Version Description
- Fix: fixed a bug in certificate detection
- Tweak: added HTTP_X_PROTO as supported header
- Tweak: split HTTP_X_FORWARDED_SSL into a variation which can be either '1' or 'on'
- Tweak: improved certificate detection by stripping domains of subfolders.
- Tweak: Multisite bulk SSL activation now chunked in 200 site blocks, to prevent time out issues on large multisite networks.
- Tweak: a 'leave review' notice for new free users
Download this release
Release Info
Developer | RogierLankhorst |
Plugin | Really Simple SSL |
Version | 3.1 |
Comparing to | |
See all releases |
Code changes from version 3.0.5 to 3.1
- class-admin.php +131 -15
- class-certificate.php +11 -7
- class-multisite.php +168 -26
- css/main.css +55 -0
- multisite-cron.php +28 -0
- readme.txt +9 -1
- rlrsssl-really-simple-ssl.php +102 -88
- ssl-test-page.php +49 -39
- testssl/serverhttpxforwardedssl1/.htaccess +5 -0
- testssl/serverhttpxforwardedssl1/ssl-test-page.html +9 -0
- testssl/serverhttpxforwardedsslon/.htaccess +5 -0
- testssl/serverhttpxforwardedsslon/ssl-test-page.html +9 -0
- testssl/serverhttpxproto/.htaccess +5 -0
- testssl/serverhttpxproto/ssl-test-page.html +9 -0
class-admin.php
CHANGED
@@ -32,6 +32,7 @@ class rsssl_admin extends rsssl_front_end
|
|
32 |
public $javascript_redirect = FALSE;
|
33 |
public $htaccess_redirect = FALSE;
|
34 |
public $htaccess_warning_shown = FALSE;
|
|
|
35 |
public $ssl_success_message_shown = FALSE;
|
36 |
public $hsts = FALSE;
|
37 |
public $debug = TRUE;
|
@@ -61,6 +62,7 @@ class rsssl_admin extends rsssl_front_end
|
|
61 |
register_deactivation_hook(dirname(__FILE__) . "/" . $this->plugin_filename, array($this, 'deactivate'));
|
62 |
|
63 |
add_action('admin_init', array($this, 'add_privacy_info'));
|
|
|
64 |
}
|
65 |
|
66 |
static function this()
|
@@ -113,7 +115,7 @@ class rsssl_admin extends rsssl_front_end
|
|
113 |
* https://codex.wordpress.org/Function_Reference/flush_rewrite_rules
|
114 |
* */
|
115 |
|
116 |
-
if (get_option('rsssl_flush_rewrite_rules') && get_option('rsssl_flush_rewrite_rules') < strtotime("
|
117 |
delete_option('rsssl_flush_rewrite_rules');
|
118 |
add_action('shutdown', 'flush_rewrite_rules');
|
119 |
}
|
@@ -144,7 +146,6 @@ class rsssl_admin extends rsssl_front_end
|
|
144 |
//if we were to activate ssl, this could result in a redirect loop. So warn first.
|
145 |
add_action("admin_notices", array($this, 'show_notice_wpconfig_needs_fixes'));
|
146 |
if (is_multisite()) add_action('network_admin_notices', array($this, 'show_notice_wpconfig_needs_fixes'), 10);
|
147 |
-
|
148 |
$this->ssl_enabled = false;
|
149 |
$this->save_options();
|
150 |
} elseif ($this->ssl_enabled) {
|
@@ -181,9 +182,14 @@ class rsssl_admin extends rsssl_front_end
|
|
181 |
//callbacks for the ajax dismiss buttons
|
182 |
add_action('wp_ajax_dismiss_htaccess_warning', array($this, 'dismiss_htaccess_warning_callback'));
|
183 |
add_action('wp_ajax_dismiss_success_message', array($this, 'dismiss_success_message_callback'));
|
|
|
184 |
|
185 |
//handle notices
|
186 |
add_action('admin_notices', array($this, 'show_notices'));
|
|
|
|
|
|
|
|
|
187 |
add_action("update_option_rlrsssl_options", array($this, "update_htaccess_after_settings_save"), 20, 3);
|
188 |
}
|
189 |
|
@@ -294,6 +300,11 @@ class rsssl_admin extends rsssl_front_end
|
|
294 |
|
295 |
if (isset($_POST['rsssl_do_activate_ssl'])) {
|
296 |
$this->activate_ssl();
|
|
|
|
|
|
|
|
|
|
|
297 |
return true;
|
298 |
}
|
299 |
|
@@ -303,7 +314,7 @@ class rsssl_admin extends rsssl_front_end
|
|
303 |
|
304 |
/*
|
305 |
Activate the SSL for this site
|
306 |
-
|
307 |
|
308 |
public function activate_ssl()
|
309 |
{
|
@@ -505,6 +516,7 @@ class rsssl_admin extends rsssl_front_end
|
|
505 |
$this->site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
506 |
$this->hsts = isset($options['hsts']) ? $options['hsts'] : FALSE;
|
507 |
$this->htaccess_warning_shown = isset($options['htaccess_warning_shown']) ? $options['htaccess_warning_shown'] : FALSE;
|
|
|
508 |
$this->ssl_success_message_shown = isset($options['ssl_success_message_shown']) ? $options['ssl_success_message_shown'] : FALSE;
|
509 |
$this->plugin_db_version = isset($options['plugin_db_version']) ? $options['plugin_db_version'] : "1.0";
|
510 |
$this->debug = isset($options['debug']) ? $options['debug'] : FALSE;
|
@@ -866,6 +878,7 @@ class rsssl_admin extends rsssl_front_end
|
|
866 |
$rule .= '|| (isset($_SERVER["HTTP_CF_VISITOR"]) && (strpos($_SERVER["HTTP_CF_VISITOR"], "https") !== false))' . "\n";
|
867 |
$rule .= '|| (isset($_SERVER["HTTP_CLOUDFRONT_FORWARDED_PROTO"]) && (strpos($_SERVER["HTTP_CLOUDFRONT_FORWARDED_PROTO"], "https") !== false))' . "\n";
|
868 |
$rule .= '|| (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && (strpos($_SERVER["HTTP_X_FORWARDED_PROTO"], "https") !== false))' . "\n";
|
|
|
869 |
$rule .= ') {' . "\n";
|
870 |
$rule .= '$_SERVER["HTTPS"] = "on";' . "\n";
|
871 |
$rule .= '}' . "\n";
|
@@ -1089,6 +1102,7 @@ class rsssl_admin extends rsssl_front_end
|
|
1089 |
'site_has_ssl' => $this->site_has_ssl,
|
1090 |
'hsts' => $this->hsts,
|
1091 |
'htaccess_warning_shown' => $this->htaccess_warning_shown,
|
|
|
1092 |
'ssl_success_message_shown' => $this->ssl_success_message_shown,
|
1093 |
'autoreplace_insecure_links' => $this->autoreplace_insecure_links,
|
1094 |
'plugin_db_version' => $this->plugin_db_version,
|
@@ -1135,6 +1149,7 @@ class rsssl_admin extends rsssl_front_end
|
|
1135 |
$this->site_has_ssl = FALSE;
|
1136 |
$this->hsts = FALSE;
|
1137 |
$this->htaccess_warning_shown = FALSE;
|
|
|
1138 |
$this->ssl_success_message_shown = FALSE;
|
1139 |
$this->autoreplace_insecure_links = TRUE;
|
1140 |
$this->do_not_edit_htaccess = FALSE;
|
@@ -1176,6 +1191,7 @@ class rsssl_admin extends rsssl_front_end
|
|
1176 |
|| (isset($_SERVER['HTTP_CF_VISITOR']) && (strpos($_SERVER['HTTP_CF_VISITOR'], 'https') !== false))
|
1177 |
|| (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && (strpos($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'], 'https') !== false))
|
1178 |
|| (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false))
|
|
|
1179 |
) {
|
1180 |
$server_var = TRUE;
|
1181 |
}
|
@@ -1223,8 +1239,12 @@ class rsssl_admin extends rsssl_front_end
|
|
1223 |
$this->ssl_type = "CLOUDFLARE";
|
1224 |
} elseif ((strpos($filecontents, "#LOADBALANCER#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))) {
|
1225 |
$this->ssl_type = "LOADBALANCER";
|
1226 |
-
} elseif ((strpos($filecontents, "#
|
1227 |
-
$this->ssl_type = "
|
|
|
|
|
|
|
|
|
1228 |
} elseif ((strpos($filecontents, "#SERVER-HTTPS-ON#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on')) {
|
1229 |
$this->ssl_type = "SERVER-HTTPS-ON";
|
1230 |
} elseif ((strpos($filecontents, "#SERVER-HTTPS-1#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == '1')) {
|
@@ -1294,8 +1314,14 @@ class rsssl_admin extends rsssl_front_end
|
|
1294 |
case "LOADBALANCER":
|
1295 |
$testpage_url .= "loadbalancer";
|
1296 |
break;
|
1297 |
-
case "
|
1298 |
-
$testpage_url .= "
|
|
|
|
|
|
|
|
|
|
|
|
|
1299 |
break;
|
1300 |
case "SERVER-HTTPS-ON":
|
1301 |
$testpage_url .= "serverhttpson";
|
@@ -1704,14 +1730,18 @@ class rsssl_admin extends rsssl_front_end
|
|
1704 |
$rule .= "RewriteCond %{HTTPS} !=1" . "\n";
|
1705 |
} elseif ($this->ssl_type == "LOADBALANCER") {
|
1706 |
$rule .= "RewriteCond %{HTTP:X-Forwarded-Proto} !https" . "\n";
|
|
|
|
|
1707 |
} elseif ($this->ssl_type == "CLOUDFLARE") {
|
1708 |
$rule .= "RewriteCond %{HTTP:CF-Visitor} '" . '"scheme":"http"' . "'" . "\n";//some concatenation to get the quotes right.
|
1709 |
} elseif ($this->ssl_type == "SERVERPORT443") {
|
1710 |
$rule .= "RewriteCond %{SERVER_PORT} !443" . "\n";
|
1711 |
} elseif ($this->ssl_type == "CLOUDFRONT") {
|
1712 |
$rule .= "RewriteCond %{HTTP:CloudFront-Forwarded-Proto} !https" . "\n";
|
1713 |
-
} elseif ($this->ssl_type == "
|
1714 |
$rule .= "RewriteCond %{HTTP:X-Forwarded-SSL} !on" . "\n";
|
|
|
|
|
1715 |
} elseif ($type == "ENVHTTPS") {
|
1716 |
$rule .= "RewriteCond %{ENV:HTTPS} !=on" . "\n";
|
1717 |
}
|
@@ -1793,7 +1823,7 @@ class rsssl_admin extends rsssl_front_end
|
|
1793 |
<br><br><code>
|
1794 |
//Begin Really Simple SSL Load balancing fix<br>
|
1795 |
$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https",
|
1796 |
-
"HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on",
|
1797 |
"HTTP_X_FORWARDED_SSL"=>"1");<br>
|
1798 |
foreach( $server_opts as $option => $value ) {<br>
|
1799 |
if ((isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] )
|
@@ -1821,6 +1851,24 @@ class rsssl_admin extends rsssl_front_end
|
|
1821 |
<?php
|
1822 |
}
|
1823 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1824 |
|
1825 |
/**
|
1826 |
* Show notices
|
@@ -1935,7 +1983,7 @@ class rsssl_admin extends rsssl_front_end
|
|
1935 |
}
|
1936 |
|
1937 |
/**
|
1938 |
-
* Insert some ajax script to
|
1939 |
*
|
1940 |
* @since 2.0
|
1941 |
*
|
@@ -1963,6 +2011,48 @@ class rsssl_admin extends rsssl_front_end
|
|
1963 |
<?php
|
1964 |
}
|
1965 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1966 |
/**
|
1967 |
* Process the ajax dismissal of the success message.
|
1968 |
*
|
@@ -1998,6 +2088,32 @@ class rsssl_admin extends rsssl_front_end
|
|
1998 |
wp_die(); // this is required to terminate immediately and return a proper response
|
1999 |
}
|
2000 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2001 |
|
2002 |
/**
|
2003 |
* Adds the admin options page
|
@@ -2310,7 +2426,7 @@ class rsssl_admin extends rsssl_front_end
|
|
2310 |
$this->get_banner_html(array(
|
2311 |
'img' => 'complianz.jpg',
|
2312 |
'title' => 'ComplianZ',
|
2313 |
-
'description' => __("
|
2314 |
'url' => 'https://wordpress.org/plugins/complianz-gdpr/',
|
2315 |
'pro' => true,
|
2316 |
)
|
@@ -2350,6 +2466,7 @@ class rsssl_admin extends rsssl_front_end
|
|
2350 |
);
|
2351 |
|
2352 |
}
|
|
|
2353 |
|
2354 |
if (defined("EDD_SL_PLUGIN_DIR") && (get_locale() === 'nl_NL')) {
|
2355 |
$this->get_banner_html(array(
|
@@ -2372,7 +2489,7 @@ class rsssl_admin extends rsssl_front_end
|
|
2372 |
);
|
2373 |
|
2374 |
}
|
2375 |
-
|
2376 |
</div>
|
2377 |
<?php }
|
2378 |
?>
|
@@ -2599,6 +2716,7 @@ class rsssl_admin extends rsssl_front_end
|
|
2599 |
$newinput['site_has_ssl'] = $this->site_has_ssl;
|
2600 |
$newinput['ssl_success_message_shown'] = $this->ssl_success_message_shown;
|
2601 |
$newinput['htaccess_warning_shown'] = $this->htaccess_warning_shown;
|
|
|
2602 |
$newinput['plugin_db_version'] = $this->plugin_db_version;
|
2603 |
$newinput['ssl_enabled'] = $this->ssl_enabled;
|
2604 |
$newinput['debug_log'] = $this->debug_log;
|
@@ -2666,7 +2784,7 @@ class rsssl_admin extends rsssl_front_end
|
|
2666 |
|
2667 |
public function get_option_debug()
|
2668 |
{
|
2669 |
-
|
2670 |
echo '<input id="rlrsssl_options" name="rlrsssl_options[debug]" size="40" type="checkbox" value="1"' . checked(1, $this->debug, false) . " />";
|
2671 |
RSSSL()->rsssl_help->get_help_tip(__("Enable this option to get debug info in the debug tab.", "really-simple-ssl"));
|
2672 |
|
@@ -2691,7 +2809,6 @@ class rsssl_admin extends rsssl_front_end
|
|
2691 |
$javascript_redirect = TRUE;
|
2692 |
$comment = __("This option is enabled on the network menu.", "really-simple-ssl");
|
2693 |
}
|
2694 |
-
|
2695 |
echo '<input ' . $disabled . ' id="rlrsssl_options" name="rlrsssl_options[javascript_redirect]" size="40" type="checkbox" value="1"' . checked(1, $javascript_redirect, false) . " />";
|
2696 |
RSSSL()->rsssl_help->get_help_tip(__("This is a fallback you should only use if other redirection methods do not work.", "really-simple-ssl"));
|
2697 |
echo $comment;
|
@@ -3058,5 +3175,4 @@ class rsssl_admin extends rsssl_front_end
|
|
3058 |
return $filecontents;
|
3059 |
}
|
3060 |
|
3061 |
-
|
3062 |
} //class closure
|
32 |
public $javascript_redirect = FALSE;
|
33 |
public $htaccess_redirect = FALSE;
|
34 |
public $htaccess_warning_shown = FALSE;
|
35 |
+
public $review_notice_shown = FALSE;
|
36 |
public $ssl_success_message_shown = FALSE;
|
37 |
public $hsts = FALSE;
|
38 |
public $debug = TRUE;
|
62 |
register_deactivation_hook(dirname(__FILE__) . "/" . $this->plugin_filename, array($this, 'deactivate'));
|
63 |
|
64 |
add_action('admin_init', array($this, 'add_privacy_info'));
|
65 |
+
|
66 |
}
|
67 |
|
68 |
static function this()
|
115 |
* https://codex.wordpress.org/Function_Reference/flush_rewrite_rules
|
116 |
* */
|
117 |
|
118 |
+
if (get_option('rsssl_flush_rewrite_rules') && get_option('rsssl_flush_rewrite_rules') < strtotime("-1 minute")){
|
119 |
delete_option('rsssl_flush_rewrite_rules');
|
120 |
add_action('shutdown', 'flush_rewrite_rules');
|
121 |
}
|
146 |
//if we were to activate ssl, this could result in a redirect loop. So warn first.
|
147 |
add_action("admin_notices", array($this, 'show_notice_wpconfig_needs_fixes'));
|
148 |
if (is_multisite()) add_action('network_admin_notices', array($this, 'show_notice_wpconfig_needs_fixes'), 10);
|
|
|
149 |
$this->ssl_enabled = false;
|
150 |
$this->save_options();
|
151 |
} elseif ($this->ssl_enabled) {
|
182 |
//callbacks for the ajax dismiss buttons
|
183 |
add_action('wp_ajax_dismiss_htaccess_warning', array($this, 'dismiss_htaccess_warning_callback'));
|
184 |
add_action('wp_ajax_dismiss_success_message', array($this, 'dismiss_success_message_callback'));
|
185 |
+
add_action('wp_ajax_dismiss_review_notice', array($this, 'dismiss_review_notice_callback'));
|
186 |
|
187 |
//handle notices
|
188 |
add_action('admin_notices', array($this, 'show_notices'));
|
189 |
+
//show review notice, only to free users
|
190 |
+
if (!defined("rsssl_pro_version") && (!defined("rsssl_pp_version")) && (!defined("rsssl_soc_version")) && (!class_exists('RSSSL_PRO'))) {
|
191 |
+
add_action('admin_notices', array($this, 'show_leave_review_notice'));
|
192 |
+
}
|
193 |
add_action("update_option_rlrsssl_options", array($this, "update_htaccess_after_settings_save"), 20, 3);
|
194 |
}
|
195 |
|
300 |
|
301 |
if (isset($_POST['rsssl_do_activate_ssl'])) {
|
302 |
$this->activate_ssl();
|
303 |
+
|
304 |
+
//if (empty(get_option('rsssl_activation_timestamp'))) {
|
305 |
+
update_option('rsssl_activation_timestamp', time());
|
306 |
+
//}
|
307 |
+
|
308 |
return true;
|
309 |
}
|
310 |
|
314 |
|
315 |
/*
|
316 |
Activate the SSL for this site
|
317 |
+
*/
|
318 |
|
319 |
public function activate_ssl()
|
320 |
{
|
516 |
$this->site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
517 |
$this->hsts = isset($options['hsts']) ? $options['hsts'] : FALSE;
|
518 |
$this->htaccess_warning_shown = isset($options['htaccess_warning_shown']) ? $options['htaccess_warning_shown'] : FALSE;
|
519 |
+
$this->review_notice_shown = isset($options['review_notice_shown']) ? $options['review_notice_shown'] : FALSE;
|
520 |
$this->ssl_success_message_shown = isset($options['ssl_success_message_shown']) ? $options['ssl_success_message_shown'] : FALSE;
|
521 |
$this->plugin_db_version = isset($options['plugin_db_version']) ? $options['plugin_db_version'] : "1.0";
|
522 |
$this->debug = isset($options['debug']) ? $options['debug'] : FALSE;
|
878 |
$rule .= '|| (isset($_SERVER["HTTP_CF_VISITOR"]) && (strpos($_SERVER["HTTP_CF_VISITOR"], "https") !== false))' . "\n";
|
879 |
$rule .= '|| (isset($_SERVER["HTTP_CLOUDFRONT_FORWARDED_PROTO"]) && (strpos($_SERVER["HTTP_CLOUDFRONT_FORWARDED_PROTO"], "https") !== false))' . "\n";
|
880 |
$rule .= '|| (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && (strpos($_SERVER["HTTP_X_FORWARDED_PROTO"], "https") !== false))' . "\n";
|
881 |
+
$rule .= '|| (isset($_SERVER["HTTP_X_PROTO"]) && (strpos($_SERVER["HTTP_X_PROTO"], "SSL") !== false))' . "\n";
|
882 |
$rule .= ') {' . "\n";
|
883 |
$rule .= '$_SERVER["HTTPS"] = "on";' . "\n";
|
884 |
$rule .= '}' . "\n";
|
1102 |
'site_has_ssl' => $this->site_has_ssl,
|
1103 |
'hsts' => $this->hsts,
|
1104 |
'htaccess_warning_shown' => $this->htaccess_warning_shown,
|
1105 |
+
'review_notice_shown' => $this->review_notice_shown,
|
1106 |
'ssl_success_message_shown' => $this->ssl_success_message_shown,
|
1107 |
'autoreplace_insecure_links' => $this->autoreplace_insecure_links,
|
1108 |
'plugin_db_version' => $this->plugin_db_version,
|
1149 |
$this->site_has_ssl = FALSE;
|
1150 |
$this->hsts = FALSE;
|
1151 |
$this->htaccess_warning_shown = FALSE;
|
1152 |
+
$this->review_notice_shown = FALSE;
|
1153 |
$this->ssl_success_message_shown = FALSE;
|
1154 |
$this->autoreplace_insecure_links = TRUE;
|
1155 |
$this->do_not_edit_htaccess = FALSE;
|
1191 |
|| (isset($_SERVER['HTTP_CF_VISITOR']) && (strpos($_SERVER['HTTP_CF_VISITOR'], 'https') !== false))
|
1192 |
|| (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && (strpos($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'], 'https') !== false))
|
1193 |
|| (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false))
|
1194 |
+
|| (isset($_SERVER['HTTP_X_PROTO']) && (strpos($_SERVER['HTTP_X_PROTO'], 'SSL') !== false))
|
1195 |
) {
|
1196 |
$server_var = TRUE;
|
1197 |
}
|
1239 |
$this->ssl_type = "CLOUDFLARE";
|
1240 |
} elseif ((strpos($filecontents, "#LOADBALANCER#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))) {
|
1241 |
$this->ssl_type = "LOADBALANCER";
|
1242 |
+
} elseif ((strpos($filecontents, "#HTTP_X_PROTO#") !== false) || (isset($_SERVER['HTTP_X_PROTO']) && ($_SERVER['HTTP_X_PROTO'] == 'SSL'))) {
|
1243 |
+
$this->ssl_type = "HTTP_X_PROTO";
|
1244 |
+
} elseif ((strpos($filecontents, "#HTTP_X_FORWARDED_SSL_ON#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on')) {
|
1245 |
+
$this->ssl_type = "HTTP_X_FORWARDED_SSL_ON";
|
1246 |
+
} elseif ((strpos($filecontents, "#HTTP_X_FORWARDED_SSL_1#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == '1')) {
|
1247 |
+
$this->ssl_type = "HTTP_X_FORWARDED_SSL_1";
|
1248 |
} elseif ((strpos($filecontents, "#SERVER-HTTPS-ON#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on')) {
|
1249 |
$this->ssl_type = "SERVER-HTTPS-ON";
|
1250 |
} elseif ((strpos($filecontents, "#SERVER-HTTPS-1#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == '1')) {
|
1314 |
case "LOADBALANCER":
|
1315 |
$testpage_url .= "loadbalancer";
|
1316 |
break;
|
1317 |
+
case "HTTP_X_PROTO":
|
1318 |
+
$testpage_url .= "serverhttpxproto";
|
1319 |
+
break;
|
1320 |
+
case "HTTP_X_FORWARDED_SSL_ON":
|
1321 |
+
$testpage_url .= "serverhttpxforwardedsslon";
|
1322 |
+
break;
|
1323 |
+
case "HTTP_X_FORWARDED_SSL_1":
|
1324 |
+
$testpage_url .= "serverhttpxforwardedssl1";
|
1325 |
break;
|
1326 |
case "SERVER-HTTPS-ON":
|
1327 |
$testpage_url .= "serverhttpson";
|
1730 |
$rule .= "RewriteCond %{HTTPS} !=1" . "\n";
|
1731 |
} elseif ($this->ssl_type == "LOADBALANCER") {
|
1732 |
$rule .= "RewriteCond %{HTTP:X-Forwarded-Proto} !https" . "\n";
|
1733 |
+
} elseif ($this->ssl_type == "HTTP_X_PROTO") {
|
1734 |
+
$rule .= "RewriteCond %{HTTP:X-Proto} !SSL" . "\n";
|
1735 |
} elseif ($this->ssl_type == "CLOUDFLARE") {
|
1736 |
$rule .= "RewriteCond %{HTTP:CF-Visitor} '" . '"scheme":"http"' . "'" . "\n";//some concatenation to get the quotes right.
|
1737 |
} elseif ($this->ssl_type == "SERVERPORT443") {
|
1738 |
$rule .= "RewriteCond %{SERVER_PORT} !443" . "\n";
|
1739 |
} elseif ($this->ssl_type == "CLOUDFRONT") {
|
1740 |
$rule .= "RewriteCond %{HTTP:CloudFront-Forwarded-Proto} !https" . "\n";
|
1741 |
+
} elseif ($this->ssl_type == "HTTP_X_FORWARDED_SSL_ON") {
|
1742 |
$rule .= "RewriteCond %{HTTP:X-Forwarded-SSL} !on" . "\n";
|
1743 |
+
} elseif ($this->ssl_type == "HTTP_X_FORWARDED_SSL_1") {
|
1744 |
+
$rule .= "RewriteCond %{HTTP:X-Forwarded-SSL} !=1" . "\n";
|
1745 |
} elseif ($type == "ENVHTTPS") {
|
1746 |
$rule .= "RewriteCond %{ENV:HTTPS} !=on" . "\n";
|
1747 |
}
|
1823 |
<br><br><code>
|
1824 |
//Begin Really Simple SSL Load balancing fix<br>
|
1825 |
$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https",
|
1826 |
+
"HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on", "HTTP_X_PROTO"=>"SSL",
|
1827 |
"HTTP_X_FORWARDED_SSL"=>"1");<br>
|
1828 |
foreach( $server_opts as $option => $value ) {<br>
|
1829 |
if ((isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] )
|
1851 |
<?php
|
1852 |
}
|
1853 |
|
1854 |
+
public function show_leave_review_notice()
|
1855 |
+
{
|
1856 |
+
if (!$this->review_notice_shown && get_option('rsssl_activation_timestamp') && get_option('rsssl_activation_timestamp') < strtotime("-1 month")) {
|
1857 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_review'));
|
1858 |
+
?>
|
1859 |
+
<div id="message" class="updated fade notice is-dismissible rlrsssl-review">
|
1860 |
+
<p><?php printf(__('Hi, you have been using Really Simple SSL for a month now, awesome! If you have a moment, please consider leaving a review on WordPress.org to spread the word. We greatly appreciate it! If you have any questions or feedback, leave us a %smessage%s.', 'really-simple-ssl'),'<a href="https://really-simple-ssl.com/contact" target="_blank">','</a>'); ?></p>
|
1861 |
+
<i>- Rogier</i>
|
1862 |
+
<?php //Inline style because the main.css stylesheet is only included on Really Simple SSL admin pages.?>
|
1863 |
+
<ul style="margin-left: 30px; list-style: square;">
|
1864 |
+
<li><p style="margin-top: -5px;"><a target="_blank" href="https://wordpress.org/support/plugin/really-simple-ssl/reviews/#new-post"><?php _e('Leave a review', 'really-simple-ssl'); ?></a></p></li>
|
1865 |
+
<li><p style="margin-top: -5px;"><a href="#" id="maybe-later"><?php _e('Maybe later', 'really-simple-ssl'); ?></a></p></li>
|
1866 |
+
<li><p style="margin-top: -5px;"><a href="#" class="review-dismiss"><?php _e('No thanks', 'really-simple-ssl'); ?></a></p></li>
|
1867 |
+
</ul>
|
1868 |
+
</div>
|
1869 |
+
<?php
|
1870 |
+
}
|
1871 |
+
}
|
1872 |
|
1873 |
/**
|
1874 |
* Show notices
|
1983 |
}
|
1984 |
|
1985 |
/**
|
1986 |
+
* Insert some ajax script to dismiss the htaccess failed fail message, and stop nagging about it
|
1987 |
*
|
1988 |
* @since 2.0
|
1989 |
*
|
2011 |
<?php
|
2012 |
}
|
2013 |
|
2014 |
+
/**
|
2015 |
+
* Insert some ajax script to dismiss the review notice, and stop nagging about it
|
2016 |
+
*
|
2017 |
+
* @since 2.0
|
2018 |
+
*
|
2019 |
+
* @access public
|
2020 |
+
*
|
2021 |
+
* type: dismiss, later
|
2022 |
+
*
|
2023 |
+
*/
|
2024 |
+
|
2025 |
+
public function insert_dismiss_review()
|
2026 |
+
{
|
2027 |
+
$ajax_nonce = wp_create_nonce("really-simple-ssl");
|
2028 |
+
?>
|
2029 |
+
<script type='text/javascript'>
|
2030 |
+
jQuery(document).ready(function ($) {
|
2031 |
+
$(".rlrsssl-review.notice.is-dismissible").on("click", ".notice-dismiss", function (event) {
|
2032 |
+
rsssl_dismiss_review('dismiss');
|
2033 |
+
});
|
2034 |
+
$(".rlrsssl-review.notice.is-dismissible").on("click", "#maybe-later", function (event) {
|
2035 |
+
rsssl_dismiss_review('later');
|
2036 |
+
$(this).closest('.rlrsssl-review').remove();
|
2037 |
+
});
|
2038 |
+
$(".rlrsssl-review.notice.is-dismissible").on("click", ".review-dismiss", function (event) {
|
2039 |
+
rsssl_dismiss_review('dismiss');
|
2040 |
+
$(this).closest('.rlrsssl-review').remove();
|
2041 |
+
});
|
2042 |
+
|
2043 |
+
function rsssl_dismiss_review(type){
|
2044 |
+
var data = {
|
2045 |
+
'action': 'dismiss_review_notice',
|
2046 |
+
'type' : type,
|
2047 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
2048 |
+
};
|
2049 |
+
$.post(ajaxurl, data, function (response) {});
|
2050 |
+
}
|
2051 |
+
});
|
2052 |
+
</script>
|
2053 |
+
<?php
|
2054 |
+
}
|
2055 |
+
|
2056 |
/**
|
2057 |
* Process the ajax dismissal of the success message.
|
2058 |
*
|
2088 |
wp_die(); // this is required to terminate immediately and return a proper response
|
2089 |
}
|
2090 |
|
2091 |
+
/**
|
2092 |
+
* Process the ajax dismissal of the htaccess message.
|
2093 |
+
*
|
2094 |
+
* @since 2.1
|
2095 |
+
*
|
2096 |
+
* @access public
|
2097 |
+
*
|
2098 |
+
*/
|
2099 |
+
|
2100 |
+
public function dismiss_review_notice_callback()
|
2101 |
+
{
|
2102 |
+
check_ajax_referer('really-simple-ssl', 'security');
|
2103 |
+
|
2104 |
+
$type = isset($_POST['type']) ? $_POST['type'] : false;
|
2105 |
+
|
2106 |
+
if ($type === 'dismiss'){
|
2107 |
+
$this->review_notice_shown = TRUE;
|
2108 |
+
}
|
2109 |
+
if ($type === 'later') {
|
2110 |
+
//Reset activation timestamp, notice will show again in one month.
|
2111 |
+
update_option('rsssl_activation_timestamp', time());
|
2112 |
+
}
|
2113 |
+
|
2114 |
+
$this->save_options();
|
2115 |
+
wp_die(); // this is required to terminate immediately and return a proper response
|
2116 |
+
}
|
2117 |
|
2118 |
/**
|
2119 |
* Adds the admin options page
|
2426 |
$this->get_banner_html(array(
|
2427 |
'img' => 'complianz.jpg',
|
2428 |
'title' => 'ComplianZ',
|
2429 |
+
'description' => __("The Complianz GDPR Privacy Suite for WordPress. Simple, Quick and Complete. Up-to-date legal documents by one of the most prominent EU IT Law firms.", "really-simple-ssl"),
|
2430 |
'url' => 'https://wordpress.org/plugins/complianz-gdpr/',
|
2431 |
'pro' => true,
|
2432 |
)
|
2466 |
);
|
2467 |
|
2468 |
}
|
2469 |
+
}
|
2470 |
|
2471 |
if (defined("EDD_SL_PLUGIN_DIR") && (get_locale() === 'nl_NL')) {
|
2472 |
$this->get_banner_html(array(
|
2489 |
);
|
2490 |
|
2491 |
}
|
2492 |
+
?>
|
2493 |
</div>
|
2494 |
<?php }
|
2495 |
?>
|
2716 |
$newinput['site_has_ssl'] = $this->site_has_ssl;
|
2717 |
$newinput['ssl_success_message_shown'] = $this->ssl_success_message_shown;
|
2718 |
$newinput['htaccess_warning_shown'] = $this->htaccess_warning_shown;
|
2719 |
+
$newinput['review_notice_shown'] = $this->review_notice_shown;
|
2720 |
$newinput['plugin_db_version'] = $this->plugin_db_version;
|
2721 |
$newinput['ssl_enabled'] = $this->ssl_enabled;
|
2722 |
$newinput['debug_log'] = $this->debug_log;
|
2784 |
|
2785 |
public function get_option_debug()
|
2786 |
{
|
2787 |
+
$options = get_option('rlrsssl_options');
|
2788 |
echo '<input id="rlrsssl_options" name="rlrsssl_options[debug]" size="40" type="checkbox" value="1"' . checked(1, $this->debug, false) . " />";
|
2789 |
RSSSL()->rsssl_help->get_help_tip(__("Enable this option to get debug info in the debug tab.", "really-simple-ssl"));
|
2790 |
|
2809 |
$javascript_redirect = TRUE;
|
2810 |
$comment = __("This option is enabled on the network menu.", "really-simple-ssl");
|
2811 |
}
|
|
|
2812 |
echo '<input ' . $disabled . ' id="rlrsssl_options" name="rlrsssl_options[javascript_redirect]" size="40" type="checkbox" value="1"' . checked(1, $javascript_redirect, false) . " />";
|
2813 |
RSSSL()->rsssl_help->get_help_tip(__("This is a fallback you should only use if other redirection methods do not work.", "really-simple-ssl"));
|
2814 |
echo $comment;
|
3175 |
return $filecontents;
|
3176 |
}
|
3177 |
|
|
|
3178 |
} //class closure
|
class-certificate.php
CHANGED
@@ -37,6 +37,9 @@ if ( ! class_exists( 'rsssl_certificate' ) ) {
|
|
37 |
|
38 |
//Get current domain
|
39 |
$domain = site_url();
|
|
|
|
|
|
|
40 |
|
41 |
if (function_exists('stream_context_get_params')) {
|
42 |
//get certificate info
|
@@ -49,9 +52,10 @@ if ( ! class_exists( 'rsssl_certificate' ) ) {
|
|
49 |
//Check if date is valid
|
50 |
$date_valid = $this->is_date_valid($certinfo);
|
51 |
//Domain and date valid? Return true
|
52 |
-
if ($domain_valid && $date_valid)
|
|
|
|
|
53 |
}
|
54 |
-
|
55 |
return false;
|
56 |
}
|
57 |
|
@@ -75,8 +79,9 @@ if ( ! class_exists( 'rsssl_certificate' ) ) {
|
|
75 |
$certificate_alternative_names = isset($certinfo['extensions']['subjectAltName']) ? $certinfo['extensions']['subjectAltName'] : false;
|
76 |
|
77 |
//Check if the domain is found in either the certificate common name(s) (CN) or alternative name(s) (AN)
|
78 |
-
|
79 |
-
$
|
|
|
80 |
|
81 |
//If the domain is found, return true
|
82 |
if (($pos_cn !== false) || ($pos_an !== false)) return true;
|
@@ -130,7 +135,6 @@ if ( ! class_exists( 'rsssl_certificate' ) ) {
|
|
130 |
|
131 |
public function is_wildcard()
|
132 |
{
|
133 |
-
//$domain = "http://cnet.com";
|
134 |
$domain = network_site_url();
|
135 |
|
136 |
$certinfo = $this->get_certinfo($domain);
|
@@ -161,10 +165,10 @@ if ( ! class_exists( 'rsssl_certificate' ) ) {
|
|
161 |
*/
|
162 |
|
163 |
|
164 |
-
public function get_certinfo($
|
165 |
{
|
|
|
166 |
//check if the certificate is still valid, and send an email to the administrator if this is not the case.
|
167 |
-
$url = $domain;
|
168 |
$original_parse = parse_url($url, PHP_URL_HOST);
|
169 |
|
170 |
if ($original_parse) {
|
37 |
|
38 |
//Get current domain
|
39 |
$domain = site_url();
|
40 |
+
//Parse to strip off any /subfolder/
|
41 |
+
$parse = parse_url($domain);
|
42 |
+
$domain = $parse['host'];
|
43 |
|
44 |
if (function_exists('stream_context_get_params')) {
|
45 |
//get certificate info
|
52 |
//Check if date is valid
|
53 |
$date_valid = $this->is_date_valid($certinfo);
|
54 |
//Domain and date valid? Return true
|
55 |
+
if ($domain_valid && $date_valid) {
|
56 |
+
return true;
|
57 |
+
}
|
58 |
}
|
|
|
59 |
return false;
|
60 |
}
|
61 |
|
79 |
$certificate_alternative_names = isset($certinfo['extensions']['subjectAltName']) ? $certinfo['extensions']['subjectAltName'] : false;
|
80 |
|
81 |
//Check if the domain is found in either the certificate common name(s) (CN) or alternative name(s) (AN)
|
82 |
+
|
83 |
+
$pos_cn = strpos($certificate_common_names, $domain);
|
84 |
+
$pos_an = strpos($certificate_alternative_names, $domain);
|
85 |
|
86 |
//If the domain is found, return true
|
87 |
if (($pos_cn !== false) || ($pos_an !== false)) return true;
|
135 |
|
136 |
public function is_wildcard()
|
137 |
{
|
|
|
138 |
$domain = network_site_url();
|
139 |
|
140 |
$certinfo = $this->get_certinfo($domain);
|
165 |
*/
|
166 |
|
167 |
|
168 |
+
public function get_certinfo($url)
|
169 |
{
|
170 |
+
$url = 'https://'.$url;
|
171 |
//check if the certificate is still valid, and send an email to the administrator if this is not the case.
|
|
|
172 |
$original_parse = parse_url($url, PHP_URL_HOST);
|
173 |
|
174 |
if ($original_parse) {
|
class-multisite.php
CHANGED
@@ -50,15 +50,21 @@ if (!class_exists('rsssl_multisite')) {
|
|
50 |
|
51 |
if (is_network_admin()) {
|
52 |
add_action('network_admin_notices', array($this, 'show_notices'), 10);
|
|
|
53 |
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_success'));
|
|
|
54 |
}
|
55 |
|
56 |
add_action('wp_ajax_dismiss_success_message_multisite', array($this, 'dismiss_success_message_callback'));
|
|
|
57 |
add_action('wp_ajax_rsssl_pro_dismiss_pro_option_notice', array($this, 'dismiss_pro_option_notice'));
|
58 |
add_action("network_admin_notices", array($this, 'show_pro_option_notice'));
|
59 |
add_action("rsssl_show_network_tab_settings", array($this, 'settings_tab'));
|
60 |
add_action('wpmu_new_blog', array($this, 'maybe_activate_ssl_in_new_blog'), 10, 6);
|
61 |
|
|
|
|
|
|
|
62 |
}
|
63 |
|
64 |
static function this()
|
@@ -66,6 +72,7 @@ if (!class_exists('rsssl_multisite')) {
|
|
66 |
return self::$_this;
|
67 |
}
|
68 |
|
|
|
69 |
/*
|
70 |
|
71 |
When a new site is added, maybe activate SSL as well.
|
@@ -242,19 +249,17 @@ if (!class_exists('rsssl_multisite')) {
|
|
242 |
|
243 |
$this->save_options();
|
244 |
|
245 |
-
if ($this->ssl_enabled_networkwide) {
|
|
|
|
|
246 |
//enable SSL on all sites on the network
|
247 |
-
$this->activate_ssl_networkwide();
|
248 |
-
} elseif ($prev_ssl_enabled_networkwide != $this->ssl_enabled_networkwide) {
|
249 |
-
//if we switch to per page, we deactivate SSL on all pages first, but only if the setting was changed.
|
250 |
-
$sites = $this->get_sites_bw_compatible();
|
251 |
-
foreach ($sites as $site) {
|
252 |
-
$this->switch_to_blog_bw_compatible($site);
|
253 |
-
RSSSL()->really_simple_ssl->deactivate_ssl();
|
254 |
-
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
255 |
-
}
|
256 |
}
|
257 |
|
|
|
|
|
|
|
|
|
|
|
258 |
|
259 |
// At last we redirect back to our options page.
|
260 |
wp_redirect(add_query_arg(array('page' => $this->page_slug, 'updated' => 'true'), network_admin_url('settings.php')));
|
@@ -382,7 +387,8 @@ if (!class_exists('rsssl_multisite')) {
|
|
382 |
$this->save_options();
|
383 |
|
384 |
//enable SSL on all sites on the network
|
385 |
-
|
|
|
386 |
|
387 |
}
|
388 |
|
@@ -417,29 +423,120 @@ if (!class_exists('rsssl_multisite')) {
|
|
417 |
}
|
418 |
|
419 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
420 |
public function activate_ssl_networkwide()
|
421 |
{
|
|
|
|
|
|
|
422 |
|
423 |
-
//set
|
424 |
-
$sites = $this->get_sites_bw_compatible();
|
425 |
|
426 |
-
|
427 |
-
|
428 |
-
|
429 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
430 |
}
|
431 |
|
|
|
432 |
}
|
433 |
|
434 |
|
435 |
//change deprecated function depending on version.
|
436 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
437 |
{
|
438 |
global $wp_version;
|
439 |
|
440 |
-
//make sure all blogs are returned, not only the first 100.
|
441 |
$args = array(
|
442 |
-
'number' =>
|
|
|
443 |
);
|
444 |
$sites = ($wp_version >= 4.6) ? get_sites($args) : wp_get_sites();
|
445 |
return $sites;
|
@@ -462,7 +559,6 @@ if (!class_exists('rsssl_multisite')) {
|
|
462 |
|
463 |
public function deactivate()
|
464 |
{
|
465 |
-
|
466 |
$options = get_site_option("rlrsssl_network_options");
|
467 |
$options["selected_networkwide_or_per_site"] = false;
|
468 |
$options["wp_redirect"] = false;
|
@@ -478,7 +574,8 @@ if (!class_exists('rsssl_multisite')) {
|
|
478 |
unset($options["ssl_enabled_networkwide"]);
|
479 |
update_site_option("rlrsssl_network_options", $options);
|
480 |
|
481 |
-
|
|
|
482 |
foreach ($sites as $site) {
|
483 |
$this->switch_to_blog_bw_compatible($site);
|
484 |
RSSSL()->really_simple_ssl->deactivate_ssl();
|
@@ -557,7 +654,7 @@ if (!class_exists('rsssl_multisite')) {
|
|
557 |
if (!is_multisite()) return FALSE;
|
558 |
//we check this manually, as the SUBDOMAIN_INSTALL constant of wordpress might return false for domain mapping configs
|
559 |
$is_subfolder = FALSE;
|
560 |
-
$sites = $this->get_sites_bw_compatible();
|
561 |
foreach ($sites as $site) {
|
562 |
$this->switch_to_blog_bw_compatible($site);
|
563 |
if ($this->is_subfolder(home_url())) {
|
@@ -627,6 +724,22 @@ if (!class_exists('rsssl_multisite')) {
|
|
627 |
<?php
|
628 |
}
|
629 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
630 |
/*
|
631 |
SSL success message
|
632 |
*/
|
@@ -669,7 +782,7 @@ if (!class_exists('rsssl_multisite')) {
|
|
669 |
|
670 |
if (!RSSSL()->really_simple_ssl->ssl_enabled && !$this->is_multisite_subfolder_install() && !RSSSL()->rsssl_certificate->is_wildcard() && !get_site_option("rsssl_wildcard_message_shown")) {
|
671 |
?>
|
672 |
-
<div id="message" class="error fade notice is-dismissible">
|
673 |
<p>
|
674 |
<?php _e("You run a Multisite installation with subdomains, but your site doesn't have a wildcard certificate.", 'really-simple-ssl'); ?>
|
675 |
<?php _e("This leads to issues when activating SSL networkwide since subdomains will be forced over SSL as well while they don't have a valid certificate.", 'really-simple-ssl'); ?>
|
@@ -715,6 +828,31 @@ if (!class_exists('rsssl_multisite')) {
|
|
715 |
}
|
716 |
}
|
717 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
718 |
/**
|
719 |
* Process the ajax dismissal of the success message.
|
720 |
*
|
@@ -726,8 +864,6 @@ if (!class_exists('rsssl_multisite')) {
|
|
726 |
|
727 |
public function dismiss_success_message_callback()
|
728 |
{
|
729 |
-
//nonce check fails if url is changed to SSL.
|
730 |
-
//check_ajax_referer( 'really-simple-ssl-dismiss', 'security' );
|
731 |
update_site_option("rsssl_success_message_shown", true);
|
732 |
wp_die();
|
733 |
}
|
@@ -740,6 +876,12 @@ if (!class_exists('rsssl_multisite')) {
|
|
740 |
wp_die();
|
741 |
}
|
742 |
|
|
|
|
|
|
|
|
|
|
|
|
|
743 |
public function dismiss_pro_option_script()
|
744 |
{
|
745 |
$ajax_nonce = wp_create_nonce("rsssl-pro-dismiss-pro-option-notice");
|
50 |
|
51 |
if (is_network_admin()) {
|
52 |
add_action('network_admin_notices', array($this, 'show_notices'), 10);
|
53 |
+
|
54 |
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_success'));
|
55 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_wildcard_warning'));
|
56 |
}
|
57 |
|
58 |
add_action('wp_ajax_dismiss_success_message_multisite', array($this, 'dismiss_success_message_callback'));
|
59 |
+
add_action('wp_ajax_dismiss_wildcard_warning', array($this, 'dismiss_wildcard_message_callback'));
|
60 |
add_action('wp_ajax_rsssl_pro_dismiss_pro_option_notice', array($this, 'dismiss_pro_option_notice'));
|
61 |
add_action("network_admin_notices", array($this, 'show_pro_option_notice'));
|
62 |
add_action("rsssl_show_network_tab_settings", array($this, 'settings_tab'));
|
63 |
add_action('wpmu_new_blog', array($this, 'maybe_activate_ssl_in_new_blog'), 10, 6);
|
64 |
|
65 |
+
//add_action('admin_init', array($this, 'run_ssl_process'));
|
66 |
+
|
67 |
+
|
68 |
}
|
69 |
|
70 |
static function this()
|
72 |
return self::$_this;
|
73 |
}
|
74 |
|
75 |
+
|
76 |
/*
|
77 |
|
78 |
When a new site is added, maybe activate SSL as well.
|
249 |
|
250 |
$this->save_options();
|
251 |
|
252 |
+
if ($this->ssl_enabled_networkwide && !$prev_ssl_enabled_networkwide) {
|
253 |
+
//reset
|
254 |
+
$this->start_ssl_activation();
|
255 |
//enable SSL on all sites on the network
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
256 |
}
|
257 |
|
258 |
+
if (!$this->ssl_enabled_networkwide && $prev_ssl_enabled_networkwide ) {
|
259 |
+
//if we switch to per page, we deactivate SSL on all pages first, but only if the setting was changed.
|
260 |
+
$this->start_ssl_deactivation();
|
261 |
+
|
262 |
+
}
|
263 |
|
264 |
// At last we redirect back to our options page.
|
265 |
wp_redirect(add_query_arg(array('page' => $this->page_slug, 'updated' => 'true'), network_admin_url('settings.php')));
|
387 |
$this->save_options();
|
388 |
|
389 |
//enable SSL on all sites on the network
|
390 |
+
update_site_option('rsssl_ssl_enabled_progress', 0);
|
391 |
+
//$this->activate_ssl_networkwide();
|
392 |
|
393 |
}
|
394 |
|
423 |
}
|
424 |
|
425 |
|
426 |
+
public function ssl_process_active(){
|
427 |
+
|
428 |
+
if (get_site_option('rsssl_ssl_activation_active')){
|
429 |
+
return true;
|
430 |
+
}
|
431 |
+
|
432 |
+
if ( get_site_option('rsssl_ssl_deactivation_active')){
|
433 |
+
return true;
|
434 |
+
}
|
435 |
+
|
436 |
+
return false;
|
437 |
+
}
|
438 |
+
|
439 |
+
public function run_ssl_process(){
|
440 |
+
// if (!get_site_option('rsssl_run')) return;
|
441 |
+
|
442 |
+
if (get_site_option('rsssl_ssl_activation_active')){
|
443 |
+
$this->activate_ssl_networkwide();
|
444 |
+
}
|
445 |
+
|
446 |
+
if (get_site_option('rsssl_ssl_deactivation_active')){
|
447 |
+
$this->deactivate_ssl_networkwide();
|
448 |
+
}
|
449 |
+
|
450 |
+
update_site_option('rsssl_run', false);
|
451 |
+
}
|
452 |
+
|
453 |
+
public function get_process_completed_percentage(){
|
454 |
+
$complete_count = get_site_option('rsssl_siteprocessing_progress');
|
455 |
+
$percentage = round(($complete_count/get_blog_count())*100,0);
|
456 |
+
if ($percentage > 99) $percentage = 99;
|
457 |
+
return $percentage;
|
458 |
+
}
|
459 |
+
|
460 |
+
public function start_ssl_activation(){
|
461 |
+
update_site_option('rsssl_siteprocessing_progress', 0);
|
462 |
+
update_site_option('rsssl_ssl_activation_active', true);
|
463 |
+
}
|
464 |
+
|
465 |
+
public function end_ssl_activation(){
|
466 |
+
update_site_option('rsssl_ssl_activation_active', false);
|
467 |
+
}
|
468 |
+
|
469 |
+
public function start_ssl_deactivation(){
|
470 |
+
update_site_option('rsssl_siteprocessing_progress', 0);
|
471 |
+
update_site_option('rsssl_ssl_deactivation_active', true);
|
472 |
+
}
|
473 |
+
|
474 |
+
public function end_ssl_deactivation(){
|
475 |
+
update_site_option('rsssl_ssl_deactivation_active', false);
|
476 |
+
}
|
477 |
+
|
478 |
+
public function deactivate_ssl_networkwide(){
|
479 |
+
//run chunked
|
480 |
+
$nr_of_sites = 200;
|
481 |
+
$current_offset = get_site_option('rsssl_siteprocessing_progress');
|
482 |
+
|
483 |
+
//set batch of sites
|
484 |
+
$sites = $this->get_sites_bw_compatible($current_offset, $nr_of_sites);
|
485 |
+
|
486 |
+
//if no sites are found, we assume we're done.
|
487 |
+
if (count($sites)==0) {
|
488 |
+
$this->end_ssl_deactivation();
|
489 |
+
} else {
|
490 |
+
foreach ($sites as $site) {
|
491 |
+
$this->switch_to_blog_bw_compatible($site);
|
492 |
+
RSSSL()->really_simple_ssl->deactivate_ssl();
|
493 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
494 |
+
update_site_option('rsssl_siteprocessing_progress', $current_offset+$nr_of_sites);
|
495 |
+
}
|
496 |
+
}
|
497 |
+
|
498 |
+
}
|
499 |
+
|
500 |
+
|
501 |
public function activate_ssl_networkwide()
|
502 |
{
|
503 |
+
//run chunked
|
504 |
+
$nr_of_sites = 200;
|
505 |
+
$current_offset = get_site_option('rsssl_siteprocessing_progress');
|
506 |
|
507 |
+
//set batch of sites
|
508 |
+
$sites = $this->get_sites_bw_compatible($current_offset, $nr_of_sites);
|
509 |
|
510 |
+
//if no sites are found, we assume we're done.
|
511 |
+
if (count($sites)==0) {
|
512 |
+
$this->end_ssl_activation();
|
513 |
+
} else {
|
514 |
+
foreach ($sites as $site) {
|
515 |
+
$this->switch_to_blog_bw_compatible($site);
|
516 |
+
RSSSL()->really_simple_ssl->activate_ssl();
|
517 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
518 |
+
update_site_option('rsssl_siteprocessing_progress', $current_offset+$nr_of_sites);
|
519 |
+
}
|
520 |
}
|
521 |
|
522 |
+
|
523 |
}
|
524 |
|
525 |
|
526 |
//change deprecated function depending on version.
|
527 |
+
/*
|
528 |
+
* Offset is used to chunk the site loops.
|
529 |
+
* But offset is not used in the pre 4.6 function.
|
530 |
+
*
|
531 |
+
*
|
532 |
+
* */
|
533 |
+
public function get_sites_bw_compatible($offset=0, $nr_of_sites=100)
|
534 |
{
|
535 |
global $wp_version;
|
536 |
|
|
|
537 |
$args = array(
|
538 |
+
'number' => $nr_of_sites,
|
539 |
+
'offset' => $offset,
|
540 |
);
|
541 |
$sites = ($wp_version >= 4.6) ? get_sites($args) : wp_get_sites();
|
542 |
return $sites;
|
559 |
|
560 |
public function deactivate()
|
561 |
{
|
|
|
562 |
$options = get_site_option("rlrsssl_network_options");
|
563 |
$options["selected_networkwide_or_per_site"] = false;
|
564 |
$options["wp_redirect"] = false;
|
574 |
unset($options["ssl_enabled_networkwide"]);
|
575 |
update_site_option("rlrsssl_network_options", $options);
|
576 |
|
577 |
+
//because the deactivation should be a one click procedure, chunking this would cause dificulties
|
578 |
+
$sites = $this->get_sites_bw_compatible(0, get_blog_count());
|
579 |
foreach ($sites as $site) {
|
580 |
$this->switch_to_blog_bw_compatible($site);
|
581 |
RSSSL()->really_simple_ssl->deactivate_ssl();
|
654 |
if (!is_multisite()) return FALSE;
|
655 |
//we check this manually, as the SUBDOMAIN_INSTALL constant of wordpress might return false for domain mapping configs
|
656 |
$is_subfolder = FALSE;
|
657 |
+
$sites = $this->get_sites_bw_compatible(0, 10);
|
658 |
foreach ($sites as $site) {
|
659 |
$this->switch_to_blog_bw_compatible($site);
|
660 |
if ($this->is_subfolder(home_url())) {
|
724 |
<?php
|
725 |
}
|
726 |
|
727 |
+
/*
|
728 |
+
* ssl switch for sites processing active
|
729 |
+
* */
|
730 |
+
|
731 |
+
if ($this->ssl_process_active()) {
|
732 |
+
?>
|
733 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-fail">
|
734 |
+
<p>
|
735 |
+
<?php printf(__("Conversion of websites %s percent complete.", "really-simple-ssl"), $this->get_process_completed_percentage()); ?>
|
736 |
+
|
737 |
+
<?php _e("You have just started enabling or disabling SSL on multiple websites at once, and this process is not completed yet. Please refresh this page to check if the process has finished. It will proceed in the background.", "really-simple-ssl"); ?>
|
738 |
+
</p>
|
739 |
+
</div>
|
740 |
+
<?php
|
741 |
+
}
|
742 |
+
|
743 |
/*
|
744 |
SSL success message
|
745 |
*/
|
782 |
|
783 |
if (!RSSSL()->really_simple_ssl->ssl_enabled && !$this->is_multisite_subfolder_install() && !RSSSL()->rsssl_certificate->is_wildcard() && !get_site_option("rsssl_wildcard_message_shown")) {
|
784 |
?>
|
785 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-multisite-wildcard-warning">
|
786 |
<p>
|
787 |
<?php _e("You run a Multisite installation with subdomains, but your site doesn't have a wildcard certificate.", 'really-simple-ssl'); ?>
|
788 |
<?php _e("This leads to issues when activating SSL networkwide since subdomains will be forced over SSL as well while they don't have a valid certificate.", 'really-simple-ssl'); ?>
|
828 |
}
|
829 |
}
|
830 |
|
831 |
+
public function insert_dismiss_wildcard_warning()
|
832 |
+
{
|
833 |
+
if ($this->selected_networkwide_or_per_site && !get_site_option("rsssl_success_message_shown")) {
|
834 |
+
$ajax_nonce = wp_create_nonce("really-simple-ssl-dismiss");
|
835 |
+
?>
|
836 |
+
<script type='text/javascript'>
|
837 |
+
jQuery(document).ready(function ($) {
|
838 |
+
$(".rlrsssl-multisite-wildcard-warning.notice.is-dismissible").on("click", ".notice-dismiss", function (event) {
|
839 |
+
|
840 |
+
var data = {
|
841 |
+
'action': 'dismiss_wildcard_warning',
|
842 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
843 |
+
};
|
844 |
+
|
845 |
+
$.post(ajaxurl, data, function (response) {
|
846 |
+
|
847 |
+
});
|
848 |
+
});
|
849 |
+
});
|
850 |
+
</script>
|
851 |
+
<?php
|
852 |
+
}
|
853 |
+
}
|
854 |
+
|
855 |
+
|
856 |
/**
|
857 |
* Process the ajax dismissal of the success message.
|
858 |
*
|
864 |
|
865 |
public function dismiss_success_message_callback()
|
866 |
{
|
|
|
|
|
867 |
update_site_option("rsssl_success_message_shown", true);
|
868 |
wp_die();
|
869 |
}
|
876 |
wp_die();
|
877 |
}
|
878 |
|
879 |
+
public function dismiss_wildcard_message_callback()
|
880 |
+
{
|
881 |
+
update_site_option("rsssl_wildcard_message_shown", true);
|
882 |
+
wp_die();
|
883 |
+
}
|
884 |
+
|
885 |
public function dismiss_pro_option_script()
|
886 |
{
|
887 |
$ajax_nonce = wp_create_nonce("rsssl-pro-dismiss-pro-option-notice");
|
css/main.css
CHANGED
@@ -468,4 +468,59 @@ hr {
|
|
468 |
float: left;
|
469 |
margin-top: 17px;
|
470 |
margin-right: 5px;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
471 |
}
|
468 |
float: left;
|
469 |
margin-top: 17px;
|
470 |
margin-right: 5px;
|
471 |
+
}
|
472 |
+
|
473 |
+
/*
|
474 |
+
cool checkbox sliders
|
475 |
+
*/
|
476 |
+
.rsssl-switch {
|
477 |
+
position: relative;
|
478 |
+
display: inline-block;
|
479 |
+
width: 40px;
|
480 |
+
height: 21px;
|
481 |
+
}
|
482 |
+
.rsssl-switch input {
|
483 |
+
display: none;
|
484 |
+
}
|
485 |
+
.rsssl-slider {
|
486 |
+
position: absolute;
|
487 |
+
cursor: pointer;
|
488 |
+
top: 0;
|
489 |
+
left: 0;
|
490 |
+
right: 0;
|
491 |
+
bottom: 0;
|
492 |
+
background-color: #ccc;
|
493 |
+
-webkit-transition: .4s;
|
494 |
+
transition: .4s;
|
495 |
+
}
|
496 |
+
.rsssl-slider:before {
|
497 |
+
position: absolute;
|
498 |
+
content: "";
|
499 |
+
height: 15px;
|
500 |
+
width: 15px;
|
501 |
+
left: 4px;
|
502 |
+
bottom: 3px;
|
503 |
+
background-color: white;
|
504 |
+
-webkit-transition: .4s;
|
505 |
+
transition: .4s;
|
506 |
+
}
|
507 |
+
.rsssl-slider.rsssl-round {
|
508 |
+
border-radius: 20px;
|
509 |
+
}
|
510 |
+
.rsssl-slider.rsssl-round:before {
|
511 |
+
border-radius: 50%;
|
512 |
+
}
|
513 |
+
input:checked + .rsssl-slider {
|
514 |
+
background-color: #2DAAE1;
|
515 |
+
}
|
516 |
+
input:checked + .rsssl-slider:before {
|
517 |
+
-webkit-transform: translateX(17px);
|
518 |
+
-ms-transform: translateX(17px);
|
519 |
+
transform: translateX(17px);
|
520 |
+
}
|
521 |
+
input:disabled + .rsssl-slider {
|
522 |
+
background-color: #b3e0f4;
|
523 |
+
}
|
524 |
+
input:focus + .rsssl-slider {
|
525 |
+
box-shadow: 0 0 1px #2DAAE1;
|
526 |
}
|
multisite-cron.php
ADDED
@@ -0,0 +1,28 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
defined('ABSPATH') or die("you do not have access to this page!");
|
4 |
+
|
5 |
+
// add custom time to cron
|
6 |
+
add_filter('cron_schedules', 'rsssl_filter_cron_schedules');
|
7 |
+
function rsssl_filter_cron_schedules($schedules)
|
8 |
+
{
|
9 |
+
$schedules['oneminute'] = array(
|
10 |
+
'interval' => 60, // seconds
|
11 |
+
'display' => __('Once every minute')
|
12 |
+
);
|
13 |
+
return $schedules;
|
14 |
+
}
|
15 |
+
|
16 |
+
add_action('plugins_loaded', 'rsssl_schedule_cron', 15);
|
17 |
+
function rsssl_schedule_cron()
|
18 |
+
{
|
19 |
+
if (get_site_option('rsssl_ssl_activation_active') || get_site_option('rsssl_ssl_deactivation_active')) {
|
20 |
+
if (!wp_next_scheduled('rsssl_ssl_process_hook')) {
|
21 |
+
wp_schedule_event(time(), 'oneminute', 'rsssl_ssl_process_hook');
|
22 |
+
}
|
23 |
+
} else {
|
24 |
+
wp_clear_scheduled_hook('rsssl_ssl_process_hook');
|
25 |
+
}
|
26 |
+
|
27 |
+
add_action('rsssl_ssl_process_hook', array(RSSSL()->rsssl_multisite, 'run_ssl_process'));
|
28 |
+
}
|
readme.txt
CHANGED
@@ -6,7 +6,7 @@ Requires at least: 4.2
|
|
6 |
License: GPL2
|
7 |
Tested up to: 4.9.5
|
8 |
Requires PHP: 5.4
|
9 |
-
Stable tag: 3.
|
10 |
|
11 |
No setup required! You only need an SSL certificate, and this plugin will do the rest.
|
12 |
|
@@ -79,6 +79,14 @@ If you are experiencing redirect loops on your site, try these [instructions](ht
|
|
79 |
Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
|
80 |
|
81 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
82 |
= 3.0.5 =
|
83 |
* Fix: untranslatable string made translatable.
|
84 |
|
6 |
License: GPL2
|
7 |
Tested up to: 4.9.5
|
8 |
Requires PHP: 5.4
|
9 |
+
Stable tag: 3.1
|
10 |
|
11 |
No setup required! You only need an SSL certificate, and this plugin will do the rest.
|
12 |
|
79 |
Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
|
80 |
|
81 |
== Changelog ==
|
82 |
+
= 3.1 =
|
83 |
+
* Fix: fixed a bug in certificate detection
|
84 |
+
* Tweak: added HTTP_X_PROTO as supported header
|
85 |
+
* Tweak: split HTTP_X_FORWARDED_SSL into a variation which can be either '1' or 'on'
|
86 |
+
* Tweak: improved certificate detection by stripping domains of subfolders.
|
87 |
+
* Tweak: Multisite bulk SSL activation now chunked in 200 site blocks, to prevent time out issues on large multisite networks.
|
88 |
+
* Tweak: a 'leave review' notice for new free users
|
89 |
+
|
90 |
= 3.0.5 =
|
91 |
* Fix: untranslatable string made translatable.
|
92 |
|
rlrsssl-really-simple-ssl.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
* Plugin Name: Really Simple SSL
|
4 |
* Plugin URI: https://www.really-simple-ssl.com
|
5 |
* Description: Lightweight plugin without any setup to make your site SSL proof
|
6 |
-
* Version: 3.
|
7 |
* Text Domain: really-simple-ssl
|
8 |
* Domain Path: /languages
|
9 |
* Author: Rogier Lankhorst, Mark Wolters
|
@@ -27,100 +27,114 @@
|
|
27 |
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
28 |
*/
|
29 |
|
30 |
-
|
31 |
|
32 |
-
|
|
|
33 |
|
34 |
-
|
35 |
-
|
36 |
-
|
37 |
-
|
38 |
-
|
39 |
-
|
40 |
-
|
41 |
-
|
42 |
-
|
43 |
|
44 |
-
|
|
|
|
|
45 |
|
46 |
-
|
47 |
-
|
48 |
-
|
49 |
-
|
50 |
-
|
|
|
51 |
|
52 |
-
|
53 |
-
|
54 |
|
55 |
-
|
56 |
global $rsssl_front_end, $rsssl_mixed_content_fixer;
|
57 |
-
$rsssl_front_end
|
58 |
$rsssl_mixed_content_fixer = self::$instance->rsssl_mixed_content_fixer;
|
59 |
|
60 |
-
|
61 |
-
|
62 |
-
|
63 |
-
|
64 |
-
|
65 |
-
|
66 |
-
|
67 |
-
|
68 |
-
|
69 |
-
|
70 |
-
|
71 |
-
|
72 |
-
|
73 |
-
|
74 |
-
|
75 |
-
|
76 |
-
|
77 |
-
|
78 |
-
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
|
86 |
-
|
87 |
-
|
88 |
-
|
89 |
-
|
90 |
-
|
91 |
-
|
92 |
-
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
-
|
97 |
-
|
98 |
-
|
99 |
-
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
-
|
108 |
-
|
109 |
-
|
110 |
-
|
111 |
-
|
112 |
-
|
113 |
-
|
114 |
-
|
115 |
-
|
116 |
-
|
117 |
-
|
118 |
-
|
119 |
-
|
120 |
-
|
121 |
-
|
122 |
-
|
123 |
-
|
124 |
-
|
|
|
|
|
|
|
|
|
125 |
}
|
126 |
-
|
|
|
|
|
|
|
|
|
|
|
|
3 |
* Plugin Name: Really Simple SSL
|
4 |
* Plugin URI: https://www.really-simple-ssl.com
|
5 |
* Description: Lightweight plugin without any setup to make your site SSL proof
|
6 |
+
* Version: 3.1
|
7 |
* Text Domain: really-simple-ssl
|
8 |
* Domain Path: /languages
|
9 |
* Author: Rogier Lankhorst, Mark Wolters
|
27 |
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
28 |
*/
|
29 |
|
30 |
+
defined('ABSPATH') or die("you do not have access to this page!");
|
31 |
|
32 |
+
class REALLY_SIMPLE_SSL
|
33 |
+
{
|
34 |
|
35 |
+
private static $instance;
|
36 |
+
public $rssl_front_end;
|
37 |
+
public $rssl_mixed_content_fixer;
|
38 |
+
public $rsssl_multisite;
|
39 |
+
public $rsssl_cache;
|
40 |
+
public $rsssl_server;
|
41 |
+
public $really_simple_ssl;
|
42 |
+
public $rsssl_help;
|
43 |
+
public $rsssl_certificate;
|
44 |
|
45 |
+
private function __construct()
|
46 |
+
{
|
47 |
+
}
|
48 |
|
49 |
+
public static function instance()
|
50 |
+
{
|
51 |
+
if (!isset(self::$instance) && !(self::$instance instanceof REALLY_SIMPLE_SSL)) {
|
52 |
+
self::$instance = new REALLY_SIMPLE_SSL;
|
53 |
+
self::$instance->setup_constants();
|
54 |
+
self::$instance->includes();
|
55 |
|
56 |
+
self::$instance->rsssl_front_end = new rsssl_front_end();
|
57 |
+
self::$instance->rsssl_mixed_content_fixer = new rsssl_mixed_content_fixer();
|
58 |
|
59 |
+
// Backwards compatibility for add-ons
|
60 |
global $rsssl_front_end, $rsssl_mixed_content_fixer;
|
61 |
+
$rsssl_front_end = self::$instance->rsssl_front_end;
|
62 |
$rsssl_mixed_content_fixer = self::$instance->rsssl_mixed_content_fixer;
|
63 |
|
64 |
+
|
65 |
+
if (is_admin() || get_site_option('rsssl_ssl_activation_active') || get_site_option('rsssl_ssl_deactivation_active')) {
|
66 |
+
if (is_multisite()) {
|
67 |
+
self::$instance->rsssl_multisite = new rsssl_multisite();
|
68 |
+
}
|
69 |
+
self::$instance->rsssl_cache = new rsssl_cache();
|
70 |
+
self::$instance->rsssl_server = new rsssl_server();
|
71 |
+
self::$instance->really_simple_ssl = new rsssl_admin();
|
72 |
+
self::$instance->rsssl_help = new rsssl_help();
|
73 |
+
self::$instance->rsssl_certificate = new rsssl_certificate();
|
74 |
+
|
75 |
+
// Backwards compatibility for add-ons
|
76 |
+
global $rsssl_cache, $rsssl_server, $really_simple_ssl, $rsssl_help;
|
77 |
+
$rsssl_cache = self::$instance->rsssl_cache;
|
78 |
+
$rsssl_server = self::$instance->rsssl_server;
|
79 |
+
$really_simple_ssl = self::$instance->really_simple_ssl;
|
80 |
+
$rsssl_help = self::$instance->rsssl_help;
|
81 |
+
}
|
82 |
+
|
83 |
+
self::$instance->hooks();
|
84 |
+
|
85 |
+
}
|
86 |
+
|
87 |
+
return self::$instance;
|
88 |
+
}
|
89 |
+
|
90 |
+
private function setup_constants()
|
91 |
+
{
|
92 |
+
define('rsssl_url', plugin_dir_url(__FILE__));
|
93 |
+
define('rsssl_path', trailingslashit(plugin_dir_path(__FILE__)));
|
94 |
+
define('rsssl_plugin', plugin_basename(__FILE__));
|
95 |
+
|
96 |
+
require_once(ABSPATH . 'wp-admin/includes/plugin.php');
|
97 |
+
$plugin_data = get_plugin_data(__FILE__);
|
98 |
+
define('rsssl_version', $plugin_data['Version']);
|
99 |
+
}
|
100 |
+
|
101 |
+
private function includes()
|
102 |
+
{
|
103 |
+
require_once(rsssl_path . 'class-front-end.php');
|
104 |
+
|
105 |
+
require_once(rsssl_path . 'class-mixed-content-fixer.php');
|
106 |
+
|
107 |
+
|
108 |
+
if (is_admin() || get_site_option('rsssl_ssl_activation_active') || get_site_option('rsssl_ssl_deactivation_active')) {
|
109 |
+
if (is_multisite()) {
|
110 |
+
require_once(rsssl_path . 'class-multisite.php');
|
111 |
+
require_once(rsssl_path . 'multisite-cron.php');
|
112 |
+
}
|
113 |
+
require_once(rsssl_path . 'class-admin.php');
|
114 |
+
require_once(rsssl_path . 'class-cache.php');
|
115 |
+
require_once(rsssl_path . 'class-server.php');
|
116 |
+
require_once(rsssl_path . 'class-help.php');
|
117 |
+
require_once(rsssl_path . 'class-certificate.php');
|
118 |
+
|
119 |
+
|
120 |
+
}
|
121 |
+
|
122 |
+
|
123 |
+
}
|
124 |
+
|
125 |
+
private function hooks()
|
126 |
+
{
|
127 |
+
add_action('wp_loaded', array(self::$instance->rsssl_front_end, 'force_ssl'), 20);
|
128 |
+
|
129 |
+
if (is_admin()) {
|
130 |
+
add_action('plugins_loaded', array(self::$instance->really_simple_ssl, 'init'), 10);
|
131 |
+
}
|
132 |
+
}
|
133 |
}
|
134 |
+
|
135 |
+
function RSSSL()
|
136 |
+
{
|
137 |
+
return REALLY_SIMPLE_SSL::instance();
|
138 |
+
}
|
139 |
+
|
140 |
+
add_action('plugins_loaded', 'RSSSL', 8);
|
ssl-test-page.php
CHANGED
@@ -1,60 +1,70 @@
|
|
1 |
<html>
|
2 |
<head>
|
3 |
-
|
4 |
-
|
5 |
</head>
|
6 |
<body>
|
7 |
<h1>#SSL TEST PAGE#</h1>
|
8 |
<p>This page is used purely to test for SSL availability.</p>
|
9 |
<?php
|
10 |
-
|
11 |
-
|
12 |
-
|
13 |
-
|
14 |
-
|
15 |
-
|
16 |
-
|
17 |
-
|
18 |
-
|
19 |
-
|
20 |
-
|
21 |
-
|
22 |
-
|
23 |
-
|
24 |
-
|
25 |
-
|
26 |
-
|
27 |
-
|
28 |
-
|
29 |
-
|
30 |
-
|
31 |
-
|
32 |
-
|
33 |
-
|
34 |
echo "#CLOUDFRONT#<br>";
|
35 |
$ssl = TRUE;
|
36 |
-
|
37 |
|
38 |
-
|
39 |
echo "#CLOUDFLARE#<br>";
|
40 |
$ssl = TRUE;
|
41 |
-
|
42 |
|
43 |
-
|
44 |
echo "#LOADBALANCER#<br>";
|
45 |
$ssl = TRUE;
|
46 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
47 |
|
48 |
-
|
49 |
-
echo "#
|
50 |
$ssl = TRUE;
|
51 |
-
|
52 |
|
53 |
-
|
54 |
-
|
55 |
-
|
56 |
-
|
57 |
-
|
58 |
?>
|
59 |
|
60 |
</body>
|
1 |
<html>
|
2 |
<head>
|
3 |
+
<meta charset="UTF-8">
|
4 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
5 |
</head>
|
6 |
<body>
|
7 |
<h1>#SSL TEST PAGE#</h1>
|
8 |
<p>This page is used purely to test for SSL availability.</p>
|
9 |
<?php
|
10 |
+
$ssl = FALSE;
|
11 |
+
if (isset($_SERVER['HTTPS'])) {
|
12 |
+
if (strtolower($_SERVER['HTTPS']) == 'on') {
|
13 |
+
|
14 |
+
echo "#SERVER-HTTPS-ON#" . " (" . htmlentities($_SERVER['HTTPS'], ENT_QUOTES, 'UTF-8') . ")<br>";
|
15 |
+
$ssl = TRUE;
|
16 |
+
}
|
17 |
+
if ('1' == $_SERVER['HTTPS']) {
|
18 |
+
echo "#SERVER-HTTPS-1#<br>";
|
19 |
+
$ssl = TRUE;
|
20 |
+
}
|
21 |
+
}
|
22 |
+
|
23 |
+
if (isset($_SERVER['SERVER_PORT']) && ('443' == $_SERVER['SERVER_PORT'])) {
|
24 |
+
echo "#SERVERPORT443#<br>";
|
25 |
+
$ssl = TRUE;
|
26 |
+
}
|
27 |
+
|
28 |
+
if (isset($_ENV['HTTPS']) && ('on' == $_ENV['HTTPS'])) {
|
29 |
+
echo "#ENVHTTPS#<br>";
|
30 |
+
$ssl = TRUE;
|
31 |
+
}
|
32 |
+
|
33 |
+
if (!empty($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && ($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] == 'https')) {
|
34 |
echo "#CLOUDFRONT#<br>";
|
35 |
$ssl = TRUE;
|
36 |
+
}
|
37 |
|
38 |
+
if (!empty($_SERVER['HTTP_CF_VISITOR']) && ($_SERVER['HTTP_CF_VISITOR'] == 'https')) {
|
39 |
echo "#CLOUDFLARE#<br>";
|
40 |
$ssl = TRUE;
|
41 |
+
}
|
42 |
|
43 |
+
if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) {
|
44 |
echo "#LOADBALANCER#<br>";
|
45 |
$ssl = TRUE;
|
46 |
+
}
|
47 |
+
|
48 |
+
if (!empty($_SERVER['HTTP_X_PROTO']) && ($_SERVER['HTTP_X_PROTO'] == 'SSL')) {
|
49 |
+
echo "#HTTP_X_PROTO#<br>";
|
50 |
+
$ssl = TRUE;
|
51 |
+
}
|
52 |
+
|
53 |
+
if (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == 'on')) {
|
54 |
+
echo "#HTTP_X_FORWARDED_SSL_ON#<br>";
|
55 |
+
$ssl = TRUE;
|
56 |
+
}
|
57 |
|
58 |
+
if (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == '1')) {
|
59 |
+
echo "#HTTP_X_FORWARDED_SSL_1#<br>";
|
60 |
$ssl = TRUE;
|
61 |
+
}
|
62 |
|
63 |
+
if ($ssl) {
|
64 |
+
echo "<br>#SUCCESFULLY DETECTED SSL#";
|
65 |
+
} else {
|
66 |
+
echo "<br>#NO KNOWN SSL CONFIGURATION DETECTED#";
|
67 |
+
}
|
68 |
?>
|
69 |
|
70 |
</body>
|
testssl/serverhttpxforwardedssl1/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTP:X-Forwarded-SSL} !=1
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/serverhttpxforwardedssl1/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing SSL functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/serverhttpxforwardedsslon/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTP:X-Forwarded-SSL} !on
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/serverhttpxforwardedsslon/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing SSL functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|
testssl/serverhttpxproto/.htaccess
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
RewriteEngine on
|
3 |
+
RewriteCond %{HTTP:X-Proto} !SSL
|
4 |
+
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
|
5 |
+
</IfModule>
|
testssl/serverhttpxproto/ssl-test-page.html
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<html>
|
2 |
+
<head>
|
3 |
+
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
|
4 |
+
</head>
|
5 |
+
<body>
|
6 |
+
This page is for testing SSL functionality.
|
7 |
+
#SSL TEST PAGE#
|
8 |
+
</body>
|
9 |
+
</html>
|