Version Description
- Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
- Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
- This plugin is solid, once again.
Download this release
Release Info
| Developer | peterdog |
| Plugin |  Stealth Login Page |
| Version | 2.1.1 |
| Comparing to | |
| See all releases | |
Code changes from version 2.0.2 to 2.1.1
includes/display-functions.php
CHANGED
|
@@ -10,7 +10,7 @@
|
|
| 10 |
add_action( 'login_init', 'slp_login_stringcheck' );
|
| 11 |
function slp_login_stringcheck() {
|
| 12 |
|
| 13 |
-
global $slp_options, $custom_url;
|
| 14 |
|
| 15 |
// set the location a failed attempt goes to
|
| 16 |
$redirect = $slp_options['redirect_url'];
|
|
@@ -29,9 +29,13 @@ if ( ! isset( $_GET[$question] ) )
|
|
| 29 |
if ( $_GET[$question] !== $answer ) {
|
| 30 |
wp_redirect( esc_url_raw ($redirect), 302 );
|
| 31 |
|
| 32 |
-
if ( $form_request
|
| 33 |
-
wp_redirect( esc_url_raw ($redirect), 302 );
|
| 34 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 35 |
}
|
| 36 |
}
|
| 37 |
}
|
| 10 |
add_action( 'login_init', 'slp_login_stringcheck' );
|
| 11 |
function slp_login_stringcheck() {
|
| 12 |
|
| 13 |
+
global $slp_options, $custom_url, $custom_logged_out;
|
| 14 |
|
| 15 |
// set the location a failed attempt goes to
|
| 16 |
$redirect = $slp_options['redirect_url'];
|
| 29 |
if ( $_GET[$question] !== $answer ) {
|
| 30 |
wp_redirect( esc_url_raw ($redirect), 302 );
|
| 31 |
|
| 32 |
+
// if ( $form_request <= $custom_logged_out ) {
|
| 33 |
+
// wp_redirect( esc_url_raw ($redirect), 302 );
|
| 34 |
+
|
| 35 |
+
if ( $form_request != $custom_url ) {
|
| 36 |
+
wp_redirect( esc_url_raw ($redirect), 302 );
|
| 37 |
+
}
|
| 38 |
+
// }
|
| 39 |
}
|
| 40 |
}
|
| 41 |
}
|
includes/settings-page.php
CHANGED
|
@@ -7,11 +7,11 @@ function slp_register_settings() {
|
|
| 7 |
|
| 8 |
add_action( 'admin_init', 'slp_email_admin' );
|
| 9 |
function slp_email_admin() {
|
| 10 |
-
global $slp_options;
|
| 11 |
if ( isset( $slp_options['enable'] ) && $slp_options['question'] && $slp_options['answer'] && isset ( $_POST['email-admin'] ) && current_user_can( 'manage_options' ) ) {
|
| 12 |
$to = get_bloginfo( 'admin_email' );
|
| 13 |
$subject = sprintf( __( 'Custom login URL for %s', 'stealth-login-page' ), get_bloginfo( 'name' ) );
|
| 14 |
-
$message = sprintf( __( 'Your custom login URL for %1$s is %2$s', 'stealth-login-page' ), get_bloginfo( 'name' ),
|
| 15 |
wp_mail( $to, $subject, $message );
|
| 16 |
}
|
| 17 |
}
|
|
@@ -39,7 +39,7 @@ function slp_admin() {
|
|
| 39 |
|
| 40 |
<label class="description" for="slp_settings[enable]"><?php _e( 'Enable Stealth Mode', 'stealth-login-page' ); ?></label>
|
| 41 |
|
| 42 |
-
<p><?php _e( 'Those attempting to gain access to your login form will be automatcally redirected to a
|
| 43 |
|
| 44 |
<label class="description" for="slp_settings[redirect_url]"><?php _e( 'URL to redirect unauthorized attempts to', 'stealth-login-page' ); ?></label>
|
| 45 |
|
| 7 |
|
| 8 |
add_action( 'admin_init', 'slp_email_admin' );
|
| 9 |
function slp_email_admin() {
|
| 10 |
+
global $slp_options, $custom_url;
|
| 11 |
if ( isset( $slp_options['enable'] ) && $slp_options['question'] && $slp_options['answer'] && isset ( $_POST['email-admin'] ) && current_user_can( 'manage_options' ) ) {
|
| 12 |
$to = get_bloginfo( 'admin_email' );
|
| 13 |
$subject = sprintf( __( 'Custom login URL for %s', 'stealth-login-page' ), get_bloginfo( 'name' ) );
|
| 14 |
+
$message = sprintf( __( 'Your custom login URL for %1$s is %2$s', 'stealth-login-page' ), get_bloginfo( 'name' ), $custom_url );
|
| 15 |
wp_mail( $to, $subject, $message );
|
| 16 |
}
|
| 17 |
}
|
| 39 |
|
| 40 |
<label class="description" for="slp_settings[enable]"><?php _e( 'Enable Stealth Mode', 'stealth-login-page' ); ?></label>
|
| 41 |
|
| 42 |
+
<p><?php _e( 'Those attempting to gain access to your login form will be automatcally redirected to a customizable URL. Enter that URL below.', 'stealth-login-page' ); ?></p>
|
| 43 |
|
| 44 |
<label class="description" for="slp_settings[redirect_url]"><?php _e( 'URL to redirect unauthorized attempts to', 'stealth-login-page' ); ?></label>
|
| 45 |
|
languages/{stealth-login-page-de_de.po → stealth-login-page-de_DE.po}
RENAMED
|
File without changes
|
plugin.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
/*
|
| 3 |
Plugin Name: Stealth Login Page
|
| 4 |
Plugin URI: http://wordpress.org/extend/plugins/stealth-login-page/
|
| 5 |
-
Version: 2.
|
| 6 |
Author: Jesse Petersen
|
| 7 |
Author URI: http://www.petersenmediagroup.com
|
| 8 |
Description: Protect your /wp-admin and wp-login.php pages from being accessed without editing .htaccess
|
|
@@ -74,12 +74,34 @@ function slp_admin_settings_link( $links, $file ) {
|
|
| 74 |
|
| 75 |
}
|
| 76 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 77 |
// Global Variables ---------------------- //
|
| 78 |
$slp_prefix = 'slp_';
|
| 79 |
$slp_plugin_name = 'Stealth Login Page';
|
| 80 |
// retrieve plugin settings from options table
|
| 81 |
$slp_options = get_option('slp_settings');
|
| 82 |
$custom_url = wp_login_url() . '?' . $slp_options['question'] . '=' . $slp_options['answer'];
|
|
|
|
|
|
|
|
|
|
| 83 |
|
| 84 |
// Includes ------------------------------ //
|
| 85 |
include('includes/settings-page.php'); // loads the admin settings page
|
| 2 |
/*
|
| 3 |
Plugin Name: Stealth Login Page
|
| 4 |
Plugin URI: http://wordpress.org/extend/plugins/stealth-login-page/
|
| 5 |
+
Version: 2.1.1
|
| 6 |
Author: Jesse Petersen
|
| 7 |
Author URI: http://www.petersenmediagroup.com
|
| 8 |
Description: Protect your /wp-admin and wp-login.php pages from being accessed without editing .htaccess
|
| 74 |
|
| 75 |
}
|
| 76 |
|
| 77 |
+
/**
|
| 78 |
+
* Edit the logout/login/lost_password URLs to the new custom URL
|
| 79 |
+
*
|
| 80 |
+
* @since 2.1.0
|
| 81 |
+
* @param $old
|
| 82 |
+
* @param $new
|
| 83 |
+
* @param $url
|
| 84 |
+
* @return array
|
| 85 |
+
*/
|
| 86 |
+
add_filter('site_url', 'wplogin_filter', 10, 3);
|
| 87 |
+
function wplogin_filter( $url, $path, $orig_scheme ) {
|
| 88 |
+
global $custom_url_ending;
|
| 89 |
+
|
| 90 |
+
$old = array( "/(wp-login\.php)/");
|
| 91 |
+
$new = array( $custom_url_ending );
|
| 92 |
+
|
| 93 |
+
return preg_replace( $old, $new, $url, 1);
|
| 94 |
+
}
|
| 95 |
+
|
| 96 |
// Global Variables ---------------------- //
|
| 97 |
$slp_prefix = 'slp_';
|
| 98 |
$slp_plugin_name = 'Stealth Login Page';
|
| 99 |
// retrieve plugin settings from options table
|
| 100 |
$slp_options = get_option('slp_settings');
|
| 101 |
$custom_url = wp_login_url() . '?' . $slp_options['question'] . '=' . $slp_options['answer'];
|
| 102 |
+
$custom_url_ending = "wp-login.php?" . $slp_options['question'] . '=' . $slp_options['answer'];
|
| 103 |
+
$custom_logged_out = $custom_url . '?loggedout=true';
|
| 104 |
+
$custom_lost_password = $custom_url . '&action=lostpassword';
|
| 105 |
|
| 106 |
// Includes ------------------------------ //
|
| 107 |
include('includes/settings-page.php'); // loads the admin settings page
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
| 4 |
Tags: login, wp-admin, redirect, security, 302
|
| 5 |
Requires at least: 3.4.2
|
| 6 |
Tested up to: 3.5.1
|
| 7 |
-
Stable tag: 2.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -65,6 +65,14 @@ See more [examples](http://www.petersenmediagroup.com/plugins/stealth-login-page
|
|
| 65 |
|
| 66 |
== Changelog ==
|
| 67 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 68 |
= 2.0.2 =
|
| 69 |
* Bugfix - activating plugin error
|
| 70 |
|
|
@@ -96,6 +104,14 @@ See more [examples](http://www.petersenmediagroup.com/plugins/stealth-login-page
|
|
| 96 |
|
| 97 |
== Upgrade Notice ==
|
| 98 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 99 |
= 2.0.2 =
|
| 100 |
* Bugfix - activating plugin error
|
| 101 |
|
| 4 |
Tags: login, wp-admin, redirect, security, 302
|
| 5 |
Requires at least: 3.4.2
|
| 6 |
Tested up to: 3.5.1
|
| 7 |
+
Stable tag: 2.1.1
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 65 |
|
| 66 |
== Changelog ==
|
| 67 |
|
| 68 |
+
= 2.1.1 =
|
| 69 |
+
* Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
| 70 |
+
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|
| 71 |
+
* This plugin is solid, once again.
|
| 72 |
+
|
| 73 |
+
= 2.1.0 =
|
| 74 |
+
* Corrected the logout link in the dashboard and the lost password link on the login page.
|
| 75 |
+
|
| 76 |
= 2.0.2 =
|
| 77 |
* Bugfix - activating plugin error
|
| 78 |
|
| 104 |
|
| 105 |
== Upgrade Notice ==
|
| 106 |
|
| 107 |
+
= 2.1.1 =
|
| 108 |
+
* CRITICAL Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
| 109 |
+
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|
| 110 |
+
* This plugin is solid, once again.
|
| 111 |
+
|
| 112 |
+
= 2.1.0 =
|
| 113 |
+
* Corrected the logout link in the dashboard and the lost password link on the login page.
|
| 114 |
+
|
| 115 |
= 2.0.2 =
|
| 116 |
* Bugfix - activating plugin error
|
| 117 |
|
