Really Simple SSL - Version 6.0.9

Version Description

Fix: incorrectly disabled email field in Let's Encrypt wizard, props @cburgess
Improvement: on rename admin user, catch existing username, and strange characters
Improvement: catch openBaseDir restriction in cpanel detection function, props @alofnur
Improvement: remove 6.0 update notices on subsites in a multisite network, props @wpcoderca, (@collizo4sky

Release Info

Developer	RogierLankhorst
Plugin	Really Simple SSL
Version	6.0.9
Comparing to
See all releases

Code changes from version 6.0.8 to 6.0.9

Files changed (16) hide show

class-admin.php +5 -2
compatibility.php +1 -0
languages/really-simple-ssl.pot +117 -113
lets-encrypt/config/fields.php +0 -1
lets-encrypt/functions.php +25 -1
readme.txt +7 -1
rlrsssl-really-simple-ssl.php +6 -3
security/firewall-manager.php +1 -4
security/index.php +1 -1
security/notices.php +2 -1
security/tests.php +5 -2
security/wordpress/rename-admin-user.php +3 -3
settings/config/config.php +1 -1
upgrade.php +7 -0
upgrade/index.php +1 -1
upgrade/upgrade-to-pro.php +13 -14

class-admin.php CHANGED Viewed

	@@ -2233,7 +2233,7 @@ class rsssl_admin
2233
2234	'upgraded_to_6' => array(
2235	'condition' => array(
2236	- 'RSSSL()->admin->is_upgraded_to_6'
2237	),
2238	'callback' => '_true_',
2239	'output' => array(
	@@ -2249,8 +2249,11 @@ class rsssl_admin
2249	),
2250	);
2251	//on multisite, don't show the notice on subsites.
2252	- if ( ~~is_multisite()~~ && ~~!is_network_admin~~() ) {


2253	unset($notices['secure_cookies_set']);

2254	}
2255
2256	$notices = apply_filters('rsssl_notices', $notices);


2233
2234	'upgraded_to_6' => array(
2235	'condition' => array(
2236	+ 'RSSSL()->admin->is_upgraded_to_6',
2237	),
2238	'callback' => '_true_',
2239	'output' => array(

2249	),
2250	);
2251	//on multisite, don't show the notice on subsites.
2252	+ //we can't make different sets for network admin and for subsites (at least not for admin notices), as these notices are cached,
2253	+ //so the same cache will be used on both types of site
2254	+ if ( is_multisite() ) {
2255	unset($notices['secure_cookies_set']);
2256	+ unset($notices['upgraded_to_6']);
2257	}
2258
2259	$notices = apply_filters('rsssl_notices', $notices);

compatibility.php CHANGED Viewed

	@@ -20,6 +20,7 @@ if ( is_admin() && rsssl_user_can_manage() ) {
20	class rsssl_multisite_legacy {
21	public $ssl_enabled_networkwide;
22	public $mixed_content_admin;

23	public $selected_networkwide_or_per_site;
24	public function plugin_network_wide_active(){
25	return false;


20	class rsssl_multisite_legacy {
21	public $ssl_enabled_networkwide;
22	public $mixed_content_admin;
23	+ public $cert_expiration_warning;
24	public $selected_networkwide_or_per_site;
25	public function plugin_network_wide_active(){
26	return false;

languages/really-simple-ssl.pot CHANGED Viewed

	@@ -2,14 +2,14 @@
2	# This file is distributed under the GPL2.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Really Simple SSL 6.0.8\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/really-simple-ssl\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	- "POT-Creation-Date: 2022-11-~~06T10~~:36:15+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.6.0\n"
15	"X-Domain: really-simple-ssl\n"
	@@ -335,57 +335,57 @@ msgstr ""
335	msgid "Thanks for updating to Really Simple SSL 6.0! Check out our new features on the settings page."
336	msgstr ""
337
338	- #: class-admin.php:~~2588~~
339	msgid "Are you sure?"
340	msgstr ""
341
342	- #: class-admin.php:~~2599~~
343	msgid "To deactivate the plugin correctly, please select if you want to:"
344	msgstr ""
345
346	- #: class-admin.php:~~2601~~
347	msgid "Deactivate, but stay on SSL."
348	msgstr ""
349
350	- #: class-admin.php:~~2602~~
351	msgid "Deactivate, and revert to http. This will remove all changes by the plugin."
352	msgstr ""
353
354	- #: class-admin.php:~~2604~~
355	msgid "Deactivating the plugin while keeping SSL will do the following:"
356	msgstr ""
357
358	- #: class-admin.php:~~2606~~
359	msgid "The mixed content fixer will stop working"
360	msgstr ""
361
362	- #: class-admin.php:~~2607~~
363	msgid "The WordPress 301 redirect will stop working"
364	msgstr ""
365
366	- #: class-admin.php:~~2608~~
367	msgid "Your site address will remain https://"
368	msgstr ""
369
370	- #: class-admin.php:~~2609~~
371	msgid "The .htaccess redirect will remain active"
372	msgstr ""
373
374	- #: class-admin.php:~~2618~~
375	- #: upgrade/upgrade-to-pro.php:~~361~~
376	msgid "Cancel"
377	msgstr ""
378
379	- #: class-admin.php:~~2619~~
380	msgid "Deactivate, keep https"
381	msgstr ""
382
383	- #: class-admin.php:~~2620~~
384	msgid "Deactivate, revert to http"
385	msgstr ""
386
387	- #: class-admin.php:2646
388	#: class-admin.php:2649

389	#: class-multisite.php:216
390	#: settings/config/config.php:17
391	#: settings/build/index.js:382
	@@ -393,14 +393,14 @@ msgstr ""
393	msgid "Settings"
394	msgstr ""
395
396	- #: class-admin.php:~~2654~~
397	#: class-multisite.php:219
398	#: settings/build/index.js:382
399	#: settings/src/Header.js:43
400	msgid "Support"
401	msgstr ""
402
403	- #: class-admin.php:~~2659~~
404	#: class-multisite.php:223
405	msgid "Improve security - Upgrade"
406	msgstr ""
	@@ -757,12 +757,12 @@ msgid "We have not detected any known hosting limitations."
757	msgstr ""
758
759	#: lets-encrypt/class-letsencrypt-handler.php:1104
760	- #: lets-encrypt/functions.php:~~355~~
761	msgid "According to our information, your hosting provider does not allow any kind of SSL installation, other then their own paid certificate. For an alternative hosting provider with SSL, see this %sarticle%s."
762	msgstr ""
763
764	#: lets-encrypt/class-letsencrypt-handler.php:1111
765	- #: lets-encrypt/functions.php:~~345~~
766	msgid "According to our information, your hosting provider supplies your account with an SSL certificate by default. Please contact your %shosting support%s if this is not the case."
767	msgstr ""
768
	@@ -948,197 +948,197 @@ msgstr ""
948	msgid "This email address is used to create a Let's Encrypt account. This is also where you will receive renewal notifications."
949	msgstr ""
950
951	- #: lets-encrypt/config/fields.php:~~107~~
952	msgid "I agree to the Terms & Conditions from Let's Encrypt."
953	msgstr ""
954
955	- #: lets-encrypt/config/fields.php:~~108~~
956	msgid "Terms & Conditions."
957	msgstr ""
958
959	- #: lets-encrypt/config/fields.php:~~119~~
960	msgid "Disable OCSP stapling"
961	msgstr ""
962
963	- #: lets-encrypt/config/fields.php:~~120~~
964	msgid "OCSP stapling is configured as enabled by default. You can disable this option if this is not supported by your hosting provider."
965	msgstr ""
966
967	- #: lets-encrypt/config/fields.php:~~122~~
968	msgid "Disable OCSP Stapling"
969	msgstr ""
970
971	- #: lets-encrypt/config/fields.php:~~129~~
972	#: lets-encrypt/config/notices.php:49
973	msgid "Domain"
974	msgstr ""
975
976	- #: lets-encrypt/config/fields.php:~~139~~
977	- #: lets-encrypt/config/fields.php:~~142~~
978	msgid "Include alias"
979	msgstr ""
980
981	- #: lets-encrypt/config/fields.php:~~143~~
982	msgid "This will include both the www. and non-www. version of your domain."
983	msgstr ""
984
985	- #: lets-encrypt/config/fields.php:~~144~~
986	msgid "You should have the www domain pointed to the same website as the non-www domain."
987	msgstr ""
988
989	- #: lets-encrypt/config/fields.php:~~161~~
990	msgid "Hosting Provider"
991	msgstr ""
992
993	- #: lets-encrypt/config/fields.php:~~162~~
994	msgid "By selecting your hosting provider we can tell you if your hosting provider already supports free SSL, and/or where you can activate it."
995	msgstr ""
996
997	- #: lets-encrypt/config/fields.php:~~164~~
998	msgid "If your hosting provider is not listed, and there's an SSL activation/installation link, please let us %sknow%s."
999	msgstr ""
1000
1001	- #: lets-encrypt/config/fields.php:~~168~~
1002	msgid "Hosting provider"
1003	msgstr ""
1004
1005	- #: lets-encrypt/config/fields.php:~~177~~
1006	- #: lets-encrypt/config/fields.php:~~180~~
1007	msgid "CPanel host"
1008	msgstr ""
1009
1010	- #: lets-encrypt/config/fields.php:~~181~~
1011	msgid "The URL you use to access your cPanel dashboard. Ends on :2083."
1012	msgstr ""
1013
1014	- #: lets-encrypt/config/fields.php:~~200~~
1015	msgid "CPanel username"
1016	msgstr ""
1017
1018	- #: lets-encrypt/config/fields.php:~~218~~
1019	msgid "CPanel password"
1020	msgstr ""
1021
1022	- #: lets-encrypt/config/fields.php:~~236~~
1023	msgid "DirectAdmin host"
1024	msgstr ""
1025
1026	- #: lets-encrypt/config/fields.php:~~239~~
1027	msgid "Direct Admin URL"
1028	msgstr ""
1029
1030	- #: lets-encrypt/config/fields.php:~~240~~
1031	msgid "The URL you use to access your DirectAdmin dashboard. Ends on :2222."
1032	msgstr ""
1033
1034	- #: lets-encrypt/config/fields.php:~~259~~
1035	msgid "DirectAdmin username"
1036	msgstr ""
1037
1038	- #: lets-encrypt/config/fields.php:~~277~~
1039	msgid "DirectAdmin password"
1040	msgstr ""
1041
1042	- #: lets-encrypt/config/fields.php:~~296~~
1043	msgid "CloudWays user email"
1044	msgstr ""
1045
1046	- #: lets-encrypt/config/fields.php:~~311~~
1047	msgid "CloudWays api key"
1048	msgstr ""
1049
1050	- #: lets-encrypt/config/fields.php:~~316~~
1051	msgid "CloudWays API key"
1052	msgstr ""
1053
1054	- #: lets-encrypt/config/fields.php:~~317~~
1055	msgid "You can find your api key %shere%s (make sure you're logged in with your main account)."
1056	msgstr ""
1057
1058	- #: lets-encrypt/config/fields.php:~~332~~
1059	msgid "Plesk host"
1060	msgstr ""
1061
1062	- #: lets-encrypt/config/fields.php:~~335~~
1063	msgid "Plesk admin URL"
1064	msgstr ""
1065
1066	- #: lets-encrypt/config/fields.php:~~336~~
1067	msgid "The URL you use to access your Plesk dashboard. Ends on :8443."
1068	msgstr ""
1069
1070	- #: lets-encrypt/config/fields.php:~~355~~
1071	msgid "Plesk username"
1072	msgstr ""
1073
1074	- #: lets-encrypt/config/fields.php:~~358~~
1075	msgid "Plesk username and password"
1076	msgstr ""
1077
1078	- #: lets-encrypt/config/fields.php:~~359~~
1079	msgid "You can find your Plesk username and password in %s"
1080	msgstr ""
1081
1082	- #: lets-encrypt/config/fields.php:~~378~~
1083	msgid "Plesk password"
1084	msgstr ""
1085
1086	- #: lets-encrypt/config/fields.php:~~396~~
1087	msgid "Do you want to store these credentials for renewal purposes?"
1088	msgstr ""
1089
1090	- #: lets-encrypt/config/fields.php:~~400~~
1091	msgid "Store for renewal purposes. If not stored, renewal may need to be done manually."
1092	msgstr ""
1093
1094	- #: lets-encrypt/config/fields.php:~~429~~
1095	msgid "Checking host..."
1096	msgstr ""
1097
1098	- #: lets-encrypt/config/fields.php:~~435~~
1099	msgid "Checking challenge directory..."
1100	msgstr ""
1101
1102	- #: lets-encrypt/config/fields.php:~~441~~
1103	msgid "Checking key directory..."
1104	msgstr ""
1105
1106	- #: lets-encrypt/config/fields.php:~~447~~
1107	msgid "Checking certs directory..."
1108	msgstr ""
1109
1110	- #: lets-encrypt/config/fields.php:~~453~~
1111	msgid "Checking permissions..."
1112	msgstr ""
1113
1114	- #: lets-encrypt/config/fields.php:~~460~~
1115	msgid "Checking challenge directory reachable over http..."
1116	msgstr ""
1117
1118	- #: lets-encrypt/config/fields.php:~~479~~
1119	- #: lets-encrypt/config/fields.php:~~516~~
1120	msgid "Creating account..."
1121	msgstr ""
1122
1123	- #: lets-encrypt/config/fields.php:~~485~~
1124	msgid "Retrieving DNS verification token..."
1125	msgstr ""
1126
1127	- #: lets-encrypt/config/fields.php:~~510~~
1128	msgid "Checking if Terms & Conditions are accepted..."
1129	msgstr ""
1130
1131	- #: lets-encrypt/config/fields.php:~~522~~
1132	#: settings/build/index.js:382
1133	#: settings/src/LetsEncrypt/LetsEncrypt.js:93
1134	msgid "Generating SSL certificate..."
1135	msgstr ""
1136
1137	- #: lets-encrypt/config/fields.php:~~535~~
1138	msgid "Searching for link to SSL installation page on your server..."
1139	msgstr ""
1140
1141	- #: lets-encrypt/config/fields.php:~~552~~
1142	msgid "Checking for subdomain setup..."
1143	msgstr ""
1144
	@@ -1203,53 +1203,53 @@ msgstr ""
1203	msgid "For more information, please read this %sarticle%s"
1204	msgstr ""
1205
1206	- #: lets-encrypt/functions.php:~~330~~
1207	- #: lets-encrypt/functions.php:~~331~~
1208	#: settings/build/index.js:382
1209	#: settings/src/Dashboard/GridBlock.js:93
1210	#: settings/src/Settings/SettingsGroup.js:93
1211	msgid "Instructions"
1212	msgstr ""
1213
1214	- #: lets-encrypt/functions.php:~~334~~
1215	msgid "Please complete manually in your hosting dashboard."
1216	msgstr ""
1217
1218	- #: lets-encrypt/functions.php:~~335~~
1219	msgid "Please activate it manually on your hosting dashboard."
1220	msgstr ""
1221
1222	- #: lets-encrypt/functions.php:~~337~~
1223	msgid "Please complete %smanually%s"
1224	msgstr ""
1225
1226	- #: lets-encrypt/functions.php:~~338~~
1227	msgid "Please activate it on your dashboard %smanually%s"
1228	msgstr ""
1229
1230	- #: lets-encrypt/functions.php:~~339~~
1231	msgid "Go to activation"
1232	msgstr ""
1233
1234	- #: lets-encrypt/functions.php:~~340~~
1235	msgid "Go to installation"
1236	msgstr ""
1237
1238	- #: lets-encrypt/functions.php:~~347~~
1239	- #: lets-encrypt/functions.php:~~351~~
1240	- #: lets-encrypt/functions.php:~~361~~
1241	msgid "After completing the installation, you can continue to the next step to complete your configuration."
1242	msgstr ""
1243
1244	- #: lets-encrypt/functions.php:~~349~~
1245	msgid "You already have free SSL on your hosting environment."
1246	msgstr ""
1247
1248	- #: lets-encrypt/functions.php:~~358~~
1249	msgid "Your hosting environment does not allow automatic SSL installation."
1250	msgstr ""
1251
1252	- #: lets-encrypt/functions.php:~~360~~
1253	msgid "You can follow these %sinstructions%s."
1254	msgstr ""
1255
	@@ -1551,36 +1551,36 @@ msgstr ""
1551	msgid "Really Simple SSL cannot be activated. The plugin requires WordPress 5.7 or higher"
1552	msgstr ""
1553
1554	- #: rlrsssl-really-simple-ssl.php:~~194~~
1555	msgid "Update Really Simple SSL Pro: the plugin needs to be updated to the latest version to be compatible."
1556	msgstr ""
1557
1558	- #: rlrsssl-really-simple-ssl.php:~~198~~
1559	msgid "%sUpdate%s or %srenew your license%s."
1560	msgstr ""
1561
1562	- #: rlrsssl-really-simple-ssl.php:~~200~~
1563	msgid "Visit the plugins overview or %srenew your license%s."
1564	msgstr ""
1565
1566	- #: security/firewall-manager.php:~~141~~
1567	- #: security/firewall-manager.php:~~147~~
1568	msgid "Firewall"
1569	msgstr ""
1570
1571	- #: security/firewall-manager.php:~~142~~
1572	msgid "A firewall rule was enabled, but the wp-config.php is not writable."
1573	msgstr ""
1574
1575	- #: security/firewall-manager.php:~~142~~
1576	msgid "Please set the wp-config.php to writable until the rule has been written."
1577	msgstr ""
1578
1579	- #: security/firewall-manager.php:~~148~~
1580	msgid "A firewall rule was enabled, but /the wp-content/ folder is not writable."
1581	msgstr ""
1582
1583	- #: security/firewall-manager.php:~~148~~
1584	msgid "Please set the wp-content folder to writable:"
1585	msgstr ""
1586
	@@ -1689,7 +1689,7 @@ msgid "Your site registered a user with the name 'admin'."
1689	msgstr ""
1690
1691	#: security/notices.php:191
1692	- msgid "Rename admin user enabled: Please choose a new username of at least 3 characters."
1693	msgstr ""
1694
1695	#: security/notices.php:206
	@@ -1712,7 +1712,7 @@ msgstr ""
1712	msgid "Anyone can register an account on your site. Consider disabling this option in the WordPress general settings."
1713	msgstr ""
1714
1715	- #: security/notices.php:~~279~~
1716	msgid "Your WordPress version is visible to others."
1717	msgstr ""
1718
	@@ -1948,6 +1948,10 @@ msgstr ""
1948	msgid "If this option is set to true, the mixed content fixer will fire on the init hook instead of the template_redirect hook. Only use this option when you experience problems with the mixed content fixer."
1949	msgstr ""
1950




1951	#: settings/config/config.php:360
1952	msgid "Dismiss all notices"
1953	msgstr ""
	@@ -2402,75 +2406,75 @@ msgstr ""
2402	msgid "Really Simple SSL automatically detects your settings and configures your website to run over HTTPS. To keep it lightweight, we kept the options to a minimum. Your website will move to SSL with one click."
2403	msgstr ""
2404
2405	- #: upgrade/upgrade-to-pro.php:~~181~~
2406	#: settings/build/index.js:382
2407	#: settings/src/Dashboard/OtherPlugins.js:88
2408	msgid "Installed"
2409	msgstr ""
2410
2411	- #: upgrade/upgrade-to-pro.php:~~224~~
2412	msgid "Installation finished"
2413	msgstr ""
2414
2415	- #: upgrade/upgrade-to-pro.php:~~322~~
2416	msgid "Recommended by Really Simple Plugins"
2417	msgstr ""
2418
2419	- #: upgrade/upgrade-to-pro.php:~~347~~
2420	msgid "Installing"
2421	msgstr ""
2422
2423	- #: upgrade/upgrade-to-pro.php:~~358~~
2424	msgid "Visit Dashboard"
2425	msgstr ""
2426
2427	- #: upgrade/upgrade-to-pro.php:363
2428	#: upgrade/upgrade-to-pro.php:364

2429	msgid "An Error Occurred:"
2430	msgstr ""
2431
2432	- #: upgrade/upgrade-to-pro.php:~~363~~
2433	msgid "Install %sManually%s."
2434	msgstr ""
2435
2436	- #: upgrade/upgrade-to-pro.php:~~364~~
2437	msgid "Check your %slicense%s."
2438	msgstr ""
2439
2440	- #: upgrade/upgrade-to-pro.php:~~434~~
2441	msgid "Could not rename folder!"
2442	msgstr ""
2443
2444	- #: upgrade/upgrade-to-pro.php:~~534~~
2445	- #: upgrade/upgrade-to-pro.php:~~566~~
2446	msgid "An error occurred, please try again."
2447	msgstr ""
2448
2449	- #: upgrade/upgrade-to-pro.php:~~542~~
2450	msgid "Your license key expired on %s."
2451	msgstr ""
2452
2453	- #: upgrade/upgrade-to-pro.php:~~548~~
2454	msgid "Your license key has been disabled."
2455	msgstr ""
2456
2457	- #: upgrade/upgrade-to-pro.php:~~551~~
2458	msgid "Missing license."
2459	msgstr ""
2460
2461	- #: upgrade/upgrade-to-pro.php:~~554~~
2462	msgid "Invalid license."
2463	msgstr ""
2464
2465	- #: upgrade/upgrade-to-pro.php:~~557~~
2466	msgid "Your license is not active for this URL."
2467	msgstr ""
2468
2469	- #: upgrade/upgrade-to-pro.php:~~560~~
2470	msgid "This appears to be an invalid license key for this plugin."
2471	msgstr ""
2472
2473	- #: upgrade/upgrade-to-pro.php:~~563~~
2474	msgid "Your license key has reached its activation limit."
2475	msgstr ""
2476


2	# This file is distributed under the GPL2.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Really Simple SSL 6.0.9\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/really-simple-ssl\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	+ "POT-Creation-Date: 2022-11-10T07:20:06+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.6.0\n"
15	"X-Domain: really-simple-ssl\n"

335	msgid "Thanks for updating to Really Simple SSL 6.0! Check out our new features on the settings page."
336	msgstr ""
337
338	+ #: class-admin.php:2591
339	msgid "Are you sure?"
340	msgstr ""
341
342	+ #: class-admin.php:2602
343	msgid "To deactivate the plugin correctly, please select if you want to:"
344	msgstr ""
345
346	+ #: class-admin.php:2604
347	msgid "Deactivate, but stay on SSL."
348	msgstr ""
349
350	+ #: class-admin.php:2605
351	msgid "Deactivate, and revert to http. This will remove all changes by the plugin."
352	msgstr ""
353
354	+ #: class-admin.php:2607
355	msgid "Deactivating the plugin while keeping SSL will do the following:"
356	msgstr ""
357
358	+ #: class-admin.php:2609
359	msgid "The mixed content fixer will stop working"
360	msgstr ""
361
362	+ #: class-admin.php:2610
363	msgid "The WordPress 301 redirect will stop working"
364	msgstr ""
365
366	+ #: class-admin.php:2611
367	msgid "Your site address will remain https://"
368	msgstr ""
369
370	+ #: class-admin.php:2612
371	msgid "The .htaccess redirect will remain active"
372	msgstr ""
373
374	+ #: class-admin.php:2621
375	+ #: upgrade/upgrade-to-pro.php:362
376	msgid "Cancel"
377	msgstr ""
378
379	+ #: class-admin.php:2622
380	msgid "Deactivate, keep https"
381	msgstr ""
382
383	+ #: class-admin.php:2623
384	msgid "Deactivate, revert to http"
385	msgstr ""
386

387	#: class-admin.php:2649
388	+ #: class-admin.php:2652
389	#: class-multisite.php:216
390	#: settings/config/config.php:17
391	#: settings/build/index.js:382

393	msgid "Settings"
394	msgstr ""
395
396	+ #: class-admin.php:2657
397	#: class-multisite.php:219
398	#: settings/build/index.js:382
399	#: settings/src/Header.js:43
400	msgid "Support"
401	msgstr ""
402
403	+ #: class-admin.php:2662
404	#: class-multisite.php:223
405	msgid "Improve security - Upgrade"
406	msgstr ""

757	msgstr ""
758
759	#: lets-encrypt/class-letsencrypt-handler.php:1104
760	+ #: lets-encrypt/functions.php:379
761	msgid "According to our information, your hosting provider does not allow any kind of SSL installation, other then their own paid certificate. For an alternative hosting provider with SSL, see this %sarticle%s."
762	msgstr ""
763
764	#: lets-encrypt/class-letsencrypt-handler.php:1111
765	+ #: lets-encrypt/functions.php:369
766	msgid "According to our information, your hosting provider supplies your account with an SSL certificate by default. Please contact your %shosting support%s if this is not the case."
767	msgstr ""
768

948	msgid "This email address is used to create a Let's Encrypt account. This is also where you will receive renewal notifications."
949	msgstr ""
950
951	+ #: lets-encrypt/config/fields.php:106
952	msgid "I agree to the Terms & Conditions from Let's Encrypt."
953	msgstr ""
954
955	+ #: lets-encrypt/config/fields.php:107
956	msgid "Terms & Conditions."
957	msgstr ""
958
959	+ #: lets-encrypt/config/fields.php:118
960	msgid "Disable OCSP stapling"
961	msgstr ""
962
963	+ #: lets-encrypt/config/fields.php:119
964	msgid "OCSP stapling is configured as enabled by default. You can disable this option if this is not supported by your hosting provider."
965	msgstr ""
966
967	+ #: lets-encrypt/config/fields.php:121
968	msgid "Disable OCSP Stapling"
969	msgstr ""
970
971	+ #: lets-encrypt/config/fields.php:128
972	#: lets-encrypt/config/notices.php:49
973	msgid "Domain"
974	msgstr ""
975
976	+ #: lets-encrypt/config/fields.php:138
977	+ #: lets-encrypt/config/fields.php:141
978	msgid "Include alias"
979	msgstr ""
980
981	+ #: lets-encrypt/config/fields.php:142
982	msgid "This will include both the www. and non-www. version of your domain."
983	msgstr ""
984
985	+ #: lets-encrypt/config/fields.php:143
986	msgid "You should have the www domain pointed to the same website as the non-www domain."
987	msgstr ""
988
989	+ #: lets-encrypt/config/fields.php:160
990	msgid "Hosting Provider"
991	msgstr ""
992
993	+ #: lets-encrypt/config/fields.php:161
994	msgid "By selecting your hosting provider we can tell you if your hosting provider already supports free SSL, and/or where you can activate it."
995	msgstr ""
996
997	+ #: lets-encrypt/config/fields.php:163
998	msgid "If your hosting provider is not listed, and there's an SSL activation/installation link, please let us %sknow%s."
999	msgstr ""
1000
1001	+ #: lets-encrypt/config/fields.php:167
1002	msgid "Hosting provider"
1003	msgstr ""
1004
1005	+ #: lets-encrypt/config/fields.php:176
1006	+ #: lets-encrypt/config/fields.php:179
1007	msgid "CPanel host"
1008	msgstr ""
1009
1010	+ #: lets-encrypt/config/fields.php:180
1011	msgid "The URL you use to access your cPanel dashboard. Ends on :2083."
1012	msgstr ""
1013
1014	+ #: lets-encrypt/config/fields.php:199
1015	msgid "CPanel username"
1016	msgstr ""
1017
1018	+ #: lets-encrypt/config/fields.php:217
1019	msgid "CPanel password"
1020	msgstr ""
1021
1022	+ #: lets-encrypt/config/fields.php:235
1023	msgid "DirectAdmin host"
1024	msgstr ""
1025
1026	+ #: lets-encrypt/config/fields.php:238
1027	msgid "Direct Admin URL"
1028	msgstr ""
1029
1030	+ #: lets-encrypt/config/fields.php:239
1031	msgid "The URL you use to access your DirectAdmin dashboard. Ends on :2222."
1032	msgstr ""
1033
1034	+ #: lets-encrypt/config/fields.php:258
1035	msgid "DirectAdmin username"
1036	msgstr ""
1037
1038	+ #: lets-encrypt/config/fields.php:276
1039	msgid "DirectAdmin password"
1040	msgstr ""
1041
1042	+ #: lets-encrypt/config/fields.php:295
1043	msgid "CloudWays user email"
1044	msgstr ""
1045
1046	+ #: lets-encrypt/config/fields.php:310
1047	msgid "CloudWays api key"
1048	msgstr ""
1049
1050	+ #: lets-encrypt/config/fields.php:315
1051	msgid "CloudWays API key"
1052	msgstr ""
1053
1054	+ #: lets-encrypt/config/fields.php:316
1055	msgid "You can find your api key %shere%s (make sure you're logged in with your main account)."
1056	msgstr ""
1057
1058	+ #: lets-encrypt/config/fields.php:331
1059	msgid "Plesk host"
1060	msgstr ""
1061
1062	+ #: lets-encrypt/config/fields.php:334
1063	msgid "Plesk admin URL"
1064	msgstr ""
1065
1066	+ #: lets-encrypt/config/fields.php:335
1067	msgid "The URL you use to access your Plesk dashboard. Ends on :8443."
1068	msgstr ""
1069
1070	+ #: lets-encrypt/config/fields.php:354
1071	msgid "Plesk username"
1072	msgstr ""
1073
1074	+ #: lets-encrypt/config/fields.php:357
1075	msgid "Plesk username and password"
1076	msgstr ""
1077
1078	+ #: lets-encrypt/config/fields.php:358
1079	msgid "You can find your Plesk username and password in %s"
1080	msgstr ""
1081
1082	+ #: lets-encrypt/config/fields.php:377
1083	msgid "Plesk password"
1084	msgstr ""
1085
1086	+ #: lets-encrypt/config/fields.php:395
1087	msgid "Do you want to store these credentials for renewal purposes?"
1088	msgstr ""
1089
1090	+ #: lets-encrypt/config/fields.php:399
1091	msgid "Store for renewal purposes. If not stored, renewal may need to be done manually."
1092	msgstr ""
1093
1094	+ #: lets-encrypt/config/fields.php:428
1095	msgid "Checking host..."
1096	msgstr ""
1097
1098	+ #: lets-encrypt/config/fields.php:434
1099	msgid "Checking challenge directory..."
1100	msgstr ""
1101
1102	+ #: lets-encrypt/config/fields.php:440
1103	msgid "Checking key directory..."
1104	msgstr ""
1105
1106	+ #: lets-encrypt/config/fields.php:446
1107	msgid "Checking certs directory..."
1108	msgstr ""
1109
1110	+ #: lets-encrypt/config/fields.php:452
1111	msgid "Checking permissions..."
1112	msgstr ""
1113
1114	+ #: lets-encrypt/config/fields.php:459
1115	msgid "Checking challenge directory reachable over http..."
1116	msgstr ""
1117
1118	+ #: lets-encrypt/config/fields.php:478
1119	+ #: lets-encrypt/config/fields.php:515
1120	msgid "Creating account..."
1121	msgstr ""
1122
1123	+ #: lets-encrypt/config/fields.php:484
1124	msgid "Retrieving DNS verification token..."
1125	msgstr ""
1126
1127	+ #: lets-encrypt/config/fields.php:509
1128	msgid "Checking if Terms & Conditions are accepted..."
1129	msgstr ""
1130
1131	+ #: lets-encrypt/config/fields.php:521
1132	#: settings/build/index.js:382
1133	#: settings/src/LetsEncrypt/LetsEncrypt.js:93
1134	msgid "Generating SSL certificate..."
1135	msgstr ""
1136
1137	+ #: lets-encrypt/config/fields.php:534
1138	msgid "Searching for link to SSL installation page on your server..."
1139	msgstr ""
1140
1141	+ #: lets-encrypt/config/fields.php:551
1142	msgid "Checking for subdomain setup..."
1143	msgstr ""
1144

1203	msgid "For more information, please read this %sarticle%s"
1204	msgstr ""
1205
1206	+ #: lets-encrypt/functions.php:354
1207	+ #: lets-encrypt/functions.php:355
1208	#: settings/build/index.js:382
1209	#: settings/src/Dashboard/GridBlock.js:93
1210	#: settings/src/Settings/SettingsGroup.js:93
1211	msgid "Instructions"
1212	msgstr ""
1213
1214	+ #: lets-encrypt/functions.php:358
1215	msgid "Please complete manually in your hosting dashboard."
1216	msgstr ""
1217
1218	+ #: lets-encrypt/functions.php:359
1219	msgid "Please activate it manually on your hosting dashboard."
1220	msgstr ""
1221
1222	+ #: lets-encrypt/functions.php:361
1223	msgid "Please complete %smanually%s"
1224	msgstr ""
1225
1226	+ #: lets-encrypt/functions.php:362
1227	msgid "Please activate it on your dashboard %smanually%s"
1228	msgstr ""
1229
1230	+ #: lets-encrypt/functions.php:363
1231	msgid "Go to activation"
1232	msgstr ""
1233
1234	+ #: lets-encrypt/functions.php:364
1235	msgid "Go to installation"
1236	msgstr ""
1237
1238	+ #: lets-encrypt/functions.php:371
1239	+ #: lets-encrypt/functions.php:375
1240	+ #: lets-encrypt/functions.php:385
1241	msgid "After completing the installation, you can continue to the next step to complete your configuration."
1242	msgstr ""
1243
1244	+ #: lets-encrypt/functions.php:373
1245	msgid "You already have free SSL on your hosting environment."
1246	msgstr ""
1247
1248	+ #: lets-encrypt/functions.php:382
1249	msgid "Your hosting environment does not allow automatic SSL installation."
1250	msgstr ""
1251
1252	+ #: lets-encrypt/functions.php:384
1253	msgid "You can follow these %sinstructions%s."
1254	msgstr ""
1255

1551	msgid "Really Simple SSL cannot be activated. The plugin requires WordPress 5.7 or higher"
1552	msgstr ""
1553
1554	+ #: rlrsssl-really-simple-ssl.php:197
1555	msgid "Update Really Simple SSL Pro: the plugin needs to be updated to the latest version to be compatible."
1556	msgstr ""
1557
1558	+ #: rlrsssl-really-simple-ssl.php:201
1559	msgid "%sUpdate%s or %srenew your license%s."
1560	msgstr ""
1561
1562	+ #: rlrsssl-really-simple-ssl.php:203
1563	msgid "Visit the plugins overview or %srenew your license%s."
1564	msgstr ""
1565
1566	+ #: security/firewall-manager.php:138
1567	+ #: security/firewall-manager.php:144
1568	msgid "Firewall"
1569	msgstr ""
1570
1571	+ #: security/firewall-manager.php:139
1572	msgid "A firewall rule was enabled, but the wp-config.php is not writable."
1573	msgstr ""
1574
1575	+ #: security/firewall-manager.php:139
1576	msgid "Please set the wp-config.php to writable until the rule has been written."
1577	msgstr ""
1578
1579	+ #: security/firewall-manager.php:145
1580	msgid "A firewall rule was enabled, but /the wp-content/ folder is not writable."
1581	msgstr ""
1582
1583	+ #: security/firewall-manager.php:145
1584	msgid "Please set the wp-content folder to writable:"
1585	msgstr ""
1586

1689	msgstr ""
1690
1691	#: security/notices.php:191
1692	+ msgid "Rename admin user enabled: Please choose a new username of at least 3 characters, which is not in use yet."
1693	msgstr ""
1694
1695	#: security/notices.php:206

1712	msgid "Anyone can register an account on your site. Consider disabling this option in the WordPress general settings."
1713	msgstr ""
1714
1715	+ #: security/notices.php:280
1716	msgid "Your WordPress version is visible to others."
1717	msgstr ""
1718

1948	msgid "If this option is set to true, the mixed content fixer will fire on the init hook instead of the template_redirect hook. Only use this option when you experience problems with the mixed content fixer."
1949	msgstr ""
1950
1951	+ #: settings/config/config.php:351
1952	+ msgid "Mixed content fixer - back-end"
1953	+ msgstr ""
1954	+
1955	#: settings/config/config.php:360
1956	msgid "Dismiss all notices"
1957	msgstr ""

2406	msgid "Really Simple SSL automatically detects your settings and configures your website to run over HTTPS. To keep it lightweight, we kept the options to a minimum. Your website will move to SSL with one click."
2407	msgstr ""
2408
2409	+ #: upgrade/upgrade-to-pro.php:182
2410	#: settings/build/index.js:382
2411	#: settings/src/Dashboard/OtherPlugins.js:88
2412	msgid "Installed"
2413	msgstr ""
2414
2415	+ #: upgrade/upgrade-to-pro.php:225
2416	msgid "Installation finished"
2417	msgstr ""
2418
2419	+ #: upgrade/upgrade-to-pro.php:323
2420	msgid "Recommended by Really Simple Plugins"
2421	msgstr ""
2422
2423	+ #: upgrade/upgrade-to-pro.php:348
2424	msgid "Installing"
2425	msgstr ""
2426
2427	+ #: upgrade/upgrade-to-pro.php:359
2428	msgid "Visit Dashboard"
2429	msgstr ""
2430

2431	#: upgrade/upgrade-to-pro.php:364
2432	+ #: upgrade/upgrade-to-pro.php:365
2433	msgid "An Error Occurred:"
2434	msgstr ""
2435
2436	+ #: upgrade/upgrade-to-pro.php:364
2437	msgid "Install %sManually%s."
2438	msgstr ""
2439
2440	+ #: upgrade/upgrade-to-pro.php:365
2441	msgid "Check your %slicense%s."
2442	msgstr ""
2443
2444	+ #: upgrade/upgrade-to-pro.php:436
2445	msgid "Could not rename folder!"
2446	msgstr ""
2447
2448	+ #: upgrade/upgrade-to-pro.php:536
2449	+ #: upgrade/upgrade-to-pro.php:568
2450	msgid "An error occurred, please try again."
2451	msgstr ""
2452
2453	+ #: upgrade/upgrade-to-pro.php:544
2454	msgid "Your license key expired on %s."
2455	msgstr ""
2456
2457	+ #: upgrade/upgrade-to-pro.php:550
2458	msgid "Your license key has been disabled."
2459	msgstr ""
2460
2461	+ #: upgrade/upgrade-to-pro.php:553
2462	msgid "Missing license."
2463	msgstr ""
2464
2465	+ #: upgrade/upgrade-to-pro.php:556
2466	msgid "Invalid license."
2467	msgstr ""
2468
2469	+ #: upgrade/upgrade-to-pro.php:559
2470	msgid "Your license is not active for this URL."
2471	msgstr ""
2472
2473	+ #: upgrade/upgrade-to-pro.php:562
2474	msgid "This appears to be an invalid license key for this plugin."
2475	msgstr ""
2476
2477	+ #: upgrade/upgrade-to-pro.php:565
2478	msgid "Your license key has reached its activation limit."
2479	msgstr ""
2480

lets-encrypt/config/fields.php CHANGED Viewed

	@@ -94,7 +94,6 @@ function rsssl_le_add_fields($fields) {
94	'title' => __( "Email address", "really-simple-ssl" ),
95	'text' => __( "This email address is used to create a Let's Encrypt account. This is also where you will receive renewal notifications.", 'really-simple-ssl' ),
96	],
97	- 'disabled' => ! rsssl_get_option( 'ssl_enabled' ),
98	'default' => '',
99	'required' => true,
100	],


94	'title' => __( "Email address", "really-simple-ssl" ),
95	'text' => __( "This email address is used to create a Let's Encrypt account. This is also where you will receive renewal notifications.", 'really-simple-ssl' ),
96	],

97	'default' => '',
98	'required' => true,
99	],

lets-encrypt/functions.php CHANGED Viewed

@@ -72,7 +72,11 @@ if (!function_exists('rsssl_cpanel_api_supported')) {
             	 * @return bool
             	 */
             	function rsssl_cpanel_api_supported() {
-            -
            		return rsssl_is_cpanel() && file_exists( "/usr/local/cpanel/php/cpanel.php" );
+            	}
+            }
@@ -93,6 +97,26 @@ if (!function_exists('rsssl_activated_by_default')) {
+            	}
+            }
             if (!function_exists('rsssl_activation_required')) {
             	/**
             	 * Check if the host has ssl, activation required


72	* @return bool
73	*/
74	function rsssl_cpanel_api_supported() {
75	+ if ( rsssl_is_cpanel() ) {
76	+ return true;
77	+ }
78	+
79	+ return !rsssl_openbasedir_restriction("/usr/local/cpanel/php/cpanel.php") && file_exists( "/usr/local/cpanel/php/cpanel.php" );
80	}
81	}
82

97	}
98	}
99
100	+ if ( !function_exists('rsssl_openbasedir_restriction')) {
101	+ function rsssl_openbasedir_restriction( string $path): bool {
102	+
103	+ // Default error handler is required
104	+ set_error_handler(null);
105	+
106	+ // Clean last error info.
107	+ error_clear_last();
108	+
109	+ // Testing...
110	+ @file_exists($path);
111	+
112	+ // Restore previous error handler
113	+ restore_error_handler();
114	+
115	+ // Return `true` if error has occurred
116	+ return ($error = error_get_last()) && $error['message'] !== '__clean_error_info';
117	+ }
118	+ }
119	+
120	if (!function_exists('rsssl_activation_required')) {
121	/**
122	* Check if the host has ssl, activation required

readme.txt CHANGED Viewed

	@@ -6,7 +6,7 @@ Requires at least: 5.7
6	License: GPL2
7	Tested up to: 6.1
8	Requires PHP: 7.2
9	- Stable tag: 6.0.8
10
11	The easiest way to improve security! Leverage your SSL certificate and protect your website visitors.
12
	@@ -96,6 +96,12 @@ The plugin checks your certificate before enabling, but if, for example, you mig
96	If you can't deactivate, do not just remove the plugin folder to uninstall! Follow these [instructions](https://really-simple-ssl.com/knowledge-base/uninstall-websitebackend-not-accessible/) instead.
97
98	== Changelog ==






99	= 6.0.8 =
100	* Improvement: Lets Encrypt wizard CSS styling
101	* Improvement: re-add link to article about Let's Encrypt so users can easily find the URL


6	License: GPL2
7	Tested up to: 6.1
8	Requires PHP: 7.2
9	+ Stable tag: 6.0.9
10
11	The easiest way to improve security! Leverage your SSL certificate and protect your website visitors.
12

96	If you can't deactivate, do not just remove the plugin folder to uninstall! Follow these [instructions](https://really-simple-ssl.com/knowledge-base/uninstall-websitebackend-not-accessible/) instead.
97
98	== Changelog ==
99	+ = 6.0.9 =
100	+ * Fix: incorrectly disabled email field in Let's Encrypt wizard, props @cburgess
101	+ * Improvement: on rename admin user, catch existing username, and strange characters
102	+ * Improvement: catch openBaseDir restriction in cpanel detection function, props @alofnur
103	+ * Improvement: remove 6.0 update notices on subsites in a multisite network, props @wpcoderca, (@collizo4sky
104	+
105	= 6.0.8 =
106	* Improvement: Lets Encrypt wizard CSS styling
107	* Improvement: re-add link to article about Let's Encrypt so users can easily find the URL

rlrsssl-really-simple-ssl.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Really Simple SSL
4	* Plugin URI: https://really-simple-ssl.com
5	* Description: Lightweight SSL & Hardening Plugin
6	- * Version: 6.0.8
7	* Author: Really Simple Plugins
8	* Author URI: https://really-simple-plugins.com
9	* License: GPL2
	@@ -110,7 +110,7 @@ class REALLY_SIMPLE_SSL
110	if (!defined('rsssl_file') ){
111	define('rsssl_file', __FILE__);
112	}
113	- define('rsssl_version', '6.0.8');
114	define('rsssl_le_cron_generation_renewal_check', 20);
115	define('rsssl_le_manual_generation_renewal_check', 15);
116	}
	@@ -160,6 +160,9 @@ class REALLY_SIMPLE_SSL
160	*/
161	if ( is_admin() ) {
162	add_action('admin_notices', array( $this, 'admin_notices'));



163	}
164
165	add_action('wp_loaded', array(self::$instance->front_end, 'force_ssl'), 20);
	@@ -216,7 +219,7 @@ class REALLY_SIMPLE_SSL
216	public static function has_old_addon($file) {
217	require_once(ABSPATH.'wp-admin/includes/plugin.php');
218	$data = false;
219	- if (is_plugin_active($file)) $data = get_plugin_data( trailingslashit(WP_PLUGIN_DIR) . $file, false, false );
220	if ($data && version_compare($data['Version'], '6.0.0', '<')) {
221	return true;
222	}


3	* Plugin Name: Really Simple SSL
4	* Plugin URI: https://really-simple-ssl.com
5	* Description: Lightweight SSL & Hardening Plugin
6	+ * Version: 6.0.9
7	* Author: Really Simple Plugins
8	* Author URI: https://really-simple-plugins.com
9	* License: GPL2

110	if (!defined('rsssl_file') ){
111	define('rsssl_file', __FILE__);
112	}
113	+ define('rsssl_version', '6.0.9');
114	define('rsssl_le_cron_generation_renewal_check', 20);
115	define('rsssl_le_manual_generation_renewal_check', 15);
116	}

160	*/
161	if ( is_admin() ) {
162	add_action('admin_notices', array( $this, 'admin_notices'));
163	+ if ( is_multisite() ) {
164	+ add_action('network_admin_notices', array( $this, 'admin_notices'));
165	+ }
166	}
167
168	add_action('wp_loaded', array(self::$instance->front_end, 'force_ssl'), 20);

219	public static function has_old_addon($file) {
220	require_once(ABSPATH.'wp-admin/includes/plugin.php');
221	$data = false;
222	+ if ( is_plugin_active($file)) $data = get_plugin_data( trailingslashit(WP_PLUGIN_DIR) . $file, false, false );
223	if ($data && version_compare($data['Version'], '6.0.0', '<')) {
224	return true;
225	}

security/firewall-manager.php CHANGED Viewed

	@@ -42,13 +42,10 @@ class rsssl_firewall_manager {
42	* @return int
43	*/
44	public function get_headers_nonce(){
45	- if ( !rsssl_user_can_manage() && !defined( 'RSSSL_LEARNING_MODE' ) ) {
46	- return false;
47	- }
48	if ( !get_site_option("rsssl_header_detection_nonce")) {
49	update_site_option("rsssl_header_detection_nonce", rand(1000, 999999999) );
50	}
51	- return get_site_option("rsssl_header_detection_nonce");
52	}
53
54	/**


42	* @return int
43	*/
44	public function get_headers_nonce(){



45	if ( !get_site_option("rsssl_header_detection_nonce")) {
46	update_site_option("rsssl_header_detection_nonce", rand(1000, 999999999) );
47	}
48	+ return (int) get_site_option("rsssl_header_detection_nonce");
49	}
50
51	/**

security/index.php CHANGED Viewed

	@@ -1 +1 @@
1	- <?php //You don't belong here. ?>


1	+ <?php //You don't belong here.

security/notices.php CHANGED Viewed

	@@ -188,7 +188,7 @@ function rsssl_general_security_notices( $notices ) {
188	'true' => array(
189	'highlight_field_id' => 'rename_admin_user',
190	'title' => __("Username", "really-simple-ssl"),
191	- 'msg' => __("Rename admin user enabled: Please choose a new username of at least 3 characters.", "really-simple-ssl"),
192	'icon' => 'warning',
193	'dismissible' => true,
194	),
	@@ -266,6 +266,7 @@ function rsssl_general_security_notices( $notices ) {
266	'msg' => __("Anyone can register an account on your site. Consider disabling this option in the WordPress general settings.", "really-simple-ssl"),
267	'icon' => 'open',
268	'plusone' => false,

269	),
270	),
271	);


188	'true' => array(
189	'highlight_field_id' => 'rename_admin_user',
190	'title' => __("Username", "really-simple-ssl"),
191	+ 'msg' => __("Rename admin user enabled: Please choose a new username of at least 3 characters, which is not in use yet.", "really-simple-ssl"),
192	'icon' => 'warning',
193	'dismissible' => true,
194	),

266	'msg' => __("Anyone can register an account on your site. Consider disabling this option in the WordPress general settings.", "really-simple-ssl"),
267	'icon' => 'open',
268	'plusone' => false,
269	+ 'dismissible' => true,
270	),
271	),
272	);

security/tests.php CHANGED Viewed

	@@ -151,11 +151,14 @@ function rsssl_has_admin_user() {
151	* @return bool
152	*/
153	function rsssl_new_username_valid(): bool {
154	-
155	- $new_user_login = rsssl_get_option('new_admin_user_login');
156	if ( $new_user_login === 'admin' ) {
157	return false;
158	}




159
160	return is_string($new_user_login) && strlen($new_user_login)>2;
161	}


151	* @return bool
152	*/
153	function rsssl_new_username_valid(): bool {
154	+ $new_user_login = trim(sanitize_user(rsssl_get_option('new_admin_user_login')));

155	if ( $new_user_login === 'admin' ) {
156	return false;
157	}
158	+ $user_exists = get_user_by('login', $new_user_login);
159	+ if ( $user_exists ) {
160	+ return false;
161	+ }
162
163	return is_string($new_user_login) && strlen($new_user_login)>2;
164	}

security/wordpress/rename-admin-user.php CHANGED Viewed

	@@ -38,7 +38,7 @@ add_filter( 'illegal_user_logins', 'rsssl_prevent_admin_user_add' );
38	* @return bool
39	*/
40	function rsssl_rename_admin_user() {
41	- if ( !rsssl_user_can_manage() ~~\|\| wp_doing_cron(~~) ) {
42	return false;
43	}
44	//to be able to update the admin user email, we need to disable this filter temporarily
	@@ -48,7 +48,7 @@ function rsssl_rename_admin_user() {
48	$admin_user = get_user_by('login','admin');
49	if ( $admin_user ) {
50	// Get the new user login
51	- $new_user_login = rsssl_get_option('new_admin_user_login');
52	if ( rsssl_new_username_valid() ) {
53	$admin_user_id = $admin_user->data->ID;
54	$admin_userdata = get_userdata( $admin_user_id );
	@@ -116,7 +116,7 @@ function rsssl_rename_admin_user() {
116
117	// Create new admin user
118	$new_user_id = wp_insert_user( $new_userdata );
119	- if ( ! $new_user_id ) {
120	return false;
121	}
122


38	* @return bool
39	*/
40	function rsssl_rename_admin_user() {
41	+ if ( !rsssl_user_can_manage() ) {
42	return false;
43	}
44	//to be able to update the admin user email, we need to disable this filter temporarily

48	$admin_user = get_user_by('login','admin');
49	if ( $admin_user ) {
50	// Get the new user login
51	+ $new_user_login = trim(sanitize_user(rsssl_get_option('new_admin_user_login')));
52	if ( rsssl_new_username_valid() ) {
53	$admin_user_id = $admin_user->data->ID;
54	$admin_userdata = get_userdata( $admin_user_id );

116
117	// Create new admin user
118	$new_user_id = wp_insert_user( $new_userdata );
119	+ if ( ! $new_user_id \|\| is_wp_error($new_user_id) ) {
120	return false;
121	}
122

settings/config/config.php CHANGED Viewed

	@@ -348,7 +348,7 @@ function rsssl_fields( $load_values = true ) {
348	'menu_id' => 'general',
349	'group_id' => 'general',
350	'type' => 'checkbox',
351	- 'label' => __( "Mixed content fixer - back-end", "really-simple-ssl~~-pro~~" ),
352	'disabled' => false,
353	'default' => false,
354	],


348	'menu_id' => 'general',
349	'group_id' => 'general',
350	'type' => 'checkbox',
351	+ 'label' => __( "Mixed content fixer - back-end", "really-simple-ssl" ),
352	'disabled' => false,
353	'default' => false,
354	],

upgrade.php CHANGED Viewed

	@@ -143,6 +143,13 @@ function rsssl_upgrade() {
143	}
144	}
145







146	//delete in future upgrade. We want to check the review notice dismissed as fallback still.
147	//delete_option( 'rlrsssl_options' );
148	//delete_site_option( 'rlrsssl_network_options' );


143	}
144	}
145
146	+ #clear notices cache for multisite on upgrade, for the subsite notice
147	+ if ( $prev_version && version_compare( $prev_version, '6.0.9', '<' ) ) {
148	+ if ( is_multisite() ) {
149	+ delete_transient('rsssl_admin_notices' );
150	+ }
151	+ }
152	+
153	//delete in future upgrade. We want to check the review notice dismissed as fallback still.
154	//delete_option( 'rlrsssl_options' );
155	//delete_site_option( 'rlrsssl_network_options' );

upgrade/index.php CHANGED Viewed

	@@ -1 +1 @@
1	- <?php //You don't belong here. ?>


1	+ <?php //You don't belong here.

upgrade/upgrade-to-pro.php CHANGED Viewed

	@@ -35,17 +35,17 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
35	$this->item_id = sanitize_title($_GET['item_id']);
36	}
37
38	- $admin_url = is_multisite() ? network_admin_url('settings.php') : admin_url("options-general.php");
39	if ( isset($_GET['plugin']) ) {
40	$plugin = sanitize_title($_GET['plugin']);
41	switch ($plugin) {
42	case "rsssl_pro":

43	$this->slug = is_multisite() ? "really-simple-ssl-pro-multisite/really-simple-ssl-pro-multisite.php" : "really-simple-ssl-pro/really-simple-ssl-pro.php";
44	$this->plugin_name = "Really Simple SSL Pro";
45	$this->plugin_constant = "rsssl_pro";
46	$this->prefix = "rsssl_";
47	$this->api_url = "https://really-simple-ssl.com";
48	- $this->dashboard_url = add_query_arg(["page" => "really-simple-security"], $~~admin_url~~ );
49	break;
50	case "brst_pro":
51	$this->slug = "burst";
	@@ -57,12 +57,12 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
57	break;
58	case "cmplz_pro":
59	default:
60	- $this->slug = "complianz-gdpr-premium/complianz-gpdr-premium.php";
61	$this->plugin_name = "Complianz";
62	$this->plugin_constant = "cmplz_premium";
63	$this->prefix = "cmplz_";
64	$this->api_url = "https://complianz.io";
65	- $this->dashboard_url = add_query_arg(["page" => "complianz"], admin_url( "admin.php" ));
66	break;
67	}
68	}
	@@ -110,7 +110,7 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
110	}
111
112	private function get_suggested_plugin($attr){
113	- $plugin_to_be_installed = false;
114	if (isset($_GET['plugin']) && $_GET['plugin']==='cmplz_pro' ) {
115	$plugin_to_be_installed = 'complianz-gdpr';
116	} else if (isset($_GET['plugin']) && $_GET['plugin']==='rsssl_pro' ) {
	@@ -170,12 +170,13 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
170	'description' => __('Really Simple SSL automatically detects your settings and configures your website to run over HTTPS. To keep it lightweight, we kept the options to a minimum. Your website will move to SSL with one click.', "really-simple-ssl"),
171	'install_url' => 'ssl%20really%20simple%20plugins%20complianz+HSTS&tab=search&type=term',
172	];
173	- if ($current_plugin==='really-simple-ssl') {
174	$suggestion = $fallback_suggestion;
175	}
176	}
177
178	- $~~suggestion[~~'~~install_url~~'] = admin_url('plugin-install.php?s=')~~.$suggestion['install_url']~~;

179	if (defined($suggestion['constant'])){
180	$suggestion['install_url'] = '#';
181	$suggestion['button_text'] = __("Installed", "really-simple-ssl");
	@@ -479,7 +480,7 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
479
480	if (!$error && isset($_GET['token']) && wp_verify_nonce($_GET['token'], 'upgrade_to_pro_nonce') && isset($_GET['license']) && isset($_GET['item_id']) ) {
481	$license = sanitize_title($_GET['license']);
482	- $item_id = ~~intval~~($_GET['item_id']);
483	$response = $this->validate($license, $item_id);
484	update_site_option($this->prefix.'auto_installed_license', $license);
485	}
	@@ -505,7 +506,7 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
505	* @return array [license status, response message]
506	*/
507
508	- private function validate( $license, $item_id ) {
509	$message = "";
510	$success = false;
511
	@@ -583,13 +584,11 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
583	}
584	}
585
586	- ~~$response~~ = [
587	'success' => $success,
588	'message' => $message,
589	];
590	-
591	- return $response;
592	- }
593
594
595	/**
	@@ -701,7 +700,7 @@ if ( !class_exists('rsp_upgrade_to_pro') ){
701	public function process_ajax_activate_plugin()
702	{
703	if ( !rsssl_user_can_manage() ) {
704	- return ~~false~~;
705	}
706
707	if ( isset($_GET['token']) && wp_verify_nonce($_GET['token'], 'upgrade_to_pro_nonce') && isset($_GET['plugin']) ) {


35	$this->item_id = sanitize_title($_GET['item_id']);
36	}
37

38	if ( isset($_GET['plugin']) ) {
39	$plugin = sanitize_title($_GET['plugin']);
40	switch ($plugin) {
41	case "rsssl_pro":
42	+ $rsssl_admin_url = is_multisite() ? network_admin_url('settings.php') : admin_url("options-general.php");
43	$this->slug = is_multisite() ? "really-simple-ssl-pro-multisite/really-simple-ssl-pro-multisite.php" : "really-simple-ssl-pro/really-simple-ssl-pro.php";
44	$this->plugin_name = "Really Simple SSL Pro";
45	$this->plugin_constant = "rsssl_pro";
46	$this->prefix = "rsssl_";
47	$this->api_url = "https://really-simple-ssl.com";
48	+ $this->dashboard_url = add_query_arg(["page" => "really-simple-security"], $rsssl_admin_url );
49	break;
50	case "brst_pro":
51	$this->slug = "burst";

57	break;
58	case "cmplz_pro":
59	default:
60	+ $this->slug = is_multisite() ? "complianz-gdpr-premium-multisite/complianz-gpdr-premium.php" : "complianz-gdpr-premium/complianz-gpdr-premium.php";
61	$this->plugin_name = "Complianz";
62	$this->plugin_constant = "cmplz_premium";
63	$this->prefix = "cmplz_";
64	$this->api_url = "https://complianz.io";
65	+ $this->dashboard_url = add_query_arg(["page" => "complianz"], admin_url("admin.php") );
66	break;
67	}
68	}

110	}
111
112	private function get_suggested_plugin($attr){
113	+ $plugin_to_be_installed = $current_plugin = false;
114	if (isset($_GET['plugin']) && $_GET['plugin']==='cmplz_pro' ) {
115	$plugin_to_be_installed = 'complianz-gdpr';
116	} else if (isset($_GET['plugin']) && $_GET['plugin']==='rsssl_pro' ) {

170	'description' => __('Really Simple SSL automatically detects your settings and configures your website to run over HTTPS. To keep it lightweight, we kept the options to a minimum. Your website will move to SSL with one click.', "really-simple-ssl"),
171	'install_url' => 'ssl%20really%20simple%20plugins%20complianz+HSTS&tab=search&type=term',
172	];
173	+ if ( $current_plugin==='really-simple-ssl' ) {
174	$suggestion = $fallback_suggestion;
175	}
176	}
177
178	+ $admin_url = is_multisite() ? network_admin_url('plugin-install.php?s=') : admin_url('plugin-install.php?s=');
179	+ $suggestion['install_url'] = $admin_url.$suggestion['install_url'];
180	if (defined($suggestion['constant'])){
181	$suggestion['install_url'] = '#';
182	$suggestion['button_text'] = __("Installed", "really-simple-ssl");

480
481	if (!$error && isset($_GET['token']) && wp_verify_nonce($_GET['token'], 'upgrade_to_pro_nonce') && isset($_GET['license']) && isset($_GET['item_id']) ) {
482	$license = sanitize_title($_GET['license']);
483	+ $item_id = (int) $_GET['item_id'];
484	$response = $this->validate($license, $item_id);
485	update_site_option($this->prefix.'auto_installed_license', $license);
486	}

506	* @return array [license status, response message]
507	*/
508
509	+ private function validate( $license, $item_id ): array {
510	$message = "";
511	$success = false;
512

584	}
585	}
586
587	+ return [
588	'success' => $success,
589	'message' => $message,
590	];
591	+ }


592
593
594	/**

700	public function process_ajax_activate_plugin()
701	{
702	if ( !rsssl_user_can_manage() ) {
703	+ return;
704	}
705
706	if ( isset($_GET['token']) && wp_verify_nonce($_GET['token'], 'upgrade_to_pro_nonce') && isset($_GET['plugin']) ) {