WP Hide & Security Enhancer

Version Description

If no server type identification possible, try to check for .htaccess file
Improved .htaccess search mod, Use preg_grep for identify the begin and end of WordPress rules
Output notice when no supported server was found
Use separate block of rules for .htaccess file, outside of WordPress lines
Improved server htaccess support check
Moved WPH_CACHE_PATH constant declaration from mu loader to wph class
Use shutdown hock instead wp_loaded when plugin inline updated
Use FS_CHMOD_FILE for $wp_filesystem->put_contents

Release Info

Developer	nsp-code
Plugin	WP Hide & Security Enhancer
Version	1.4.4.4
Comparing to
See all releases

Code changes from version 1.4.4.2 to 1.4.4.4

Files changed (8) hide show

conflicts/wp-fastest-cache.php +1 -1
include/functions.class.php +57 -2
include/update.class.php +30 -33
include/wph.class.php +26 -6
mu-loader/wp-hide-loader.php +1 -2
readme.txt +11 -1
router/class.file-processor.php +1 -1
wp-hide.php +1 -1

conflicts/wp-fastest-cache.php CHANGED Viewed

	@@ -27,7 +27,7 @@
27
28	global $wph;
29
30	- add_action('plugins_loaded', array('WPH_conflict_handle_wp_fastest_cache', 'plugins_loaded'));
31
32	}
33


27
28	global $wph;
29
30	+ //add_action('plugins_loaded', array('WPH_conflict_handle_wp_fastest_cache', 'plugins_loaded'));
31
32	}
33

include/functions.class.php CHANGED Viewed

@@ -432,7 +432,47 @@
                         */
                         function server_use_htaccess_config_file()
+                            {
                                 if ($this->apache_mod_loaded('mod_rewrite', true))
                                     return TRUE;
@@ -595,6 +635,21 @@
+                            }
                         function get_write_check_string()
+                            {
                                 $home_path      = $this->get_home_path();
@@ -604,7 +659,7 @@
                                 $result =   FALSE;
                                 //check for .htaccess
-            -
                                if ( $this->server_use_htaccess_config_file())
+                                    {
                                         $file_path = $home_path . DIRECTORY_SEPARATOR . '.htaccess';
                                         if(file_exists( $file_path ))
@@ -624,7 +679,7 @@
+                                    }
                                 //check for web.config
-            -
                                if ( $this->server_use_web_config_file())
+                                    {
                                         $file_path  =   $home_path . DIRECTORY_SEPARATOR . 'web.config';
                                         if(file_exists( $file_path ))


432	*/
433	function server_use_htaccess_config_file()
434	{
435	+
436	+ $home_path = $this->get_home_path();
437	+ $htaccess_file = $home_path . DIRECTORY_SEPARATOR . '.htaccess';
438	+
439	+ if ((!file_exists($htaccess_file) && is_writable($home_path) && $this->using_mod_rewrite_permalinks()) \|\| is_writable($htaccess_file))
440	+ {
441	+ if ( $this->got_mod_rewrite() )
442	+ return TRUE;
443	+ }
444	+
445	+ return FALSE;
446	+
447	+ }
448	+
449	+
450	+ function using_mod_rewrite_permalinks()
451	+ {
452	+
453	+ return $this->is_permalink_enabled() && ! $this->using_index_permalinks();
454	+
455	+ }
456	+
457	+
458	+ function using_index_permalinks()
459	+ {
460	+
461	+ $permalink_structure = get_option('permalink_structure');
462	+
463	+ if(empty($permalink_structure))
464	+ return;
465
466	+ $index = 'index.php';
467	+
468	+ // If the index is not in the permalink, we're using mod_rewrite.
469	+ return preg_match( '#^/*' . $index . '#', $permalink_structure );
470	+
471	+ }
472	+
473	+ function got_mod_rewrite()
474	+ {
475	+
476	if ($this->apache_mod_loaded('mod_rewrite', true))
477	return TRUE;
478

635	}
636
637
638	+ function force_server_rewrite_type_detect()
639	+ {
640	+
641	+ //check for .htaccess file
642	+ $home_path = $this->get_home_path();
643	+ $htaccess_file = $home_path . DIRECTORY_SEPARATOR . '.htaccess';
644	+
645	+ if (file_exists($htaccess_file))
646	+ {
647	+ $this->wph->server_htaccess_config = TRUE;
648	+ }
649	+
650	+ }
651	+
652	+
653	function get_write_check_string()
654	{
655	$home_path = $this->get_home_path();

659	$result = FALSE;
660
661	//check for .htaccess
662	+ if ( $this->wph->server_htaccess_config === TRUE )
663	{
664	$file_path = $home_path . DIRECTORY_SEPARATOR . '.htaccess';
665	if(file_exists( $file_path ))

679	}
680
681	//check for web.config
682	+ if ( $this->wph->server_web_config === TRUE )
683	{
684	$file_path = $home_path . DIRECTORY_SEPARATOR . 'web.config';
685	if(file_exists( $file_path ))

include/update.class.php CHANGED Viewed

	@@ -34,8 +34,8 @@
34
35	if (version_compare($version, WPH_CORE_VERSION, '<'))
36	{
37	- ~~//keep track of flushed rules to avoid doing it multiple times~~
38	- $~~_triggered_flush_rules~~ = FALSE;
39
40	if(version_compare($version, '1.1', '<'))
41	{
	@@ -71,11 +71,7 @@
71	if(version_compare($version, '1.3', '<'))
72	{
73	//flush rules
74	- ~~if( !~~ ~~$_triggered_flush_rules )~~
75	- {
76	- add_action('wp_loaded', array($this, 'flush_rules') , -1);
77	- $_triggered_flush_rules = TRUE;
78	- }
79
80	$version = '1.3';
81	}
	@@ -84,11 +80,7 @@
84	if(version_compare($version, '1.3.2', '<'))
85	{
86	//flush rules
87	- ~~if( !~~ ~~$_triggered_flush_rules )~~
88	- {
89	- add_action('wp_loaded', array($this, 'flush_rules') , -1);
90	- $_triggered_flush_rules = TRUE;
91	- }
92
93	$version = '1.3.2';
94	}
	@@ -116,11 +108,7 @@
116	//copy over the new mu-loader version
117	WPH_functions::copy_mu_loader( TRUE );
118
119	- ~~if( !~~ ~~$_triggered_flush_rules )~~
120	- {
121	- add_action('wp_loaded', array($this, 'flush_rules') , -1);
122	- $_triggered_flush_rules = TRUE;
123	- }
124
125	$version = '1.4';
126
	@@ -143,11 +131,7 @@
143	if(version_compare($version, '1.4.2', '<'))
144	{
145
146	- ~~if( !~~ ~~$_triggered_flush_rules )~~
147	- {
148	- add_action('wp_loaded', array($this, 'flush_rules') , -1);
149	- $_triggered_flush_rules = TRUE;
150	- }
151
152
153	$version = '1.4.2';
	@@ -178,11 +162,7 @@
178
179
180
181	- ~~if( !~~ ~~$_triggered_flush_rules )~~
182	- {
183	- add_action('wp_loaded', array($this, 'flush_rules') , -1);
184	- $_triggered_flush_rules = TRUE;
185	- }
186
187
188	$version = '1.4.4';
	@@ -192,14 +172,31 @@
192	if(version_compare($version, '1.4.4.2', '<'))
193	{
194
195	- ~~if( !~~ ~~$_triggered_flush_rules )~~
196	- {
197	- add_action('wp_loaded', array($this, 'flush_rules') , -1);
198	- $_triggered_flush_rules = TRUE;
199	- }
200	-
201
202	$version = '1.4.4.2';






















203	}
204
205


34
35	if (version_compare($version, WPH_CORE_VERSION, '<'))
36	{
37	+
38	+ $_trigger_flush_rules = FALSE;
39
40	if(version_compare($version, '1.1', '<'))
41	{

71	if(version_compare($version, '1.3', '<'))
72	{
73	//flush rules
74	+ $_trigger_flush_rules = TRUE;




75
76	$version = '1.3';
77	}

80	if(version_compare($version, '1.3.2', '<'))
81	{
82	//flush rules
83	+ $_trigger_flush_rules = TRUE;




84
85	$version = '1.3.2';
86	}

108	//copy over the new mu-loader version
109	WPH_functions::copy_mu_loader( TRUE );
110
111	+ $_trigger_flush_rules = TRUE;




112
113	$version = '1.4';
114

131	if(version_compare($version, '1.4.2', '<'))
132	{
133
134	+ $_trigger_flush_rules = TRUE;




135
136
137	$version = '1.4.2';

162
163
164
165	+ $_trigger_flush_rules = TRUE;




166
167
168	$version = '1.4.4';

172	if(version_compare($version, '1.4.4.2', '<'))
173	{
174
175	+ $_trigger_flush_rules = TRUE;





176
177	$version = '1.4.4.2';
178	+ }
179	+
180	+ if(version_compare($version, '1.4.4.4', '<'))
181	+ {
182	+
183	+ //copy over the new mu-loader version
184	+ WPH_functions::copy_mu_loader( TRUE );
185	+ $_trigger_flush_rules = TRUE;
186	+
187	+ $version = '1.4.4.4';
188	+ }
189	+
190	+
191	+ //check for triggered flush rules
192	+ if ( $_trigger_flush_rules === TRUE )
193	+ {
194	+ //on plugin inline code update
195	+ if(isset($_GET['action']) && $_GET['action'] == 'activate-plugin')
196	+ add_action('shutdown', array($this, 'flush_rules') , -1);
197	+ else
198	+ add_action('wp_loaded', array($this, 'flush_rules') , -1);
199	+
200	}
201
202

include/wph.class.php CHANGED Viewed

	@@ -37,8 +37,11 @@
37
38	$plugin_data = $this->functions->get_plugin_data( WPH_PATH . '/wp-hide.php', $markup = true, $translate = true );
39
40	- define('WPH_CORE_VERSION', $plugin_data['Version']);
41



42	}
43
44	function __destruct()
	@@ -61,6 +64,11 @@
61	$this->server_htaccess_config = $this->functions->server_use_htaccess_config_file();
62	$this->server_web_config = $this->functions->server_use_web_config_file();
63





64	//check for recovery link run
65	if(isset($_GET['wph-recovery']))
66	$this->functions->do_recovery();
	@@ -128,15 +136,16 @@
128
129	//create the static file which contain different environment variables which will be used on router
130	add_action('wph/settings_changed', array($this, 'set_static_environemnt_file'), 999);
131	-
132	//apache
133	//add_filter('mod_rewrite_rules', array($this, 'mod_rewrite_rules'), 999);

134	if($this->server_htaccess_config === TRUE)
135	add_filter('flush_rewrite_rules_hard', array($this, 'flush_rewrite_rules_hard'), 999);
136
137	//IIS7 server
138	add_filter('iis7_url_rewrite_rules', array($this, 'iis7_url_rewrite_rules'), 999);
139	-
140	//on switch theme
141	add_action('switch_theme', array($this, 'switch_theme'));
142
	@@ -344,6 +353,13 @@
344	{
345	echo "<div class='error'><p>". __('Permalink is required to be turned ON for WP Hide & Security Enhancer to work', 'wp-hide-security-enhancer') ."</p></div>";
346	}







347
348	//check if the htaccess file is not writable
349	if(isset($this->settings['write_check_string']) && !empty($this->settings['write_check_string']))
	@@ -695,7 +711,7 @@
695	$file_data = ob_get_contents();
696	ob_end_clean();
697
698	- if( ! $wp_filesystem->put_contents( WPH_PATH . 'router/environment.php', $file_data , ~~0644~~) )
699	{
700	$process_interface_save_errors = get_transient( 'wph-process_interface_save_errors' );
701	delete_transient( 'wph-process_interface_save_errors' );
	@@ -799,8 +815,12 @@
799
800	//check if there's a # BEGIN WordPress and # END WordPress markers or create those to ensude plugin rules are put on top of Wordpress ones
801	$file_content = file( $htaccess_file );
802	- ~~If (array_search('# BEGIN WordPress', $file_content) === FALSE && array_search('# END WordPress', $file_content) === FALSE )~~
803	- ~~$this->functions->insert_with_markers_on_top~~( ~~$htaccess_file~~, 'WordPress', '' );




804
805	$this->functions->insert_with_markers_on_top( $htaccess_file, 'WP Hide & Security Enhancer', $rules, 'top' );
806


37
38	$plugin_data = $this->functions->get_plugin_data( WPH_PATH . '/wp-hide.php', $markup = true, $translate = true );
39
40	+ define('WPH_CORE_VERSION', $plugin_data['Version']);
41
42	+ if(!defined('WPH_CACHE_PATH'))
43	+ define('WPH_CACHE_PATH', WP_CONTENT_DIR . '/cache/wph/' );
44	+
45	}
46
47	function __destruct()

64	$this->server_htaccess_config = $this->functions->server_use_htaccess_config_file();
65	$this->server_web_config = $this->functions->server_use_web_config_file();
66
67	+ //attempt to try a different approach if the default way does not work
68	+ //found servers which return $_SERVER['SERVER_VERSION'] => 'Microsoft-IIS/x.x' but run .htaccess
69	+ if($this->server_htaccess_config === FALSE && $this->server_web_config === FALSE)
70	+ $this->functions->force_server_rewrite_type_detect();
71	+
72	//check for recovery link run
73	if(isset($_GET['wph-recovery']))
74	$this->functions->do_recovery();

136
137	//create the static file which contain different environment variables which will be used on router
138	add_action('wph/settings_changed', array($this, 'set_static_environemnt_file'), 999);
139	+
140	//apache
141	//add_filter('mod_rewrite_rules', array($this, 'mod_rewrite_rules'), 999);
142	+
143	if($this->server_htaccess_config === TRUE)
144	add_filter('flush_rewrite_rules_hard', array($this, 'flush_rewrite_rules_hard'), 999);
145
146	//IIS7 server
147	add_filter('iis7_url_rewrite_rules', array($this, 'iis7_url_rewrite_rules'), 999);
148	+
149	//on switch theme
150	add_action('switch_theme', array($this, 'switch_theme'));
151

353	{
354	echo "<div class='error'><p>". __('Permalink is required to be turned ON for WP Hide & Security Enhancer to work', 'wp-hide-security-enhancer') ."</p></div>";
355	}
356	+
357	+
358	+ if($this->server_htaccess_config === FALSE && $this->server_web_config === FALSE)
359	+ {
360	+ echo "<div class='error'><p>". __('<b>WP Hide</b> Unable to idenify server type.<br />No rewrite is being applied.', 'wp-hide-security-enhancer') ."</p></div>";
361	+ }
362	+
363
364	//check if the htaccess file is not writable
365	if(isset($this->settings['write_check_string']) && !empty($this->settings['write_check_string']))

711	$file_data = ob_get_contents();
712	ob_end_clean();
713
714	+ if( ! $wp_filesystem->put_contents( WPH_PATH . 'router/environment.php', $file_data , FS_CHMOD_FILE) )
715	{
716	$process_interface_save_errors = get_transient( 'wph-process_interface_save_errors' );
717	delete_transient( 'wph-process_interface_save_errors' );

815
816	//check if there's a # BEGIN WordPress and # END WordPress markers or create those to ensude plugin rules are put on top of Wordpress ones
817	$file_content = file( $htaccess_file );
818	+
819	+ if( count( preg_grep("/.# BEGIN WordPress./i", $file_content) ) < 1 && count( preg_grep("/.# END WordPress./i", $file_content) ) < 1 )
820	+ {
821	+ $this->functions->insert_with_markers_on_top( $htaccess_file, 'WordPress', '' );
822	+ }
823	+
824
825	$this->functions->insert_with_markers_on_top( $htaccess_file, 'WP Hide & Security Enhancer', $rules, 'top' );
826

mu-loader/wp-hide-loader.php CHANGED Viewed

	@@ -19,9 +19,8 @@
19	return FALSE;
20
21	define('WPH_PATH', trailingslashit( dirname( WP_PLUGIN_DIR . '/wp-hide-security-enhancer/wp-hide.php' ) ) );
22	- define('WPH_CACHE_PATH', WP_CONTENT_DIR . '/cache/wph/' );
23	define('WPH_MULOADER', TRUE);
24	- define('WPH_MULOADER_VERSION', '1.3.1');
25
26	include_once(WPH_PATH . '/include/wph.class.php');
27	include_once(WPH_PATH . '/include/functions.class.php');


19	return FALSE;
20
21	define('WPH_PATH', trailingslashit( dirname( WP_PLUGIN_DIR . '/wp-hide-security-enhancer/wp-hide.php' ) ) );

22	define('WPH_MULOADER', TRUE);
23	+ define('WPH_MULOADER_VERSION', '1.3.2');
24
25	include_once(WPH_PATH . '/include/wph.class.php');
26	include_once(WPH_PATH . '/include/functions.class.php');

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: http://www.nsp-code.com/donate.php
4	Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, ap-admin, admin hide
5	Requires at least: 2.8
6	Tested up to: 4.7.3
7	- Stable tag: 1.4.4.2
8	License: GPLv2 or later
9
10	Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
	@@ -243,6 +243,16 @@ Please get in touch with us and we'll do our best to include it for a next versi
243
244	== Changelog ==
245










246	= 1.4.4.2 =
247	* Fixed default wp-content block
248	* Updated compatibility with WP Fastest Cache


4	Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, ap-admin, admin hide
5	Requires at least: 2.8
6	Tested up to: 4.7.3
7	+ Stable tag: 1.4.4.4
8	License: GPLv2 or later
9
10	Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.

243
244	== Changelog ==
245
246	+ = 1.4.4.4 =
247	+ * If no server type identification possible, try to check for .htaccess file
248	+ * Improved .htaccess search mod, Use preg_grep for identify the begin and end of WordPress rules
249	+ * Output notice when no supported server was found
250	+ * Use separate block of rules for .htaccess file, outside of WordPress lines
251	+ * Improved server htaccess support check
252	+ * Moved WPH_CACHE_PATH constant declaration from mu loader to wph class
253	+ * Use shutdown hock instead wp_loaded when plugin inline updated
254	+ * Use FS_CHMOD_FILE for $wp_filesystem->put_contents
255	+
256	= 1.4.4.2 =
257	* Fixed default wp-content block
258	* Updated compatibility with WP Fastest Cache

router/class.file-processor.php CHANGED Viewed

	@@ -202,7 +202,7 @@
202	if($access_type !== 'direct')
203	return;
204
205	- if( ! $wp_filesystem->put_contents( trailingslashit($pathinfo['dirname']) . $pathinfo['basename'], $file_data , ~~0644~~) )
206	{
207	//error saving the cache data to cache file
208	}


202	if($access_type !== 'direct')
203	return;
204
205	+ if( ! $wp_filesystem->put_contents( trailingslashit($pathinfo['dirname']) . $pathinfo['basename'], $file_data , FS_CHMOD_FILE) )
206	{
207	//error saving the cache data to cache file
208	}

wp-hide.php CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: http://www.nsp-code.com
5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	- Version: 1.4.4.2
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/


5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	+ Version: 1.4.4.4
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/

WP Hide & Security Enhancer - Version 1.4.4.4

Version Description

Release Info

Code changes from version 1.4.4.2 to 1.4.4.4