WP Hide & Security Enhancer

Version Description

Add a custom url for login_url filter
Better description and warning for wp-login.php change
Add default replacement for uploads
conflict handle - Security Firewall (WordPress Security Firewall) > Login Protection > Rename WP Login Page functionality
wp-includes block when not logged-in
wp-content block when not logged-in
readme update

Release Info

Developer	nsp-code
Plugin	WP Hide & Security Enhancer
Version	1.1.2
Comparing to
See all releases

Code changes from version 1.1 to 1.1.2

Files changed (13) hide show

conflicts/js/wp_simple_firewall.js +22 -0
conflicts/wp-simple-firewall.php +115 -0
include/functions.class.php +57 -0
include/wph.class.php +7 -5
languages/wp-hide-security-enhancer.mo +0 -0
languages/wp-hide-security-enhancer.po +34 -18
modules/components/admin-admin_url.php +5 -1
modules/components/admin-new_wp_login_php.php +19 -6
modules/components/rewrite-new_include_path.php +40 -0
modules/components/rewrite-new_upload_path.php +5 -0
modules/components/rewrite-wp_content_path.php +1 -0
readme.txt +18 -7
wp-hide.php +1 -1

conflicts/js/wp_simple_firewall.js ADDED Viewed

	@@ -0,0 +1,22 @@


1	+
2	+
3	+ jQuery(document).on( 'click', '#WPH_conflict_handle_wp_simple_firewall_login .notice-dismiss', function() {
4	+
5	+ var queryString = { "action": "wph_notice_ignore_wp_simple_firewall", "type" : 'login'};
6	+ //send the data through ajax
7	+ jQuery.ajax({
8	+ type: 'POST',
9	+ url: ajaxurl,
10	+ data: queryString,
11	+ cache: false,
12	+ success: function(data){
13	+
14	+
15	+ },
16	+ error: function(html){
17	+
18	+ }
19	+ });
20	+
21	+
22	+ })

conflicts/wp-simple-firewall.php ADDED Viewed

	@@ -0,0 +1,115 @@


1	+ <?php
2	+
3	+
4	+ class WPH_conflict_handle_wp_simple_firewall
5	+ {
6	+
7	+ function _construct_()
8	+ {
9	+
10	+ }
11	+
12	+ static function is_plugin_active()
13	+ {
14	+ if(defined('ICWP_DS'))
15	+ return TRUE;
16	+ else
17	+ return FALSE;
18	+ }
19	+
20	+ static public function custom_login_check()
21	+ {
22	+ if( ! self::is_plugin_active())
23	+ return FALSE;
24	+
25	+ global $oICWP_Wpsf_Controller;
26	+
27	+ //check if custom login is active
28	+ if( ! $oICWP_Wpsf_Controller->oFeatureHandlerLoginProtect->getIsCustomLoginPathEnabled())
29	+ return FALSE;
30	+
31	+ global $wph;
32	+
33	+ //attempt to disable other plugin code
34	+ add_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1 );
35	+
36	+ }
37	+
38	+
39	+ static function _on_filter_init()
40	+ {
41	+ global $wph;
42	+
43	+ if($wph->functions->anonymous_object_filter_exists('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad'))
44	+ {
45	+ //ready to process
46	+ $wph->functions->remove_anonymous_object_filter('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad');
47	+ $wph->functions->remove_anonymous_object_filter('wp_loaded', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoadWpLogin');
48	+ $wph->functions->remove_anonymous_object_filter('login_init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoginFormAction');
49	+ $wph->functions->remove_anonymous_object_filter('site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
50	+ $wph->functions->remove_anonymous_object_filter('network_site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
51	+ $wph->functions->remove_anonymous_object_filter('wp_redirect', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
52	+ $wph->functions->remove_anonymous_object_filter('et_anticipate_exceptions', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fAddToEtMaintenanceExceptions');
53	+
54	+ //remove this filter too
55	+ remove_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1);
56	+
57	+ //add an admin notice to inform about the conflict
58	+ add_action('admin_notices', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_notice' ));
59	+ add_action( 'wp_ajax_wph_notice_ignore_wp_simple_firewall', array( 'WPH_conflict_handle_wp_simple_firewall','ajax_calls' ));
60	+ add_action( 'admin_print_scripts', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_print_scripts' ) );
61	+ }
62	+
63	+ }
64	+
65	+
66	+ static function admin_notice()
67	+ {
68	+ global $current_user ;
69	+
70	+ $user_id = $current_user->ID;
71	+
72	+ //only for admins
73	+ if ( ! current_user_can( 'install_plugins' ) )
74	+ return;
75	+
76	+ $WPH_notice_wp_simple_firewall__login = get_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login');
77	+
78	+ if ( empty($WPH_notice_wp_simple_firewall__login ))
79	+ {
80	+ echo '<div id="WPH_conflict_handle_wp_simple_firewall_login" class="error notice is-dismissible"><p>';
81	+ printf('<button class="notice-dismiss" type="button"><span class="screen-reader-text">Dismiss this notice.</span></button>', '?wph_conflicts_report_wp_simple_firewall=0');
82	+ _e('<b>Conflict notice</b>: The Security Firewall - Login Protection use the Rename WP Login Page functionality which is the same as WP Hide - Admin Login Url change. ', 'wp-hide-security-enhancer');
83	+ echo "</p></div>";
84	+ }
85	+
86	+ }
87	+
88	+ static function ajax_calls()
89	+ {
90	+ global $current_user;
91	+ $user_id = $current_user->ID;
92	+
93	+ $type = isset($_POST['type']) ? $_POST['type'] : '';
94	+
95	+ switch($type)
96	+ {
97	+ case 'login':
98	+ update_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login', 'true');
99	+
100	+ break;
101	+
102	+ }
103	+
104	+ }
105	+
106	+ static function admin_print_scripts()
107	+ {
108	+ wp_enqueue_script( 'WPH_conflict_handle_wp_simple_firewall', WPH_URL . '/conflicts/js/wp_simple_firewall.js', array( 'jquery' ), '1.0', true );
109	+ }
110	+
111	+ }
112	+
113	+
114	+
115	+ ?>

include/functions.class.php CHANGED Viewed

@@ -405,6 +405,63 @@
+                            {
                                 return $a['processing_order'] - $b['processing_order'];
+                            }
                         /**


405	{
406	return $a['processing_order'] - $b['processing_order'];
407	}
408	+
409	+
410	+ function anonymous_object_filter_exists($tag, $class, $method)
411	+ {
412	+ if ( ! isset( $GLOBALS['wp_filter'][$tag] ) )
413	+ return FALSE;
414	+
415	+ $filters = $GLOBALS['wp_filter'][$tag];
416	+
417	+ if ( ! $filters )
418	+ return FALSE;
419	+
420	+ foreach ( $filters as $priority => $filter )
421	+ {
422	+ foreach ( $filter as $identifier => $function )
423	+ {
424	+ if ( ! is_array( $function ) )
425	+ continue;
426	+
427	+ if ( ! $function['function'][0] instanceof $class )
428	+ continue;
429	+
430	+ if ( $method == $function['function'][1] )
431	+ {
432	+ return TRUE;
433	+ }
434	+ }
435	+ }
436	+
437	+ return FALSE;
438	+ }
439	+
440	+ function remove_anonymous_object_filter( $tag, $class, $method )
441	+ {
442	+ $filters = false;
443	+
444	+ if ( isset( $GLOBALS['wp_filter'][$tag] ) )
445	+ $filters = $GLOBALS['wp_filter'][$tag];
446	+
447	+ if ( $filters )
448	+ foreach ( $filters as $priority => $filter )
449	+ {
450	+ foreach ( $filter as $identifier => $function )
451	+ {
452	+ if ( ! is_array( $function ) )
453	+ continue;
454	+
455	+ if ( ! $function['function'][0] instanceof $class )
456	+ continue;
457	+
458	+ if ( $method == $function['function'][1] )
459	+ {
460	+ remove_filter($tag, array( $function['function'][0], $method ), $priority);
461	+ }
462	+ }
463	+ }
464	+ }
465
466
467	/**

include/wph.class.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	class WPH
5	{
6	var $default_variables = array();
7	- var $templates_data = array();
8	var $urls_replacement = array();
9
10	var $modules = array();
	@@ -13,11 +13,13 @@
13
14	var $functions;
15
16	- var $disable_filters = FALSE;
17	- var $doing_interface_save = FALSE;
18	- var $uninstall = FALSE;
19
20	- var $is_initialised = FALSE;


21
22	function __construct()
23	{


4	class WPH
5	{
6	var $default_variables = array();
7	+ var $templates_data = array();
8	var $urls_replacement = array();
9
10	var $modules = array();

13
14	var $functions;
15
16	+ var $disable_filters = FALSE;
17	+ var $doing_interface_save = FALSE;
18	+ var $uninstall = FALSE;
19
20	+ var $is_initialised = FALSE;
21	+
22	+ var $conflicts = array();
23
24	function __construct()
25	{

languages/wp-hide-security-enhancer.mo CHANGED Viewed

Binary file

languages/wp-hide-security-enhancer.po CHANGED Viewed

	@@ -1,9 +1,9 @@
1	msgid ""
2	msgstr ""
3	"Project-Id-Version: Post Types Order\n"
4	- "POT-Creation-Date: 2016-02-11 21:36+0200\n"
5	- "PO-Revision-Date: 2016-02-11 21:36+0200\n"
6	- "Last-Translator: ~~Nsp~~-~~Code~~ <~~contact~~@~~nsp-code~~.com>\n"
7	"Language-Team: \n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
	@@ -13,26 +13,33 @@ msgstr ""
13	"X-Poedit-Basepath: ../\n"
14	"X-Poedit-SearchPath-0: .\n"
15
16	- #: ~~include~~/~~wph~~.~~class.~~php:~~194~~







17	msgid "Help us to improve this plugin by reporting any issues at "
18	msgstr ""
19
20	- #: include/wph.class.php:~~199~~
21	msgid ""
22	"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
23	msgstr ""
24
25	- #: include/wph.class.php:~~204~~
26	msgid "Settings saved"
27	msgstr ""
28
29	- #: include/wph.class.php:~~211~~
30	msgid ""
31	"W3 Total Cache Plugin is active, make sure you clear the cache for new "
32	"changes to apply"
33	msgstr ""
34
35	- #: include/wph.class.php:~~215~~
36	msgid ""
37	"WP Super Cache Plugin is active, make sure you clear the cache for new "
38	"changes to apply"
	@@ -73,8 +80,8 @@ msgid "with the new Login URL"
73	msgstr ""
74
75	#: modules/components/admin-admin_url.php:27
76	- #: modules/components/admin-new_wp_login_php.php:27
77	- #: modules/components/admin-new_wp_login_php.php:44
78	#: modules/components/general-meta.php:15
79	#: modules/components/general-meta.php:31
80	#: modules/components/general-meta.php:48
	@@ -83,6 +90,7 @@ msgstr ""
83	#: modules/components/general-remove_version.php:15
84	#: modules/components/general-wpemoji.php:15
85	#: modules/components/general-wpemoji.php:31

86	#: modules/components/rewrite-new_plugin_path.php:28
87	#: modules/components/rewrite-new_upload_path.php:28
88	#: modules/components/rewrite-wp_content_path.php:16
	@@ -90,8 +98,8 @@ msgid "Yes"
90	msgstr ""
91
92	#: modules/components/admin-admin_url.php:28
93	- #: modules/components/admin-new_wp_login_php.php:28
94	- #: modules/components/admin-new_wp_login_php.php:45
95	#: modules/components/general-meta.php:16
96	#: modules/components/general-meta.php:32
97	#: modules/components/general-meta.php:49
	@@ -100,27 +108,28 @@ msgstr ""
100	#: modules/components/general-remove_version.php:16
101	#: modules/components/general-wpemoji.php:16
102	#: modules/components/general-wpemoji.php:32

103	#: modules/components/rewrite-new_plugin_path.php:29
104	#: modules/components/rewrite-new_upload_path.php:29
105	#: modules/components/rewrite-wp_content_path.php:17
106	msgid "No"
107	msgstr ""
108
109	- #: modules/components/admin-admin_url.php:~~175~~
110	msgid "Hello"
111	msgstr ""
112
113	- #: modules/components/admin-admin_url.php:~~176~~
114	msgid ""
115	"This is an automated message to inform that your login url has been changed "
116	"at"
117	msgstr ""
118
119	- #: modules/components/admin-admin_url.php:~~177~~
120	msgid "The new login url is"
121	msgstr ""
122
123	- #: modules/components/admin-admin_url.php:~~178~~
124	msgid "Please keep this url safe for recover, if forgot"
125	msgstr ""
126
	@@ -128,11 +137,18 @@ msgstr ""
128	msgid "Map a new wp-login.php instead default."
129	msgstr ""
130
131	- #: modules/components/admin-new_wp_login_php.php:23







132	msgid "Block default wp-login.php file from being accesible."
133	msgstr ""
134
135	- #: modules/components/admin-new_wp_login_php.php:40
136	msgid ""
137	"Block default wp-signup.php file from being accesible. This redirect to new "
138	"admin login if changed. The registration page remain available."


1	msgid ""
2	msgstr ""
3	"Project-Id-Version: Post Types Order\n"
4	+ "POT-Creation-Date: 2016-02-26 19:13+0200\n"
5	+ "PO-Revision-Date: 2016-02-26 19:13+0200\n"
6	+ "Last-Translator: nsp-code <electronice_delphi@yahoo.com>\n"
7	"Language-Team: \n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"

13	"X-Poedit-Basepath: ../\n"
14	"X-Poedit-SearchPath-0: .\n"
15
16	+ #: conflicts/wp-simple-firewall.php:82
17	+ msgid ""
18	+ "<b>Conflict notice</b>: The Security Firewall - Login Protection use the "
19	+ "Rename WP Login Page functionality which is the same as WP Hide - Admin "
20	+ "Login Url change. "
21	+ msgstr ""
22	+
23	+ #: include/wph.class.php:196
24	msgid "Help us to improve this plugin by reporting any issues at "
25	msgstr ""
26
27	+ #: include/wph.class.php:201
28	msgid ""
29	"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
30	msgstr ""
31
32	+ #: include/wph.class.php:206
33	msgid "Settings saved"
34	msgstr ""
35
36	+ #: include/wph.class.php:213
37	msgid ""
38	"W3 Total Cache Plugin is active, make sure you clear the cache for new "
39	"changes to apply"
40	msgstr ""
41
42	+ #: include/wph.class.php:217
43	msgid ""
44	"WP Super Cache Plugin is active, make sure you clear the cache for new "
45	"changes to apply"

80	msgstr ""
81
82	#: modules/components/admin-admin_url.php:27
83	+ #: modules/components/admin-new_wp_login_php.php:28
84	+ #: modules/components/admin-new_wp_login_php.php:45
85	#: modules/components/general-meta.php:15
86	#: modules/components/general-meta.php:31
87	#: modules/components/general-meta.php:48

90	#: modules/components/general-remove_version.php:15
91	#: modules/components/general-wpemoji.php:15
92	#: modules/components/general-wpemoji.php:31
93	+ #: modules/components/rewrite-new_include_path.php:27
94	#: modules/components/rewrite-new_plugin_path.php:28
95	#: modules/components/rewrite-new_upload_path.php:28
96	#: modules/components/rewrite-wp_content_path.php:16

98	msgstr ""
99
100	#: modules/components/admin-admin_url.php:28
101	+ #: modules/components/admin-new_wp_login_php.php:29
102	+ #: modules/components/admin-new_wp_login_php.php:46
103	#: modules/components/general-meta.php:16
104	#: modules/components/general-meta.php:32
105	#: modules/components/general-meta.php:49

108	#: modules/components/general-remove_version.php:16
109	#: modules/components/general-wpemoji.php:16
110	#: modules/components/general-wpemoji.php:32
111	+ #: modules/components/rewrite-new_include_path.php:28
112	#: modules/components/rewrite-new_plugin_path.php:29
113	#: modules/components/rewrite-new_upload_path.php:29
114	#: modules/components/rewrite-wp_content_path.php:17
115	msgid "No"
116	msgstr ""
117
118	+ #: modules/components/admin-admin_url.php:179
119	msgid "Hello"
120	msgstr ""
121
122	+ #: modules/components/admin-admin_url.php:180
123	msgid ""
124	"This is an automated message to inform that your login url has been changed "
125	"at"
126	msgstr ""
127
128	+ #: modules/components/admin-admin_url.php:181
129	msgid "The new login url is"
130	msgstr ""
131
132	+ #: modules/components/admin-admin_url.php:182
133	msgid "Please keep this url safe for recover, if forgot"
134	msgstr ""
135

137	msgid "Map a new wp-login.php instead default."
138	msgstr ""
139
140	+ #: modules/components/admin-new_wp_login_php.php:12
141	+ msgid ""
142	+ "Warning: Make sure your log-in url is not already modified by another "
143	+ "plugin / theme. In such case, you should disable other code to take "
144	+ "advantage of these features. More details at "
145	+ msgstr ""
146	+
147	+ #: modules/components/admin-new_wp_login_php.php:24
148	msgid "Block default wp-login.php file from being accesible."
149	msgstr ""
150
151	+ #: modules/components/admin-new_wp_login_php.php:41
152	msgid ""
153	"Block default wp-signup.php file from being accesible. This redirect to new "
154	"admin login if changed. The registration page remain available."

modules/components/admin-admin_url.php CHANGED Viewed

	@@ -41,7 +41,7 @@
41
42	function _init_admin_url($saved_field_data)
43	{
44	- //check if the value has changed, to e-mail the new url to site administrator
45	$previous_url = get_option('wph-previous-admin-url');
46	if($saved_field_data != $previous_url)
47	{
	@@ -52,6 +52,10 @@
52	if(empty($saved_field_data))
53	return FALSE;
54




55	$default_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
56	$new_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . $saved_field_data );
57


41
42	function _init_admin_url($saved_field_data)
43	{
44	+ //check if the value has changed, e-mail the new url to site administrator
45	$previous_url = get_option('wph-previous-admin-url');
46	if($saved_field_data != $previous_url)
47	{

52	if(empty($saved_field_data))
53	return FALSE;
54
55	+ //conflict handle with other plugins
56	+ include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
57	+ WPH_conflict_handle_wp_simple_firewall::custom_login_check();
58	+
59	$default_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
60	$new_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . $saved_field_data );
61

modules/components/admin-new_wp_login_php.php CHANGED Viewed

	@@ -8,7 +8,8 @@
8	$this->module_settings[] = array(
9	'id' => 'new_wp_login_php',
10	'label' => 'New wp-login.php',
11	- 'description' => __('Map a new wp-login.php instead default.', 'wp-hide-security-enhancer'),

12
13	'input_type' => 'text',
14
	@@ -60,7 +61,13 @@
60	{
61	if(empty($saved_field_data) \|\| $saved_field_data == 'no')
62	return FALSE;
63	-






64
65	//add replacement
66	$url = trailingslashit( site_url() ) . 'wp-login.php';
	@@ -69,12 +76,21 @@
69	$this->wph->urls_replacement[ $url ] = trailingslashit( site_url() ) . $saved_field_data;
70	}
71	}










72
73	function _callback_saved_new_wp_login_php($saved_field_data)
74	{
75	$processing_response = array();
76
77	- //check if the field is noe empty
78	if(empty($saved_field_data))
79	return $processing_response;
80
	@@ -103,7 +119,6 @@
103	{
104	$processing_response = array();
105
106	- //check if the field is noe empty
107	if(empty($saved_field_data) \|\| $saved_field_data == 'no')
108	return $processing_response;
109
	@@ -130,10 +145,8 @@
130	{
131	$processing_response = array();
132
133	- //check if the field is noe empty
134	if(empty($saved_field_data) \|\| $saved_field_data == 'no')
135	return $processing_response;
136	-
137
138	$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
139	$text .= "RewriteRule ^wp-signup.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";


8	$this->module_settings[] = array(
9	'id' => 'new_wp_login_php',
10	'label' => 'New wp-login.php',
11	+ 'description' => __('Map a new wp-login.php instead default.', 'wp-hide-security-enhancer')
12	+ . '<br /><span class="important">' . __('Warning: Make sure your log-in url is not already modified by another plugin / theme. In such case, you should disable other code to take advantage of these features. More details at ', 'wp-hide-security-enhancer') . '</span> ' . '<a target="_blank" href="http://www.wp-hide.com/login-conflicts/">Login Conflicts</a>',
13
14	'input_type' => 'text',
15

61	{
62	if(empty($saved_field_data) \|\| $saved_field_data == 'no')
63	return FALSE;
64	+
65	+ //conflict handle with other plugins
66	+ include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
67	+ WPH_conflict_handle_wp_simple_firewall::custom_login_check();
68	+
69	+
70	+ add_filter('login_url', array($this,'login_url'), 999, 3 );
71
72	//add replacement
73	$url = trailingslashit( site_url() ) . 'wp-login.php';

76	$this->wph->urls_replacement[ $url ] = trailingslashit( site_url() ) . $saved_field_data;
77	}
78	}
79	+
80	+
81	+ function login_url($login_url, $redirect, $force_reauth)
82	+ {
83	+ $new_wp_login_php = $this->wph->functions->get_module_item_setting('new_wp_login_php');
84	+
85	+ $login_url = site_url($new_wp_login_php, 'login');
86	+
87	+ return $login_url;
88	+ }
89
90	function _callback_saved_new_wp_login_php($saved_field_data)
91	{
92	$processing_response = array();
93

94	if(empty($saved_field_data))
95	return $processing_response;
96

119	{
120	$processing_response = array();
121

122	if(empty($saved_field_data) \|\| $saved_field_data == 'no')
123	return $processing_response;
124

145	{
146	$processing_response = array();
147

148	if(empty($saved_field_data) \|\| $saved_field_data == 'no')
149	return $processing_response;

150
151	$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
152	$text .= "RewriteRule ^wp-signup.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";

modules/components/rewrite-new_include_path.php CHANGED Viewed

@@ -17,6 +17,21 @@
                                                                                 'sanitize_type' =>  array(array($this->wph->functions, 'sanitize_file_path_name')),
                                                                                 'processing_order'  =>  20
                                                                                 );
                                 return $this->module_settings;
+                            }
@@ -115,6 +130,31 @@
                                 $scripts    =   $this->wph->functions->default_scripts_styles_replace($scripts, array('wp-includes'  =>  $include_path));
+                            }
+                    }


17	'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
18	'processing_order' => 20
19	);
20	+ $this->module_settings[] = array(
21	+ 'id' => 'block_wpinclude_url',
22	+ 'label' => 'Block wp-include URL',
23	+ 'description' => 'Block wp-include files from being accesible through default urls. <br />Apply only if <b>New Include Path</b> is not empty. It block only for non loged-in users.',
24	+
25	+ 'input_type' => 'radio',
26	+ 'options' => array(
27	+ 'yes' => __('Yes', 'wp-hide'),
28	+ 'no' => __('No', 'wp-hide'),
29	+ ),
30	+ 'default_value' => 'no',
31	+
32	+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
33	+ 'processing_order' => 19
34	+ );
35
36	return $this->module_settings;
37	}

130
131	$scripts = $this->wph->functions->default_scripts_styles_replace($scripts, array('wp-includes' => $include_path));
132	}
133	+
134	+
135	+ function _callback_saved_block_wpinclude_url($saved_field_data)
136	+ {
137	+ $processing_response = array();
138	+
139	+ if(empty($saved_field_data) \|\| $saved_field_data == 'no')
140	+ return FALSE;
141	+
142	+ //prevent from blocking if the wp-include is not modified
143	+ $new_include_path = $this->wph->functions->get_module_item_setting('new_include_path');
144	+ if (empty( $new_include_path ))
145	+ return FALSE;
146	+
147	+
148	+ $text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
149	+ $text .= "RewriteCond %{HTTP_COOKIE} !^.wordpress_logged_in.$ [NC]\n";
150	+ $text .= "RewriteRule ^wp-includes(.*) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
151	+
152	+ $processing_response['htaccess'] = $text;
153	+
154	+ return $processing_response;
155	+
156	+ }
157	+
158
159
160	}

modules/components/rewrite-new_upload_path.php CHANGED Viewed

	@@ -48,6 +48,11 @@
48
49	add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
50	//add_filter('wp_get_attachment_url', array( $this, 'wp_get_attachment_url' ), 999, 2);





51	}
52
53	function _callback_saved_new_upload_path($saved_field_data)


48
49	add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
50	//add_filter('wp_get_attachment_url', array( $this, 'wp_get_attachment_url' ), 999, 2);
51	+
52	+ //add default plugin path replacement
53	+ $new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
54	+ $new_url = trailingslashit( site_url() ) . $new_upload_path;
55	+ $this->wph->urls_replacement[$this->wph->default_variables['upload_url']] = $new_url;
56	}
57
58	function _callback_saved_new_upload_path($saved_field_data)

modules/components/rewrite-wp_content_path.php CHANGED Viewed

	@@ -42,6 +42,7 @@
42	$content_directory = $this->wph->default_variables['content_directory'];
43
44	$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";

45	$text .= "RewriteRule ^". $content_directory ."(.*) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
46
47	$processing_response['htaccess'] = $text;


42	$content_directory = $this->wph->default_variables['content_directory'];
43
44	$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
45	+ $text .= "RewriteCond %{HTTP_COOKIE} !^.wordpress_logged_in.$ [NC]\n";
46	$text .= "RewriteRule ^". $content_directory ."(.*) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
47
48	$processing_response['htaccess'] = $text;

readme.txt CHANGED Viewed

	@@ -4,9 +4,9 @@ Donate link: http://www.nsp-code.com/donate.php
4	Tags: hide, security, improve security, hacking, wp hide, wordpress hide
5	Requires at least: 2.8
6	Tested up to: 4.4.2
7	- Stable tag: 1.1
8
9	- Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
10
11	== Description ==
12
	@@ -19,7 +19,7 @@ Over 99,9% of hacked WordPress websites are target of automated malware scripts,
19	Main plugin functionality:
20
21	* Custom admin Url
22	- * Block default ~~urls~~
23	* Block any direct folder access to completely hide the structure
24	* Custom wp-login.php filename
25	* Block default wp-login.php
	@@ -36,6 +36,7 @@ Over 99,9% of hacked WordPress websites are target of automated malware scripts,
36	* Block default upload urls
37	* Remove wordpress version
38	* Meta Generator block

39	* Remove wlwmanifest Meta
40	* Remove rsd_link Meta
41	* Remove wpemoji
	@@ -62,9 +63,10 @@ Feel free to contact us at electronice_delphi@yahoo.com
62
63	= Something is wrong, what can i do? =
64
65	- Go ~~to admin~~, ~~and~~ ~~change some of plugin options to see which one cause the problem~~. ~~Then~~ ~~report~~ it to ~~forum~~ or ~~get in touch with us to fix it.~~
66	- If ~~for~~ ~~some~~ ~~reason~~ ~~the~~ ~~site~~ ~~appear~~ ~~broken,~~ ~~you~~ ~~should~~ ~~back-up~~ ~~then~~ ~~replace~~ the .~~htaccess~~ ~~file~~ ~~located~~ on ~~your~~ ~~WordPress~~ ~~root.~~ ~~Then~~ ~~replace~~ ~~the~~ ~~wp-hide-security-enhancer~~ ~~from~~ ~~your~~ ~~plugin~~ ~~directory~~.
67	- If ~~still~~ ~~not~~ ~~luck~~, ~~please~~ ~~get~~ in ~~touch~~ ~~with~~ us at ~~electronice_delphi@yahoo~~.~~com~~ ~~and~~ ~~we'll~~ ~~fix~~ it ~~for~~ ~~you~~ in ~~no time!~~

68
69	= I have no PHP knowledge at all, is this plugin for me? =
70
	@@ -81,6 +83,16 @@ Please get in touch with us and we'll do our best to include it for a next versi
81
82	== Changelog ==
83










84	= 1.1 =
85	* Po / Mo localisation files update
86	* Update class to process the further structure changes and current components fields name change.
	@@ -117,5 +129,4 @@ Always keep plugin up to date.
117
118
119	== Localization ==
120	- Available in English.
121	Please help and translate this plugin to your language at https://translate.wordpress.org/projects/wp-plugins/wp-hide-security-enhancer


4	Tags: hide, security, improve security, hacking, wp hide, wordpress hide
5	Requires at least: 2.8
6	Tested up to: 4.4.2
7	+ Stable tag: 1.1.2
8
9	+ Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
10
11	== Description ==
12

19	Main plugin functionality:
20
21	* Custom admin Url
22	+ * Block default admin Url
23	* Block any direct folder access to completely hide the structure
24	* Custom wp-login.php filename
25	* Block default wp-login.php

36	* Block default upload urls
37	* Remove wordpress version
38	* Meta Generator block
39	+ * Disble the emoji and required javascript code
40	* Remove wlwmanifest Meta
41	* Remove rsd_link Meta
42	* Remove wpemoji

63
64	= Something is wrong, what can i do? =
65
66	+ * First, stay calm. There will be no harm, guaranteed :)
67	+ * Go to admin and change some of plugin options to see which one cause the problem. Then report it to forum or get in touch with us to fix it.
68	+ * If for some reason the site appear broken, you should back-up then replace the .htaccess file located on your WordPress root. Then remove the wp-hide-security-enhancer from your plugin directory.
69	+ * If still no luck, please get in touch with us at electronice_delphi@yahoo.com and we'll fix it for you in no time!
70
71	= I have no PHP knowledge at all, is this plugin for me? =
72

83
84	== Changelog ==
85
86	+ = 1.1.2 =
87	+ * Add a custom url for login_url filter
88	+ * Better description and warning for wp-login.php change
89	+ * Add default replacement for uploads
90	+ * conflict handle - Security Firewall (WordPress Security Firewall) > Login Protection > Rename WP Login Page functionality
91	+ * wp-includes block when not logged-in
92	+ * wp-content block when not logged-in
93	+ * readme update
94	+
95	+
96	= 1.1 =
97	* Po / Mo localisation files update
98	* Update class to process the further structure changes and current components fields name change.

129
130
131	== Localization ==

132	Please help and translate this plugin to your language at https://translate.wordpress.org/projects/wp-plugins/wp-hide-security-enhancer

wp-hide.php CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: http://www.nsp-code.com
5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	- Version: 1.1
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/


5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	+ Version: 1.1.2
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/

WP Hide & Security Enhancer - Version 1.1.2

Version Description

Release Info

Code changes from version 1.1 to 1.1.2