Version Description
- Fix: restrict conditions in which htaccess rewrite runs, preventing conflicts with other rewriting plugins
Download this release
Release Info
| Developer | RogierLankhorst |
| Plugin |  Really Simple SSL |
| Version | 6.0.7 |
| Comparing to | |
| See all releases | |
Code changes from version 6.0.3 to 6.0.7
- class-admin.php +2 -7
- languages/really-simple-ssl.pot +88 -88
- readme.txt +14 -1
- rlrsssl-really-simple-ssl.php +2 -2
- security/functions.php +31 -19
- settings/config/config.php +3 -3
- settings/config/disable-fields-filter.php +5 -0
- settings/settings.php +1 -1
- upgrade.php +1 -1
class-admin.php
CHANGED
|
@@ -751,7 +751,7 @@ class rsssl_admin
|
|
| 751 |
}
|
| 752 |
|
| 753 |
//remove edits
|
| 754 |
-
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL.*?\/\/END\s?Really\s?Simple\s?SSL/s", "", $wpconfig);
|
| 755 |
$wpconfig = preg_replace("/\n+/", "\n", $wpconfig);
|
| 756 |
file_put_contents($wpconfig_path, $wpconfig);
|
| 757 |
}
|
|
@@ -835,7 +835,6 @@ class rsssl_admin
|
|
| 835 |
if ( !rsssl_user_can_manage() ) {
|
| 836 |
return;
|
| 837 |
}
|
| 838 |
-
|
| 839 |
$this->remove_secure_cookie_settings();
|
| 840 |
if ($ssl_was_enabled) {
|
| 841 |
$this->remove_ssl_from_siteurl();
|
|
@@ -865,10 +864,6 @@ class rsssl_admin
|
|
| 865 |
return;
|
| 866 |
}
|
| 867 |
|
| 868 |
-
if ( !$this->is_settings_page()) {
|
| 869 |
-
return;
|
| 870 |
-
}
|
| 871 |
-
|
| 872 |
if ( $this->secure_cookie_settings_status() !== 'set') {
|
| 873 |
return;
|
| 874 |
}
|
|
@@ -880,7 +875,7 @@ class rsssl_admin
|
|
| 880 |
|
| 881 |
if (!empty($wpconfig_path)) {
|
| 882 |
$wpconfig = file_get_contents($wpconfig_path);
|
| 883 |
-
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL\s?session\s?cookie\s?settings.*?\/\/END\s?Really\s?Simple\s?SSL/s", "", $wpconfig);
|
| 884 |
$wpconfig = preg_replace("/\n+/","\n", $wpconfig);
|
| 885 |
file_put_contents($wpconfig_path, $wpconfig);
|
| 886 |
}
|
| 751 |
}
|
| 752 |
|
| 753 |
//remove edits
|
| 754 |
+
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL\s?Server\s?variable\s?fix.*?\/\/END\s?Really\s?Simple\s?SSL\s?Server\s?variable\s?fix/s", "", $wpconfig);
|
| 755 |
$wpconfig = preg_replace("/\n+/", "\n", $wpconfig);
|
| 756 |
file_put_contents($wpconfig_path, $wpconfig);
|
| 757 |
}
|
| 835 |
if ( !rsssl_user_can_manage() ) {
|
| 836 |
return;
|
| 837 |
}
|
|
|
|
| 838 |
$this->remove_secure_cookie_settings();
|
| 839 |
if ($ssl_was_enabled) {
|
| 840 |
$this->remove_ssl_from_siteurl();
|
| 864 |
return;
|
| 865 |
}
|
| 866 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 867 |
if ( $this->secure_cookie_settings_status() !== 'set') {
|
| 868 |
return;
|
| 869 |
}
|
| 875 |
|
| 876 |
if (!empty($wpconfig_path)) {
|
| 877 |
$wpconfig = file_get_contents($wpconfig_path);
|
| 878 |
+
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL\s?session\s?cookie\s?settings.*?\/\/END\s?Really\s?Simple\s?SSL\s?cookie\s?settings/s", "", $wpconfig);
|
| 879 |
$wpconfig = preg_replace("/\n+/","\n", $wpconfig);
|
| 880 |
file_put_contents($wpconfig_path, $wpconfig);
|
| 881 |
}
|
languages/really-simple-ssl.pot
CHANGED
|
@@ -2,14 +2,14 @@
|
|
| 2 |
# This file is distributed under the GPL2.
|
| 3 |
msgid ""
|
| 4 |
msgstr ""
|
| 5 |
-
"Project-Id-Version: Really Simple SSL 6.0.
|
| 6 |
"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/really-simple-ssl\n"
|
| 7 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
| 8 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
| 9 |
"MIME-Version: 1.0\n"
|
| 10 |
"Content-Type: text/plain; charset=UTF-8\n"
|
| 11 |
"Content-Transfer-Encoding: 8bit\n"
|
| 12 |
-
"POT-Creation-Date: 2022-11-
|
| 13 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
| 14 |
"X-Generator: WP-CLI 2.6.0\n"
|
| 15 |
"X-Domain: really-simple-ssl\n"
|
|
@@ -62,330 +62,330 @@ msgstr ""
|
|
| 62 |
msgid "More info"
|
| 63 |
msgstr ""
|
| 64 |
|
| 65 |
-
#: class-admin.php:
|
| 66 |
msgid "Hi, Really Simple SSL has kept your site secure for some time now, awesome! If you have a moment, please consider leaving a review on WordPress.org to spread the word. We greatly appreciate it! If you have any questions or feedback, leave us a %smessage%s."
|
| 67 |
msgstr ""
|
| 68 |
|
| 69 |
-
#: class-admin.php:
|
| 70 |
msgid "Hi, Really Simple SSL has kept your site secure for a month now, awesome! If you have a moment, please consider leaving a review on WordPress.org to spread the word. We greatly appreciate it! If you have any questions or feedback, leave us a %smessage%s."
|
| 71 |
msgstr ""
|
| 72 |
|
| 73 |
-
#: class-admin.php:
|
| 74 |
msgid "Leave a review"
|
| 75 |
msgstr ""
|
| 76 |
|
| 77 |
-
#: class-admin.php:
|
| 78 |
msgid "Maybe later"
|
| 79 |
msgstr ""
|
| 80 |
|
| 81 |
-
#: class-admin.php:
|
| 82 |
msgid "Don't show again"
|
| 83 |
msgstr ""
|
| 84 |
|
| 85 |
-
#: class-admin.php:
|
| 86 |
msgid "Completed"
|
| 87 |
msgstr ""
|
| 88 |
|
| 89 |
-
#: class-admin.php:
|
| 90 |
#: settings/build/index.js:382
|
| 91 |
#: settings/src/Settings/MixedContentScan.js:198
|
| 92 |
msgid "Warning"
|
| 93 |
msgstr ""
|
| 94 |
|
| 95 |
-
#: class-admin.php:
|
| 96 |
msgid "Open"
|
| 97 |
msgstr ""
|
| 98 |
|
| 99 |
-
#: class-admin.php:
|
| 100 |
#: settings/build/index.js:382
|
| 101 |
#: settings/src/Dashboard/OtherPlugins.js:85
|
| 102 |
#: settings/src/Settings/SettingsGroup.js:133
|
| 103 |
msgid "Upgrade"
|
| 104 |
msgstr ""
|
| 105 |
|
| 106 |
-
#: class-admin.php:
|
| 107 |
msgid "No recommended redirect rules detected."
|
| 108 |
msgstr ""
|
| 109 |
|
| 110 |
-
#: class-admin.php:
|
| 111 |
msgid "(Unknown)"
|
| 112 |
msgstr ""
|
| 113 |
|
| 114 |
-
#: class-admin.php:
|
| 115 |
msgid "Your wp-config.php has to be edited, but is not writable."
|
| 116 |
msgstr ""
|
| 117 |
|
| 118 |
-
#: class-admin.php:
|
| 119 |
-
#: class-admin.php:
|
| 120 |
msgid "Set your wp-config.php to writable and reload this page."
|
| 121 |
msgstr ""
|
| 122 |
|
| 123 |
-
#: class-admin.php:
|
| 124 |
msgid "To safely enable SSL on your server configuration, you should add the following line of code to your wp-config.php."
|
| 125 |
msgstr ""
|
| 126 |
|
| 127 |
-
#: class-admin.php:
|
| 128 |
msgid "A definition of a site url or home url was detected in your wp-config.php, but the file is not writable."
|
| 129 |
msgstr ""
|
| 130 |
|
| 131 |
-
#: class-admin.php:
|
| 132 |
msgid "The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactivated by anyone on the internet."
|
| 133 |
msgstr ""
|
| 134 |
|
| 135 |
-
#: class-admin.php:
|
| 136 |
msgid "Check again"
|
| 137 |
msgstr ""
|
| 138 |
|
| 139 |
-
#: class-admin.php:
|
| 140 |
msgid "The Really Simple SSL plugin folder in the /wp-content/plugins/ directory has been renamed to %s. This might cause issues when deactivating, or with premium add-ons. To fix this you can rename the Really Simple SSL folder back to the default %s."
|
| 141 |
msgstr ""
|
| 142 |
|
| 143 |
-
#: class-admin.php:
|
| 144 |
msgid "SSL is now activated. Check if your website is secure by following this article."
|
| 145 |
msgstr ""
|
| 146 |
|
| 147 |
-
#: class-admin.php:
|
| 148 |
msgid "Really Simple SSL Pro is not up to date. Update Really Simple SSL Pro to ensure compatibility."
|
| 149 |
msgstr ""
|
| 150 |
|
| 151 |
-
#: class-admin.php:
|
| 152 |
msgid "Remember to change your URLs in external services like Google Analytics, Search Console and others. This should prevent any data loss resulting from the switch to https."
|
| 153 |
msgstr ""
|
| 154 |
|
| 155 |
-
#: class-admin.php:
|
| 156 |
msgid "SSL is enabled on your site."
|
| 157 |
msgstr ""
|
| 158 |
|
| 159 |
-
#: class-admin.php:
|
| 160 |
msgid "SSL is not enabled yet."
|
| 161 |
msgstr ""
|
| 162 |
|
| 163 |
-
#: class-admin.php:
|
| 164 |
msgid "The wp-config.php file is not writable, and needs to be edited. Please set this file to writable."
|
| 165 |
msgstr ""
|
| 166 |
|
| 167 |
-
#: class-admin.php:
|
| 168 |
msgid "No SSL detected"
|
| 169 |
msgstr ""
|
| 170 |
|
| 171 |
-
#: class-admin.php:
|
| 172 |
msgid "No SSL detected. Use the retry button to check again."
|
| 173 |
msgstr ""
|
| 174 |
|
| 175 |
-
#: class-admin.php:
|
| 176 |
-
#: class-admin.php:
|
| 177 |
-
#: class-admin.php:
|
| 178 |
msgid "Install SSL certificate"
|
| 179 |
msgstr ""
|
| 180 |
|
| 181 |
-
#: class-admin.php:
|
| 182 |
msgid "Retry"
|
| 183 |
msgstr ""
|
| 184 |
|
| 185 |
-
#: class-admin.php:
|
| 186 |
msgid "Could not test certificate"
|
| 187 |
msgstr ""
|
| 188 |
|
| 189 |
-
#: class-admin.php:
|
| 190 |
#: onboarding/config.php:175
|
| 191 |
msgid "Automatic certificate detection is not possible on your server."
|
| 192 |
msgstr ""
|
| 193 |
|
| 194 |
-
#: class-admin.php:
|
| 195 |
msgid "Check manually"
|
| 196 |
msgstr ""
|
| 197 |
|
| 198 |
-
#: class-admin.php:
|
| 199 |
msgid "An SSL certificate was detected on your site."
|
| 200 |
msgstr ""
|
| 201 |
|
| 202 |
-
#: class-admin.php:
|
| 203 |
msgid "Your SSL certificate will expire soon."
|
| 204 |
msgstr ""
|
| 205 |
|
| 206 |
-
#: class-admin.php:
|
| 207 |
msgid "SSL certificate will expire on %s."
|
| 208 |
msgstr ""
|
| 209 |
|
| 210 |
-
#: class-admin.php:
|
| 211 |
msgid "If your hosting provider auto-renews your certificate, no action is required. Alternatively, you have the option to generate an SSL certificate with Really Simple SSL."
|
| 212 |
msgstr ""
|
| 213 |
|
| 214 |
-
#: class-admin.php:
|
| 215 |
msgid "Depending on your hosting provider, %smanual installation%s may be required."
|
| 216 |
msgstr ""
|
| 217 |
|
| 218 |
-
#: class-admin.php:
|
| 219 |
msgid "Re-check"
|
| 220 |
msgstr ""
|
| 221 |
|
| 222 |
-
#: class-admin.php:
|
| 223 |
msgid "Mixed content fixer was successfully detected on the front-end."
|
| 224 |
msgstr ""
|
| 225 |
|
| 226 |
-
#: class-admin.php:
|
| 227 |
msgid "Really Simple SSL has received no response from the webpage."
|
| 228 |
msgstr ""
|
| 229 |
|
| 230 |
-
#: class-admin.php:
|
| 231 |
msgid "The mixed content fixer is active, but was not detected on the frontpage."
|
| 232 |
msgstr ""
|
| 233 |
|
| 234 |
-
#: class-admin.php:
|
| 235 |
msgid "Error occurred when retrieving the webpage."
|
| 236 |
msgstr ""
|
| 237 |
|
| 238 |
-
#: class-admin.php:
|
| 239 |
msgid "Mixed content fixer not enabled. Enable the option to fix mixed content on your site."
|
| 240 |
msgstr ""
|
| 241 |
|
| 242 |
-
#: class-admin.php:
|
| 243 |
msgid "The mixed content fixer could not be detected due to a cURL error: %s. cURL errors are often caused by an outdated version of PHP or cURL and don't affect the front-end of your site. Contact your hosting provider for a fix."
|
| 244 |
msgstr ""
|
| 245 |
|
| 246 |
-
#: class-admin.php:
|
| 247 |
msgid "301 redirect to https set."
|
| 248 |
msgstr ""
|
| 249 |
|
| 250 |
-
#: class-admin.php:
|
| 251 |
msgid "No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect."
|
| 252 |
msgstr ""
|
| 253 |
|
| 254 |
-
#: class-admin.php:
|
| 255 |
msgid "301 redirect to https set: .htaccess redirect."
|
| 256 |
msgstr ""
|
| 257 |
|
| 258 |
-
#: class-admin.php:
|
| 259 |
msgid "WordPress 301 redirect enabled. We recommend to enable a 301 .htaccess redirect."
|
| 260 |
msgstr ""
|
| 261 |
|
| 262 |
-
#: class-admin.php:
|
| 263 |
msgid "Enable a .htaccess redirect or PHP redirect in the settings to create a 301 redirect."
|
| 264 |
msgstr ""
|
| 265 |
|
| 266 |
-
#: class-admin.php:
|
| 267 |
msgid ".htaccess redirect."
|
| 268 |
msgstr ""
|
| 269 |
|
| 270 |
-
#: class-admin.php:
|
| 271 |
msgid "The .htaccess redirect rules selected by this plugin failed in the test. Set manually or dismiss to leave on PHP redirect."
|
| 272 |
msgstr ""
|
| 273 |
|
| 274 |
-
#: class-admin.php:
|
| 275 |
msgid "Your site uses Elementor. This can require some additional steps before getting the secure lock."
|
| 276 |
msgstr ""
|
| 277 |
|
| 278 |
-
#: class-admin.php:
|
| 279 |
msgid "Your site uses Divi. This can require some additional steps before getting the secure lock."
|
| 280 |
msgstr ""
|
| 281 |
|
| 282 |
-
#: class-admin.php:
|
| 283 |
msgid "HttpOnly Secure cookies have been set automatically!"
|
| 284 |
msgstr ""
|
| 285 |
|
| 286 |
-
#: class-admin.php:
|
| 287 |
msgid "HttpOnly Secure cookies not set."
|
| 288 |
msgstr ""
|
| 289 |
|
| 290 |
-
#: class-admin.php:
|
| 291 |
msgid "To set the httponly secure cookie settings, your wp-config.php has to be edited, but the file is not writable."
|
| 292 |
msgstr ""
|
| 293 |
|
| 294 |
-
#: class-admin.php:
|
| 295 |
msgid "Add the following lines of code to your wp-config.php."
|
| 296 |
msgstr ""
|
| 297 |
|
| 298 |
-
#: class-admin.php:
|
| 299 |
msgid "Or set your wp-config.php to writable and reload this page."
|
| 300 |
msgstr ""
|
| 301 |
|
| 302 |
-
#: class-admin.php:
|
| 303 |
msgid "See which recommended security headers are not present on your website."
|
| 304 |
msgstr ""
|
| 305 |
|
| 306 |
-
#: class-admin.php:
|
| 307 |
msgid "Recommended security headers enabled."
|
| 308 |
msgstr ""
|
| 309 |
|
| 310 |
-
#: class-admin.php:
|
| 311 |
msgid "Improve security with Really Simple SSL Pro."
|
| 312 |
msgstr ""
|
| 313 |
|
| 314 |
-
#: class-admin.php:
|
| 315 |
msgid "Due to a recent update by WP Engine, we have changed your settings automatically to adapt."
|
| 316 |
msgstr ""
|
| 317 |
|
| 318 |
-
#: class-admin.php:
|
| 319 |
msgid "You have the Really Simple SSL Let's Encrypt beta add-on activated. This functionality has now been integrated in core, so you can deactivate the add-on."
|
| 320 |
msgstr ""
|
| 321 |
|
| 322 |
-
#: class-admin.php:
|
| 323 |
msgid "We have detected the %s plugin on your website."
|
| 324 |
msgstr ""
|
| 325 |
|
| 326 |
-
#: class-admin.php:
|
| 327 |
msgid "As Really Simple SSL handles all the functionality this plugin provides, we recommend to disable this plugin to prevent unexpected behavior."
|
| 328 |
msgstr ""
|
| 329 |
|
| 330 |
-
#: class-admin.php:
|
| 331 |
msgid "Black Friday sale! Get 40% Off Really Simple SSL Pro"
|
| 332 |
msgstr ""
|
| 333 |
|
| 334 |
-
#: class-admin.php:
|
| 335 |
msgid "Thanks for updating to Really Simple SSL 6.0! Check out our new features on the settings page."
|
| 336 |
msgstr ""
|
| 337 |
|
| 338 |
-
#: class-admin.php:
|
| 339 |
msgid "Are you sure?"
|
| 340 |
msgstr ""
|
| 341 |
|
| 342 |
-
#: class-admin.php:
|
| 343 |
msgid "To deactivate the plugin correctly, please select if you want to:"
|
| 344 |
msgstr ""
|
| 345 |
|
| 346 |
-
#: class-admin.php:
|
| 347 |
msgid "Deactivate, but stay on SSL."
|
| 348 |
msgstr ""
|
| 349 |
|
| 350 |
-
#: class-admin.php:
|
| 351 |
msgid "Deactivate, and revert to http. This will remove all changes by the plugin."
|
| 352 |
msgstr ""
|
| 353 |
|
| 354 |
-
#: class-admin.php:
|
| 355 |
msgid "Deactivating the plugin while keeping SSL will do the following:"
|
| 356 |
msgstr ""
|
| 357 |
|
| 358 |
-
#: class-admin.php:
|
| 359 |
msgid "The mixed content fixer will stop working"
|
| 360 |
msgstr ""
|
| 361 |
|
| 362 |
-
#: class-admin.php:
|
| 363 |
msgid "The WordPress 301 redirect will stop working"
|
| 364 |
msgstr ""
|
| 365 |
|
| 366 |
-
#: class-admin.php:
|
| 367 |
msgid "Your site address will remain https://"
|
| 368 |
msgstr ""
|
| 369 |
|
| 370 |
-
#: class-admin.php:
|
| 371 |
msgid "The .htaccess redirect will remain active"
|
| 372 |
msgstr ""
|
| 373 |
|
| 374 |
-
#: class-admin.php:
|
| 375 |
#: upgrade/upgrade-to-pro.php:361
|
| 376 |
msgid "Cancel"
|
| 377 |
msgstr ""
|
| 378 |
|
| 379 |
-
#: class-admin.php:
|
| 380 |
msgid "Deactivate, keep https"
|
| 381 |
msgstr ""
|
| 382 |
|
| 383 |
-
#: class-admin.php:
|
| 384 |
msgid "Deactivate, revert to http"
|
| 385 |
msgstr ""
|
| 386 |
|
| 387 |
-
#: class-admin.php:
|
| 388 |
-
#: class-admin.php:
|
| 389 |
#: class-multisite.php:216
|
| 390 |
#: settings/config/config.php:17
|
| 391 |
#: settings/build/index.js:382
|
|
@@ -393,14 +393,14 @@ msgstr ""
|
|
| 393 |
msgid "Settings"
|
| 394 |
msgstr ""
|
| 395 |
|
| 396 |
-
#: class-admin.php:
|
| 397 |
#: class-multisite.php:219
|
| 398 |
#: settings/build/index.js:382
|
| 399 |
#: settings/src/Header.js:43
|
| 400 |
msgid "Support"
|
| 401 |
msgstr ""
|
| 402 |
|
| 403 |
-
#: class-admin.php:
|
| 404 |
#: class-multisite.php:223
|
| 405 |
msgid "Improve security - Upgrade"
|
| 406 |
msgstr ""
|
|
@@ -2044,7 +2044,7 @@ msgid "User enumeration is possible"
|
|
| 2044 |
msgstr ""
|
| 2045 |
|
| 2046 |
#: settings/config/config.php:512
|
| 2047 |
-
msgid "Rename 'admin'
|
| 2048 |
msgstr ""
|
| 2049 |
|
| 2050 |
#: settings/config/config.php:516
|
| 2 |
# This file is distributed under the GPL2.
|
| 3 |
msgid ""
|
| 4 |
msgstr ""
|
| 5 |
+
"Project-Id-Version: Really Simple SSL 6.0.7\n"
|
| 6 |
"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/really-simple-ssl\n"
|
| 7 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
| 8 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
| 9 |
"MIME-Version: 1.0\n"
|
| 10 |
"Content-Type: text/plain; charset=UTF-8\n"
|
| 11 |
"Content-Transfer-Encoding: 8bit\n"
|
| 12 |
+
"POT-Creation-Date: 2022-11-05T06:03:30+00:00\n"
|
| 13 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
| 14 |
"X-Generator: WP-CLI 2.6.0\n"
|
| 15 |
"X-Domain: really-simple-ssl\n"
|
| 62 |
msgid "More info"
|
| 63 |
msgstr ""
|
| 64 |
|
| 65 |
+
#: class-admin.php:1594
|
| 66 |
msgid "Hi, Really Simple SSL has kept your site secure for some time now, awesome! If you have a moment, please consider leaving a review on WordPress.org to spread the word. We greatly appreciate it! If you have any questions or feedback, leave us a %smessage%s."
|
| 67 |
msgstr ""
|
| 68 |
|
| 69 |
+
#: class-admin.php:1596
|
| 70 |
msgid "Hi, Really Simple SSL has kept your site secure for a month now, awesome! If you have a moment, please consider leaving a review on WordPress.org to spread the word. We greatly appreciate it! If you have any questions or feedback, leave us a %smessage%s."
|
| 71 |
msgstr ""
|
| 72 |
|
| 73 |
+
#: class-admin.php:1602
|
| 74 |
msgid "Leave a review"
|
| 75 |
msgstr ""
|
| 76 |
|
| 77 |
+
#: class-admin.php:1603
|
| 78 |
msgid "Maybe later"
|
| 79 |
msgstr ""
|
| 80 |
|
| 81 |
+
#: class-admin.php:1604
|
| 82 |
msgid "Don't show again"
|
| 83 |
msgstr ""
|
| 84 |
|
| 85 |
+
#: class-admin.php:1759
|
| 86 |
msgid "Completed"
|
| 87 |
msgstr ""
|
| 88 |
|
| 89 |
+
#: class-admin.php:1760
|
| 90 |
#: settings/build/index.js:382
|
| 91 |
#: settings/src/Settings/MixedContentScan.js:198
|
| 92 |
msgid "Warning"
|
| 93 |
msgstr ""
|
| 94 |
|
| 95 |
+
#: class-admin.php:1761
|
| 96 |
msgid "Open"
|
| 97 |
msgstr ""
|
| 98 |
|
| 99 |
+
#: class-admin.php:1762
|
| 100 |
#: settings/build/index.js:382
|
| 101 |
#: settings/src/Dashboard/OtherPlugins.js:85
|
| 102 |
#: settings/src/Settings/SettingsGroup.js:133
|
| 103 |
msgid "Upgrade"
|
| 104 |
msgstr ""
|
| 105 |
|
| 106 |
+
#: class-admin.php:1799
|
| 107 |
msgid "No recommended redirect rules detected."
|
| 108 |
msgstr ""
|
| 109 |
|
| 110 |
+
#: class-admin.php:1814
|
| 111 |
msgid "(Unknown)"
|
| 112 |
msgstr ""
|
| 113 |
|
| 114 |
+
#: class-admin.php:1823
|
| 115 |
msgid "Your wp-config.php has to be edited, but is not writable."
|
| 116 |
msgstr ""
|
| 117 |
|
| 118 |
+
#: class-admin.php:1824
|
| 119 |
+
#: class-admin.php:1845
|
| 120 |
msgid "Set your wp-config.php to writable and reload this page."
|
| 121 |
msgstr ""
|
| 122 |
|
| 123 |
+
#: class-admin.php:1825
|
| 124 |
msgid "To safely enable SSL on your server configuration, you should add the following line of code to your wp-config.php."
|
| 125 |
msgstr ""
|
| 126 |
|
| 127 |
+
#: class-admin.php:1845
|
| 128 |
msgid "A definition of a site url or home url was detected in your wp-config.php, but the file is not writable."
|
| 129 |
msgstr ""
|
| 130 |
|
| 131 |
+
#: class-admin.php:1860
|
| 132 |
msgid "The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactivated by anyone on the internet."
|
| 133 |
msgstr ""
|
| 134 |
|
| 135 |
+
#: class-admin.php:1861
|
| 136 |
msgid "Check again"
|
| 137 |
msgstr ""
|
| 138 |
|
| 139 |
+
#: class-admin.php:1875
|
| 140 |
msgid "The Really Simple SSL plugin folder in the /wp-content/plugins/ directory has been renamed to %s. This might cause issues when deactivating, or with premium add-ons. To fix this you can rename the Really Simple SSL folder back to the default %s."
|
| 141 |
msgstr ""
|
| 142 |
|
| 143 |
+
#: class-admin.php:1890
|
| 144 |
msgid "SSL is now activated. Check if your website is secure by following this article."
|
| 145 |
msgstr ""
|
| 146 |
|
| 147 |
+
#: class-admin.php:1905
|
| 148 |
msgid "Really Simple SSL Pro is not up to date. Update Really Simple SSL Pro to ensure compatibility."
|
| 149 |
msgstr ""
|
| 150 |
|
| 151 |
+
#: class-admin.php:1920
|
| 152 |
msgid "Remember to change your URLs in external services like Google Analytics, Search Console and others. This should prevent any data loss resulting from the switch to https."
|
| 153 |
msgstr ""
|
| 154 |
|
| 155 |
+
#: class-admin.php:1934
|
| 156 |
msgid "SSL is enabled on your site."
|
| 157 |
msgstr ""
|
| 158 |
|
| 159 |
+
#: class-admin.php:1938
|
| 160 |
msgid "SSL is not enabled yet."
|
| 161 |
msgstr ""
|
| 162 |
|
| 163 |
+
#: class-admin.php:1955
|
| 164 |
msgid "The wp-config.php file is not writable, and needs to be edited. Please set this file to writable."
|
| 165 |
msgstr ""
|
| 166 |
|
| 167 |
+
#: class-admin.php:1959
|
| 168 |
msgid "No SSL detected"
|
| 169 |
msgstr ""
|
| 170 |
|
| 171 |
+
#: class-admin.php:1960
|
| 172 |
msgid "No SSL detected. Use the retry button to check again."
|
| 173 |
msgstr ""
|
| 174 |
|
| 175 |
+
#: class-admin.php:1961
|
| 176 |
+
#: class-admin.php:1969
|
| 177 |
+
#: class-admin.php:1983
|
| 178 |
msgid "Install SSL certificate"
|
| 179 |
msgstr ""
|
| 180 |
|
| 181 |
+
#: class-admin.php:1962
|
| 182 |
msgid "Retry"
|
| 183 |
msgstr ""
|
| 184 |
|
| 185 |
+
#: class-admin.php:1967
|
| 186 |
msgid "Could not test certificate"
|
| 187 |
msgstr ""
|
| 188 |
|
| 189 |
+
#: class-admin.php:1968
|
| 190 |
#: onboarding/config.php:175
|
| 191 |
msgid "Automatic certificate detection is not possible on your server."
|
| 192 |
msgstr ""
|
| 193 |
|
| 194 |
+
#: class-admin.php:1970
|
| 195 |
msgid "Check manually"
|
| 196 |
msgstr ""
|
| 197 |
|
| 198 |
+
#: class-admin.php:1975
|
| 199 |
msgid "An SSL certificate was detected on your site."
|
| 200 |
msgstr ""
|
| 201 |
|
| 202 |
+
#: class-admin.php:1980
|
| 203 |
msgid "Your SSL certificate will expire soon."
|
| 204 |
msgstr ""
|
| 205 |
|
| 206 |
+
#: class-admin.php:1981
|
| 207 |
msgid "SSL certificate will expire on %s."
|
| 208 |
msgstr ""
|
| 209 |
|
| 210 |
+
#: class-admin.php:1981
|
| 211 |
msgid "If your hosting provider auto-renews your certificate, no action is required. Alternatively, you have the option to generate an SSL certificate with Really Simple SSL."
|
| 212 |
msgstr ""
|
| 213 |
|
| 214 |
+
#: class-admin.php:1982
|
| 215 |
msgid "Depending on your hosting provider, %smanual installation%s may be required."
|
| 216 |
msgstr ""
|
| 217 |
|
| 218 |
+
#: class-admin.php:1984
|
| 219 |
msgid "Re-check"
|
| 220 |
msgstr ""
|
| 221 |
|
| 222 |
+
#: class-admin.php:1996
|
| 223 |
msgid "Mixed content fixer was successfully detected on the front-end."
|
| 224 |
msgstr ""
|
| 225 |
|
| 226 |
+
#: class-admin.php:2001
|
| 227 |
msgid "Really Simple SSL has received no response from the webpage."
|
| 228 |
msgstr ""
|
| 229 |
|
| 230 |
+
#: class-admin.php:2008
|
| 231 |
msgid "The mixed content fixer is active, but was not detected on the frontpage."
|
| 232 |
msgstr ""
|
| 233 |
|
| 234 |
+
#: class-admin.php:2013
|
| 235 |
msgid "Error occurred when retrieving the webpage."
|
| 236 |
msgstr ""
|
| 237 |
|
| 238 |
+
#: class-admin.php:2019
|
| 239 |
msgid "Mixed content fixer not enabled. Enable the option to fix mixed content on your site."
|
| 240 |
msgstr ""
|
| 241 |
|
| 242 |
+
#: class-admin.php:2025
|
| 243 |
msgid "The mixed content fixer could not be detected due to a cURL error: %s. cURL errors are often caused by an outdated version of PHP or cURL and don't affect the front-end of your site. Contact your hosting provider for a fix."
|
| 244 |
msgstr ""
|
| 245 |
|
| 246 |
+
#: class-admin.php:2038
|
| 247 |
msgid "301 redirect to https set."
|
| 248 |
msgstr ""
|
| 249 |
|
| 250 |
+
#: class-admin.php:2042
|
| 251 |
msgid "No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect."
|
| 252 |
msgstr ""
|
| 253 |
|
| 254 |
+
#: class-admin.php:2057
|
| 255 |
msgid "301 redirect to https set: .htaccess redirect."
|
| 256 |
msgstr ""
|
| 257 |
|
| 258 |
+
#: class-admin.php:2062
|
| 259 |
msgid "WordPress 301 redirect enabled. We recommend to enable a 301 .htaccess redirect."
|
| 260 |
msgstr ""
|
| 261 |
|
| 262 |
+
#: class-admin.php:2069
|
| 263 |
msgid "Enable a .htaccess redirect or PHP redirect in the settings to create a 301 redirect."
|
| 264 |
msgstr ""
|
| 265 |
|
| 266 |
+
#: class-admin.php:2074
|
| 267 |
msgid ".htaccess redirect."
|
| 268 |
msgstr ""
|
| 269 |
|
| 270 |
+
#: class-admin.php:2076
|
| 271 |
msgid "The .htaccess redirect rules selected by this plugin failed in the test. Set manually or dismiss to leave on PHP redirect."
|
| 272 |
msgstr ""
|
| 273 |
|
| 274 |
+
#: class-admin.php:2091
|
| 275 |
msgid "Your site uses Elementor. This can require some additional steps before getting the secure lock."
|
| 276 |
msgstr ""
|
| 277 |
|
| 278 |
+
#: class-admin.php:2105
|
| 279 |
msgid "Your site uses Divi. This can require some additional steps before getting the secure lock."
|
| 280 |
msgstr ""
|
| 281 |
|
| 282 |
+
#: class-admin.php:2121
|
| 283 |
msgid "HttpOnly Secure cookies have been set automatically!"
|
| 284 |
msgstr ""
|
| 285 |
|
| 286 |
+
#: class-admin.php:2126
|
| 287 |
msgid "HttpOnly Secure cookies not set."
|
| 288 |
msgstr ""
|
| 289 |
|
| 290 |
+
#: class-admin.php:2133
|
| 291 |
msgid "To set the httponly secure cookie settings, your wp-config.php has to be edited, but the file is not writable."
|
| 292 |
msgstr ""
|
| 293 |
|
| 294 |
+
#: class-admin.php:2133
|
| 295 |
msgid "Add the following lines of code to your wp-config.php."
|
| 296 |
msgstr ""
|
| 297 |
|
| 298 |
+
#: class-admin.php:2141
|
| 299 |
msgid "Or set your wp-config.php to writable and reload this page."
|
| 300 |
msgstr ""
|
| 301 |
|
| 302 |
+
#: class-admin.php:2155
|
| 303 |
msgid "See which recommended security headers are not present on your website."
|
| 304 |
msgstr ""
|
| 305 |
|
| 306 |
+
#: class-admin.php:2161
|
| 307 |
msgid "Recommended security headers enabled."
|
| 308 |
msgstr ""
|
| 309 |
|
| 310 |
+
#: class-admin.php:2172
|
| 311 |
msgid "Improve security with Really Simple SSL Pro."
|
| 312 |
msgstr ""
|
| 313 |
|
| 314 |
+
#: class-admin.php:2186
|
| 315 |
msgid "Due to a recent update by WP Engine, we have changed your settings automatically to adapt."
|
| 316 |
msgstr ""
|
| 317 |
|
| 318 |
+
#: class-admin.php:2199
|
| 319 |
msgid "You have the Really Simple SSL Let's Encrypt beta add-on activated. This functionality has now been integrated in core, so you can deactivate the add-on."
|
| 320 |
msgstr ""
|
| 321 |
|
| 322 |
+
#: class-admin.php:2210
|
| 323 |
msgid "We have detected the %s plugin on your website."
|
| 324 |
msgstr ""
|
| 325 |
|
| 326 |
+
#: class-admin.php:2210
|
| 327 |
msgid "As Really Simple SSL handles all the functionality this plugin provides, we recommend to disable this plugin to prevent unexpected behavior."
|
| 328 |
msgstr ""
|
| 329 |
|
| 330 |
+
#: class-admin.php:2225
|
| 331 |
msgid "Black Friday sale! Get 40% Off Really Simple SSL Pro"
|
| 332 |
msgstr ""
|
| 333 |
|
| 334 |
+
#: class-admin.php:2241
|
| 335 |
msgid "Thanks for updating to Really Simple SSL 6.0! Check out our new features on the settings page."
|
| 336 |
msgstr ""
|
| 337 |
|
| 338 |
+
#: class-admin.php:2588
|
| 339 |
msgid "Are you sure?"
|
| 340 |
msgstr ""
|
| 341 |
|
| 342 |
+
#: class-admin.php:2599
|
| 343 |
msgid "To deactivate the plugin correctly, please select if you want to:"
|
| 344 |
msgstr ""
|
| 345 |
|
| 346 |
+
#: class-admin.php:2601
|
| 347 |
msgid "Deactivate, but stay on SSL."
|
| 348 |
msgstr ""
|
| 349 |
|
| 350 |
+
#: class-admin.php:2602
|
| 351 |
msgid "Deactivate, and revert to http. This will remove all changes by the plugin."
|
| 352 |
msgstr ""
|
| 353 |
|
| 354 |
+
#: class-admin.php:2604
|
| 355 |
msgid "Deactivating the plugin while keeping SSL will do the following:"
|
| 356 |
msgstr ""
|
| 357 |
|
| 358 |
+
#: class-admin.php:2606
|
| 359 |
msgid "The mixed content fixer will stop working"
|
| 360 |
msgstr ""
|
| 361 |
|
| 362 |
+
#: class-admin.php:2607
|
| 363 |
msgid "The WordPress 301 redirect will stop working"
|
| 364 |
msgstr ""
|
| 365 |
|
| 366 |
+
#: class-admin.php:2608
|
| 367 |
msgid "Your site address will remain https://"
|
| 368 |
msgstr ""
|
| 369 |
|
| 370 |
+
#: class-admin.php:2609
|
| 371 |
msgid "The .htaccess redirect will remain active"
|
| 372 |
msgstr ""
|
| 373 |
|
| 374 |
+
#: class-admin.php:2618
|
| 375 |
#: upgrade/upgrade-to-pro.php:361
|
| 376 |
msgid "Cancel"
|
| 377 |
msgstr ""
|
| 378 |
|
| 379 |
+
#: class-admin.php:2619
|
| 380 |
msgid "Deactivate, keep https"
|
| 381 |
msgstr ""
|
| 382 |
|
| 383 |
+
#: class-admin.php:2620
|
| 384 |
msgid "Deactivate, revert to http"
|
| 385 |
msgstr ""
|
| 386 |
|
| 387 |
+
#: class-admin.php:2646
|
| 388 |
+
#: class-admin.php:2649
|
| 389 |
#: class-multisite.php:216
|
| 390 |
#: settings/config/config.php:17
|
| 391 |
#: settings/build/index.js:382
|
| 393 |
msgid "Settings"
|
| 394 |
msgstr ""
|
| 395 |
|
| 396 |
+
#: class-admin.php:2654
|
| 397 |
#: class-multisite.php:219
|
| 398 |
#: settings/build/index.js:382
|
| 399 |
#: settings/src/Header.js:43
|
| 400 |
msgid "Support"
|
| 401 |
msgstr ""
|
| 402 |
|
| 403 |
+
#: class-admin.php:2659
|
| 404 |
#: class-multisite.php:223
|
| 405 |
msgid "Improve security - Upgrade"
|
| 406 |
msgstr ""
|
| 2044 |
msgstr ""
|
| 2045 |
|
| 2046 |
#: settings/config/config.php:512
|
| 2047 |
+
msgid "Rename 'admin' users - Make sure you can log in by email"
|
| 2048 |
msgstr ""
|
| 2049 |
|
| 2050 |
#: settings/config/config.php:516
|
readme.txt
CHANGED
|
@@ -6,7 +6,7 @@ Requires at least: 5.7
|
|
| 6 |
License: GPL2
|
| 7 |
Tested up to: 6.1
|
| 8 |
Requires PHP: 7.2
|
| 9 |
-
Stable tag: 6.0.
|
| 10 |
|
| 11 |
The easiest way to improve security! Leverage your SSL certificate and protect your website visitors.
|
| 12 |
|
|
@@ -96,6 +96,19 @@ The plugin checks your certificate before enabling, but if, for example, you mig
|
|
| 96 |
If you can't deactivate, do not just remove the plugin folder to uninstall! Follow these [instructions](https://really-simple-ssl.com/knowledge-base/uninstall-websitebackend-not-accessible/) instead.
|
| 97 |
|
| 98 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 99 |
= 6.0.3 =
|
| 100 |
* Fix: Rest Optimizer causing other plugins to deactivate when recommended plugins were activated, props @sardelich
|
| 101 |
|
| 6 |
License: GPL2
|
| 7 |
Tested up to: 6.1
|
| 8 |
Requires PHP: 7.2
|
| 9 |
+
Stable tag: 6.0.7
|
| 10 |
|
| 11 |
The easiest way to improve security! Leverage your SSL certificate and protect your website visitors.
|
| 12 |
|
| 96 |
If you can't deactivate, do not just remove the plugin folder to uninstall! Follow these [instructions](https://really-simple-ssl.com/knowledge-base/uninstall-websitebackend-not-accessible/) instead.
|
| 97 |
|
| 98 |
== Changelog ==
|
| 99 |
+
= 6.0.7 =
|
| 100 |
+
* Fix: restrict conditions in which htaccess rewrite runs, preventing conflicts with other rewriting plugins
|
| 101 |
+
|
| 102 |
+
= 6.0.6 =
|
| 103 |
+
* Fix: drop upgrade of .htaccess file in upgrade script
|
| 104 |
+
|
| 105 |
+
= 6.0.5 =
|
| 106 |
+
* Fix: race condition in .htaccess update script, where multiple updates simultaneously caused issues with the .htaccess file
|
| 107 |
+
|
| 108 |
+
= 6.0.4 =
|
| 109 |
+
* Fix: using the .htaccess redirect in combination with the block code execution in uploads causes an issue in the .htaccess redirect
|
| 110 |
+
* Fix: deactivating Really Simple SSL does not completely remove the wp-config.php fixes, causing errors, props @minalukic812
|
| 111 |
+
|
| 112 |
= 6.0.3 =
|
| 113 |
* Fix: Rest Optimizer causing other plugins to deactivate when recommended plugins were activated, props @sardelich
|
| 114 |
|
rlrsssl-really-simple-ssl.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: Really Simple SSL
|
| 4 |
* Plugin URI: https://really-simple-ssl.com
|
| 5 |
* Description: Lightweight SSL & Hardening Plugin
|
| 6 |
-
* Version: 6.0.
|
| 7 |
* Author: Really Simple Plugins
|
| 8 |
* Author URI: https://really-simple-plugins.com
|
| 9 |
* License: GPL2
|
|
@@ -110,7 +110,7 @@ class REALLY_SIMPLE_SSL
|
|
| 110 |
if (!defined('rsssl_file') ){
|
| 111 |
define('rsssl_file', __FILE__);
|
| 112 |
}
|
| 113 |
-
define('rsssl_version', '6.0.
|
| 114 |
define('rsssl_le_cron_generation_renewal_check', 20);
|
| 115 |
define('rsssl_le_manual_generation_renewal_check', 15);
|
| 116 |
}
|
| 3 |
* Plugin Name: Really Simple SSL
|
| 4 |
* Plugin URI: https://really-simple-ssl.com
|
| 5 |
* Description: Lightweight SSL & Hardening Plugin
|
| 6 |
+
* Version: 6.0.7
|
| 7 |
* Author: Really Simple Plugins
|
| 8 |
* Author URI: https://really-simple-plugins.com
|
| 9 |
* License: GPL2
|
| 110 |
if (!defined('rsssl_file') ){
|
| 111 |
define('rsssl_file', __FILE__);
|
| 112 |
}
|
| 113 |
+
define('rsssl_version', '6.0.7');
|
| 114 |
define('rsssl_le_cron_generation_renewal_check', 20);
|
| 115 |
define('rsssl_le_manual_generation_renewal_check', 15);
|
| 116 |
}
|
security/functions.php
CHANGED
|
@@ -163,7 +163,7 @@ if ( !function_exists('rsssl_remove_htaccess_security_edits') ) {
|
|
| 163 |
|
| 164 |
if ( ! function_exists('rsssl_wrap_htaccess' ) ) {
|
| 165 |
function rsssl_wrap_htaccess() {
|
| 166 |
-
if ( !
|
| 167 |
return;
|
| 168 |
}
|
| 169 |
|
|
@@ -176,13 +176,14 @@ if ( ! function_exists('rsssl_wrap_htaccess' ) ) {
|
|
| 176 |
}
|
| 177 |
|
| 178 |
if (
|
|
|
|
| 179 |
!RSSSL()->admin->is_settings_page() &&
|
| 180 |
-
!rsssl_is_logged_in_rest() &&
|
| 181 |
current_filter() !== 'rocket_activation' &&
|
| 182 |
current_filter() !== 'rocket_deactivation'
|
| 183 |
) {
|
| 184 |
return;
|
| 185 |
}
|
|
|
|
| 186 |
if ( get_site_option('rsssl_htaccess_error') ) {
|
| 187 |
delete_site_option( 'rsssl_htaccess_error' );
|
| 188 |
delete_site_option( 'rsssl_htaccess_rules' );
|
|
@@ -193,6 +194,12 @@ if ( ! function_exists('rsssl_wrap_htaccess' ) ) {
|
|
| 193 |
delete_site_option( 'rsssl_uploads_htaccess_rules' );
|
| 194 |
}
|
| 195 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 196 |
$start = '#Begin Really Simple Security';
|
| 197 |
$end = "\n" . '#End Really Simple Security' . "\n";
|
| 198 |
$pattern_content = '/'.$start.'(.*?)'.$end.'/is';
|
|
@@ -243,18 +250,20 @@ if ( ! function_exists('rsssl_wrap_htaccess' ) ) {
|
|
| 243 |
} else {
|
| 244 |
delete_site_option( 'rsssl_uploads_htaccess_error' );
|
| 245 |
delete_site_option( 'rsssl_uploads_htaccess_rules' );
|
| 246 |
-
//
|
| 247 |
-
|
| 248 |
-
|
| 249 |
-
|
| 250 |
-
|
| 251 |
-
|
|
|
|
| 252 |
}
|
| 253 |
file_put_contents( $htaccess_file_uploads, $new_htaccess );
|
| 254 |
}
|
| 255 |
}
|
| 256 |
}
|
| 257 |
}
|
|
|
|
| 258 |
/**
|
| 259 |
* htaccess in root dir
|
| 260 |
*/
|
|
@@ -290,8 +299,6 @@ if ( ! function_exists('rsssl_wrap_htaccess' ) ) {
|
|
| 290 |
}
|
| 291 |
//should replace if rules is not empty, OR if rules is empty and htaccess is not.
|
| 292 |
$htaccess_has_rsssl_rules = preg_match( '/#Begin Really Simple Security(.*?)#End Really Simple Security/is', $content_htaccess, $matches );
|
| 293 |
-
$htaccess_has_rsssl_rules = $htaccess_has_rsssl_rules || preg_match( "/#\s?BEGIN\s?rlrssslReallySimpleSSL(.*?)#\s?END\s?rlrssslReallySimpleSSL/s", $content_htaccess, $matches );
|
| 294 |
-
$htaccess_has_rsssl_rules = $htaccess_has_rsssl_rules || preg_match( "/#\s?BEGIN\s?Really Simple SSL Redirect(.*?)#\s?END\s?Really Simple SSL Redirect/s", $content_htaccess, $matches );
|
| 295 |
if ( ! empty( $rules_result ) || $htaccess_has_rsssl_rules ) {
|
| 296 |
if ( ! is_writable( $htaccess_file ) ) {
|
| 297 |
update_site_option( 'rsssl_htaccess_error', 'not-writable' );
|
|
@@ -301,22 +308,27 @@ if ( ! function_exists('rsssl_wrap_htaccess' ) ) {
|
|
| 301 |
delete_site_option( 'rsssl_htaccess_rules' );
|
| 302 |
$new_rules = empty($rules_result) ? '' : $start . $rules_result . $end;
|
| 303 |
|
| 304 |
-
//
|
| 305 |
-
|
| 306 |
-
|
|
|
|
|
|
|
|
|
|
| 307 |
} else {
|
| 308 |
-
|
| 309 |
-
if ( strpos($content_htaccess, '# BEGIN WordPress')!==false ) {
|
| 310 |
-
$new_htaccess = str_replace('# BEGIN WordPress', "\n" . $new_rules.'# BEGIN WordPress', $content_htaccess);
|
| 311 |
-
} else {
|
| 312 |
-
$new_htaccess = "\n" . $new_rules . $content_htaccess;
|
| 313 |
-
}
|
| 314 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 315 |
file_put_contents( $htaccess_file, $new_htaccess );
|
| 316 |
}
|
| 317 |
}
|
| 318 |
}
|
| 319 |
}
|
|
|
|
| 320 |
}
|
| 321 |
add_action('admin_init', 'rsssl_wrap_htaccess' );
|
| 322 |
add_action('rsssl_after_saved_fields', 'rsssl_wrap_htaccess', 30);
|
| 163 |
|
| 164 |
if ( ! function_exists('rsssl_wrap_htaccess' ) ) {
|
| 165 |
function rsssl_wrap_htaccess() {
|
| 166 |
+
if ( !rsssl_user_can_manage() ) {
|
| 167 |
return;
|
| 168 |
}
|
| 169 |
|
| 176 |
}
|
| 177 |
|
| 178 |
if (
|
| 179 |
+
!rsssl_is_logged_in_rest() &&
|
| 180 |
!RSSSL()->admin->is_settings_page() &&
|
|
|
|
| 181 |
current_filter() !== 'rocket_activation' &&
|
| 182 |
current_filter() !== 'rocket_deactivation'
|
| 183 |
) {
|
| 184 |
return;
|
| 185 |
}
|
| 186 |
+
|
| 187 |
if ( get_site_option('rsssl_htaccess_error') ) {
|
| 188 |
delete_site_option( 'rsssl_htaccess_error' );
|
| 189 |
delete_site_option( 'rsssl_htaccess_rules' );
|
| 194 |
delete_site_option( 'rsssl_uploads_htaccess_rules' );
|
| 195 |
}
|
| 196 |
|
| 197 |
+
if ( get_option('rsssl_updating_htaccess') ) {
|
| 198 |
+
return;
|
| 199 |
+
}
|
| 200 |
+
|
| 201 |
+
update_option('rsssl_updating_htaccess', true, false );
|
| 202 |
+
|
| 203 |
$start = '#Begin Really Simple Security';
|
| 204 |
$end = "\n" . '#End Really Simple Security' . "\n";
|
| 205 |
$pattern_content = '/'.$start.'(.*?)'.$end.'/is';
|
| 250 |
} else {
|
| 251 |
delete_site_option( 'rsssl_uploads_htaccess_error' );
|
| 252 |
delete_site_option( 'rsssl_uploads_htaccess_rules' );
|
| 253 |
+
//remove current rules
|
| 254 |
+
$content_htaccess_uploads = preg_replace( $pattern, '', $content_htaccess_uploads );
|
| 255 |
+
//add rules as new block
|
| 256 |
+
$new_htaccess = $content_htaccess_uploads . "\n" . $new_rules;
|
| 257 |
+
#clean up
|
| 258 |
+
if (strpos($new_htaccess, "\n" ."\n" . "\n" )!==false) {
|
| 259 |
+
$new_htaccess = str_replace("\n" . "\n" . "\n", "\n" ."\n", $new_htaccess);
|
| 260 |
}
|
| 261 |
file_put_contents( $htaccess_file_uploads, $new_htaccess );
|
| 262 |
}
|
| 263 |
}
|
| 264 |
}
|
| 265 |
}
|
| 266 |
+
|
| 267 |
/**
|
| 268 |
* htaccess in root dir
|
| 269 |
*/
|
| 299 |
}
|
| 300 |
//should replace if rules is not empty, OR if rules is empty and htaccess is not.
|
| 301 |
$htaccess_has_rsssl_rules = preg_match( '/#Begin Really Simple Security(.*?)#End Really Simple Security/is', $content_htaccess, $matches );
|
|
|
|
|
|
|
| 302 |
if ( ! empty( $rules_result ) || $htaccess_has_rsssl_rules ) {
|
| 303 |
if ( ! is_writable( $htaccess_file ) ) {
|
| 304 |
update_site_option( 'rsssl_htaccess_error', 'not-writable' );
|
| 308 |
delete_site_option( 'rsssl_htaccess_rules' );
|
| 309 |
$new_rules = empty($rules_result) ? '' : $start . $rules_result . $end;
|
| 310 |
|
| 311 |
+
//remove current rules
|
| 312 |
+
$content_htaccess = preg_replace( $pattern, '', $content_htaccess );
|
| 313 |
+
|
| 314 |
+
//add rules as new block
|
| 315 |
+
if ( strpos($content_htaccess, '# BEGIN WordPress')!==false ) {
|
| 316 |
+
$new_htaccess = str_replace('# BEGIN WordPress', "\n" . $new_rules.'# BEGIN WordPress', $content_htaccess);
|
| 317 |
} else {
|
| 318 |
+
$new_htaccess = "\n" . $new_rules . $content_htaccess;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 319 |
}
|
| 320 |
+
|
| 321 |
+
#clean up
|
| 322 |
+
if (strpos($new_htaccess, "\n" ."\n" . "\n" )!==false) {
|
| 323 |
+
$new_htaccess = str_replace("\n" . "\n" . "\n", "\n" ."\n", $new_htaccess);
|
| 324 |
+
}
|
| 325 |
+
|
| 326 |
file_put_contents( $htaccess_file, $new_htaccess );
|
| 327 |
}
|
| 328 |
}
|
| 329 |
}
|
| 330 |
}
|
| 331 |
+
delete_option('rsssl_updating_htaccess');
|
| 332 |
}
|
| 333 |
add_action('admin_init', 'rsssl_wrap_htaccess' );
|
| 334 |
add_action('rsssl_after_saved_fields', 'rsssl_wrap_htaccess', 30);
|
settings/config/config.php
CHANGED
|
@@ -381,10 +381,10 @@ function rsssl_fields( $load_values = true ) {
|
|
| 381 |
'default' => false,
|
| 382 |
],
|
| 383 |
[
|
| 384 |
-
'id' => 'do_not_edit_htaccess',
|
| 385 |
'menu_id' => 'general',
|
| 386 |
'group_id' => 'general',
|
| 387 |
-
'type' => '
|
| 388 |
'label' => __( "Stop editing the .htaccess file", 'really-simple-ssl' ),
|
| 389 |
'disabled' => false,
|
| 390 |
'default' => false,
|
|
@@ -509,7 +509,7 @@ function rsssl_fields( $load_values = true ) {
|
|
| 509 |
'menu_id' => 'hardening',
|
| 510 |
'group_id' => 'hardening_basic',
|
| 511 |
'type' => 'checkbox',
|
| 512 |
-
'label' => __( "Rename 'admin'
|
| 513 |
'disabled' => false,
|
| 514 |
'default' => false,
|
| 515 |
'new_features_block' => [
|
| 381 |
'default' => false,
|
| 382 |
],
|
| 383 |
[
|
| 384 |
+
'id' => 'do_not_edit_htaccess', //field is removed if not enabled
|
| 385 |
'menu_id' => 'general',
|
| 386 |
'group_id' => 'general',
|
| 387 |
+
'type' => 'checkbox',
|
| 388 |
'label' => __( "Stop editing the .htaccess file", 'really-simple-ssl' ),
|
| 389 |
'disabled' => false,
|
| 390 |
'default' => false,
|
| 509 |
'menu_id' => 'hardening',
|
| 510 |
'group_id' => 'hardening_basic',
|
| 511 |
'type' => 'checkbox',
|
| 512 |
+
'label' => __( "Rename 'admin' users - Make sure you can log in by email", 'really-simple-ssl' ),
|
| 513 |
'disabled' => false,
|
| 514 |
'default' => false,
|
| 515 |
'new_features_block' => [
|
settings/config/disable-fields-filter.php
CHANGED
|
@@ -16,6 +16,11 @@ function rsssl_remove_fields($fields){
|
|
| 16 |
$index = array_search('redirect', array_column($fields, 'id') );
|
| 17 |
unset($fields[$index]['options']['htaccess']);
|
| 18 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 19 |
return $fields;
|
| 20 |
}
|
| 21 |
add_filter('rsssl_fields', 'rsssl_remove_fields', 10, 1);
|
| 16 |
$index = array_search('redirect', array_column($fields, 'id') );
|
| 17 |
unset($fields[$index]['options']['htaccess']);
|
| 18 |
}
|
| 19 |
+
|
| 20 |
+
if ( !rsssl_get_option('do_not_edit_htaccess') ){
|
| 21 |
+
$index = array_search('do_not_edit_htaccess', array_column($fields, 'id') );
|
| 22 |
+
unset($fields[$index]);
|
| 23 |
+
}
|
| 24 |
return $fields;
|
| 25 |
}
|
| 26 |
add_filter('rsssl_fields', 'rsssl_remove_fields', 10, 1);
|
settings/settings.php
CHANGED
|
@@ -9,7 +9,7 @@ defined('ABSPATH') or die();
|
|
| 9 |
|
| 10 |
require_once( rsssl_path . 'settings/config/config.php' );
|
| 11 |
require_once( rsssl_path . 'settings/config/disable-fields-filter.php' );
|
| 12 |
-
require_once( rsssl_path . 'settings/rest-api-optimizer/rest-api-optimizer.php' );
|
| 13 |
|
| 14 |
/**
|
| 15 |
* Fix for WPML issue where WPML breaks the rest api by adding a language locale in the url
|
| 9 |
|
| 10 |
require_once( rsssl_path . 'settings/config/config.php' );
|
| 11 |
require_once( rsssl_path . 'settings/config/disable-fields-filter.php' );
|
| 12 |
+
//require_once( rsssl_path . 'settings/rest-api-optimizer/rest-api-optimizer.php' );
|
| 13 |
|
| 14 |
/**
|
| 15 |
* Fix for WPML issue where WPML breaks the rest api by adding a language locale in the url
|
upgrade.php
CHANGED
|
@@ -137,7 +137,7 @@ function rsssl_upgrade() {
|
|
| 137 |
}
|
| 138 |
|
| 139 |
#clean up old rest api optimizer on upgrade
|
| 140 |
-
if ( $prev_version && version_compare( $prev_version, '6.0.
|
| 141 |
if ( file_exists(trailingslashit( WPMU_PLUGIN_DIR ) . 'rsssl_rest_api_optimizer.php') ) {
|
| 142 |
unlink( trailingslashit( WPMU_PLUGIN_DIR ) . 'rsssl_rest_api_optimizer.php' );
|
| 143 |
}
|
| 137 |
}
|
| 138 |
|
| 139 |
#clean up old rest api optimizer on upgrade
|
| 140 |
+
if ( $prev_version && version_compare( $prev_version, '6.0.5', '<' ) ) {
|
| 141 |
if ( file_exists(trailingslashit( WPMU_PLUGIN_DIR ) . 'rsssl_rest_api_optimizer.php') ) {
|
| 142 |
unlink( trailingslashit( WPMU_PLUGIN_DIR ) . 'rsssl_rest_api_optimizer.php' );
|
| 143 |
}
|
