Version Description
- Avoid using domain name as replacement for any option, or might conclude to wrong replacements within the outputted HTML or wrong reversed urls.
- Add system reserved words as 'wp', 'admin', 'admin-ajax.php'
- Slight General code improvements
- Clean cookie for the new custom slug, if set.
- Integration with WP-Optimize - Clean, Compress, Cache
Download this release
Release Info
Developer | nsp-code |
Plugin | WP Hide & Security Enhancer |
Version | 1.6.0.8 |
Comparing to | |
See all releases |
Code changes from version 1.6.0.6 to 1.6.0.8
- compatibility/wp-optimize.php +52 -0
- include/class.compatibility.php +3 -0
- include/functions.class.php +35 -9
- modules/components/admin-admin_url.php +15 -5
- readme.txt +8 -1
- wp-hide.php +1 -1
compatibility/wp-optimize.php
ADDED
@@ -0,0 +1,52 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
/**
|
4 |
+
* Compatibility for Plugin Name: WP-Optimize - Clean, Compress, Cache
|
5 |
+
* Compatibility checked on Version: 3.0.11
|
6 |
+
*/
|
7 |
+
|
8 |
+
if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
|
9 |
+
|
10 |
+
class WPH_conflict_handle_wp_optimize
|
11 |
+
{
|
12 |
+
|
13 |
+
var $wph;
|
14 |
+
|
15 |
+
function __construct()
|
16 |
+
{
|
17 |
+
if( ! $this->is_plugin_active())
|
18 |
+
return FALSE;
|
19 |
+
|
20 |
+
global $wph;
|
21 |
+
|
22 |
+
$this->wph = $wph;
|
23 |
+
|
24 |
+
add_filter( 'wpo_pre_cache_buffer', array( $this , 'wpo_pre_cache_buffer' ), 99, 2 );
|
25 |
+
}
|
26 |
+
|
27 |
+
static function is_plugin_active()
|
28 |
+
{
|
29 |
+
|
30 |
+
include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
|
31 |
+
|
32 |
+
if(is_plugin_active( 'wp-optimize/wp-optimize.php' ))
|
33 |
+
return TRUE;
|
34 |
+
else
|
35 |
+
return FALSE;
|
36 |
+
}
|
37 |
+
|
38 |
+
function wpo_pre_cache_buffer( $buffer, $flags )
|
39 |
+
{
|
40 |
+
|
41 |
+
$buffer = $this->wph->ob_start_callback( $buffer );
|
42 |
+
|
43 |
+
return $buffer;
|
44 |
+
|
45 |
+
}
|
46 |
+
|
47 |
+
}
|
48 |
+
|
49 |
+
new WPH_conflict_handle_wp_optimize();
|
50 |
+
|
51 |
+
|
52 |
+
?>
|
include/class.compatibility.php
CHANGED
@@ -121,6 +121,9 @@
|
|
121 |
//WP Job Manager
|
122 |
include_once(WPH_PATH . 'compatibility/wp-job-manager.php');
|
123 |
|
|
|
|
|
|
|
124 |
/**
|
125 |
* Themes
|
126 |
*/
|
121 |
//WP Job Manager
|
122 |
include_once(WPH_PATH . 'compatibility/wp-job-manager.php');
|
123 |
|
124 |
+
//WP-Optimize - Clean, Compress, Cache
|
125 |
+
include_once(WPH_PATH . 'compatibility/wp-optimize.php');
|
126 |
+
|
127 |
/**
|
128 |
* Themes
|
129 |
*/
|
include/functions.class.php
CHANGED
@@ -252,10 +252,17 @@
|
|
252 |
|
253 |
$_settings_for_regex[ $field_name ] = $parts[0];
|
254 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
255 |
|
256 |
-
$
|
257 |
-
|
258 |
-
|
259 |
|
260 |
//clean the just updated fields within main settings array
|
261 |
foreach($unique_require_updated_settings as $field_name => $data)
|
@@ -301,15 +308,32 @@
|
|
301 |
//put the value back
|
302 |
$_settings_[ $field_name ] = $data['value'];
|
303 |
|
|
|
|
|
304 |
//check for reserved value
|
305 |
-
|
306 |
{
|
307 |
-
$
|
308 |
-
|
309 |
-
|
310 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
311 |
}
|
312 |
-
|
313 |
}
|
314 |
|
315 |
|
@@ -859,6 +883,7 @@
|
|
859 |
|
860 |
/**
|
861 |
* Return rewrite base
|
|
|
862 |
*
|
863 |
*/
|
864 |
function get_rewrite_base( $saved_field_data, $left_slash = TRUE, $right_slash = TRUE )
|
@@ -1567,6 +1592,7 @@
|
|
1567 |
}
|
1568 |
|
1569 |
//check for url encoded urls
|
|
|
1570 |
foreach( $_relative_domain_url_replacements_dq as $old_url => $new_url )
|
1571 |
{
|
1572 |
/*
|
252 |
|
253 |
$_settings_for_regex[ $field_name ] = $parts[0];
|
254 |
}
|
255 |
+
|
256 |
+
|
257 |
+
$reserved_values = array(
|
258 |
+
'wp' => __('is a system reserved.', 'wp-hide-security-enhancer'),
|
259 |
+
'admin' => __('is a system reserved.', 'wp-hide-security-enhancer'),
|
260 |
+
'admin-ajax.php' => __('is a system reserved.', 'wp-hide-security-enhancer')
|
261 |
+
);
|
262 |
|
263 |
+
$domain_parsed = parse_url ( home_url() ) ;
|
264 |
+
$domain_parsed_host_parts = explode ( "." , $domain_parsed['host'] );
|
265 |
+
$reserved_values[$domain_parsed_host_parts[0]] = __('is similar to domain name.', 'wp-hide-security-enhancer');
|
266 |
|
267 |
//clean the just updated fields within main settings array
|
268 |
foreach($unique_require_updated_settings as $field_name => $data)
|
308 |
//put the value back
|
309 |
$_settings_[ $field_name ] = $data['value'];
|
310 |
|
311 |
+
$_reserved_values = $reserved_values;
|
312 |
+
|
313 |
//check for reserved value
|
314 |
+
foreach ( $_reserved_values as $reserved_value => $error_description )
|
315 |
{
|
316 |
+
if( stripos( $reserved_value, $data['value'] ) === 0 )
|
317 |
+
{
|
318 |
+
$errors = TRUE;
|
319 |
+
$process_interface_save_errors[] = array( 'type' => 'error',
|
320 |
+
'message' => __('Value', 'wp-hide-security-enhancer') . ' <b>' . $data['value'] .'</b> ' . __('set for', 'wp-hide-security-enhancer') . ' ' . __($data['module_name'], 'wp-hide-security-enhancer') . ' ' . $error_description
|
321 |
+
);
|
322 |
+
continue;
|
323 |
+
}
|
324 |
+
|
325 |
+
if( stripos( $data['value'], $reserved_value ) === 0 )
|
326 |
+
{
|
327 |
+
$errors = TRUE;
|
328 |
+
$process_interface_save_errors[] = array( 'type' => 'error',
|
329 |
+
'message' => __('Value', 'wp-hide-security-enhancer') . ' <b>' . $data['value'] .'</b> ' . __('set for', 'wp-hide-security-enhancer') . ' ' . __($data['module_name'], 'wp-hide-security-enhancer') . ' ' . $error_description
|
330 |
+
);
|
331 |
+
|
332 |
+
}
|
333 |
+
|
334 |
+
|
335 |
}
|
336 |
+
|
337 |
}
|
338 |
|
339 |
|
883 |
|
884 |
/**
|
885 |
* Return rewrite base
|
886 |
+
*
|
887 |
*
|
888 |
*/
|
889 |
function get_rewrite_base( $saved_field_data, $left_slash = TRUE, $right_slash = TRUE )
|
1592 |
}
|
1593 |
|
1594 |
//check for url encoded urls
|
1595 |
+
//Be aware !! if use a slug similar to domain or part of it, it will do wrong replacement.
|
1596 |
foreach( $_relative_domain_url_replacements_dq as $old_url => $new_url )
|
1597 |
{
|
1598 |
/*
|
modules/components/admin-admin_url.php
CHANGED
@@ -86,6 +86,7 @@
|
|
86 |
$this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-admin' , trailingslashit( home_url() ) . $saved_field_data );
|
87 |
|
88 |
add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
|
|
|
89 |
|
90 |
//make sure the admin url redirect url is updated when updating WordPress Core
|
91 |
add_filter('user_admin_url', array($this, 'wp_core_update_user_admin_url'), 999, 2);
|
@@ -180,12 +181,21 @@
|
|
180 |
$sitecookiepath = '/';
|
181 |
|
182 |
setcookie($auth_cookie_name, $auth_cookie, $expire, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN, $secure, true);
|
183 |
-
|
184 |
-
|
185 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
186 |
|
187 |
-
|
188 |
-
|
|
|
189 |
}
|
190 |
|
191 |
|
86 |
$this->wph->functions->add_replacement( trailingslashit( site_url() ) . 'wp-admin' , trailingslashit( home_url() ) . $saved_field_data );
|
87 |
|
88 |
add_action('set_auth_cookie', array($this,'set_auth_cookie'), 999, 5);
|
89 |
+
add_action('wp_logout', array($this,'wp_logout'), 999, 5);
|
90 |
|
91 |
//make sure the admin url redirect url is updated when updating WordPress Core
|
92 |
add_filter('user_admin_url', array($this, 'wp_core_update_user_admin_url'), 999, 2);
|
181 |
$sitecookiepath = '/';
|
182 |
|
183 |
setcookie($auth_cookie_name, $auth_cookie, $expire, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN, $secure, true);
|
184 |
+
|
185 |
+
}
|
186 |
+
|
187 |
+
|
188 |
+
function wp_logout()
|
189 |
+
{
|
190 |
+
$new_admin_url = $this->wph->functions->get_module_item_setting( 'admin_url' );
|
191 |
+
|
192 |
+
$sitecookiepath = empty($this->wph->default_variables['wordpress_directory']) ? SITECOOKIEPATH : rtrim(SITECOOKIEPATH, trailingslashit($this->wph->default_variables['wordpress_directory']));
|
193 |
+
if (empty ($sitecookiepath))
|
194 |
+
$sitecookiepath = '/';
|
195 |
|
196 |
+
setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN );
|
197 |
+
setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, $sitecookiepath . $new_admin_url, COOKIE_DOMAIN );
|
198 |
+
|
199 |
}
|
200 |
|
201 |
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.nsp-code.com/
|
|
4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 5.4.2
|
7 |
-
Stable tag: 1.6.0.
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
|
@@ -344,6 +344,13 @@ Please get in touch with us and we'll do our best to include it for a next versi
|
|
344 |
|
345 |
== Changelog ==
|
346 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
347 |
= 1.6.0.6 =
|
348 |
* WP Job Manager - compatibility update
|
349 |
|
4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 5.4.2
|
7 |
+
Stable tag: 1.6.0.8
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
|
344 |
|
345 |
== Changelog ==
|
346 |
|
347 |
+
= 1.6.0.8 =
|
348 |
+
* Avoid using domain name as replacement for any option, or might conclude to wrong replacements within the outputted HTML or wrong reversed urls.
|
349 |
+
* Add system reserved words as 'wp', 'admin', 'admin-ajax.php'
|
350 |
+
* Slight General code improvements
|
351 |
+
* Clean cookie for the new custom slug, if set.
|
352 |
+
* Integration with WP-Optimize - Clean, Compress, Cache
|
353 |
+
|
354 |
= 1.6.0.6 =
|
355 |
* WP Job Manager - compatibility update
|
356 |
|
wp-hide.php
CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://www.wp-hide.com/
|
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
-
Version: 1.6.0.
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
+
Version: 1.6.0.8
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|