WP Hide & Security Enhancer

Version Description

Remove relative_domain_url_replacements_ssl_sq and relative_domain_urlreplacementsssl_dq replacements for buffer as being integrated to other variables
Relocated upload_dir() to general functions.php to catch new content and uploads slugs.
Use full domain url for new wp-admin slug, instead relative to avoid wrong replacements for 3rd urls
Use full domain url for new wp-login.php, instead relative to avoid wrong replacements for 3rd urls
Typos fix for CDN texts
Additional description for "Block any JSON REST calls" option to prevent Gutenberg block
Updated rewrite for URL Slash to include a second conditional, to not trigger on POST calls

Release Info

Developer	nsp-code
Plugin	WP Hide & Security Enhancer
Version	1.5.3
Comparing to
See all releases

Code changes from version 1.5.2.2 to 1.5.3

Files changed (12) hide show

include/functions.class.php +57 -9
include/wph.class.php +3 -0
languages/wp-hide-security-enhancer.mo +0 -0
languages/wp-hide-security-enhancer.po +53 -45
modules/components/admin-admin_url.php +1 -6
modules/components/admin-new_wp_login_php.php +1 -5
modules/components/cdn-setup.php +1 -1
modules/components/rewrite-json-rest.php +3 -1
modules/components/rewrite-new_upload_path.php +2 -29
modules/components/rewrite-slash.php +1 -0
readme.txt +10 -1
wp-hide.php +2 -2

include/functions.class.php CHANGED Viewed

	@@ -1341,8 +1341,8 @@
1341	//single quote ; double quote / domain url / domain ssl
1342	$_relative_domain_url_replacements_sq = array();
1343	$_relative_domain_url_replacements_dq = array();
1344	- $_relative_domain_url_replacements_ssl_sq = array();
1345	- $_relative_domain_url_replacements_ssl_dq = array();
1346
1347	$home_url = home_url();
1348	$home_url_parsed = parse_url($home_url);
	@@ -1373,7 +1373,6 @@
1373	//urlencode
1374	$text = str_ireplace( trim(urlencode(ABSPATH), '"'), '%WPH-PLACEHOLDER-PRESERVE-URLENCODE-ABSPATH%', $text);
1375
1376	-
1377	foreach($replacements as $old_url => $new_url)
1378	{
1379	//add quote to make sure it's actualy a link value and is right at the start of text
	@@ -1382,8 +1381,8 @@
1382
1383	$_relative_domain_url_replacements_dq[ '"' . str_ireplace( $domain_url, "", $old_url) ] = '"' . str_ireplace( $domain_url, "", $new_url);
1384	$_relative_domain_url_replacements_sq[ "'" . str_ireplace( $domain_url, "", $old_url) ] = "'" . str_ireplace( $domain_url, "", $new_url);
1385	- $_relative_domain_url_replacements_ssl_dq[ '"' . str_ireplace( $domain_url_ssl, "", $old_url) ] = '"' . str_ireplace( $domain_url_ssl, "", $new_url);
1386	- $_relative_domain_url_replacements_ssl_sq[ "'" . str_ireplace( $domain_url_ssl, "", $old_url) ] = "'" . str_ireplace( $domain_url_ssl, "", $new_url);
1387
1388	//match urls without protocol
1389	$_old_url = str_ireplace( array('http:', 'https:'), "", $old_url);
	@@ -1414,8 +1413,8 @@
1414	*/
1415	$text = str_ireplace( array_keys($_relative_domain_url_replacements_sq), array_values($_relative_domain_url_replacements_sq) ,$text );
1416	$text = str_ireplace( array_keys($_relative_domain_url_replacements_dq), array_values($_relative_domain_url_replacements_dq) ,$text );
1417	- $text = str_ireplace( array_keys($_relative_domain_url_replacements_ssl_sq), array_values($_relative_domain_url_replacements_ssl_sq) ,$text );
1418	- $text = str_ireplace( array_keys($_relative_domain_url_replacements_ssl_dq), array_values($_relative_domain_url_replacements_ssl_dq) ,$text );
1419
1420
1421	/**
	@@ -1435,7 +1434,7 @@
1435
1436	$text = str_ireplace( $old_url, $new_url ,$text );
1437	}
1438	-
1439	//check for url encoded urls
1440	foreach($_replacements_np as $old_url => $new_url)
1441	{
	@@ -1445,6 +1444,7 @@
1445	$text = str_ireplace( $old_url, $new_url ,$text );
1446	}
1447

1448	//check for json encoded urls
1449	foreach($_replacements as $old_url => $new_url)
1450	{
	@@ -1453,6 +1453,7 @@
1453
1454	$text = str_ireplace( $old_url, $new_url ,$text );
1455	}

1456
1457	//check for url encoded urls
1458	foreach($_replacements as $old_url => $new_url)
	@@ -1462,8 +1463,15 @@
1462
1463	$text = str_ireplace( $old_url, $new_url ,$text );
1464	}

1465
1466	-






1467	/**
1468	* Restore absolute paths
1469	*/
	@@ -2391,6 +2399,46 @@
2391	return $url;
2392
2393	}








































2394
2395
2396


1341	//single quote ; double quote / domain url / domain ssl
1342	$_relative_domain_url_replacements_sq = array();
1343	$_relative_domain_url_replacements_dq = array();
1344	+ //$_relative_domain_url_replacements_ssl_sq = array();
1345	+ //$_relative_domain_url_replacements_ssl_dq = array();
1346
1347	$home_url = home_url();
1348	$home_url_parsed = parse_url($home_url);

1373	//urlencode
1374	$text = str_ireplace( trim(urlencode(ABSPATH), '"'), '%WPH-PLACEHOLDER-PRESERVE-URLENCODE-ABSPATH%', $text);
1375

1376	foreach($replacements as $old_url => $new_url)
1377	{
1378	//add quote to make sure it's actualy a link value and is right at the start of text

1381
1382	$_relative_domain_url_replacements_dq[ '"' . str_ireplace( $domain_url, "", $old_url) ] = '"' . str_ireplace( $domain_url, "", $new_url);
1383	$_relative_domain_url_replacements_sq[ "'" . str_ireplace( $domain_url, "", $old_url) ] = "'" . str_ireplace( $domain_url, "", $new_url);
1384	+ //$_relative_domain_url_replacements_ssl_dq[ '"' . str_ireplace( $domain_url_ssl, "", $old_url) ] = '"' . str_ireplace( $domain_url_ssl, "", $new_url);
1385	+ //$_relative_domain_url_replacements_ssl_sq[ "'" . str_ireplace( $domain_url_ssl, "", $old_url) ] = "'" . str_ireplace( $domain_url_ssl, "", $new_url);
1386
1387	//match urls without protocol
1388	$_old_url = str_ireplace( array('http:', 'https:'), "", $old_url);

1413	*/
1414	$text = str_ireplace( array_keys($_relative_domain_url_replacements_sq), array_values($_relative_domain_url_replacements_sq) ,$text );
1415	$text = str_ireplace( array_keys($_relative_domain_url_replacements_dq), array_values($_relative_domain_url_replacements_dq) ,$text );
1416	+ //$text = str_ireplace( array_keys($_relative_domain_url_replacements_ssl_sq), array_values($_relative_domain_url_replacements_ssl_sq) ,$text );
1417	+ //$text = str_ireplace( array_keys($_relative_domain_url_replacements_ssl_dq), array_values($_relative_domain_url_replacements_ssl_dq) ,$text );
1418
1419
1420	/**

1434
1435	$text = str_ireplace( $old_url, $new_url ,$text );
1436	}
1437	+
1438	//check for url encoded urls
1439	foreach($_replacements_np as $old_url => $new_url)
1440	{

1444	$text = str_ireplace( $old_url, $new_url ,$text );
1445	}
1446
1447	+ /*
1448	//check for json encoded urls
1449	foreach($_replacements as $old_url => $new_url)
1450	{

1453
1454	$text = str_ireplace( $old_url, $new_url ,$text );
1455	}
1456	+
1457
1458	//check for url encoded urls
1459	foreach($_replacements as $old_url => $new_url)

1463
1464	$text = str_ireplace( $old_url, $new_url ,$text );
1465	}
1466	+ */
1467
1468	+ //check for json encoded urls
1469	+ foreach($_relative_url_replacements_dq as $old_url => $new_url)
1470	+ {
1471	+ $text = str_ireplace( rtrim( json_encode( trim ( $old_url , '"' )), '"' ), rtrim( json_encode( trim($new_url , '"')), '"' ), $text );
1472	+ $text = str_ireplace( rtrim( urlencode( trim ( $old_url , '"' )), '"' ), rtrim( urlencode( trim($new_url , '"')), '"' ), $text );
1473	+ }
1474	+
1475	/**
1476	* Restore absolute paths
1477	*/

2399	return $url;
2400
2401	}
2402	+
2403	+
2404	+
2405	+ /**
2406	+ * Process the upload_dir data
2407	+ *
2408	+ * @param mixed $data
2409	+ */
2410	+ function upload_dir($data)
2411	+ {
2412	+
2413	+ $new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
2414	+ $new_content_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_content_path') );
2415	+
2416	+ if ( empty ( $new_upload_path ) && empty ( $new_content_path ) )
2417	+ return $data;
2418	+
2419	+ if ( ! empty ( $new_upload_path ) )
2420	+ $new_url = trailingslashit( home_url() ) . $new_upload_path;
2421	+ else
2422	+ {
2423	+ $new_url = str_replace( '/wp-content/' , '/' . $new_content_path . '/', $this->wph->default_variables['upload_url'] );
2424	+ }
2425	+
2426	+ $data['url'] = str_replace($data['baseurl'], $new_url, $data['url']);
2427	+ $data['baseurl'] = $new_url;
2428	+
2429	+ //add replacement
2430	+ if(! ($this->wph->functions->replacement_exists( $this->wph->default_variables['upload_url'] )))
2431	+ {
2432	+ //prevent media images from being replaced on admin, as when plugin disable the links will not work anymore
2433	+ $block_upload_url = $this->wph->functions->get_module_item_setting('block_upload_url');
2434	+ if(!is_admin() \|\| (is_admin() && !empty($block_upload_url) && $block_upload_url != 'no'))
2435	+ {
2436	+ $this->wph->functions->add_replacement($this->wph->default_variables['upload_url'], $new_url);
2437	+ }
2438	+ }
2439	+
2440	+ return $data;
2441	+ }
2442
2443
2444

include/wph.class.php CHANGED Viewed

	@@ -151,6 +151,9 @@
151	add_action( 'admin_notices', array(&$this, 'admin_notices'));
152	add_action( 'network_admin_notices', array(&$this, 'admin_notices'));
153



154	//restart the buffering if already outputed. This is usefull for plugin / theme update iframe
155	add_action('admin_print_footer_scripts', array($this, 'admin_print_footer_scripts'), -1);
156


151	add_action( 'admin_notices', array(&$this, 'admin_notices'));
152	add_action( 'network_admin_notices', array(&$this, 'admin_notices'));
153
154	+ //adjust the uplod_data
155	+ add_filter('upload_dir', array($this->functions, 'upload_dir' ), 999);
156	+
157	//restart the buffering if already outputed. This is usefull for plugin / theme update iframe
158	add_action('admin_print_footer_scripts', array($this, 'admin_print_footer_scripts'), -1);
159

languages/wp-hide-security-enhancer.mo CHANGED Viewed

Binary file

languages/wp-hide-security-enhancer.po CHANGED Viewed

	@@ -1,8 +1,8 @@
1	msgid ""
2	msgstr ""
3	"Project-Id-Version: WP Hide & Security Enhancer\n"
4	- "POT-Creation-Date: 2018-11~~-14~~ 19:11+0200\n"
5	- "PO-Revision-Date: 2018-11~~-14~~ 19:11+0200\n"
6	"Last-Translator: NspCode <contact@nsp-code.com>\n"
7	"Language-Team: Nsp Code\n"
8	"Language: en\n"
	@@ -56,111 +56,111 @@ msgid ""
56	"changes to apply"
57	msgstr ""
58
59	- #: include/functions.class.php:~~2126~~
60	#, php-format
61	msgid "The %1$s plugin header is deprecated. Use %2$s instead."
62	msgstr ""
63
64	- #: include/functions.class.php:~~2211~~
65	#, php-format
66	msgid "By %s."
67	msgstr ""
68
69	- #: include/functions.class.php:~~2488~~
70	msgid ""
71	"Help us to improve this plugin by sending any improvement suggestions and "
72	"reporting any issues at "
73	msgstr ""
74
75	- #: include/functions.class.php:~~2489~~
76	msgid "Did you know there is a"
77	msgstr ""
78
79	- #: include/functions.class.php:~~2489~~
80	msgid "version of this plug-in?"
81	msgstr ""
82
83	- #: include/functions.class.php:~~2490~~
84	msgid ""
85	"Did you find this plugin useful? Please support our work by spread the word "
86	"about the code, or write an article about the plugin in your blog with a "
87	"link to development site"
88	msgstr ""
89
90	- #: include/wph.class.php:~~315~~
91	msgid ""
92	"Are you sure to reset all settings? All options will be removed. Manual "
93	"remove of rewrite lines is required if no access from php"
94	msgstr ""
95
96	- #: include/wph.class.php:~~352~~
97	msgid ""
98	"Your server run on WPEngine which works on Nginx rewrite rules, please check "
99	"with WP Hide PRO version at."
100	msgstr ""
101
102	- #: include/wph.class.php:~~357~~
103	msgid ""
104	"This plugin version can't handle MultiSite environment, please check with WP "
105	"Hide PRO version at"
106	msgstr ""
107
108	- #: include/wph.class.php:~~362~~
109	msgid ""
110	"Unable to launch WP Hide through mu-plugins/wp-hide-loader.php<br /> Please "
111	"make sure this location is writable so the plugin create the required file."
112	msgstr ""
113
114	- #: include/wph.class.php:~~368~~
115	msgid ""
116	"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
117	msgstr ""
118
119	- #: include/wph.class.php:~~373~~
120	msgid ""
121	"<b>WP Hide</b> This plugin version can't handle this server type, please "
122	"check with PRO version at"
123	msgstr ""
124
125	- #: include/wph.class.php:~~384~~
126	msgid ""
127	"Unable to write custom rules to your .htaccess. Is this file writable? <br /"
128	">No changes are being applied."
129	msgstr ""
130
131	- #: include/wph.class.php:~~387~~
132	msgid ""
133	"Unable to write custom rules to your web.config. Is this file writable? <br /"
134	">No changes are being applied."
135	msgstr ""
136
137	- #: include/wph.class.php:~~395~~
138	msgid ""
139	"Unable to create cache folder. Is the wp-content writable? <br />No cache "
140	"data will be available."
141	msgstr ""
142
143	- #: include/wph.class.php:~~400~~
144	msgid "All Settings where restored to default"
145	msgstr ""
146
147	- #: include/wph.class.php:~~429~~
148	msgid "Settings saved"
149	msgstr ""
150
151	- #: include/wph.class.php:~~471~~
152	msgid "Cache cleared"
153	msgstr ""
154
155	- #: include/wph.class.php:~~786~~
156	msgid "Unable to create environment static file. Is "
157	msgstr ""
158
159	- #: include/wph.class.php:~~786~~
160	msgid "writable"
161	msgstr ""
162
163	- #: include/wph.class.php:~~786~~
164	msgid "will not work correctly, so where turned off."
165	msgstr ""
166
	@@ -250,10 +250,10 @@ msgstr ""
250	#: modules/components/rewrite-comments.php:34
251	#: modules/components/rewrite-json-rest.php:23
252	#: modules/components/rewrite-json-rest.php:41
253	- #: modules/components/rewrite-json-rest.php:63
254	- #: modules/components/rewrite-json-rest.php:87
255	- #: modules/components/rewrite-json-rest.php:~~105~~
256	- #: modules/components/rewrite-json-rest.php:~~122~~
257	#: modules/components/rewrite-new_include_path.php:34
258	#: modules/components/rewrite-new_plugin_path.php:35
259	#: modules/components/rewrite-new_theme_path.php:60
	@@ -307,10 +307,10 @@ msgstr ""
307	#: modules/components/rewrite-comments.php:35
308	#: modules/components/rewrite-json-rest.php:24
309	#: modules/components/rewrite-json-rest.php:42
310	- #: modules/components/rewrite-json-rest.php:64
311	- #: modules/components/rewrite-json-rest.php:88
312	- #: modules/components/rewrite-json-rest.php:~~106~~
313	- #: modules/components/rewrite-json-rest.php:~~123~~
314	#: modules/components/rewrite-new_include_path.php:35
315	#: modules/components/rewrite-new_plugin_path.php:36
316	#: modules/components/rewrite-new_theme_path.php:61
	@@ -331,25 +331,25 @@ msgstr ""
331	msgid "No"
332	msgstr ""
333
334	- #: modules/components/admin-admin_url.php:~~190~~
335	msgid "Hello"
336	msgstr ""
337
338	- #: modules/components/admin-admin_url.php:~~191~~
339	msgid ""
340	"This is an automated message to inform that your login url has been changed "
341	"at"
342	msgstr ""
343
344	- #: modules/components/admin-admin_url.php:~~192~~
345	msgid "The new login url is"
346	msgstr ""
347
348	- #: modules/components/admin-admin_url.php:~~193~~
349	msgid "Additionality you can use this to recover the old login / admin links "
350	msgstr ""
351
352	- #: modules/components/admin-admin_url.php:~~194~~
353	msgid "Please keep this url safe for recover, if forgot"
354	msgstr ""
355
	@@ -389,7 +389,7 @@ msgstr ""
389	#: modules/components/cdn-setup.php:17
390	msgid ""
391	"Some CDN providers (like stackpath.com ) replace site assets with custom "
392	- "url, enter here such url. ~~Oterwise~~ this option should stay ~~empy~~."
393	msgstr ""
394
395	#: modules/components/general-feed.php:16
	@@ -565,12 +565,12 @@ msgid "Remove the wlwmanifest tag within head."
565	msgstr ""
566
567	#: modules/components/general-meta.php:114
568	- #: modules/components/rewrite-json-rest.php:82
569	msgid "Disable output the REST API link tag into page header"
570	msgstr ""
571
572	#: modules/components/general-meta.php:115
573	- #: modules/components/rewrite-json-rest.php:83
574	msgid "By default a REST API link tag is being append to HTML."
575	msgstr ""
576
	@@ -709,19 +709,25 @@ msgstr ""
709	msgid "Any call for JSON REST API service will be blocked."
710	msgstr ""
711
712	- #: modules/components/rewrite-json-rest.php:~~100~~






713	msgid "Disable JSON REST WP RSD endpoint from XML-RPC responses"
714	msgstr ""
715
716	- #: modules/components/rewrite-json-rest.php:~~101~~
717	msgid "By default a WP RSD endpoint is being append to the XML respose."
718	msgstr ""
719
720	- #: modules/components/rewrite-json-rest.php:~~117~~
721	msgid "Disable Sends a Link header for the REST API"
722	msgstr ""
723
724	- #: modules/components/rewrite-json-rest.php:~~118~~
725	msgid "On template_redirect, disable Sends a Link header for the REST API."
726	msgstr ""
727
	@@ -869,11 +875,13 @@ msgid "e.g. my_uploads"
869	msgstr ""
870
871	#: modules/components/rewrite-new_upload_path.php:30
872	- msgid "Block uploads URL"
873	msgstr ""
874
875	#: modules/components/rewrite-new_upload_path.php:31
876	- msgid "~~Block upload files from being accesible through default urls.~~"


877	msgstr ""
878
879	#: modules/components/rewrite-new_upload_path.php:31


1	msgid ""
2	msgstr ""
3	"Project-Id-Version: WP Hide & Security Enhancer\n"
4	+ "POT-Creation-Date: 2018-12-11 00:31+0200\n"
5	+ "PO-Revision-Date: 2018-12-11 00:31+0200\n"
6	"Last-Translator: NspCode <contact@nsp-code.com>\n"
7	"Language-Team: Nsp Code\n"
8	"Language: en\n"

56	"changes to apply"
57	msgstr ""
58
59	+ #: include/functions.class.php:2134
60	#, php-format
61	msgid "The %1$s plugin header is deprecated. Use %2$s instead."
62	msgstr ""
63
64	+ #: include/functions.class.php:2219
65	#, php-format
66	msgid "By %s."
67	msgstr ""
68
69	+ #: include/functions.class.php:2536
70	msgid ""
71	"Help us to improve this plugin by sending any improvement suggestions and "
72	"reporting any issues at "
73	msgstr ""
74
75	+ #: include/functions.class.php:2537
76	msgid "Did you know there is a"
77	msgstr ""
78
79	+ #: include/functions.class.php:2537
80	msgid "version of this plug-in?"
81	msgstr ""
82
83	+ #: include/functions.class.php:2538
84	msgid ""
85	"Did you find this plugin useful? Please support our work by spread the word "
86	"about the code, or write an article about the plugin in your blog with a "
87	"link to development site"
88	msgstr ""
89
90	+ #: include/wph.class.php:318
91	msgid ""
92	"Are you sure to reset all settings? All options will be removed. Manual "
93	"remove of rewrite lines is required if no access from php"
94	msgstr ""
95
96	+ #: include/wph.class.php:355
97	msgid ""
98	"Your server run on WPEngine which works on Nginx rewrite rules, please check "
99	"with WP Hide PRO version at."
100	msgstr ""
101
102	+ #: include/wph.class.php:360
103	msgid ""
104	"This plugin version can't handle MultiSite environment, please check with WP "
105	"Hide PRO version at"
106	msgstr ""
107
108	+ #: include/wph.class.php:365
109	msgid ""
110	"Unable to launch WP Hide through mu-plugins/wp-hide-loader.php<br /> Please "
111	"make sure this location is writable so the plugin create the required file."
112	msgstr ""
113
114	+ #: include/wph.class.php:371
115	msgid ""
116	"Permalink is required to be turned ON for WP Hide & Security Enhancer to work"
117	msgstr ""
118
119	+ #: include/wph.class.php:376
120	msgid ""
121	"<b>WP Hide</b> This plugin version can't handle this server type, please "
122	"check with PRO version at"
123	msgstr ""
124
125	+ #: include/wph.class.php:387
126	msgid ""
127	"Unable to write custom rules to your .htaccess. Is this file writable? <br /"
128	">No changes are being applied."
129	msgstr ""
130
131	+ #: include/wph.class.php:390
132	msgid ""
133	"Unable to write custom rules to your web.config. Is this file writable? <br /"
134	">No changes are being applied."
135	msgstr ""
136
137	+ #: include/wph.class.php:398
138	msgid ""
139	"Unable to create cache folder. Is the wp-content writable? <br />No cache "
140	"data will be available."
141	msgstr ""
142
143	+ #: include/wph.class.php:403
144	msgid "All Settings where restored to default"
145	msgstr ""
146
147	+ #: include/wph.class.php:432
148	msgid "Settings saved"
149	msgstr ""
150
151	+ #: include/wph.class.php:474
152	msgid "Cache cleared"
153	msgstr ""
154
155	+ #: include/wph.class.php:789
156	msgid "Unable to create environment static file. Is "
157	msgstr ""
158
159	+ #: include/wph.class.php:789
160	msgid "writable"
161	msgstr ""
162
163	+ #: include/wph.class.php:789
164	msgid "will not work correctly, so where turned off."
165	msgstr ""
166

250	#: modules/components/rewrite-comments.php:34
251	#: modules/components/rewrite-json-rest.php:23
252	#: modules/components/rewrite-json-rest.php:41
253	+ #: modules/components/rewrite-json-rest.php:65
254	+ #: modules/components/rewrite-json-rest.php:89
255	+ #: modules/components/rewrite-json-rest.php:107
256	+ #: modules/components/rewrite-json-rest.php:124
257	#: modules/components/rewrite-new_include_path.php:34
258	#: modules/components/rewrite-new_plugin_path.php:35
259	#: modules/components/rewrite-new_theme_path.php:60

307	#: modules/components/rewrite-comments.php:35
308	#: modules/components/rewrite-json-rest.php:24
309	#: modules/components/rewrite-json-rest.php:42
310	+ #: modules/components/rewrite-json-rest.php:66
311	+ #: modules/components/rewrite-json-rest.php:90
312	+ #: modules/components/rewrite-json-rest.php:108
313	+ #: modules/components/rewrite-json-rest.php:125
314	#: modules/components/rewrite-new_include_path.php:35
315	#: modules/components/rewrite-new_plugin_path.php:36
316	#: modules/components/rewrite-new_theme_path.php:61

331	msgid "No"
332	msgstr ""
333
334	+ #: modules/components/admin-admin_url.php:185
335	msgid "Hello"
336	msgstr ""
337
338	+ #: modules/components/admin-admin_url.php:186
339	msgid ""
340	"This is an automated message to inform that your login url has been changed "
341	"at"
342	msgstr ""
343
344	+ #: modules/components/admin-admin_url.php:187
345	msgid "The new login url is"
346	msgstr ""
347
348	+ #: modules/components/admin-admin_url.php:188
349	msgid "Additionality you can use this to recover the old login / admin links "
350	msgstr ""
351
352	+ #: modules/components/admin-admin_url.php:189
353	msgid "Please keep this url safe for recover, if forgot"
354	msgstr ""
355

389	#: modules/components/cdn-setup.php:17
390	msgid ""
391	"Some CDN providers (like stackpath.com ) replace site assets with custom "
392	+ "url, enter here such url. Otherwise this option should stay empty."
393	msgstr ""
394
395	#: modules/components/general-feed.php:16

565	msgstr ""
566
567	#: modules/components/general-meta.php:114
568	+ #: modules/components/rewrite-json-rest.php:84
569	msgid "Disable output the REST API link tag into page header"
570	msgstr ""
571
572	#: modules/components/general-meta.php:115
573	+ #: modules/components/rewrite-json-rest.php:85
574	msgid "By default a REST API link tag is being append to HTML."
575	msgstr ""
576

709	msgid "Any call for JSON REST API service will be blocked."
710	msgstr ""
711
712	+ #: modules/components/rewrite-json-rest.php:60
713	+ msgid ""
714	+ "<span class=\"info\"> This might be required by spedific plugins, including "
715	+ "new WordPress editor <b>Gutenberg</b>.</span>"
716	+ msgstr ""
717	+
718	+ #: modules/components/rewrite-json-rest.php:102
719	msgid "Disable JSON REST WP RSD endpoint from XML-RPC responses"
720	msgstr ""
721
722	+ #: modules/components/rewrite-json-rest.php:103
723	msgid "By default a WP RSD endpoint is being append to the XML respose."
724	msgstr ""
725
726	+ #: modules/components/rewrite-json-rest.php:119
727	msgid "Disable Sends a Link header for the REST API"
728	msgstr ""
729
730	+ #: modules/components/rewrite-json-rest.php:120
731	msgid "On template_redirect, disable Sends a Link header for the REST API."
732	msgstr ""
733

875	msgstr ""
876
877	#: modules/components/rewrite-new_upload_path.php:30
878	+ msgid "Block default uploads URL"
879	msgstr ""
880
881	#: modules/components/rewrite-new_upload_path.php:31
882	+ msgid ""
883	+ "Block default wp-content/uploads/ media folder from being accesible through "
884	+ "default urls."
885	msgstr ""
886
887	#: modules/components/rewrite-new_upload_path.php:31

modules/components/admin-admin_url.php CHANGED Viewed

	@@ -69,12 +69,7 @@
69	include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
70	WPH_conflict_handle_wp_simple_firewall::custom_login_check();
71
72	- $~~default_url = $~~this->wph->functions->~~get_url_path~~( trailingslashit( site_url() ) . 'wp-admin' );
73	- $new_url = $this->wph->functions->get_url_path( trailingslashit( home_url() ) . $saved_field_data );
74	-
75	-
76	- //add replacement
77	- $this->wph->functions->add_replacement( $default_url, $new_url);
78
79	add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
80


69	include_once(WPH_PATH . 'conflicts/wp-simple-firewall.php');
70	WPH_conflict_handle_wp_simple_firewall::custom_login_check();
71
72	+ $this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-admin' , trailingslashit( home_url() ) . $saved_field_data );





73
74	add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
75

modules/components/admin-new_wp_login_php.php CHANGED Viewed

	@@ -64,11 +64,7 @@
64	add_filter('login_url', array($this,'login_url'), 999, 3 );
65
66	//add replacement
67	- $~~url =~~ trailingslashit( site_url() ) . 'wp-login.php';
68	- $this->wph->functions->add_replacement( $url, trailingslashit( home_url() ) . $saved_field_data );
69	-
70	- //add relative too
71	- $this->wph->functions->add_replacement( '/wp-login.php', '/' . $saved_field_data );
72
73	}
74


64	add_filter('login_url', array($this,'login_url'), 999, 3 );
65
66	//add replacement
67	+ $this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-login.php', trailingslashit( home_url() ) . $saved_field_data );




68
69	}
70

modules/components/cdn-setup.php CHANGED Viewed

	@@ -14,7 +14,7 @@
14	$this->module_settings[] = array(
15	'id' => 'cdn_url',
16	'label' => __('CDN Url', 'wp-hide-security-enhancer'),
17	- 'description' => __('Some CDN providers (like stackpath.com ) replace site assets with custom url, enter here such url. ~~Oterwise~~ this option should stay ~~empy~~.', 'wp-hide-security-enhancer'),
18
19	'input_type' => 'text',
20


14	$this->module_settings[] = array(
15	'id' => 'cdn_url',
16	'label' => __('CDN Url', 'wp-hide-security-enhancer'),
17	+ 'description' => __('Some CDN providers (like stackpath.com ) replace site assets with custom url, enter here such url. Otherwise this option should stay empty.', 'wp-hide-security-enhancer'),
18
19	'input_type' => 'text',
20

modules/components/rewrite-json-rest.php CHANGED Viewed

	@@ -56,7 +56,9 @@
56	$this->module_settings[] = array(
57	'id' => 'block_json_rest',
58	'label' => __('Block any JSON REST calls', 'wp-hide-security-enhancer'),
59	- 'description' => __('Any call for JSON REST API service will be blocked.', 'wp-hide-security-enhancer'),


60
61	'input_type' => 'radio',
62	'options' => array(


56	$this->module_settings[] = array(
57	'id' => 'block_json_rest',
58	'label' => __('Block any JSON REST calls', 'wp-hide-security-enhancer'),
59	+ 'description' => __('Any call for JSON REST API service will be blocked.', 'wp-hide-security-enhancer')
60	+ . '<br />' . __('<span class="info"> This might be required by spedific plugins, including new WordPress editor <b>Gutenberg</b>.</span>'),
61	+
62
63	'input_type' => 'radio',
64	'options' => array(

modules/components/rewrite-new_upload_path.php CHANGED Viewed

	@@ -27,8 +27,8 @@
27
28	$this->module_settings[] = array(
29	'id' => 'block_upload_url',
30	- 'label' => __('Block uploads URL', 'wp-hide-security-enhancer'),
31	- 'description' => __('Block ~~upload~~ ~~files~~ from being accesible through default urls.', 'wp-hide-security-enhancer') . ' <br />'.__('If set to Yes, all new images inserted into posts will use the new Upload Url, as old url become blocked. Using the No, new images inserted will use old url, which however are being updated on front side. This may be helpful on plugin disable, so image urls can be accessible as before.', 'wp-hide-security-enhancer').'<br />'. __('Apply only if', 'wp-hide-security-enhancer') .' <b>New Upload Path</b> '.__('is not empty.', 'wp-hide-security-enhancer'),
32
33	'input_type' => 'radio',
34	'options' => array(
	@@ -77,9 +77,6 @@
77	return;
78	}
79
80	-
81	- add_filter('upload_dir', array( $this, 'upload_dir' ), 999);
82	-
83	//add default plugin path replacement
84	$new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
85	$new_url = trailingslashit( home_url() ) . $new_upload_path;
	@@ -113,31 +110,7 @@
113
114	return $processing_response;
115	}
116	-
117
118	- function upload_dir($data)
119	- {
120	-
121	- $new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
122	-
123	- $new_url = trailingslashit( site_url() ) . $new_upload_path;
124	-
125	- $data['url'] = str_replace($data['baseurl'], $new_url, $data['url']);
126	- $data['baseurl'] = $new_url;
127	-
128	- //add replacement
129	- if(! ($this->wph->functions->replacement_exists( $this->wph->default_variables['upload_url'] )))
130	- {
131	- //prevent media images from being replaced on admin, as when plugin disable the links will not work anymore
132	- $block_upload_url = $this->wph->functions->get_module_item_setting('block_upload_url');
133	- if(!is_admin() \|\| (is_admin() && !empty($block_upload_url) && $block_upload_url != 'no'))
134	- {
135	- $this->wph->functions->add_replacement($this->wph->default_variables['upload_url'], $new_url);
136	- }
137	- }
138	-
139	- return $data;
140	- }
141
142	function _callback_saved_block_upload_url($saved_field_data)
143	{


27
28	$this->module_settings[] = array(
29	'id' => 'block_upload_url',
30	+ 'label' => __('Block default uploads URL', 'wp-hide-security-enhancer'),
31	+ 'description' => __('Block default wp-content/uploads/ media folder from being accesible through default urls.', 'wp-hide-security-enhancer') . ' <br />'.__('If set to Yes, all new images inserted into posts will use the new Upload Url, as old url become blocked. Using the No, new images inserted will use old url, which however are being updated on front side. This may be helpful on plugin disable, so image urls can be accessible as before.', 'wp-hide-security-enhancer').'<br />'. __('Apply only if', 'wp-hide-security-enhancer') .' <b>New Upload Path</b> '.__('is not empty.', 'wp-hide-security-enhancer'),
32
33	'input_type' => 'radio',
34	'options' => array(

77	return;
78	}
79



80	//add default plugin path replacement
81	$new_upload_path = $this->wph->functions->untrailingslashit_all( $this->wph->functions->get_module_item_setting('new_upload_path') );
82	$new_url = trailingslashit( home_url() ) . $new_upload_path;

110
111	return $processing_response;
112	}

113























114
115	function _callback_saved_block_upload_url($saved_field_data)
116	{

modules/components/rewrite-slash.php CHANGED Viewed

	@@ -52,6 +52,7 @@
52	if($this->wph->server_htaccess_config === TRUE)
53	//\nRewriteCond %{ENV:REDIRECT_STATUS} !^$"
54	$processing_response['rewrite'] = "\nRewriteCond %{REQUEST_URI} /+[^\.]+$"

55	. "\nRewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
56
57	if($this->wph->server_web_config === TRUE)


52	if($this->wph->server_htaccess_config === TRUE)
53	//\nRewriteCond %{ENV:REDIRECT_STATUS} !^$"
54	$processing_response['rewrite'] = "\nRewriteCond %{REQUEST_URI} /+[^\.]+$"
55	+ . "\nRewriteCond %{REQUEST_METHOD} !POST"
56	. "\nRewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]";
57
58	if($this->wph->server_web_config === TRUE)

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.nsp-code.com/
4	Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
5	Requires at least: 2.8
6	Tested up to: 5.0
7	- Stable tag: 1.5.~~2.2~~
8	License: GPLv2 or later
9
10	Hide and increase Security for your WordPress site instance using smart techniques. No files are changed on your server.
	@@ -271,6 +271,15 @@ Please get in touch with us and we'll do our best to include it for a next versi
271
272	== Changelog ==
273









274	= 1.5.2.2 =
275	* Add trailingslashit to plugins slug to be used for replacements to avoid wrong (partial) slug changes
276


4	Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
5	Requires at least: 2.8
6	Tested up to: 5.0
7	+ Stable tag: 1.5.3
8	License: GPLv2 or later
9
10	Hide and increase Security for your WordPress site instance using smart techniques. No files are changed on your server.

271
272	== Changelog ==
273
274	+ = 1.5.3 =
275	+ * Remove _relative_domain_url_replacements_ssl_sq and _relative_domain_url_replacements_ssl_dq replacements for buffer as being integrated to other variables
276	+ * Relocated upload_dir() to general functions.php to catch new content and uploads slugs.
277	+ * Use full domain url for new wp-admin slug, instead relative to avoid wrong replacements for 3rd urls
278	+ * Use full domain url for new wp-login.php, instead relative to avoid wrong replacements for 3rd urls
279	+ * Typos fix for CDN texts
280	+ * Additional description for "Block any JSON REST calls" option to prevent Gutenberg block
281	+ * Updated rewrite for URL Slash to include a second conditional, to not trigger on POST calls
282	+
283	= 1.5.2.2 =
284	* Add trailingslashit to plugins slug to be used for replacements to avoid wrong (partial) slug changes
285

wp-hide.php CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: https://www.wp-hide.com/
5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	- Version: 1.5.~~2.2~~
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/
	@@ -80,7 +80,7 @@ Domain Path: /languages/
80	}
81
82
83	- define('WPH_URL', plugins_url('', __FILE__));
84
85
86	?>


5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	+ Version: 1.5.3
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/

80	}
81
82
83	+ define('WPH_URL', plugins_url('', __FILE__));
84
85
86	?>

WP Hide & Security Enhancer - Version 1.5.3

Version Description

Release Info

Code changes from version 1.5.2.2 to 1.5.3