WP Hide & Security Enhancer - Version 1.5.5.6

Version Description

  • Fix log-in page when using Wp Rocket cache
Download this release

Release Info

Developer nsp-code
Plugin Icon 128x128 WP Hide & Security Enhancer
Version 1.5.5.6
Comparing to
See all releases

Code changes from version 1.5.5.5 to 1.5.5.6

Files changed (4) hide show
  1. compatibility/wp-rocket.php +168 -4
  2. include/wph.class.php +2 -2
  3. readme.txt +5 -2
  4. wp-hide.php +1 -1
compatibility/wp-rocket.php CHANGED
@@ -6,10 +6,10 @@
6
 
7
  static function init()
8
  {
9
- if( ! self::is_plugin_active() || is_admin() )
10
  return FALSE;
11
 
12
- add_filter( 'wp-hide/ignore_ob_start_callback', array( 'WPH_conflict_handle_wp_rocket', 'ignore_ob_start_callback'));
13
  add_filter( 'rocket_buffer', array( 'WPH_conflict_handle_wp_rocket', 'rocket_buffer'), 999 );
14
 
15
  }
@@ -25,11 +25,175 @@
25
  return FALSE;
26
  }
27
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
28
 
29
- static function ignore_ob_start_callback( $do_ignore )
30
  {
31
 
32
- return TRUE;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
33
  }
34
 
35
  static function rocket_buffer( $buffer )
6
 
7
  static function init()
8
  {
9
+ if( ! self::is_plugin_active() || ! self::is_cache_processing() )
10
  return FALSE;
11
 
12
+ add_filter( 'wp-hide/ignore_ob_start_callback', array( 'WPH_conflict_handle_wp_rocket', 'ignore_ob_start_callback'), 999, 2);
13
  add_filter( 'rocket_buffer', array( 'WPH_conflict_handle_wp_rocket', 'rocket_buffer'), 999 );
14
 
15
  }
25
  return FALSE;
26
  }
27
 
28
+ static function is_cache_processing()
29
+ {
30
+ // Don't cache robots.txt && .htaccess directory (it's happened sometimes with weird server configuration)
31
+ if ( strstr( $_SERVER['REQUEST_URI'], 'robots.txt' ) || strstr( $_SERVER['REQUEST_URI'], '.htaccess' ) ) {
32
+ return FALSE;
33
+ }
34
+
35
+ $request_uri = explode( '?', $_SERVER['REQUEST_URI'] );
36
+ $request_uri = reset(( $request_uri ));
37
+
38
+ // Don't cache disallowed extensions
39
+ if ( strtolower( $_SERVER['REQUEST_URI'] ) != '/index.php' && in_array( pathinfo( $request_uri, PATHINFO_EXTENSION ), array( 'php', 'xml', 'xsl' ) ) ) {
40
+ return FALSE;
41
+ }
42
+
43
+ // Don't cache if user is in admin
44
+ if ( is_admin() ) {
45
+ return FALSE;
46
+ }
47
+
48
+ if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
49
+ return FALSE;
50
+ }
51
+
52
+ // Don't cache the customizer preview
53
+ if ( isset( $_POST['wp_customize'] ) ) {
54
+ return FALSE;
55
+ }
56
+
57
+ // Don't cache without GET method
58
+ if ( ! isset( $_SERVER['REQUEST_METHOD'] ) || $_SERVER['REQUEST_METHOD'] != 'GET' ) {
59
+ return FALSE;
60
+ }
61
+
62
+ // Get the correct config file
63
+ $rocket_config_path = WP_CONTENT_DIR . '/wp-rocket-config/';
64
+ $host = ( isset( $_SERVER['HTTP_HOST'] ) ) ? $_SERVER['HTTP_HOST'] : time();
65
+ $host = trim( strtolower( $host ), '.' );
66
+ $host = str_replace( array( '..', chr(0) ), '', $host );
67
+
68
+ $continue = false;
69
+ if ( file_exists( $rocket_config_path . $host . '.php' ) ) {
70
+ include( $rocket_config_path . $host . '.php' );
71
+ $continue = true;
72
+ } else {
73
+ $path = explode( '/' , trim( $_SERVER['REQUEST_URI'], '/' ) );
74
+
75
+ foreach ( $path as $p ) {
76
+ static $dir;
77
+
78
+ if ( file_exists( $rocket_config_path . $host . '.' . $p . '.php' ) ) {
79
+ include( $rocket_config_path . $host . '.' . $p .'.php' );
80
+ $continue = true;
81
+ break;
82
+ }
83
+
84
+ if( file_exists( $rocket_config_path . $host . '.' . $dir . $p . '.php' ) ) {
85
+ include( $rocket_config_path . $host . '.' . $dir. $p . '.php' );
86
+ $continue = true;
87
+ break;
88
+ }
89
+
90
+ $dir .= $p . '.';
91
+ }
92
+ }
93
+
94
+ // Exit if no config file is exist
95
+ if ( ! $continue ) {
96
+ return FALSE;
97
+ }
98
+
99
+ $request_uri = ( isset( $rocket_cache_query_strings ) && array_intersect( array_keys( $_GET ), $rocket_cache_query_strings ) ) || isset( $_GET['lp-variation-id'] ) || isset( $_GET['lang'] ) || isset( $_GET['s'] ) ? $_SERVER['REQUEST_URI'] : $request_uri;
100
+
101
+ // Don't cache with variables
102
+ // but the cache is enabled if the visitor comes from an RSS feed, an Facebook action or Google Adsence tracking
103
+ // @since 2.3 Add query strings which can be cached via the options page.
104
+ // @since 2.1 Add compatibilty with WordPress Landing Pages (permalink_name and lp-variation-id)
105
+ // @since 2.1 Add compabitiliy with qTranslate and translation plugin with query string "lang"
106
+ if ( ! empty( $_GET )
107
+ && ( ! isset( $_GET['utm_source'], $_GET['utm_medium'], $_GET['utm_campaign'] ) )
108
+ && ( ! isset( $_GET['utm_expid'] ) )
109
+ && ( ! isset( $_GET['fb_action_ids'], $_GET['fb_action_types'], $_GET['fb_source'] ) )
110
+ && ( ! isset( $_GET['gclid'] ) )
111
+ && ( ! isset( $_GET['permalink_name'] ) )
112
+ && ( ! isset( $_GET['lp-variation-id'] ) )
113
+ && ( ! isset( $_GET['lang'] ) )
114
+ && ( ! isset( $_GET['s'] ) )
115
+ && ( ! isset( $_GET['age-verified'] ) )
116
+ && ( ! isset( $rocket_cache_query_strings ) || ! array_intersect( array_keys( $_GET ), $rocket_cache_query_strings ) )
117
+ ) {
118
+ return FALSE;
119
+ }
120
+
121
+ // Don't cache SSL
122
+ if ( ! isset( $rocket_cache_ssl ) && rocket_is_ssl() ) {
123
+ return FALSE;
124
+ }
125
+
126
+ // Don't cache these pages
127
+ if ( isset( $rocket_cache_reject_uri ) && preg_match( '#^(' . $rocket_cache_reject_uri . ')$#', $request_uri ) ) {
128
+ return FALSE;
129
+ }
130
+
131
+ // Don't cache page with these cookies
132
+ if ( isset( $rocket_cache_reject_cookies ) && preg_match( '#(' . $rocket_cache_reject_cookies . ')#', var_export( $_COOKIE, true ) ) ) {
133
+ return FALSE;
134
+ }
135
+
136
+ $ip = rocket_get_ip();
137
+ $allowed_ips = array(
138
+ '85.17.131.209' => 0, // Pingdom Tools - Amsterdam
139
+ '173.208.58.138' => 1, // Pingdom Tools - New-York
140
+ '50.22.90.226' => 2, // Pingdom Tools - Dallas
141
+ '209.58.131.213' => 3, // Pingdom Tools - San Jose
142
+ '168.1.92.52' => 4, // Pingdom Tools - Melbourne
143
+ '5.178.78.78' => 5 // Pingdom Tools - Stockholm
144
+ );
145
+
146
+ // Don't cache page when these cookies don't exist
147
+ if ( ! isset( $allowed_ips[ $ip ] ) && isset( $rocket_cache_mandatory_cookies ) && ! preg_match( '#(' . $rocket_cache_mandatory_cookies . ')#', var_export( $_COOKIE, true ) ) ) {
148
+ return FALSE;
149
+ }
150
+
151
+ // Don't cache page with these user agents
152
+ if ( isset( $rocket_cache_reject_ua, $_SERVER['HTTP_USER_AGENT'] ) && preg_match( '#(' . $rocket_cache_reject_ua . ')#', $_SERVER['HTTP_USER_AGENT'] ) ) {
153
+ return FALSE;
154
+ }
155
+
156
+ // Don't cache if mobile detection is activated
157
+ if ( ! isset( $rocket_cache_mobile ) && isset( $_SERVER['HTTP_USER_AGENT'] ) && (preg_match('#^.*(2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800).*#i', $_SERVER['HTTP_USER_AGENT']) || preg_match('#^(w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-).*#i', substr($_SERVER['HTTP_USER_AGENT'], 0, 4))) ) {
158
+ return FALSE;
159
+ }
160
+
161
+ return TRUE;
162
+
163
+ }
164
+
165
 
166
+ static function ignore_ob_start_callback( $do_ignore, $buffer )
167
  {
168
 
169
+ /**
170
+ * Allow to cache search results
171
+ *
172
+ * @since 2.3.8
173
+ *
174
+ * @param bool true will force caching search results
175
+ */
176
+ $rocket_cache_search = apply_filters( 'rocket_cache_search', false );
177
+
178
+ /**
179
+ * Allow to override the DONOTCACHEPAGE behavior.
180
+ * To warn conflict with some plugins like Thrive Leads.
181
+ *
182
+ * @since 2.5
183
+ *
184
+ * @param bool true will force the override
185
+ */
186
+ $rocket_override_donotcachepage = apply_filters( 'rocket_override_donotcachepage', false );
187
+
188
+ if ( strlen( $buffer ) > 255
189
+ && ( function_exists( 'is_404' ) && ! is_404() ) // Don't cache 404
190
+ && ( function_exists( 'is_search' ) && ! is_search() || $rocket_cache_search ) // Don't cache search results
191
+ && ( ! defined( 'DONOTCACHEPAGE' ) || ! DONOTCACHEPAGE || $rocket_override_donotcachepage ) // Don't cache template that use this constant
192
+ && function_exists( 'rocket_mkdir_p' )
193
+ )
194
+ return TRUE;
195
+
196
+ return FALSE;
197
  }
198
 
199
  static function rocket_buffer( $buffer )
include/wph.class.php CHANGED
@@ -510,7 +510,7 @@
510
  return $buffer;
511
 
512
  //provide a filter to disable the replacements
513
- if ( apply_filters('wp-hide/ignore_ob_start_callback', FALSE) === TRUE )
514
  return $buffer;
515
 
516
  //check headers fir content-encoding
@@ -526,7 +526,7 @@
526
  if(isset($response_headers['Content-Encoding']) && $response_headers['Content-Encoding'] == "gzip")
527
  {
528
  //Decodes the gzip compressed buffer
529
- $decoded = gzdecode($buffer);
530
  if($decoded === FALSE || $decoded == '')
531
  return $buffer;
532
 
510
  return $buffer;
511
 
512
  //provide a filter to disable the replacements
513
+ if ( apply_filters('wp-hide/ignore_ob_start_callback', FALSE, $buffer) === TRUE )
514
  return $buffer;
515
 
516
  //check headers fir content-encoding
526
  if(isset($response_headers['Content-Encoding']) && $response_headers['Content-Encoding'] == "gzip")
527
  {
528
  //Decodes the gzip compressed buffer
529
+ $decoded = @gzdecode($buffer);
530
  if($decoded === FALSE || $decoded == '')
531
  return $buffer;
532
 
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: nsp-code, tdgu
3
  Donate link: https://www.nsp-code.com/
4
  Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
5
  Requires at least: 2.8
6
- Tested up to: 5.0.3
7
- Stable tag: 1.5.5.5
8
  License: GPLv2 or later
9
 
10
  Hide and increase Security for your WordPress site instance using smart techniques. No files are changed on your server.
@@ -285,6 +285,9 @@ Please get in touch with us and we'll do our best to include it for a next versi
285
 
286
  == Changelog ==
287
 
 
 
 
288
  = 1.5.5.5 =
289
  * Fix admin dashboard replacements when using Wp Rocket cache
290
 
3
  Donate link: https://www.nsp-code.com/
4
  Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
5
  Requires at least: 2.8
6
+ Tested up to: 5.1
7
+ Stable tag: 1.5.5.6
8
  License: GPLv2 or later
9
 
10
  Hide and increase Security for your WordPress site instance using smart techniques. No files are changed on your server.
285
 
286
  == Changelog ==
287
 
288
+ = 1.5.5.6 =
289
+ * Fix log-in page when using Wp Rocket cache
290
+
291
  = 1.5.5.5 =
292
  * Fix admin dashboard replacements when using Wp Rocket cache
293
 
wp-hide.php CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://www.wp-hide.com/
5
  Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6
  Author: Nsp Code
7
  Author URI: http://www.nsp-code.com
8
- Version: 1.5.5.5
9
  Text Domain: wp-hide-security-enhancer
10
  Domain Path: /languages/
11
  */
5
  Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6
  Author: Nsp Code
7
  Author URI: http://www.nsp-code.com
8
+ Version: 1.5.5.6
9
  Text Domain: wp-hide-security-enhancer
10
  Domain Path: /languages/
11
  */