WP Hide & Security Enhancer

Version Description

Load plugin styles and scripts only when one of plugin admin menus
Use default_value when input field is empty
Reset All Settings button for reverting all options to default
Fix - double slash in plugin path when usee plugins_url filter
Individual plugins path processing before general plugin path
New component - URL Slash
Update - New Style File Path - apply when theme path already changed
Fix: Plugins path module, check if $path variable is not "/" instead empty
Default add backslash rule rule, check if not redirect to prevent infinite loops

Release Info

Developer	nsp-code
Plugin	WP Hide & Security Enhancer
Version	1.2.9
Comparing to
See all releases

Code changes from version 1.2.6 to 1.2.9

Files changed (12) hide show

css/wph.css +2 -1
include/admin-interface.class.php +6 -1
include/functions.class.php +74 -0
include/wph.class.php +58 -23
js/wph.js +15 -0
modules/components/rewrite-default.php +1 -4
modules/components/rewrite-new_plugin_path.php +9 -10
modules/components/rewrite-new_theme_path.php +19 -0
modules/components/rewrite-slash.php +59 -0
modules/module-rewrite.php +3 -0
readme.txt +27 -7
wp-hide.php +2 -2

css/wph.css CHANGED Viewed

	@@ -1,11 +1,12 @@
1	#wph h2.nav-tab-wrapper{padding-left: 10px}
2	#wph h2 .nav-tab {font-size: 12px; font-weight: bold; padding: 2px 10px 3px; margin-right: 0;}

3	#wph .ajax_loading {display: none}
4	#wph .postbox .inside { margin: 0; padding: 0;}
5	#wph h3.handle {border-bottom: 1px solid #e1e1e1; font-size: 14px; line-height: 1.4; margin: 0; padding: 8px 12px;}
6	#wph .postbox {margin-bottom: 0px}
7	#wph .wph_input fieldset label {padding-bottom: 5px; display: block;}
8	-
9
10	table.wph_input { border: 0 none; background: #fff;}
11	table.wph_input tbody tr td { padding: 10px 12px; border-top: 1px solid #f5f5f5; border-bottom: 0 none; width: 100%;box-sizing: border-box;}


1	#wph h2.nav-tab-wrapper{padding-left: 10px}
2	#wph h2 .nav-tab {font-size: 12px; font-weight: bold; padding: 2px 10px 3px; margin-right: 0;}
3	+ #wph h2 #reset_settings{font-size: 11px; height: auto; line-height: 20px; padding: 1px 5px;}
4	#wph .ajax_loading {display: none}
5	#wph .postbox .inside { margin: 0; padding: 0;}
6	#wph h3.handle {border-bottom: 1px solid #e1e1e1; font-size: 14px; line-height: 1.4; margin: 0; padding: 8px 12px;}
7	#wph .postbox {margin-bottom: 0px}
8	#wph .wph_input fieldset label {padding-bottom: 5px; display: block;}
9	+ #wph #reset_settings_form {display: none}
10
11	table.wph_input { border: 0 none; background: #fff;}
12	table.wph_input tbody tr td { padding: 10px 12px; border-top: 1px solid #f5f5f5; border-bottom: 0 none; width: 100%;box-sizing: border-box;}

include/admin-interface.class.php CHANGED Viewed

	@@ -246,7 +246,12 @@
246	}
247
248	?>
249	- </h2>





250
251	<?php
252


246	}
247
248	?>
249	+ <a href="javascript:void(0)" class="button-secondary cancel alignright" onClick="WPH.setting_reset()" id="reset_settings" type="button">Reset All Settings</a>
250	+ </h2>
251	+ <form id="reset_settings_form" action="<?php echo admin_url( 'admin.php?page=wp-hide') ?>" method="post">
252	+ <input type="hidden" name="reset-settings" value="true" />
253	+ <?php wp_nonce_field( 'wp-hide-reset-settings', '_wpnonce' ); ?>
254	+ </form>
255
256	<?php
257

include/functions.class.php CHANGED Viewed

@@ -76,6 +76,55 @@
+                            }
                         function process_interface_save()
+                            {
@@ -121,6 +170,10 @@
                                         $field_name =   $module_setting['id'];
                                         $value      =   isset($_POST[$field_name])  ?   $_POST[$field_name] :   '';
                                         //sanitize value
                                         foreach($module_setting['sanitize_type']    as  $sanitize)
@@ -151,6 +204,27 @@
                                 $new_location   .=  '&settings_updated=true';
                                 wp_redirect($new_location);
+                            }


76
77	}
78
79	+
80	+ function reset_settings()
81	+ {
82	+
83	+ $nonce = $_POST['_wpnonce'];
84	+ if ( ! wp_verify_nonce( $nonce, 'wp-hide-reset-settings' ) )
85	+ return FALSE;
86	+
87	+ global $wph;
88	+
89	+ foreach($wph->modules as $module)
90	+ {
91	+ //proces the fields
92	+ $module_settings = $this->filter_settings( $module->get_module_settings(), TRUE );
93	+
94	+ foreach($module_settings as $module_setting)
95	+ {
96	+ if(isset($module_setting['type']) && $module_setting['type'] == 'split')
97	+ continue;
98	+
99	+ $field_name = $module_setting['id'];
100	+
101	+ $value = isset($module_setting['default_value']) ? $module_setting['default_value'] : '';
102	+
103	+ //save the value
104	+ $wph->settings['module_settings'][ $field_name ] = $value;
105	+ }
106	+
107	+ }
108	+
109	+ //update the settings
110	+ $this->update_settings($wph->settings);
111	+
112	+ //trigger the settings changed action
113	+ do_action('wph/settings_changed', $screen_slug, $tab_slug);
114	+
115	+ //redirect
116	+ $new_admin_url = $this->get_module_item_setting('admin_url' , 'admin');
117	+ if(!empty($new_admin_url) && $this->is_permalink_enabled())
118	+ $new_location = trailingslashit( site_url() ) . $new_admin_url . "/admin.php?page=wp-hide";
119	+ else
120	+ $new_location = trailingslashit( site_url() ) . "wp-admin/admin.php?page=wp-hide";
121	+
122	+ $new_location .= '&reset_settings=true';
123	+
124	+ wp_redirect($new_location);
125	+ die();
126	+
127	+ }
128
129	function process_interface_save()
130	{

170	$field_name = $module_setting['id'];
171
172	$value = isset($_POST[$field_name]) ? $_POST[$field_name] : '';
173	+
174	+ //if empty use the default
175	+ if(empty($value))
176	+ $value = $module_setting['default_value'];
177
178	//sanitize value
179	foreach($module_setting['sanitize_type'] as $sanitize)

204	$new_location .= '&settings_updated=true';
205
206	wp_redirect($new_location);
207	+ die();
208	+ }
209	+
210	+
211	+ function settings_changed_check_for_cache_plugins()
212	+ {
213	+
214	+ $active_plugins = (array) get_option( 'active_plugins', array() );
215	+
216	+ //cache plugin nottice
217	+ if(array_search('w3-total-cache/w3-total-cache.php', $active_plugins) !== FALSE)
218	+ {
219	+ //check if just flushed
220	+ if(!isset($_GET['w3tc_note']))
221	+ echo "<div class='error'><p>". __('W3 Total Cache Plugin is active, make sure you clear the cache for new changes to apply', 'wp-hide-security-enhancer') ."</p></div>";
222	+ }
223	+ if(array_search('wp-super-cache/wp-cache.php', $active_plugins) !== FALSE)
224	+ {
225	+ echo "<div class='error'><p>". __('WP Super Cache Plugin is active, make sure you clear the cache for new changes to apply', 'wp-hide-security-enhancer') ."</p></div>";
226	+ }
227	+
228	}
229
230

include/wph.class.php CHANGED Viewed

	@@ -15,7 +15,10 @@
15
16	var $disable_filters = FALSE;
17	var $permalinks_not_applied = FALSE;

18	var $doing_interface_save = FALSE;


19	var $uninstall = FALSE;
20
21	var $is_initialised = FALSE;
	@@ -50,6 +53,13 @@
50	$this->disable_filters = TRUE;
51	}
52







53	//check for permalink issues
54	$this->permalinks_not_applied = ! $this->functions->htaccess_rules_applied();
55
	@@ -77,8 +87,7 @@
77	add_action('admin_menu', array($this, 'admin_menus'));
78	add_action('admin_init', array($this, 'admin_init'), 11);
79
80	- ~~add_action('admin_print_styles' , array($this, 'admin_print_styles'));~~
81	-
82	//rebuild and change uppon settings modified
83	add_action('wph/settings_changed', array($this, 'settings_changed'));
84	add_filter('mod_rewrite_rules', array($this, 'mod_rewrite_rules'), 999);
	@@ -164,9 +173,17 @@
164	*/
165	function admin_init()
166	{






167	//check for interface submit
168	if($this->doing_interface_save === TRUE)
169	- ~~$this->functions->process_interface_save();~~


170	}
171
172
	@@ -178,19 +195,39 @@
178
179	}
180

















181	function admin_menus()
182	{
183	include_once(WPH_PATH . '/include/admin-interface.class.php');
184
185	$this->admin_interface = new WPH_interface();
186
187	- add_menu_page('WP Hide', 'WP Hide', 'manage_options', 'wp-hide');
188	-
189	foreach($this->modules as $module)
190	{
191	$interface_menu_data = $module->get_interface_menu_data();
192
193	- add_submenu_page( 'wp-hide', 'WP Hide', $interface_menu_data['menu_title'], 'manage_options', $interface_menu_data['menu_slug'], array($this->admin_interface,'_render'));



194	}
195
196	}
	@@ -224,28 +261,20 @@
224	echo "<div class='error'><p>". __('Unable to write custom rules to your .htaccess. Is this file writable? <br />No mod is being applied.', 'wp-hide-security-enhancer') ."</p></div>";
225	}
226







227
228	if(isset($_GET['settings_updated']))
229	{
230	echo "<div class='updated'><p>". __('Settings saved', 'wp-hide-security-enhancer') ."</p></div>";
231
232	- $~~active_plugins =~~ (~~array~~) ~~get_option( 'active_plugins', array() )~~;
233	-
234	- //cache plugin nottice
235	- if(array_search('w3-total-cache/w3-total-cache.php', $active_plugins) !== FALSE)
236	- {
237	- //check if just flushed
238	- if(!isset($_GET['w3tc_note']))
239	- echo "<div class='error'><p>". __('W3 Total Cache Plugin is active, make sure you clear the cache for new changes to apply', 'wp-hide-security-enhancer') ."</p></div>";
240	- }
241	- if(array_search('wp-super-cache/wp-cache.php', $active_plugins) !== FALSE)
242	- {
243	- echo "<div class='error'><p>". __('WP Super Cache Plugin is active, make sure you clear the cache for new changes to apply', 'wp-hide-security-enhancer') ."</p></div>";
244	- }
245	}
246	-
247	-
248	-
249
250	}
251
	@@ -265,7 +294,13 @@
265	//replace the urls
266	$buffer = $this->functions->text_urls_replacement($buffer, $this->urls_replacement);
267
268	-






269	$buffer = apply_filters( 'wph/ob_start_callback', $buffer );
270
271	return $buffer;


15
16	var $disable_filters = FALSE;
17	var $permalinks_not_applied = FALSE;
18	+
19	var $doing_interface_save = FALSE;
20	+ var $doing_reset_settings = FALSE;
21	+
22	var $uninstall = FALSE;
23
24	var $is_initialised = FALSE;

53	$this->disable_filters = TRUE;
54	}
55
56	+ //check for reset setings
57	+ if(is_admin() && isset($_POST['reset-settings']))
58	+ {
59	+ $this->doing_reset_settings = TRUE;
60	+ $this->disable_filters = TRUE;
61	+ }
62	+
63	//check for permalink issues
64	$this->permalinks_not_applied = ! $this->functions->htaccess_rules_applied();
65

87	add_action('admin_menu', array($this, 'admin_menus'));
88	add_action('admin_init', array($this, 'admin_init'), 11);
89
90	+

91	//rebuild and change uppon settings modified
92	add_action('wph/settings_changed', array($this, 'settings_changed'));
93	add_filter('mod_rewrite_rules', array($this, 'mod_rewrite_rules'), 999);

173	*/
174	function admin_init()
175	{
176	+ //check for settings reset
177	+ if($this->doing_reset_settings === TRUE)
178	+ {
179	+ $this->functions->reset_settings();
180	+ }
181	+
182	//check for interface submit
183	if($this->doing_interface_save === TRUE)
184	+ {
185	+ $this->functions->process_interface_save();
186	+ }
187	}
188
189

195
196	}
197
198	+
199	+ function admin_print_scripts()
200	+ {
201	+
202	+ wp_register_script('wph', WPH_URL . '/js/wph.js');
203	+
204	+ // Localize the script with new data
205	+ $translation_array = array(
206	+ 'reset_confirmation' => __('Are you sure to reset all settings? All options will be removed.', 'wp-hide-security-enhancer')
207	+ );
208	+ wp_localize_script( 'wph', 'wph_vars', $translation_array );
209	+
210	+ wp_enqueue_script( 'wph');
211	+
212	+ }
213	+
214	+
215	function admin_menus()
216	{
217	include_once(WPH_PATH . '/include/admin-interface.class.php');
218
219	$this->admin_interface = new WPH_interface();
220
221	+ $hookID = add_menu_page('WP Hide', 'WP Hide', 'manage_options', 'wp-hide');
222	+
223	foreach($this->modules as $module)
224	{
225	$interface_menu_data = $module->get_interface_menu_data();
226
227	+ $hookID = add_submenu_page( 'wp-hide', 'WP Hide', $interface_menu_data['menu_title'], 'manage_options', $interface_menu_data['menu_slug'], array($this->admin_interface,'_render'));
228	+
229	+ add_action('admin_print_styles-' . $hookID , array($this, 'admin_print_styles'));
230	+ add_action('admin_print_scripts-' . $hookID , array($this, 'admin_print_scripts'));
231	}
232
233	}

261	echo "<div class='error'><p>". __('Unable to write custom rules to your .htaccess. Is this file writable? <br />No mod is being applied.', 'wp-hide-security-enhancer') ."</p></div>";
262	}
263
264	+ if(isset($_GET['reset_settings']))
265	+ {
266	+ echo "<div class='updated'><p>". __('All Settings where restored to default', 'wp-hide-security-enhancer') ."</p></div>";
267	+
268	+ $this->functions->settings_changed_check_for_cache_plugins();
269	+ }
270	+
271
272	if(isset($_GET['settings_updated']))
273	{
274	echo "<div class='updated'><p>". __('Settings saved', 'wp-hide-security-enhancer') ."</p></div>";
275
276	+ $this->functions->settings_changed_check_for_cache_plugins();












277	}



278
279	}
280

294	//replace the urls
295	$buffer = $this->functions->text_urls_replacement($buffer, $this->urls_replacement);
296
297	+ /*
298	+ foreach ($this->urls_replacement as $key => $data)
299	+ {
300	+ $buffer .= "\n $key => $data";
301	+ }
302	+ */
303	+
304	$buffer = apply_filters( 'wph/ob_start_callback', $buffer );
305
306	return $buffer;

js/wph.js ADDED Viewed

	@@ -0,0 +1,15 @@


1	+
2	+
3	+ var WPH = {
4	+
5	+ setting_reset : function () {
6	+
7	+ var agree = confirm(wph_vars.reset_confirmation);
8	+ if (!agree)
9	+ return false;
10	+
11	+ jQuery('#reset_settings_form').submit();
12	+
13	+ }
14	+
15	+ }

modules/components/rewrite-default.php CHANGED Viewed

	@@ -25,10 +25,7 @@
25	function _callback_saved_rewrite_default($saved_field_data)
26	{
27	$processing_response = array();
28	-
29	- //redirect any link without a slash
30	- $processing_response['htaccess'] = "\nRewriteCond %{REQUEST_URI} /+[^\.]+$\n"
31	- . "RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
32
33	return $processing_response;
34	}


25	function _callback_saved_rewrite_default($saved_field_data)
26	{
27	$processing_response = array();
28	+



29
30	return $processing_response;
31	}

modules/components/rewrite-new_plugin_path.php CHANGED Viewed

	@@ -104,6 +104,9 @@
104	$strip_url = str_replace($path, "", $strip_url);
105	$strip_url = $this->wph->functions->untrailingslashit_all( $strip_url );
106



107	$new_url = $url;
108
109	//get active plugins
	@@ -146,14 +149,9 @@
146	function _callback_saved_new_plugin_path($saved_field_data)
147	{
148	$processing_response = array();


149
150	- //check if the field is noe empty
151	- //commented out, to allow individual plugins name to be processed
152	- /*
153	- if(empty($saved_field_data))
154	- return $processing_response;
155	- */
156	-
157	$plugin_path = $this->wph->functions->get_url_path( WP_PLUGIN_URL );
158
159	$path = '';
	@@ -161,8 +159,6 @@
161	$path = trailingslashit($this->wph->default_variables['wordpress_directory']);
162	$path .= trailingslashit( $saved_field_data );
163
164	- if(!empty($path))
165	- $htaccess = "\nRewriteRule ^" . trailingslashit( $path ) . '(.*) '. $plugin_path .'$1 [L,QSA]';
166
167	//add custom rewrite for plugins
168	//get active plugins
	@@ -182,13 +178,16 @@
182
183	//add custom path
184	$new_url = trailingslashit( site_url() ) . $plugin_custom_path;
185	- if(~~!empty(~~$path))
186	$new_url = trailingslashit( $new_url ) . $path;
187
188
189	$htaccess .= "\nRewriteRule ^" . trailingslashit( $plugin_custom_path ) . '(.*) '. trailingslashit($plugin_path) . trailingslashit($active_plugin_directory) .'$1 [L,QSA]';
190
191	}



192
193	$processing_response['htaccess'] = $htaccess;
194


104	$strip_url = str_replace($path, "", $strip_url);
105	$strip_url = $this->wph->functions->untrailingslashit_all( $strip_url );
106
107	+ //strip out any slashes in front of $path
108	+ $path = ltrim($path, '/');
109	+
110	$new_url = $url;
111
112	//get active plugins

149	function _callback_saved_new_plugin_path($saved_field_data)
150	{
151	$processing_response = array();
152	+
153	+ $htaccess = '';
154







155	$plugin_path = $this->wph->functions->get_url_path( WP_PLUGIN_URL );
156
157	$path = '';

159	$path = trailingslashit($this->wph->default_variables['wordpress_directory']);
160	$path .= trailingslashit( $saved_field_data );
161


162
163	//add custom rewrite for plugins
164	//get active plugins

178
179	//add custom path
180	$new_url = trailingslashit( site_url() ) . $plugin_custom_path;
181	+ if($path != '/')
182	$new_url = trailingslashit( $new_url ) . $path;
183
184
185	$htaccess .= "\nRewriteRule ^" . trailingslashit( $plugin_custom_path ) . '(.*) '. trailingslashit($plugin_path) . trailingslashit($active_plugin_directory) .'$1 [L,QSA]';
186
187	}
188	+
189	+ if($path != '/')
190	+ $htaccess .= "\nRewriteRule ^" . trailingslashit( $path ) . '(.*) '. $plugin_path .'$1 [L,QSA]';
191
192	$processing_response['htaccess'] = $htaccess;
193

modules/components/rewrite-new_theme_path.php CHANGED Viewed

@@ -227,6 +227,25 @@
                                     return;
                                 add_filter('stylesheet_uri',      array(&$this, 'stylesheet_uri'), 999, 2);
+                            }
                         function _callback_saved_new_style_file_path($saved_field_data)


227	return;
228
229	add_filter('stylesheet_uri', array(&$this, 'stylesheet_uri'), 999, 2);
230	+
231	+ //add default replacements
232	+ $old_style_file_path = $this->wph->default_variables['stylesheet_uri'];;
233	+ $new_style_file_path = trailingslashit( site_url() ) . $saved_field_data;
234	+ $this->wph->urls_replacement[ $old_style_file_path ] = $new_style_file_path;
235	+
236	+ //add replacement for style.css when already template name replaced
237	+ $template_slug = get_option('stylesheet');
238	+ if($this->wph->templates_data['_template_' . $template_slug] == 'main')
239	+ $new_theme_path = $this->wph->functions->get_module_item_setting('new_theme_path');
240	+ else
241	+ $new_theme_path = $this->wph->functions->get_module_item_setting('new_theme_child_path');
242	+
243	+ if(!empty($new_theme_path))
244	+ {
245	+ $old_style_file_path = trailingslashit( site_url() ) . trailingslashit( $new_theme_path ) . 'style.css';
246	+ $new_style_file_path = trailingslashit( site_url() ) . $saved_field_data;
247	+ $this->wph->urls_replacement[ $old_style_file_path ] = $new_style_file_path;
248	+ }
249	}
250
251	function _callback_saved_new_style_file_path($saved_field_data)

modules/components/rewrite-slash.php ADDED Viewed

	@@ -0,0 +1,59 @@


1	+ <?php
2	+
3	+ class WPH_module_rewrite_slash extends WPH_module_component
4	+ {
5	+ function get_component_title()
6	+ {
7	+ return "URL Slash";
8	+ }
9	+
10	+ function get_module_settings()
11	+ {
12	+ $this->module_settings[] = array(
13	+ 'id' => 'add_slash',
14	+ 'label' => __('URL\'s add Slash', 'wp-hide-security-enhancer'),
15	+ 'description' => __('Add a slash to any links without. This disguise any existing uppon a file, folder or a wrong url, they all be be slashed.', 'wp-hide-security-enhancer') . '<br /> '. __('On certain systems this can produce a small lag measured in milliseconds, so it should be perceptible.', 'wp-hide-security-enhancer'),
16	+
17	+ 'input_type' => 'radio',
18	+ 'options' => array(
19	+ 'yes' => __('Yes', 'wp-hide-security-enhancer'),
20	+ 'no' => __('No', 'wp-hide-security-enhancer'),
21	+ ),
22	+
23	+ 'default_value' => 'no',
24	+
25	+ 'sanitize_type' => array('sanitize_title', 'strtolower'),
26	+ 'processing_order' => 3
27	+ );
28	+
29	+ return $this->module_settings;
30	+ }
31	+
32	+
33	+ function _init_add_slash($saved_field_data)
34	+ {
35	+ if(empty($saved_field_data) \|\| $saved_field_data == 'no')
36	+ return;
37	+
38	+ //nothing to do at the moment
39	+ }
40	+
41	+ function _callback_saved_add_slash($saved_field_data)
42	+ {
43	+ $processing_response = array();
44	+
45	+ if(empty($saved_field_data) \|\| $saved_field_data == 'no')
46	+ return FALSE;
47	+
48	+ $processing_response['htaccess'] = "\nRewriteCond %{ENV:REDIRECT_STATUS} !^$"
49	+ . "\nRewriteCond %{REQUEST_URI} /+[^\.]+$"
50	+ . "\nRewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
51	+
52	+ return $processing_response;
53	+ }
54	+
55	+
56	+
57	+
58	+ }
59	+ ?>

modules/module-rewrite.php CHANGED Viewed

	@@ -32,6 +32,9 @@
32	include(WPH_PATH . "/modules/components/rewrite-root-files.php");
33	$this->components[] = new WPH_module_rewrite_root_files();
34



35
36	//action available for mu-plugins
37	do_action('wp-hide/module_load_components', $this);


32	include(WPH_PATH . "/modules/components/rewrite-root-files.php");
33	$this->components[] = new WPH_module_rewrite_root_files();
34
35	+ include(WPH_PATH . "/modules/components/rewrite-slash.php");
36	+ $this->components[] = new WPH_module_rewrite_slash();
37	+
38
39	//action available for mu-plugins
40	do_action('wp-hide/module_load_components', $this);

readme.txt CHANGED Viewed

	@@ -1,10 +1,10 @@
1	=== Plugin Name ===
2	Contributors: nsp-code
3	Donate link: http://www.nsp-code.com/donate.php
4	- Tags: hide, security, improve security, hacking, wp hide, wordpress hide
5	Requires at least: 2.8
6	- Tested up to: 4.5
7	- Stable tag: 1.2.6
8
9	Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
10
	@@ -12,11 +12,13 @@ Hide and increase Security for your WordPress website instance using smart techn
12
13	The easy way to completely hide your WordPress core files path from being show on front side. This is a huge improvement over Site Security. Provide a simple way to clean up html by removing WordPress fingerprints.
14


15	Being the best content management system, widely used, WordPress is susceptible to a large range of hacking attacks including brute-force, SQL injections, XSS, XSRF etc. Despite the fact the WordPress core is a very secure code maintained by a team of professional enthusiast, the additional plugins and themes makes the vulnerable spot of every website. In many cases, those are created by pseudo-developers who do not follow the best coding practices or simply do not own the experience to create a secure plugin.
16	Statistics reveal that every day new vulnerabilities are discovered, many affecting hundreds of thousands of WordPress websites.
17	Over 99,9% of hacked WordPress websites are target of automated malware scripts, who search for certain WordPress fingerprints. This plugin hide or replace those traces, making the hacking boots attacks useless.
18
19	- Works fine with custom WordPress directory ~~structure~~.
20
21	Once configured, you need to clear server cache data and / or any cache plugins (e.g. W3 Cache), for a new html data to generate. If use CDN this should be cache clear as well.
22
	@@ -51,6 +53,8 @@ Once configured, you need to clear server cache data and / or any cache plugins
51
52	and many more.
53


54	This plugin allow to change default Admin Url's from wp-login.php and wp-admin to something else. All original links return default theme 404 Not Found page, like nothing exists there. Beside the huge security advantage, this save lots of server processing time by reducing php code and MySQL usage since brute-force attacks trigger wrong urls.
55
56	Important: Compared to all other similar plugins which mainly use redirects, this plugin return a default theme 404 error page for all block url functionality, so is not reveal at all the link existence.
	@@ -79,7 +83,7 @@ Since version 1.2 Change individual plugin urls which make them unrecognizable,
79
80	* New Plugins Path - Change default wp-content/plugins path / url
81	* Block plugins URL - Block default wp-content/plugins url
82	- * New path / url for ~~every~~ ~~active~~ ~~plugins~~
83
84	Rewrite > Uploads
85
	@@ -100,6 +104,11 @@ Since version 1.2 Change individual plugin urls which make them unrecognizable,
100	* Block wp-signup.php - Block default wp-signup.php file
101	* Block other wp-.php files - Block other wp-.php files within WordPress Root
102





103	General / Html > Meta
104
105	* Remove Generator Meta
	@@ -148,9 +157,9 @@ Since version 1.2 Change individual plugin urls which make them unrecognizable,
148
149	== Installation ==
150
151	- 1. Upload the plugin files to the `/wp-content/plugins/wp-hide` directory, or install the plugin through the WordPress plugins screen directly.
152	2. Activate the plugin through the 'Plugins' screen in WordPress.
153	- 3. Use the WP Hide screen to configure the plugin.
154
155	== Frequently Asked Questions ==
156
	@@ -179,6 +188,17 @@ Please get in touch with us and we'll do our best to include it for a next versi
179
180	== Changelog ==
181











182	= 1.2.6 =
183	* New Component - HTML Comments replace
184	* New Component - Headers


1	=== Plugin Name ===
2	Contributors: nsp-code
3	Donate link: http://www.nsp-code.com/donate.php
4	+ Tags: hide, security, improve security, hacking, wp hide, wordpress hide, custom login url, wp-loging.php, ap-admin
5	Requires at least: 2.8
6	+ Tested up to: 4.5.2
7	+ Stable tag: 1.2.9
8
9	Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
10

12
13	The easy way to completely hide your WordPress core files path from being show on front side. This is a huge improvement over Site Security. Provide a simple way to clean up html by removing WordPress fingerprints.
14
15	+ Change the default WordPress login urls from wp-admin and wp-login.php to something totally arbitrary. No one will ever know where to try to guess a login and hack into your site. Totally invisible !!
16	+
17	Being the best content management system, widely used, WordPress is susceptible to a large range of hacking attacks including brute-force, SQL injections, XSS, XSRF etc. Despite the fact the WordPress core is a very secure code maintained by a team of professional enthusiast, the additional plugins and themes makes the vulnerable spot of every website. In many cases, those are created by pseudo-developers who do not follow the best coding practices or simply do not own the experience to create a secure plugin.
18	Statistics reveal that every day new vulnerabilities are discovered, many affecting hundreds of thousands of WordPress websites.
19	Over 99,9% of hacked WordPress websites are target of automated malware scripts, who search for certain WordPress fingerprints. This plugin hide or replace those traces, making the hacking boots attacks useless.
20
21	+ Works fine with custom WordPress directory structures e.g. custom plugins, themes, uplaods folder.
22
23	Once configured, you need to clear server cache data and / or any cache plugins (e.g. W3 Cache), for a new html data to generate. If use CDN this should be cache clear as well.
24

53
54	and many more.
55
56	+ No other plugin functionality is being blocked or interfered in any way, everything will function the same
57	+
58	This plugin allow to change default Admin Url's from wp-login.php and wp-admin to something else. All original links return default theme 404 Not Found page, like nothing exists there. Beside the huge security advantage, this save lots of server processing time by reducing php code and MySQL usage since brute-force attacks trigger wrong urls.
59
60	Important: Compared to all other similar plugins which mainly use redirects, this plugin return a default theme 404 error page for all block url functionality, so is not reveal at all the link existence.

83
84	* New Plugins Path - Change default wp-content/plugins path / url
85	* Block plugins URL - Block default wp-content/plugins url
86	+ * New path / url for Every Active Plugin
87
88	Rewrite > Uploads
89

104	* Block wp-signup.php - Block default wp-signup.php file
105	* Block other wp-.php files - Block other wp-.php files within WordPress Root
106
107	+ Rewrite > Root Files
108	+
109	+ * URL's add Slash - Add a slash to any links without. This disguise any existing uppon a file, folder or a wrong url, they all be be slashed.
110	+
111	+
112	General / Html > Meta
113
114	* Remove Generator Meta

157
158	== Installation ==
159
160	+ 1. Upload the plugin files to the `/wp-content/plugins/wp-hide-security-enhancer` directory, or install the plugin through the WordPress plugins screen directly.
161	2. Activate the plugin through the 'Plugins' screen in WordPress.
162	+ 3. Use the WP Hide menu screen to configure the plugin.
163
164	== Frequently Asked Questions ==
165

188
189	== Changelog ==
190
191	+ = 1.2.9 =
192	+ * Load plugin styles and scripts only when one of plugin admin menus
193	+ * Use default_value when input field is empty
194	+ * Reset All Settings button for reverting all options to default
195	+ * Fix - double slash in plugin path when usee plugins_url filter
196	+ * Individual plugins path processing before general plugin path
197	+ * New component - URL Slash
198	+ * Update - New Style File Path - apply when theme path already changed
199	+ * Fix: Plugins path module, check if $path variable is not "/" instead empty
200	+ * Default add backslash rule rule, check if not redirect to prevent infinite loops
201	+
202	= 1.2.6 =
203	* New Component - HTML Comments replace
204	* New Component - Headers

wp-hide.php CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: http://www.nsp-code.com
5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	- Version: 1.2.6
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/
	@@ -63,6 +63,6 @@ Domain Path: /languages/
63
64	add_action( 'activated_plugin', array($wph, 'activated_plugin'), 999, 2 );
65
66	- add_filter( 'xmlrpc_enabled', '__return_false' );
67
68	?>


5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	+ Version: 1.2.9
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/

63
64	add_action( 'activated_plugin', array($wph, 'activated_plugin'), 999, 2 );
65
66	+ add_filter( 'xmlrpc_enabled', '__return_false' );
67
68	?>

WP Hide & Security Enhancer - Version 1.2.9

Version Description

Release Info

Code changes from version 1.2.6 to 1.2.9