return "";
|
772 |
+
}
|
773 |
+
|
774 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
775 |
+
$rule = "\n"."//Begin Really Simple SSL Server variable fix"."\n";
|
776 |
+
foreach ($this->sites as $domain ) {
|
777 |
+
//remove http or https.
|
778 |
+
if ($this->debug) {$this->trace_log("getting server variable rule for:".$domain);}
|
779 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/","",$domain);
|
780 |
+
|
781 |
+
//we excluded subfolders, so treat as domain
|
782 |
+
//check only for domain without www, as the www variant is found as well with the no www search.
|
783 |
+
$domain_no_www = str_replace ( "www." , "" , $domain);
|
784 |
+
|
785 |
+
$rule .= 'if ( strpos($_SERVER["HTTP_HOST"], "'.$domain_no_www.'")!==FALSE ) {'."\n";
|
786 |
+
$rule .= ' $_SERVER["HTTPS"] = "on";'."\n";
|
787 |
+
$rule .= '}'."\n";
|
788 |
+
}
|
789 |
+
$rule .= "//END Really Simple SSL"."\n";
|
790 |
+
} else {
|
791 |
+
$rule = "\n"."//Begin Really Simple SSL Server variable fix"."\n";
|
792 |
+
$rule .= '$_SERVER["HTTPS"] = "on";'."\n";
|
793 |
+
$rule .= "//END Really Simple SSL"."\n";
|
794 |
+
}
|
795 |
+
|
796 |
+
return $rule;
|
797 |
+
}
|
798 |
+
|
799 |
+
/**
|
800 |
+
* Removing changes made to the wpconfig
|
801 |
+
*
|
802 |
+
* @since 2.1
|
803 |
+
*
|
804 |
+
* @access public
|
805 |
+
*
|
806 |
+
*/
|
807 |
+
|
808 |
+
public function remove_wpconfig_edit() {
|
809 |
+
|
810 |
+
$wpconfig_path = $this->find_wp_config_path();
|
811 |
+
if (empty($wpconfig_path)) return;
|
812 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
813 |
+
|
814 |
+
//check for permissions
|
815 |
+
if (!is_writable($wpconfig_path)) {
|
816 |
+
if ($this->debug) $this->trace_log("could not remove wpconfig edits, wp-config.php not writable");
|
817 |
+
$this->errors['wpconfig not writable'] = TRUE;
|
818 |
+
return;
|
819 |
+
}
|
820 |
+
|
821 |
+
//remove edits
|
822 |
+
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL.*?\/\/END\s?Really\s?Simple\s?SSL/s", "", $wpconfig);
|
823 |
+
$wpconfig = preg_replace("/\n+/","\n", $wpconfig);
|
824 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
825 |
+
|
826 |
+
//in multisite environment, with per site activation, re-add
|
827 |
+
if (is_multisite() && ! RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
828 |
+
if ($this->do_wpconfig_loadbalancer_fix)
|
829 |
+
$this->wpconfig_loadbalancer_fix();
|
830 |
+
|
831 |
+
if ($this->no_server_variable)
|
832 |
+
$this->wpconfig_server_variable_fix();
|
833 |
+
}
|
834 |
+
|
835 |
+
}
|
836 |
+
|
837 |
+
/**
|
838 |
+
* Changes the siteurl and homeurl to https
|
839 |
+
*
|
840 |
+
* @since 2.0
|
841 |
+
*
|
842 |
+
* @access public
|
843 |
+
*
|
844 |
+
*/
|
845 |
+
|
846 |
+
public function set_siteurl_to_ssl() {
|
847 |
+
if (!current_user_can($this->capability)) return;
|
848 |
+
|
849 |
+
$this->trace_log("converting siteurl and homeurl to https");
|
850 |
+
|
851 |
+
$siteurl_ssl = str_replace ( "http://" , "https://" , get_option('siteurl'));
|
852 |
+
$homeurl_ssl = str_replace ( "http://" , "https://" , get_option('home'));
|
853 |
+
update_option('siteurl',$siteurl_ssl);
|
854 |
+
update_option('home',$homeurl_ssl);
|
855 |
+
}
|
856 |
+
|
857 |
+
|
858 |
+
|
859 |
+
/**
|
860 |
+
* On de-activation, siteurl and homeurl are reset to http
|
861 |
+
*
|
862 |
+
* @since 2.0
|
863 |
+
*
|
864 |
+
* @access public
|
865 |
+
*
|
866 |
+
*/
|
867 |
+
|
868 |
+
public function remove_ssl_from_siteurl() {
|
869 |
+
$siteurl_no_ssl = str_replace ( "https://" , "http://" , get_option('siteurl'));
|
870 |
+
$homeurl_no_ssl = str_replace ( "https://" , "http://" , get_option('home'));
|
871 |
+
update_option('siteurl',$siteurl_no_ssl);
|
872 |
+
update_option('home',$homeurl_no_ssl);
|
873 |
+
}
|
874 |
+
|
875 |
+
/**
|
876 |
+
* Save the plugin options
|
877 |
+
*
|
878 |
+
* @since 2.0
|
879 |
+
*
|
880 |
+
* @access public
|
881 |
+
*
|
882 |
+
*/
|
883 |
+
|
884 |
+
public function save_options() {
|
885 |
+
if (!current_user_can($this->capability)) return;
|
886 |
+
|
887 |
+
//any options added here should also be added to function options_validate()
|
888 |
+
$options = array(
|
889 |
+
'site_has_ssl' => $this->site_has_ssl,
|
890 |
+
'hsts' => $this->hsts,
|
891 |
+
'htaccess_warning_shown' => $this->htaccess_warning_shown,
|
892 |
+
'ssl_success_message_shown' => $this->ssl_success_message_shown,
|
893 |
+
'autoreplace_insecure_links' => $this->autoreplace_insecure_links,
|
894 |
+
'plugin_db_version' => $this->plugin_db_version,
|
895 |
+
'debug' => $this->debug,
|
896 |
+
'do_not_edit_htaccess' => $this->do_not_edit_htaccess,
|
897 |
+
'htaccess_redirect' => $this->htaccess_redirect,
|
898 |
+
'ssl_enabled' => $this->ssl_enabled,
|
899 |
+
'javascript_redirect' => $this->javascript_redirect,
|
900 |
+
'wp_redirect' => $this->wp_redirect,
|
901 |
+
'switch_mixed_content_fixer_hook' => $this->switch_mixed_content_fixer_hook,
|
902 |
+
);
|
903 |
+
|
904 |
+
update_option('rlrsssl_options',$options);
|
905 |
+
}
|
906 |
+
|
907 |
+
/**
|
908 |
+
* Load the translation files
|
909 |
+
*
|
910 |
+
* @since 1.0
|
911 |
+
*
|
912 |
+
* @access public
|
913 |
+
*
|
914 |
+
*/
|
915 |
+
|
916 |
+
public function load_translation()
|
917 |
+
{
|
918 |
+
load_plugin_textdomain('really-simple-ssl', FALSE, dirname(plugin_basename(__FILE__)).'/languages/');
|
919 |
+
}
|
920 |
+
|
921 |
+
/**
|
922 |
+
* Handles deactivation of this plugin
|
923 |
+
*
|
924 |
+
* @since 2.0
|
925 |
+
*
|
926 |
+
* @access public
|
927 |
+
*
|
928 |
+
*/
|
929 |
+
|
930 |
+
public function deactivate($networkwide) {
|
931 |
+
$this->remove_ssl_from_siteurl();
|
932 |
+
$this->remove_ssl_from_siteurl_in_wpconfig();
|
933 |
+
|
934 |
+
$this->site_has_ssl = FALSE;
|
935 |
+
$this->hsts = FALSE;
|
936 |
+
$this->htaccess_warning_shown = FALSE;
|
937 |
+
$this->ssl_success_message_shown = FALSE;
|
938 |
+
$this->autoreplace_insecure_links = TRUE;
|
939 |
+
$this->do_not_edit_htaccess = FALSE;
|
940 |
+
$this->htaccess_redirect = FALSE;
|
941 |
+
$this->javascript_redirect = FALSE;
|
942 |
+
$this->wp_redirect = FALSE;
|
943 |
+
$this->ssl_enabled = FALSE;
|
944 |
+
$this->switch_mixed_content_fixer_hook = FALSE;
|
945 |
+
|
946 |
+
$this->save_options();
|
947 |
+
|
948 |
+
//when on multisite, per site activation, recreate domain list for htaccess and wpconfig rewrite actions
|
949 |
+
if (is_multisite()) {
|
950 |
+
RSSSL()->rsssl_multisite->deactivate();
|
951 |
+
if (!RSSSL()->rsssl_multisite->ssl_enabled_networkwide) $this->build_domain_list();
|
952 |
+
}
|
953 |
+
|
954 |
+
$this->remove_wpconfig_edit();
|
955 |
+
$this->removeHtaccessEdit();
|
956 |
+
}
|
957 |
+
|
958 |
+
|
959 |
+
/**
|
960 |
+
* Checks if we are currently on ssl protocol, but extends standard wp with loadbalancer check.
|
961 |
+
*
|
962 |
+
* @since 2.0
|
963 |
+
*
|
964 |
+
* @access public
|
965 |
+
*
|
966 |
+
*/
|
967 |
+
|
968 |
+
public function is_ssl_extended(){
|
969 |
+
$server_var = FALSE;
|
970 |
+
$server_opts = array(
|
971 |
+
'HTTP_X_FORWARDED_PROTO'=>'https',
|
972 |
+
'HTTP_CLOUDFRONT_FORWARDED_PROTO' => 'https',
|
973 |
+
'HTTP_CF_VISITOR'=>'https',
|
974 |
+
'HTTP_X_FORWARDED_SSL'=>'on',
|
975 |
+
'HTTP_X_FORWARDED_SSL'=>'1'
|
976 |
+
);
|
977 |
+
|
978 |
+
foreach( $server_opts as $option => $value ) {
|
979 |
+
if ( (isset($_ENV['HTTPS']) && ( 'on' == $_ENV['HTTPS'] ))
|
980 |
+
|| (isset( $_SERVER[ $option ] ) && ( strpos( $_SERVER[ $option ], $value ) !== false ) )) {
|
981 |
+
$server_var = TRUE;
|
982 |
+
break;
|
983 |
+
}
|
984 |
+
}
|
985 |
+
|
986 |
+
if (is_ssl() || $server_var){
|
987 |
+
return true;
|
988 |
+
} else {
|
989 |
+
return false;
|
990 |
+
}
|
991 |
+
}
|
992 |
+
|
993 |
+
/**
|
994 |
+
* Checks for SSL by opening a test page in the plugin directory
|
995 |
+
*
|
996 |
+
* @since 2.0
|
997 |
+
*
|
998 |
+
* @access public
|
999 |
+
*
|
1000 |
+
*/
|
1001 |
+
|
1002 |
+
public function detect_configuration() {
|
1003 |
+
$this->trace_log("** Detecting configuration **");
|
1004 |
+
$this->trace_log("plugin version: ".rsssl_version);
|
1005 |
+
$old_ssl_setting = $this->site_has_ssl;
|
1006 |
+
$filecontents = "";
|
1007 |
+
//if current page is on ssl, we can assume ssl is available, even when an errormsg was returned
|
1008 |
+
if($this->is_ssl_extended()){
|
1009 |
+
$this->trace_log("Already on SSL, start detecting configuration");
|
1010 |
+
$this->site_has_ssl = TRUE;
|
1011 |
+
} else {
|
1012 |
+
//we're not on SSL, or no server vars were returned, so test with the test-page.
|
1013 |
+
//plugin url: domain.com/wp-content/etc
|
1014 |
+
$testpage_url = trailingslashit($this->test_url())."ssl-test-page.php";
|
1015 |
+
$this->trace_log("Opening testpage to check for ssl: ".$testpage_url);
|
1016 |
+
|
1017 |
+
$response = wp_remote_get( $testpage_url );
|
1018 |
+
|
1019 |
+
if( is_array($response) ) {
|
1020 |
+
$status = wp_remote_retrieve_response_code( $response );
|
1021 |
+
$filecontents = wp_remote_retrieve_body($response);
|
1022 |
+
}
|
1023 |
+
|
1024 |
+
$this->trace_log("test page url, enter in browser to check manually: ".$testpage_url);
|
1025 |
+
|
1026 |
+
if(!is_wp_error( $response ) && (strpos($filecontents, "#SSL TEST PAGE#") !== false)) {
|
1027 |
+
$this->site_has_ssl = TRUE;
|
1028 |
+
$this->trace_log("SSL test page loaded successfully");
|
1029 |
+
} else {
|
1030 |
+
$this->site_has_ssl = FALSE;
|
1031 |
+
$error = "";
|
1032 |
+
if (is_wp_error( $response ) ) $error = $response->get_error_message();
|
1033 |
+
$this->trace_log("No ssl detected. No certificate, or the testpage is blocked by security settings. The ssl testpage returned the error: ".$error);
|
1034 |
+
}
|
1035 |
+
}
|
1036 |
+
|
1037 |
+
if ($this->site_has_ssl) {
|
1038 |
+
//check the type of ssl, either by parsing the returned string, or by reading the server vars.
|
1039 |
+
if ((strpos($filecontents, "#CLOUDFRONT#") !== false) || (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && ($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] == 'https'))) {
|
1040 |
+
$this->ssl_type = "CLOUDFRONT";
|
1041 |
+
} elseif ((strpos($filecontents, "#CLOUDFLARE#") !== false) || (isset($_SERVER['HTTP_CF_VISITOR']) && ($_SERVER['HTTP_CF_VISITOR'] == 'https'))) {
|
1042 |
+
$this->ssl_type = "CLOUDFLARE";
|
1043 |
+
} elseif ((strpos($filecontents, "#LOADBALANCER#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))) {
|
1044 |
+
$this->ssl_type = "LOADBALANCER";
|
1045 |
+
} elseif ((strpos($filecontents, "#CDN#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == 'on' || $_SERVER['HTTP_X_FORWARDED_SSL'] == '1'))) {
|
1046 |
+
$this->ssl_type = "CDN";
|
1047 |
+
} elseif ((strpos($filecontents, "#SERVER-HTTPS-ON#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on')) {
|
1048 |
+
$this->ssl_type = "SERVER-HTTPS-ON";
|
1049 |
+
} elseif ((strpos($filecontents, "#SERVER-HTTPS-1#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == '1')) {
|
1050 |
+
$this->ssl_type = "SERVER-HTTPS-1";
|
1051 |
+
} elseif ((strpos($filecontents, "#SERVERPORT443#") !== false) || (isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ))) {
|
1052 |
+
$this->ssl_type = "SERVERPORT443";
|
1053 |
+
} elseif ((strpos($filecontents, "#ENVHTTPS#") !== false) || (isset($_ENV['HTTPS']) && ( 'on' == $_ENV['HTTPS'] ))) {
|
1054 |
+
$this->ssl_type = "ENVHTTPS";
|
1055 |
+
} elseif ((strpos($filecontents, "#NO KNOWN SSL CONFIGURATION DETECTED#") !== false)) {
|
1056 |
+
//if we are here, SSL was detected, but without any known server variables set.
|
1057 |
+
//So we can use this info to set a server variable ourselfes.
|
1058 |
+
if (!$this->wpconfig_has_fixes()) {
|
1059 |
+
$this->no_server_variable = TRUE;
|
1060 |
+
}
|
1061 |
+
$this->trace_log("No server variable detected ");
|
1062 |
+
$this->ssl_type = "NA";
|
1063 |
+
} else {
|
1064 |
+
//no valid response, so set to NA
|
1065 |
+
$this->ssl_type = "NA";
|
1066 |
+
}
|
1067 |
+
|
1068 |
+
//check for is_ssl()
|
1069 |
+
if ( (!$this->is_ssl_extended() &&
|
1070 |
+
(strpos($filecontents, "#SERVER-HTTPS-ON#") === false) &&
|
1071 |
+
(strpos($filecontents, "#SERVER-HTTPS-1#") === false) &&
|
1072 |
+
(strpos($filecontents, "#SERVERPORT443#") === false)) || (!is_ssl() && $this->is_ssl_extended())) {
|
1073 |
+
//when is_ssl would return false, we should add some code to wp-config.php
|
1074 |
+
if (!$this->wpconfig_has_fixes()) {
|
1075 |
+
$this->trace_log("is_ssl() will return false: wp-config fix needed");
|
1076 |
+
$this->do_wpconfig_loadbalancer_fix = TRUE;
|
1077 |
+
}
|
1078 |
+
}
|
1079 |
+
|
1080 |
+
$this->trace_log("ssl type: ".$this->ssl_type);
|
1081 |
+
}
|
1082 |
+
$this->check_for_siteurl_in_wpconfig();
|
1083 |
+
|
1084 |
+
$this->save_options();
|
1085 |
+
}
|
1086 |
+
|
1087 |
+
|
1088 |
+
/**
|
1089 |
+
* Test if the htaccess redirect will work
|
1090 |
+
* This way, no redirect loops should occur.
|
1091 |
+
*
|
1092 |
+
* @since 2.1
|
1093 |
+
*
|
1094 |
+
* @access public
|
1095 |
+
*
|
1096 |
+
*/
|
1097 |
+
|
1098 |
+
public function test_htaccess_redirect() {
|
1099 |
+
if (!current_user_can($this->capability)) return;
|
1100 |
+
if ($this->debug) {$this->trace_log("testing htaccess rules...");}
|
1101 |
+
$filecontents = "";
|
1102 |
+
$testpage_url = trailingslashit($this->test_url())."testssl/";
|
1103 |
+
switch ($this->ssl_type) {
|
1104 |
+
case "CLOUDFRONT":
|
1105 |
+
$testpage_url .= "cloudfront";
|
1106 |
+
break;
|
1107 |
+
case "CLOUDFLARE":
|
1108 |
+
$testpage_url .= "cloudflare";
|
1109 |
+
break;
|
1110 |
+
case "LOADBALANCER":
|
1111 |
+
$testpage_url .= "loadbalancer";
|
1112 |
+
break;
|
1113 |
+
case "CDN":
|
1114 |
+
$testpage_url .= "cdn";
|
1115 |
+
break;
|
1116 |
+
case "SERVER-HTTPS-ON":
|
1117 |
+
$testpage_url .= "serverhttpson";
|
1118 |
+
break;
|
1119 |
+
case "SERVER-HTTPS-1":
|
1120 |
+
$testpage_url .= "serverhttps1";
|
1121 |
+
break;
|
1122 |
+
case "SERVERPORT443":
|
1123 |
+
$testpage_url .= "serverport443";
|
1124 |
+
break;
|
1125 |
+
case "ENVHTTPS":
|
1126 |
+
$testpage_url .= "envhttps";
|
1127 |
+
break;
|
1128 |
+
}
|
1129 |
+
|
1130 |
+
$testpage_url .= ("/ssl-test-page.html");
|
1131 |
+
|
1132 |
+
$response = wp_remote_get( $testpage_url );
|
1133 |
+
if( is_array($response) ) {
|
1134 |
+
$status = wp_remote_retrieve_response_code( $response );
|
1135 |
+
$filecontents = wp_remote_retrieve_body($response);
|
1136 |
+
}
|
1137 |
+
|
1138 |
+
$this->trace_log("test page url, enter in browser to check manually: ".$testpage_url);
|
1139 |
+
|
1140 |
+
if (!is_wp_error( $response ) && (strpos($filecontents, "#SSL TEST PAGE#") !== false)) {
|
1141 |
+
$this->htaccess_test_success = TRUE;
|
1142 |
+
$this->trace_log("htaccess rules tested successfully.");
|
1143 |
+
} else {
|
1144 |
+
//.htaccess rewrite rule seems to be giving problems.
|
1145 |
+
$this->htaccess_test_success = FALSE;
|
1146 |
+
if (is_wp_error( $response )) {
|
1147 |
+
$this->trace_log("htaccess rules test failed with error: ".$response->get_error_message());
|
1148 |
+
} else {
|
1149 |
+
$this->trace_log("htaccess test rules failed. Set WordPress redirect in settings/ssl");
|
1150 |
+
}
|
1151 |
+
}
|
1152 |
+
}
|
1153 |
+
|
1154 |
+
|
1155 |
+
/**
|
1156 |
+
* Get an url with which we can test the SSL connection and htaccess redirect rules.
|
1157 |
+
*
|
1158 |
+
* @since 2.0
|
1159 |
+
*
|
1160 |
+
* @access public
|
1161 |
+
*
|
1162 |
+
*/
|
1163 |
+
|
1164 |
+
public function test_url(){
|
1165 |
+
$plugin_url = str_replace("http://", "https://", trailingslashit(rsssl_url) );;
|
1166 |
+
$https_home_url = str_replace("http://", "https://", home_url());
|
1167 |
+
|
1168 |
+
//in some case we get a relative url here, so we check that.
|
1169 |
+
//we compare to urls replaced to https, in case one of them is still on http.
|
1170 |
+
if ( (strpos($plugin_url, "https://")===FALSE ) &&
|
1171 |
+
(strpos($plugin_url, $https_home_url)===FALSE)
|
1172 |
+
) {
|
1173 |
+
//make sure we do not have a slash at the start
|
1174 |
+
$plugin_url = ltrim($plugin_url,"/");
|
1175 |
+
$plugin_url = trailingslashit(home_url()).$plugin_url;
|
1176 |
+
}
|
1177 |
+
|
1178 |
+
//for subdomains or domain mapping situations, we have to convert the plugin_url from main site to the subdomain url.
|
1179 |
+
if (is_multisite() && ( !is_main_site(get_current_blog_id()) ) && (! RSSSL()->rsssl_multisite->is_multisite_subfolder_install()) ) {
|
1180 |
+
$mainsiteurl = trailingslashit(str_replace("http://","https://",network_site_url()));
|
1181 |
+
|
1182 |
+
$home = trailingslashit($https_home_url);
|
1183 |
+
$plugin_url = str_replace($mainsiteurl, $home, $plugin_url);
|
1184 |
+
|
1185 |
+
//return http link if original url is http.
|
1186 |
+
//if (strpos(home_url(), "https://")===FALSE) $plugin_url = str_replace("https://","http://",$plugin_url);
|
1187 |
+
}
|
1188 |
+
|
1189 |
+
return $plugin_url;
|
1190 |
+
}
|
1191 |
+
|
1192 |
+
|
1193 |
+
/**
|
1194 |
+
* removes the added redirect to https rules to the .htaccess file.
|
1195 |
+
*
|
1196 |
+
* @since 2.0
|
1197 |
+
*
|
1198 |
+
* @access public
|
1199 |
+
*
|
1200 |
+
*/
|
1201 |
+
|
1202 |
+
public function removeHtaccessEdit() {
|
1203 |
+
if(file_exists($this->ABSpath.".htaccess") && is_writable($this->ABSpath.".htaccess")){
|
1204 |
+
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1205 |
+
|
1206 |
+
|
1207 |
+
//if multisite, per site activation and more than one blog remaining on ssl, remove condition for this site only
|
1208 |
+
//the domain list has been rebuilt already, so current site is already removed.
|
1209 |
+
if (is_multisite() && ! RSSSL()->rsssl_multisite->ssl_enabled_networkwide && count($this->sites)>0) {
|
1210 |
+
//remove http or https.
|
1211 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/","",home_url());
|
1212 |
+
$pattern = "/#wpmu\srewritecond\s?".preg_quote($domain, "/")."\n.*?#end\swpmu\srewritecond\s?".preg_quote($domain, "/")."\n/s";
|
1213 |
+
|
1214 |
+
//only remove if the pattern is there at all
|
1215 |
+
if (preg_match($pattern, $htaccess)) $htaccess = preg_replace($pattern, "", $htaccess);
|
1216 |
+
//now replace any remaining "or" on the last condition.
|
1217 |
+
$pattern = "/(\[OR\])(?!.*(\[OR\]|#start).*?RewriteRule)/s";
|
1218 |
+
$htaccess = preg_replace($pattern, "", $htaccess,1);
|
1219 |
+
|
1220 |
+
} else {
|
1221 |
+
// remove everything
|
1222 |
+
$pattern = "/#\s?BEGIN\s?rlrssslReallySimpleSSL.*?#\s?END\s?rlrssslReallySimpleSSL/s";
|
1223 |
+
//only remove if the pattern is there at all
|
1224 |
+
if (preg_match($pattern, $htaccess)) $htaccess = preg_replace($pattern, "", $htaccess);
|
1225 |
+
|
1226 |
+
}
|
1227 |
+
|
1228 |
+
$htaccess = preg_replace("/\n+/","\n", $htaccess);
|
1229 |
+
file_put_contents($this->ABSpath.".htaccess", $htaccess);
|
1230 |
+
$this->save_options();
|
1231 |
+
} else {
|
1232 |
+
$this->errors['HTACCESS_NOT_WRITABLE'] = TRUE;
|
1233 |
+
if ($this->debug) $this->trace_log("could not remove rules from htaccess, file not writable");
|
1234 |
+
}
|
1235 |
+
}
|
1236 |
+
|
1237 |
+
public function get_htaccess_version() {
|
1238 |
+
if (!file_exists($this->ABSpath.".htaccess")) return false;
|
1239 |
+
|
1240 |
+
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1241 |
+
$versionpos = strpos($htaccess, "rsssl_version");
|
1242 |
+
|
1243 |
+
if ($versionpos===false) {
|
1244 |
+
//no version found, so not .htaccess rules.
|
1245 |
+
return false;
|
1246 |
+
} else {
|
1247 |
+
//find closing marker of version
|
1248 |
+
$close = strpos($htaccess, "]", $versionpos);
|
1249 |
+
$version = substr($htaccess, $versionpos+14, $close-($versionpos+14));
|
1250 |
+
return $version;
|
1251 |
+
}
|
1252 |
+
}
|
1253 |
+
|
1254 |
+
|
1255 |
+
/* deprecated */
|
1256 |
+
|
1257 |
+
function htaccess_redirect_allowed(){
|
1258 |
+
if (is_multisite() && RSSSL()->rsssl_multisite->is_per_site_activated_multisite_subfolder_install()) {
|
1259 |
+
return false;
|
1260 |
+
} else {
|
1261 |
+
return true;
|
1262 |
+
}
|
1263 |
+
}
|
1264 |
+
|
1265 |
+
|
1266 |
+
/*
|
1267 |
+
Checks if the htaccess contains redirect rules, either actual redirect or a rsssl marker.
|
1268 |
+
*/
|
1269 |
+
|
1270 |
+
public function htaccess_contains_redirect_rules() {
|
1271 |
+
|
1272 |
+
if (!file_exists($this->ABSpath.".htaccess")) {
|
1273 |
+
return false;
|
1274 |
+
}
|
1275 |
+
|
1276 |
+
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1277 |
+
|
1278 |
+
$needle = "RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]";
|
1279 |
+
if(strpos($htaccess, $needle) !== FALSE || $this->contains_rsssl_rules()){
|
1280 |
+
return true;
|
1281 |
+
} else {
|
1282 |
+
$this->trace_log(".htaccess does not contain default Really Simple SSL redirect");
|
1283 |
+
return false;
|
1284 |
+
}
|
1285 |
+
|
1286 |
+
}
|
1287 |
+
|
1288 |
+
|
1289 |
+
/*
|
1290 |
+
* Checks if the htaccess contains the really simple ssl comment.
|
1291 |
+
*
|
1292 |
+
*/
|
1293 |
+
|
1294 |
+
public function contains_rsssl_rules() {
|
1295 |
+
if (!file_exists($this->ABSpath.".htaccess")) {
|
1296 |
+
return false;
|
1297 |
+
}
|
1298 |
+
|
1299 |
+
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1300 |
+
|
1301 |
+
$check=null;
|
1302 |
+
preg_match("/BEGIN rlrssslReallySimpleSSL/", $htaccess, $check);
|
1303 |
+
if(count($check) === 0){
|
1304 |
+
return false;
|
1305 |
+
} else {
|
1306 |
+
return true;
|
1307 |
+
}
|
1308 |
+
}
|
1309 |
+
|
1310 |
+
/*
|
1311 |
+
* Checks if a 301 redirect is set
|
1312 |
+
* this is the case if either the wp_redirect is set, or the htaccess redirect is set.
|
1313 |
+
*
|
1314 |
+
*/
|
1315 |
+
|
1316 |
+
public function has_301_redirect() {
|
1317 |
+
if ($this->wp_redirect) return true;
|
1318 |
+
|
1319 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->htaccess_contains_redirect_rules() ) {
|
1320 |
+
return true;
|
1321 |
+
}
|
1322 |
+
|
1323 |
+
return false;
|
1324 |
+
}
|
1325 |
+
|
1326 |
+
/**
|
1327 |
+
* Checks if the hsts rule is already in the htaccess file
|
1328 |
+
* Set the hsts variable in the db accordingly. applies to preload version as well.
|
1329 |
+
*
|
1330 |
+
* @since 2.1
|
1331 |
+
*
|
1332 |
+
* @access public
|
1333 |
+
*
|
1334 |
+
*/
|
1335 |
+
|
1336 |
+
public function contains_hsts() {
|
1337 |
+
if (!file_exists($this->ABSpath.".htaccess")) {
|
1338 |
+
$this->trace_log(".htaccess not found in ".$this->ABSpath);
|
1339 |
+
$result = $this->hsts; //just return the setting.
|
1340 |
+
} else {
|
1341 |
+
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1342 |
+
|
1343 |
+
preg_match("/Strict-Transport-Security/", $htaccess, $check);
|
1344 |
+
if(count($check) === 0){
|
1345 |
+
$result = false;
|
1346 |
+
} else {
|
1347 |
+
$result = true;
|
1348 |
+
}
|
1349 |
+
}
|
1350 |
+
|
1351 |
+
return $result;
|
1352 |
+
}
|
1353 |
+
|
1354 |
+
|
1355 |
+
/**
|
1356 |
+
* Adds redirect to https rules to the .htaccess file.
|
1357 |
+
*
|
1358 |
+
* @since 2.0
|
1359 |
+
*
|
1360 |
+
* @access public
|
1361 |
+
*
|
1362 |
+
*/
|
1363 |
+
|
1364 |
+
public function editHtaccess(){
|
1365 |
+
if (!current_user_can($this->capability)) return;
|
1366 |
+
|
1367 |
+
//check if htacces exists and if htaccess is writable
|
1368 |
+
//update htaccess to redirect to ssl
|
1369 |
+
|
1370 |
+
$this->trace_log("checking if .htaccess can or should be edited...");
|
1371 |
+
|
1372 |
+
//does it exist?
|
1373 |
+
if (!file_exists($this->ABSpath.".htaccess")) {
|
1374 |
+
$this->trace_log(".htaccess not found.");
|
1375 |
+
return;
|
1376 |
+
}
|
1377 |
+
|
1378 |
+
//check if editing is blocked.
|
1379 |
+
if ($this->do_not_edit_htaccess) {
|
1380 |
+
$this->trace_log("Edit of .htaccess blocked by setting or define 'do not edit htaccess' in really simple ssl.");
|
1381 |
+
return;
|
1382 |
+
}
|
1383 |
+
|
1384 |
+
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1385 |
+
if(!$this->htaccess_contains_redirect_rules()){
|
1386 |
+
|
1387 |
+
if (!is_writable($this->ABSpath.".htaccess")) {
|
1388 |
+
//set the wp redirect as fallback, because .htaccess couldn't be edited.
|
1389 |
+
if ($this->clicked_activate_ssl()) $this->wp_redirect = true;
|
1390 |
+
if (is_multisite()) {
|
1391 |
+
RSSSL()->rsssl_multisite->wp_redirect = true;
|
1392 |
+
RSSSL()->rsssl_multisite->save_options();
|
1393 |
+
}
|
1394 |
+
$this->save_options();
|
1395 |
+
$this->trace_log(".htaccess not writable.");
|
1396 |
+
return;
|
1397 |
+
}
|
1398 |
+
|
1399 |
+
$rules = $this->get_redirect_rules();
|
1400 |
+
|
1401 |
+
//insert rules before wordpress part.
|
1402 |
+
if (strlen($rules)>0) {
|
1403 |
+
$wptag = "# BEGIN WordPress";
|
1404 |
+
if (strpos($htaccess, $wptag)!==false) {
|
1405 |
+
$htaccess = str_replace($wptag, $rules.$wptag, $htaccess);
|
1406 |
+
} else {
|
1407 |
+
$htaccess = $htaccess.$rules;
|
1408 |
+
}
|
1409 |
+
|
1410 |
+
file_put_contents($this->ABSpath.".htaccess", $htaccess);
|
1411 |
+
}
|
1412 |
+
|
1413 |
+
} elseif ($this->is_settings_page() || is_network_admin()) {
|
1414 |
+
|
1415 |
+
if ($this->debug) {$this->trace_log("settings page, or network admin, updating htaccess...");}
|
1416 |
+
|
1417 |
+
if (!is_writable($this->ABSpath.".htaccess")) {
|
1418 |
+
if($this->debug) $this->trace_log(".htaccess not writable.");
|
1419 |
+
return;
|
1420 |
+
}
|
1421 |
+
|
1422 |
+
$htaccess = preg_replace("/#\s?BEGIN\s?rlrssslReallySimpleSSL.*?#\s?END\s?rlrssslReallySimpleSSL/s", "", $htaccess);
|
1423 |
+
$htaccess = preg_replace("/\n+/","\n", $htaccess);
|
1424 |
+
|
1425 |
+
$rules = $this->get_redirect_rules();
|
1426 |
+
|
1427 |
+
//insert rules before wordpress part.
|
1428 |
+
$wptag = "# BEGIN WordPress";
|
1429 |
+
if (strpos($htaccess, $wptag)!==false) {
|
1430 |
+
$htaccess = str_replace($wptag, $rules.$wptag, $htaccess);
|
1431 |
+
} else {
|
1432 |
+
$htaccess = $htaccess.$rules;
|
1433 |
+
}
|
1434 |
+
file_put_contents($this->ABSpath.".htaccess", $htaccess);
|
1435 |
+
|
1436 |
+
}
|
1437 |
+
}
|
1438 |
+
|
1439 |
+
/**
|
1440 |
+
*
|
1441 |
+
* @since 2.2
|
1442 |
+
* Check if the mixed content fixer is functioning on the front end, by scanning the source of the homepage for the fixer comment.
|
1443 |
+
*
|
1444 |
+
*/
|
1445 |
+
|
1446 |
+
public function mixed_content_fixer_detected(){
|
1447 |
+
|
1448 |
+
$status = 0;
|
1449 |
+
$web_source = "";
|
1450 |
+
//check if the mixed content fixer is active
|
1451 |
+
$response = wp_remote_get( home_url() );
|
1452 |
+
|
1453 |
+
if( is_array($response) ) {
|
1454 |
+
$status = wp_remote_retrieve_response_code( $response );
|
1455 |
+
$web_source = wp_remote_retrieve_body($response);
|
1456 |
+
}
|
1457 |
+
|
1458 |
+
if ($status!=200 || (strpos($web_source, "data-rsssl=") === false)) {
|
1459 |
+
$this->trace_log("Check for Mixed Content detection failed, http statuscode ".$status);
|
1460 |
+
return false;
|
1461 |
+
} else {
|
1462 |
+
$this->trace_log("Mixed content fixer was successfully detected on the front end.");
|
1463 |
+
return true;
|
1464 |
+
}
|
1465 |
+
}
|
1466 |
+
|
1467 |
+
/**
|
1468 |
+
* Create redirect rules for the .htaccess.
|
1469 |
+
*
|
1470 |
+
* @since 2.1
|
1471 |
+
*
|
1472 |
+
* @access public
|
1473 |
+
*
|
1474 |
+
*/
|
1475 |
+
|
1476 |
+
public function get_redirect_rules($manual=false) {
|
1477 |
+
if (!current_user_can($this->capability)) return;
|
1478 |
+
$this->trace_log("retrieving redirect rules");
|
1479 |
+
//only add the redirect rules when a known type of ssl was detected. Otherwise, we use https.
|
1480 |
+
$rule = "";
|
1481 |
+
|
1482 |
+
//if the htaccess test was successfull, and we know the redirectype, edit
|
1483 |
+
if ($this->htaccess_redirect && ($manual || $this->htaccess_test_success) && $this->ssl_type!="NA") {
|
1484 |
+
$this->trace_log("starting insertion of .htaccess redirects.");
|
1485 |
+
$rule .= "<IfModule mod_rewrite.c>"."\n";
|
1486 |
+
$rule .= "RewriteEngine on"."\n";
|
1487 |
+
|
1488 |
+
// Fetch last array key
|
1489 |
+
//$types = array_keys($this->ssl_type);
|
1490 |
+
|
1491 |
+
//$last_type = array_pop($types);
|
1492 |
+
// reset($this->ssl_type);
|
1493 |
+
// $type = key($this->ssl_type);
|
1494 |
+
//select rewrite condition based on detected type of ssl
|
1495 |
+
//foreach($this->ssl_type as $type => $value) {
|
1496 |
+
$or = "";
|
1497 |
+
//if ($last_type != $type) $or = " [OR] ";
|
1498 |
+
if ($this->ssl_type == "SERVER-HTTPS-ON") {
|
1499 |
+
$rule .= "RewriteCond %{HTTPS} !=on [NC]"."\n";
|
1500 |
+
} elseif ($this->ssl_type == "SERVER-HTTPS-1") {
|
1501 |
+
$rule .= "RewriteCond %{HTTPS} !=1"."\n";
|
1502 |
+
} elseif ($this->ssl_type == "LOADBALANCER") {
|
1503 |
+
$rule .="RewriteCond %{HTTP:X-Forwarded-Proto} !https"."\n";
|
1504 |
+
} elseif ($this->ssl_type == "CLOUDFLARE") {
|
1505 |
+
$rule .= "RewriteCond %{HTTP:CF-Visitor} '".'"scheme":"http"'."'"."\n";//some concatenation to get the quotes right.
|
1506 |
+
} elseif ($this->ssl_type == "SERVERPORT443") {
|
1507 |
+
$rule .= "RewriteCond %{SERVER_PORT} !443"."\n";
|
1508 |
+
} elseif ($this->ssl_type == "CLOUDFRONT") {
|
1509 |
+
$rule .="RewriteCond %{HTTP:CloudFront-Forwarded-Proto} !https"."\n";
|
1510 |
+
} elseif ($this->ssl_type == "CDN") {
|
1511 |
+
$rule .= "RewriteCond %{HTTP:X-Forwarded-SSL} !on"."\n";
|
1512 |
+
} elseif ($type == "ENVHTTPS") {
|
1513 |
+
$rule .= "RewriteCond %{ENV:HTTPS} !=on"."\n";
|
1514 |
+
}
|
1515 |
+
//}
|
1516 |
+
|
1517 |
+
//if multisite, and NOT subfolder install (checked for in the detec_config function)
|
1518 |
+
//, add a condition so it only applies to sites where plugin is activated
|
1519 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
1520 |
+
$this->trace_log("multisite, per site activation");
|
1521 |
+
|
1522 |
+
foreach ($this->sites as $domain ) {
|
1523 |
+
$this->trace_log("adding condition for:".$domain);
|
1524 |
+
|
1525 |
+
//remove http or https.
|
1526 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/","",$domain);
|
1527 |
+
//We excluded subfolders, so treat as domain
|
1528 |
+
|
1529 |
+
$domain_no_www = str_replace ( "www." , "" , $domain);
|
1530 |
+
$domain_yes_www = "www.".$domain_no_www;
|
1531 |
+
|
1532 |
+
$rule .= "#wpmu rewritecond ".$domain."\n";
|
1533 |
+
$rule .= "RewriteCond %{HTTP_HOST} ^".preg_quote($domain_no_www, "/")." [OR]"."\n";
|
1534 |
+
$rule .= "RewriteCond %{HTTP_HOST} ^".preg_quote($domain_yes_www, "/")." [OR]"."\n";
|
1535 |
+
$rule .= "#end wpmu rewritecond ".$domain."\n";
|
1536 |
+
}
|
1537 |
+
|
1538 |
+
//now remove last [OR] if at least on one site the plugin was activated, so we have at lease one condition
|
1539 |
+
if (count($this->sites)>0) {
|
1540 |
+
$rule = strrev(implode("", explode(strrev("[OR]"), strrev($rule), 2)));
|
1541 |
+
}
|
1542 |
+
} else {
|
1543 |
+
if ($this->debug) {$this->trace_log("single site or networkwide activation");}
|
1544 |
+
}
|
1545 |
+
|
1546 |
+
//fastest cache compatibility
|
1547 |
+
if(class_exists('WpFastestCache') ) {
|
1548 |
+
$rule .= "RewriteCond %{REQUEST_URI} !wp-content\/cache\/(all|wpfc-mobile-cache)"."\n";
|
1549 |
+
}
|
1550 |
+
|
1551 |
+
$rule .= "RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]"."\n";
|
1552 |
+
|
1553 |
+
$rule .= "</IfModule>"."\n";
|
1554 |
+
}
|
1555 |
+
|
1556 |
+
if (strlen($rule)>0) {
|
1557 |
+
$rule = "\n"."# BEGIN rlrssslReallySimpleSSL rsssl_version[".rsssl_version."]\n".$rule."# END rlrssslReallySimpleSSL"."\n";
|
1558 |
+
}
|
1559 |
+
|
1560 |
+
$rule = apply_filters("rsssl_htaccess_output", $rule);
|
1561 |
+
|
1562 |
+
$rule = preg_replace("/\n+/","\n", $rule);
|
1563 |
+
return $rule;
|
1564 |
+
}
|
1565 |
+
|
1566 |
+
|
1567 |
+
|
1568 |
+
/**
|
1569 |
+
* Show warning when wpconfig could not be fixed
|
1570 |
+
*
|
1571 |
+
* @since 2.2
|
1572 |
+
*
|
1573 |
+
*/
|
1574 |
+
|
1575 |
+
public function show_notice_wpconfig_needs_fixes(){ ?>
|
1576 |
+
<div id="message" class="error fade notice">
|
1577 |
+
<h1><?php echo __("System detection encountered issues","really-simple-ssl");?></h1>
|
1578 |
+
|
1579 |
+
<?php if ($this->wpconfig_siteurl_not_fixed) { ?>
|
1580 |
+
<p>
|
1581 |
+
<?php echo __("A definition of a siteurl or homeurl was detected in your wp-config.php, but the file is not writable.","really-simple-ssl");?>
|
1582 |
+
</p>
|
1583 |
+
<p><?php echo __("Set your wp-config.php to writable and reload this page.", "really-simple-ssl");?></p>
|
1584 |
+
<?php }
|
1585 |
+
if ($this->do_wpconfig_loadbalancer_fix) { ?>
|
1586 |
+
<p><?php echo __("Your wp-config.php has to be edited, but is not writable.","really-simple-ssl");?></p>
|
1587 |
+
<p><?php echo __("Because your site is behind a loadbalancer and is_ssl() returns false, you should add the following line of code to your wp-config.php.","really-simple-ssl");?>
|
1588 |
+
|
1589 |
+
<br><br><code>
|
1590 |
+
//Begin Really Simple SSL Load balancing fix<br>
|
1591 |
+
$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https", "HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on", "HTTP_X_FORWARDED_SSL"=>"1");<br>
|
1592 |
+
foreach( $server_opts as $option => $value ) {<br>
|
1593 |
+
if ((isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] ) && ( strpos( $_SERVER[ $option ], $value ) !== false )) ) {<br>
|
1594 |
+
$_SERVER[ "HTTPS" ] = "on";<br>
|
1595 |
+
break;<br>
|
1596 |
+
}<br>
|
1597 |
+
}<br>
|
1598 |
+
//END Really Simple SSL
|
1599 |
+
</code><br>
|
1600 |
+
</p>
|
1601 |
+
<p><?php echo __("Or set your wp-config.php to writable and reload this page.", "really-simple-ssl");?></p>
|
1602 |
+
<?php
|
1603 |
+
}
|
1604 |
+
|
1605 |
+
if ( $this->no_server_variable ) {
|
1606 |
+
?>
|
1607 |
+
<p><?php echo __('Because your server does not pass a variable with which Wordpress can detect SSL, Wordpress may create redirect loops on SSL.','really-simple-ssl');?></p>
|
1608 |
+
<p><?php echo __("Set your wp-config.php to writable and reload this page.", "really-simple-ssl");?></p>
|
1609 |
+
<?php
|
1610 |
+
}
|
1611 |
+
?>
|
1612 |
+
|
1613 |
+
</div>
|
1614 |
+
<?php
|
1615 |
+
}
|
1616 |
+
|
1617 |
+
|
1618 |
+
/**
|
1619 |
+
* Show notices
|
1620 |
+
*
|
1621 |
+
* @since 2.0
|
1622 |
+
*
|
1623 |
+
* @access public
|
1624 |
+
*
|
1625 |
+
*/
|
1626 |
+
|
1627 |
+
public function show_notices()
|
1628 |
+
{
|
1629 |
+
/*
|
1630 |
+
show a notice when the .htaccess file does not contain redirect rules
|
1631 |
+
*/
|
1632 |
+
|
1633 |
+
if (!$this->wp_redirect && $this->ssl_enabled && !$this->htaccess_warning_shown && !$this->htaccess_contains_redirect_rules()) {
|
1634 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_htaccess'));
|
1635 |
+
?>
|
1636 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-htaccess">
|
1637 |
+
<p>
|
1638 |
+
<?php echo __("Your do not have a 301 redirect to https activated in the settings. For SEO purposes it is advisable to use 301 redirects. You can enable a 301 redirect in the settings.","really-simple-ssl");?>
|
1639 |
+
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("View settings page","really-simple-ssl");?></a>
|
1640 |
+
</p>
|
1641 |
+
</div>
|
1642 |
+
<?php
|
1643 |
+
}
|
1644 |
+
|
1645 |
+
if (isset($this->errors["DEACTIVATE_FILE_NOT_RENAMED"])) {
|
1646 |
+
?>
|
1647 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-fail">
|
1648 |
+
<h1>
|
1649 |
+
<?php _e("Major security issue!","really-simple-ssl");?>
|
1650 |
+
</h1>
|
1651 |
+
<p>
|
1652 |
+
<?php _e("The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet.","really-simple-ssl");?>
|
1653 |
+
</p>
|
1654 |
+
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("Check again","really-simple-ssl");?></a>
|
1655 |
+
</div>
|
1656 |
+
<?php
|
1657 |
+
}
|
1658 |
+
|
1659 |
+
if (is_multisite() && !is_main_site(get_current_blog_id())) return;
|
1660 |
+
/*
|
1661 |
+
SSL success message
|
1662 |
+
*/
|
1663 |
+
|
1664 |
+
if ($this->ssl_enabled && $this->site_has_ssl && !$this->ssl_success_message_shown) {
|
1665 |
+
if (!current_user_can("activate_plugins")) return;
|
1666 |
+
|
1667 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_success'));
|
1668 |
+
?>
|
1669 |
+
<div id="message" class="updated fade notice is-dismissible rlrsssl-success">
|
1670 |
+
<p>
|
1671 |
+
<?php _e("SSL activated!","really-simple-ssl");?>
|
1672 |
+
<?php _e("Don't forget to change your settings in Google Analytics and Webmaster tools.","really-simple-ssl");?>
|
1673 |
+
<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/how-to-setup-google-analytics-and-google-search-consolewebmaster-tools/"><?php _e("More info.","really-simple-ssl");?></a>
|
1674 |
+
</p>
|
1675 |
+
</div>
|
1676 |
+
<?php
|
1677 |
+
}
|
1678 |
+
|
1679 |
+
//some notices for ssl situations
|
1680 |
+
if ($this->site_has_ssl) {
|
1681 |
+
if (sizeof($this->plugin_conflict)>0) {
|
1682 |
+
//pre Woocommerce 2.5
|
1683 |
+
if (isset($this->plugin_conflict["WOOCOMMERCE_FORCEHTTP"]) && $this->plugin_conflict["WOOCOMMERCE_FORCEHTTP"] && isset($this->plugin_conflict["WOOCOMMERCE_FORCESSL"]) && $this->plugin_conflict["WOOCOMMERCE_FORCESSL"]) {
|
1684 |
+
?>
|
1685 |
+
<div id="message" class="error fade notice"><p>
|
1686 |
+
<?php _e("Really Simple SSL has a conflict with another plugin.","really-simple-ssl");?><br>
|
1687 |
+
<?php _e("The force http after leaving checkout in Woocommerce will create a redirect loop.","really-simple-ssl");?><br>
|
1688 |
+
<a href="admin.php?page=wc-settings&tab=checkout"><?php _e("Show me this setting","really-simple-ssl");?></a>
|
1689 |
+
</p></div>
|
1690 |
+
<?php
|
1691 |
+
}
|
1692 |
+
}
|
1693 |
+
}
|
1694 |
+
}
|
1695 |
+
|
1696 |
+
/**
|
1697 |
+
* Insert some ajax script to dismis the ssl success message, and stop nagging about it
|
1698 |
+
*
|
1699 |
+
* @since 2.0
|
1700 |
+
*
|
1701 |
+
* @access public
|
1702 |
+
*
|
1703 |
+
*/
|
1704 |
+
|
1705 |
+
public function insert_dismiss_success() {
|
1706 |
+
$ajax_nonce = wp_create_nonce( "really-simple-ssl-dismiss" );
|
1707 |
+
?>
|
1708 |
+
<script type='text/javascript'>
|
1709 |
+
jQuery(document).ready(function($) {
|
1710 |
+
$(".rlrsssl-success.notice.is-dismissible").on("click", ".notice-dismiss", function(event){
|
1711 |
+
var data = {
|
1712 |
+
'action': 'dismiss_success_message',
|
1713 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
1714 |
+
};
|
1715 |
+
|
1716 |
+
$.post(ajaxurl, data, function(response) {
|
1717 |
+
|
1718 |
+
});
|
1719 |
+
});
|
1720 |
+
});
|
1721 |
+
</script>
|
1722 |
+
<?php
|
1723 |
+
}
|
1724 |
+
/**
|
1725 |
+
* Insert some ajax script to dismis the htaccess failed fail message, and stop nagging about it
|
1726 |
+
*
|
1727 |
+
* @since 2.0
|
1728 |
+
*
|
1729 |
+
* @access public
|
1730 |
+
*
|
1731 |
+
*/
|
1732 |
+
|
1733 |
+
public function insert_dismiss_htaccess() {
|
1734 |
+
$ajax_nonce = wp_create_nonce( "really-simple-ssl" );
|
1735 |
+
?>
|
1736 |
+
<script type='text/javascript'>
|
1737 |
+
jQuery(document).ready(function($) {
|
1738 |
+
$(".rlrsssl-htaccess.notice.is-dismissible").on("click", ".notice-dismiss", function(event){
|
1739 |
+
var data = {
|
1740 |
+
'action': 'dismiss_htaccess_warning',
|
1741 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
1742 |
+
};
|
1743 |
+
$.post(ajaxurl, data, function(response) {
|
1744 |
+
|
1745 |
+
});
|
1746 |
+
});
|
1747 |
+
});
|
1748 |
+
</script>
|
1749 |
+
<?php
|
1750 |
+
}
|
1751 |
+
|
1752 |
+
/**
|
1753 |
+
* Process the ajax dismissal of the success message.
|
1754 |
+
*
|
1755 |
+
* @since 2.0
|
1756 |
+
*
|
1757 |
+
* @access public
|
1758 |
+
*
|
1759 |
+
*/
|
1760 |
+
|
1761 |
+
public function dismiss_success_message_callback() {
|
1762 |
+
//nonce check fails if url is changed to ssl.
|
1763 |
+
//check_ajax_referer( 'really-simple-ssl-dismiss', 'security' );
|
1764 |
+
$this->ssl_success_message_shown = TRUE;
|
1765 |
+
$this->save_options();
|
1766 |
+
wp_die();
|
1767 |
+
}
|
1768 |
+
|
1769 |
+
/**
|
1770 |
+
* Process the ajax dismissal of the htaccess message.
|
1771 |
+
*
|
1772 |
+
* @since 2.1
|
1773 |
+
*
|
1774 |
+
* @access public
|
1775 |
+
*
|
1776 |
+
*/
|
1777 |
+
|
1778 |
+
public function dismiss_htaccess_warning_callback() {
|
1779 |
+
check_ajax_referer( 'really-simple-ssl', 'security' );
|
1780 |
+
$this->htaccess_warning_shown = TRUE;
|
1781 |
+
$this->save_options();
|
1782 |
+
wp_die(); // this is required to terminate immediately and return a proper response
|
1783 |
+
}
|
1784 |
+
|
1785 |
+
|
1786 |
+
/**
|
1787 |
+
* Adds the admin options page
|
1788 |
+
*
|
1789 |
+
* @since 2.0
|
1790 |
+
*
|
1791 |
+
* @access public
|
1792 |
+
*
|
1793 |
+
*/
|
1794 |
+
|
1795 |
+
public function add_settings_page() {
|
1796 |
+
if (!current_user_can($this->capability)) return;
|
1797 |
+
//hides the settings page if the hide menu for subsites setting is enabled
|
1798 |
+
if(is_multisite() && rsssl_multisite::this()->hide_menu_for_subsites) return;
|
1799 |
+
|
1800 |
+
global $rsssl_admin_page;
|
1801 |
+
$rsssl_admin_page = add_options_page(
|
1802 |
+
__("SSL settings","really-simple-ssl"), //link title
|
1803 |
+
__("SSL","really-simple-ssl"), //page title
|
1804 |
+
$this->capability, //capability
|
1805 |
+
'rlrsssl_really_simple_ssl', //url
|
1806 |
+
array($this,'settings_page')); //function
|
1807 |
+
|
1808 |
+
// Adds my_help_tab when my_admin_page loads
|
1809 |
+
add_action('load-'.$rsssl_admin_page, array($this,'admin_add_help_tab'));
|
1810 |
+
|
1811 |
+
}
|
1812 |
+
|
1813 |
+
/**
|
1814 |
+
* Admin help tab
|
1815 |
+
*
|
1816 |
+
* @since 2.0
|
1817 |
+
*
|
1818 |
+
* @access public
|
1819 |
+
*
|
1820 |
+
*/
|
1821 |
+
|
1822 |
+
public function admin_add_help_tab() {
|
1823 |
+
$screen = get_current_screen();
|
1824 |
+
// Add my_help_tab if current screen is My Admin Page
|
1825 |
+
$screen->add_help_tab( array(
|
1826 |
+
'id' => "really-simple-ssl-documentation",
|
1827 |
+
'title' => __("Documentation","really-simple-ssl"),
|
1828 |
+
'content' => '<p>' . __("On <a href='https://really-simple-ssl.com'>really-simple-ssl.com</a> you can find a lot of articles and documentation about installing this plugin, and installing SSL in general.","really-simple-ssl") . '</p>',
|
1829 |
+
) );
|
1830 |
+
}
|
1831 |
+
|
1832 |
+
/**
|
1833 |
+
* Create tabs on the settings page
|
1834 |
+
*
|
1835 |
+
* @since 2.1
|
1836 |
+
*
|
1837 |
+
* @access public
|
1838 |
+
*
|
1839 |
+
*/
|
1840 |
+
|
1841 |
+
public function admin_tabs( $current = 'homepage' ) {
|
1842 |
+
$tabs = array(
|
1843 |
+
'configuration' => __("Configuration","really-simple-ssl"),
|
1844 |
+
'settings'=>__("Settings","really-simple-ssl"),
|
1845 |
+
'debug' => __("Debug","really-simple-ssl")
|
1846 |
+
);
|
1847 |
+
|
1848 |
+
$tabs = apply_filters("rsssl_tabs", $tabs);
|
1849 |
+
|
1850 |
+
echo '<h2 class="nav-tab-wrapper">';
|
1851 |
+
|
1852 |
+
foreach( $tabs as $tab => $name ){
|
1853 |
+
$class = ( $tab == $current ) ? ' nav-tab-active' : '';
|
1854 |
+
echo "<a class='nav-tab$class' href='?page=rlrsssl_really_simple_ssl&tab=$tab'>$name</a>";
|
1855 |
+
}
|
1856 |
+
echo '</h2>';
|
1857 |
+
}
|
1858 |
+
|
1859 |
+
/**
|
1860 |
+
* Build the settings page
|
1861 |
+
*
|
1862 |
+
* @since 2.0
|
1863 |
+
*
|
1864 |
+
* @access public
|
1865 |
+
*
|
1866 |
+
*/
|
1867 |
+
|
1868 |
+
public function settings_page() {
|
1869 |
+
if (!current_user_can($this->capability)) return;
|
1870 |
+
|
1871 |
+
if ( isset ( $_GET['tab'] ) ) $this->admin_tabs($_GET['tab']); else $this->admin_tabs('configuration');
|
1872 |
+
if ( isset ( $_GET['tab'] ) ) $tab = $_GET['tab']; else $tab = 'configuration';
|
1873 |
+
|
1874 |
+
?><div class="rsssl-container"><div class="rsssl-main"><?php
|
1875 |
+
|
1876 |
+
switch ( $tab ){
|
1877 |
+
case 'configuration' :
|
1878 |
+
/*
|
1879 |
+
First tab, configuration
|
1880 |
+
*/
|
1881 |
+
?>
|
1882 |
+
<h2><?php echo __("Detected setup","really-simple-ssl");?></h2>
|
1883 |
+
<table class="really-simple-ssl-table">
|
1884 |
+
|
1885 |
+
<?php if ($this->site_has_ssl) { ?>
|
1886 |
+
<tr>
|
1887 |
+
<td><?php echo $this->ssl_enabled ? $this->img("success") : $this->img("error");?></td>
|
1888 |
+
<td><?php
|
1889 |
+
if ($this->ssl_enabled) {
|
1890 |
+
_e("SSL is enabled on your site.","really-simple-ssl")." ";
|
1891 |
+
} else {
|
1892 |
+
_e("SSL is not enabled yet","really-simple-ssl")." ";
|
1893 |
+
$this->show_enable_ssl_button();
|
1894 |
+
}
|
1895 |
+
?>
|
1896 |
+
</td><td></td>
|
1897 |
+
</tr>
|
1898 |
+
<?php }
|
1899 |
+
|
1900 |
+
/* check if the mixed content fixer is working */
|
1901 |
+
if ($this->ssl_enabled && $this->autoreplace_insecure_links && $this->site_has_ssl) {
|
1902 |
+
$mixed_content_fixer_detected = $this->mixed_content_fixer_detected();
|
1903 |
+
?>
|
1904 |
+
<tr>
|
1905 |
+
<td><?php echo $mixed_content_fixer_detected ? $this->img("success") : $this->img("error");?></td>
|
1906 |
+
<td><?php
|
1907 |
+
if ($mixed_content_fixer_detected) {
|
1908 |
+
_e("Mixed content fixer was successfully detected on the front-end","really-simple-ssl")." ";
|
1909 |
+
} else {
|
1910 |
+
_e('The mixed content fixer is activated, but was not detected on the frontpage. Please follow these steps to check if the mixed content fixer is working.',"really-simple-ssl").": ";
|
1911 |
+
echo ' <a target="_blank" href="https://www.really-simple-ssl.com/knowledge-base/how-to-check-if-the-mixed-content-fixer-is-active/">';
|
1912 |
+
_e('Instructions', 'really-simple-ssl');
|
1913 |
+
echo '</a>';
|
1914 |
+
}
|
1915 |
+
?>
|
1916 |
+
</td><td></td>
|
1917 |
+
</tr>
|
1918 |
+
<?php } ?>
|
1919 |
+
<tr>
|
1920 |
+
<td><?php echo ($this->site_has_ssl && $this->wpconfig_ok()) ? $this->img("success") : $this->img("error");?></td>
|
1921 |
+
<td><?php
|
1922 |
+
if ( !$this->wpconfig_ok()) {
|
1923 |
+
_e("Failed activating SSL","really-simple-ssl")." ";
|
1924 |
+
} elseif (!$this->site_has_ssl) {
|
1925 |
+
_e("No SSL detected.","really-simple-ssl")." ";
|
1926 |
+
} else {
|
1927 |
+
_e("An SSL certificate was detected on your site. ","really-simple-ssl");
|
1928 |
+
}
|
1929 |
+
?>
|
1930 |
+
</td><td></td>
|
1931 |
+
</tr>
|
1932 |
+
<?php if($this->ssl_enabled) { ?>
|
1933 |
+
<tr>
|
1934 |
+
<td>
|
1935 |
+
<?php echo ($this->has_301_redirect()) ? $this->img("success") :$this->img("warning");?>
|
1936 |
+
</td>
|
1937 |
+
<td>
|
1938 |
+
<?php
|
1939 |
+
|
1940 |
+
if($this->has_301_redirect()) {
|
1941 |
+
_e("301 redirect to https set: ","really-simple-ssl");
|
1942 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->htaccess_contains_redirect_rules())
|
1943 |
+
_e(".htaccess redirect","really-simple-ssl");
|
1944 |
+
|
1945 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->htaccess_contains_redirect_rules() && $this->wp_redirect)
|
1946 |
+
echo " " . __("and", "really-simple-ssl") . " ";
|
1947 |
+
|
1948 |
+
if ($this->wp_redirect)
|
1949 |
+
_e("WordPress redirect","really-simple-ssl");
|
1950 |
+
|
1951 |
+
} elseif (RSSSL()->rsssl_server->uses_htaccess() && (!is_multisite() || !RSSSL()->rsssl_multisite->is_per_site_activated_multisite_subfolder_install())) {
|
1952 |
+
if (is_writable($this->ABSpath.".htaccess")) {
|
1953 |
+
_e("Enable a .htaccess redirect or WordPress redirect in the settings to create a 301 redirect.","really-simple-ssl");
|
1954 |
+
} elseif (!is_writable($this->ABSpath.".htaccess")) {
|
1955 |
+
_e(".htaccess is not writable. Set 301 WordPress redirect, or set the .htaccess manually if you want to redirect in .htaccess.","really-simple-ssl");
|
1956 |
+
} else {
|
1957 |
+
_e("Https redirect cannot be set in the .htaccess. Set the .htaccess redirect manually or enable WordPress redirect in the settings.","really-simple-ssl");
|
1958 |
+
}
|
1959 |
+
} else {
|
1960 |
+
_e("No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect.","really-simple-ssl");
|
1961 |
+
}
|
1962 |
+
?>
|
1963 |
+
</td><td></td>
|
1964 |
+
</tr>
|
1965 |
+
|
1966 |
+
<?php
|
1967 |
+
}
|
1968 |
+
?>
|
1969 |
+
|
1970 |
+
</table>
|
1971 |
+
<?php do_action("rsssl_configuration_page");?>
|
1972 |
+
<?php
|
1973 |
+
break;
|
1974 |
+
case 'settings' :
|
1975 |
+
/*
|
1976 |
+
Second tab, Settings
|
1977 |
+
*/
|
1978 |
+
?>
|
1979 |
+
<form action="options.php" method="post">
|
1980 |
+
<?php
|
1981 |
+
settings_fields('rlrsssl_options');
|
1982 |
+
do_settings_sections('rlrsssl');
|
1983 |
+
?>
|
1984 |
+
|
1985 |
+
<input class="button button-primary" name="Submit" type="submit" value="<?php echo __("Save","really-simple-ssl"); ?>" />
|
1986 |
+
</form>
|
1987 |
+
<?php
|
1988 |
+
break;
|
1989 |
+
|
1990 |
+
case 'debug' :
|
1991 |
+
/*
|
1992 |
+
third tab: debug
|
1993 |
+
*/
|
1994 |
+
?>
|
1995 |
+
<div>
|
1996 |
+
<?php
|
1997 |
+
if ($this->debug) {
|
1998 |
+
echo "<h2>".__("Log for debugging purposes","really-simple-ssl")."</h2>";
|
1999 |
+
echo "<p>".__("Send me a copy of these lines if you have any issues. The log will be erased when debug is set to false","really-simple-ssl")."</p>";
|
2000 |
+
echo "<div class='debug-log'>";
|
2001 |
+
if (defined('RSSSL_SAFE_MODE') && RSSSL_SAFE_MODE) echo "SAFE MODE<br>";
|
2002 |
+
echo "Options:<br>";
|
2003 |
+
if ($this->htaccess_redirect) echo "* htaccess redirect<br>";
|
2004 |
+
if ($this->wp_redirect) echo "* WordPress redirect<br>";
|
2005 |
+
if ($this->autoreplace_insecure_links) echo "* Mixed content fixer<br>";
|
2006 |
+
|
2007 |
+
echo "SERVER: ".RSSSL()->rsssl_server->get_server() . "<br>";
|
2008 |
+
if (is_multisite()) {
|
2009 |
+
echo "MULTISITE<br>";
|
2010 |
+
echo (!RSSSL()->rsssl_multisite->ssl_enabled_networkwide) ? "SSL is being activated per site<br>" : "SSL is activated network wide<br>";
|
2011 |
+
}
|
2012 |
+
|
2013 |
+
echo ($this->ssl_enabled) ? "SSL is enabled for this site<br>" : "SSL is not yet enabled for this site<br>";
|
2014 |
+
echo $this->debug_log;
|
2015 |
+
echo "</div>";
|
2016 |
+
//$this->debug_log.="<br><b>-----------------------</b>";
|
2017 |
+
$this->debug_log="";
|
2018 |
+
$this->save_options();
|
2019 |
+
}
|
2020 |
+
else {
|
2021 |
+
echo "<br>";
|
2022 |
+
_e("To view results here, enable the debug option in the settings tab.","really-simple-ssl");
|
2023 |
+
}
|
2024 |
+
|
2025 |
+
?>
|
2026 |
+
</div>
|
2027 |
+
<?php
|
2028 |
+
break;
|
2029 |
+
}
|
2030 |
+
//possibility to hook into the tabs.
|
2031 |
+
do_action("show_tab_{$tab}");
|
2032 |
+
?>
|
2033 |
+
</div><!-- end main-->
|
2034 |
+
<div class="rsssl-sidebar">
|
2035 |
+
<div class="rsssl-wrapper">
|
2036 |
+
|
2037 |
+
</div>
|
2038 |
+
</div>
|
2039 |
+
</div><!-- end container -->
|
2040 |
+
<?php
|
2041 |
+
}
|
2042 |
+
|
2043 |
+
/**
|
2044 |
+
* Returns a succes, error or warning image for the settings page
|
2045 |
+
*
|
2046 |
+
* @since 2.0
|
2047 |
+
*
|
2048 |
+
* @access public
|
2049 |
+
*
|
2050 |
+
* @param string $type the type of image
|
2051 |
+
*
|
2052 |
+
* @return html string
|
2053 |
+
*/
|
2054 |
+
|
2055 |
+
public function img($type) {
|
2056 |
+
if ($type=='success') {
|
2057 |
+
return "<img class='icons' src='" . trailingslashit(rsssl_url) . "img/check-icon.png' alt='success'>";
|
2058 |
+
} elseif ($type=="error") {
|
2059 |
+
return "<img class='icons' src='". trailingslashit(rsssl_url) . "img/cross-icon.png' alt='error'>";
|
2060 |
+
} else {
|
2061 |
+
return "<img class='icons' src='". trailingslashit(rsssl_url) ."img/warning-icon.png' alt='warning'>";
|
2062 |
+
}
|
2063 |
+
}
|
2064 |
+
|
2065 |
+
/**
|
2066 |
+
* Add some css for the settings page
|
2067 |
+
*
|
2068 |
+
* @since 2.0
|
2069 |
+
*
|
2070 |
+
* @access public
|
2071 |
+
*
|
2072 |
+
*/
|
2073 |
+
|
2074 |
+
public function enqueue_assets($hook){
|
2075 |
+
global $rsssl_admin_page;
|
2076 |
+
//prevent from loading on other pages than settings page.
|
2077 |
+
if( (!is_network_admin() && ($hook != $rsssl_admin_page)) && $this->ssl_enabled )
|
2078 |
+
return;
|
2079 |
+
|
2080 |
+
wp_register_style( 'rlrsssl-css', trailingslashit(rsssl_url) . 'css/main.css', "", rsssl_version);
|
2081 |
+
wp_enqueue_style( 'rlrsssl-css');
|
2082 |
+
}
|
2083 |
+
|
2084 |
+
|
2085 |
+
|
2086 |
+
/*
|
2087 |
+
|
2088 |
+
feedback for the free users. Pro users see something different.
|
2089 |
+
|
2090 |
+
*/
|
2091 |
+
|
2092 |
+
|
2093 |
+
public function configuration_page_more(){
|
2094 |
+
?>
|
2095 |
+
<table>
|
2096 |
+
<tr>
|
2097 |
+
<td>
|
2098 |
+
<?php echo $this->contains_hsts() ? $this->img("success") :$this->img("warning");?>
|
2099 |
+
</td>
|
2100 |
+
<td>
|
2101 |
+
<?php
|
2102 |
+
if($this->contains_hsts()) {
|
2103 |
+
_e("HTTP Strict Transport Security was enabled","really-simple-ssl");
|
2104 |
+
} else {
|
2105 |
+
|
2106 |
+
$wiki_open = '<a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" target="_blank">';
|
2107 |
+
$link_open = '<a target="_blank" href="'.$this->pro_url.'">';
|
2108 |
+
$link_close = '</a>';
|
2109 |
+
|
2110 |
+
printf( __('%sHTTP Strict Transport Security%s is not enabled.',"really-simple-ssl"), $wiki_open, $link_close);
|
2111 |
+
echo " ";
|
2112 |
+
printf(__("To enable, %sget Premium%s ","really-simple-ssl"), $link_open, $link_close);
|
2113 |
+
}
|
2114 |
+
?>
|
2115 |
+
</td><td></td>
|
2116 |
+
</tr>
|
2117 |
+
<tr>
|
2118 |
+
|
2119 |
+
<td><?php echo ($this->contains_secure_cookie_settings()) ? $this->img("success") : $this->img("warning");?></td>
|
2120 |
+
<td><?php
|
2121 |
+
if ($this->contains_secure_cookie_settings()) {
|
2122 |
+
_e("Secure cookies set","really-simple-ssl")." ";
|
2123 |
+
} else {
|
2124 |
+
|
2125 |
+
$link_open = '<a target="_blank" href="'.$this->pro_url.'">';
|
2126 |
+
$link_close = '</a>';
|
2127 |
+
|
2128 |
+
_e('Secure cookie settings not enabled.',"really-simple-ssl");
|
2129 |
+
echo " ";
|
2130 |
+
printf(__("To enable, %sget Premium%s ","really-simple-ssl"), $link_open, $link_close);
|
2131 |
+
}
|
2132 |
+
?>
|
2133 |
+
</td><td></td>
|
2134 |
+
</tr>
|
2135 |
+
</table>
|
2136 |
+
|
2137 |
+
|
2138 |
+
<?php
|
2139 |
+
|
2140 |
+
if (!$this->site_has_ssl) {
|
2141 |
+
$this->show_pro();
|
2142 |
+
} else {
|
2143 |
+
if (!$this->ssl_enabled) { ?>
|
2144 |
+
<p><?php _e("If you want to be sure you're ready to migrate to SSL, get Premium, which includes an extensive scan and premium support.", "really-simple-ssl")?>
|
2145 |
+
<a target="_blank" href="<?php echo $this->pro_url?>">Learn more</a></p>
|
2146 |
+
<?php } else { ?>
|
2147 |
+
<p><?php _e('Still having issues with mixed content? Check out Premium, which includes an extensive scan and premium support. ', "really-simple-ssl")?>
|
2148 |
+
<a target="_blank" href="<?php echo $this->pro_url?>">Learn more</a></p>
|
2149 |
+
<?php
|
2150 |
+
}
|
2151 |
+
}
|
2152 |
+
}
|
2153 |
+
|
2154 |
+
/**
|
2155 |
+
* Create the settings page form
|
2156 |
+
*
|
2157 |
+
* @since 2.0
|
2158 |
+
*
|
2159 |
+
* @access public
|
2160 |
+
*
|
2161 |
+
*/
|
2162 |
+
|
2163 |
+
public function create_form(){
|
2164 |
+
register_setting( 'rlrsssl_options', 'rlrsssl_options', array($this,'options_validate') );
|
2165 |
+
add_settings_section('rlrsssl_settings', __("Settings","really-simple-ssl"), array($this,'section_text'), 'rlrsssl');
|
2166 |
+
add_settings_field('id_autoreplace_insecure_links', __("Auto replace mixed content","really-simple-ssl"), array($this,'get_option_autoreplace_insecure_links'), 'rlrsssl', 'rlrsssl_settings');
|
2167 |
+
|
2168 |
+
//only show option to enable or disable mixed content and redirect when ssl is detected
|
2169 |
+
if($this->ssl_enabled) {
|
2170 |
+
add_settings_field('id_wp_redirect', __("Enable WordPress 301 redirection to SSL","really-simple-ssl"), array($this,'get_option_wp_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2171 |
+
|
2172 |
+
//when enabled networkwide, it's handled on the network settings page
|
2173 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && (!is_multisite() || !RSSSL()->rsssl_multisite->ssl_enabled_networkwide)) {
|
2174 |
+
add_settings_field('id_htaccess_redirect', __("Enable 301 .htaccess redirect","really-simple-ssl"), array($this,'get_option_htaccess_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2175 |
+
}
|
2176 |
+
|
2177 |
+
add_settings_field('id_javascript_redirect', __("Enable javascript redirection to ssl","really-simple-ssl"), array($this,'get_option_javascript_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2178 |
+
}
|
2179 |
+
|
2180 |
+
add_settings_field('id_debug', __("Debug","really-simple-ssl"), array($this,'get_option_debug'), 'rlrsssl', 'rlrsssl_settings');
|
2181 |
+
//on multisite this setting can only be set networkwide
|
2182 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && !is_multisite()) {
|
2183 |
+
add_settings_field('id_do_not_edit_htaccess', __("Stop editing the .htaccess file","really-simple-ssl"), array($this,'get_option_do_not_edit_htaccess'), 'rlrsssl', 'rlrsssl_settings');
|
2184 |
+
add_settings_field('id_switch_mixed_content_fixer_hook', __("Switch mixed content fixer hook","really-simple-ssl"), array($this,'get_option_switch_mixed_content_fixer_hook'), 'rlrsssl', 'rlrsssl_settings');
|
2185 |
+
|
2186 |
+
}
|
2187 |
+
}
|
2188 |
+
/**
|
2189 |
+
* Insert some explanation above the form
|
2190 |
+
*
|
2191 |
+
* @since 2.0
|
2192 |
+
*
|
2193 |
+
* @access public
|
2194 |
+
*
|
2195 |
+
*/
|
2196 |
+
|
2197 |
+
public function section_text() {
|
2198 |
+
?>
|
2199 |
+
<p><?php _e('Settings to optimize your SSL configuration','really-simple-ssl');?></p>
|
2200 |
+
<?php
|
2201 |
+
}
|
2202 |
+
|
2203 |
+
/**
|
2204 |
+
* Check the posted values in the settings page for validity
|
2205 |
+
*
|
2206 |
+
* @since 2.0
|
2207 |
+
*
|
2208 |
+
* @access public
|
2209 |
+
*
|
2210 |
+
*/
|
2211 |
+
|
2212 |
+
public function options_validate($input) {
|
2213 |
+
//fill array with current values, so we don't lose any
|
2214 |
+
$newinput = array();
|
2215 |
+
$newinput['site_has_ssl'] = $this->site_has_ssl;
|
2216 |
+
$newinput['ssl_success_message_shown'] = $this->ssl_success_message_shown;
|
2217 |
+
$newinput['htaccess_warning_shown'] = $this->htaccess_warning_shown;
|
2218 |
+
$newinput['plugin_db_version'] = $this->plugin_db_version;
|
2219 |
+
$newinput['ssl_enabled'] = $this->ssl_enabled;
|
2220 |
+
$newinput['debug_log'] = $this->debug_log;
|
2221 |
+
|
2222 |
+
if (!empty($input['hsts']) && $input['hsts']=='1') {
|
2223 |
+
$newinput['hsts'] = TRUE;
|
2224 |
+
} else {
|
2225 |
+
$newinput['hsts'] = FALSE;
|
2226 |
+
}
|
2227 |
+
|
2228 |
+
if (!empty($input['javascript_redirect']) && $input['javascript_redirect']=='1') {
|
2229 |
+
$newinput['javascript_redirect'] = TRUE;
|
2230 |
+
} else {
|
2231 |
+
$newinput['javascript_redirect'] = FALSE;
|
2232 |
+
}
|
2233 |
+
|
2234 |
+
if (!empty($input['wp_redirect']) && $input['wp_redirect']=='1') {
|
2235 |
+
$newinput['wp_redirect'] = TRUE;
|
2236 |
+
} else {
|
2237 |
+
$newinput['wp_redirect'] = FALSE;
|
2238 |
+
}
|
2239 |
+
|
2240 |
+
if (!empty($input['autoreplace_insecure_links']) && $input['autoreplace_insecure_links']=='1') {
|
2241 |
+
$newinput['autoreplace_insecure_links'] = TRUE;
|
2242 |
+
} else {
|
2243 |
+
$newinput['autoreplace_insecure_links'] = FALSE;
|
2244 |
+
}
|
2245 |
+
|
2246 |
+
if (!empty($input['debug']) && $input['debug']=='1') {
|
2247 |
+
$newinput['debug'] = TRUE;
|
2248 |
+
} else {
|
2249 |
+
$newinput['debug'] = FALSE;
|
2250 |
+
$this->debug_log = "";
|
2251 |
+
}
|
2252 |
+
|
2253 |
+
if (!empty($input['do_not_edit_htaccess']) && $input['do_not_edit_htaccess']=='1') {
|
2254 |
+
$newinput['do_not_edit_htaccess'] = TRUE;
|
2255 |
+
} else {
|
2256 |
+
$newinput['do_not_edit_htaccess'] = FALSE;
|
2257 |
+
}
|
2258 |
+
|
2259 |
+
if (!empty($input['switch_mixed_content_fixer_hook']) && $input['switch_mixed_content_fixer_hook']=='1') {
|
2260 |
+
$newinput['switch_mixed_content_fixer_hook'] = TRUE;
|
2261 |
+
} else {
|
2262 |
+
$newinput['switch_mixed_content_fixer_hook'] = FALSE;
|
2263 |
+
}
|
2264 |
+
|
2265 |
+
if (!empty($input['htaccess_redirect']) && $input['htaccess_redirect']=='1') {
|
2266 |
+
$newinput['htaccess_redirect'] = TRUE;
|
2267 |
+
} else {
|
2268 |
+
$newinput['htaccess_redirect'] = FALSE;
|
2269 |
+
}
|
2270 |
+
|
2271 |
+
return $newinput;
|
2272 |
+
}
|
2273 |
+
|
2274 |
+
/**
|
2275 |
+
* Insert option into settings form
|
2276 |
+
* deprecated
|
2277 |
+
* @since 2.0
|
2278 |
+
*
|
2279 |
+
* @access public
|
2280 |
+
*
|
2281 |
+
*/
|
2282 |
+
|
2283 |
+
public function get_option_debug() {
|
2284 |
+
$options = get_option('rlrsssl_options');
|
2285 |
+
echo '<input id="rlrsssl_options" name="rlrsssl_options[debug]" size="40" type="checkbox" value="1"' . checked( 1, $this->debug, false ) ." />";
|
2286 |
+
RSSSL()->rsssl_help->get_help_tip(__("Enable this option to get debug info in the debug tab.", "really-simple-ssl"));
|
2287 |
+
|
2288 |
+
}
|
2289 |
+
|
2290 |
+
/**
|
2291 |
+
* Insert option into settings form
|
2292 |
+
* @since 2.2
|
2293 |
+
*
|
2294 |
+
* @access public
|
2295 |
+
*
|
2296 |
+
*/
|
2297 |
+
|
2298 |
+
public function get_option_javascript_redirect() {
|
2299 |
+
$javascript_redirect = $this->javascript_redirect;
|
2300 |
+
$disabled = "";
|
2301 |
+
$comment = "";
|
2302 |
+
|
2303 |
+
if (is_multisite() && rsssl_multisite::this()->javascript_redirect) {
|
2304 |
+
$disabled = "disabled";
|
2305 |
+
$javascript_redirect = TRUE;
|
2306 |
+
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2307 |
+
}
|
2308 |
+
|
2309 |
+
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[javascript_redirect]" size="40" type="checkbox" value="1"' . checked( 1, $javascript_redirect, false ) ." />";
|
2310 |
+
RSSSL()->rsssl_help->get_help_tip(__("This is a fallback you should only use if other redirection methods do not work.", "really-simple-ssl"));
|
2311 |
+
echo $comment;
|
2312 |
+
|
2313 |
+
}
|
2314 |
+
|
2315 |
+
/**
|
2316 |
+
* Insert option into settings form
|
2317 |
+
* @since 2.5.0
|
2318 |
+
*
|
2319 |
+
* @access public
|
2320 |
+
*
|
2321 |
+
*/
|
2322 |
+
|
2323 |
+
public function get_option_wp_redirect() {
|
2324 |
+
$wp_redirect = $this->wp_redirect;
|
2325 |
+
$disabled = "";
|
2326 |
+
$comment = "";
|
2327 |
+
|
2328 |
+
if (is_multisite() && rsssl_multisite::this()->wp_redirect) {
|
2329 |
+
$disabled = "disabled";
|
2330 |
+
$wp_redirect = TRUE;
|
2331 |
+
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2332 |
+
}
|
2333 |
+
|
2334 |
+
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[wp_redirect]" size="40" type="checkbox" value="1"' . checked( 1, $wp_redirect, false ) ." />";
|
2335 |
+
RSSSL()->rsssl_help->get_help_tip(__("Enable this if you want to use the internal WordPress 301 redirect. Needed on NGINX servers, or if the .htaccess redirect cannot be used.", "really-simple-ssl"));
|
2336 |
+
echo $comment;
|
2337 |
+
|
2338 |
+
}
|
2339 |
+
|
2340 |
+
|
2341 |
+
|
2342 |
+
/**
|
2343 |
+
* Insert option into settings form
|
2344 |
+
* The .htaccess redirect is not shown for multisite sites that are enabled network wide.
|
2345 |
+
*
|
2346 |
+
* @since 2.5.8
|
2347 |
+
*
|
2348 |
+
* @access public
|
2349 |
+
*
|
2350 |
+
*/
|
2351 |
+
|
2352 |
+
public function get_option_htaccess_redirect() {
|
2353 |
+
$options = get_option('rlrsssl_options');
|
2354 |
+
|
2355 |
+
$htaccess_redirect = $this->htaccess_redirect;
|
2356 |
+
$disabled = "";
|
2357 |
+
$comment = "";
|
2358 |
+
|
2359 |
+
//networkwide is not shown, so this only applies to per site activated sites.
|
2360 |
+
if (is_multisite() && RSSSL()->rsssl_multisite->htaccess_redirect) {
|
2361 |
+
$disabled = "disabled";
|
2362 |
+
$htaccess_redirect = TRUE;
|
2363 |
+
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2364 |
+
} else {
|
2365 |
+
$disabled = ($this->do_not_edit_htaccess) ? "disabled" : "";
|
2366 |
+
}
|
2367 |
+
|
2368 |
+
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[htaccess_redirect]" size="40" type="checkbox" value="1"' . checked( 1, $this->htaccess_redirect, false ) ." />";
|
2369 |
+
RSSSL()->rsssl_help->get_help_tip(__("A .htaccess redirect is faster. Really Simple SSL detects the redirect code that is most likely to work (99% of websites), but this is not 100%. Make sure you know how to regain access to your site if anything goes wrong!", "really-simple-ssl"));
|
2370 |
+
echo $comment;
|
2371 |
+
|
2372 |
+
if ($this->htaccess_redirect && (!is_writable($this->ABSpath.".htaccess") || !$this->htaccess_test_success)) {
|
2373 |
+
echo "<br><br>";
|
2374 |
+
if (!is_writable($this->ABSpath.".htaccess")) _e("The .htaccess file is not writable. Add these lines to your .htaccess manually, or set give writing permissions", "really-simple-ssl");
|
2375 |
+
if (!$this->htaccess_test_success) _e("The .htaccess redirect rules that were selected by this plugin failed in the test. The following redirect rules were tested:", "really-simple-ssl");
|
2376 |
+
echo "<br><br>";
|
2377 |
+
if ($this->ssl_type!="NA") {
|
2378 |
+
$manual = true;
|
2379 |
+
$rules = $this->get_redirect_rules($manual);
|
2380 |
+
|
2381 |
+
$arr_search = array("<",">","\n");
|
2382 |
+
$arr_replace = array("<",">","<br>");
|
2383 |
+
$rules = str_replace($arr_search, $arr_replace, $rules);
|
2384 |
+
|
2385 |
+
?>
|
2386 |
+
<code>
|
2387 |
+
<?php echo $rules; ?>
|
2388 |
+
</code>
|
2389 |
+
<?php
|
2390 |
+
} else {
|
2391 |
+
_e("The plugin could not detect any possible redirect rule.", "really-simple-ssl");
|
2392 |
+
}
|
2393 |
+
}
|
2394 |
+
|
2395 |
+
//on multisite, the .htaccess do not edit option is not available
|
2396 |
+
if (!is_multisite()) {
|
2397 |
+
if ($this->do_not_edit_htaccess) {
|
2398 |
+
_e("If the setting 'do not edit htaccess' is enabled, you can't change this setting.","really-simple-ssl");
|
2399 |
+
} elseif (!$this->htaccess_redirect) {
|
2400 |
+
$link_start = '<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/remove-htaccess-redirect-site-lockout/">';
|
2401 |
+
$link_end = '</a>';
|
2402 |
+
printf(
|
2403 |
+
__( 'Before you enable this, make sure you know how to %1$sregain access%2$s to your site in case of a redirect loop.', 'really-simple-ssl' ),
|
2404 |
+
$link_start,
|
2405 |
+
$link_end
|
2406 |
+
);
|
2407 |
+
}
|
2408 |
+
}
|
2409 |
+
|
2410 |
+
}
|
2411 |
+
|
2412 |
+
/**
|
2413 |
+
* Insert option into settings form
|
2414 |
+
*
|
2415 |
+
* @since 2.0
|
2416 |
+
*
|
2417 |
+
* @access public
|
2418 |
+
*
|
2419 |
+
*/
|
2420 |
+
|
2421 |
+
public function get_option_do_not_edit_htaccess() {
|
2422 |
+
$options = get_option('rlrsssl_options');
|
2423 |
+
echo '<input id="rlrsssl_options" name="rlrsssl_options[do_not_edit_htaccess]" size="40" type="checkbox" value="1"' . checked( 1, $this->do_not_edit_htaccess, false ) ." />";
|
2424 |
+
|
2425 |
+
RSSSL()->rsssl_help->get_help_tip(__("If you want to customize the Really Simple SSL .htaccess, you need to prevent Really Simple SSL from rewriting it. Enabling this option will do that.", "really-simple-ssl"));
|
2426 |
+
if (!$this->do_not_edit_htaccess && !is_writable($this->ABSpath.".htaccess")) _e(".htaccess is currently not writable.","really-simple-ssl");
|
2427 |
+
}
|
2428 |
+
|
2429 |
+
/**
|
2430 |
+
* Insert option into settings form
|
2431 |
+
*
|
2432 |
+
* @since 2.1
|
2433 |
+
*
|
2434 |
+
* @access public
|
2435 |
+
*
|
2436 |
+
*/
|
2437 |
+
|
2438 |
+
public function get_option_switch_mixed_content_fixer_hook() {
|
2439 |
+
$options = get_option('rslrsssl_options');
|
2440 |
+
echo '<input id="rlrsssl_options" name="rlrsssl_options[switch_mixed_content_fixer_hook]" size="40" type="checkbox" value="1"' . checked( 1, $this->switch_mixed_content_fixer_hook, false ) ." />";
|
2441 |
+
RSSSL()->rsssl_help->get_help_tip(__("If this option is set to true, the mixed content fixer will fire on the init hook instead of the template_redirect hook. Only use this option when you experience problems with the mixed content fixer.", "really-simple-ssl"));
|
2442 |
+
}
|
2443 |
+
|
2444 |
+
public function get_option_autoreplace_insecure_links() {
|
2445 |
+
//$options = get_option('rlrsssl_options');
|
2446 |
+
$autoreplace_mixed_content = $this->autoreplace_insecure_links;
|
2447 |
+
$disabled = "";
|
2448 |
+
$comment = "";
|
2449 |
+
|
2450 |
+
if (is_multisite() && rsssl_multisite::this()->autoreplace_mixed_content) {
|
2451 |
+
$disabled = "disabled";
|
2452 |
+
$autoreplace_mixed_content = TRUE;
|
2453 |
+
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2454 |
+
}
|
2455 |
+
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[autoreplace_insecure_links]" size="40" type="checkbox" value="1"' . checked( 1, $autoreplace_mixed_content, false ) .' />';
|
2456 |
+
RSSSL()->rsssl_help->get_help_tip(__("In most cases you need to leave this enabled, to prevent mixed content issues on your site.", "really-simple-ssl"));
|
2457 |
+
echo $comment;
|
2458 |
+
}
|
2459 |
+
/**
|
2460 |
+
* Add settings link on plugins overview page
|
2461 |
+
*
|
2462 |
+
* @since 2.0
|
2463 |
+
*
|
2464 |
+
* @access public
|
2465 |
+
*
|
2466 |
+
*/
|
2467 |
+
|
2468 |
+
public function plugin_settings_link($links) {
|
2469 |
+
$settings_link = '<a href="options-general.php?page=rlrsssl_really_simple_ssl">'.__("Settings","really-simple-ssl").'</a>';
|
2470 |
+
array_unshift($links, $settings_link);
|
2471 |
+
|
2472 |
+
$faq_link = '<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/">' . __( 'Docs', 'really-simple-ssl' ) . '</a>';
|
2473 |
+
array_unshift( $links, $faq_link );
|
2474 |
+
|
2475 |
+
if ( defined("rsssl_pro_version") ) {
|
2476 |
+
if (class_exists('RSSSL_PRO')) {
|
2477 |
+
if(RSSSL_PRO()->rsssl_licensing->license_is_valid()) return $links;
|
2478 |
+
}
|
2479 |
+
}
|
2480 |
+
if ( !defined("rsssl_pro_version") ) {
|
2481 |
+
if (!class_exists('RSSSL_PRO')) {
|
2482 |
+
$premium_link = '<a target="_blank" href="https://really-simple-ssl.com/premium-support">' . __( 'Premium Support', 'really-simple-ssl' ) . '</a>';
|
2483 |
+
array_unshift( $links, $premium_link );
|
2484 |
+
}
|
2485 |
+
}
|
2486 |
+
return $links;
|
2487 |
+
}
|
2488 |
+
|
2489 |
+
/**
|
2490 |
+
* Check for possible plugin conflicts
|
2491 |
+
*
|
2492 |
+
* @since 2.0
|
2493 |
+
*
|
2494 |
+
* @access public
|
2495 |
+
* @return none
|
2496 |
+
*
|
2497 |
+
*/
|
2498 |
+
|
2499 |
+
public function check_plugin_conflicts() {
|
2500 |
+
// $this->plugin_conflict["WOOCOMMERCE_FORCESSL"] = TRUE;
|
2501 |
+
}
|
2502 |
+
|
2503 |
+
/**
|
2504 |
+
* Check if wpconfig contains httponly cooky settings
|
2505 |
+
*
|
2506 |
+
* @since 2.5
|
2507 |
+
*
|
2508 |
+
* @access public
|
2509 |
+
* @return boolean
|
2510 |
+
*
|
2511 |
+
*/
|
2512 |
+
|
2513 |
+
public function contains_secure_cookie_settings() {
|
2514 |
+
$wpconfig_path = $this->find_wp_config_path();
|
2515 |
+
|
2516 |
+
if (!$wpconfig_path) return false;
|
2517 |
+
|
2518 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
2519 |
+
if ( (strpos($wpconfig, "//Begin Really Simple SSL session cookie settings")===FALSE) && (strpos($wpconfig, "cookie_httponly")===FALSE) ) {
|
2520 |
+
return false;
|
2521 |
+
}
|
2522 |
+
|
2523 |
+
return true;
|
2524 |
+
}
|
2525 |
+
|
2526 |
+
|
2527 |
+
|
2528 |
+
/**
|
2529 |
+
* Get the absolute path the the www directory of this site, where .htaccess lives.
|
2530 |
+
*
|
2531 |
+
* @since 2.0
|
2532 |
+
*
|
2533 |
+
* @access public
|
2534 |
+
*
|
2535 |
+
*/
|
2536 |
+
|
2537 |
+
public function getABSPATH(){
|
2538 |
+
$path = ABSPATH;
|
2539 |
+
if($this->is_subdirectory_install()){
|
2540 |
+
$siteUrl = site_url();
|
2541 |
+
$homeUrl = home_url();
|
2542 |
+
$diff = str_replace($homeUrl, "", $siteUrl);
|
2543 |
+
$diff = trim($diff,"/");
|
2544 |
+
$pos = strrpos($path, $diff);
|
2545 |
+
if($pos !== false){
|
2546 |
+
$path = substr_replace($path, "", $pos, strlen($diff));
|
2547 |
+
$path = trim($path,"/");
|
2548 |
+
$path = "/".$path."/";
|
2549 |
+
}
|
2550 |
+
}
|
2551 |
+
|
2552 |
+
return $path;
|
2553 |
+
}
|
2554 |
+
|
2555 |
+
/**
|
2556 |
+
* Find if this wordpress installation is installed in a subdirectory
|
2557 |
+
*
|
2558 |
+
* @since 2.0
|
2559 |
+
*
|
2560 |
+
* @access protected
|
2561 |
+
*
|
2562 |
+
*/
|
2563 |
+
|
2564 |
+
protected function is_subdirectory_install(){
|
2565 |
+
if(strlen(site_url()) > strlen(home_url())){
|
2566 |
+
return true;
|
2567 |
+
}
|
2568 |
+
return false;
|
2569 |
+
}
|
2570 |
+
|
2571 |
+
|
2572 |
+
|
2573 |
+
} //class closure
|
class-cache.php
ADDED
@@ -0,0 +1,66 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
3 |
+
if ( ! class_exists( 'rsssl_cache' ) ) {
|
4 |
+
class rsssl_cache {
|
5 |
+
private $capability = 'manage_options';
|
6 |
+
private static $_this;
|
7 |
+
|
8 |
+
function __construct() {
|
9 |
+
if ( isset( self::$_this ) )
|
10 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
11 |
+
|
12 |
+
self::$_this = $this;
|
13 |
+
}
|
14 |
+
|
15 |
+
static function this() {
|
16 |
+
return self::$_this;
|
17 |
+
}
|
18 |
+
|
19 |
+
/**
|
20 |
+
* Flushes the cache for popular caching plugins to prevent mixed content errors
|
21 |
+
* When .htaccess is changed, all traffic should flow over https, so clear cache when possible.
|
22 |
+
* supported: W3TC, WP fastest Cache, Zen Cache, wp_rocket
|
23 |
+
*
|
24 |
+
* @since 2.0
|
25 |
+
*
|
26 |
+
* @access public
|
27 |
+
*
|
28 |
+
*/
|
29 |
+
|
30 |
+
public function flush() {
|
31 |
+
if (!current_user_can($this->capability)) return;
|
32 |
+
|
33 |
+
add_action( 'admin_head', array($this,'flush_w3tc_cache'));
|
34 |
+
add_action( 'admin_head', array($this,'flush_fastest_cache'));
|
35 |
+
add_action( 'admin_head', array($this,'flush_zen_cache'));
|
36 |
+
|
37 |
+
//keep getting errors from wp-rocket.
|
38 |
+
//add_action( 'admin_head', array($this,'flush_wp_rocket'));
|
39 |
+
}
|
40 |
+
|
41 |
+
public function flush_w3tc_cache() {
|
42 |
+
if (function_exists('w3tc_flush_all')) {
|
43 |
+
w3tc_flush_all();
|
44 |
+
}
|
45 |
+
}
|
46 |
+
|
47 |
+
public function flush_fastest_cache() {
|
48 |
+
if(class_exists('WpFastestCache') ) {
|
49 |
+
$GLOBALS["wp_fastest_cache"]->deleteCache(TRUE);
|
50 |
+
}
|
51 |
+
}
|
52 |
+
|
53 |
+
public function flush_zen_cache() {
|
54 |
+
if (class_exists('\\zencache\\plugin') ) {
|
55 |
+
$GLOBALS['zencache']->clear_cache();
|
56 |
+
}
|
57 |
+
}
|
58 |
+
|
59 |
+
public function flush_wp_rocket() {
|
60 |
+
if (function_exists("rocket_clean_domain")) {
|
61 |
+
rocket_clean_domain();
|
62 |
+
}
|
63 |
+
}
|
64 |
+
|
65 |
+
}//class closure
|
66 |
+
}
|
class-front-end.php
ADDED
@@ -0,0 +1,159 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
3 |
+
|
4 |
+
if ( ! class_exists( 'rsssl_front_end' ) ) {
|
5 |
+
class rsssl_front_end {
|
6 |
+
private static $_this;
|
7 |
+
public $javascript_redirect = TRUE;
|
8 |
+
public $wp_redirect = TRUE;
|
9 |
+
public $autoreplace_insecure_links = TRUE;
|
10 |
+
public $switch_mixed_content_fixer_hook = FALSE;
|
11 |
+
//public $ssl_enabled_networkwide = FALSE;
|
12 |
+
|
13 |
+
function __construct() {
|
14 |
+
if ( isset( self::$_this ) )
|
15 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
16 |
+
|
17 |
+
self::$_this = $this;
|
18 |
+
|
19 |
+
$this->get_options();
|
20 |
+
|
21 |
+
add_action( 'rest_api_init', array($this, 'wp_rest_api_force_ssl'), ~PHP_INT_MAX );
|
22 |
+
|
23 |
+
}
|
24 |
+
|
25 |
+
static function this() {
|
26 |
+
return self::$_this;
|
27 |
+
}
|
28 |
+
|
29 |
+
/**
|
30 |
+
* Sets the SSL variable to on for WordPress, so the native function is_ssl() will return true
|
31 |
+
* It should run as first plugin in WP, otherwise issues might result.
|
32 |
+
*
|
33 |
+
* @since 3.0
|
34 |
+
*
|
35 |
+
* @access public
|
36 |
+
*
|
37 |
+
*/
|
38 |
+
|
39 |
+
// public function set_ssl_var(){
|
40 |
+
// if (($this->ssl_enabled) || $this->ssl_enabled_networkwide) {
|
41 |
+
// $_SERVER["HTTPS"] = "on";
|
42 |
+
// }
|
43 |
+
// }
|
44 |
+
|
45 |
+
/**
|
46 |
+
* Javascript redirect, when ssl is true.
|
47 |
+
*
|
48 |
+
* @since 2.2
|
49 |
+
*
|
50 |
+
* @access public
|
51 |
+
*
|
52 |
+
*/
|
53 |
+
|
54 |
+
public function force_ssl() {
|
55 |
+
if ($this->ssl_enabled) {
|
56 |
+
if ($this->javascript_redirect) add_action('wp_print_scripts', array($this,'force_ssl_with_javascript'));
|
57 |
+
if ($this->wp_redirect) add_action('wp', array($this, 'wp_redirect_to_ssl'), 40,3);
|
58 |
+
}
|
59 |
+
}
|
60 |
+
|
61 |
+
|
62 |
+
/**
|
63 |
+
* Force SSL on wp rest api
|
64 |
+
*
|
65 |
+
* @since 2.5.14
|
66 |
+
*
|
67 |
+
* @access public
|
68 |
+
*
|
69 |
+
*/
|
70 |
+
|
71 |
+
public function wp_rest_api_force_ssl() {
|
72 |
+
//check for Command Line
|
73 |
+
if (php_sapi_name() === 'cli') return;
|
74 |
+
|
75 |
+
if ($this->ssl_enabled && !is_ssl() && !(defined("rsssl_no_rest_api_redirect") && rsssl_no_rest_api_redirect)) {
|
76 |
+
$redirect_url = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
|
77 |
+
wp_redirect( $redirect_url, 301 );
|
78 |
+
exit;
|
79 |
+
}
|
80 |
+
}
|
81 |
+
|
82 |
+
|
83 |
+
/**
|
84 |
+
* Redirect using wp redirect
|
85 |
+
*
|
86 |
+
* @since 2.5.0
|
87 |
+
*
|
88 |
+
* @access public
|
89 |
+
*
|
90 |
+
*/
|
91 |
+
|
92 |
+
public function wp_redirect_to_ssl() {
|
93 |
+
|
94 |
+
if (!is_ssl() && !(defined("rsssl_no_wp_redirect") && rsssl_no_wp_redirect)) {
|
95 |
+
$redirect_url = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
|
96 |
+
$redirect_url = apply_filters("rsssl_wp_redirect_url", $redirect_url);
|
97 |
+
wp_redirect($redirect_url, 301);
|
98 |
+
exit;
|
99 |
+
}
|
100 |
+
}
|
101 |
+
|
102 |
+
|
103 |
+
|
104 |
+
/**
|
105 |
+
* Get the options for this plugin
|
106 |
+
*
|
107 |
+
* @since 2.0
|
108 |
+
*
|
109 |
+
* @access public
|
110 |
+
*
|
111 |
+
*/
|
112 |
+
|
113 |
+
public function get_options(){
|
114 |
+
$options = get_option('rlrsssl_options');
|
115 |
+
if (isset($options)) {
|
116 |
+
$this->autoreplace_insecure_links = isset($options['autoreplace_insecure_links']) ? $options['autoreplace_insecure_links'] : TRUE;
|
117 |
+
$this->ssl_enabled = isset($options['ssl_enabled']) ? $options['ssl_enabled'] : false;
|
118 |
+
$this->javascript_redirect = isset($options['javascript_redirect']) ? $options['javascript_redirect'] : TRUE;
|
119 |
+
$this->wp_redirect = isset($options['wp_redirect']) ? $options['wp_redirect'] : FALSE;
|
120 |
+
$this->switch_mixed_content_fixer_hook = isset($options['switch_mixed_content_fixer_hook']) ? $options['switch_mixed_content_fixer_hook'] : FALSE;
|
121 |
+
|
122 |
+
//overrides from multisite
|
123 |
+
if (is_multisite()) {
|
124 |
+
$network_options = get_site_option('rlrsssl_network_options');
|
125 |
+
|
126 |
+
$site_wp_redirect = isset($network_options["wp_redirect"]) ? $network_options["wp_redirect"] : false;
|
127 |
+
$javascript_redirect = isset($network_options["javascript_redirect"]) ? $network_options["javascript_redirect"] : false;
|
128 |
+
$autoreplace_insecure_links = isset($network_options["autoreplace_mixed_content"]) ? $network_options["autoreplace_mixed_content"] : false;
|
129 |
+
|
130 |
+
if ($site_wp_redirect) $this->wp_redirect = $site_wp_redirect;
|
131 |
+
if ($javascript_redirect) $this->javascript_redirect = $javascript_redirect;
|
132 |
+
if ($autoreplace_insecure_links) $this->autoreplace_insecure_links = $autoreplace_insecure_links;
|
133 |
+
|
134 |
+
}
|
135 |
+
}
|
136 |
+
}
|
137 |
+
|
138 |
+
|
139 |
+
|
140 |
+
/**
|
141 |
+
* Adds some javascript to redirect to https.
|
142 |
+
*
|
143 |
+
* @since 1.0
|
144 |
+
*
|
145 |
+
* @access public
|
146 |
+
*
|
147 |
+
*/
|
148 |
+
|
149 |
+
public function force_ssl_with_javascript() {
|
150 |
+
?>
|
151 |
+
<script>
|
152 |
+
if (document.location.protocol != "https:") {
|
153 |
+
document.location = document.URL.replace(/^http:/i, "https:");
|
154 |
+
}
|
155 |
+
</script>
|
156 |
+
<?php
|
157 |
+
}
|
158 |
+
|
159 |
+
}}
|
class-help.php
ADDED
@@ -0,0 +1,31 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
3 |
+
if ( ! class_exists( 'rsssl_help' ) ) {
|
4 |
+
class rsssl_help {
|
5 |
+
private static $_this;
|
6 |
+
|
7 |
+
function __construct() {
|
8 |
+
if ( isset( self::$_this ) )
|
9 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
10 |
+
|
11 |
+
self::$_this = $this;
|
12 |
+
}
|
13 |
+
|
14 |
+
static function this() {
|
15 |
+
return self::$_this;
|
16 |
+
}
|
17 |
+
|
18 |
+
public function get_help_tip($str){
|
19 |
+
?>
|
20 |
+
<span class="rsssl-tooltip-right tooltip-right" data-rsssl-tooltip="<?php echo $str?>">
|
21 |
+
<span class="dashicons dashicons-editor-help"></span>
|
22 |
+
</span>
|
23 |
+
<?php
|
24 |
+
|
25 |
+
}
|
26 |
+
|
27 |
+
|
28 |
+
|
29 |
+
|
30 |
+
}//class closure
|
31 |
+
} //if class exists closure
|
class-maintain-plugin-load-position.php
ADDED
@@ -0,0 +1,97 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
3 |
+
|
4 |
+
class rsssl_maintain_plugin_position {
|
5 |
+
|
6 |
+
private static $_this;
|
7 |
+
|
8 |
+
function __construct() {
|
9 |
+
if ( isset( self::$_this ) )
|
10 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
11 |
+
|
12 |
+
self::$_this = $this;
|
13 |
+
|
14 |
+
add_action( 'admin_init', array( $this, 'maintainPluginLoadPosition') );
|
15 |
+
|
16 |
+
}
|
17 |
+
|
18 |
+
static function this() {
|
19 |
+
return self::$_this;
|
20 |
+
}
|
21 |
+
|
22 |
+
/**
|
23 |
+
* Sets this plugin to be the first loaded of all the plugins.
|
24 |
+
*/
|
25 |
+
|
26 |
+
public function maintainPluginLoadPosition() {
|
27 |
+
$sBaseFile = plugin_basename( __FILE__ );
|
28 |
+
$nLoadPosition = $this->getActivePluginLoadPosition( $sBaseFile );
|
29 |
+
if ( $nLoadPosition > 1 ) {
|
30 |
+
$this->setActivePluginLoadPosition( $sBaseFile, 0 );
|
31 |
+
}
|
32 |
+
}
|
33 |
+
|
34 |
+
/**
|
35 |
+
* @param string $sPluginFile
|
36 |
+
* @return int
|
37 |
+
*/
|
38 |
+
public function getActivePluginLoadPosition( $sPluginFile ) {
|
39 |
+
$sOptionKey = is_multisite() ? 'active_sitewide_plugins' : 'active_plugins';
|
40 |
+
$aActive = get_option( $sOptionKey );
|
41 |
+
$nPosition = -1;
|
42 |
+
if ( is_array( $aActive ) ) {
|
43 |
+
$nPosition = array_search( $sPluginFile, $aActive );
|
44 |
+
if ( $nPosition === false ) {
|
45 |
+
$nPosition = -1;
|
46 |
+
}
|
47 |
+
}
|
48 |
+
return $nPosition;
|
49 |
+
}
|
50 |
+
|
51 |
+
/**
|
52 |
+
* @param string $sPluginFile
|
53 |
+
* @param int $nDesiredPosition
|
54 |
+
*/
|
55 |
+
public function setActivePluginLoadPosition( $sPluginFile, $nDesiredPosition = 0 ) {
|
56 |
+
|
57 |
+
$aActive = $this->setArrayValueToPosition( get_option( 'active_plugins' ), $sPluginFile, $nDesiredPosition );
|
58 |
+
update_option( 'active_plugins', $aActive );
|
59 |
+
|
60 |
+
if ( is_multisite() ) {
|
61 |
+
$aActive = $this->setArrayValueToPosition( get_option( 'active_sitewide_plugins' ), $sPluginFile, $nDesiredPosition );
|
62 |
+
update_option( 'active_sitewide_plugins', $aActive );
|
63 |
+
}
|
64 |
+
}
|
65 |
+
|
66 |
+
/**
|
67 |
+
* @param array $aSubjectArray
|
68 |
+
* @param mixed $mValue
|
69 |
+
* @param int $nDesiredPosition
|
70 |
+
* @return array
|
71 |
+
*/
|
72 |
+
public function setArrayValueToPosition( $aSubjectArray, $mValue, $nDesiredPosition ) {
|
73 |
+
|
74 |
+
if ( $nDesiredPosition < 0 || !is_array( $aSubjectArray ) ) {
|
75 |
+
return $aSubjectArray;
|
76 |
+
}
|
77 |
+
|
78 |
+
$nMaxPossiblePosition = count( $aSubjectArray ) - 1;
|
79 |
+
if ( $nDesiredPosition > $nMaxPossiblePosition ) {
|
80 |
+
$nDesiredPosition = $nMaxPossiblePosition;
|
81 |
+
}
|
82 |
+
|
83 |
+
$nPosition = array_search( $mValue, $aSubjectArray );
|
84 |
+
if ( $nPosition !== false && $nPosition != $nDesiredPosition ) {
|
85 |
+
|
86 |
+
// remove existing and reset index
|
87 |
+
unset( $aSubjectArray[ $nPosition ] );
|
88 |
+
$aSubjectArray = array_values( $aSubjectArray );
|
89 |
+
|
90 |
+
// insert and update
|
91 |
+
// http://stackoverflow.com/questions/3797239/insert-new-item-in-array-on-any-position-in-php
|
92 |
+
array_splice( $aSubjectArray, $nDesiredPosition, 0, $mValue );
|
93 |
+
}
|
94 |
+
|
95 |
+
return $aSubjectArray;
|
96 |
+
}
|
97 |
+
}
|
class-mixed-content-fixer.php
ADDED
@@ -0,0 +1,166 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
3 |
+
|
4 |
+
if ( ! class_exists( 'rsssl_admin_mixed_content_fixer' ) ) {
|
5 |
+
class rsssl_mixed_content_fixer {
|
6 |
+
private static $_this;
|
7 |
+
public $http_urls = array();
|
8 |
+
|
9 |
+
function __construct() {
|
10 |
+
if ( isset( self::$_this ) )
|
11 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
12 |
+
|
13 |
+
self::$_this = $this;
|
14 |
+
|
15 |
+
//exclude admin here: for all well built plugins and themes, this should not be necessary.
|
16 |
+
if (!is_admin() && is_ssl() && RSSSL()->rsssl_front_end->autoreplace_insecure_links) {
|
17 |
+
$this->fix_mixed_content();
|
18 |
+
}
|
19 |
+
|
20 |
+
}
|
21 |
+
|
22 |
+
static function this() {
|
23 |
+
return self::$_this;
|
24 |
+
}
|
25 |
+
|
26 |
+
/**
|
27 |
+
*
|
28 |
+
* add action hooks at the start and at the end of the WP process.
|
29 |
+
*
|
30 |
+
* @since 2.3
|
31 |
+
*
|
32 |
+
* @access public
|
33 |
+
*
|
34 |
+
*/
|
35 |
+
|
36 |
+
public function fix_mixed_content(){
|
37 |
+
|
38 |
+
/* Do not fix mixed content when call is coming from wp_api or from xmlrpc */
|
39 |
+
if ( defined( 'JSON_REQUEST' ) && JSON_REQUEST ) return;
|
40 |
+
if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) return;
|
41 |
+
|
42 |
+
$this->build_url_list();
|
43 |
+
|
44 |
+
/*
|
45 |
+
Take care with modifications to hooks here:
|
46 |
+
hooks tend to differ between front and back-end.
|
47 |
+
*/
|
48 |
+
|
49 |
+
if (is_admin()) {
|
50 |
+
|
51 |
+
add_action("admin_init", array($this, "start_buffer"), 100);
|
52 |
+
add_action("shutdown", array($this, "end_buffer"), 999);
|
53 |
+
|
54 |
+
} else {
|
55 |
+
|
56 |
+
if (RSSSL()->rsssl_front_end->switch_mixed_content_fixer_hook || (defined( 'RSSSL_CONTENT_FIXER_ON_INIT' ) && RSSSL_CONTENT_FIXER_ON_INIT) ) {
|
57 |
+
add_action("init", array($this, "start_buffer"));
|
58 |
+
} else {
|
59 |
+
add_action("template_redirect", array($this, "start_buffer"));
|
60 |
+
}
|
61 |
+
|
62 |
+
add_action("shutdown", array($this, "end_buffer"), 999);
|
63 |
+
}
|
64 |
+
}
|
65 |
+
|
66 |
+
|
67 |
+
/**
|
68 |
+
* Apply the mixed content fixer.
|
69 |
+
*
|
70 |
+
* @since 2.3
|
71 |
+
*
|
72 |
+
* @access public
|
73 |
+
*
|
74 |
+
*/
|
75 |
+
|
76 |
+
public function filter_buffer($buffer) {
|
77 |
+
$buffer = $this->replace_insecure_links($buffer);
|
78 |
+
return $buffer;
|
79 |
+
}
|
80 |
+
|
81 |
+
/**
|
82 |
+
* Start buffering the output
|
83 |
+
*
|
84 |
+
* @since 2.0
|
85 |
+
*
|
86 |
+
* @access public
|
87 |
+
*
|
88 |
+
*/
|
89 |
+
|
90 |
+
public function start_buffer(){
|
91 |
+
ob_start(array($this, "filter_buffer"));
|
92 |
+
}
|
93 |
+
|
94 |
+
/**
|
95 |
+
* Flush the output buffer
|
96 |
+
*
|
97 |
+
* @since 2.0
|
98 |
+
*
|
99 |
+
* @access public
|
100 |
+
*
|
101 |
+
*/
|
102 |
+
|
103 |
+
public function end_buffer(){
|
104 |
+
if (ob_get_length()) ob_end_flush();
|
105 |
+
}
|
106 |
+
|
107 |
+
/**
|
108 |
+
* Creates an array of insecure links that should be https and an array of secure links to replace with
|
109 |
+
*
|
110 |
+
* @since 2.0
|
111 |
+
*
|
112 |
+
* @access public
|
113 |
+
*
|
114 |
+
*/
|
115 |
+
|
116 |
+
public function build_url_list() {
|
117 |
+
$home = str_replace ( "https://" , "http://" , get_option('home'));
|
118 |
+
$home_no_www = str_replace ( "://www." , "://" , $home);
|
119 |
+
$home_yes_www = str_replace ( "://" , "://www." , $home_no_www);
|
120 |
+
|
121 |
+
//for the escaped version, we only replace the home_url, not it's www or non www counterpart, as it is most likely not used
|
122 |
+
$escaped_home = str_replace ( "/" , "\/" , $home);
|
123 |
+
|
124 |
+
$this->http_urls = array(
|
125 |
+
$home_yes_www,
|
126 |
+
$home_no_www,
|
127 |
+
$escaped_home,
|
128 |
+
"src='http://",
|
129 |
+
'src="http://',
|
130 |
+
"srcset='http://",
|
131 |
+
'srcset="http://',
|
132 |
+
);
|
133 |
+
}
|
134 |
+
|
135 |
+
/**
|
136 |
+
* Just before the page is sent to the visitor's browser, all homeurl links are replaced with https.
|
137 |
+
*
|
138 |
+
* @since 1.0
|
139 |
+
*
|
140 |
+
* @access public
|
141 |
+
*
|
142 |
+
*/
|
143 |
+
|
144 |
+
public function replace_insecure_links($str) {
|
145 |
+
|
146 |
+
$search_array = apply_filters('rlrsssl_replace_url_args', $this->http_urls);
|
147 |
+
$ssl_array = str_replace ( array("http://", "http:\/\/") , array("https://", "https:\/\/"), $search_array);
|
148 |
+
//now replace these links
|
149 |
+
$str = str_replace ($search_array , $ssl_array , $str);
|
150 |
+
|
151 |
+
//replace all http links except hyperlinks
|
152 |
+
//all tags with src attr are already fixed by str_replace
|
153 |
+
$pattern = array(
|
154 |
+
'/url\([\'"]?\K(http:\/\/)(?=[^)]+)/i',
|
155 |
+
'/<link [^>]*?href=[\'"]\K(http:\/\/)(?=[^\'"]+)/i',
|
156 |
+
'/<meta property="og:image" [^>]*?content=[\'"]\K(http:\/\/)(?=[^\'"]+)/i',
|
157 |
+
'/<form [^>]*?action=[\'"]\K(http:\/\/)(?=[^\'"]+)/i',
|
158 |
+
);
|
159 |
+
$str = preg_replace($pattern, 'https://', $str);
|
160 |
+
$str = str_replace ( "<body " , '<body data-rsssl=1 ', $str);
|
161 |
+
return apply_filters("rsssl_fixer_output", $str);
|
162 |
+
|
163 |
+
}
|
164 |
+
|
165 |
+
}
|
166 |
+
}
|
class-multisite.php
ADDED
@@ -0,0 +1,778 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
4 |
+
|
5 |
+
if ( ! class_exists( 'rsssl_multisite' ) ) {
|
6 |
+
class rsssl_multisite {
|
7 |
+
private static $_this;
|
8 |
+
|
9 |
+
public $option_group = "rsssl_network_options";
|
10 |
+
public $page_slug = "really-simple-ssl";
|
11 |
+
public $section = "rsssl_network_options_section";
|
12 |
+
public $ssl_enabled_networkwide;
|
13 |
+
public $selected_networkwide_or_per_site;
|
14 |
+
|
15 |
+
public $wp_redirect;
|
16 |
+
public $htaccess_redirect;
|
17 |
+
public $do_not_edit_htaccess;
|
18 |
+
public $autoreplace_mixed_content;
|
19 |
+
public $javascript_redirect;
|
20 |
+
public $hsts;
|
21 |
+
public $mixed_content_admin;
|
22 |
+
public $cert_expiration_warning;
|
23 |
+
public $hide_menu_for_subsites;
|
24 |
+
|
25 |
+
private $pro_url = "https://www.really-simple-ssl.com/pro-multisite";
|
26 |
+
|
27 |
+
function __construct() {
|
28 |
+
if ( isset( self::$_this ) )
|
29 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
30 |
+
|
31 |
+
self::$_this = $this;
|
32 |
+
|
33 |
+
|
34 |
+
$this->load_options();
|
35 |
+
register_activation_hook( dirname( __FILE__ )."/".rsssl_plugin, array($this,'activate') );
|
36 |
+
|
37 |
+
/*filters to make sure wordpress returns the correct protocol */
|
38 |
+
add_filter("admin_url", array($this, "check_admin_protocol"), 20, 3 );
|
39 |
+
add_filter('home_url', array($this, 'check_site_protocol') , 20,4);
|
40 |
+
add_filter('site_url', array($this, 'check_site_protocol') , 20,4);
|
41 |
+
|
42 |
+
add_action("plugins_loaded", array($this, "process_networkwide_choice"), 10, 0);
|
43 |
+
add_action("plugins_loaded", array($this, "networkwide_choice_notice"), 20, 0);
|
44 |
+
|
45 |
+
add_action('network_admin_menu', array( &$this, 'add_multisite_menu' ) );
|
46 |
+
add_action('network_admin_edit_rsssl_update_network_settings', array($this,'update_network_options'));
|
47 |
+
|
48 |
+
|
49 |
+
if (is_network_admin()) {
|
50 |
+
add_action('network_admin_notices', array($this, 'show_notices'), 10);
|
51 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_success'));
|
52 |
+
}
|
53 |
+
|
54 |
+
add_action('wp_ajax_dismiss_success_message_multisite', array($this,'dismiss_success_message_callback') );
|
55 |
+
|
56 |
+
add_action('wp_ajax_rsssl_pro_dismiss_pro_option_notice', array($this,'dismiss_pro_option_notice') );
|
57 |
+
add_action("network_admin_notices", array($this, 'show_pro_option_notice'));
|
58 |
+
|
59 |
+
add_action("rsssl_show_network_tab_settings", array($this, 'settings_tab'));
|
60 |
+
|
61 |
+
|
62 |
+
add_action( 'wpmu_new_blog', array($this, 'maybe_activate_ssl_in_new_blog'), 10, 6 );
|
63 |
+
|
64 |
+
|
65 |
+
}
|
66 |
+
|
67 |
+
static function this() {
|
68 |
+
return self::$_this;
|
69 |
+
}
|
70 |
+
|
71 |
+
/*
|
72 |
+
|
73 |
+
When a new site is added, maybe activate SSL as well.
|
74 |
+
|
75 |
+
*/
|
76 |
+
|
77 |
+
public function maybe_activate_ssl_in_new_blog( $blog_id, $user_id, $domain, $path, $site_id, $meta ) {
|
78 |
+
if ($this->ssl_enabled_networkwide) {
|
79 |
+
$site = get_blog_details($blog_id);
|
80 |
+
$this->switch_to_blog_bw_compatible($site);
|
81 |
+
RSSSL()->really_simple_ssl->activate_ssl();
|
82 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
83 |
+
}
|
84 |
+
}
|
85 |
+
|
86 |
+
|
87 |
+
|
88 |
+
|
89 |
+
public function networkwide_choice_notice(){
|
90 |
+
|
91 |
+
if ($this->plugin_network_wide_active() && !$this->selected_networkwide_or_per_site) {
|
92 |
+
add_action('network_admin_notices', array($this, 'show_notice_activate_networkwide'), 10);
|
93 |
+
}
|
94 |
+
}
|
95 |
+
|
96 |
+
public function load_options(){
|
97 |
+
$options = get_site_option('rlrsssl_network_options');
|
98 |
+
$this->selected_networkwide_or_per_site = isset($options["selected_networkwide_or_per_site"]) ? $options["selected_networkwide_or_per_site"] : false;
|
99 |
+
$this->ssl_enabled_networkwide = isset($options["ssl_enabled_networkwide"]) ? $options["ssl_enabled_networkwide"] : false;
|
100 |
+
$this->wp_redirect = isset($options["wp_redirect"]) ? $options["wp_redirect"] : false;
|
101 |
+
$this->htaccess_redirect = isset($options["htaccess_redirect"]) ? $options["htaccess_redirect"] : false;
|
102 |
+
$this->do_not_edit_htaccess = isset($options["do_not_edit_htaccess"]) ? $options["do_not_edit_htaccess"] : false;
|
103 |
+
$this->autoreplace_mixed_content = isset($options["autoreplace_mixed_content"]) ? $options["autoreplace_mixed_content"] : false;
|
104 |
+
$this->javascript_redirect = isset($options["javascript_redirect"]) ? $options["javascript_redirect"] : false;
|
105 |
+
$this->hsts = isset($options["hsts"]) ? $options["hsts"] : false;
|
106 |
+
$this->mixed_content_admin = isset($options["mixed_content_admin"]) ? $options["mixed_content_admin"] : false;
|
107 |
+
$this->cert_expiration_warning = isset($options["cert_expiration_warning"]) ? $options["cert_expiration_warning"] : false;
|
108 |
+
$this->hide_menu_for_subsites = isset($options["hide_menu_for_subsites"]) ? $options["hide_menu_for_subsites"] : false;
|
109 |
+
}
|
110 |
+
|
111 |
+
|
112 |
+
/**
|
113 |
+
* On plugin activation, we can check if it is networkwide or not.
|
114 |
+
*
|
115 |
+
* @since 2.1
|
116 |
+
*
|
117 |
+
* @access public
|
118 |
+
*
|
119 |
+
*/
|
120 |
+
|
121 |
+
public function activate($networkwide) {
|
122 |
+
//if networkwide, we ask, if not, we set it as selected.
|
123 |
+
if (!$networkwide) {
|
124 |
+
$this->selected_networkwide_or_per_site = true;
|
125 |
+
$this->ssl_enabled_networkwide = false;
|
126 |
+
$this->save_options();
|
127 |
+
}
|
128 |
+
|
129 |
+
}
|
130 |
+
|
131 |
+
/*
|
132 |
+
|
133 |
+
Add network menu for SSL
|
134 |
+
Only when plugin is network activated.
|
135 |
+
|
136 |
+
*/
|
137 |
+
|
138 |
+
public function add_multisite_menu(){
|
139 |
+
if (!$this->plugin_network_wide_active()) return;
|
140 |
+
|
141 |
+
register_setting( $this->option_group, 'rsssl_options');
|
142 |
+
add_settings_section('rsssl_network_settings', __("Settings","really-simple-ssl"), array($this,'section_text'), $this->page_slug);
|
143 |
+
|
144 |
+
if (RSSSL()->really_simple_ssl->site_has_ssl) {
|
145 |
+
add_settings_field('id_ssl_enabled_networkwide', __("Enable SSL", "really-simple-ssl"), array($this,'get_option_enable_multisite'), $this->page_slug, 'rsssl_network_settings');
|
146 |
+
//if ($this->selected_networkwide_or_per_site) {
|
147 |
+
RSSSL()->rsssl_network_admin_page = add_submenu_page('settings.php', "SSL", "SSL", 'manage_options', $this->page_slug, array( &$this, 'multisite_menu_page' ) );
|
148 |
+
//}
|
149 |
+
}
|
150 |
+
}
|
151 |
+
|
152 |
+
/*
|
153 |
+
Shows the content of the multisite menu page
|
154 |
+
*/
|
155 |
+
|
156 |
+
public function section_text(){
|
157 |
+
if (!RSSSL()->really_simple_ssl->site_has_ssl) {
|
158 |
+
?>
|
159 |
+
<p>
|
160 |
+
<?php _e("No SSL was detected. If you do have an ssl certificate, try to reload this page over https by clicking this link:","really-simple-ssl");?> <a href="<?php echo $current_url?>"><?php _e("reload over https.","really-simple-ssl");?></a>
|
161 |
+
<?php _e("You can check your certificate on","really-simple-ssl");?> <a target="_blank" href="https://www.ssllabs.com/ssltest/">Qualys SSL Labs</a>
|
162 |
+
</p>
|
163 |
+
<?php
|
164 |
+
} else {
|
165 |
+
_e("Below you can set the multisite options for Really Simple SSL","really-simple-ssl");
|
166 |
+
}
|
167 |
+
}
|
168 |
+
|
169 |
+
public function get_option_enable_multisite(){
|
170 |
+
?>
|
171 |
+
<select name="rlrsssl_network_options[ssl_enabled_networkwide]">
|
172 |
+
<?php if (!$this->selected_networkwide_or_per_site) {?>
|
173 |
+
<option value="-1" <?php if (!$this->selected_networkwide_or_per_site) echo "selected";?>><?php _e("No selection was made", "really-simple-ssl")?>
|
174 |
+
<?php }?>
|
175 |
+
<option value="1" <?php if ($this->ssl_enabled_networkwide) echo "selected";?>><?php _e("networkwide", "really-simple-ssl")?>
|
176 |
+
<option value="0" <?php if (!$this->ssl_enabled_networkwide) echo "selected";?>><?php _e("per site", "really-simple-ssl")?>
|
177 |
+
</select>
|
178 |
+
<?php
|
179 |
+
|
180 |
+
//echo '<input id="rlrsssl_options" name="rlrsssl_network_options[ssl_enabled_networkwide]" size="40" type="checkbox" value="1"' . checked( 1, $this->ssl_enabled_networkwide, false ) ." />";
|
181 |
+
rsssl_help::this()->get_help_tip(__("Select to enable SSL networkwide or per site.", "really-simple-ssl"));
|
182 |
+
}
|
183 |
+
|
184 |
+
|
185 |
+
/**
|
186 |
+
* Displays the options page. The big difference here is where you post the data
|
187 |
+
* because, unlike for normal option pages, there is nowhere to process it by
|
188 |
+
* default so we have to create our own hook to process the saving of our options.
|
189 |
+
*/
|
190 |
+
|
191 |
+
public function multisite_menu_page() {
|
192 |
+
$tab = "settings";
|
193 |
+
if ( isset ( $_GET['tab'] ) ) $tab = $_GET['tab'];
|
194 |
+
$this->admin_tabs($tab);
|
195 |
+
|
196 |
+
do_action("rsssl_show_network_tab_{$tab}");
|
197 |
+
}
|
198 |
+
|
199 |
+
|
200 |
+
public function settings_tab(){
|
201 |
+
if (isset($_GET['updated'])): ?>
|
202 |
+
<div id="message" class="updated notice is-dismissible"><p><?php _e('Options saved.') ?></p></div>
|
203 |
+
<?php endif; ?>
|
204 |
+
<div class="wrap">
|
205 |
+
<h1><?php _e('Really Simple SSL multisite options', 'really-simple-ssl'); ?></h1>
|
206 |
+
<form method="POST" action="edit.php?action=rsssl_update_network_settings">
|
207 |
+
<?php
|
208 |
+
|
209 |
+
settings_fields($this->option_group);
|
210 |
+
do_settings_sections($this->page_slug);
|
211 |
+
submit_button();
|
212 |
+
?>
|
213 |
+
</form>
|
214 |
+
</div>
|
215 |
+
<?php
|
216 |
+
}
|
217 |
+
|
218 |
+
|
219 |
+
/**
|
220 |
+
* Save network settings
|
221 |
+
*/
|
222 |
+
|
223 |
+
public function update_network_options() {
|
224 |
+
check_admin_referer($this->option_group.'-options');
|
225 |
+
|
226 |
+
if (isset($_POST["rlrsssl_network_options"])) {
|
227 |
+
$prev_ssl_enabled_networkwide = $this->ssl_enabled_networkwide;
|
228 |
+
$options = array_map(array($this, "sanitize_boolean"), $_POST["rlrsssl_network_options"]);
|
229 |
+
$options["selected_networkwide_or_per_site"] = true;
|
230 |
+
|
231 |
+
$this->ssl_enabled_networkwide = isset($options["ssl_enabled_networkwide"]) ? $options["ssl_enabled_networkwide"] : false;
|
232 |
+
|
233 |
+
$this->wp_redirect = isset($options["wp_redirect"]) ? $options["wp_redirect"] : false;
|
234 |
+
$this->htaccess_redirect = isset($options["htaccess_redirect"]) ? $options["htaccess_redirect"] : false;
|
235 |
+
|
236 |
+
$this->do_not_edit_htaccess = isset($options["do_not_edit_htaccess"]) ? $options["do_not_edit_htaccess"] : false;
|
237 |
+
$this->autoreplace_mixed_content = isset($options["autoreplace_mixed_content"]) ? $options["autoreplace_mixed_content"] : false;
|
238 |
+
$this->javascript_redirect = isset($options["javascript_redirect"]) ? $options["javascript_redirect"] : false;
|
239 |
+
$this->hsts = isset($options["hsts"]) ? $options["hsts"] : false;
|
240 |
+
$this->mixed_content_admin = isset($options["mixed_content_admin"]) ? $options["mixed_content_admin"] : false;
|
241 |
+
$this->cert_expiration_warning = isset($options["cert_expiration_warning"]) ? $options["cert_expiration_warning"] : false;
|
242 |
+
$this->hide_menu_for_subsites = isset($options["hide_menu_for_subsites"]) ? $options["hide_menu_for_subsites"] : false;
|
243 |
+
|
244 |
+
|
245 |
+
$this->selected_networkwide_or_per_site = isset($options["selected_networkwide_or_per_site"]) ? $options["selected_networkwide_or_per_site"] : false;
|
246 |
+
}
|
247 |
+
|
248 |
+
$this->save_options();
|
249 |
+
|
250 |
+
if ($this->ssl_enabled_networkwide) {
|
251 |
+
//enable SSL on all sites on the network
|
252 |
+
$this->activate_ssl_networkwide();
|
253 |
+
} elseif ($prev_ssl_enabled_networkwide!=$this->ssl_enabled_networkwide) {
|
254 |
+
//if we switch to per page, we deactivate SSL on all pages first, but only if the setting was changed.
|
255 |
+
$sites = $this->get_sites_bw_compatible();
|
256 |
+
foreach ( $sites as $site ) {
|
257 |
+
$this->switch_to_blog_bw_compatible($site);
|
258 |
+
RSSSL()->really_simple_ssl->deactivate_ssl();
|
259 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
260 |
+
}
|
261 |
+
}
|
262 |
+
|
263 |
+
|
264 |
+
// At last we redirect back to our options page.
|
265 |
+
wp_redirect(add_query_arg(array('page' => $this->page_slug, 'updated' => 'true'), network_admin_url('settings.php')));
|
266 |
+
exit;
|
267 |
+
}
|
268 |
+
|
269 |
+
public function sanitize_boolean($value)
|
270 |
+
{
|
271 |
+
if ($value == true) {
|
272 |
+
return true;
|
273 |
+
} else {
|
274 |
+
return false;
|
275 |
+
}
|
276 |
+
}
|
277 |
+
|
278 |
+
|
279 |
+
/**
|
280 |
+
* Give the user an option to activate network wide or not.
|
281 |
+
* Needs to be called after detect_configuration function
|
282 |
+
*
|
283 |
+
* @since 2.3
|
284 |
+
*
|
285 |
+
* @access public
|
286 |
+
*
|
287 |
+
*/
|
288 |
+
|
289 |
+
public function show_notice_activate_networkwide(){
|
290 |
+
//if no SSL was detected, don't activate it yet.
|
291 |
+
if (!RSSSL()->really_simple_ssl->site_has_ssl) {
|
292 |
+
global $wp;
|
293 |
+
$current_url = "https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]
|
294 |
+
?>
|
295 |
+
<div id="message" class="error fade notice activate-ssl">
|
296 |
+
<p><?php _e("No SSL was detected. If you do have an ssl certificate, try to reload this page over https by clicking this link:","really-simple-ssl");?> <a href="<?php echo $current_url?>"><?php _e("reload over https.","really-simple-ssl");?></a>
|
297 |
+
<?php _e("You can check your certificate on","really-simple-ssl");?> <a target="_blank" href="https://www.ssllabs.com/ssltest/">Qualys SSL Labs</a>
|
298 |
+
</p>
|
299 |
+
</div>
|
300 |
+
<?php } ?>
|
301 |
+
|
302 |
+
<?php if (RSSSL()->really_simple_ssl->site_has_ssl) {
|
303 |
+
if (is_main_site(get_current_blog_id()) && RSSSL()->really_simple_ssl->wpconfig_ok()) {
|
304 |
+
?>
|
305 |
+
<div id="message" class="updated fade notice activate-ssl">
|
306 |
+
<h1><?php _e("Choose your preferred setup","really-simple-ssl");?></h1>
|
307 |
+
<?php _e("Some things can't be done automatically. Before you migrate, please check for: ",'really-simple-ssl');?>
|
308 |
+
<p>
|
309 |
+
<ul>
|
310 |
+
<li><?php _e('Http references in your .css and .js files: change any http:// into //','really-simple-ssl');?></li>
|
311 |
+
<li><?php _e('Images, stylesheets or scripts from a domain without an ssl certificate: remove them or move to your own server.','really-simple-ssl');?></li>
|
312 |
+
</ul>
|
313 |
+
</p>
|
314 |
+
<?php $this->show_pro(); ?>
|
315 |
+
<p>
|
316 |
+
<form action="" method="post">
|
317 |
+
<?php wp_nonce_field( 'rsssl_nonce', 'rsssl_nonce' );?>
|
318 |
+
<input type="submit" class='button button-primary' value="<?php _e("Activate SSL networkwide","really-simple-ssl");?>" id="rsssl_do_activate_ssl_networkwide" name="rsssl_do_activate_ssl_networkwide">
|
319 |
+
<input type="submit" class='button button-primary' value="<?php _e("Activate SSL per site","really-simple-ssl");?>" id="rsssl_do_activate_ssl_per_site" name="rsssl_do_activate_ssl_per_site">
|
320 |
+
</form>
|
321 |
+
</p>
|
322 |
+
<p>
|
323 |
+
<?php _e("Networkwide activation does not check if a site has an SSL certificate. It just migrates all sites to SSL.","really-simple-ssl");?>
|
324 |
+
</p>
|
325 |
+
</div>
|
326 |
+
<?php
|
327 |
+
}
|
328 |
+
}
|
329 |
+
}
|
330 |
+
/**
|
331 |
+
* @since 2.3
|
332 |
+
* Shows option to buy pro
|
333 |
+
|
334 |
+
*/
|
335 |
+
|
336 |
+
public function show_pro(){
|
337 |
+
?>
|
338 |
+
<p><?php _e('You can also let the automatic scan of the pro version handle this for you, and get premium support and increased security with HSTS included.','really-simple-ssl');?> <a target="_blank" href="<?php echo $this->pro_url;?>"><?php _e("Check out Really Simple SSL Premium","really-simple-ssl");?></a></p>
|
339 |
+
<?php
|
340 |
+
}
|
341 |
+
|
342 |
+
|
343 |
+
|
344 |
+
/*
|
345 |
+
|
346 |
+
Check if the plugin is network activated.
|
347 |
+
|
348 |
+
*/
|
349 |
+
|
350 |
+
|
351 |
+
public function plugin_network_wide_active(){
|
352 |
+
if ( ! function_exists( 'is_plugin_active_for_network' ) )
|
353 |
+
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
|
354 |
+
|
355 |
+
if ( is_plugin_active_for_network(rsssl_plugin) ){
|
356 |
+
return true;
|
357 |
+
} else {
|
358 |
+
return false;
|
359 |
+
}
|
360 |
+
}
|
361 |
+
|
362 |
+
|
363 |
+
|
364 |
+
public function process_networkwide_choice(){
|
365 |
+
|
366 |
+
if (!$this->plugin_network_wide_active()) return;
|
367 |
+
|
368 |
+
|
369 |
+
if ( isset($_POST['rsssl_do_activate_ssl_networkwide'])) {
|
370 |
+
|
371 |
+
$this->selected_networkwide_or_per_site = true;
|
372 |
+
$this->ssl_enabled_networkwide = true;
|
373 |
+
$this->wp_redirect = true;
|
374 |
+
$this->save_options();
|
375 |
+
|
376 |
+
//enable SSL on all sites on the network
|
377 |
+
$this->activate_ssl_networkwide();
|
378 |
+
|
379 |
+
}
|
380 |
+
|
381 |
+
if (isset($_POST['rsssl_do_activate_ssl_per_site'])) {
|
382 |
+
|
383 |
+
$this->selected_networkwide_or_per_site = true;
|
384 |
+
$this->ssl_enabled_networkwide = false;
|
385 |
+
$this->save_options();
|
386 |
+
}
|
387 |
+
|
388 |
+
}
|
389 |
+
|
390 |
+
|
391 |
+
public function save_options(){
|
392 |
+
$options = get_site_option("rlrsssl_network_options");
|
393 |
+
if (!is_array($options)) $options = array();
|
394 |
+
|
395 |
+
$options["selected_networkwide_or_per_site"] = $this->selected_networkwide_or_per_site;
|
396 |
+
$options["ssl_enabled_networkwide"] = $this->ssl_enabled_networkwide;
|
397 |
+
$options["wp_redirect"] = $this->wp_redirect;
|
398 |
+
$options["htaccess_redirect"] = $this->htaccess_redirect;
|
399 |
+
$options["do_not_edit_htaccess"] = $this->do_not_edit_htaccess;
|
400 |
+
$options["autoreplace_mixed_content"] = $this->autoreplace_mixed_content;
|
401 |
+
$options["javascript_redirect"] = $this->javascript_redirect;
|
402 |
+
$options["hsts"] = $this->hsts;
|
403 |
+
$options["mixed_content_admin"] = $this->mixed_content_admin;
|
404 |
+
$options["cert_expiration_warning"] = $this->cert_expiration_warning;
|
405 |
+
$options["hide_menu_for_subsites"] = $this->hide_menu_for_subsites;
|
406 |
+
|
407 |
+
update_site_option("rlrsssl_network_options", $options);
|
408 |
+
}
|
409 |
+
|
410 |
+
|
411 |
+
public function activate_ssl_networkwide(){
|
412 |
+
|
413 |
+
//set all sites as enabled
|
414 |
+
$sites = $this->get_sites_bw_compatible();
|
415 |
+
|
416 |
+
foreach ( $sites as $site ) {
|
417 |
+
$this->switch_to_blog_bw_compatible($site);
|
418 |
+
RSSSL()->really_simple_ssl->activate_ssl();
|
419 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
420 |
+
}
|
421 |
+
|
422 |
+
}
|
423 |
+
|
424 |
+
|
425 |
+
|
426 |
+
|
427 |
+
//change deprecated function depending on version.
|
428 |
+
|
429 |
+
public function get_sites_bw_compatible(){
|
430 |
+
global $wp_version;
|
431 |
+
$sites = ($wp_version >= 4.6 ) ? get_sites() : wp_get_sites();
|
432 |
+
return $sites;
|
433 |
+
}
|
434 |
+
|
435 |
+
/*
|
436 |
+
The new get_sites function returns an object.
|
437 |
+
|
438 |
+
*/
|
439 |
+
|
440 |
+
public function switch_to_blog_bw_compatible($site){
|
441 |
+
global $wp_version;
|
442 |
+
if ($wp_version >= 4.6 ) {
|
443 |
+
switch_to_blog( $site->blog_id );
|
444 |
+
} else {
|
445 |
+
switch_to_blog( $site[ 'blog_id' ] );
|
446 |
+
}
|
447 |
+
}
|
448 |
+
|
449 |
+
public function deactivate(){
|
450 |
+
|
451 |
+
$options = get_site_option("rlrsssl_network_options");
|
452 |
+
$options["selected_networkwide_or_per_site"] = false;
|
453 |
+
$options["wp_redirect"] = false;
|
454 |
+
$options["htaccess_redirect"] = false;
|
455 |
+
$options["do_not_edit_htaccess"] = false;
|
456 |
+
$options["autoreplace_mixed_content"] = false;
|
457 |
+
$options["javascript_redirect"] = false;
|
458 |
+
$options["hsts"] = false;
|
459 |
+
$options["mixed_content_admin"] = false;
|
460 |
+
$options["cert_expiration_warning"] = false;
|
461 |
+
$options["hide_menu_for_subsites"] = false;
|
462 |
+
|
463 |
+
unset($options["ssl_enabled_networkwide"]);
|
464 |
+
update_site_option("rlrsssl_network_options", $options);
|
465 |
+
|
466 |
+
$sites = $this->get_sites_bw_compatible();
|
467 |
+
foreach ( $sites as $site ) {
|
468 |
+
$this->switch_to_blog_bw_compatible($site);
|
469 |
+
RSSSL()->really_simple_ssl->deactivate_ssl();
|
470 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
471 |
+
}
|
472 |
+
|
473 |
+
}
|
474 |
+
|
475 |
+
|
476 |
+
/**
|
477 |
+
* filters the get_admin_url function to correct the false https urls wordpress returns for non ssl websites.
|
478 |
+
*
|
479 |
+
* @since 2.3.10
|
480 |
+
*
|
481 |
+
*/
|
482 |
+
|
483 |
+
public function check_admin_protocol($url, $path, $blog_id){
|
484 |
+
if (!defined('FORCE_SSL_ADMIN')) {
|
485 |
+
|
486 |
+
if (!$this->ssl_enabled_networkwide) {
|
487 |
+
$home_url = get_blog_option($blog_id, 'home');
|
488 |
+
if (strpos($home_url, "https://")===false) {
|
489 |
+
$url = str_replace("https://","http://",$url);
|
490 |
+
}
|
491 |
+
}
|
492 |
+
|
493 |
+
}
|
494 |
+
|
495 |
+
return $url;
|
496 |
+
}
|
497 |
+
|
498 |
+
/**
|
499 |
+
* filters the home_url and/or site_url function to correct the false https urls wordpress returns for non ssl websites.
|
500 |
+
*
|
501 |
+
* @since 2.3.17
|
502 |
+
*
|
503 |
+
*/
|
504 |
+
|
505 |
+
public function check_site_protocol($url, $path, $orig_scheme, $blog_id){
|
506 |
+
if (!$this->ssl_enabled_networkwide) {
|
507 |
+
$home_url = get_blog_option($blog_id, 'home');
|
508 |
+
if (strpos($home_url, "https://")===false) {
|
509 |
+
$url = str_replace("https://","http://",$url);
|
510 |
+
}
|
511 |
+
}
|
512 |
+
return $url;
|
513 |
+
}
|
514 |
+
|
515 |
+
|
516 |
+
|
517 |
+
/**
|
518 |
+
* Checks if we are on a subfolder install. (domain.com/site1 )
|
519 |
+
*
|
520 |
+
* @since 2.2
|
521 |
+
*
|
522 |
+
* @access protected
|
523 |
+
*
|
524 |
+
*/
|
525 |
+
|
526 |
+
public function is_multisite_subfolder_install() {
|
527 |
+
if (!is_multisite()) return FALSE;
|
528 |
+
//we check this manually, as the SUBDOMAIN_INSTALL constant of wordpress might return false for domain mapping configs
|
529 |
+
$is_subfolder = FALSE;
|
530 |
+
$sites = $this->get_sites_bw_compatible();
|
531 |
+
foreach ( $sites as $site ) {
|
532 |
+
$this->switch_to_blog_bw_compatible($site);
|
533 |
+
if ($this->is_subfolder(home_url())) {
|
534 |
+
$is_subfolder=TRUE;
|
535 |
+
}
|
536 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
537 |
+
if ($is_subfolder) return true;
|
538 |
+
}
|
539 |
+
|
540 |
+
return $is_subfolder;
|
541 |
+
}
|
542 |
+
|
543 |
+
/**
|
544 |
+
* Test if a domain has a subfolder structure
|
545 |
+
*
|
546 |
+
* @since 2.2
|
547 |
+
*
|
548 |
+
* @param string $domain
|
549 |
+
*
|
550 |
+
* @access private
|
551 |
+
*
|
552 |
+
*/
|
553 |
+
|
554 |
+
public function is_subfolder($domain) {
|
555 |
+
|
556 |
+
//remove slashes of the http(s)
|
557 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/","",$domain);
|
558 |
+
if (strpos($domain,"/")!==FALSE) {
|
559 |
+
return true;
|
560 |
+
}
|
561 |
+
return false;
|
562 |
+
}
|
563 |
+
|
564 |
+
public function is_per_site_activated_multisite_subfolder_install() {
|
565 |
+
if (is_multisite() && $this->is_multisite_subfolder_install() && !$this->ssl_enabled_networkwide){
|
566 |
+
return true;
|
567 |
+
}
|
568 |
+
|
569 |
+
return false;
|
570 |
+
}
|
571 |
+
|
572 |
+
/**
|
573 |
+
* Show notices
|
574 |
+
*
|
575 |
+
* @since 2.0
|
576 |
+
*
|
577 |
+
* @access public
|
578 |
+
*
|
579 |
+
*/
|
580 |
+
|
581 |
+
public function show_notices()
|
582 |
+
{
|
583 |
+
|
584 |
+
if (isset(RSSSL()->really_simple_ssl->errors["DEACTIVATE_FILE_NOT_RENAMED"])) {
|
585 |
+
?>
|
586 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-fail">
|
587 |
+
<h1>
|
588 |
+
<?php _e("Major security issue!","really-simple-ssl");?>
|
589 |
+
</h1>
|
590 |
+
<p>
|
591 |
+
<?php _e("The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet.","really-simple-ssl");?>
|
592 |
+
</p>
|
593 |
+
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("Check again","really-simple-ssl");?></a>
|
594 |
+
</div>
|
595 |
+
<?php
|
596 |
+
}
|
597 |
+
|
598 |
+
/*
|
599 |
+
SSL success message
|
600 |
+
*/
|
601 |
+
|
602 |
+
if ($this->selected_networkwide_or_per_site && !get_site_option("rsssl_success_message_shown")) {
|
603 |
+
|
604 |
+
?>
|
605 |
+
<div id="message" class="updated fade notice is-dismissible rlrsssl-multisite-success">
|
606 |
+
<p>
|
607 |
+
<?php _e("SSL activated!","really-simple-ssl");?>
|
608 |
+
<?php
|
609 |
+
if ($this->ssl_enabled_networkwide)
|
610 |
+
_e("SSL was activated on your entire network.", "really-simple-ssl");
|
611 |
+
else
|
612 |
+
_e("SSL was activated per site.", "really-simple-ssl");
|
613 |
+
?>
|
614 |
+
<?php _e("Don't forget to change your settings in Google Analytics en Webmaster tools.","really-simple-ssl");?>
|
615 |
+
<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/how-to-setup-google-analytics-and-google-search-consolewebmaster-tools/"><?php _e("More info.","really-simple-ssl");?></a>
|
616 |
+
</p>
|
617 |
+
</div>
|
618 |
+
<?php
|
619 |
+
}
|
620 |
+
|
621 |
+
if (!$this->ssl_enabled_networkwide && $this->selected_networkwide_or_per_site && $this->is_multisite_subfolder_install()) {
|
622 |
+
//with no server variables, the website could get into redirect loops.
|
623 |
+
if (RSSSL()->really_simple_ssl->no_server_variable) {
|
624 |
+
?>
|
625 |
+
<div id="message" class="error fade notice">
|
626 |
+
<p>
|
627 |
+
<?php _e('You run a Multisite installation with subfolders, which prevents this plugin from fixing your missing server variable in the wp-config.php.','really-simple-ssl');?>
|
628 |
+
<?php _e('Because the $_SERVER["HTTPS"] variable is not set, your website may experience redirect loops.','really-simple-ssl');?>
|
629 |
+
<?php _e('Activate networkwide to fix this.','really-simple-ssl');?>
|
630 |
+
</p>
|
631 |
+
</div>
|
632 |
+
<?php
|
633 |
+
}
|
634 |
+
}
|
635 |
+
}
|
636 |
+
|
637 |
+
|
638 |
+
/**
|
639 |
+
* Insert some ajax script to dismis the ssl success message, and stop nagging about it
|
640 |
+
*
|
641 |
+
* @since 2.0
|
642 |
+
*
|
643 |
+
* @access public
|
644 |
+
*
|
645 |
+
*/
|
646 |
+
|
647 |
+
public function insert_dismiss_success() {
|
648 |
+
if ($this->selected_networkwide_or_per_site && !get_site_option("rsssl_success_message_shown")) {
|
649 |
+
$ajax_nonce = wp_create_nonce( "really-simple-ssl-dismiss" );
|
650 |
+
?>
|
651 |
+
<script type='text/javascript'>
|
652 |
+
jQuery(document).ready(function($) {
|
653 |
+
$(".rlrsssl-multisite-success.notice.is-dismissible").on("click", ".notice-dismiss", function(event){
|
654 |
+
|
655 |
+
var data = {
|
656 |
+
'action': 'dismiss_success_message_multisite',
|
657 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
658 |
+
};
|
659 |
+
|
660 |
+
$.post(ajaxurl, data, function(response) {
|
661 |
+
|
662 |
+
});
|
663 |
+
});
|
664 |
+
});
|
665 |
+
</script>
|
666 |
+
<?php
|
667 |
+
}
|
668 |
+
}
|
669 |
+
|
670 |
+
/**
|
671 |
+
* Process the ajax dismissal of the success message.
|
672 |
+
*
|
673 |
+
* @since 2.0
|
674 |
+
*
|
675 |
+
* @access public
|
676 |
+
*
|
677 |
+
*/
|
678 |
+
|
679 |
+
public function dismiss_success_message_callback() {
|
680 |
+
//nonce check fails if url is changed to ssl.
|
681 |
+
//check_ajax_referer( 'really-simple-ssl-dismiss', 'security' );
|
682 |
+
update_site_option("rsssl_success_message_shown", true);
|
683 |
+
wp_die();
|
684 |
+
}
|
685 |
+
|
686 |
+
|
687 |
+
public function dismiss_pro_option_notice() {
|
688 |
+
check_ajax_referer( 'rsssl-pro-dismiss-pro-option-notice', 'nonce' );
|
689 |
+
update_option( 'rsssl_pro_pro_option_notice_dismissed', true);
|
690 |
+
wp_die();
|
691 |
+
}
|
692 |
+
|
693 |
+
public function dismiss_pro_option_script() {
|
694 |
+
$ajax_nonce = wp_create_nonce( "rsssl-pro-dismiss-pro-option-notice" );
|
695 |
+
?>
|
696 |
+
<script type='text/javascript'>
|
697 |
+
jQuery(document).ready(function($) {
|
698 |
+
|
699 |
+
$(".rsssl-pro-dismiss-notice.notice.is-dismissible").on("click", ".notice-dismiss", function(event){
|
700 |
+
var data = {
|
701 |
+
'action': 'rsssl_pro_dismiss_pro_option_notice',
|
702 |
+
'nonce': '<?php echo $ajax_nonce; ?>'
|
703 |
+
};
|
704 |
+
|
705 |
+
$.post(ajaxurl, data, function(response) {
|
706 |
+
|
707 |
+
});
|
708 |
+
});
|
709 |
+
});
|
710 |
+
</script>
|
711 |
+
<?php
|
712 |
+
}
|
713 |
+
|
714 |
+
|
715 |
+
public function show_pro_option_notice(){
|
716 |
+
if (!$this->is_settings_page()) return;
|
717 |
+
|
718 |
+
$dismissed = get_option( 'rsssl_pro_pro_option_notice_dismissed' );
|
719 |
+
if (!$dismissed) {
|
720 |
+
|
721 |
+
if (defined('rsssl_pro_version')) {
|
722 |
+
if (!defined('rsssl_pro_ms_version')) {
|
723 |
+
add_action('admin_print_footer_scripts', array($this, 'dismiss_pro_option_script'));
|
724 |
+
?>
|
725 |
+
<div id="message" class="updated fade notice is-dismissible rsssl-pro-dismiss-notice">
|
726 |
+
<p>
|
727 |
+
<?php echo sprintf( __( 'You are running Really Simple SSL pro. A dedicated add-on for multisite has been released. If you want more options to have full control over your multisite network, you can ask for a discount code to %supgrade%s your license to a multisite license.', 'really-simple-ssl' ), '<a href="https://really-simple-ssl.com/contact" title="Really Simple SSL">', '</a>' )?>
|
728 |
+
</p>
|
729 |
+
</p></div>
|
730 |
+
<?php
|
731 |
+
}
|
732 |
+
} else {
|
733 |
+
?>
|
734 |
+
<div id="message" class="updated fade notice is-dismissible rsssl-pro-dismiss-notice">
|
735 |
+
<p>
|
736 |
+
<?php echo sprintf( __( 'If you want more options to have full control over your multisite network, you can %supgrade%s your license to a multisite license, or dismiss this message', 'really-simple-ssl' ), '<a href="https://really-simple-ssl.com/pro-multisite" title="Really Simple SSL">', '</a>' )?>
|
737 |
+
</p>
|
738 |
+
</p></div>
|
739 |
+
<?php
|
740 |
+
}
|
741 |
+
}
|
742 |
+
}
|
743 |
+
|
744 |
+
public function is_settings_page(){
|
745 |
+
return ( isset( $_GET['page'] ) && $_GET['page'] == 'really-simple-ssl' ) ? true : false;
|
746 |
+
}
|
747 |
+
|
748 |
+
|
749 |
+
|
750 |
+
/**
|
751 |
+
* Create tabs on the settings page
|
752 |
+
*
|
753 |
+
* @since 1.0.0
|
754 |
+
*
|
755 |
+
* @access public
|
756 |
+
*
|
757 |
+
*/
|
758 |
+
|
759 |
+
public function admin_tabs( $current = 'settings' ) {
|
760 |
+
$tabs = array(
|
761 |
+
'settings'=>__("Settings","really-simple-ssl"),
|
762 |
+
);
|
763 |
+
|
764 |
+
$tabs = apply_filters("rsssl_network_tabs", $tabs);
|
765 |
+
|
766 |
+
if (count($tabs)>1) {
|
767 |
+
echo '<h2 class="nav-tab-wrapper">';
|
768 |
+
|
769 |
+
foreach( $tabs as $tab => $name ){
|
770 |
+
$class = ( $tab == $current ) ? ' nav-tab-active' : '';
|
771 |
+
echo "<a class='nav-tab$class' href='?page=really-simple-ssl&tab=$tab'>$name</a>";
|
772 |
+
}
|
773 |
+
echo '</h2>';
|
774 |
+
}
|
775 |
+
}
|
776 |
+
|
777 |
+
} //class closure
|
778 |
+
}
|
class-server.php
ADDED
@@ -0,0 +1,75 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
defined('ABSPATH') or die("you do not have acces to this page!");
|
3 |
+
|
4 |
+
if ( ! class_exists( 'rsssl_server' ) ) {
|
5 |
+
class rsssl_server {
|
6 |
+
private static $_this;
|
7 |
+
|
8 |
+
function __construct() {
|
9 |
+
if ( isset( self::$_this ) )
|
10 |
+
wp_die( sprintf( __( '%s is a singleton class and you cannot create a second instance.','really-simple-ssl' ), get_class( $this ) ) );
|
11 |
+
|
12 |
+
self::$_this = $this;
|
13 |
+
|
14 |
+
}
|
15 |
+
|
16 |
+
static function this() {
|
17 |
+
return self::$_this;
|
18 |
+
}
|
19 |
+
|
20 |
+
|
21 |
+
/*
|
22 |
+
|
23 |
+
@Since 2.5.1
|
24 |
+
Checks if the server uses .htaccess
|
25 |
+
returns: Boolean
|
26 |
+
|
27 |
+
*/
|
28 |
+
|
29 |
+
public function uses_htaccess(){
|
30 |
+
|
31 |
+
if ($this->get_server()=="apache" || $this->get_server()=="litespeed") {
|
32 |
+
return true;
|
33 |
+
}
|
34 |
+
|
35 |
+
return false;
|
36 |
+
}
|
37 |
+
|
38 |
+
/**
|
39 |
+
* Returns the server type of the plugin user.
|
40 |
+
*
|
41 |
+
* @return string|bool server type the user is using of false if undetectable.
|
42 |
+
*/
|
43 |
+
|
44 |
+
public function get_server() {
|
45 |
+
|
46 |
+
//Allows to override server authentication for testing or other reasons.
|
47 |
+
if ( defined( 'RSSSL_SERVER_OVERRIDE' ) ) {
|
48 |
+
return RSSSL_SERVER_OVERRIDE;
|
49 |
+
}
|
50 |
+
|
51 |
+
$server_raw = strtolower( filter_var( $_SERVER['SERVER_SOFTWARE'], FILTER_SANITIZE_STRING ) );
|
52 |
+
|
53 |
+
//figure out what server they're using
|
54 |
+
if ( strpos( $server_raw, 'apache' ) !== false ) {
|
55 |
+
|
56 |
+
return 'apache';
|
57 |
+
|
58 |
+
} elseif ( strpos( $server_raw, 'nginx' ) !== false ) {
|
59 |
+
|
60 |
+
return 'nginx';
|
61 |
+
|
62 |
+
} elseif ( strpos( $server_raw, 'litespeed' ) !== false ) {
|
63 |
+
|
64 |
+
return 'litespeed';
|
65 |
+
|
66 |
+
} else { //unsupported server
|
67 |
+
|
68 |
+
return false;
|
69 |
+
|
70 |
+
}
|
71 |
+
|
72 |
+
}
|
73 |
+
|
74 |
+
} //class closure
|
75 |
+
}
|
class-url.php
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
/*
|
4 |
+
for backward compatibility
|
5 |
+
*/
|
css/index.php
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<?php //You don't belong here. ?>
|
css/main.css
ADDED
@@ -0,0 +1,337 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
.rsssl-notice {
|
2 |
+
background-color: #fff;
|
3 |
+
border-left: 4px solid green;
|
4 |
+
padding: 1px 15px;
|
5 |
+
}
|
6 |
+
|
7 |
+
/* .rsssl-main {
|
8 |
+
width:95%;
|
9 |
+
float:left;
|
10 |
+
} */
|
11 |
+
|
12 |
+
.rsssl-sidebar {
|
13 |
+
width:20%;
|
14 |
+
float:left;
|
15 |
+
}
|
16 |
+
|
17 |
+
.rsssl-sidebar h4 {
|
18 |
+
font-size:14px;
|
19 |
+
font-style:italic;
|
20 |
+
}
|
21 |
+
|
22 |
+
.rsssl-wrapper {
|
23 |
+
padding:30px;
|
24 |
+
}
|
25 |
+
|
26 |
+
@media screen and (max-width: 800px) {
|
27 |
+
.rsssl-sidebar, .rsssl-main {
|
28 |
+
width:100%;
|
29 |
+
}
|
30 |
+
}
|
31 |
+
|
32 |
+
.rsssl-sidebar img {
|
33 |
+
max-width:100%;
|
34 |
+
height:inherit;
|
35 |
+
}
|
36 |
+
|
37 |
+
.activate-ssl ul, .rsssl-result ul, .rsssl_bullets {
|
38 |
+
list-style-type: square;
|
39 |
+
margin-left:30px;
|
40 |
+
}
|
41 |
+
|
42 |
+
.activate-ssl .button {
|
43 |
+
margin-bottom:20px;
|
44 |
+
}
|
45 |
+
.really-simple-ssl-table td {
|
46 |
+
vertical-align: top;
|
47 |
+
}
|
48 |
+
.debug-log {
|
49 |
+
background-color: #fff;
|
50 |
+
padding:15px;
|
51 |
+
border:1px solid black;
|
52 |
+
}
|
53 |
+
|
54 |
+
.icons {
|
55 |
+
width:15px;
|
56 |
+
height:15px;
|
57 |
+
}
|
58 |
+
|
59 |
+
.rsssl-icons {
|
60 |
+
width:15px;
|
61 |
+
height:15px;
|
62 |
+
}
|
63 |
+
|
64 |
+
.loader {
|
65 |
+
width: 250px;
|
66 |
+
height: 50px;
|
67 |
+
line-height: 50px;
|
68 |
+
text-align: center;
|
69 |
+
margin: 50px 150px;;
|
70 |
+
top: 50%;
|
71 |
+
left: 50%;
|
72 |
+
-webkit-transform: translate(-50%, -50%);
|
73 |
+
-ms-transform: translate(-50%, -50%);
|
74 |
+
transform: translate(-50%, -50%);
|
75 |
+
text-transform: uppercase;
|
76 |
+
font-weight: 900;
|
77 |
+
color: #ce4233;
|
78 |
+
letter-spacing: 0.2em;
|
79 |
+
}
|
80 |
+
.loader::before, .loader::after {
|
81 |
+
content: "";
|
82 |
+
display: block;
|
83 |
+
width: 15px;
|
84 |
+
height: 15px;
|
85 |
+
background: #ce4233;
|
86 |
+
position: absolute;
|
87 |
+
-webkit-animation: load .7s infinite alternate ease-in-out;
|
88 |
+
animation: load .7s infinite alternate ease-in-out;
|
89 |
+
}
|
90 |
+
.loader::before {
|
91 |
+
top: 0;
|
92 |
+
}
|
93 |
+
.loader::after {
|
94 |
+
bottom: 0;
|
95 |
+
}
|
96 |
+
|
97 |
+
@-webkit-keyframes load {
|
98 |
+
0% {
|
99 |
+
left: 0;
|
100 |
+
height: 30px;
|
101 |
+
width: 15px;
|
102 |
+
}
|
103 |
+
50% {
|
104 |
+
height: 8px;
|
105 |
+
width: 40px;
|
106 |
+
}
|
107 |
+
100% {
|
108 |
+
left: 235px;
|
109 |
+
height: 30px;
|
110 |
+
width: 15px;
|
111 |
+
}
|
112 |
+
}
|
113 |
+
|
114 |
+
@keyframes load {
|
115 |
+
0% {
|
116 |
+
left: 0;
|
117 |
+
height: 30px;
|
118 |
+
width: 15px;
|
119 |
+
}
|
120 |
+
50% {
|
121 |
+
height: 8px;
|
122 |
+
width: 40px;
|
123 |
+
}
|
124 |
+
100% {
|
125 |
+
left: 235px;
|
126 |
+
height: 30px;
|
127 |
+
width: 15px;
|
128 |
+
}
|
129 |
+
}
|
130 |
+
|
131 |
+
/* rsssl-rsssl-tooltip for settings page */
|
132 |
+
/* Base styles for the element that has a rsssl-tooltip */
|
133 |
+
[data-rsssl-tooltip],
|
134 |
+
.rsssl-tooltip {
|
135 |
+
position: relative;
|
136 |
+
cursor: pointer;
|
137 |
+
}
|
138 |
+
|
139 |
+
/* Base styles for the entire tooltip */
|
140 |
+
[data-rsssl-tooltip]:before,
|
141 |
+
[data-rsssl-tooltip]:after,
|
142 |
+
.rsssl-tooltip:before,
|
143 |
+
.rsssl-tooltip:after {
|
144 |
+
position: absolute;
|
145 |
+
visibility: hidden;
|
146 |
+
-ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=0)";
|
147 |
+
filter: progid:DXImageTransform.Microsoft.Alpha(Opacity=0);
|
148 |
+
opacity: 0;
|
149 |
+
-webkit-transition:
|
150 |
+
opacity 0.2s ease-in-out,
|
151 |
+
visibility 0.2s ease-in-out,
|
152 |
+
-webkit-transform 0.2s cubic-bezier(0.71, 1.7, 0.77, 1.24);
|
153 |
+
-moz-transition:
|
154 |
+
opacity 0.2s ease-in-out,
|
155 |
+
visibility 0.2s ease-in-out,
|
156 |
+
-moz-transform 0.2s cubic-bezier(0.71, 1.7, 0.77, 1.24);
|
157 |
+
transition:
|
158 |
+
opacity 0.2s ease-in-out,
|
159 |
+
visibility 0.2s ease-in-out,
|
160 |
+
transform 0.2s cubic-bezier(0.71, 1.7, 0.77, 1.24);
|
161 |
+
-webkit-transform: translate3d(0, 0, 0);
|
162 |
+
-moz-transform: translate3d(0, 0, 0);
|
163 |
+
transform: translate3d(0, 0, 0);
|
164 |
+
pointer-events: none;
|
165 |
+
}
|
166 |
+
|
167 |
+
/* Show the entire rsssl-tooltip on hover and focus */
|
168 |
+
[data-rsssl-tooltip]:hover:before,
|
169 |
+
[data-rsssl-tooltip]:hover:after,
|
170 |
+
[data-rsssl-tooltip]:focus:before,
|
171 |
+
[data-rsssl-tooltip]:focus:after,
|
172 |
+
.rsssl-tooltip:hover:before,
|
173 |
+
.rsssl-tooltip:hover:after,
|
174 |
+
.rsssl-tooltip:focus:before,
|
175 |
+
.rsssl-tooltip:focus:after {
|
176 |
+
visibility: visible;
|
177 |
+
-ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=100)";
|
178 |
+
filter: progid:DXImageTransform.Microsoft.Alpha(Opacity=100);
|
179 |
+
opacity: 1;
|
180 |
+
}
|
181 |
+
|
182 |
+
/* Base styles for the rsssl-tooltip's directional arrow */
|
183 |
+
.rsssl-tooltip:before,
|
184 |
+
[data-rsssl-tooltip]:before {
|
185 |
+
z-index: 1001;
|
186 |
+
border: 6px solid transparent;
|
187 |
+
background: transparent;
|
188 |
+
content: "";
|
189 |
+
}
|
190 |
+
|
191 |
+
/* Base styles for the rsssl-tooltip's content area */
|
192 |
+
.rsssl-tooltip:after,
|
193 |
+
[data-rsssl-tooltip]:after {
|
194 |
+
z-index: 1000;
|
195 |
+
padding: 8px;
|
196 |
+
width: 160px;
|
197 |
+
background-color: #000;
|
198 |
+
background-color: hsla(0, 0%, 20%, 0.9);
|
199 |
+
color: #fff;
|
200 |
+
content: attr(data-rsssl-tooltip);
|
201 |
+
font-size: 14px;
|
202 |
+
line-height: 1.2;
|
203 |
+
}
|
204 |
+
|
205 |
+
/* Directions */
|
206 |
+
|
207 |
+
/* Top (default) */
|
208 |
+
[data-rsssl-tooltip]:before,
|
209 |
+
[data-rsssl-tooltip]:after,
|
210 |
+
.rsssl-tooltip:before,
|
211 |
+
.rsssl-tooltip:after,
|
212 |
+
.rsssl-tooltip-top:before,
|
213 |
+
.rsssl-tooltip-top:after {
|
214 |
+
bottom: 100%;
|
215 |
+
left: 50%;
|
216 |
+
}
|
217 |
+
|
218 |
+
[data-rsssl-tooltip]:before,
|
219 |
+
.rsssl-tooltip:before,
|
220 |
+
.rsssl-tooltip-top:before {
|
221 |
+
margin-left: -6px;
|
222 |
+
margin-bottom: -12px;
|
223 |
+
border-top-color: #000;
|
224 |
+
border-top-color: hsla(0, 0%, 20%, 0.9);
|
225 |
+
}
|
226 |
+
|
227 |
+
/* Horizontally align top/bottom rsssl-tooltips */
|
228 |
+
[data-rsssl-tooltip]:after,
|
229 |
+
.rsssl-tooltip:after,
|
230 |
+
.rsssl-tooltip-top:after {
|
231 |
+
margin-left: -80px;
|
232 |
+
}
|
233 |
+
|
234 |
+
[data-rsssl-tooltip]:hover:before,
|
235 |
+
[data-rsssl-tooltip]:hover:after,
|
236 |
+
[data-rsssl-tooltip]:focus:before,
|
237 |
+
[data-rsssl-tooltip]:focus:after,
|
238 |
+
.rsssl-tooltip:hover:before,
|
239 |
+
.rsssl-tooltip:hover:after,
|
240 |
+
.rsssl-tooltip:focus:before,
|
241 |
+
.rsssl-tooltip:focus:after,
|
242 |
+
.rsssl-tooltip-top:hover:before,
|
243 |
+
.rsssl-tooltip-top:hover:after,
|
244 |
+
.rsssl-tooltip-top:focus:before,
|
245 |
+
.rsssl-tooltip-top:focus:after {
|
246 |
+
-webkit-transform: translateY(-12px);
|
247 |
+
-moz-transform: translateY(-12px);
|
248 |
+
transform: translateY(-12px);
|
249 |
+
}
|
250 |
+
|
251 |
+
/* Left */
|
252 |
+
.rsssl-tooltip-left:before,
|
253 |
+
.rsssl-tooltip-left:after {
|
254 |
+
right: 100%;
|
255 |
+
bottom: 50%;
|
256 |
+
left: auto;
|
257 |
+
}
|
258 |
+
|
259 |
+
.rsssl-tooltip-left:before {
|
260 |
+
margin-left: 0;
|
261 |
+
margin-right: -12px;
|
262 |
+
margin-bottom: 0;
|
263 |
+
border-top-color: transparent;
|
264 |
+
border-left-color: #000;
|
265 |
+
border-left-color: hsla(0, 0%, 20%, 0.9);
|
266 |
+
}
|
267 |
+
|
268 |
+
.rsssl-tooltip-left:hover:before,
|
269 |
+
.rsssl-tooltip-left:hover:after,
|
270 |
+
.rsssl-tooltip-left:focus:before,
|
271 |
+
.rsssl-tooltip-left:focus:after {
|
272 |
+
-webkit-transform: translateX(-12px);
|
273 |
+
-moz-transform: translateX(-12px);
|
274 |
+
transform: translateX(-12px);
|
275 |
+
}
|
276 |
+
|
277 |
+
/* Bottom */
|
278 |
+
.rsssl-tooltip-bottom:before,
|
279 |
+
.rsssl-tooltip-bottom:after {
|
280 |
+
top: 100%;
|
281 |
+
bottom: auto;
|
282 |
+
left: 50%;
|
283 |
+
}
|
284 |
+
|
285 |
+
.rsssl-tooltip-bottom:before {
|
286 |
+
margin-top: -12px;
|
287 |
+
margin-bottom: 0;
|
288 |
+
border-top-color: transparent;
|
289 |
+
border-bottom-color: #000;
|
290 |
+
border-bottom-color: hsla(0, 0%, 20%, 0.9);
|
291 |
+
}
|
292 |
+
|
293 |
+
.rsssl-tooltip-bottom:hover:before,
|
294 |
+
.rsssl-tooltip-bottom:hover:after,
|
295 |
+
.rsssl-tooltip-bottom:focus:before,
|
296 |
+
.rsssl-tooltip-bottom:focus:after {
|
297 |
+
-webkit-transform: translateY(12px);
|
298 |
+
-moz-transform: translateY(12px);
|
299 |
+
transform: translateY(12px);
|
300 |
+
}
|
301 |
+
|
302 |
+
/* Right */
|
303 |
+
.rsssl-tooltip-right:before,
|
304 |
+
.rsssl-tooltip-right:after {
|
305 |
+
bottom: 50%;
|
306 |
+
left: 100%;
|
307 |
+
}
|
308 |
+
|
309 |
+
.rsssl-tooltip-right:before {
|
310 |
+
margin-bottom: 0;
|
311 |
+
margin-left: -12px;
|
312 |
+
border-top-color: transparent;
|
313 |
+
border-right-color: #000;
|
314 |
+
border-right-color: hsla(0, 0%, 20%, 0.9);
|
315 |
+
}
|
316 |
+
|
317 |
+
.rsssl-tooltip-right:hover:before,
|
318 |
+
.rsssl-tooltip-right:hover:after,
|
319 |
+
.rsssl-tooltip-right:focus:before,
|
320 |
+
.rsssl-tooltip-right:focus:after {
|
321 |
+
-webkit-transform: translateX(12px);
|
322 |
+
-moz-transform: translateX(12px);
|
323 |
+
transform: translateX(12px);
|
324 |
+
}
|
325 |
+
|
326 |
+
/* Move directional arrows down a bit for left/right rsssl-tooltips */
|
327 |
+
.rsssl-tooltip-left:before,
|
328 |
+
.rsssl-tooltip-right:before {
|
329 |
+
top: 3px;
|
330 |
+
}
|
331 |
+
|
332 |
+
/* Vertically center rsssl-tooltip content for left/right rsssl-tooltips */
|
333 |
+
.rsssl-tooltip-left:after,
|
334 |
+
.rsssl-tooltip-right:after {
|
335 |
+
margin-left: 0;
|
336 |
+
margin-bottom: -16px;
|
337 |
+
}
|
force-deactivate.txt
ADDED
@@ -0,0 +1,131 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
* Deactivation page to simple deactivate the plugin when backend is not accessible anymore
|
4 |
+
* To deactivate:
|
5 |
+
* 1) rename this file to force-deactivate.php
|
6 |
+
* 2) Go in your browser to www.yourdomain.com/wp-content/plugins/really-simple-ssl/force-deactivate.php.
|
7 |
+
* 3) IMPORTANT!!!! Rename this file back to .txt
|
8 |
+
*/
|
9 |
+
|
10 |
+
?>
|
11 |
+
<html>
|
12 |
+
<body>
|
13 |
+
|
14 |
+
<?php
|
15 |
+
# No need for the template engine
|
16 |
+
define( 'WP_USE_THEMES', false );
|
17 |
+
|
18 |
+
#find the base path
|
19 |
+
define( 'BASE_PATH', find_wordpress_base_path()."/" );
|
20 |
+
|
21 |
+
# Load WordPress Core
|
22 |
+
require_once( BASE_PATH.'wp-load.php' );
|
23 |
+
require_once(ABSPATH.'wp-admin/includes/plugin.php');
|
24 |
+
$core_plugin = 'really-simple-ssl/rlrsssl-really-simple-ssl.php';
|
25 |
+
|
26 |
+
if (!is_plugin_active($core_plugin) ) {
|
27 |
+
echo "<h1>Really Simple SSL is already deactivated!</h1>";
|
28 |
+
exit;
|
29 |
+
}
|
30 |
+
|
31 |
+
#Load plugin functionality
|
32 |
+
require_once( dirname( __FILE__ ) . '/class-front-end.php' );
|
33 |
+
require_once( dirname( __FILE__ ) . '/class-admin.php' );
|
34 |
+
|
35 |
+
$really_simple_ssl = new rsssl_admin();
|
36 |
+
if (is_multisite()) {
|
37 |
+
require_once( dirname( __FILE__ ) . '/class-multisite.php' );
|
38 |
+
$rsssl_multisite = new rsssl_multisite();
|
39 |
+
}
|
40 |
+
|
41 |
+
$step = 1;
|
42 |
+
echo "<h1>Force deactivation of Really Simple SSL</h1>";
|
43 |
+
echo $step.". Resetting options"."<br>";
|
44 |
+
$networkwide = is_multisite();
|
45 |
+
$really_simple_ssl->deactivate($networkwide);
|
46 |
+
$step++;
|
47 |
+
|
48 |
+
//add feedback on writable files.
|
49 |
+
if (count($really_simple_ssl->errors)>0) {
|
50 |
+
echo $step.". Errors occured while deactivating:<ul>";
|
51 |
+
$step++;
|
52 |
+
foreach($really_simple_ssl->errors as $errorname=>$error) {
|
53 |
+
echo "<li>".$errorname."</li>";
|
54 |
+
}
|
55 |
+
echo "</ul>";
|
56 |
+
echo "Errors while removing the really simple ssl lines from your wp-config.php and .htacces, wich you can normally find in your webroot."."<br><br>";
|
57 |
+
}
|
58 |
+
|
59 |
+
echo $step.". Deactivating plugin"."<br>";
|
60 |
+
rl_deactivate_plugin($really_simple_ssl->plugin_dir."/".$really_simple_ssl->plugin_filename);
|
61 |
+
|
62 |
+
$step++;
|
63 |
+
echo $step.". Completed with <b>".count($really_simple_ssl->errors)."</b> error(s)"."<br>";
|
64 |
+
|
65 |
+
|
66 |
+
|
67 |
+
|
68 |
+
function rl_remove_plugin_from_array($plugin, $current) {
|
69 |
+
$key = array_search( $plugin, $current );
|
70 |
+
if ( false !== $key ) {
|
71 |
+
$do_blog = true;
|
72 |
+
unset( $current[ $key ] );
|
73 |
+
}
|
74 |
+
return $current;
|
75 |
+
}
|
76 |
+
|
77 |
+
function rl_deactivate_plugin( $plugin ) {
|
78 |
+
$plugin = plugin_basename( trim( $plugin ) );
|
79 |
+
|
80 |
+
if ( is_multisite() ) {
|
81 |
+
|
82 |
+
$network_current = get_site_option( 'active_sitewide_plugins', array() );
|
83 |
+
if ( is_plugin_active_for_network( $plugin ) ) { unset( $network_current[ $plugin ] );}
|
84 |
+
update_site_option( 'active_sitewide_plugins', $network_current );
|
85 |
+
|
86 |
+
//remove plugin one by one on each site
|
87 |
+
$sites = wp_get_sites();
|
88 |
+
foreach ( $sites as $site ) {
|
89 |
+
switch_to_blog( $site[ 'blog_id' ] );
|
90 |
+
|
91 |
+
$current = get_option( 'active_plugins', array() );
|
92 |
+
$current = rl_remove_plugin_from_array($plugin, $current);
|
93 |
+
update_option('active_plugins', $current);
|
94 |
+
|
95 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
96 |
+
}
|
97 |
+
|
98 |
+
} else {
|
99 |
+
$current = get_option( 'active_plugins', array() );
|
100 |
+
$current = rl_remove_plugin_from_array($plugin, $current);
|
101 |
+
update_option('active_plugins', $current);
|
102 |
+
}
|
103 |
+
|
104 |
+
|
105 |
+
|
106 |
+
|
107 |
+
|
108 |
+
|
109 |
+
|
110 |
+
|
111 |
+
|
112 |
+
update_option('active_plugins', $current);
|
113 |
+
|
114 |
+
|
115 |
+
|
116 |
+
}
|
117 |
+
|
118 |
+
function find_wordpress_base_path() {
|
119 |
+
$dir = dirname(__FILE__);
|
120 |
+
do {
|
121 |
+
//it is possible to check for other files here
|
122 |
+
if( file_exists($dir."/wp-config.php") ) {
|
123 |
+
return $dir;
|
124 |
+
}
|
125 |
+
} while( $dir = realpath("$dir/..") );
|
126 |
+
return null;
|
127 |
+
}
|
128 |
+
|
129 |
+
?>
|
130 |
+
</body>
|
131 |
+
</html>
|
img/check-icon.png
ADDED
Binary file
|
img/cross-icon.png
ADDED
Binary file
|
img/index.php
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<?php //You don't belong here. ?>
|
img/warning-icon.png
ADDED
Binary file
|
index.php
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<?php //You don't belong here. ?>
|
languages/index.php
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<?php //You don't belong here. ?>
|
languages/really-simple-ssl-fr_FR.mo
ADDED
Binary file
|
languages/really-simple-ssl-fr_FR.po
ADDED
@@ -0,0 +1,420 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
msgid ""
|
2 |
+
msgstr ""
|
3 |
+
"Project-Id-Version: Really Simple SSL v2.2.2\n"
|
4 |
+
"Report-Msgid-Bugs-To: \n"
|
5 |
+
"POT-Creation-Date: \n"
|
6 |
+
"PO-Revision-Date: 2015-11-21 19:31:58+0000\n"
|
7 |
+
"Last-Translator: Cédric TAMBOISE <cedric@tamboi.se>\n"
|
8 |
+
"Language-Team: \n"
|
9 |
+
"MIME-Version: 1.0\n"
|
10 |
+
"Content-Type: text/plain; charset=UTF-8\n"
|
11 |
+
"Content-Transfer-Encoding: 8bit\n"
|
12 |
+
"Plural-Forms: nplurals=2; plural=n>1;\n"
|
13 |
+
"X-Generator: Loco - https://localise.biz/\n"
|
14 |
+
"X-Poedit-Language: French\n"
|
15 |
+
"X-Poedit-Country: FRANCE\n"
|
16 |
+
"X-Poedit-SourceCharset: utf-8\n"
|
17 |
+
"X-Poedit-KeywordsList: __;_e;__ngettext:1,2;_n:1,2;__ngettext_noop:1,2;_n_noop:1,2;_c,_nc:4c,1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;_nx_noop:4c,1,2;\n"
|
18 |
+
"X-Poedit-Basepath: ../\n"
|
19 |
+
"X-Poedit-Bookmarks: \n"
|
20 |
+
"X-Poedit-SearchPath-0: .\n"
|
21 |
+
"X-Textdomain-Support: yes"
|
22 |
+
|
23 |
+
#: class-admin.php:1998
|
24 |
+
#@ really-simple-ssl
|
25 |
+
msgid "Force SSL without detection"
|
26 |
+
msgstr "Forcer le mode SSL sans détection"
|
27 |
+
|
28 |
+
#: class-admin.php:1727
|
29 |
+
#@ really-simple-ssl
|
30 |
+
msgid "Configuration"
|
31 |
+
msgstr "Configuration"
|
32 |
+
|
33 |
+
#: class-admin.php:1727
|
34 |
+
#: class-admin.php:1984
|
35 |
+
#: class-admin.php:2176
|
36 |
+
#@ really-simple-ssl
|
37 |
+
msgid "Settings"
|
38 |
+
msgstr "Paramètres"
|
39 |
+
|
40 |
+
#: class-admin.php:1727
|
41 |
+
#@ really-simple-ssl
|
42 |
+
msgid "Detected mixed content"
|
43 |
+
msgstr "Contenu mixte détecté"
|
44 |
+
|
45 |
+
#: class-admin.php:1727
|
46 |
+
#: class-admin.php:2001
|
47 |
+
#@ really-simple-ssl
|
48 |
+
msgid "Debug"
|
49 |
+
msgstr "Débogage"
|
50 |
+
|
51 |
+
#: class-admin.php:1772
|
52 |
+
#@ really-simple-ssl
|
53 |
+
msgid "No SSL detected."
|
54 |
+
msgstr "Pas de SSL détecté."
|
55 |
+
|
56 |
+
#: class-admin.php:1774
|
57 |
+
#@ really-simple-ssl
|
58 |
+
msgid "No SSL detected, but SSL is forced."
|
59 |
+
msgstr "Pas de SSL détecté, mais le mode SSL est forcé."
|
60 |
+
|
61 |
+
#: class-admin.php:1778
|
62 |
+
#@ really-simple-ssl
|
63 |
+
msgid "An SSL certificate was detected on your site. "
|
64 |
+
msgstr "Un certificat SSL a été détecté sur votre site."
|
65 |
+
|
66 |
+
#: class-admin.php:1791
|
67 |
+
#@ really-simple-ssl
|
68 |
+
msgid "https redirect set in .htaccess"
|
69 |
+
msgstr "Redirections HTTPS mises en place dans le fichier .htaccess"
|
70 |
+
|
71 |
+
#: class-admin.php:1793
|
72 |
+
#@ really-simple-ssl
|
73 |
+
msgid "Editing of .htaccess is blocked in Really Simple ssl settings, so you're in control of the .htaccess file."
|
74 |
+
msgstr "L'édition du fichier .htaccess est bloqué dans les paramètres du plugin Really Simple SSL, vous êtes donc en contrôle total du fichier .htaccess."
|
75 |
+
|
76 |
+
#: class-admin.php:1800
|
77 |
+
#@ really-simple-ssl
|
78 |
+
msgid "Https redirect was set in javascript because the htaccess redirect rule could not be verified. Set manually if you want to redirect in .htaccess."
|
79 |
+
msgstr "La redirection HTTPS a été mise en place en javascript car la règle du fichier htaccess n'a pas fonctionné. Vous pouvez l'y insérer manuellement si vous préférez ce mode."
|
80 |
+
|
81 |
+
#: class-admin.php:1809
|
82 |
+
#@ really-simple-ssl
|
83 |
+
msgid "Try to add these rules at the bottom of your .htaccess. If it doesn't work, just remove them again."
|
84 |
+
msgstr "Essayez d'ajouter ces règles à la fin du fichier .htaccess. Si cela ne fonctionne pas, supprimez-les de nouveau."
|
85 |
+
|
86 |
+
#: class-admin.php:1832
|
87 |
+
#@ really-simple-ssl
|
88 |
+
msgid "HTTP Strict Transport Security was set in the .htaccess"
|
89 |
+
msgstr "HTTP STS a été mis en place dans le .htaccess"
|
90 |
+
|
91 |
+
#: class-admin.php:1834
|
92 |
+
#@ really-simple-ssl
|
93 |
+
msgid "HTTP Strict Transport Security was not set in your .htaccess. Do this only if your setup is fully working, and only when you do not plan to revert to http."
|
94 |
+
msgstr "HTTP STS n'a pas été mis en place dans le .htaccess. N'activez ce mode qu'une fois que la mise en place du SSL fonctionne pleinement et que vous ne prévoyez pas de revenir en arrière."
|
95 |
+
|
96 |
+
#: class-admin.php:1841
|
97 |
+
#: class-scan.php:81
|
98 |
+
#: class-scan.php:90
|
99 |
+
#@ really-simple-ssl
|
100 |
+
msgid "Manage settings"
|
101 |
+
msgstr "Gestion des paramètres"
|
102 |
+
|
103 |
+
#: class-admin.php:1863
|
104 |
+
#@ really-simple-ssl
|
105 |
+
msgid "Save"
|
106 |
+
msgstr "Enregistrer"
|
107 |
+
|
108 |
+
#: class-admin.php:1889
|
109 |
+
#@ really-simple-ssl
|
110 |
+
msgid "Log for debugging purposes"
|
111 |
+
msgstr "Journaliser (log) dans une optique de débogage"
|
112 |
+
|
113 |
+
#: class-admin.php:1890
|
114 |
+
#@ really-simple-ssl
|
115 |
+
msgid "Send me a copy of these lines if you have any issues. The log will be erased when debug is set to false"
|
116 |
+
msgstr "Envoyez-moi une copie de ces lignes si vous avez le moindre problème. Ce journal sera écrasé quand le mode Debug est désactivé."
|
117 |
+
|
118 |
+
#: class-admin.php:1898
|
119 |
+
#@ really-simple-ssl
|
120 |
+
msgid "To view results here, enable the debug option in the settings tab."
|
121 |
+
msgstr "Pour voir les résultats ici, activez le mode debut dans l'onglet Paramètres"
|
122 |
+
|
123 |
+
#: class-admin.php:1985
|
124 |
+
#@ really-simple-ssl
|
125 |
+
msgid "Stop editing the .htaccess file"
|
126 |
+
msgstr "Arrêter d'éditer le fichier .htaccess"
|
127 |
+
|
128 |
+
#: class-admin.php:1989
|
129 |
+
#@ really-simple-ssl
|
130 |
+
msgid "Auto replace mixed content"
|
131 |
+
msgstr "Remplacer automatiquement le contenu mixte"
|
132 |
+
|
133 |
+
#: class-admin.php:1993
|
134 |
+
#@ really-simple-ssl
|
135 |
+
msgid "Turn HTTP Strict Transport Security on"
|
136 |
+
msgstr "Activez le mode HTTP Strict Transport Security (STS)"
|
137 |
+
|
138 |
+
#: class-admin.php:2018
|
139 |
+
#@ really-simple-ssl
|
140 |
+
msgid "By unchecking the 'auto replace mixed content' checkbox you can test if your site can run without this extra functionality. Uncheck, empty your cache when you use one, and go to the front end of your site. You should then check if you have mixed content errors, by clicking on the lock icon in the addres bar."
|
141 |
+
msgstr "En décochant la case 'Remplacer automatiquement le contenu mixte', vous pouvez tester si votre site fonctionne correctement dans cette fonctionnalité. Décochez, videz votre cache si vous en utilisez un, et accédez à votre site en mode public. Vous pouvez ensuite vérifier si vous avez des erreurs de contenu mixte, en cliquant sur le cadenas dans la barre d'adresse."
|
142 |
+
|
143 |
+
#: class-admin.php:2020
|
144 |
+
#@ really-simple-ssl
|
145 |
+
msgid "The force ssl without detection option can be used when the ssl was not detected, but you are sure you have ssl."
|
146 |
+
msgstr "L'option \"Forcer le SSL sans détection\" peut être u tilisée lorsque le certificat SSL n'a pas été détecté, mais seulement si vous êtes certain d'avoir un certificat SSL correctement en place."
|
147 |
+
|
148 |
+
#: class-admin.php:2120
|
149 |
+
#@ really-simple-ssl
|
150 |
+
msgid "Are you sure? Your visitors will keep going to a https site for a year after you turn this off."
|
151 |
+
msgstr "Êtes-vous sûr ? Vos visiteurs continueront à voir votre site en HTTPS pendant un an après avoir désactivé cette option."
|
152 |
+
|
153 |
+
#: class-admin.php:2136
|
154 |
+
#@ really-simple-ssl
|
155 |
+
msgid "Are you sure you have an SSL certifcate? Forcing ssl on a non-ssl site can break your site."
|
156 |
+
msgstr "Êtes-vous sûr d'avoir un certificat SSL ? Forcer le mode SSL sur un site non sécurisé peut endommager votre site."
|
157 |
+
|
158 |
+
#: class-scan.php:37
|
159 |
+
#: class-scan.php:38
|
160 |
+
#@ really-simple-ssl
|
161 |
+
msgid "Scanning..."
|
162 |
+
msgstr "Analyse..."
|
163 |
+
|
164 |
+
#: class-scan.php:78
|
165 |
+
#@ really-simple-ssl
|
166 |
+
msgid "Mixed content detected "
|
167 |
+
msgstr "Contenu mixte détecté"
|
168 |
+
|
169 |
+
#: class-scan.php:79
|
170 |
+
#@ really-simple-ssl
|
171 |
+
msgid "but that's ok, because the mixed content fixer is active."
|
172 |
+
msgstr "mais ça ne pose pas de problème, car le paramètre pour corriger le contenu mixte est actif."
|
173 |
+
|
174 |
+
#: class-scan.php:79
|
175 |
+
#@ really-simple-ssl
|
176 |
+
msgid "but the mixed content fix is not active."
|
177 |
+
msgstr "mais le paramètre pour corriger le contenu mixte n'est pas actif."
|
178 |
+
|
179 |
+
#: class-scan.php:84
|
180 |
+
#@ really-simple-ssl
|
181 |
+
msgid "In the tab \"detected mixed content\" you can find a list of items with mixed content."
|
182 |
+
msgstr "Dans l'onglet \"Contenu mixte détecté\", vous retrouverez la liste des contenus mixtes."
|
183 |
+
|
184 |
+
#: class-scan.php:89
|
185 |
+
#@ really-simple-ssl
|
186 |
+
msgid "No mixed content was detected. You could try to run your site without using the auto replace of insecure links, but check carefully. "
|
187 |
+
msgstr "Aucun contenu mixte n'a été détecté. Vous pouvez essayer de faire fonctionner votre site sans le paramètre de remplacement automatique, mais faites attention tout de même."
|
188 |
+
|
189 |
+
#: class-scan.php:98
|
190 |
+
#, php-format
|
191 |
+
#@ really-simple-ssl
|
192 |
+
msgid "The scan searched for the following insecure links: %s"
|
193 |
+
msgstr "L'analyse a détecté les liens non sécurisés suivants : %s"
|
194 |
+
|
195 |
+
#: class-scan.php:100
|
196 |
+
#@ really-simple-ssl
|
197 |
+
msgid "List of detected items with mixed content"
|
198 |
+
msgstr "Liste des contenus détectés avec du contenu mixte"
|
199 |
+
|
200 |
+
#: class-scan.php:101
|
201 |
+
#@ really-simple-ssl
|
202 |
+
msgid "Because really simple ssl includes a mixed content fixer you do not have to worry about this list, but if you want to disable the mixed content fixer, you can find a list of possible issues here."
|
203 |
+
msgstr "Du fait de l'option \"corriger le contenu mixte\" du plugin Really Simple SSL, vous n'avez pas à vous inquiéter à propos de cette liste. Mais si vous désactivez l'option, voici la liste des problèmes potentiels ci-dessous :"
|
204 |
+
|
205 |
+
#: class-scan.php:108
|
206 |
+
#@ really-simple-ssl
|
207 |
+
msgid "edit"
|
208 |
+
msgstr "Editer"
|
209 |
+
|
210 |
+
#: class-scan.php:126
|
211 |
+
#@ really-simple-ssl
|
212 |
+
msgid "Scan again"
|
213 |
+
msgstr "Analyser de nouveau"
|
214 |
+
|
215 |
+
#. translators: plugin header field 'Name'
|
216 |
+
#: really-simple-ssl.php:0
|
217 |
+
#@ really-simple-ssl
|
218 |
+
msgid "Really Simple SSL"
|
219 |
+
msgstr "Really Simple SSL"
|
220 |
+
|
221 |
+
#. translators: plugin header field 'Description'
|
222 |
+
#: really-simple-ssl.php:0
|
223 |
+
#@ really-simple-ssl
|
224 |
+
msgid "Lightweight plugin without any setup to make your site ssl proof"
|
225 |
+
msgstr "Plugin léger sans paramétrage complexe pour faire fonctionner votre site en SSL"
|
226 |
+
|
227 |
+
#. translators: plugin header field 'Author'
|
228 |
+
#: really-simple-ssl.php:0
|
229 |
+
#@ really-simple-ssl
|
230 |
+
msgid "Rogier Lankhorst"
|
231 |
+
msgstr "Rogier Lankhorst"
|
232 |
+
|
233 |
+
#: class-admin.php:1412
|
234 |
+
#@ really-simple-ssl
|
235 |
+
msgid "No SSL was detected. If you are just waiting for your ssl certificate to kick in you can dismiss this warning."
|
236 |
+
msgstr "Aucun certificat SSL détecté. Si vous êtes simplement entrain d'attendre votre certificat, vous pouvez simplement fermer cette notification."
|
237 |
+
|
238 |
+
#: class-admin.php:1414
|
239 |
+
#@ really-simple-ssl
|
240 |
+
msgid "Scan SSL setup again"
|
241 |
+
msgstr "Rechercher un certificat de nouveau"
|
242 |
+
|
243 |
+
#: class-admin.php:1470
|
244 |
+
#: class-admin.php:1480
|
245 |
+
#@ really-simple-ssl
|
246 |
+
msgid "Really Simple SSL has a conflict with another plugin."
|
247 |
+
msgstr "Le plugin Really Simple SSL est en conflit avec un autre plugin."
|
248 |
+
|
249 |
+
#: class-admin.php:1471
|
250 |
+
#@ really-simple-ssl
|
251 |
+
msgid "The force rewrite titles option in Yoast SEO prevents Really Simple SSL plugin from fixing mixed content."
|
252 |
+
msgstr "L'option \"Forcer la réécriture des titres\" du plugin Yoast SEO empêche Really Simple SSL de corriger le contenu mixte."
|
253 |
+
|
254 |
+
#: class-admin.php:1472
|
255 |
+
#: class-admin.php:1482
|
256 |
+
#@ really-simple-ssl
|
257 |
+
msgid "Show me this setting"
|
258 |
+
msgstr "Afficher cette option"
|
259 |
+
|
260 |
+
#: class-admin.php:1481
|
261 |
+
#@ really-simple-ssl
|
262 |
+
msgid "The force http after leaving checkout in Woocommerce will create a redirect loop."
|
263 |
+
msgstr "Forcer le http après la transaction sur Woocommerce créera une boucle infinie."
|
264 |
+
|
265 |
+
#: class-admin.php:1492
|
266 |
+
#@ really-simple-ssl
|
267 |
+
msgid "We detected a definition of siteurl or homeurl in your wp-config.php, but the file is not writable. Because of this, we cannot set the siteurl to https."
|
268 |
+
msgstr "Nous avons détecté que votre \"siteurl\" ou votre \"homeurl\" dans votre fichier wp-config.php, mais le fichier n'est pas accessible en écriture. De ce fait, nous ne pouvons pas passer l'adresse du site en https."
|
269 |
+
|
270 |
+
#: class-admin.php:1502
|
271 |
+
#@ really-simple-ssl
|
272 |
+
msgid "Because your site is behind a loadbalancer and is_ssl() returns false, you should add the following line of code to your wp-config.php. Your wp-config.php could not be written automatically."
|
273 |
+
msgstr "Du fait que votre site est derrière un répartiteur de charge (load balancer) et que la fonction is_ssl() renvoie \"faux\", vous devez ajouter la ligne de code suivante dans votre fucguer wp-config.php. Ce fichier ne peut être écrit automatiquement."
|
274 |
+
|
275 |
+
#: class-admin.php:1520
|
276 |
+
#@ really-simple-ssl
|
277 |
+
msgid "Because your server does not pass the $_SERVER[\"HTTPS\"] variable, Wordpress cannot function on SSL. You should add the following line of code to your wp-config.php. Your wp-config.php could not be written automatically."
|
278 |
+
msgstr "Du fait que votre serveur ne renvoie pas la variable $_SERVER[\"HTTPS\"] , WordPress ne peut pas fonctionner en SSL. Vous devez ajouter la ligne de code suivante dans votre fucguer wp-config.php. Ce fichier ne peut être écrit automatiquement."
|
279 |
+
|
280 |
+
#: class-admin.php:1662
|
281 |
+
#@ really-simple-ssl
|
282 |
+
msgid "SSL settings"
|
283 |
+
msgstr "Réglages SSL"
|
284 |
+
|
285 |
+
#: class-admin.php:1663
|
286 |
+
#@ really-simple-ssl
|
287 |
+
msgid "SSL"
|
288 |
+
msgstr "SSL"
|
289 |
+
|
290 |
+
#: class-admin.php:1687
|
291 |
+
#: class-admin.php:1765
|
292 |
+
#@ really-simple-ssl
|
293 |
+
msgid "Detected setup"
|
294 |
+
msgstr "Paramétrage détecté"
|
295 |
+
|
296 |
+
#: class-admin.php:1688
|
297 |
+
#@ really-simple-ssl
|
298 |
+
msgid "In the detected setup section you can see what we detected for your site.<br><br><b>SSL detection:</b> if it is possible to open a page on your site with https, it is assumed you have a valid ssl certificate. No guarantees can be given.<br><br><B>SSL redirect in .htaccess:</b> (Only show when ssl is detected) If possible, the redirect will take place in the .htaccess file. If this file is not available or not writable, javascript is used to enforce ssl."
|
299 |
+
msgstr "Dans la section \"Paramétrage détecté, vous pouvez voir ce que nous avons détecté sur votre site.<br><br><b>Détection SSL :</b> S'il est possible d'ouvrir une page de votre site en https, nous en déduisons que vous avez un certificat SSL valide. Ceci est bien sûr sans garantie.<br><br><B>Redirection SSL dans le .htaccess:</b> (Ne s'afiche que quand le SSL est détecté) Si possible, la redirection sera faite dans le fichier .htaccess. Si ce fichier n'est pas disponible ou accessible en écriture, le javascript sera utilisé pour forcer le mode SSL."
|
300 |
+
|
301 |
+
#: class-admin.php:1693
|
302 |
+
#@ really-simple-ssl
|
303 |
+
msgid "Mixed content fixer"
|
304 |
+
msgstr "Corriger le contenu mixte"
|
305 |
+
|
306 |
+
#: class-admin.php:1694
|
307 |
+
#@ really-simple-ssl
|
308 |
+
msgid "In most sites, a lot of links are saved into the content, pluginoptions or even worse, in the theme. When you switch to ssl , these are still http, instead of https. To ensure a smooth transition, this plugin auto replaces all these links. If you see in the scan results that you have fixed most of these links, you can try to run your site without this replace script, which will give you a small performance advantage. If you do not have a lot of reported insecure links, you can try this. If you encounter mixed content warnings, just switch it back on. <br><br><b>How to check for mixed content?</b><br>Go to the the front end of your website, and click on the lock in your browser's address bar. When you have mixed content, this lock is not closed, or has a red cross over it."
|
309 |
+
msgstr "Dans la plupart des sites, de nombreux liens sont insérés dans le contenu, dans des options du plugin, ou pire encore : dans le thème. Quand vous passez en SSL, ces liens restent en HTTP au lien d'HTTPS. Pour assurer une transition en douceur, ce plugin va remplacer tous ces liens. Si vous voyez dans l'analyse des résultats que vous avez corrigé la majorité de ces liens, vous pouvez essayer de faire fonctionner votre site sans ce script de remplacement, ce qui améliorera légèrement les performances. Si vous n'avez pas beaucoup de lien \"non sécurisés\" remontés, vous pouvez essayer cela. Si vous rencontrez des alertes de contenu mixte, réactivez simplement cette option. <br><br><b>Comment vérifier s'il y a du contenu mixte ?</b><br>Accédez à la partie publique de votre site et cliquez sur le cadenas dans la barre d'adresse de votre navigateur. Quand vous avez du contenu mixte, le cadenas n'est pas fermé, ou une croix rouge est dessinée au dessus."
|
310 |
+
|
311 |
+
#: class-admin.php:1699
|
312 |
+
#@ really-simple-ssl
|
313 |
+
msgid "HTTP Strict Transport Security (HSTS)"
|
314 |
+
msgstr "HTTP Strict Transport Security (HSTS)"
|
315 |
+
|
316 |
+
#: class-admin.php:1700
|
317 |
+
#@ really-simple-ssl
|
318 |
+
msgid "Using this option will prevent users from visiting your website over http for one year, so use this option with caution! HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. It also prevents HTTPS click through prompts on browsers. "
|
319 |
+
msgstr "Utiliser cette option évitera aux visiteurs de consulter votre site en http pour un an, donc à utiliser avec précaution. HTTP Strict Transport Security (HSTS) est une amélioration de la sécurité de la part d'une application web par l'envoi d'une entête particulière. Une fois qu'un navigateur compatible reçoit cette entête, ce navigateur ne communiquera plus avec le domaine concerné en HTTP mais enverra à la place toutes ses comminications en HTTPS. Cela évite également les alertes HTTPS dans les navigateurs."
|
320 |
+
|
321 |
+
#: class-admin.php:1705
|
322 |
+
#@ really-simple-ssl
|
323 |
+
msgid "How to get an SSL certificate"
|
324 |
+
msgstr "Comment obtenir un certificat SSL ?"
|
325 |
+
|
326 |
+
#: class-admin.php:1706
|
327 |
+
#@ really-simple-ssl
|
328 |
+
msgid "To secure your site with ssl, you need an SSL certificate. How you can get a certificate depends on your hosting provider, but can often be requested on the control panel of your website. If you are not sure what to do, you can contact your hosting provider."
|
329 |
+
msgstr "Pour sécuriser votre site en SSL, vous avez besoin d'un certificat SSL. La manière de l'obtenir dépend de de votre hébergeur, mais en général cela se trouve dans le panneau d'administration de votre site. Si vous n'êtes pas sur, vous pouvez contacter votre hébergeur à ce sujet."
|
330 |
+
|
331 |
+
#: class-admin.php:1423
|
332 |
+
#@ really-simple-ssl
|
333 |
+
msgid "Major security issue!"
|
334 |
+
msgstr ""
|
335 |
+
|
336 |
+
#: class-admin.php:1426
|
337 |
+
#@ really-simple-ssl
|
338 |
+
msgid "The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet."
|
339 |
+
msgstr ""
|
340 |
+
|
341 |
+
#: class-admin.php:1428
|
342 |
+
#: class-admin.php:1494
|
343 |
+
#: class-admin.php:1512
|
344 |
+
#: class-admin.php:1530
|
345 |
+
#@ really-simple-ssl
|
346 |
+
msgid "Check again"
|
347 |
+
msgstr ""
|
348 |
+
|
349 |
+
#: class-admin.php:1440
|
350 |
+
#@ really-simple-ssl
|
351 |
+
msgid "You run a Multisite installation with subfolders, which prevents this plugin from handling the .htaccess."
|
352 |
+
msgstr ""
|
353 |
+
|
354 |
+
#: class-admin.php:1441
|
355 |
+
#@ really-simple-ssl
|
356 |
+
msgid "Because the domain is the same on all sites. You can just as easily activate ssl on all your sites."
|
357 |
+
msgstr ""
|
358 |
+
|
359 |
+
#: class-admin.php:1442
|
360 |
+
#@ really-simple-ssl
|
361 |
+
msgid "So to get rid of this annoying message, just activate networkwide."
|
362 |
+
msgstr ""
|
363 |
+
|
364 |
+
#: class-admin.php:1457
|
365 |
+
#@ really-simple-ssl
|
366 |
+
msgid "SSL was detected and successfully activated!"
|
367 |
+
msgstr "Le certificat SSL a été détecté et activé avec succès !"
|
368 |
+
|
369 |
+
#: class-admin.php:1796
|
370 |
+
#@ really-simple-ssl
|
371 |
+
msgid "Https redirect was set in javascript because the .htaccess was not writable. Set manually if you want to redirect in .htaccess."
|
372 |
+
msgstr ""
|
373 |
+
|
374 |
+
#: class-admin.php:1798
|
375 |
+
#@ really-simple-ssl
|
376 |
+
msgid "Https redirect was set in javascript because you have activated per site on a multiste subfolder install. Install networkwide to set the .htaccess redirect."
|
377 |
+
msgstr ""
|
378 |
+
|
379 |
+
#: class-admin.php:1837
|
380 |
+
#@ really-simple-ssl
|
381 |
+
msgid "More info about HSTS"
|
382 |
+
msgstr ""
|
383 |
+
|
384 |
+
#: class-admin.php:1877
|
385 |
+
#@ really-simple-ssl
|
386 |
+
msgid "The mixed content scan is available when SSL is detected or forced."
|
387 |
+
msgstr ""
|
388 |
+
|
389 |
+
#: class-admin.php:2024
|
390 |
+
#@ really-simple-ssl
|
391 |
+
msgid "The HSTS option is not available for per site activated ssl, as it would force other sites over ssl as well."
|
392 |
+
msgstr ""
|
393 |
+
|
394 |
+
#: class-admin.php:2121
|
395 |
+
#@ really-simple-ssl
|
396 |
+
msgid "On multisite with per site activation, activating HSTS is not possible"
|
397 |
+
msgstr ""
|
398 |
+
|
399 |
+
#: class-admin.php:2122
|
400 |
+
#@ really-simple-ssl
|
401 |
+
msgid "You have to enable htaccess editing to use this option."
|
402 |
+
msgstr ""
|
403 |
+
|
404 |
+
#. translators: plugin header field 'PluginURI'
|
405 |
+
#: really-simple-ssl.php:0
|
406 |
+
#@ really-simple-ssl
|
407 |
+
msgid "https://www.really-simple-ssl.com"
|
408 |
+
msgstr ""
|
409 |
+
|
410 |
+
#. translators: plugin header field 'AuthorURI'
|
411 |
+
#: really-simple-ssl.php:0
|
412 |
+
#@ really-simple-ssl
|
413 |
+
msgid "https://www.rogierlankhorst.com"
|
414 |
+
msgstr ""
|
415 |
+
|
416 |
+
#. translators: plugin header field 'Version'
|
417 |
+
#: really-simple-ssl.php:0
|
418 |
+
#@ really-simple-ssl
|
419 |
+
msgid "2.2.2"
|
420 |
+
msgstr ""
|
languages/really-simple-ssl-ru_RU.mo
ADDED
Binary file
|
languages/really-simple-ssl-ru_RU.po
ADDED
@@ -0,0 +1,420 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
msgid ""
|
2 |
+
msgstr ""
|
3 |
+
"Project-Id-Version: Really Simple SSL v2.2.2\n"
|
4 |
+
"Report-Msgid-Bugs-To: \n"
|
5 |
+
"POT-Creation-Date: \n"
|
6 |
+
"PO-Revision-Date: 2015-11-21 19:32:58+0000\n"
|
7 |
+
"Last-Translator: Rogier <rogier@rogierlankhorst.com>\n"
|
8 |
+
"Language-Team: Halk <admin@aqua36.ru>\n"
|
9 |
+
"MIME-Version: 1.0\n"
|
10 |
+
"Content-Type: text/plain; charset=UTF-8\n"
|
11 |
+
"Content-Transfer-Encoding: 8bit\n"
|
12 |
+
"Plural-Forms: nplurals=3; plural=n%100/10==1 ? 2 : n%10==1 ? 0 : (n+9)%10>3 ? 2 : 1;\n"
|
13 |
+
"X-Generator: Poedit 1.8.3\n"
|
14 |
+
"X-Poedit-Language: \n"
|
15 |
+
"X-Poedit-Country: \n"
|
16 |
+
"X-Poedit-SourceCharset: utf-8\n"
|
17 |
+
"X-Poedit-KeywordsList: __;_e;__ngettext:1,2;_n:1,2;__ngettext_noop:1,2;_n_noop:1,2;_c,_nc:4c,1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;_nx_noop:4c,1,2;\n"
|
18 |
+
"X-Poedit-Basepath: ..\n"
|
19 |
+
"X-Poedit-Bookmarks: \n"
|
20 |
+
"X-Poedit-SearchPath-0: .\n"
|
21 |
+
"X-Textdomain-Support: yes"
|
22 |
+
|
23 |
+
#: class-admin.php:1412
|
24 |
+
#@ really-simple-ssl
|
25 |
+
msgid "No SSL was detected. If you are just waiting for your ssl certificate to kick in you can dismiss this warning."
|
26 |
+
msgstr "Никакой SSL не был обнаружен. Если Вы просто ожидаете своего сертификата SSL, можете отклонить это предупреждение."
|
27 |
+
|
28 |
+
#: class-admin.php:1414
|
29 |
+
#@ really-simple-ssl
|
30 |
+
msgid "Scan SSL setup again"
|
31 |
+
msgstr "Настроить сканирование SSL снова"
|
32 |
+
|
33 |
+
#: class-admin.php:1492
|
34 |
+
#@ really-simple-ssl
|
35 |
+
msgid "We detected a definition of siteurl or homeurl in your wp-config.php, but the file is not writable. Because of this, we cannot set the siteurl to https."
|
36 |
+
msgstr "Мы обнаружили, обнаружили SITEURL или homeurl в вашем WP-config.php, но файл не доступен для записи. Из-за этого, мы не можем установить HTTPS для SITEURL ."
|
37 |
+
|
38 |
+
#: class-admin.php:1662
|
39 |
+
#@ really-simple-ssl
|
40 |
+
msgid "SSL settings"
|
41 |
+
msgstr "SSL настройки"
|
42 |
+
|
43 |
+
#: class-admin.php:1663
|
44 |
+
#@ really-simple-ssl
|
45 |
+
msgid "SSL"
|
46 |
+
msgstr "SSL"
|
47 |
+
|
48 |
+
#: class-admin.php:1687
|
49 |
+
#: class-admin.php:1765
|
50 |
+
#@ really-simple-ssl
|
51 |
+
msgid "Detected setup"
|
52 |
+
msgstr "Обнаружена установка"
|
53 |
+
|
54 |
+
#: class-admin.php:1688
|
55 |
+
#@ really-simple-ssl
|
56 |
+
msgid "In the detected setup section you can see what we detected for your site.<br><br><b>SSL detection:</b> if it is possible to open a page on your site with https, it is assumed you have a valid ssl certificate. No guarantees can be given.<br><br><B>SSL redirect in .htaccess:</b> (Only show when ssl is detected) If possible, the redirect will take place in the .htaccess file. If this file is not available or not writable, javascript is used to enforce ssl."
|
57 |
+
msgstr "В разделе настроек Вы видите то, что мы обнаружили на Вашем сайте.<br><br><b>Обнаружение SSL:</b> если возможно открыть страницу на Вашем сайте с помощью https, предполагается, что у Вас есть действующий сертификат SSL. Никакие гарантии не могут быть даны.<br><br><B>SSL переадресация в .htaccess:</b> (показать только, когда SSL обнаружен) Если возможно, переадресация будет проходить в файле .htaccess. Если этот файл не найден или не доступен для записи, используйте JavaScript для обеспечения работы SSL."
|
58 |
+
|
59 |
+
#: class-admin.php:1694
|
60 |
+
#@ really-simple-ssl
|
61 |
+
msgid "In most sites, a lot of links are saved into the content, pluginoptions or even worse, in the theme. When you switch to ssl , these are still http, instead of https. To ensure a smooth transition, this plugin auto replaces all these links. If you see in the scan results that you have fixed most of these links, you can try to run your site without this replace script, which will give you a small performance advantage. If you do not have a lot of reported insecure links, you can try this. If you encounter mixed content warnings, just switch it back on. <br><br><b>How to check for mixed content?</b><br>Go to the the front end of your website, and click on the lock in your browser's address bar. When you have mixed content, this lock is not closed, or has a red cross over it."
|
62 |
+
msgstr ""
|
63 |
+
|
64 |
+
#: class-admin.php:1699
|
65 |
+
#@ really-simple-ssl
|
66 |
+
msgid "HTTP Strict Transport Security (HSTS)"
|
67 |
+
msgstr "HTTP Strict Transport Security (HSTS)"
|
68 |
+
|
69 |
+
#: class-admin.php:1700
|
70 |
+
#@ really-simple-ssl
|
71 |
+
msgid "Using this option will prevent users from visiting your website over http for one year, so use this option with caution! HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. It also prevents HTTPS click through prompts on browsers. "
|
72 |
+
msgstr ""
|
73 |
+
|
74 |
+
#: class-admin.php:1705
|
75 |
+
#@ really-simple-ssl
|
76 |
+
msgid "How to get an SSL certificate"
|
77 |
+
msgstr "Как получить сертификат SSL"
|
78 |
+
|
79 |
+
#: class-admin.php:1706
|
80 |
+
#@ really-simple-ssl
|
81 |
+
msgid "To secure your site with ssl, you need an SSL certificate. How you can get a certificate depends on your hosting provider, but can often be requested on the control panel of your website. If you are not sure what to do, you can contact your hosting provider."
|
82 |
+
msgstr "Чтобы обеспечить безопасность сайта с помощью SSL, необходим сертификат SSL. Как вы можете получить сертификат зависит от вашего хостинг-провайдера, но часто можно запрашивать в панели управления Вашего сайта. Если вы не знаете как это делать, вы можете связаться с хостинг-провайдером."
|
83 |
+
|
84 |
+
#: class-admin.php:1998
|
85 |
+
#@ really-simple-ssl
|
86 |
+
msgid "Force SSL without detection"
|
87 |
+
msgstr "Заставить работать SSL без обнаружения"
|
88 |
+
|
89 |
+
#: class-admin.php:1863
|
90 |
+
#@ really-simple-ssl
|
91 |
+
msgid "Save"
|
92 |
+
msgstr "Сохранить"
|
93 |
+
|
94 |
+
#: class-admin.php:1772
|
95 |
+
#@ really-simple-ssl
|
96 |
+
msgid "No SSL detected."
|
97 |
+
msgstr "Никакой SSL не обнаружен."
|
98 |
+
|
99 |
+
#: class-admin.php:1774
|
100 |
+
#@ really-simple-ssl
|
101 |
+
msgid "No SSL detected, but SSL is forced."
|
102 |
+
msgstr "Никакой SSL не обнаружен, поэтому SSL не выгружен."
|
103 |
+
|
104 |
+
#: class-admin.php:1778
|
105 |
+
#@ really-simple-ssl
|
106 |
+
msgid "An SSL certificate was detected on your site. "
|
107 |
+
msgstr "Сертификат SSL был обнаружен на вашем сайте."
|
108 |
+
|
109 |
+
#: class-admin.php:1791
|
110 |
+
#@ really-simple-ssl
|
111 |
+
msgid "https redirect set in .htaccess"
|
112 |
+
msgstr "Перенаправление https установлено в .htaccess"
|
113 |
+
|
114 |
+
#: class-admin.php:1832
|
115 |
+
#@ really-simple-ssl
|
116 |
+
msgid "HTTP Strict Transport Security was set in the .htaccess"
|
117 |
+
msgstr "HTTP Strict Transport Security был установлен в .htaccess"
|
118 |
+
|
119 |
+
#: class-admin.php:1834
|
120 |
+
#@ really-simple-ssl
|
121 |
+
msgid "HTTP Strict Transport Security was not set in your .htaccess. Do this only if your setup is fully working, and only when you do not plan to revert to http."
|
122 |
+
msgstr "HTTP Strict Transport Security не был установлен в .htaccess. Сделайте это, только если все работает полностью или только тогда, когда вы не планируете вернуться к HTTP."
|
123 |
+
|
124 |
+
#: class-admin.php:1727
|
125 |
+
#: class-admin.php:1984
|
126 |
+
#: class-admin.php:2176
|
127 |
+
#@ really-simple-ssl
|
128 |
+
msgid "Settings"
|
129 |
+
msgstr "Настройка"
|
130 |
+
|
131 |
+
#: class-admin.php:1993
|
132 |
+
#@ really-simple-ssl
|
133 |
+
msgid "Turn HTTP Strict Transport Security on"
|
134 |
+
msgstr "Включите HTTP Strict Transport Security на"
|
135 |
+
|
136 |
+
#: class-admin.php:1727
|
137 |
+
#: class-admin.php:2001
|
138 |
+
#@ really-simple-ssl
|
139 |
+
msgid "Debug"
|
140 |
+
msgstr "Отладка"
|
141 |
+
|
142 |
+
#: class-admin.php:2020
|
143 |
+
#@ really-simple-ssl
|
144 |
+
msgid "The force ssl without detection option can be used when the ssl was not detected, but you are sure you have ssl."
|
145 |
+
msgstr "Принудительное включение ssl без настройки обнаружения может использоваться, когда ssl не был обнаружен, но Вы уверены, что у Вас есть ssl."
|
146 |
+
|
147 |
+
#: class-admin.php:2120
|
148 |
+
#@ really-simple-ssl
|
149 |
+
msgid "Are you sure? Your visitors will keep going to a https site for a year after you turn this off."
|
150 |
+
msgstr "Вы уверены? Что Ваши посетители будут продолжать заходить по HTTPS на сайт в течение года после выключения."
|
151 |
+
|
152 |
+
#: class-admin.php:2136
|
153 |
+
#@ really-simple-ssl
|
154 |
+
msgid "Are you sure you have an SSL certifcate? Forcing ssl on a non-ssl site can break your site."
|
155 |
+
msgstr "Вы уверены, что у вас есть SSL: Сертификат? Принудительная установка SSL на сайте без сертификата SSL может сломать ваш сайт."
|
156 |
+
|
157 |
+
#: class-scan.php:37
|
158 |
+
#: class-scan.php:38
|
159 |
+
#@ really-simple-ssl
|
160 |
+
msgid "Scanning..."
|
161 |
+
msgstr "Сканирование..."
|
162 |
+
|
163 |
+
#: class-scan.php:89
|
164 |
+
#@ really-simple-ssl
|
165 |
+
msgid "No mixed content was detected. You could try to run your site without using the auto replace of insecure links, but check carefully. "
|
166 |
+
msgstr "Не какое смешанное содержимое не было обнаружено. Вы можете выполнить тщательную проверку своего сайта не используя автоматическую замену небезопасных ссылок."
|
167 |
+
|
168 |
+
#: class-scan.php:108
|
169 |
+
#@ really-simple-ssl
|
170 |
+
msgid "edit"
|
171 |
+
msgstr "редактировать"
|
172 |
+
|
173 |
+
#: class-scan.php:126
|
174 |
+
#@ really-simple-ssl
|
175 |
+
msgid "Scan again"
|
176 |
+
msgstr "Сканировать снова"
|
177 |
+
|
178 |
+
#. translators: plugin header field 'Name'
|
179 |
+
#: really-simple-ssl.php:0
|
180 |
+
#@ really-simple-ssl
|
181 |
+
msgid "Really Simple SSL"
|
182 |
+
msgstr "Простой SSL"
|
183 |
+
|
184 |
+
#. translators: plugin header field 'Description'
|
185 |
+
#: really-simple-ssl.php:0
|
186 |
+
#@ really-simple-ssl
|
187 |
+
msgid "Lightweight plugin without any setup to make your site ssl proof"
|
188 |
+
msgstr "Легкий плагин, чтобы сделать ваш сайт работающим на SSL"
|
189 |
+
|
190 |
+
#. translators: plugin header field 'Author'
|
191 |
+
#: really-simple-ssl.php:0
|
192 |
+
#@ really-simple-ssl
|
193 |
+
msgid "Rogier Lankhorst"
|
194 |
+
msgstr "Rogier Lankhorst"
|
195 |
+
|
196 |
+
#: class-admin.php:1423
|
197 |
+
#@ really-simple-ssl
|
198 |
+
msgid "Major security issue!"
|
199 |
+
msgstr ""
|
200 |
+
|
201 |
+
#: class-admin.php:1426
|
202 |
+
#@ really-simple-ssl
|
203 |
+
msgid "The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet."
|
204 |
+
msgstr ""
|
205 |
+
|
206 |
+
#: class-admin.php:1428
|
207 |
+
#: class-admin.php:1494
|
208 |
+
#: class-admin.php:1512
|
209 |
+
#: class-admin.php:1530
|
210 |
+
#@ really-simple-ssl
|
211 |
+
msgid "Check again"
|
212 |
+
msgstr ""
|
213 |
+
|
214 |
+
#: class-admin.php:1440
|
215 |
+
#@ really-simple-ssl
|
216 |
+
msgid "You run a Multisite installation with subfolders, which prevents this plugin from handling the .htaccess."
|
217 |
+
msgstr ""
|
218 |
+
|
219 |
+
#: class-admin.php:1441
|
220 |
+
#@ really-simple-ssl
|
221 |
+
msgid "Because the domain is the same on all sites. You can just as easily activate ssl on all your sites."
|
222 |
+
msgstr ""
|
223 |
+
|
224 |
+
#: class-admin.php:1442
|
225 |
+
#@ really-simple-ssl
|
226 |
+
msgid "So to get rid of this annoying message, just activate networkwide."
|
227 |
+
msgstr ""
|
228 |
+
|
229 |
+
#: class-admin.php:1457
|
230 |
+
#@ really-simple-ssl
|
231 |
+
msgid "SSL was detected and successfully activated!"
|
232 |
+
msgstr "SSl был обнаружен и успешно активирован!"
|
233 |
+
|
234 |
+
#: class-admin.php:1470
|
235 |
+
#: class-admin.php:1480
|
236 |
+
#@ really-simple-ssl
|
237 |
+
msgid "Really Simple SSL has a conflict with another plugin."
|
238 |
+
msgstr ""
|
239 |
+
|
240 |
+
#: class-admin.php:1471
|
241 |
+
#@ really-simple-ssl
|
242 |
+
msgid "The force rewrite titles option in Yoast SEO prevents Really Simple SSL plugin from fixing mixed content."
|
243 |
+
msgstr ""
|
244 |
+
|
245 |
+
#: class-admin.php:1472
|
246 |
+
#: class-admin.php:1482
|
247 |
+
#@ really-simple-ssl
|
248 |
+
msgid "Show me this setting"
|
249 |
+
msgstr ""
|
250 |
+
|
251 |
+
#: class-admin.php:1481
|
252 |
+
#@ really-simple-ssl
|
253 |
+
msgid "The force http after leaving checkout in Woocommerce will create a redirect loop."
|
254 |
+
msgstr ""
|
255 |
+
|
256 |
+
#: class-admin.php:1502
|
257 |
+
#@ really-simple-ssl
|
258 |
+
msgid "Because your site is behind a loadbalancer and is_ssl() returns false, you should add the following line of code to your wp-config.php. Your wp-config.php could not be written automatically."
|
259 |
+
msgstr ""
|
260 |
+
|
261 |
+
#: class-admin.php:1520
|
262 |
+
#@ really-simple-ssl
|
263 |
+
msgid "Because your server does not pass the $_SERVER[\"HTTPS\"] variable, Wordpress cannot function on SSL. You should add the following line of code to your wp-config.php. Your wp-config.php could not be written automatically."
|
264 |
+
msgstr ""
|
265 |
+
|
266 |
+
#: class-admin.php:1693
|
267 |
+
#@ really-simple-ssl
|
268 |
+
msgid "Mixed content fixer"
|
269 |
+
msgstr ""
|
270 |
+
|
271 |
+
#: class-admin.php:1727
|
272 |
+
#@ really-simple-ssl
|
273 |
+
msgid "Configuration"
|
274 |
+
msgstr ""
|
275 |
+
|
276 |
+
#: class-admin.php:1727
|
277 |
+
#@ really-simple-ssl
|
278 |
+
msgid "Detected mixed content"
|
279 |
+
msgstr ""
|
280 |
+
|
281 |
+
#: class-admin.php:1793
|
282 |
+
#@ really-simple-ssl
|
283 |
+
msgid "Editing of .htaccess is blocked in Really Simple ssl settings, so you're in control of the .htaccess file."
|
284 |
+
msgstr ""
|
285 |
+
|
286 |
+
#: class-admin.php:1796
|
287 |
+
#@ really-simple-ssl
|
288 |
+
msgid "Https redirect was set in javascript because the .htaccess was not writable. Set manually if you want to redirect in .htaccess."
|
289 |
+
msgstr ""
|
290 |
+
|
291 |
+
#: class-admin.php:1798
|
292 |
+
#@ really-simple-ssl
|
293 |
+
msgid "Https redirect was set in javascript because you have activated per site on a multiste subfolder install. Install networkwide to set the .htaccess redirect."
|
294 |
+
msgstr ""
|
295 |
+
|
296 |
+
#: class-admin.php:1800
|
297 |
+
#@ really-simple-ssl
|
298 |
+
msgid "Https redirect was set in javascript because the htaccess redirect rule could not be verified. Set manually if you want to redirect in .htaccess."
|
299 |
+
msgstr ""
|
300 |
+
|
301 |
+
#: class-admin.php:1809
|
302 |
+
#@ really-simple-ssl
|
303 |
+
msgid "Try to add these rules at the bottom of your .htaccess. If it doesn't work, just remove them again."
|
304 |
+
msgstr ""
|
305 |
+
|
306 |
+
#: class-admin.php:1837
|
307 |
+
#@ really-simple-ssl
|
308 |
+
msgid "More info about HSTS"
|
309 |
+
msgstr ""
|
310 |
+
|
311 |
+
#: class-admin.php:1841
|
312 |
+
#: class-scan.php:81
|
313 |
+
#: class-scan.php:90
|
314 |
+
#@ really-simple-ssl
|
315 |
+
msgid "Manage settings"
|
316 |
+
msgstr ""
|
317 |
+
|
318 |
+
#: class-admin.php:1877
|
319 |
+
#@ really-simple-ssl
|
320 |
+
msgid "The mixed content scan is available when SSL is detected or forced."
|
321 |
+
msgstr ""
|
322 |
+
|
323 |
+
#: class-admin.php:1889
|
324 |
+
#@ really-simple-ssl
|
325 |
+
msgid "Log for debugging purposes"
|
326 |
+
msgstr ""
|
327 |
+
|
328 |
+
#: class-admin.php:1890
|
329 |
+
#@ really-simple-ssl
|
330 |
+
msgid "Send me a copy of these lines if you have any issues. The log will be erased when debug is set to false"
|
331 |
+
msgstr ""
|
332 |
+
|
333 |
+
#: class-admin.php:1898
|
334 |
+
#@ really-simple-ssl
|
335 |
+
msgid "To view results here, enable the debug option in the settings tab."
|
336 |
+
msgstr ""
|
337 |
+
|
338 |
+
#: class-admin.php:1985
|
339 |
+
#@ really-simple-ssl
|
340 |
+
msgid "Stop editing the .htaccess file"
|
341 |
+
msgstr ""
|
342 |
+
|
343 |
+
#: class-admin.php:1989
|
344 |
+
#@ really-simple-ssl
|
345 |
+
msgid "Auto replace mixed content"
|
346 |
+
msgstr ""
|
347 |
+
|
348 |
+
#: class-admin.php:2018
|
349 |
+
#@ really-simple-ssl
|
350 |
+
msgid "By unchecking the 'auto replace mixed content' checkbox you can test if your site can run without this extra functionality. Uncheck, empty your cache when you use one, and go to the front end of your site. You should then check if you have mixed content errors, by clicking on the lock icon in the addres bar."
|
351 |
+
msgstr ""
|
352 |
+
|
353 |
+
#: class-admin.php:2024
|
354 |
+
#@ really-simple-ssl
|
355 |
+
msgid "The HSTS option is not available for per site activated ssl, as it would force other sites over ssl as well."
|
356 |
+
msgstr ""
|
357 |
+
|
358 |
+
#: class-admin.php:2121
|
359 |
+
#@ really-simple-ssl
|
360 |
+
msgid "On multisite with per site activation, activating HSTS is not possible"
|
361 |
+
msgstr ""
|
362 |
+
|
363 |
+
#: class-admin.php:2122
|
364 |
+
#@ really-simple-ssl
|
365 |
+
msgid "You have to enable htaccess editing to use this option."
|
366 |
+
msgstr ""
|
367 |
+
|
368 |
+
#: class-scan.php:78
|
369 |
+
#@ really-simple-ssl
|
370 |
+
msgid "Mixed content detected "
|
371 |
+
msgstr ""
|
372 |
+
|
373 |
+
#: class-scan.php:79
|
374 |
+
#@ really-simple-ssl
|
375 |
+
msgid "but that's ok, because the mixed content fixer is active."
|
376 |
+
msgstr ""
|
377 |
+
|
378 |
+
#: class-scan.php:79
|
379 |
+
#@ really-simple-ssl
|
380 |
+
msgid "but the mixed content fix is not active."
|
381 |
+
msgstr ""
|
382 |
+
|
383 |
+
#: class-scan.php:84
|
384 |
+
#@ really-simple-ssl
|
385 |
+
msgid "In the tab \"detected mixed content\" you can find a list of items with mixed content."
|
386 |
+
msgstr ""
|
387 |
+
|
388 |
+
#: class-scan.php:98
|
389 |
+
#, php-format
|
390 |
+
#@ really-simple-ssl
|
391 |
+
msgid "The scan searched for the following insecure links: %s"
|
392 |
+
msgstr ""
|
393 |
+
|
394 |
+
#: class-scan.php:100
|
395 |
+
#@ really-simple-ssl
|
396 |
+
msgid "List of detected items with mixed content"
|
397 |
+
msgstr ""
|
398 |
+
|
399 |
+
#: class-scan.php:101
|
400 |
+
#@ really-simple-ssl
|
401 |
+
msgid "Because really simple ssl includes a mixed content fixer you do not have to worry about this list, but if you want to disable the mixed content fixer, you can find a list of possible issues here."
|
402 |
+
msgstr ""
|
403 |
+
|
404 |
+
#. translators: plugin header field 'PluginURI'
|
405 |
+
#: really-simple-ssl.php:0
|
406 |
+
#@ really-simple-ssl
|
407 |
+
msgid "https://www.really-simple-ssl.com"
|
408 |
+
msgstr ""
|
409 |
+
|
410 |
+
#. translators: plugin header field 'AuthorURI'
|
411 |
+
#: really-simple-ssl.php:0
|
412 |
+
#@ really-simple-ssl
|
413 |
+
msgid "https://www.rogierlankhorst.com"
|
414 |
+
msgstr ""
|
415 |
+
|
416 |
+
#. translators: plugin header field 'Version'
|
417 |
+
#: really-simple-ssl.php:0
|
418 |
+
#@ really-simple-ssl
|
419 |
+
msgid "2.2.2"
|
420 |
+
msgstr ""
|
languages/really-simple-ssl.po
ADDED
@@ -0,0 +1,272 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
msgid ""
|
2 |
+
msgstr ""
|
3 |
+
"Project-Id-Version: Really Simple SSL v2.1.14\n"
|
4 |
+
"Report-Msgid-Bugs-To: \n"
|
5 |
+
"POT-Creation-Date: \n"
|
6 |
+
"PO-Revision-Date: 2015-08-18 08:42:00+0000\n"
|
7 |
+
"Last-Translator: Rogier <rogier@rogierlankhorst.com>\n"
|
8 |
+
"Language-Team: \n"
|
9 |
+
"MIME-Version: 1.0\n"
|
10 |
+
"Content-Type: text/plain; charset=UTF-8\n"
|
11 |
+
"Content-Transfer-Encoding: 8bit\n"
|
12 |
+
"Plural-Forms: nplurals=2; plural=n != 1;\n"
|
13 |
+
"X-Generator: CSL v1.x\n"
|
14 |
+
"X-Poedit-Language: English\n"
|
15 |
+
"X-Poedit-Country: UNITED STATES\n"
|
16 |
+
"X-Poedit-SourceCharset: utf-8\n"
|
17 |
+
"X-Poedit-KeywordsList: __;_e;__ngettext:1,2;_n:1,2;__ngettext_noop:1,2;_n_noop:1,2;_c,_nc:4c,1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;_nx_noop:4c,1,2;\n"
|
18 |
+
"X-Poedit-Basepath: ../\n"
|
19 |
+
"X-Poedit-Bookmarks: \n"
|
20 |
+
"X-Poedit-SearchPath-0: .\n"
|
21 |
+
"X-Textdomain-Support: yes"
|
22 |
+
|
23 |
+
#: class-admin.php:845
|
24 |
+
#@ really-simple-ssl
|
25 |
+
msgid "No SSL was detected. If you are just waiting for your ssl certificate to kick in you can dismiss this warning."
|
26 |
+
msgstr ""
|
27 |
+
|
28 |
+
#: class-admin.php:848
|
29 |
+
#@ really-simple-ssl
|
30 |
+
msgid "I'm sure I have an active SSL certificate, force it!"
|
31 |
+
msgstr ""
|
32 |
+
|
33 |
+
#: class-admin.php:850
|
34 |
+
#@ really-simple-ssl
|
35 |
+
msgid "Scan SSL setup again"
|
36 |
+
msgstr ""
|
37 |
+
|
38 |
+
#: class-admin.php:859
|
39 |
+
#@ really-simple-ssl
|
40 |
+
msgid "SSl was detected and successfully activated!"
|
41 |
+
msgstr ""
|
42 |
+
|
43 |
+
#: class-admin.php:867
|
44 |
+
#@ really-simple-ssl
|
45 |
+
msgid "We detected a definition of siteurl or homeurl in your wp-config.php, but the file is not writable. Because of this, we cannot set the siteurl to https."
|
46 |
+
msgstr ""
|
47 |
+
|
48 |
+
#: class-admin.php:875
|
49 |
+
#@ really-simple-ssl
|
50 |
+
msgid "Because your site is behind a loadbalancer, you should add the following line of code to your wp-config.php. Your wp-config.php could not be written automatically."
|
51 |
+
msgstr ""
|
52 |
+
|
53 |
+
#: class-admin.php:994
|
54 |
+
#: class-admin.php:1066
|
55 |
+
#@ really-simple-ssl
|
56 |
+
msgid "SSL settings"
|
57 |
+
msgstr ""
|
58 |
+
|
59 |
+
#: class-admin.php:995
|
60 |
+
#@ really-simple-ssl
|
61 |
+
msgid "SSL"
|
62 |
+
msgstr ""
|
63 |
+
|
64 |
+
#: class-admin.php:1019
|
65 |
+
#: class-admin.php:1080
|
66 |
+
#@ really-simple-ssl
|
67 |
+
msgid "Detected setup"
|
68 |
+
msgstr ""
|
69 |
+
|
70 |
+
#: class-admin.php:1020
|
71 |
+
#@ really-simple-ssl
|
72 |
+
msgid "In the detected setup section you can see what we detected for your site.<br><br><b>SSL detection:</b> if it is possible to open a page on your site with https, it is assumed you have a valid ssl certificate. No guarantees can be given.<br><br><B>SSL redirect in .htaccess:</b> (Only show when ssl is detected) If possible, the redirect will take place in the .htaccess file. If this file is not available or not writable, javascript is used to enforce ssl."
|
73 |
+
msgstr ""
|
74 |
+
|
75 |
+
#: class-admin.php:1025
|
76 |
+
#: class-admin.php:1227
|
77 |
+
#@ really-simple-ssl
|
78 |
+
msgid "Auto replace insecure links"
|
79 |
+
msgstr ""
|
80 |
+
|
81 |
+
#: class-admin.php:1026
|
82 |
+
#@ really-simple-ssl
|
83 |
+
msgid "In most sites, a lot of links are saved into the content, pluginoptions or even worse, in the theme. When you switch to ssl , these are still http, instead of https. To ensure a smooth transition, this plugin auto replaces all these links. If you see in the scan results that you have fixed most of these links, you can try to run your site without this replace script, which will give you a small performance advantage. If you do not have a lot of reported insecure links, you can try this. If you encounter mixed content warnings, just switch it back on. <br><br><b>How to check for mixed content?</b><br>Go to the the front end of your website, and click on the lock in your browser's address bar. When you have mixed content, this lock is not closed, or has a red cross over it."
|
84 |
+
msgstr ""
|
85 |
+
|
86 |
+
#: class-admin.php:1031
|
87 |
+
#@ really-simple-ssl
|
88 |
+
msgid "HTTP Strict Transport Security (HSTS)"
|
89 |
+
msgstr ""
|
90 |
+
|
91 |
+
#: class-admin.php:1032
|
92 |
+
#@ really-simple-ssl
|
93 |
+
msgid "Using this option will prevent users from visiting your website over http for one year, so use this option with caution! HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. It also prevents HTTPS click through prompts on browsers. "
|
94 |
+
msgstr ""
|
95 |
+
|
96 |
+
#: class-admin.php:1037
|
97 |
+
#@ really-simple-ssl
|
98 |
+
msgid "How to get an SSL certificate"
|
99 |
+
msgstr ""
|
100 |
+
|
101 |
+
#: class-admin.php:1038
|
102 |
+
#@ really-simple-ssl
|
103 |
+
msgid "To secure your site with ssl, you need an SSL certificate. How you can get a certificate depends on your hosting provider, but can often be requested on the control panel of your website. If you are not sure what to do, you can contact your hosting provider."
|
104 |
+
msgstr ""
|
105 |
+
|
106 |
+
#: class-admin.php:1043
|
107 |
+
#: class-admin.php:1236
|
108 |
+
#@ really-simple-ssl
|
109 |
+
msgid "Force SSL without detection"
|
110 |
+
msgstr ""
|
111 |
+
|
112 |
+
#: class-admin.php:1044
|
113 |
+
#@ really-simple-ssl
|
114 |
+
msgid "This plugin tries to open a page within the plugin directory over https. If that fails, it is assumed that ssl is not availble. But as this may not cover all eventualities, it is possible to force the site over ssl anyway.<br><br> If you force your site over ssl without a valid ssl certificate, your site may break. In that case, remove the 'really simple ssl' rules from your .htaccess file (if present), and remove or rename the really simple ssl plugin."
|
115 |
+
msgstr ""
|
116 |
+
|
117 |
+
#: class-admin.php:1068
|
118 |
+
#@ really-simple-ssl
|
119 |
+
msgid "On your SSL settings page you can view the detected setup of your system, and optimize accordingly."
|
120 |
+
msgstr ""
|
121 |
+
|
122 |
+
#: class-admin.php:1077
|
123 |
+
#@ really-simple-ssl
|
124 |
+
msgid "Save"
|
125 |
+
msgstr ""
|
126 |
+
|
127 |
+
#: class-admin.php:1087
|
128 |
+
#@ really-simple-ssl
|
129 |
+
msgid "No SSL detected."
|
130 |
+
msgstr ""
|
131 |
+
|
132 |
+
#: class-admin.php:1089
|
133 |
+
#@ really-simple-ssl
|
134 |
+
msgid "No SSL detected, but SSL is forced."
|
135 |
+
msgstr ""
|
136 |
+
|
137 |
+
#: class-admin.php:1093
|
138 |
+
#@ really-simple-ssl
|
139 |
+
msgid "An SSL certificate was detected on your site. "
|
140 |
+
msgstr ""
|
141 |
+
|
142 |
+
#: class-admin.php:1106
|
143 |
+
#@ really-simple-ssl
|
144 |
+
msgid "https redirect set in .htaccess"
|
145 |
+
msgstr ""
|
146 |
+
|
147 |
+
#: class-admin.php:1108
|
148 |
+
#@ really-simple-ssl
|
149 |
+
msgid "Https redirect was set in javascript, because the proposed redirect for the htaccess would result in a redirect loop. I'd like to know if this happens: info@rogierlankhorst.com"
|
150 |
+
msgstr ""
|
151 |
+
|
152 |
+
#: class-admin.php:1110
|
153 |
+
#@ really-simple-ssl
|
154 |
+
msgid "Https redirect was set in javascript, because .htaccess was not available or writable, or the ssl configuration was not recognized."
|
155 |
+
msgstr ""
|
156 |
+
|
157 |
+
#: class-admin.php:1122
|
158 |
+
#@ really-simple-ssl
|
159 |
+
msgid "HTTP Strict Transport Security was set in the .htaccess"
|
160 |
+
msgstr ""
|
161 |
+
|
162 |
+
#: class-admin.php:1124
|
163 |
+
#@ really-simple-ssl
|
164 |
+
msgid "HTTP Strict Transport Security was not set in your .htaccess. Do this only if your setup is fully working, and only when you do not plan to revert to http."
|
165 |
+
msgstr ""
|
166 |
+
|
167 |
+
#: class-admin.php:1224
|
168 |
+
#@ really-simple-ssl
|
169 |
+
msgid "Settings"
|
170 |
+
msgstr ""
|
171 |
+
|
172 |
+
#: class-admin.php:1231
|
173 |
+
#@ really-simple-ssl
|
174 |
+
msgid "Turn HTTP Strict Transport Security on"
|
175 |
+
msgstr ""
|
176 |
+
|
177 |
+
#: class-admin.php:1239
|
178 |
+
#@ really-simple-ssl
|
179 |
+
msgid "Debug"
|
180 |
+
msgstr ""
|
181 |
+
|
182 |
+
#: class-admin.php:1256
|
183 |
+
#@ really-simple-ssl
|
184 |
+
msgid "By unchecking the 'auto replace insecure links' checkbox you can test if your site can run without this extra functionality. Uncheck, empty your cache when you use one, and go to the front end of your site. You should then check if you have mixed content errors, by clicking on the lock icon in the addres bar."
|
185 |
+
msgstr ""
|
186 |
+
|
187 |
+
#: class-admin.php:1258
|
188 |
+
#@ really-simple-ssl
|
189 |
+
msgid "The force ssl without detection option can be used when the ssl was not detected, but you are sure you have ssl."
|
190 |
+
msgstr ""
|
191 |
+
|
192 |
+
#: class-admin.php:1344
|
193 |
+
#@ really-simple-ssl
|
194 |
+
msgid "Are you sure? Your visitors will keep going to a https site for a year after you turn this off."
|
195 |
+
msgstr ""
|
196 |
+
|
197 |
+
#: class-admin.php:1358
|
198 |
+
#@ really-simple-ssl
|
199 |
+
msgid "Are you sure you have an SSL certifcate? Forcing ssl on a non-ssl site can break your site."
|
200 |
+
msgstr ""
|
201 |
+
|
202 |
+
#: class-scan.php:27
|
203 |
+
#@ really-simple-ssl
|
204 |
+
msgid "Scanning..."
|
205 |
+
msgstr ""
|
206 |
+
|
207 |
+
#: class-scan.php:59
|
208 |
+
#@ really-simple-ssl
|
209 |
+
msgid "currently ACTIVE"
|
210 |
+
msgstr ""
|
211 |
+
|
212 |
+
#: class-scan.php:61
|
213 |
+
#@ really-simple-ssl
|
214 |
+
msgid "currently NOT active"
|
215 |
+
msgstr ""
|
216 |
+
|
217 |
+
#: class-scan.php:63
|
218 |
+
#, php-format
|
219 |
+
#@ really-simple-ssl
|
220 |
+
msgid "Auto replace script is necessary for your website (%s), because mixed content was detected in the following posts, files and options (for performance reasons the number of results is limited to 25 per type)."
|
221 |
+
msgstr ""
|
222 |
+
|
223 |
+
#: class-scan.php:74
|
224 |
+
#@ really-simple-ssl
|
225 |
+
msgid "No mixed content was detected. You could try to run your site without using the auto replace of insecure links, but check carefully. "
|
226 |
+
msgstr ""
|
227 |
+
|
228 |
+
#: class-scan.php:89
|
229 |
+
#@ really-simple-ssl
|
230 |
+
msgid "edit"
|
231 |
+
msgstr ""
|
232 |
+
|
233 |
+
#: class-scan.php:108
|
234 |
+
#@ really-simple-ssl
|
235 |
+
msgid "Scan again"
|
236 |
+
msgstr ""
|
237 |
+
|
238 |
+
#. translators: plugin header field 'Name'
|
239 |
+
#: really-simple-ssl.php:0
|
240 |
+
#@ really-simple-ssl
|
241 |
+
msgid "Really Simple SSL"
|
242 |
+
msgstr ""
|
243 |
+
|
244 |
+
#. translators: plugin header field 'PluginURI'
|
245 |
+
#: really-simple-ssl.php:0
|
246 |
+
#@ really-simple-ssl
|
247 |
+
msgid "http://www.rogierlankhorst.com/really-simple-ssl"
|
248 |
+
msgstr ""
|
249 |
+
|
250 |
+
#. translators: plugin header field 'Description'
|
251 |
+
#: really-simple-ssl.php:0
|
252 |
+
#@ really-simple-ssl
|
253 |
+
msgid "Lightweight plugin without any setup to make your site ssl proof"
|
254 |
+
msgstr ""
|
255 |
+
|
256 |
+
#. translators: plugin header field 'Author'
|
257 |
+
#: really-simple-ssl.php:0
|
258 |
+
#@ really-simple-ssl
|
259 |
+
msgid "Rogier Lankhorst"
|
260 |
+
msgstr ""
|
261 |
+
|
262 |
+
#. translators: plugin header field 'AuthorURI'
|
263 |
+
#: really-simple-ssl.php:0
|
264 |
+
#@ really-simple-ssl
|
265 |
+
msgid "http://www.rogierlankhorst.com"
|
266 |
+
msgstr ""
|
267 |
+
|
268 |
+
#. translators: plugin header field 'Version'
|
269 |
+
#: really-simple-ssl.php:0
|
270 |
+
#@ really-simple-ssl
|
271 |
+
msgid "2.1.14"
|
272 |
+
msgstr ""
|
readme.txt
ADDED
@@ -0,0 +1,448 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
=== Really Simple SSL ===
|
2 |
+
Contributors: RogierLankhorst
|
3 |
+
Donate link: https://www.paypal.me/reallysimplessl
|
4 |
+
Tags: SSL, https, force SSL, mixed content, insecure content, secure website, website security, tls, security, secure socket layers, hsts
|
5 |
+
Requires at least: 4.2
|
6 |
+
License: GPL2
|
7 |
+
Tested up to: 4.9
|
8 |
+
Stable tag: 2.5.23
|
9 |
+
|
10 |
+
No setup required! You only need an SSL certificate, and this plugin will do the rest.
|
11 |
+
|
12 |
+
== Description ==
|
13 |
+
Really Simple SSL automatically detects your settings and configures your website to run over https.
|
14 |
+
To keep it lightweight, the options are kept to a minimum. The entire site will move to SSL.
|
15 |
+
|
16 |
+
= Three simple steps for setup: =
|
17 |
+
* Get an SSL certificate (can't do that for you, sorry).
|
18 |
+
* Activate this plugin
|
19 |
+
* Enable SSL with one click
|
20 |
+
|
21 |
+
Always backup before you go! If you do not have a sound backup policy, start having one! For a snapshot, install duplicator.
|
22 |
+
|
23 |
+
Really Simple SSL is on [GitHub](https://github.com/rlankhorst/really-simple-ssl) as well!
|
24 |
+
|
25 |
+
= Love Really Simple SSL? =
|
26 |
+
Hopefully this plugin save you some hours of work. If you want to support the continuing development of this plugin, you might consider buying the [premium](https://www.really-simple-ssl.com/pro/), which includes
|
27 |
+
some cool features.
|
28 |
+
= Pro features =
|
29 |
+
* The mixed content scan, which shows you what you have to do if you don't have the green lock yet
|
30 |
+
* The option to enable HTTP Strict Transport Security
|
31 |
+
* The option to configure your site for the HSTS preload list
|
32 |
+
* Mixed Content Fixer for the back-end
|
33 |
+
* More detailed feedback on the configuration page.
|
34 |
+
* Certificate expiration check: get an email when your SSL certificate is about to expire.
|
35 |
+
* Premium support
|
36 |
+
|
37 |
+
= What does the plugin actually do =
|
38 |
+
* The plugin handles most issues that Wordpress has with ssl, like when you're behind a revers proxy/loadbalancer, or when no headers are passed which WordPress can use to detect SSL.
|
39 |
+
* All incoming requests are redirected to https. Default with an internal WordPress redirect, but you can also enable a .htaccess redirect.
|
40 |
+
* The site url and home url are changed to https.
|
41 |
+
* Your insecure content is fixed by replacing all http:// urls with https://, except hyperlinks to other domains. Dynamically, so no database changes are made (except for the siteurl and homeurl).
|
42 |
+
|
43 |
+
[contact](https://www.really-simple-ssl.com/contact/) me if you have any questions, issues, or suggestions. More information about me or my work can be found on my [website](https://www.rogierlankhorst.com).
|
44 |
+
|
45 |
+
= Like to have this plugin in your language? =
|
46 |
+
Translations can be added very easily [here](https://translate.wordpress.org/projects/wp-plugins/really-simple-ssl). If you do, I can get you added as translation editor to approve the translations.
|
47 |
+
|
48 |
+
== Installation ==
|
49 |
+
To install this plugin:
|
50 |
+
|
51 |
+
1. Make a backup!
|
52 |
+
2. Install your SSL certificate
|
53 |
+
3. Download the plugin
|
54 |
+
4. Upload the plugin to the wp-content/plugins directory,
|
55 |
+
5. Go to “plugins” in your WordPress admin, then click activate.
|
56 |
+
6. You will now see a notice asking you to enable SSL. Click it and log in again.
|
57 |
+
|
58 |
+
== Frequently Asked Questions ==
|
59 |
+
|
60 |
+
= Knowledge base =
|
61 |
+
For more detailed explanations and documentation on redirect loops, deactivating, mixed content, errors, and so on, please search the [documentation](https://www.really-simple-ssl.com/knowledge-base/)
|
62 |
+
|
63 |
+
= Does the mixed content fixer make my site slower? =
|
64 |
+
On a site where the source consists of about 60.000 characters, the delay caused by the mixed content fixer is about 0.00188 seconds. If this is too much for you, fix the mixed content manually and deactivate it in the settings.
|
65 |
+
|
66 |
+
= Uninstalling Really Simple SSL =
|
67 |
+
The plugin checks your certificate before enabling, but if, for example, you migrated the site to a non-ssl environment, you might get locked out of the back-end.
|
68 |
+
If you can't deactivate, do not just remove the plugin folder to uninstall! Follow these [instructions](https://really-simple-ssl.com/knowledge-base/uninstall-websitebackend-not-accessible/).
|
69 |
+
|
70 |
+
= Mixed content issues =
|
71 |
+
Most mixed content issues are caused by urls in css or js files.
|
72 |
+
For detailed instructions on how to find mixed content read this [article](https://really-simple-ssl.com/knowledge-base/how-to-track-down-mixed-content-or-insecure-content/).
|
73 |
+
|
74 |
+
= Redirect loop issues =
|
75 |
+
If you are experiencing redirect loops on your site, try these [instructions](https://really-simple-ssl.com/knowledge-base/my-website-is-in-a-redirect-loop/).
|
76 |
+
|
77 |
+
= Is the plugin multisite compatible? =
|
78 |
+
Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
|
79 |
+
|
80 |
+
== Changelog ==
|
81 |
+
= 2.5.23 =
|
82 |
+
* Tested up to WP 4.9
|
83 |
+
* Added secure cookie notice
|
84 |
+
|
85 |
+
= 2.5.22 =
|
86 |
+
* Changed mixed content fixer hook back from wp_print_footer_scripts to shutdown
|
87 |
+
|
88 |
+
= 2.5.21 =
|
89 |
+
* Fixed double slash in paths to files
|
90 |
+
* Fixed typo in activation notice.
|
91 |
+
* Tweak: added option to not flush the rewrite rules
|
92 |
+
* Fix: prevent forcing admin_url to http when FORCE_SSL_ADMIN is defined
|
93 |
+
|
94 |
+
= 2.5.20 =
|
95 |
+
* Tweak: constant RSSSL_DISMISS_ACTIVATE_SSL_NOTICE to allow users to hide notices.
|
96 |
+
* Tweak: setting to switch the mixed content fixer hook from template_redirect to init.
|
97 |
+
* Fix: nag in multisite didn't dismiss properly
|
98 |
+
|
99 |
+
= 2.5.19 =
|
100 |
+
* Multisite fix: due to a merge admin_url and site_url filters were dropped, re-added them
|
101 |
+
* Added constant RSSSL_CONTENT_FIXER_ON_INIT so users can keep on using the init hook for the mixed content fixer.
|
102 |
+
|
103 |
+
= 2.5.18 =
|
104 |
+
* Tweak: Removed JetPack fix, as it is now incorporated in JetPack.
|
105 |
+
* Tweak: Moved mixed content fixer hook to template_redirect
|
106 |
+
* Fix: Changed flush rewrite rules hook from admin_init to shutdown, on activation of SSL.
|
107 |
+
* Multisite fix: Changed function which checks if admin_url and site_url should return http or https to check for https in home_url.
|
108 |
+
* Tweak: Explicitly excluded json and xmlrpc requests from the mixed content fixer
|
109 |
+
|
110 |
+
= 2.5.17 =
|
111 |
+
* Tweak: Added a function where the home_url and site_url on multisite check if it should be http or https when SSL is enabled on a per site basis.
|
112 |
+
* Tweak: Added a notice that there will be no network menu when Really Simple SSL is activated per site.
|
113 |
+
* Tweak: Added hook for new multisite site so a new site will be activated as SSL when network wide is activated.
|
114 |
+
* Tweak: limited the JetPack listen on port 80 tweak to reverse proxy servers.
|
115 |
+
* Tweak: created a dedicated rest api redirect constant in case users want to prevent the rest api from redirecting to https.
|
116 |
+
* Fix: dismissal of SSL activated notice on multisite did not work properly
|
117 |
+
|
118 |
+
= 2.5.16 =
|
119 |
+
* Reverted wp_safe_redirect to wp_redirect, as wp_safe_redirect causes a redirect to wp-login.php even when the primary url is domain.com and request url www.domain.com
|
120 |
+
|
121 |
+
= 2.5.15 =
|
122 |
+
* No functional changes, version change because WordPress was not processing the version update
|
123 |
+
|
124 |
+
= 2.5.14 =
|
125 |
+
* Fix: fixed issue in the mixed content fixer where on optimized html the match would match across elements.
|
126 |
+
* replaced wp_redirect with wp_safe_redirect
|
127 |
+
* Added force SSL on wp_rest_api
|
128 |
+
|
129 |
+
= 2.5.13 =
|
130 |
+
* Tweak: configuration more function
|
131 |
+
|
132 |
+
= 2.5.12 =
|
133 |
+
* Added multisite settings page
|
134 |
+
* Added filter for .htaccess code output
|
135 |
+
* Increased user capability to "activate_plugins"
|
136 |
+
* Added SSL_FORWARDED_PROTO = 1 in addition to SSL_FORWARDED_PROTO = on as supported SSL recognition variable.
|
137 |
+
|
138 |
+
= 2.5.11 =
|
139 |
+
* Removed curl in favor of wp_remote_get
|
140 |
+
|
141 |
+
= 2.5.10 =
|
142 |
+
* Fastest cache compatibility fix
|
143 |
+
|
144 |
+
= 2.5.9 =
|
145 |
+
* Multisite tweaks
|
146 |
+
|
147 |
+
= 2.5.8 =
|
148 |
+
* Removed automatic insertion of .htaccess redirects. The .htaccess redirects work fine for most people, but can cause issues in some edge cases.
|
149 |
+
* Added option to explicitly insert .htaccess redirect
|
150 |
+
* Added safe mode constant RSSSL_SAFE_MODE to enable activating in a minimized way
|
151 |
+
* Fix: RLRSSSL_DO_NOT_EDIT_HTACCESS constant did not override setting correctly when setting was used before.
|
152 |
+
* Dropped cache flushing on activation, as this does not always work as expected
|
153 |
+
|
154 |
+
= 2.5.7 =
|
155 |
+
* Tweak: changes testurl to the function test_url()
|
156 |
+
|
157 |
+
= 2.5.6 =
|
158 |
+
* version nr fix
|
159 |
+
|
160 |
+
= 2.5.5 =
|
161 |
+
* Reverted some changes to 2.4.3, as it was causing issues for some users.
|
162 |
+
|
163 |
+
= 2.5.4 =
|
164 |
+
fix: Adjusted selection order of .htaccess rules, preventing redirect loops
|
165 |
+
|
166 |
+
= 2.5.3 =
|
167 |
+
* Changed .htaccess redirects to use only one condition
|
168 |
+
|
169 |
+
= 2.5.2 =
|
170 |
+
* removed file_get_contents function from class_url.php, as in some cases this causes issues.
|
171 |
+
|
172 |
+
= 2.5.1 =
|
173 |
+
* Added help tooltips
|
174 |
+
* Fix: typos in explanations
|
175 |
+
* Added detected server to debug Log
|
176 |
+
* Added test folder for CloudFlare
|
177 |
+
* Added htaccess redirect to use all available server vars for checking SSL.
|
178 |
+
|
179 |
+
= 2.5.0 =
|
180 |
+
* Tweak: Improved support for cloudflare
|
181 |
+
* Tweak: Added support for Cloudfront, thanks to Sharif Alexandre
|
182 |
+
* Fix: Prevent writing of empty .htaccess redirect
|
183 |
+
* Tweak: Added option for 301 internal wp redirect
|
184 |
+
* Tweak: Improved NGINX support
|
185 |
+
* Tweak: Added support for when only the $_ENV[HTTPS] variable is present
|
186 |
+
* Fix: Mixed content fixing of escaped URLS
|
187 |
+
|
188 |
+
= 2.4.3 =
|
189 |
+
* Removed banner in admin
|
190 |
+
|
191 |
+
= 2.4.2 =
|
192 |
+
* Tweak: Added reload over https link for when SSL was not detected
|
193 |
+
* Fixed: After reloading page when the .htaccess message shows, .htaccess is now rewritten.
|
194 |
+
* Tweak: Removed Yoast notices
|
195 |
+
* Tested for WP 4.7
|
196 |
+
* Fixed: bug where network options were not removed properly on deactivation
|
197 |
+
* Tweak: Changed mixed content marker to variation without quotes, to prevent issues with scripting etc.
|
198 |
+
|
199 |
+
= 2.4.1 =
|
200 |
+
* Tweak: improved HSTS check
|
201 |
+
|
202 |
+
= 2.4.0 =
|
203 |
+
* Fixed: added a version check on wp_get_sites / get_sites to get rid of deprecated function notice, and keep backward compatibility.
|
204 |
+
* Fixed: A bug in multisite where plugin_url returned a malformed url in case of main site containing a trailing slash, and subsite not. Thanks to @gahapati for reporting this bug.
|
205 |
+
* Tweak: Added button to settings page to enable SSL, for cases where another plugin is blocking admin notices.
|
206 |
+
* Tweak: Rebuilt the mixed content fixer, for better compatibility
|
207 |
+
* Tweak: Improved the mixed content marker on the front-end, so it's less noticeable, and won't get removed by minification code.
|
208 |
+
|
209 |
+
= 2.3.14 =
|
210 |
+
* Fixed: Clearing of WP Rocket cache after SSL activation causing an error
|
211 |
+
* Fixed: Clearing of W3TC after SSL activation did not function properly
|
212 |
+
|
213 |
+
= 2.3.13 =
|
214 |
+
* Re-inserted Jetpack fix.
|
215 |
+
|
216 |
+
= 2.3.12 =
|
217 |
+
* Requires at least changed back to 4.2, as the function that this was meant for didn’t make it in current release yet.
|
218 |
+
|
219 |
+
= 2.3.11 =
|
220 |
+
* Improved request method in url class
|
221 |
+
* Added check if .htaccess actually exists in htaccess_contains_redirect_rules()
|
222 |
+
* Made activation message more clear.
|
223 |
+
|
224 |
+
= 2.3.10 =
|
225 |
+
* Tested for 4.6
|
226 |
+
* Tweak: changed check for htaccess redirect from checking the RSSSL comments to checking the redirect rule itself
|
227 |
+
* Fix: htaccess not writable message not shown anymore when SSL not yet enabled
|
228 |
+
* Tweak: extended mixed content fixer to cover actions in forms, as those should also be http in case of external urls.
|
229 |
+
* Tweak: added safe domain list for domains that get found but are no threat.
|
230 |
+
* Tweak: added filter for get_admin_url in multisite situations, where WP always returns an https url, although the site might not be on SSL
|
231 |
+
* Tweak: htaccess files and wpconfig are rewritten when the settings page is loaded
|
232 |
+
|
233 |
+
= 2.3.9 =
|
234 |
+
* Fix: removed internal Wordpress redirect as it causes issues for some users.
|
235 |
+
* Tweak: improved url request method
|
236 |
+
|
237 |
+
= 2.3.8 =
|
238 |
+
* Tweak: Fallback redirect changed into internal wp redirect, which is faster
|
239 |
+
* Tweak: When no .htaccess rules are detected, redirect option is enabled automatically
|
240 |
+
* Tweak: Url request falls back to file_get_contents when curl does not give a result
|
241 |
+
|
242 |
+
= 2.3.7 =
|
243 |
+
* Updated screenshots
|
244 |
+
|
245 |
+
= 2.3.6 =
|
246 |
+
* Fixed: missing priority in template_include hook caused not activating mixed content fixer in some themes
|
247 |
+
|
248 |
+
= 2.3.5 =
|
249 |
+
* Fixed: javascript redirect insertion
|
250 |
+
|
251 |
+
= 2.3.4 =
|
252 |
+
* Tweak: load css stylesheet only on options page and before enabling ssl
|
253 |
+
* Tweak: mixed content fixer triggered by is_ssl(), which prevents fixing content on http.
|
254 |
+
* Start detection and configuration only for users with "manage_options" capability
|
255 |
+
|
256 |
+
= 2.3.3 =
|
257 |
+
* Fixed bug in force-deactivate script
|
258 |
+
|
259 |
+
= 2.3.2 =
|
260 |
+
* Changed SSL detection so test page is only needed when not currently on SSL.
|
261 |
+
* Some minor bug fixes.
|
262 |
+
|
263 |
+
= 2.3.1 =
|
264 |
+
* Removed "activate ssl" option when no ssl is detected.
|
265 |
+
* Optimized emptying of cache
|
266 |
+
* Fixed some bugs in deactivation and activation of multisite
|
267 |
+
|
268 |
+
= 2.3.0 =
|
269 |
+
* Given more control over activation process by explicity asking to enable SSL.
|
270 |
+
* Added a notice if .htaccess is not writable
|
271 |
+
|
272 |
+
= 2.2.20 =
|
273 |
+
Fixed a bug in SSL detection
|
274 |
+
|
275 |
+
= 2.2.19 =
|
276 |
+
Changed followlocation in curl to an alternative method, as this gives issues when safemode or open_basedir is enabled.
|
277 |
+
Added dismissable message when redirects cannot be inserted in the .htaccess
|
278 |
+
|
279 |
+
= 2.2.18 =
|
280 |
+
Fixed bug in logging of curl detection
|
281 |
+
|
282 |
+
= 2.2.17 =
|
283 |
+
Security fixes in ssl-test-page.php
|
284 |
+
|
285 |
+
= 2.2.16 =
|
286 |
+
Bugfix with of insecure content fixer.
|
287 |
+
|
288 |
+
= 2.2.13 =
|
289 |
+
Added a check if the mixed content fixer is functioning on the front end
|
290 |
+
Fixed a bug where multisite per_site_activation variable wasn't stored networkwide
|
291 |
+
Added clearing of wp_rocket cache thans to Greg for suggesting this
|
292 |
+
Added filter so you can remove the really simple ssl comment
|
293 |
+
Fixed a bug in the output buffer usage, which resolves several issues.
|
294 |
+
Added code so JetPack will run smoothly on SSL as well, thanks to Konstantin for suggesting this
|
295 |
+
|
296 |
+
= 2.2.12 =
|
297 |
+
* To prevent lockouts, it is no longer possible to activate plugin when wp-config.php is not writable. In case of loadbalancers, activating ssl without adding the necessary fix in the wp-config would cause a redirect loop which would lock you out of the admin.
|
298 |
+
* Moved redirect above the wordpress rewrite rules in the htaccess.
|
299 |
+
* Added an option to disable the fallback javascript redirection to https.
|
300 |
+
|
301 |
+
= 2.2.11 =
|
302 |
+
Brand new content fixer, which fixes all links on in the source of your website.
|
303 |
+
|
304 |
+
= 2.2.10 =
|
305 |
+
* Roll back of mixed content fixer.
|
306 |
+
|
307 |
+
= 2.2.9 =
|
308 |
+
Improved the mixed content fixer. Faster and more effective.
|
309 |
+
|
310 |
+
= 2.2.8 =
|
311 |
+
Edited the wpconfig define check to prevent warnings when none are needed.
|
312 |
+
|
313 |
+
= 2.2.7 =
|
314 |
+
* Extended detection of homeurl and siteurl constants in wp-config.php with regex to allow for spaces in code.
|
315 |
+
* Changed text domain to make this plugin language packs ready
|
316 |
+
* Added 404 detection to ssl detection function, so subdomains can get checked properly on subdomain multisite installs
|
317 |
+
|
318 |
+
= 2.2.6 =
|
319 |
+
Added slash in redirect rule
|
320 |
+
small bugfixes
|
321 |
+
|
322 |
+
= 2.2.3 =
|
323 |
+
documentation update
|
324 |
+
|
325 |
+
= 2.2.2 =
|
326 |
+
* Added multisite support for the missing https server variable issue
|
327 |
+
* Improved curl connection script
|
328 |
+
* Added French translation thanks to Cedric
|
329 |
+
|
330 |
+
= 2.2.1 =
|
331 |
+
* Small bug fixes
|
332 |
+
|
333 |
+
= 2.2.0 =
|
334 |
+
* Added per site activation for multisite, but excluded this option for subfolder installs.
|
335 |
+
* Added script to easily deactivate the plugin when you are locked out of the wordpress admin.
|
336 |
+
* Added support for a situation where no server variables are given which can indicate ssl, which can cause Wordpress to generate errors and redirect loops.
|
337 |
+
* Removed warning on Woocommerce force ssl after checkout, as only unforce ssl seems to be causing problems
|
338 |
+
* Added Russian translation, thanks to xsascha
|
339 |
+
* Improved redirect rules in the .htaccess
|
340 |
+
* Added option te disable the plugin from editing the .htaccess in the settings
|
341 |
+
* Fixed a bug where multisite would not deactivate correctly
|
342 |
+
* Fixed a bug where insecure content scan would not scan custom post types
|
343 |
+
|
344 |
+
= 2.1.18 =
|
345 |
+
* Made woocommerce warning dismissable, as it does not seem to cause issues
|
346 |
+
* Fixed a bug caused by WP native plugin_dir_url() returning relative path, resulting in no ssl messages
|
347 |
+
|
348 |
+
= 2.1.17 =
|
349 |
+
* Fixed a bug where example .htaccess rewrite rules weren't generated correctly
|
350 |
+
* Added woocommerce to the plugin conflicts handler, as some settings conflict with this plugin, and are superfluous when you force your site to ssl anyway.
|
351 |
+
* Excluded transients from mixed content scan results
|
352 |
+
|
353 |
+
= 2.1.16 =
|
354 |
+
* Fixed a bug where script would fail because curl function was not installed.
|
355 |
+
* Added debug messages
|
356 |
+
* Improved FAQ, removed typos
|
357 |
+
* Replaced screenshots
|
358 |
+
|
359 |
+
= 2.1.15 =
|
360 |
+
* Improved user interface with tabs
|
361 |
+
* Changed function to test ssl test page from file_get_contents to curl, as this improves response time, which might prevent "no ssl messages"
|
362 |
+
* Extended the mixed content fixer to replace src="http:// links, as these should always be https on an ssl site.
|
363 |
+
* Added an errormessage in case of force rewrite titles in Yoast SEO plugin is used, as this prevents the plugin from fixing mixed content
|
364 |
+
|
365 |
+
= 2.1.14 =
|
366 |
+
* Added support for loadbalancer and is_ssl() returning false: in that case a wp-config fix is needed.
|
367 |
+
* Improved performance
|
368 |
+
* Added debuggin option, so a trace log can be viewed
|
369 |
+
* Fixed a bug where the rlrsssl_replace_url_args filter was not applied correctly.
|
370 |
+
|
371 |
+
= 2.1.13 =
|
372 |
+
* Fixed an issue where in some configurations the replace url filter did not fire
|
373 |
+
|
374 |
+
= 2.1.12 =
|
375 |
+
* Added the force SSL option, in cases where SSL could not be detected for some reason.
|
376 |
+
* Added a test to check if the proposed .htaccess rules will work in the current environment.
|
377 |
+
* Readded HSTS to the htaccess rules, but now as an option. Adding this should be done only when you are sure you do not want to revert back to http.
|
378 |
+
|
379 |
+
= 2.1.11 =
|
380 |
+
* Improved instructions regarding deinstalling when locked out of back-end
|
381 |
+
|
382 |
+
= 2.1.10 =
|
383 |
+
* Removed HSTS headers, because it is difficult to roll back.
|
384 |
+
|
385 |
+
= 2.1.9 =
|
386 |
+
* Added the possibility to prevent htaccess from being edited, in case of redirect loop.
|
387 |
+
= 2.1.7 =
|
388 |
+
* Refined SSL detection
|
389 |
+
* Bugfix on deactivation of plugin
|
390 |
+
|
391 |
+
= 2.1.6 =
|
392 |
+
* Fixed an SSL detection issue which could lead to redirect loop
|
393 |
+
|
394 |
+
= 2.1.4 =
|
395 |
+
* Improved redirect rules for .htaccess
|
396 |
+
|
397 |
+
= 2.1.3 =
|
398 |
+
* Now plugin only changes .htaccess when one of three preprogrammed ssl types was recognized.
|
399 |
+
* Simplified filter use to add your own urls to replace, see f.a.q.
|
400 |
+
* Default javascript redirect when .htaccess redirect does not succeed
|
401 |
+
|
402 |
+
= 2.1.2 =
|
403 |
+
* Fixed bug where number of options with mixed content was not displayed correctly
|
404 |
+
|
405 |
+
= 2.1.1 =
|
406 |
+
* limited the number of files, posts and options that can be show at once in the mixed content scan.
|
407 |
+
|
408 |
+
= 2.1.0 =
|
409 |
+
* Added version control to the .htaccess rules, so the .htaccess gets updated as well.
|
410 |
+
* Added detection of loadbalancer and cdn so .htaccess rules can be adapted accordingly. Fixes some redirect loop issues.
|
411 |
+
* Added the possibility to disable the auto replace of insecure links
|
412 |
+
* Added a scan to scan the website for insecure links
|
413 |
+
* Added detection of in wp-config.php defined siteurl and homeurl, which could prevent from successfull url change.
|
414 |
+
* Dropped the force ssl option (used when not ssl detected)
|
415 |
+
* Thanks to Peter Tak, [PTA security](http://www.pta-security.nl/) for mentioning the owasp security best practice https://www.owasp.org/index.php/HTTP_Strict_Transport_Security in .htaccess,
|
416 |
+
|
417 |
+
= 2.0.7 =
|
418 |
+
* Added 301 redirect to .htaccess for seo purposes
|
419 |
+
|
420 |
+
= 2.0.3 =
|
421 |
+
* Fixed some typos in readme
|
422 |
+
* added screenshots
|
423 |
+
* fixed a bug where on deactivation the https wasn't removed from siturl and homeurl
|
424 |
+
|
425 |
+
= 2.0.0 =
|
426 |
+
* Added SSL detection by opening a page in the plugin directory over https
|
427 |
+
* Added https redirection in .htaccess, when possible
|
428 |
+
* Added warnings and messages to improve user experience
|
429 |
+
* Added automatic change of siteurl and homeurl to https, to make backend ssl proof.
|
430 |
+
* Added caching flush support for WP fastest cache, Zen Cache and W3TC
|
431 |
+
* Fixed bug where siteurl was used as url to fix instead of homeurl
|
432 |
+
* Fixed issue where url was not replaced on front end, when used url in content is different from home url (e.g. http://www.domain.com as homeurl and http://domain.com in content)
|
433 |
+
* Added filter so you can add cdn urls to the replacement script
|
434 |
+
* Added googleapis.com/ajax cdn to standard replacement script, as it is often used without https.
|
435 |
+
|
436 |
+
= 1.0.3 =
|
437 |
+
* Improved installation instructions
|
438 |
+
|
439 |
+
== Upgrade notice ==
|
440 |
+
On settings page load, the .htaccess file is no rewritten. If you have made .htaccess customizations to the RSSSL block and have not blocked the plugin from editing it, do so before upgrading.
|
441 |
+
Always back up before any upgrade. Especially .htaccess, wp-config.php and the plugin folder. This way you can easily roll back.
|
442 |
+
|
443 |
+
== Screenshots ==
|
444 |
+
1. After activation, if SSL was detected, you can enable SSL.
|
445 |
+
2. View your configuration on the settings page
|
446 |
+
|
447 |
+
== Frequently asked questions ==
|
448 |
+
* Really Simple SSL maintains an extensive knowledge-base at https://www.really-simple-ssl.com.
|
rlrsssl-really-simple-ssl.php
ADDED
@@ -0,0 +1,123 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Plugin Name: Really Simple SSL
|
4 |
+
* Plugin URI: https://www.really-simple-ssl.com
|
5 |
+
* Description: Lightweight plugin without any setup to make your site ssl proof
|
6 |
+
* Version: 2.5.23
|
7 |
+
* Text Domain: really-simple-ssl
|
8 |
+
* Domain Path: /languages
|
9 |
+
* Author: Rogier Lankhorst
|
10 |
+
* Author URI: https://www.rogierlankhorst.com
|
11 |
+
* License: GPL2
|
12 |
+
*/
|
13 |
+
|
14 |
+
/* Copyright 2014 Rogier Lankhorst (email : rogier@rogierlankhorst.com)
|
15 |
+
|
16 |
+
This program is free software; you can redistribute it and/or modify
|
17 |
+
it under the terms of the GNU General Public License, version 2, as
|
18 |
+
published by the Free Software Foundation.
|
19 |
+
|
20 |
+
This program is distributed in the hope that it will be useful,
|
21 |
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
22 |
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
23 |
+
GNU General Public License for more details.
|
24 |
+
|
25 |
+
You should have received a copy of the GNU General Public License
|
26 |
+
along with this program; if not, write to the Free Software
|
27 |
+
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
28 |
+
*/
|
29 |
+
|
30 |
+
defined('ABSPATH') or die("you do not have access to this page!");
|
31 |
+
|
32 |
+
class REALLY_SIMPLE_SSL {
|
33 |
+
|
34 |
+
private static $instance;
|
35 |
+
public $rssl_front_end;
|
36 |
+
public $rssl_mixed_content_fixer;
|
37 |
+
public $rsssl_multisite;
|
38 |
+
public $rsssl_cache;
|
39 |
+
public $rsssl_server;
|
40 |
+
public $really_simple_ssl;
|
41 |
+
public $rsssl_help;
|
42 |
+
|
43 |
+
private function __construct() {}
|
44 |
+
|
45 |
+
public static function instance() {
|
46 |
+
if ( ! isset( self::$instance ) && ! ( self::$instance instanceof REALLY_SIMPLE_SSL ) ) {
|
47 |
+
self::$instance = new REALLY_SIMPLE_SSL;
|
48 |
+
self::$instance->setup_constants();
|
49 |
+
self::$instance->includes();
|
50 |
+
|
51 |
+
self::$instance->rsssl_front_end = new rsssl_front_end();
|
52 |
+
self::$instance->rsssl_mixed_content_fixer = new rsssl_mixed_content_fixer();
|
53 |
+
|
54 |
+
// Backwards compatibility for add-ons
|
55 |
+
global $rsssl_front_end, $rsssl_mixed_content_fixer;
|
56 |
+
$rsssl_front_end = self::$instance->rsssl_front_end;
|
57 |
+
$rsssl_mixed_content_fixer = self::$instance->rsssl_mixed_content_fixer;
|
58 |
+
|
59 |
+
if ( is_admin() ) {
|
60 |
+
if ( is_multisite() ) {
|
61 |
+
self::$instance->rsssl_multisite = new rsssl_multisite();
|
62 |
+
}
|
63 |
+
|
64 |
+
self::$instance->rsssl_cache = new rsssl_cache();
|
65 |
+
self::$instance->rsssl_server = new rsssl_server();
|
66 |
+
self::$instance->really_simple_ssl = new rsssl_admin();
|
67 |
+
self::$instance->rsssl_help = new rsssl_help();
|
68 |
+
|
69 |
+
// Backwards compatibility for add-ons
|
70 |
+
global $rsssl_cache, $rsssl_server, $really_simple_ssl, $rsssl_help;
|
71 |
+
$rsssl_cache = self::$instance->rsssl_cache;
|
72 |
+
$rsssl_server = self::$instance->rsssl_server;
|
73 |
+
$really_simple_ssl = self::$instance->really_simple_ssl;
|
74 |
+
$rsssl_help = self::$instance->rsssl_help;
|
75 |
+
}
|
76 |
+
|
77 |
+
self::$instance->hooks();
|
78 |
+
|
79 |
+
}
|
80 |
+
|
81 |
+
return self::$instance;
|
82 |
+
}
|
83 |
+
|
84 |
+
private function setup_constants() {
|
85 |
+
define('rsssl_url', plugin_dir_url(__FILE__ ));
|
86 |
+
define('rsssl_path', trailingslashit(plugin_dir_path(__FILE__ )));
|
87 |
+
define('rsssl_plugin', plugin_basename( __FILE__ ) );
|
88 |
+
|
89 |
+
require_once(ABSPATH.'wp-admin/includes/plugin.php');
|
90 |
+
$plugin_data = get_plugin_data( __FILE__ );
|
91 |
+
define('rsssl_version', $plugin_data['Version']);
|
92 |
+
}
|
93 |
+
|
94 |
+
private function includes() {
|
95 |
+
require_once( rsssl_path . 'class-front-end.php' );
|
96 |
+
|
97 |
+
require_once( rsssl_path . 'class-mixed-content-fixer.php' );
|
98 |
+
|
99 |
+
if ( is_admin() ) {
|
100 |
+
require_once( rsssl_path . 'class-admin.php' );
|
101 |
+
require_once( rsssl_path . 'class-cache.php' );
|
102 |
+
require_once( rsssl_path . 'class-server.php' );
|
103 |
+
require_once( rsssl_path . 'class-help.php' );
|
104 |
+
|
105 |
+
if ( is_multisite() ) {
|
106 |
+
require_once( rsssl_path . 'class-multisite.php' );
|
107 |
+
}
|
108 |
+
}
|
109 |
+
}
|
110 |
+
|
111 |
+
private function hooks() {
|
112 |
+
add_action( 'wp_loaded', array( self::$instance->rsssl_front_end, 'force_ssl' ), 20 );
|
113 |
+
|
114 |
+
if ( is_admin() ) {
|
115 |
+
add_action( 'plugins_loaded', array( self::$instance->really_simple_ssl, 'init' ), 10 );
|
116 |
+
}
|
117 |
+
}
|
118 |
+
}
|
119 |
+
|
120 |
+
function RSSSL() {
|
121 |
+
return REALLY_SIMPLE_SSL::instance();
|
122 |
+
}
|
123 |
+
add_action( 'plugins_loaded', 'RSSSL', 8 );
|
ssl-test-page.php
ADDED
@@ -0,0 +1,61 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<meta charset="UTF-8">
|
4 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
5 |
+
</head>
|
6 |
+
<body>
|
7 |
+
<h1>#SSL TEST PAGE#</h1>
|
8 |
+
<p>This page is used purely to test for ssl availability.</p>
|
9 |
+
<?php
|
10 |
+
$ssl = FALSE;
|
11 |
+
if (isset($_SERVER['HTTPS']) ) {
|
12 |
+
if ( strtolower($_SERVER['HTTPS']) == 'on') {
|
13 |
+
|
14 |
+
echo "#SERVER-HTTPS-ON#"." (".htmlentities($_SERVER['HTTPS'], ENT_QUOTES, 'UTF-8').")<br>";
|
15 |
+
$ssl = TRUE;
|
16 |
+
}
|
17 |
+
if ( '1' == $_SERVER['HTTPS'] ) {
|
18 |
+
echo "#SERVER-HTTPS-1#<br>";
|
19 |
+
$ssl = TRUE;
|
20 |
+
}
|
21 |
+
}
|
22 |
+
|
23 |
+
if (isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] )) {
|
24 |
+
echo "#SERVERPORT443#<br>";
|
25 |
+
$ssl = TRUE;
|
26 |
+
}
|
27 |
+
|
28 |
+
if (isset($_ENV['HTTPS']) && ( 'on' == $_ENV['HTTPS'] )) {
|
29 |
+
echo "#ENVHTTPS#<br>";
|
30 |
+
$ssl = TRUE;
|
31 |
+
}
|
32 |
+
|
33 |
+
if (!empty($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && ($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] == 'https')){
|
34 |
+
echo "#CLOUDFRONT#<br>";
|
35 |
+
$ssl = TRUE;
|
36 |
+
}
|
37 |
+
|
38 |
+
if(!empty($_SERVER['HTTP_CF_VISITOR']) && ($_SERVER['HTTP_CF_VISITOR'] == 'https')){
|
39 |
+
echo "#CLOUDFLARE#<br>";
|
40 |
+
$ssl = TRUE;
|
41 |
+
}
|
42 |
+
|
43 |
+
if(!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')){
|
44 |
+
echo "#LOADBALANCER#<br>";
|
45 |
+
$ssl = TRUE;
|
46 |
+
}
|
47 |
+
|
48 |
+
if (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == 'on' || $_SERVER['HTTP_X_FORWARDED_SSL'] == 1)){
|
49 |
+
echo "#CDN#<br>";
|
50 |
+
$ssl = TRUE;
|
51 |
+
}
|
52 |
+
|
53 |
+
if ($ssl) {
|
54 |
+
echo "<br>#SUCCESFULLY DETECTED SSL#";
|
55 |
+
} else {
|
56 |
+
echo "<br>#NO KNOWN SSL CONFIGURATION DETECTED#";
|
57 |
+
}
|
58 |
+
?>
|
59 |
+
|
60 |
+
</body>
|
61 |
+
</html>
|
testssl/cdn/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTP:X-Forwarded-SSL} !on
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/cdn/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/cloudflare/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/cloudflare/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/cloudfront/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTP:CloudFront-Forwarded-Proto} !https
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/cloudfront/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/envhttps/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{ENV:HTTPS} !=on
|
4 |
+
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/envhttps/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/loadbalancer/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTP:X-Forwarded-Proto} !https
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/loadbalancer/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/serverhttps1/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTPS} !=1
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/serverhttps1/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/serverhttpson/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTPS} !=on [NC]
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/serverhttpson/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/serverport443/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{SERVER_PORT} !443
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/serverport443/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing ssl functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
uninstall.php
ADDED
@@ -0,0 +1,14 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
// If uninstall is not called from WordPress, exit
|
3 |
+
if ( !defined( 'WP_UNINSTALL_PLUGIN' ) ) {
|
4 |
+
exit();
|
5 |
+
}
|
6 |
+
|
7 |
+
delete_all_options('rlrsssl_options');
|
8 |
+
delete_all_options('rlrsssl_network_options');
|
9 |
+
|
10 |
+
function delete_all_options($option_name) {
|
11 |
+
delete_option( $option_name );
|
12 |
+
// For site options in Multisite
|
13 |
+
delete_site_option( $option_name );
|
14 |
+
}
|