Version Description
- Avoid using domain name as replacement for any option, or might conclude to wrong replacements within the outputted HTML or wrong reversed urls.
- Add system reserved words as 'wp', 'admin', 'admin-ajax.php'
- Slight General code improvements
- Clean cookie for the new custom slug, if set.
- Integration with WP-Optimize - Clean, Compress, Cache
Download this release
Release Info
| Developer | nsp-code |
| Plugin |  WP Hide & Security Enhancer |
| Version | 1.6.0.8 |
| Comparing to | |
| See all releases | |
Code changes from version 1.6.0.6 to 1.6.0.8
- compatibility/wp-optimize.php +52 -0
- include/class.compatibility.php +3 -0
- include/functions.class.php +35 -9
- modules/components/admin-admin_url.php +15 -5
- readme.txt +8 -1
- wp-hide.php +1 -1
compatibility/wp-optimize.php
ADDED
|
@@ -0,0 +1,52 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
+
/**
|
| 4 |
+
* Compatibility for Plugin Name: WP-Optimize - Clean, Compress, Cache
|
| 5 |
+
* Compatibility checked on Version: 3.0.11
|
| 6 |
+
*/
|
| 7 |
+
|
| 8 |
+
if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
|
| 9 |
+
|
| 10 |
+
class WPH_conflict_handle_wp_optimize
|
| 11 |
+
{
|
| 12 |
+
|
| 13 |
+
var $wph;
|
| 14 |
+
|
| 15 |
+
function __construct()
|
| 16 |
+
{
|
| 17 |
+
if( ! $this->is_plugin_active())
|
| 18 |
+
return FALSE;
|
| 19 |
+
|
| 20 |
+
global $wph;
|
| 21 |
+
|
| 22 |
+
$this->wph = $wph;
|
| 23 |
+
|
| 24 |
+
add_filter( 'wpo_pre_cache_buffer', array( $this , 'wpo_pre_cache_buffer' ), 99, 2 );
|
| 25 |
+
}
|
| 26 |
+
|
| 27 |
+
static function is_plugin_active()
|
| 28 |
+
{
|
| 29 |
+
|
| 30 |
+
include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
|
| 31 |
+
|
| 32 |
+
if(is_plugin_active( 'wp-optimize/wp-optimize.php' ))
|
| 33 |
+
return TRUE;
|
| 34 |
+
else
|
| 35 |
+
return FALSE;
|
| 36 |
+
}
|
| 37 |
+
|
| 38 |
+
function wpo_pre_cache_buffer( $buffer, $flags )
|
| 39 |
+
{
|
| 40 |
+
|
| 41 |
+
$buffer = $this->wph->ob_start_callback( $buffer );
|
| 42 |
+
|
| 43 |
+
return $buffer;
|
| 44 |
+
|
| 45 |
+
}
|
| 46 |
+
|
| 47 |
+
}
|
| 48 |
+
|
| 49 |
+
new WPH_conflict_handle_wp_optimize();
|
| 50 |
+
|
| 51 |
+
|
| 52 |
+
?>
|
include/class.compatibility.php
CHANGED
|
@@ -121,6 +121,9 @@
|
|
| 121 |
//WP Job Manager
|
| 122 |
include_once(WPH_PATH . 'compatibility/wp-job-manager.php');
|
| 123 |
|
|
|
|
|
|
|
|
|
|
| 124 |
/**
|
| 125 |
* Themes
|
| 126 |
*/
|
| 121 |
//WP Job Manager
|
| 122 |
include_once(WPH_PATH . 'compatibility/wp-job-manager.php');
|
| 123 |
|
| 124 |
+
//WP-Optimize - Clean, Compress, Cache
|
| 125 |
+
include_once(WPH_PATH . 'compatibility/wp-optimize.php');
|
| 126 |
+
|
| 127 |
/**
|
| 128 |
* Themes
|
| 129 |
*/
|
include/functions.class.php
CHANGED
|
@@ -252,10 +252,17 @@
|
|
| 252 |
|
| 253 |
$_settings_for_regex[ $field_name ] = $parts[0];
|
| 254 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 255 |
|
| 256 |
-
$
|
| 257 |
-
|
| 258 |
-
|
| 259 |
|
| 260 |
//clean the just updated fields within main settings array
|
| 261 |
foreach($unique_require_updated_settings as $field_name => $data)
|
|
@@ -301,15 +308,32 @@
|
|
| 301 |
//put the value back
|
| 302 |
$_settings_[ $field_name ] = $data['value'];
|
| 303 |
|
|
|
|
|
|
|
| 304 |
//check for reserved value
|
| 305 |
-
|
| 306 |
{
|
| 307 |
-
$
|
| 308 |
-
|
| 309 |
-
|
| 310 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 311 |
}
|
| 312 |
-
|
| 313 |
}
|
| 314 |
|
| 315 |
|
|
@@ -859,6 +883,7 @@
|
|
| 859 |
|
| 860 |
/**
|
| 861 |
* Return rewrite base
|
|
|
|
| 862 |
*
|
| 863 |
*/
|
| 864 |
function get_rewrite_base( $saved_field_data, $left_slash = TRUE, $right_slash = TRUE )
|
|
@@ -1567,6 +1592,7 @@
|
|
| 1567 |
}
|
| 1568 |
|
| 1569 |
//check for url encoded urls
|
|
|
|
| 1570 |
foreach( $_relative_domain_url_replacements_dq as $old_url => $new_url )
|
| 1571 |
{
|
| 1572 |
/*
|
| 252 |
|
| 253 |
$_settings_for_regex[ $field_name ] = $parts[0];
|
| 254 |
}
|
| 255 |
+
|
| 256 |
+
|
| 257 |
+
$reserved_values = array(
|
| 258 |
+
'wp' => __('is a system reserved.', 'wp-hide-security-enhancer'),
|
| 259 |
+
'admin' => __('is a system reserved.', 'wp-hide-security-enhancer'),
|
| 260 |
+
'admin-ajax.php' => __('is a system reserved.', 'wp-hide-security-enhancer')
|
| 261 |
+
);
|
| 262 |
|
| 263 |
+
$domain_parsed = parse_url ( home_url() ) ;
|
| 264 |
+
$domain_parsed_host_parts = explode ( "." , $domain_parsed['host'] );
|
| 265 |
+
$reserved_values[$domain_parsed_host_parts[0]] = __('is similar to domain name.', 'wp-hide-security-enhancer');
|
| 266 |
|
| 267 |
//clean the just updated fields within main settings array
|
| 268 |
foreach($unique_require_updated_settings as $field_name => $data)
|
| 308 |
//put the value back
|
| 309 |
$_settings_[ $field_name ] = $data['value'];
|
| 310 |
|
| 311 |
+
$_reserved_values = $reserved_values;
|
| 312 |
+
|
| 313 |
//check for reserved value
|
| 314 |
+
foreach ( $_reserved_values as $reserved_value => $error_description )
|
| 315 |
{
|
| 316 |
+
if( stripos( $reserved_value, $data['value'] ) === 0 )
|
| 317 |
+
{
|
| 318 |
+
$errors = TRUE;
|
| 319 |
+
$process_interface_save_errors[] = array( 'type' => 'error',
|
| 320 |
+
'message' => __('Value', 'wp-hide-security-enhancer') . ' <b>' . $data['value'] .'</b> ' . __('set for', 'wp-hide-security-enhancer') . ' ' . __($data['module_name'], 'wp-hide-security-enhancer') . ' ' . $error_description
|
| 321 |
+
);
|
| 322 |
+
continue;
|
| 323 |
+
}
|
| 324 |
+
|
| 325 |
+
if( stripos( $data['value'], $reserved_value ) === 0 )
|
| 326 |
+
{
|
| 327 |
+
$errors = TRUE;
|
| 328 |
+
$process_interface_save_errors[] = array( 'type' => 'error',
|
| 329 |
+
'message' => __('Value', 'wp-hide-security-enhancer') . ' <b>' . $data['value'] .'</b> ' . __('set for', 'wp-hide-security-enhancer') . ' ' . __($data['module_name'], 'wp-hide-security-enhancer') . ' ' . $error_description
|
| 330 |
+
);
|
| 331 |
+
|
| 332 |
+
}
|
| 333 |
+
|
| 334 |
+
|
| 335 |
}
|
| 336 |
+
|
| 337 |
}
|
| 338 |
|
| 339 |
|
| 883 |
|
| 884 |
/**
|
| 885 |
* Return rewrite base
|
| 886 |
+
*
|
| 887 |
*
|
| 888 |
*/
|
| 889 |
function get_rewrite_base( $saved_field_data, $left_slash = TRUE, $right_slash = TRUE )
|
| 1592 |
}
|
| 1593 |
|
| 1594 |
//check for url encoded urls
|
| 1595 |
+
//Be aware !! if use a slug similar to domain or part of it, it will do wrong replacement.
|
| 1596 |
foreach( $_relative_domain_url_replacements_dq as $old_url => $new_url )
|
| 1597 |
{
|
| 1598 |
/*
|
modules/components/admin-admin_url.php
CHANGED
|
@@ -86,6 +86,7 @@
|
|
| 86 |
$this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-admin' , trailingslashit( home_url() ) . $saved_field_data );
|
| 87 |
|
| 88 |
add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
|
|
|
|
| 89 |
|
| 90 |
//make sure the admin url redirect url is updated when updating WordPress Core
|
| 91 |
add_filter('user_admin_url', array($this, 'wp_core_update_user_admin_url'), 999, 2);
|
|
@@ -180,12 +181,21 @@
|
|
| 180 |
$sitecookiepath = '/';
|
| 181 |
|
| 182 |
setcookie($auth_cookie_name, $auth_cookie, $expire, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN, $secure, true);
|
| 183 |
-
|
| 184 |
-
|
| 185 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 186 |
|
| 187 |
-
|
| 188 |
-
|
|
|
|
| 189 |
}
|
| 190 |
|
| 191 |
|
| 86 |
$this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-admin' , trailingslashit( home_url() ) . $saved_field_data );
|
| 87 |
|
| 88 |
add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
|
| 89 |
+
add_action('wp_logout', array($this,'wp_logout'), 999, 5);
|
| 90 |
|
| 91 |
//make sure the admin url redirect url is updated when updating WordPress Core
|
| 92 |
add_filter('user_admin_url', array($this, 'wp_core_update_user_admin_url'), 999, 2);
|
| 181 |
$sitecookiepath = '/';
|
| 182 |
|
| 183 |
setcookie($auth_cookie_name, $auth_cookie, $expire, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN, $secure, true);
|
| 184 |
+
|
| 185 |
+
}
|
| 186 |
+
|
| 187 |
+
|
| 188 |
+
function wp_logout()
|
| 189 |
+
{
|
| 190 |
+
$new_admin_url = $this->wph->functions->get_module_item_setting( 'admin_url' );
|
| 191 |
+
|
| 192 |
+
$sitecookiepath = empty($this->wph->default_variables['wordpress_directory']) ? SITECOOKIEPATH : rtrim(SITECOOKIEPATH, trailingslashit($this->wph->default_variables['wordpress_directory']));
|
| 193 |
+
if (empty ($sitecookiepath))
|
| 194 |
+
$sitecookiepath = '/';
|
| 195 |
|
| 196 |
+
setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN );
|
| 197 |
+
setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN );
|
| 198 |
+
|
| 199 |
}
|
| 200 |
|
| 201 |
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://www.nsp-code.com/
|
|
| 4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
| 5 |
Requires at least: 2.8
|
| 6 |
Tested up to: 5.4.2
|
| 7 |
-
Stable tag: 1.6.0.
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
|
|
@@ -344,6 +344,13 @@ Please get in touch with us and we'll do our best to include it for a next versi
|
|
| 344 |
|
| 345 |
== Changelog ==
|
| 346 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 347 |
= 1.6.0.6 =
|
| 348 |
* WP Job Manager - compatibility update
|
| 349 |
|
| 4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
| 5 |
Requires at least: 2.8
|
| 6 |
Tested up to: 5.4.2
|
| 7 |
+
Stable tag: 1.6.0.8
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
|
| 344 |
|
| 345 |
== Changelog ==
|
| 346 |
|
| 347 |
+
= 1.6.0.8 =
|
| 348 |
+
* Avoid using domain name as replacement for any option, or might conclude to wrong replacements within the outputted HTML or wrong reversed urls.
|
| 349 |
+
* Add system reserved words as 'wp', 'admin', 'admin-ajax.php'
|
| 350 |
+
* Slight General code improvements
|
| 351 |
+
* Clean cookie for the new custom slug, if set.
|
| 352 |
+
* Integration with WP-Optimize - Clean, Compress, Cache
|
| 353 |
+
|
| 354 |
= 1.6.0.6 =
|
| 355 |
* WP Job Manager - compatibility update
|
| 356 |
|
wp-hide.php
CHANGED
|
@@ -5,7 +5,7 @@ Plugin URI: https://www.wp-hide.com/
|
|
| 5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
| 6 |
Author: Nsp Code
|
| 7 |
Author URI: http://www.nsp-code.com
|
| 8 |
-
Version: 1.6.0.
|
| 9 |
Text Domain: wp-hide-security-enhancer
|
| 10 |
Domain Path: /languages/
|
| 11 |
*/
|
| 5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
| 6 |
Author: Nsp Code
|
| 7 |
Author URI: http://www.nsp-code.com
|
| 8 |
+
Version: 1.6.0.8
|
| 9 |
Text Domain: wp-hide-security-enhancer
|
| 10 |
Domain Path: /languages/
|
| 11 |
*/
|
