Version Description
- Remove relative_domain_url_replacements_ssl_sq and relative_domain_urlreplacementsssl_dq replacements for buffer as being integrated to other variables
- Relocated upload_dir() to general functions.php to catch new content and uploads slugs.
- Use full domain url for new wp-admin slug, instead relative to avoid wrong replacements for 3rd urls
- Use full domain url for new wp-login.php, instead relative to avoid wrong replacements for 3rd urls
- Typos fix for CDN texts
- Additional description for "Block any JSON REST calls" option to prevent Gutenberg block
- Updated rewrite for URL Slash to include a second conditional, to not trigger on POST calls
Download this release
Release Info
Developer | nsp-code |
Plugin | WP Hide & Security Enhancer |
Version | 1.5.3 |
Comparing to | |
See all releases |
Code changes from version 1.5.2.2 to 1.5.3
- include/functions.class.php +57 -9
- include/wph.class.php +3 -0
- languages/wp-hide-security-enhancer.mo +0 -0
- languages/wp-hide-security-enhancer.po +53 -45
- modules/components/admin-admin_url.php +1 -6
- modules/components/admin-new_wp_login_php.php +1 -5
- modules/components/cdn-setup.php +1 -1
- modules/components/rewrite-json-rest.php +3 -1
- modules/components/rewrite-new_upload_path.php +2 -29
- modules/components/rewrite-slash.php +1 -0
- readme.txt +10 -1
- wp-hide.php +2 -2
include/functions.class.php
CHANGED
@@ -1341,8 +1341,8 @@
|
|
1341 |
//single quote ; double quote / domain url / domain ssl
|
1342 |
$_relative_domain_url_replacements_sq = array();
|
1343 |
$_relative_domain_url_replacements_dq = array();
|
1344 |
-
|
1345 |
-
|
1346 |
|
1347 |
$home_url = home_url();
|
1348 |
$home_url_parsed = parse_url($home_url);
|
@@ -1373,7 +1373,6 @@
|
|
1373 |
//urlencode
|
1374 |
$text = str_ireplace( trim(urlencode(ABSPATH), '"'), '%WPH-PLACEHOLDER-PRESERVE-URLENCODE-ABSPATH%', $text);
|
1375 |
|
1376 |
-
|
1377 |
foreach($replacements as $old_url => $new_url)
|
1378 |
{
|
1379 |
//add quote to make sure it's actualy a link value and is right at the start of text
|
@@ -1382,8 +1381,8 @@
|
|
1382 |
|
1383 |
$_relative_domain_url_replacements_dq[ '"' . str_ireplace( $domain_url, "", $old_url) ] = '"' . str_ireplace( $domain_url, "", $new_url);
|
1384 |
$_relative_domain_url_replacements_sq[ "'" . str_ireplace( $domain_url, "", $old_url) ] = "'" . str_ireplace( $domain_url, "", $new_url);
|
1385 |
-
|
1386 |
-
|
1387 |
|
1388 |
//match urls without protocol
|
1389 |
$_old_url = str_ireplace( array('http:', 'https:'), "", $old_url);
|
@@ -1414,8 +1413,8 @@
|
|
1414 |
*/
|
1415 |
$text = str_ireplace( array_keys($_relative_domain_url_replacements_sq), array_values($_relative_domain_url_replacements_sq) ,$text );
|
1416 |
$text = str_ireplace( array_keys($_relative_domain_url_replacements_dq), array_values($_relative_domain_url_replacements_dq) ,$text );
|
1417 |
-
|
1418 |
-
|
1419 |
|
1420 |
|
1421 |
/**
|
@@ -1435,7 +1434,7 @@
|
|
1435 |
|
1436 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1437 |
}
|
1438 |
-
|
1439 |
//check for url encoded urls
|
1440 |
foreach($_replacements_np as $old_url => $new_url)
|
1441 |
{
|
@@ -1445,6 +1444,7 @@
|
|
1445 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1446 |
}
|
1447 |
|
|
|
1448 |
//check for json encoded urls
|
1449 |
foreach($_replacements as $old_url => $new_url)
|
1450 |
{
|
@@ -1453,6 +1453,7 @@
|
|
1453 |
|
1454 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1455 |
}
|
|
|
1456 |
|
1457 |
//check for url encoded urls
|
1458 |
foreach($_replacements as $old_url => $new_url)
|
@@ -1462,8 +1463,15 @@
|
|
1462 |
|
1463 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1464 |
}
|
|
|
1465 |
|
1466 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
1467 |
/**
|
1468 |
* Restore absolute paths
|
1469 |
*/
|
@@ -2391,6 +2399,46 @@
|
|
2391 |
return $url;
|
2392 |
|
2393 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2394 |
|
2395 |
|
2396 |
|
1341 |
//single quote ; double quote / domain url / domain ssl
|
1342 |
$_relative_domain_url_replacements_sq = array();
|
1343 |
$_relative_domain_url_replacements_dq = array();
|
1344 |
+
//$_relative_domain_url_replacements_ssl_sq = array();
|
1345 |
+
//$_relative_domain_url_replacements_ssl_dq = array();
|
1346 |
|
1347 |
$home_url = home_url();
|
1348 |
$home_url_parsed = parse_url($home_url);
|
1373 |
//urlencode
|
1374 |
$text = str_ireplace( trim(urlencode(ABSPATH), '"'), '%WPH-PLACEHOLDER-PRESERVE-URLENCODE-ABSPATH%', $text);
|
1375 |
|
|
|
1376 |
foreach($replacements as $old_url => $new_url)
|
1377 |
{
|
1378 |
//add quote to make sure it's actualy a link value and is right at the start of text
|
1381 |
|
1382 |
$_relative_domain_url_replacements_dq[ '"' . str_ireplace( $domain_url, "", $old_url) ] = '"' . str_ireplace( $domain_url, "", $new_url);
|
1383 |
$_relative_domain_url_replacements_sq[ "'" . str_ireplace( $domain_url, "", $old_url) ] = "'" . str_ireplace( $domain_url, "", $new_url);
|
1384 |
+
//$_relative_domain_url_replacements_ssl_dq[ '"' . str_ireplace( $domain_url_ssl, "", $old_url) ] = '"' . str_ireplace( $domain_url_ssl, "", $new_url);
|
1385 |
+
//$_relative_domain_url_replacements_ssl_sq[ "'" . str_ireplace( $domain_url_ssl, "", $old_url) ] = "'" . str_ireplace( $domain_url_ssl, "", $new_url);
|
1386 |
|
1387 |
//match urls without protocol
|
1388 |
$_old_url = str_ireplace( array('http:', 'https:'), "", $old_url);
|
1413 |
*/
|
1414 |
$text = str_ireplace( array_keys($_relative_domain_url_replacements_sq), array_values($_relative_domain_url_replacements_sq) ,$text );
|
1415 |
$text = str_ireplace( array_keys($_relative_domain_url_replacements_dq), array_values($_relative_domain_url_replacements_dq) ,$text );
|
1416 |
+
//$text = str_ireplace( array_keys($_relative_domain_url_replacements_ssl_sq), array_values($_relative_domain_url_replacements_ssl_sq) ,$text );
|
1417 |
+
//$text = str_ireplace( array_keys($_relative_domain_url_replacements_ssl_dq), array_values($_relative_domain_url_replacements_ssl_dq) ,$text );
|
1418 |
|
1419 |
|
1420 |
/**
|
1434 |
|
1435 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1436 |
}
|
1437 |
+
|
1438 |
//check for url encoded urls
|
1439 |
foreach($_replacements_np as $old_url => $new_url)
|
1440 |
{
|
1444 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1445 |
}
|
1446 |
|
1447 |
+
/*
|
1448 |
//check for json encoded urls
|
1449 |
foreach($_replacements as $old_url => $new_url)
|
1450 |
{
|
1453 |
|
1454 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1455 |
}
|
1456 |
+
|
1457 |
|
1458 |
//check for url encoded urls
|
1459 |
foreach($_replacements as $old_url => $new_url)
|
1463 |
|
1464 |
$text = str_ireplace( $old_url, $new_url ,$text );
|
1465 |
}
|
1466 |
+
*/
|
1467 |
|
1468 |
+
//check for json encoded urls
|
1469 |
+
foreach($_relative_url_replacements_dq as $old_url => $new_url)
|
1470 |
+
{
|
1471 |
+
$text = str_ireplace( rtrim( json_encode( trim ( $old_url , '"' )), '"' ), rtrim( json_encode( trim($new_url , '"')), '"' ), $text );
|
1472 |
+
$text = str_ireplace( rtrim( urlencode( trim ( $old_url , '"' )), '"' ), rtrim( urlencode( trim($new_url , '"')), '"' ), $text );
|
1473 |
+
}
|
1474 |
+
|
1475 |
/**
|
1476 |
* Restore absolute paths
|
1477 |
*/
|
2399 |
return $url;
|
2400 |
|
2401 |
}
|
2402 |
+
|
2403 |
+
|
2404 |
+
|
2405 |
+
/**
|
2406 |
+
* Process the upload_dir data
|
2407 |
+
*
|
2408 |
+
* @param mixed $data
|
2409 |
+
*/
|
2410 |
+
function upload_dir($data)
|
2411 |
+
{
|
2412 |
+
|
2413 |
+
$new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
|
2414 |
+
$new_content_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_content_path') );
|
2415 |
+
|
2416 |
+
if ( empty ( $new_upload_path ) && empty ( $new_content_path ) )
|
2417 |
+
return $data;
|
2418 |
+
|
2419 |
+
if ( ! empty ( $new_upload_path ) )
|
2420 |
+
$new_url = trailingslashit( home_url() ) . $new_upload_path;
|
2421 |
+
else
|
2422 |
+
{
|
2423 |
+
$new_url = str_replace( '/wp-content/' , '/' . $new_content_path . '/', $this->wph->default_variables['upload_url'] );
|
2424 |
+
}
|
2425 |
+
|
2426 |
+
$data['url'] = str_replace($data['baseurl'], $new_url, $data['url']);
|
2427 |
+
$data['baseurl'] = $new_url;
|
2428 |
+
|
2429 |
+
//add replacement
|
2430 |
+
if(! ($this->wph->functions->replacement_exists( $this->wph->default_variables['upload_url'] )))
|
2431 |
+
{
|
2432 |
+
//prevent media images from being replaced on admin, as when plugin disable the links will not work anymore
|
2433 |
+
$block_upload_url = $this->wph->functions->get_module_item_setting('block_upload_url');
|
2434 |
+
if(!is_admin() || (is_admin() && !empty($block_upload_url) && $block_upload_url != 'no'))
|
2435 |
+
{
|
2436 |
+
$this->wph->functions->add_replacement($this->wph->default_variables['upload_url'], $new_url);
|
2437 |
+
}
|
2438 |
+
}
|
2439 |
+
|
2440 |
+
return $data;
|
2441 |
+
}
|
2442 |
|
2443 |
|
2444 |
|
include/wph.class.php
CHANGED
@@ -151,6 +151,9 @@
|
|
151 |
add_action( 'admin_notices', array(&$this, 'admin_notices'));
|
152 |
add_action( 'network_admin_notices', array(&$this, 'admin_notices'));
|
153 |
|
|
|
|
|
|
|
154 |
//restart the buffering if already outputed. This is usefull for plugin / theme update iframe
|
155 |
add_action('admin_print_footer_scripts', array($this, 'admin_print_footer_scripts'), -1);
|
156 |
|
151 |
add_action( 'admin_notices', array(&$this, 'admin_notices'));
|
152 |
add_action( 'network_admin_notices', array(&$this, 'admin_notices'));
|
153 |
|
154 |
+
//adjust the uplod_data
|
155 |
+
add_filter('upload_dir', array($this->functions, 'upload_dir' ), 999);
|
156 |
+
|
157 |
//restart the buffering if already outputed. This is usefull for plugin / theme update iframe
|
158 |
add_action('admin_print_footer_scripts', array($this, 'admin_print_footer_scripts'), -1);
|
159 |
|
languages/wp-hide-security-enhancer.mo
CHANGED
Binary file
|
languages/wp-hide-security-enhancer.po
CHANGED
@@ -1,8 +1,8 @@
|
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
"Project-Id-Version: WP Hide & Security Enhancer\n"
|
4 |
-
"POT-Creation-Date: 2018-11
|
5 |
-
"PO-Revision-Date: 2018-11
|
6 |
"Last-Translator: NspCode <contact@nsp-code.com>\n"
|
7 |
"Language-Team: Nsp Code\n"
|
8 |
"Language: en\n"
|
@@ -56,111 +56,111 @@ msgid ""
|
|
56 |
"changes to apply"
|
57 |
msgstr ""
|
58 |
|
59 |
-
#: include/functions.class.php:
|
60 |
#, php-format
|
61 |
msgid "The %1$s plugin header is deprecated. Use %2$s instead."
|
62 |
msgstr ""
|
63 |
|
64 |
-
#: include/functions.class.php:
|
65 |
#, php-format
|
66 |
msgid "By %s."
|
67 |
msgstr ""
|
68 |
|
69 |
-
#: include/functions.class.php:
|
70 |
msgid ""
|
71 |
"Help us to improve this plugin by sending any improvement suggestions and "
|
72 |
"reporting any issues at "
|
73 |
msgstr ""
|
74 |
|
75 |
-
#: include/functions.class.php:
|
76 |
msgid "Did you know there is a"
|
77 |
msgstr ""
|
78 |
|
79 |
-
#: include/functions.class.php:
|
80 |
msgid "version of this plug-in?"
|
81 |
msgstr ""
|
82 |
|
83 |
-
#: include/functions.class.php:
|
84 |
msgid ""
|
85 |
"Did you find this plugin useful? Please support our work by spread the word "
|
86 |
"about the code, or write an article about the plugin in your blog with a "
|
87 |
"link to development site"
|
88 |
msgstr ""
|
89 |
|
90 |
-
#: include/wph.class.php:
|
91 |
msgid ""
|
92 |
"Are you sure to reset all settings? All options will be removed. Manual "
|
93 |
"remove of rewrite lines is required if no access from php"
|
94 |
msgstr ""
|
95 |
|
96 |
-
#: include/wph.class.php:
|
97 |
msgid ""
|
98 |
"Your server run on WPEngine which works on Nginx rewrite rules, please check "
|
99 |
"with WP Hide PRO version at."
|
100 |
msgstr ""
|
101 |
|
102 |
-
#: include/wph.class.php:
|
103 |
msgid ""
|
104 |
"This plugin version can't handle MultiSite environment, please check with WP "
|
105 |
"Hide PRO version at"
|
106 |
msgstr ""
|
107 |
|
108 |
-
#: include/wph.class.php:
|
109 |
msgid ""
|
110 |
"Unable to launch WP Hide through mu-plugins/wp-hide-loader.php<br /> Please "
|
111 |
"make sure this location is writable so the plugin create the required file."
|
112 |
msgstr ""
|
113 |
|
114 |
-
#: include/wph.class.php:
|
115 |
msgid ""
|
116 |
"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
|
117 |
msgstr ""
|
118 |
|
119 |
-
#: include/wph.class.php:
|
120 |
msgid ""
|
121 |
"<b>WP Hide</b> This plugin version can't handle this server type, please "
|
122 |
"check with PRO version at"
|
123 |
msgstr ""
|
124 |
|
125 |
-
#: include/wph.class.php:
|
126 |
msgid ""
|
127 |
"Unable to write custom rules to your .htaccess. Is this file writable? <br /"
|
128 |
">No changes are being applied."
|
129 |
msgstr ""
|
130 |
|
131 |
-
#: include/wph.class.php:
|
132 |
msgid ""
|
133 |
"Unable to write custom rules to your web.config. Is this file writable? <br /"
|
134 |
">No changes are being applied."
|
135 |
msgstr ""
|
136 |
|
137 |
-
#: include/wph.class.php:
|
138 |
msgid ""
|
139 |
"Unable to create cache folder. Is the wp-content writable? <br />No cache "
|
140 |
"data will be available."
|
141 |
msgstr ""
|
142 |
|
143 |
-
#: include/wph.class.php:
|
144 |
msgid "All Settings where restored to default"
|
145 |
msgstr ""
|
146 |
|
147 |
-
#: include/wph.class.php:
|
148 |
msgid "Settings saved"
|
149 |
msgstr ""
|
150 |
|
151 |
-
#: include/wph.class.php:
|
152 |
msgid "Cache cleared"
|
153 |
msgstr ""
|
154 |
|
155 |
-
#: include/wph.class.php:
|
156 |
msgid "Unable to create environment static file. Is "
|
157 |
msgstr ""
|
158 |
|
159 |
-
#: include/wph.class.php:
|
160 |
msgid "writable"
|
161 |
msgstr ""
|
162 |
|
163 |
-
#: include/wph.class.php:
|
164 |
msgid "will not work correctly, so where turned off."
|
165 |
msgstr ""
|
166 |
|
@@ -250,10 +250,10 @@ msgstr ""
|
|
250 |
#: modules/components/rewrite-comments.php:34
|
251 |
#: modules/components/rewrite-json-rest.php:23
|
252 |
#: modules/components/rewrite-json-rest.php:41
|
253 |
-
#: modules/components/rewrite-json-rest.php:
|
254 |
-
#: modules/components/rewrite-json-rest.php:
|
255 |
-
#: modules/components/rewrite-json-rest.php:
|
256 |
-
#: modules/components/rewrite-json-rest.php:
|
257 |
#: modules/components/rewrite-new_include_path.php:34
|
258 |
#: modules/components/rewrite-new_plugin_path.php:35
|
259 |
#: modules/components/rewrite-new_theme_path.php:60
|
@@ -307,10 +307,10 @@ msgstr ""
|
|
307 |
#: modules/components/rewrite-comments.php:35
|
308 |
#: modules/components/rewrite-json-rest.php:24
|
309 |
#: modules/components/rewrite-json-rest.php:42
|
310 |
-
#: modules/components/rewrite-json-rest.php:
|
311 |
-
#: modules/components/rewrite-json-rest.php:
|
312 |
-
#: modules/components/rewrite-json-rest.php:
|
313 |
-
#: modules/components/rewrite-json-rest.php:
|
314 |
#: modules/components/rewrite-new_include_path.php:35
|
315 |
#: modules/components/rewrite-new_plugin_path.php:36
|
316 |
#: modules/components/rewrite-new_theme_path.php:61
|
@@ -331,25 +331,25 @@ msgstr ""
|
|
331 |
msgid "No"
|
332 |
msgstr ""
|
333 |
|
334 |
-
#: modules/components/admin-admin_url.php:
|
335 |
msgid "Hello"
|
336 |
msgstr ""
|
337 |
|
338 |
-
#: modules/components/admin-admin_url.php:
|
339 |
msgid ""
|
340 |
"This is an automated message to inform that your login url has been changed "
|
341 |
"at"
|
342 |
msgstr ""
|
343 |
|
344 |
-
#: modules/components/admin-admin_url.php:
|
345 |
msgid "The new login url is"
|
346 |
msgstr ""
|
347 |
|
348 |
-
#: modules/components/admin-admin_url.php:
|
349 |
msgid "Additionality you can use this to recover the old login / admin links "
|
350 |
msgstr ""
|
351 |
|
352 |
-
#: modules/components/admin-admin_url.php:
|
353 |
msgid "Please keep this url safe for recover, if forgot"
|
354 |
msgstr ""
|
355 |
|
@@ -389,7 +389,7 @@ msgstr ""
|
|
389 |
#: modules/components/cdn-setup.php:17
|
390 |
msgid ""
|
391 |
"Some CDN providers (like stackpath.com ) replace site assets with custom "
|
392 |
-
"url, enter here such url.
|
393 |
msgstr ""
|
394 |
|
395 |
#: modules/components/general-feed.php:16
|
@@ -565,12 +565,12 @@ msgid "Remove the wlwmanifest tag within head."
|
|
565 |
msgstr ""
|
566 |
|
567 |
#: modules/components/general-meta.php:114
|
568 |
-
#: modules/components/rewrite-json-rest.php:
|
569 |
msgid "Disable output the REST API link tag into page header"
|
570 |
msgstr ""
|
571 |
|
572 |
#: modules/components/general-meta.php:115
|
573 |
-
#: modules/components/rewrite-json-rest.php:
|
574 |
msgid "By default a REST API link tag is being append to HTML."
|
575 |
msgstr ""
|
576 |
|
@@ -709,19 +709,25 @@ msgstr ""
|
|
709 |
msgid "Any call for JSON REST API service will be blocked."
|
710 |
msgstr ""
|
711 |
|
712 |
-
#: modules/components/rewrite-json-rest.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
713 |
msgid "Disable JSON REST WP RSD endpoint from XML-RPC responses"
|
714 |
msgstr ""
|
715 |
|
716 |
-
#: modules/components/rewrite-json-rest.php:
|
717 |
msgid "By default a WP RSD endpoint is being append to the XML respose."
|
718 |
msgstr ""
|
719 |
|
720 |
-
#: modules/components/rewrite-json-rest.php:
|
721 |
msgid "Disable Sends a Link header for the REST API"
|
722 |
msgstr ""
|
723 |
|
724 |
-
#: modules/components/rewrite-json-rest.php:
|
725 |
msgid "On template_redirect, disable Sends a Link header for the REST API."
|
726 |
msgstr ""
|
727 |
|
@@ -869,11 +875,13 @@ msgid "e.g. my_uploads"
|
|
869 |
msgstr ""
|
870 |
|
871 |
#: modules/components/rewrite-new_upload_path.php:30
|
872 |
-
msgid "Block uploads URL"
|
873 |
msgstr ""
|
874 |
|
875 |
#: modules/components/rewrite-new_upload_path.php:31
|
876 |
-
msgid "
|
|
|
|
|
877 |
msgstr ""
|
878 |
|
879 |
#: modules/components/rewrite-new_upload_path.php:31
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
"Project-Id-Version: WP Hide & Security Enhancer\n"
|
4 |
+
"POT-Creation-Date: 2018-12-11 00:31+0200\n"
|
5 |
+
"PO-Revision-Date: 2018-12-11 00:31+0200\n"
|
6 |
"Last-Translator: NspCode <contact@nsp-code.com>\n"
|
7 |
"Language-Team: Nsp Code\n"
|
8 |
"Language: en\n"
|
56 |
"changes to apply"
|
57 |
msgstr ""
|
58 |
|
59 |
+
#: include/functions.class.php:2134
|
60 |
#, php-format
|
61 |
msgid "The %1$s plugin header is deprecated. Use %2$s instead."
|
62 |
msgstr ""
|
63 |
|
64 |
+
#: include/functions.class.php:2219
|
65 |
#, php-format
|
66 |
msgid "By %s."
|
67 |
msgstr ""
|
68 |
|
69 |
+
#: include/functions.class.php:2536
|
70 |
msgid ""
|
71 |
"Help us to improve this plugin by sending any improvement suggestions and "
|
72 |
"reporting any issues at "
|
73 |
msgstr ""
|
74 |
|
75 |
+
#: include/functions.class.php:2537
|
76 |
msgid "Did you know there is a"
|
77 |
msgstr ""
|
78 |
|
79 |
+
#: include/functions.class.php:2537
|
80 |
msgid "version of this plug-in?"
|
81 |
msgstr ""
|
82 |
|
83 |
+
#: include/functions.class.php:2538
|
84 |
msgid ""
|
85 |
"Did you find this plugin useful? Please support our work by spread the word "
|
86 |
"about the code, or write an article about the plugin in your blog with a "
|
87 |
"link to development site"
|
88 |
msgstr ""
|
89 |
|
90 |
+
#: include/wph.class.php:318
|
91 |
msgid ""
|
92 |
"Are you sure to reset all settings? All options will be removed. Manual "
|
93 |
"remove of rewrite lines is required if no access from php"
|
94 |
msgstr ""
|
95 |
|
96 |
+
#: include/wph.class.php:355
|
97 |
msgid ""
|
98 |
"Your server run on WPEngine which works on Nginx rewrite rules, please check "
|
99 |
"with WP Hide PRO version at."
|
100 |
msgstr ""
|
101 |
|
102 |
+
#: include/wph.class.php:360
|
103 |
msgid ""
|
104 |
"This plugin version can't handle MultiSite environment, please check with WP "
|
105 |
"Hide PRO version at"
|
106 |
msgstr ""
|
107 |
|
108 |
+
#: include/wph.class.php:365
|
109 |
msgid ""
|
110 |
"Unable to launch WP Hide through mu-plugins/wp-hide-loader.php<br /> Please "
|
111 |
"make sure this location is writable so the plugin create the required file."
|
112 |
msgstr ""
|
113 |
|
114 |
+
#: include/wph.class.php:371
|
115 |
msgid ""
|
116 |
"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
|
117 |
msgstr ""
|
118 |
|
119 |
+
#: include/wph.class.php:376
|
120 |
msgid ""
|
121 |
"<b>WP Hide</b> This plugin version can't handle this server type, please "
|
122 |
"check with PRO version at"
|
123 |
msgstr ""
|
124 |
|
125 |
+
#: include/wph.class.php:387
|
126 |
msgid ""
|
127 |
"Unable to write custom rules to your .htaccess. Is this file writable? <br /"
|
128 |
">No changes are being applied."
|
129 |
msgstr ""
|
130 |
|
131 |
+
#: include/wph.class.php:390
|
132 |
msgid ""
|
133 |
"Unable to write custom rules to your web.config. Is this file writable? <br /"
|
134 |
">No changes are being applied."
|
135 |
msgstr ""
|
136 |
|
137 |
+
#: include/wph.class.php:398
|
138 |
msgid ""
|
139 |
"Unable to create cache folder. Is the wp-content writable? <br />No cache "
|
140 |
"data will be available."
|
141 |
msgstr ""
|
142 |
|
143 |
+
#: include/wph.class.php:403
|
144 |
msgid "All Settings where restored to default"
|
145 |
msgstr ""
|
146 |
|
147 |
+
#: include/wph.class.php:432
|
148 |
msgid "Settings saved"
|
149 |
msgstr ""
|
150 |
|
151 |
+
#: include/wph.class.php:474
|
152 |
msgid "Cache cleared"
|
153 |
msgstr ""
|
154 |
|
155 |
+
#: include/wph.class.php:789
|
156 |
msgid "Unable to create environment static file. Is "
|
157 |
msgstr ""
|
158 |
|
159 |
+
#: include/wph.class.php:789
|
160 |
msgid "writable"
|
161 |
msgstr ""
|
162 |
|
163 |
+
#: include/wph.class.php:789
|
164 |
msgid "will not work correctly, so where turned off."
|
165 |
msgstr ""
|
166 |
|
250 |
#: modules/components/rewrite-comments.php:34
|
251 |
#: modules/components/rewrite-json-rest.php:23
|
252 |
#: modules/components/rewrite-json-rest.php:41
|
253 |
+
#: modules/components/rewrite-json-rest.php:65
|
254 |
+
#: modules/components/rewrite-json-rest.php:89
|
255 |
+
#: modules/components/rewrite-json-rest.php:107
|
256 |
+
#: modules/components/rewrite-json-rest.php:124
|
257 |
#: modules/components/rewrite-new_include_path.php:34
|
258 |
#: modules/components/rewrite-new_plugin_path.php:35
|
259 |
#: modules/components/rewrite-new_theme_path.php:60
|
307 |
#: modules/components/rewrite-comments.php:35
|
308 |
#: modules/components/rewrite-json-rest.php:24
|
309 |
#: modules/components/rewrite-json-rest.php:42
|
310 |
+
#: modules/components/rewrite-json-rest.php:66
|
311 |
+
#: modules/components/rewrite-json-rest.php:90
|
312 |
+
#: modules/components/rewrite-json-rest.php:108
|
313 |
+
#: modules/components/rewrite-json-rest.php:125
|
314 |
#: modules/components/rewrite-new_include_path.php:35
|
315 |
#: modules/components/rewrite-new_plugin_path.php:36
|
316 |
#: modules/components/rewrite-new_theme_path.php:61
|
331 |
msgid "No"
|
332 |
msgstr ""
|
333 |
|
334 |
+
#: modules/components/admin-admin_url.php:185
|
335 |
msgid "Hello"
|
336 |
msgstr ""
|
337 |
|
338 |
+
#: modules/components/admin-admin_url.php:186
|
339 |
msgid ""
|
340 |
"This is an automated message to inform that your login url has been changed "
|
341 |
"at"
|
342 |
msgstr ""
|
343 |
|
344 |
+
#: modules/components/admin-admin_url.php:187
|
345 |
msgid "The new login url is"
|
346 |
msgstr ""
|
347 |
|
348 |
+
#: modules/components/admin-admin_url.php:188
|
349 |
msgid "Additionality you can use this to recover the old login / admin links "
|
350 |
msgstr ""
|
351 |
|
352 |
+
#: modules/components/admin-admin_url.php:189
|
353 |
msgid "Please keep this url safe for recover, if forgot"
|
354 |
msgstr ""
|
355 |
|
389 |
#: modules/components/cdn-setup.php:17
|
390 |
msgid ""
|
391 |
"Some CDN providers (like stackpath.com ) replace site assets with custom "
|
392 |
+
"url, enter here such url. Otherwise this option should stay empty."
|
393 |
msgstr ""
|
394 |
|
395 |
#: modules/components/general-feed.php:16
|
565 |
msgstr ""
|
566 |
|
567 |
#: modules/components/general-meta.php:114
|
568 |
+
#: modules/components/rewrite-json-rest.php:84
|
569 |
msgid "Disable output the REST API link tag into page header"
|
570 |
msgstr ""
|
571 |
|
572 |
#: modules/components/general-meta.php:115
|
573 |
+
#: modules/components/rewrite-json-rest.php:85
|
574 |
msgid "By default a REST API link tag is being append to HTML."
|
575 |
msgstr ""
|
576 |
|
709 |
msgid "Any call for JSON REST API service will be blocked."
|
710 |
msgstr ""
|
711 |
|
712 |
+
#: modules/components/rewrite-json-rest.php:60
|
713 |
+
msgid ""
|
714 |
+
"<span class=\"info\"> This might be required by spedific plugins, including "
|
715 |
+
"new WordPress editor <b>Gutenberg</b>.</span>"
|
716 |
+
msgstr ""
|
717 |
+
|
718 |
+
#: modules/components/rewrite-json-rest.php:102
|
719 |
msgid "Disable JSON REST WP RSD endpoint from XML-RPC responses"
|
720 |
msgstr ""
|
721 |
|
722 |
+
#: modules/components/rewrite-json-rest.php:103
|
723 |
msgid "By default a WP RSD endpoint is being append to the XML respose."
|
724 |
msgstr ""
|
725 |
|
726 |
+
#: modules/components/rewrite-json-rest.php:119
|
727 |
msgid "Disable Sends a Link header for the REST API"
|
728 |
msgstr ""
|
729 |
|
730 |
+
#: modules/components/rewrite-json-rest.php:120
|
731 |
msgid "On template_redirect, disable Sends a Link header for the REST API."
|
732 |
msgstr ""
|
733 |
|
875 |
msgstr ""
|
876 |
|
877 |
#: modules/components/rewrite-new_upload_path.php:30
|
878 |
+
msgid "Block default uploads URL"
|
879 |
msgstr ""
|
880 |
|
881 |
#: modules/components/rewrite-new_upload_path.php:31
|
882 |
+
msgid ""
|
883 |
+
"Block default wp-content/uploads/ media folder from being accesible through "
|
884 |
+
"default urls."
|
885 |
msgstr ""
|
886 |
|
887 |
#: modules/components/rewrite-new_upload_path.php:31
|
modules/components/admin-admin_url.php
CHANGED
@@ -69,12 +69,7 @@
|
|
69 |
include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
|
70 |
WPH_conflict_handle_wp_simple_firewall::custom_login_check();
|
71 |
|
72 |
-
$
|
73 |
-
$new_url = $this->wph->functions->get_url_path( trailingslashit( home_url() ) . $saved_field_data );
|
74 |
-
|
75 |
-
|
76 |
-
//add replacement
|
77 |
-
$this->wph->functions->add_replacement( $default_url, $new_url);
|
78 |
|
79 |
add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
|
80 |
|
69 |
include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
|
70 |
WPH_conflict_handle_wp_simple_firewall::custom_login_check();
|
71 |
|
72 |
+
$this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-admin' , trailingslashit( home_url() ) . $saved_field_data );
|
|
|
|
|
|
|
|
|
|
|
73 |
|
74 |
add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
|
75 |
|
modules/components/admin-new_wp_login_php.php
CHANGED
@@ -64,11 +64,7 @@
|
|
64 |
add_filter('login_url', array($this,'login_url'), 999, 3 );
|
65 |
|
66 |
//add replacement
|
67 |
-
$
|
68 |
-
$this->wph->functions->add_replacement( $url, trailingslashit( home_url() ) . $saved_field_data );
|
69 |
-
|
70 |
-
//add relative too
|
71 |
-
$this->wph->functions->add_replacement( '/wp-login.php', '/' . $saved_field_data );
|
72 |
|
73 |
}
|
74 |
|
64 |
add_filter('login_url', array($this,'login_url'), 999, 3 );
|
65 |
|
66 |
//add replacement
|
67 |
+
$this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-login.php', trailingslashit( home_url() ) . $saved_field_data );
|
|
|
|
|
|
|
|
|
68 |
|
69 |
}
|
70 |
|
modules/components/cdn-setup.php
CHANGED
@@ -14,7 +14,7 @@
|
|
14 |
$this->module_settings[] = array(
|
15 |
'id' => 'cdn_url',
|
16 |
'label' => __('CDN Url', 'wp-hide-security-enhancer'),
|
17 |
-
'description' => __('Some CDN providers (like stackpath.com ) replace site assets with custom url, enter here such url.
|
18 |
|
19 |
'input_type' => 'text',
|
20 |
|
14 |
$this->module_settings[] = array(
|
15 |
'id' => 'cdn_url',
|
16 |
'label' => __('CDN Url', 'wp-hide-security-enhancer'),
|
17 |
+
'description' => __('Some CDN providers (like stackpath.com ) replace site assets with custom url, enter here such url. Otherwise this option should stay empty.', 'wp-hide-security-enhancer'),
|
18 |
|
19 |
'input_type' => 'text',
|
20 |
|
modules/components/rewrite-json-rest.php
CHANGED
@@ -56,7 +56,9 @@
|
|
56 |
$this->module_settings[] = array(
|
57 |
'id' => 'block_json_rest',
|
58 |
'label' => __('Block any JSON REST calls', 'wp-hide-security-enhancer'),
|
59 |
-
'description' => __('Any call for JSON REST API service will be blocked.', 'wp-hide-security-enhancer')
|
|
|
|
|
60 |
|
61 |
'input_type' => 'radio',
|
62 |
'options' => array(
|
56 |
$this->module_settings[] = array(
|
57 |
'id' => 'block_json_rest',
|
58 |
'label' => __('Block any JSON REST calls', 'wp-hide-security-enhancer'),
|
59 |
+
'description' => __('Any call for JSON REST API service will be blocked.', 'wp-hide-security-enhancer')
|
60 |
+
. '<br />' . __('<span class="info"> This might be required by spedific plugins, including new WordPress editor <b>Gutenberg</b>.</span>'),
|
61 |
+
|
62 |
|
63 |
'input_type' => 'radio',
|
64 |
'options' => array(
|
modules/components/rewrite-new_upload_path.php
CHANGED
@@ -27,8 +27,8 @@
|
|
27 |
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_upload_url',
|
30 |
-
'label' => __('Block uploads URL', 'wp-hide-security-enhancer'),
|
31 |
-
'description' => __('Block
|
32 |
|
33 |
'input_type' => 'radio',
|
34 |
'options' => array(
|
@@ -77,9 +77,6 @@
|
|
77 |
return;
|
78 |
}
|
79 |
|
80 |
-
|
81 |
-
add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
|
82 |
-
|
83 |
//add default plugin path replacement
|
84 |
$new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
|
85 |
$new_url = trailingslashit( home_url() ) . $new_upload_path;
|
@@ -113,31 +110,7 @@
|
|
113 |
|
114 |
return $processing_response;
|
115 |
}
|
116 |
-
|
117 |
|
118 |
-
function upload_dir($data)
|
119 |
-
{
|
120 |
-
|
121 |
-
$new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
|
122 |
-
|
123 |
-
$new_url = trailingslashit( site_url() ) . $new_upload_path;
|
124 |
-
|
125 |
-
$data['url'] = str_replace($data['baseurl'], $new_url, $data['url']);
|
126 |
-
$data['baseurl'] = $new_url;
|
127 |
-
|
128 |
-
//add replacement
|
129 |
-
if(! ($this->wph->functions->replacement_exists( $this->wph->default_variables['upload_url'] )))
|
130 |
-
{
|
131 |
-
//prevent media images from being replaced on admin, as when plugin disable the links will not work anymore
|
132 |
-
$block_upload_url = $this->wph->functions->get_module_item_setting('block_upload_url');
|
133 |
-
if(!is_admin() || (is_admin() && !empty($block_upload_url) && $block_upload_url != 'no'))
|
134 |
-
{
|
135 |
-
$this->wph->functions->add_replacement($this->wph->default_variables['upload_url'], $new_url);
|
136 |
-
}
|
137 |
-
}
|
138 |
-
|
139 |
-
return $data;
|
140 |
-
}
|
141 |
|
142 |
function _callback_saved_block_upload_url($saved_field_data)
|
143 |
{
|
27 |
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_upload_url',
|
30 |
+
'label' => __('Block default uploads URL', 'wp-hide-security-enhancer'),
|
31 |
+
'description' => __('Block default wp-content/uploads/ media folder from being accesible through default urls.', 'wp-hide-security-enhancer') . ' <br />'.__('If set to Yes, all new images inserted into posts will use the new Upload Url, as old url become blocked. Using the No, new images inserted will use old url, which however are being updated on front side. This may be helpful on plugin disable, so image urls can be accessible as before.', 'wp-hide-security-enhancer').'<br />'. __('Apply only if', 'wp-hide-security-enhancer') .' <b>New Upload Path</b> '.__('is not empty.', 'wp-hide-security-enhancer'),
|
32 |
|
33 |
'input_type' => 'radio',
|
34 |
'options' => array(
|
77 |
return;
|
78 |
}
|
79 |
|
|
|
|
|
|
|
80 |
//add default plugin path replacement
|
81 |
$new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
|
82 |
$new_url = trailingslashit( home_url() ) . $new_upload_path;
|
110 |
|
111 |
return $processing_response;
|
112 |
}
|
|
|
113 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
114 |
|
115 |
function _callback_saved_block_upload_url($saved_field_data)
|
116 |
{
|
modules/components/rewrite-slash.php
CHANGED
@@ -52,6 +52,7 @@
|
|
52 |
if($this->wph->server_htaccess_config === TRUE)
|
53 |
//\nRewriteCond %{ENV:REDIRECT_STATUS} !^$"
|
54 |
$processing_response['rewrite'] = "\nRewriteCond %{REQUEST_URI} /+[^\.]+$"
|
|
|
55 |
. "\nRewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
|
56 |
|
57 |
if($this->wph->server_web_config === TRUE)
|
52 |
if($this->wph->server_htaccess_config === TRUE)
|
53 |
//\nRewriteCond %{ENV:REDIRECT_STATUS} !^$"
|
54 |
$processing_response['rewrite'] = "\nRewriteCond %{REQUEST_URI} /+[^\.]+$"
|
55 |
+
. "\nRewriteCond %{REQUEST_METHOD} !POST"
|
56 |
. "\nRewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
|
57 |
|
58 |
if($this->wph->server_web_config === TRUE)
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.nsp-code.com/
|
|
4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 5.0
|
7 |
-
Stable tag: 1.5.
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Hide and increase Security for your WordPress site instance using smart techniques. No files are changed on your server.
|
@@ -271,6 +271,15 @@ Please get in touch with us and we'll do our best to include it for a next versi
|
|
271 |
|
272 |
== Changelog ==
|
273 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
274 |
= 1.5.2.2 =
|
275 |
* Add trailingslashit to plugins slug to be used for replacements to avoid wrong (partial) slug changes
|
276 |
|
4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 5.0
|
7 |
+
Stable tag: 1.5.3
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Hide and increase Security for your WordPress site instance using smart techniques. No files are changed on your server.
|
271 |
|
272 |
== Changelog ==
|
273 |
|
274 |
+
= 1.5.3 =
|
275 |
+
* Remove _relative_domain_url_replacements_ssl_sq and _relative_domain_url_replacements_ssl_dq replacements for buffer as being integrated to other variables
|
276 |
+
* Relocated upload_dir() to general functions.php to catch new content and uploads slugs.
|
277 |
+
* Use full domain url for new wp-admin slug, instead relative to avoid wrong replacements for 3rd urls
|
278 |
+
* Use full domain url for new wp-login.php, instead relative to avoid wrong replacements for 3rd urls
|
279 |
+
* Typos fix for CDN texts
|
280 |
+
* Additional description for "Block any JSON REST calls" option to prevent Gutenberg block
|
281 |
+
* Updated rewrite for URL Slash to include a second conditional, to not trigger on POST calls
|
282 |
+
|
283 |
= 1.5.2.2 =
|
284 |
* Add trailingslashit to plugins slug to be used for replacements to avoid wrong (partial) slug changes
|
285 |
|
wp-hide.php
CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://www.wp-hide.com/
|
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
-
Version: 1.5.
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|
@@ -80,7 +80,7 @@ Domain Path: /languages/
|
|
80 |
}
|
81 |
|
82 |
|
83 |
-
define('WPH_URL', plugins_url('', __FILE__));
|
84 |
|
85 |
|
86 |
?>
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
+
Version: 1.5.3
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|
80 |
}
|
81 |
|
82 |
|
83 |
+
define('WPH_URL', plugins_url('', __FILE__));
|
84 |
|
85 |
|
86 |
?>
|