Version Description
- Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
- Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
- This plugin is solid, once again.
Download this release
Release Info
Developer | peterdog |
Plugin | Stealth Login Page |
Version | 2.1.1 |
Comparing to | |
See all releases |
Code changes from version 2.0.2 to 2.1.1
includes/display-functions.php
CHANGED
@@ -10,7 +10,7 @@
|
|
10 |
add_action( 'login_init', 'slp_login_stringcheck' );
|
11 |
function slp_login_stringcheck() {
|
12 |
|
13 |
-
global $slp_options, $custom_url;
|
14 |
|
15 |
// set the location a failed attempt goes to
|
16 |
$redirect = $slp_options['redirect_url'];
|
@@ -29,9 +29,13 @@ if ( ! isset( $_GET[$question] ) )
|
|
29 |
if ( $_GET[$question] !== $answer ) {
|
30 |
wp_redirect( esc_url_raw ($redirect), 302 );
|
31 |
|
32 |
-
if ( $form_request
|
33 |
-
wp_redirect( esc_url_raw ($redirect), 302 );
|
34 |
-
|
|
|
|
|
|
|
|
|
35 |
}
|
36 |
}
|
37 |
}
|
10 |
add_action( 'login_init', 'slp_login_stringcheck' );
|
11 |
function slp_login_stringcheck() {
|
12 |
|
13 |
+
global $slp_options, $custom_url, $custom_logged_out;
|
14 |
|
15 |
// set the location a failed attempt goes to
|
16 |
$redirect = $slp_options['redirect_url'];
|
29 |
if ( $_GET[$question] !== $answer ) {
|
30 |
wp_redirect( esc_url_raw ($redirect), 302 );
|
31 |
|
32 |
+
// if ( $form_request <= $custom_logged_out ) {
|
33 |
+
// wp_redirect( esc_url_raw ($redirect), 302 );
|
34 |
+
|
35 |
+
if ( $form_request != $custom_url ) {
|
36 |
+
wp_redirect( esc_url_raw ($redirect), 302 );
|
37 |
+
}
|
38 |
+
// }
|
39 |
}
|
40 |
}
|
41 |
}
|
includes/settings-page.php
CHANGED
@@ -7,11 +7,11 @@ function slp_register_settings() {
|
|
7 |
|
8 |
add_action( 'admin_init', 'slp_email_admin' );
|
9 |
function slp_email_admin() {
|
10 |
-
global $slp_options;
|
11 |
if ( isset( $slp_options['enable'] ) && $slp_options['question'] && $slp_options['answer'] && isset ( $_POST['email-admin'] ) && current_user_can( 'manage_options' ) ) {
|
12 |
$to = get_bloginfo( 'admin_email' );
|
13 |
$subject = sprintf( __( 'Custom login URL for %s', 'stealth-login-page' ), get_bloginfo( 'name' ) );
|
14 |
-
$message = sprintf( __( 'Your custom login URL for %1$s is %2$s', 'stealth-login-page' ), get_bloginfo( 'name' ),
|
15 |
wp_mail( $to, $subject, $message );
|
16 |
}
|
17 |
}
|
@@ -39,7 +39,7 @@ function slp_admin() {
|
|
39 |
|
40 |
<label class="description" for="slp_settings[enable]"><?php _e( 'Enable Stealth Mode', 'stealth-login-page' ); ?></label>
|
41 |
|
42 |
-
<p><?php _e( 'Those attempting to gain access to your login form will be automatcally redirected to a
|
43 |
|
44 |
<label class="description" for="slp_settings[redirect_url]"><?php _e( 'URL to redirect unauthorized attempts to', 'stealth-login-page' ); ?></label>
|
45 |
|
7 |
|
8 |
add_action( 'admin_init', 'slp_email_admin' );
|
9 |
function slp_email_admin() {
|
10 |
+
global $slp_options, $custom_url;
|
11 |
if ( isset( $slp_options['enable'] ) && $slp_options['question'] && $slp_options['answer'] && isset ( $_POST['email-admin'] ) && current_user_can( 'manage_options' ) ) {
|
12 |
$to = get_bloginfo( 'admin_email' );
|
13 |
$subject = sprintf( __( 'Custom login URL for %s', 'stealth-login-page' ), get_bloginfo( 'name' ) );
|
14 |
+
$message = sprintf( __( 'Your custom login URL for %1$s is %2$s', 'stealth-login-page' ), get_bloginfo( 'name' ), $custom_url );
|
15 |
wp_mail( $to, $subject, $message );
|
16 |
}
|
17 |
}
|
39 |
|
40 |
<label class="description" for="slp_settings[enable]"><?php _e( 'Enable Stealth Mode', 'stealth-login-page' ); ?></label>
|
41 |
|
42 |
+
<p><?php _e( 'Those attempting to gain access to your login form will be automatcally redirected to a customizable URL. Enter that URL below.', 'stealth-login-page' ); ?></p>
|
43 |
|
44 |
<label class="description" for="slp_settings[redirect_url]"><?php _e( 'URL to redirect unauthorized attempts to', 'stealth-login-page' ); ?></label>
|
45 |
|
languages/{stealth-login-page-de_de.po → stealth-login-page-de_DE.po}
RENAMED
File without changes
|
plugin.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
/*
|
3 |
Plugin Name: Stealth Login Page
|
4 |
Plugin URI: http://wordpress.org/extend/plugins/stealth-login-page/
|
5 |
-
Version: 2.
|
6 |
Author: Jesse Petersen
|
7 |
Author URI: http://www.petersenmediagroup.com
|
8 |
Description: Protect your /wp-admin and wp-login.php pages from being accessed without editing .htaccess
|
@@ -74,12 +74,34 @@ function slp_admin_settings_link( $links, $file ) {
|
|
74 |
|
75 |
}
|
76 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
77 |
// Global Variables ---------------------- //
|
78 |
$slp_prefix = 'slp_';
|
79 |
$slp_plugin_name = 'Stealth Login Page';
|
80 |
// retrieve plugin settings from options table
|
81 |
$slp_options = get_option('slp_settings');
|
82 |
$custom_url = wp_login_url() . '?' . $slp_options['question'] . '=' . $slp_options['answer'];
|
|
|
|
|
|
|
83 |
|
84 |
// Includes ------------------------------ //
|
85 |
include('includes/settings-page.php'); // loads the admin settings page
|
2 |
/*
|
3 |
Plugin Name: Stealth Login Page
|
4 |
Plugin URI: http://wordpress.org/extend/plugins/stealth-login-page/
|
5 |
+
Version: 2.1.1
|
6 |
Author: Jesse Petersen
|
7 |
Author URI: http://www.petersenmediagroup.com
|
8 |
Description: Protect your /wp-admin and wp-login.php pages from being accessed without editing .htaccess
|
74 |
|
75 |
}
|
76 |
|
77 |
+
/**
|
78 |
+
* Edit the logout/login/lost_password URLs to the new custom URL
|
79 |
+
*
|
80 |
+
* @since 2.1.0
|
81 |
+
* @param $old
|
82 |
+
* @param $new
|
83 |
+
* @param $url
|
84 |
+
* @return array
|
85 |
+
*/
|
86 |
+
add_filter('site_url', 'wplogin_filter', 10, 3);
|
87 |
+
function wplogin_filter( $url, $path, $orig_scheme ) {
|
88 |
+
global $custom_url_ending;
|
89 |
+
|
90 |
+
$old = array( "/(wp-login\.php)/");
|
91 |
+
$new = array( $custom_url_ending );
|
92 |
+
|
93 |
+
return preg_replace( $old, $new, $url, 1);
|
94 |
+
}
|
95 |
+
|
96 |
// Global Variables ---------------------- //
|
97 |
$slp_prefix = 'slp_';
|
98 |
$slp_plugin_name = 'Stealth Login Page';
|
99 |
// retrieve plugin settings from options table
|
100 |
$slp_options = get_option('slp_settings');
|
101 |
$custom_url = wp_login_url() . '?' . $slp_options['question'] . '=' . $slp_options['answer'];
|
102 |
+
$custom_url_ending = "wp-login.php?" . $slp_options['question'] . '=' . $slp_options['answer'];
|
103 |
+
$custom_logged_out = $custom_url . '?loggedout=true';
|
104 |
+
$custom_lost_password = $custom_url . '&action=lostpassword';
|
105 |
|
106 |
// Includes ------------------------------ //
|
107 |
include('includes/settings-page.php'); // loads the admin settings page
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
4 |
Tags: login, wp-admin, redirect, security, 302
|
5 |
Requires at least: 3.4.2
|
6 |
Tested up to: 3.5.1
|
7 |
-
Stable tag: 2.
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
@@ -65,6 +65,14 @@ See more [examples](http://www.petersenmediagroup.com/plugins/stealth-login-page
|
|
65 |
|
66 |
== Changelog ==
|
67 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
68 |
= 2.0.2 =
|
69 |
* Bugfix - activating plugin error
|
70 |
|
@@ -96,6 +104,14 @@ See more [examples](http://www.petersenmediagroup.com/plugins/stealth-login-page
|
|
96 |
|
97 |
== Upgrade Notice ==
|
98 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
99 |
= 2.0.2 =
|
100 |
* Bugfix - activating plugin error
|
101 |
|
4 |
Tags: login, wp-admin, redirect, security, 302
|
5 |
Requires at least: 3.4.2
|
6 |
Tested up to: 3.5.1
|
7 |
+
Stable tag: 2.1.1
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
65 |
|
66 |
== Changelog ==
|
67 |
|
68 |
+
= 2.1.1 =
|
69 |
+
* Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
70 |
+
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|
71 |
+
* This plugin is solid, once again.
|
72 |
+
|
73 |
+
= 2.1.0 =
|
74 |
+
* Corrected the logout link in the dashboard and the lost password link on the login page.
|
75 |
+
|
76 |
= 2.0.2 =
|
77 |
* Bugfix - activating plugin error
|
78 |
|
104 |
|
105 |
== Upgrade Notice ==
|
106 |
|
107 |
+
= 2.1.1 =
|
108 |
+
* CRITICAL Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
109 |
+
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|
110 |
+
* This plugin is solid, once again.
|
111 |
+
|
112 |
+
= 2.1.0 =
|
113 |
+
* Corrected the logout link in the dashboard and the lost password link on the login page.
|
114 |
+
|
115 |
= 2.0.2 =
|
116 |
* Bugfix - activating plugin error
|
117 |
|