Version Description
- Add a custom url for login_url filter
- Better description and warning for wp-login.php change
- Add default replacement for uploads
- conflict handle - Security Firewall (WordPress Security Firewall) > Login Protection > Rename WP Login Page functionality
- wp-includes block when not logged-in
- wp-content block when not logged-in
- readme update
Download this release
Release Info
Developer | nsp-code |
Plugin | WP Hide & Security Enhancer |
Version | 1.1.2 |
Comparing to | |
See all releases |
Code changes from version 1.1 to 1.1.2
- conflicts/js/wp_simple_firewall.js +22 -0
- conflicts/wp-simple-firewall.php +115 -0
- include/functions.class.php +57 -0
- include/wph.class.php +7 -5
- languages/wp-hide-security-enhancer.mo +0 -0
- languages/wp-hide-security-enhancer.po +34 -18
- modules/components/admin-admin_url.php +5 -1
- modules/components/admin-new_wp_login_php.php +19 -6
- modules/components/rewrite-new_include_path.php +40 -0
- modules/components/rewrite-new_upload_path.php +5 -0
- modules/components/rewrite-wp_content_path.php +1 -0
- readme.txt +18 -7
- wp-hide.php +1 -1
conflicts/js/wp_simple_firewall.js
ADDED
@@ -0,0 +1,22 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
|
2 |
+
|
3 |
+
jQuery(document).on( 'click', '#WPH_conflict_handle_wp_simple_firewall_login .notice-dismiss', function() {
|
4 |
+
|
5 |
+
var queryString = { "action": "wph_notice_ignore_wp_simple_firewall", "type" : 'login'};
|
6 |
+
//send the data through ajax
|
7 |
+
jQuery.ajax({
|
8 |
+
type: 'POST',
|
9 |
+
url: ajaxurl,
|
10 |
+
data: queryString,
|
11 |
+
cache: false,
|
12 |
+
success: function(data){
|
13 |
+
|
14 |
+
|
15 |
+
},
|
16 |
+
error: function(html){
|
17 |
+
|
18 |
+
}
|
19 |
+
});
|
20 |
+
|
21 |
+
|
22 |
+
})
|
conflicts/wp-simple-firewall.php
ADDED
@@ -0,0 +1,115 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
class WPH_conflict_handle_wp_simple_firewall
|
5 |
+
{
|
6 |
+
|
7 |
+
function _construct_()
|
8 |
+
{
|
9 |
+
|
10 |
+
}
|
11 |
+
|
12 |
+
static function is_plugin_active()
|
13 |
+
{
|
14 |
+
if(defined('ICWP_DS'))
|
15 |
+
return TRUE;
|
16 |
+
else
|
17 |
+
return FALSE;
|
18 |
+
}
|
19 |
+
|
20 |
+
static public function custom_login_check()
|
21 |
+
{
|
22 |
+
if( ! self::is_plugin_active())
|
23 |
+
return FALSE;
|
24 |
+
|
25 |
+
global $oICWP_Wpsf_Controller;
|
26 |
+
|
27 |
+
//check if custom login is active
|
28 |
+
if( ! $oICWP_Wpsf_Controller->oFeatureHandlerLoginProtect->getIsCustomLoginPathEnabled())
|
29 |
+
return FALSE;
|
30 |
+
|
31 |
+
global $wph;
|
32 |
+
|
33 |
+
//attempt to disable other plugin code
|
34 |
+
add_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1 );
|
35 |
+
|
36 |
+
}
|
37 |
+
|
38 |
+
|
39 |
+
static function _on_filter_init()
|
40 |
+
{
|
41 |
+
global $wph;
|
42 |
+
|
43 |
+
if($wph->functions->anonymous_object_filter_exists('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad'))
|
44 |
+
{
|
45 |
+
//ready to process
|
46 |
+
$wph->functions->remove_anonymous_object_filter('init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'doBlockPossibleWpLoginLoad');
|
47 |
+
$wph->functions->remove_anonymous_object_filter('wp_loaded', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoadWpLogin');
|
48 |
+
$wph->functions->remove_anonymous_object_filter('login_init', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'aLoginFormAction');
|
49 |
+
$wph->functions->remove_anonymous_object_filter('site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
|
50 |
+
$wph->functions->remove_anonymous_object_filter('network_site_url', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
|
51 |
+
$wph->functions->remove_anonymous_object_filter('wp_redirect', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fCheckForLoginPhp');
|
52 |
+
$wph->functions->remove_anonymous_object_filter('et_anticipate_exceptions', 'ICWP_WPSF_Processor_LoginProtect_WpLogin', 'fAddToEtMaintenanceExceptions');
|
53 |
+
|
54 |
+
//remove this filter too
|
55 |
+
remove_action( 'init', array( 'WPH_conflict_handle_wp_simple_firewall', '_on_filter_init' ), -1);
|
56 |
+
|
57 |
+
//add an admin notice to inform about the conflict
|
58 |
+
add_action('admin_notices', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_notice' ));
|
59 |
+
add_action( 'wp_ajax_wph_notice_ignore_wp_simple_firewall', array( 'WPH_conflict_handle_wp_simple_firewall','ajax_calls' ));
|
60 |
+
add_action( 'admin_print_scripts', array( 'WPH_conflict_handle_wp_simple_firewall', 'admin_print_scripts' ) );
|
61 |
+
}
|
62 |
+
|
63 |
+
}
|
64 |
+
|
65 |
+
|
66 |
+
static function admin_notice()
|
67 |
+
{
|
68 |
+
global $current_user ;
|
69 |
+
|
70 |
+
$user_id = $current_user->ID;
|
71 |
+
|
72 |
+
//only for admins
|
73 |
+
if ( ! current_user_can( 'install_plugins' ) )
|
74 |
+
return;
|
75 |
+
|
76 |
+
$WPH_notice_wp_simple_firewall__login = get_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login');
|
77 |
+
|
78 |
+
if ( empty($WPH_notice_wp_simple_firewall__login ))
|
79 |
+
{
|
80 |
+
echo '<div id="WPH_conflict_handle_wp_simple_firewall_login" class="error notice is-dismissible"><p>';
|
81 |
+
printf('<button class="notice-dismiss" type="button"><span class="screen-reader-text">Dismiss this notice.</span></button>', '?wph_conflicts_report_wp_simple_firewall=0');
|
82 |
+
_e('<b>Conflict notice</b>: The Security Firewall - Login Protection use the Rename WP Login Page functionality which is the same as WP Hide - Admin Login Url change. ', 'wp-hide-security-enhancer');
|
83 |
+
echo "</p></div>";
|
84 |
+
}
|
85 |
+
|
86 |
+
}
|
87 |
+
|
88 |
+
static function ajax_calls()
|
89 |
+
{
|
90 |
+
global $current_user;
|
91 |
+
$user_id = $current_user->ID;
|
92 |
+
|
93 |
+
$type = isset($_POST['type']) ? $_POST['type'] : '';
|
94 |
+
|
95 |
+
switch($type)
|
96 |
+
{
|
97 |
+
case 'login':
|
98 |
+
update_user_meta($user_id, 'wph_hide_notice_wp_simple_firewall__login', 'true');
|
99 |
+
|
100 |
+
break;
|
101 |
+
|
102 |
+
}
|
103 |
+
|
104 |
+
}
|
105 |
+
|
106 |
+
static function admin_print_scripts()
|
107 |
+
{
|
108 |
+
wp_enqueue_script( 'WPH_conflict_handle_wp_simple_firewall', WPH_URL . '/conflicts/js/wp_simple_firewall.js', array( 'jquery' ), '1.0', true );
|
109 |
+
}
|
110 |
+
|
111 |
+
}
|
112 |
+
|
113 |
+
|
114 |
+
|
115 |
+
?>
|
include/functions.class.php
CHANGED
@@ -405,6 +405,63 @@
|
|
405 |
{
|
406 |
return $a['processing_order'] - $b['processing_order'];
|
407 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
408 |
|
409 |
|
410 |
/**
|
405 |
{
|
406 |
return $a['processing_order'] - $b['processing_order'];
|
407 |
}
|
408 |
+
|
409 |
+
|
410 |
+
function anonymous_object_filter_exists($tag, $class, $method)
|
411 |
+
{
|
412 |
+
if ( ! isset( $GLOBALS['wp_filter'][$tag] ) )
|
413 |
+
return FALSE;
|
414 |
+
|
415 |
+
$filters = $GLOBALS['wp_filter'][$tag];
|
416 |
+
|
417 |
+
if ( ! $filters )
|
418 |
+
return FALSE;
|
419 |
+
|
420 |
+
foreach ( $filters as $priority => $filter )
|
421 |
+
{
|
422 |
+
foreach ( $filter as $identifier => $function )
|
423 |
+
{
|
424 |
+
if ( ! is_array( $function ) )
|
425 |
+
continue;
|
426 |
+
|
427 |
+
if ( ! $function['function'][0] instanceof $class )
|
428 |
+
continue;
|
429 |
+
|
430 |
+
if ( $method == $function['function'][1] )
|
431 |
+
{
|
432 |
+
return TRUE;
|
433 |
+
}
|
434 |
+
}
|
435 |
+
}
|
436 |
+
|
437 |
+
return FALSE;
|
438 |
+
}
|
439 |
+
|
440 |
+
function remove_anonymous_object_filter( $tag, $class, $method )
|
441 |
+
{
|
442 |
+
$filters = false;
|
443 |
+
|
444 |
+
if ( isset( $GLOBALS['wp_filter'][$tag] ) )
|
445 |
+
$filters = $GLOBALS['wp_filter'][$tag];
|
446 |
+
|
447 |
+
if ( $filters )
|
448 |
+
foreach ( $filters as $priority => $filter )
|
449 |
+
{
|
450 |
+
foreach ( $filter as $identifier => $function )
|
451 |
+
{
|
452 |
+
if ( ! is_array( $function ) )
|
453 |
+
continue;
|
454 |
+
|
455 |
+
if ( ! $function['function'][0] instanceof $class )
|
456 |
+
continue;
|
457 |
+
|
458 |
+
if ( $method == $function['function'][1] )
|
459 |
+
{
|
460 |
+
remove_filter($tag, array( $function['function'][0], $method ), $priority);
|
461 |
+
}
|
462 |
+
}
|
463 |
+
}
|
464 |
+
}
|
465 |
|
466 |
|
467 |
/**
|
include/wph.class.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
class WPH
|
5 |
{
|
6 |
var $default_variables = array();
|
7 |
-
var $templates_data
|
8 |
var $urls_replacement = array();
|
9 |
|
10 |
var $modules = array();
|
@@ -13,11 +13,13 @@
|
|
13 |
|
14 |
var $functions;
|
15 |
|
16 |
-
var $disable_filters
|
17 |
-
var $doing_interface_save
|
18 |
-
var $uninstall
|
19 |
|
20 |
-
var $is_initialised
|
|
|
|
|
21 |
|
22 |
function __construct()
|
23 |
{
|
4 |
class WPH
|
5 |
{
|
6 |
var $default_variables = array();
|
7 |
+
var $templates_data = array();
|
8 |
var $urls_replacement = array();
|
9 |
|
10 |
var $modules = array();
|
13 |
|
14 |
var $functions;
|
15 |
|
16 |
+
var $disable_filters = FALSE;
|
17 |
+
var $doing_interface_save = FALSE;
|
18 |
+
var $uninstall = FALSE;
|
19 |
|
20 |
+
var $is_initialised = FALSE;
|
21 |
+
|
22 |
+
var $conflicts = array();
|
23 |
|
24 |
function __construct()
|
25 |
{
|
languages/wp-hide-security-enhancer.mo
CHANGED
Binary file
|
languages/wp-hide-security-enhancer.po
CHANGED
@@ -1,9 +1,9 @@
|
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
"Project-Id-Version: Post Types Order\n"
|
4 |
-
"POT-Creation-Date: 2016-02-
|
5 |
-
"PO-Revision-Date: 2016-02-
|
6 |
-
"Last-Translator:
|
7 |
"Language-Team: \n"
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=UTF-8\n"
|
@@ -13,26 +13,33 @@ msgstr ""
|
|
13 |
"X-Poedit-Basepath: ../\n"
|
14 |
"X-Poedit-SearchPath-0: .\n"
|
15 |
|
16 |
-
#:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
17 |
msgid "Help us to improve this plugin by reporting any issues at "
|
18 |
msgstr ""
|
19 |
|
20 |
-
#: include/wph.class.php:
|
21 |
msgid ""
|
22 |
"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
|
23 |
msgstr ""
|
24 |
|
25 |
-
#: include/wph.class.php:
|
26 |
msgid "Settings saved"
|
27 |
msgstr ""
|
28 |
|
29 |
-
#: include/wph.class.php:
|
30 |
msgid ""
|
31 |
"W3 Total Cache Plugin is active, make sure you clear the cache for new "
|
32 |
"changes to apply"
|
33 |
msgstr ""
|
34 |
|
35 |
-
#: include/wph.class.php:
|
36 |
msgid ""
|
37 |
"WP Super Cache Plugin is active, make sure you clear the cache for new "
|
38 |
"changes to apply"
|
@@ -73,8 +80,8 @@ msgid "with the new Login URL"
|
|
73 |
msgstr ""
|
74 |
|
75 |
#: modules/components/admin-admin_url.php:27
|
76 |
-
#: modules/components/admin-new_wp_login_php.php:
|
77 |
-
#: modules/components/admin-new_wp_login_php.php:
|
78 |
#: modules/components/general-meta.php:15
|
79 |
#: modules/components/general-meta.php:31
|
80 |
#: modules/components/general-meta.php:48
|
@@ -83,6 +90,7 @@ msgstr ""
|
|
83 |
#: modules/components/general-remove_version.php:15
|
84 |
#: modules/components/general-wpemoji.php:15
|
85 |
#: modules/components/general-wpemoji.php:31
|
|
|
86 |
#: modules/components/rewrite-new_plugin_path.php:28
|
87 |
#: modules/components/rewrite-new_upload_path.php:28
|
88 |
#: modules/components/rewrite-wp_content_path.php:16
|
@@ -90,8 +98,8 @@ msgid "Yes"
|
|
90 |
msgstr ""
|
91 |
|
92 |
#: modules/components/admin-admin_url.php:28
|
93 |
-
#: modules/components/admin-new_wp_login_php.php:
|
94 |
-
#: modules/components/admin-new_wp_login_php.php:
|
95 |
#: modules/components/general-meta.php:16
|
96 |
#: modules/components/general-meta.php:32
|
97 |
#: modules/components/general-meta.php:49
|
@@ -100,27 +108,28 @@ msgstr ""
|
|
100 |
#: modules/components/general-remove_version.php:16
|
101 |
#: modules/components/general-wpemoji.php:16
|
102 |
#: modules/components/general-wpemoji.php:32
|
|
|
103 |
#: modules/components/rewrite-new_plugin_path.php:29
|
104 |
#: modules/components/rewrite-new_upload_path.php:29
|
105 |
#: modules/components/rewrite-wp_content_path.php:17
|
106 |
msgid "No"
|
107 |
msgstr ""
|
108 |
|
109 |
-
#: modules/components/admin-admin_url.php:
|
110 |
msgid "Hello"
|
111 |
msgstr ""
|
112 |
|
113 |
-
#: modules/components/admin-admin_url.php:
|
114 |
msgid ""
|
115 |
"This is an automated message to inform that your login url has been changed "
|
116 |
"at"
|
117 |
msgstr ""
|
118 |
|
119 |
-
#: modules/components/admin-admin_url.php:
|
120 |
msgid "The new login url is"
|
121 |
msgstr ""
|
122 |
|
123 |
-
#: modules/components/admin-admin_url.php:
|
124 |
msgid "Please keep this url safe for recover, if forgot"
|
125 |
msgstr ""
|
126 |
|
@@ -128,11 +137,18 @@ msgstr ""
|
|
128 |
msgid "Map a new wp-login.php instead default."
|
129 |
msgstr ""
|
130 |
|
131 |
-
#: modules/components/admin-new_wp_login_php.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
132 |
msgid "Block default wp-login.php file from being accesible."
|
133 |
msgstr ""
|
134 |
|
135 |
-
#: modules/components/admin-new_wp_login_php.php:
|
136 |
msgid ""
|
137 |
"Block default wp-signup.php file from being accesible. This redirect to new "
|
138 |
"admin login if changed. The registration page remain available."
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
"Project-Id-Version: Post Types Order\n"
|
4 |
+
"POT-Creation-Date: 2016-02-26 19:13+0200\n"
|
5 |
+
"PO-Revision-Date: 2016-02-26 19:13+0200\n"
|
6 |
+
"Last-Translator: nsp-code <electronice_delphi@yahoo.com>\n"
|
7 |
"Language-Team: \n"
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=UTF-8\n"
|
13 |
"X-Poedit-Basepath: ../\n"
|
14 |
"X-Poedit-SearchPath-0: .\n"
|
15 |
|
16 |
+
#: conflicts/wp-simple-firewall.php:82
|
17 |
+
msgid ""
|
18 |
+
"<b>Conflict notice</b>: The Security Firewall - Login Protection use the "
|
19 |
+
"Rename WP Login Page functionality which is the same as WP Hide - Admin "
|
20 |
+
"Login Url change. "
|
21 |
+
msgstr ""
|
22 |
+
|
23 |
+
#: include/wph.class.php:196
|
24 |
msgid "Help us to improve this plugin by reporting any issues at "
|
25 |
msgstr ""
|
26 |
|
27 |
+
#: include/wph.class.php:201
|
28 |
msgid ""
|
29 |
"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
|
30 |
msgstr ""
|
31 |
|
32 |
+
#: include/wph.class.php:206
|
33 |
msgid "Settings saved"
|
34 |
msgstr ""
|
35 |
|
36 |
+
#: include/wph.class.php:213
|
37 |
msgid ""
|
38 |
"W3 Total Cache Plugin is active, make sure you clear the cache for new "
|
39 |
"changes to apply"
|
40 |
msgstr ""
|
41 |
|
42 |
+
#: include/wph.class.php:217
|
43 |
msgid ""
|
44 |
"WP Super Cache Plugin is active, make sure you clear the cache for new "
|
45 |
"changes to apply"
|
80 |
msgstr ""
|
81 |
|
82 |
#: modules/components/admin-admin_url.php:27
|
83 |
+
#: modules/components/admin-new_wp_login_php.php:28
|
84 |
+
#: modules/components/admin-new_wp_login_php.php:45
|
85 |
#: modules/components/general-meta.php:15
|
86 |
#: modules/components/general-meta.php:31
|
87 |
#: modules/components/general-meta.php:48
|
90 |
#: modules/components/general-remove_version.php:15
|
91 |
#: modules/components/general-wpemoji.php:15
|
92 |
#: modules/components/general-wpemoji.php:31
|
93 |
+
#: modules/components/rewrite-new_include_path.php:27
|
94 |
#: modules/components/rewrite-new_plugin_path.php:28
|
95 |
#: modules/components/rewrite-new_upload_path.php:28
|
96 |
#: modules/components/rewrite-wp_content_path.php:16
|
98 |
msgstr ""
|
99 |
|
100 |
#: modules/components/admin-admin_url.php:28
|
101 |
+
#: modules/components/admin-new_wp_login_php.php:29
|
102 |
+
#: modules/components/admin-new_wp_login_php.php:46
|
103 |
#: modules/components/general-meta.php:16
|
104 |
#: modules/components/general-meta.php:32
|
105 |
#: modules/components/general-meta.php:49
|
108 |
#: modules/components/general-remove_version.php:16
|
109 |
#: modules/components/general-wpemoji.php:16
|
110 |
#: modules/components/general-wpemoji.php:32
|
111 |
+
#: modules/components/rewrite-new_include_path.php:28
|
112 |
#: modules/components/rewrite-new_plugin_path.php:29
|
113 |
#: modules/components/rewrite-new_upload_path.php:29
|
114 |
#: modules/components/rewrite-wp_content_path.php:17
|
115 |
msgid "No"
|
116 |
msgstr ""
|
117 |
|
118 |
+
#: modules/components/admin-admin_url.php:179
|
119 |
msgid "Hello"
|
120 |
msgstr ""
|
121 |
|
122 |
+
#: modules/components/admin-admin_url.php:180
|
123 |
msgid ""
|
124 |
"This is an automated message to inform that your login url has been changed "
|
125 |
"at"
|
126 |
msgstr ""
|
127 |
|
128 |
+
#: modules/components/admin-admin_url.php:181
|
129 |
msgid "The new login url is"
|
130 |
msgstr ""
|
131 |
|
132 |
+
#: modules/components/admin-admin_url.php:182
|
133 |
msgid "Please keep this url safe for recover, if forgot"
|
134 |
msgstr ""
|
135 |
|
137 |
msgid "Map a new wp-login.php instead default."
|
138 |
msgstr ""
|
139 |
|
140 |
+
#: modules/components/admin-new_wp_login_php.php:12
|
141 |
+
msgid ""
|
142 |
+
"Warning: Make sure your log-in url is not already modified by another "
|
143 |
+
"plugin / theme. In such case, you should disable other code to take "
|
144 |
+
"advantage of these features. More details at "
|
145 |
+
msgstr ""
|
146 |
+
|
147 |
+
#: modules/components/admin-new_wp_login_php.php:24
|
148 |
msgid "Block default wp-login.php file from being accesible."
|
149 |
msgstr ""
|
150 |
|
151 |
+
#: modules/components/admin-new_wp_login_php.php:41
|
152 |
msgid ""
|
153 |
"Block default wp-signup.php file from being accesible. This redirect to new "
|
154 |
"admin login if changed. The registration page remain available."
|
modules/components/admin-admin_url.php
CHANGED
@@ -41,7 +41,7 @@
|
|
41 |
|
42 |
function _init_admin_url($saved_field_data)
|
43 |
{
|
44 |
-
//check if the value has changed,
|
45 |
$previous_url = get_option('wph-previous-admin-url');
|
46 |
if($saved_field_data != $previous_url)
|
47 |
{
|
@@ -52,6 +52,10 @@
|
|
52 |
if(empty($saved_field_data))
|
53 |
return FALSE;
|
54 |
|
|
|
|
|
|
|
|
|
55 |
$default_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
|
56 |
$new_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . $saved_field_data );
|
57 |
|
41 |
|
42 |
function _init_admin_url($saved_field_data)
|
43 |
{
|
44 |
+
//check if the value has changed, e-mail the new url to site administrator
|
45 |
$previous_url = get_option('wph-previous-admin-url');
|
46 |
if($saved_field_data != $previous_url)
|
47 |
{
|
52 |
if(empty($saved_field_data))
|
53 |
return FALSE;
|
54 |
|
55 |
+
//conflict handle with other plugins
|
56 |
+
include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
|
57 |
+
WPH_conflict_handle_wp_simple_firewall::custom_login_check();
|
58 |
+
|
59 |
$default_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . 'wp-admin' );
|
60 |
$new_url = $this->wph->functions->get_url_path( trailingslashit( site_url() ) . $saved_field_data );
|
61 |
|
modules/components/admin-new_wp_login_php.php
CHANGED
@@ -8,7 +8,8 @@
|
|
8 |
$this->module_settings[] = array(
|
9 |
'id' => 'new_wp_login_php',
|
10 |
'label' => 'New wp-login.php',
|
11 |
-
'description' => __('Map a new wp-login.php instead default.', 'wp-hide-security-enhancer')
|
|
|
12 |
|
13 |
'input_type' => 'text',
|
14 |
|
@@ -60,7 +61,13 @@
|
|
60 |
{
|
61 |
if(empty($saved_field_data) || $saved_field_data == 'no')
|
62 |
return FALSE;
|
63 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
64 |
|
65 |
//add replacement
|
66 |
$url = trailingslashit( site_url() ) . 'wp-login.php';
|
@@ -69,12 +76,21 @@
|
|
69 |
$this->wph->urls_replacement[ $url ] = trailingslashit( site_url() ) . $saved_field_data;
|
70 |
}
|
71 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
72 |
|
73 |
function _callback_saved_new_wp_login_php($saved_field_data)
|
74 |
{
|
75 |
$processing_response = array();
|
76 |
|
77 |
-
//check if the field is noe empty
|
78 |
if(empty($saved_field_data))
|
79 |
return $processing_response;
|
80 |
|
@@ -103,7 +119,6 @@
|
|
103 |
{
|
104 |
$processing_response = array();
|
105 |
|
106 |
-
//check if the field is noe empty
|
107 |
if(empty($saved_field_data) || $saved_field_data == 'no')
|
108 |
return $processing_response;
|
109 |
|
@@ -130,10 +145,8 @@
|
|
130 |
{
|
131 |
$processing_response = array();
|
132 |
|
133 |
-
//check if the field is noe empty
|
134 |
if(empty($saved_field_data) || $saved_field_data == 'no')
|
135 |
return $processing_response;
|
136 |
-
|
137 |
|
138 |
$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
|
139 |
$text .= "RewriteRule ^wp-signup.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
|
8 |
$this->module_settings[] = array(
|
9 |
'id' => 'new_wp_login_php',
|
10 |
'label' => 'New wp-login.php',
|
11 |
+
'description' => __('Map a new wp-login.php instead default.', 'wp-hide-security-enhancer')
|
12 |
+
. '<br /><span class="important">' . __('Warning: Make sure your log-in url is not already modified by another plugin / theme. In such case, you should disable other code to take advantage of these features. More details at ', 'wp-hide-security-enhancer') . '</span> ' . '<a target="_blank" href="http://www.wp-hide.com/login-conflicts/">Login Conflicts</a>',
|
13 |
|
14 |
'input_type' => 'text',
|
15 |
|
61 |
{
|
62 |
if(empty($saved_field_data) || $saved_field_data == 'no')
|
63 |
return FALSE;
|
64 |
+
|
65 |
+
//conflict handle with other plugins
|
66 |
+
include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
|
67 |
+
WPH_conflict_handle_wp_simple_firewall::custom_login_check();
|
68 |
+
|
69 |
+
|
70 |
+
add_filter('login_url', array($this,'login_url'), 999, 3 );
|
71 |
|
72 |
//add replacement
|
73 |
$url = trailingslashit( site_url() ) . 'wp-login.php';
|
76 |
$this->wph->urls_replacement[ $url ] = trailingslashit( site_url() ) . $saved_field_data;
|
77 |
}
|
78 |
}
|
79 |
+
|
80 |
+
|
81 |
+
function login_url($login_url, $redirect, $force_reauth)
|
82 |
+
{
|
83 |
+
$new_wp_login_php = $this->wph->functions->get_module_item_setting('new_wp_login_php');
|
84 |
+
|
85 |
+
$login_url = site_url($new_wp_login_php, 'login');
|
86 |
+
|
87 |
+
return $login_url;
|
88 |
+
}
|
89 |
|
90 |
function _callback_saved_new_wp_login_php($saved_field_data)
|
91 |
{
|
92 |
$processing_response = array();
|
93 |
|
|
|
94 |
if(empty($saved_field_data))
|
95 |
return $processing_response;
|
96 |
|
119 |
{
|
120 |
$processing_response = array();
|
121 |
|
|
|
122 |
if(empty($saved_field_data) || $saved_field_data == 'no')
|
123 |
return $processing_response;
|
124 |
|
145 |
{
|
146 |
$processing_response = array();
|
147 |
|
|
|
148 |
if(empty($saved_field_data) || $saved_field_data == 'no')
|
149 |
return $processing_response;
|
|
|
150 |
|
151 |
$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
|
152 |
$text .= "RewriteRule ^wp-signup.php ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
|
modules/components/rewrite-new_include_path.php
CHANGED
@@ -17,6 +17,21 @@
|
|
17 |
'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
|
18 |
'processing_order' => 20
|
19 |
);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
|
21 |
return $this->module_settings;
|
22 |
}
|
@@ -115,6 +130,31 @@
|
|
115 |
|
116 |
$scripts = $this->wph->functions->default_scripts_styles_replace($scripts, array('wp-includes' => $include_path));
|
117 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
118 |
|
119 |
|
120 |
}
|
17 |
'sanitize_type' => array(array($this->wph->functions, 'sanitize_file_path_name')),
|
18 |
'processing_order' => 20
|
19 |
);
|
20 |
+
$this->module_settings[] = array(
|
21 |
+
'id' => 'block_wpinclude_url',
|
22 |
+
'label' => 'Block wp-include URL',
|
23 |
+
'description' => 'Block wp-include files from being accesible through default urls. <br />Apply only if <b>New Include Path</b> is not empty. It block only for non loged-in users.',
|
24 |
+
|
25 |
+
'input_type' => 'radio',
|
26 |
+
'options' => array(
|
27 |
+
'yes' => __('Yes', 'wp-hide'),
|
28 |
+
'no' => __('No', 'wp-hide'),
|
29 |
+
),
|
30 |
+
'default_value' => 'no',
|
31 |
+
|
32 |
+
'sanitize_type' => array('sanitize_title', 'strtolower'),
|
33 |
+
'processing_order' => 19
|
34 |
+
);
|
35 |
|
36 |
return $this->module_settings;
|
37 |
}
|
130 |
|
131 |
$scripts = $this->wph->functions->default_scripts_styles_replace($scripts, array('wp-includes' => $include_path));
|
132 |
}
|
133 |
+
|
134 |
+
|
135 |
+
function _callback_saved_block_wpinclude_url($saved_field_data)
|
136 |
+
{
|
137 |
+
$processing_response = array();
|
138 |
+
|
139 |
+
if(empty($saved_field_data) || $saved_field_data == 'no')
|
140 |
+
return FALSE;
|
141 |
+
|
142 |
+
//prevent from blocking if the wp-include is not modified
|
143 |
+
$new_include_path = $this->wph->functions->get_module_item_setting('new_include_path');
|
144 |
+
if (empty( $new_include_path ))
|
145 |
+
return FALSE;
|
146 |
+
|
147 |
+
|
148 |
+
$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
|
149 |
+
$text .= "RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]\n";
|
150 |
+
$text .= "RewriteRule ^wp-includes(.*) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
|
151 |
+
|
152 |
+
$processing_response['htaccess'] = $text;
|
153 |
+
|
154 |
+
return $processing_response;
|
155 |
+
|
156 |
+
}
|
157 |
+
|
158 |
|
159 |
|
160 |
}
|
modules/components/rewrite-new_upload_path.php
CHANGED
@@ -48,6 +48,11 @@
|
|
48 |
|
49 |
add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
|
50 |
//add_filter('wp_get_attachment_url', array( $this, 'wp_get_attachment_url' ), 999, 2);
|
|
|
|
|
|
|
|
|
|
|
51 |
}
|
52 |
|
53 |
function _callback_saved_new_upload_path($saved_field_data)
|
48 |
|
49 |
add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
|
50 |
//add_filter('wp_get_attachment_url', array( $this, 'wp_get_attachment_url' ), 999, 2);
|
51 |
+
|
52 |
+
//add default plugin path replacement
|
53 |
+
$new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
|
54 |
+
$new_url = trailingslashit( site_url() ) . $new_upload_path;
|
55 |
+
$this->wph->urls_replacement[$this->wph->default_variables['upload_url']] = $new_url;
|
56 |
}
|
57 |
|
58 |
function _callback_saved_new_upload_path($saved_field_data)
|
modules/components/rewrite-wp_content_path.php
CHANGED
@@ -42,6 +42,7 @@
|
|
42 |
$content_directory = $this->wph->default_variables['content_directory'];
|
43 |
|
44 |
$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
|
|
|
45 |
$text .= "RewriteRule ^". $content_directory ."(.*) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
|
46 |
|
47 |
$processing_response['htaccess'] = $text;
|
42 |
$content_directory = $this->wph->default_variables['content_directory'];
|
43 |
|
44 |
$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
|
45 |
+
$text .= "RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]\n";
|
46 |
$text .= "RewriteRule ^". $content_directory ."(.*) ". $this->wph->default_variables['site_relative_path'] ."index.php [L]";
|
47 |
|
48 |
$processing_response['htaccess'] = $text;
|
readme.txt
CHANGED
@@ -4,9 +4,9 @@ Donate link: http://www.nsp-code.com/donate.php
|
|
4 |
Tags: hide, security, improve security, hacking, wp hide, wordpress hide
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 4.4.2
|
7 |
-
Stable tag: 1.1
|
8 |
|
9 |
-
Hide and increase Security for your WordPress website instance using smart techniques.
|
10 |
|
11 |
== Description ==
|
12 |
|
@@ -19,7 +19,7 @@ Over 99,9% of hacked WordPress websites are target of automated malware scripts,
|
|
19 |
**Main plugin functionality:**
|
20 |
|
21 |
* Custom admin Url
|
22 |
-
* Block default
|
23 |
* Block any direct folder access to completely hide the structure
|
24 |
* Custom wp-login.php filename
|
25 |
* Block default wp-login.php
|
@@ -36,6 +36,7 @@ Over 99,9% of hacked WordPress websites are target of automated malware scripts,
|
|
36 |
* Block default upload urls
|
37 |
* Remove wordpress version
|
38 |
* Meta Generator block
|
|
|
39 |
* Remove wlwmanifest Meta
|
40 |
* Remove rsd_link Meta
|
41 |
* Remove wpemoji
|
@@ -62,9 +63,10 @@ Feel free to contact us at electronice_delphi@yahoo.com
|
|
62 |
|
63 |
= Something is wrong, what can i do? =
|
64 |
|
65 |
-
|
66 |
-
|
67 |
-
If
|
|
|
68 |
|
69 |
= I have no PHP knowledge at all, is this plugin for me? =
|
70 |
|
@@ -81,6 +83,16 @@ Please get in touch with us and we'll do our best to include it for a next versi
|
|
81 |
|
82 |
== Changelog ==
|
83 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
84 |
= 1.1 =
|
85 |
* Po / Mo localisation files update
|
86 |
* Update class to process the further structure changes and current components fields name change.
|
@@ -117,5 +129,4 @@ Always keep plugin up to date.
|
|
117 |
|
118 |
|
119 |
== Localization ==
|
120 |
-
Available in English.
|
121 |
Please help and translate this plugin to your language at https://translate.wordpress.org/projects/wp-plugins/wp-hide-security-enhancer
|
4 |
Tags: hide, security, improve security, hacking, wp hide, wordpress hide
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 4.4.2
|
7 |
+
Stable tag: 1.1.2
|
8 |
|
9 |
+
Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
10 |
|
11 |
== Description ==
|
12 |
|
19 |
**Main plugin functionality:**
|
20 |
|
21 |
* Custom admin Url
|
22 |
+
* Block default admin Url
|
23 |
* Block any direct folder access to completely hide the structure
|
24 |
* Custom wp-login.php filename
|
25 |
* Block default wp-login.php
|
36 |
* Block default upload urls
|
37 |
* Remove wordpress version
|
38 |
* Meta Generator block
|
39 |
+
* Disble the emoji and required javascript code
|
40 |
* Remove wlwmanifest Meta
|
41 |
* Remove rsd_link Meta
|
42 |
* Remove wpemoji
|
63 |
|
64 |
= Something is wrong, what can i do? =
|
65 |
|
66 |
+
* First, stay calm. There will be no harm, guaranteed :)
|
67 |
+
* Go to admin and change some of plugin options to see which one cause the problem. Then report it to forum or get in touch with us to fix it.
|
68 |
+
* If for some reason the site appear broken, you should back-up then replace the .htaccess file located on your WordPress root. Then remove the wp-hide-security-enhancer from your plugin directory.
|
69 |
+
* If still no luck, please get in touch with us at electronice_delphi@yahoo.com and we'll fix it for you in no time!
|
70 |
|
71 |
= I have no PHP knowledge at all, is this plugin for me? =
|
72 |
|
83 |
|
84 |
== Changelog ==
|
85 |
|
86 |
+
= 1.1.2 =
|
87 |
+
* Add a custom url for login_url filter
|
88 |
+
* Better description and warning for wp-login.php change
|
89 |
+
* Add default replacement for uploads
|
90 |
+
* conflict handle - Security Firewall (WordPress Security Firewall) > Login Protection > Rename WP Login Page functionality
|
91 |
+
* wp-includes block when not logged-in
|
92 |
+
* wp-content block when not logged-in
|
93 |
+
* readme update
|
94 |
+
|
95 |
+
|
96 |
= 1.1 =
|
97 |
* Po / Mo localisation files update
|
98 |
* Update class to process the further structure changes and current components fields name change.
|
129 |
|
130 |
|
131 |
== Localization ==
|
|
|
132 |
Please help and translate this plugin to your language at https://translate.wordpress.org/projects/wp-plugins/wp-hide-security-enhancer
|
wp-hide.php
CHANGED
@@ -5,7 +5,7 @@ Plugin URI: http://www.nsp-code.com
|
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
-
Version: 1.1
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
+
Version: 1.1.2
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|