WP Hide & Security Enhancer

Version Description

Improved Disable Developer Tools feature, by returning an empty page.
W3 Total Cache - implements support for Push CDN and custom folders
Compatibility fix with JCH Optimize.
Ignore invalid SSL certificate when testing rewrites, to allow local instances.
Fix: static to public functions for a2-optimized compatibility class.
Fix: use preg_match to ensure the HTML data is valid and avoid faulty code with multiple head tags.
Slight text changes within some options, for better explanations.

Release Info

Developer	nsp-code
Plugin	WP Hide & Security Enhancer
Version	1.8.5
Comparing to
See all releases

Code changes from version 1.8.3 to 1.8.5

Files changed (16) hide show

assets/css/graph.css +6 -4
assets/css/wph.css +22 -1
assets/js/devtools-detect.js +52 -0
assets/js/wph.js +37 -6
compatibility/a2-optimized.php +2 -2
compatibility/jch-optimize.php +55 -0
compatibility/w3-cache.php +25 -1
include/class.compatibility.php +1 -0
include/functions.class.php +3 -3
include/wph.class.php +2 -1
modules/components/general-emulate.php +41 -34
modules/components/general-robots-txt.php +3 -3
modules/components/general-user-interactions.php +37 -4
modules/components/security-check_headers.php +1 -1
readme.txt +11 -3
wp-hide.php +1 -1

assets/css/graph.css CHANGED Viewed

	@@ -1,8 +1,10 @@
1
2	- #wph-~~headers-~~graph { position: relative; background-color: #fdfcf7; padding: 20px; display: inline-block;}
3	.wph-graph-container{ width:400px; height:200px; position: relative; overflow: hidden; text-align: center; }
4	- .wph-graph-bg{ z-index: 1; position: absolute; background-color: rgba(~~255~~,~~215~~,~~186,.~~2); width: 400px; height: 200px; top: 0%; border-radius:250px 250px 0px 0px ;}
5	.wph-graph-text{ z-index: 3; position: absolute; width: 250px; height: 125px; top: 75px; margin-left: 75px; margin-right: auto; border-radius:250px 250px 0px 0px ; background-color: #fdfcf7;}
6	.wph-graph-progress{ z-index: 2; position: absolute; background-color: #229d51; width: 400px; height: 200px; top: 200px; margin-left: auto; margin-right: auto; border-radius:0px 0px 200px 200px ; transform-origin:center top; transition: all 1.3s ease-in-out; transform:rotate(0);}
7	- .wph-graph-data{ z-index: 4;color: #000;font-size: 1.5em;line-height: 25px;position: absolute;width: 400px;height: 50px;top: ~~150px~~;margin-left: auto;margin-right: auto;transition: all 1s ease-out;font-size: 24px;}
8	- ~~.wph-graph-data span { font-size: 14px}~~


1
2	+ #wph-graph { position: relative; background-color: #fdfcf7; padding: 20px; display: inline-block;}
3	.wph-graph-container{ width:400px; height:200px; position: relative; overflow: hidden; text-align: center; }
4	+ .wph-graph-bg{ z-index: 1; position: absolute; background-color: rgba(79, 39, 10, 0.2); width: 400px; height: 200px; top: 0%; border-radius:250px 250px 0px 0px ;}
5	.wph-graph-text{ z-index: 3; position: absolute; width: 250px; height: 125px; top: 75px; margin-left: 75px; margin-right: auto; border-radius:250px 250px 0px 0px ; background-color: #fdfcf7;}
6	.wph-graph-progress{ z-index: 2; position: absolute; background-color: #229d51; width: 400px; height: 200px; top: 200px; margin-left: auto; margin-right: auto; border-radius:0px 0px 200px 200px ; transform-origin:center top; transition: all 1.3s ease-in-out; transform:rotate(0);}
7	+ .wph-graph-data{ z-index: 4;color: #000;font-size: 1.5em;line-height: 25px;position: absolute;width: 400px;height: 50px;top: 130px;margin-left: auto;margin-right: auto;transition: all 1s ease-out;font-size: 24px;}
8	+
9	+ #security-scan #wph-graph{ background-color: transparent;}
10	+ #security-scan .wph-graph-text { background-color: #F9F9F9; }

assets/css/wph.css CHANGED Viewed

	@@ -27,6 +27,11 @@
27	#wph-check-headers {padding-top: 30px;}
28	#wph-check-headers .spinner {float: none}
29





30	.wph_input { border: 0 none; background: #fff; width: 50%; flex-shrink: 0;}
31
32	.wph_input .dashicons {overflow: hidden}
	@@ -188,6 +193,17 @@ table .wph_input tr td{}
188	.wph_input tbody tr td.param {width: 50%}
189	.conditional_rules .wph_input td.param{width: 40%}
190	.conditional_rules .wph_input td.comparison{width: 12%}











191
192	table .select.multiple {height: 82px}
193
	@@ -233,6 +249,7 @@ h2.subtitle {font-size: 15px; font-style: italic; font-weight: bold}
233	.start-container.title.info::before {font-size: 90px; content: "\f111";}
234	.start-container.title.test::before {font-size: 90px; content: "\f226";}
235	.start-container.title.help::before {font-size: 90px; content: "\f468";}

236
237	.container-description {padding-left: 35px; padding-bottom: 30px}
238	.container-description .highlight{background-color: #f8ff24;}
	@@ -243,11 +260,15 @@ h2.subtitle {font-size: 15px; font-style: italic; font-weight: bold}
243	.container-description p {}
244	.container-description.environment-notices img {margin-top: 10px}
245




246	@media screen and (max-width: 650px) {
247	#info_box {display: block; padding: 20px}
248	#info_box .image { text-align: center; width: 100%; max-width: 100%;}
249	#info_box .text span.split {width: 100%}
250	-
251	.wph-postbox {display: block}
252	.wph_help, .wph_input {width: 100%}
253


27	#wph-check-headers {padding-top: 30px;}
28	#wph-check-headers .spinner {float: none}
29
30	+ #security-scan .spinner {float: none}
31	+ #security-scan .item.processing {opacity: 0.3; pointer-events: none;-webkit-user-select: none; /* Safari / -ms-user-select: none; / IE 10 and IE 11 / user-select: none; / Standard syntax */;transition: opacity 0.5s linear; -webkit-transition: opacity 0.5s linear; -moz-transition: opacity 0.5s linear; }
32	+ #wph-site-scan-button {padding: 10px}
33	+
34	+
35	.wph_input { border: 0 none; background: #fff; width: 50%; flex-shrink: 0;}
36
37	.wph_input .dashicons {overflow: hidden}

193	.wph_input tbody tr td.param {width: 50%}
194	.conditional_rules .wph_input td.param{width: 40%}
195	.conditional_rules .wph_input td.comparison{width: 12%}
196	+
197	+ #security-scan .wph_input .row.cell.label {background-color: #FFF}
198	+ #security-scan .wph_input .label.issue_found {border-left: 4px solid #d63638;}
199	+ #security-scan .description code {padding: 0px}
200	+ #security-scan .dashicons-no {color: #d63638}
201	+ #security-scan .dashicons-yes {color: #229d51}
202	+ #security-scan .outdated_plugin {clear: both; width: 50%; display: inline-block;}
203	+ #security-scan .outdated_plugin .icon {max-height: 40px; max-width: 40px; float: left; margin-right: 10px}
204	+ #security-scan .actions {text-align: right}
205	+ #security-scan .actions .wph-pro { background-color: #f04d46; border-color: transparent; font-weight: bold}
206	+ #security-scan .actions .wph-pro:hover {background-color: #c83e38}
207
208	table .select.multiple {height: 82px}
209

249	.start-container.title.info::before {font-size: 90px; content: "\f111";}
250	.start-container.title.test::before {font-size: 90px; content: "\f226";}
251	.start-container.title.help::before {font-size: 90px; content: "\f468";}
252	+ .start-container.title.security_scan::before {font-size: 90px; content: "\f115";}
253
254	.container-description {padding-left: 35px; padding-bottom: 30px}
255	.container-description .highlight{background-color: #f8ff24;}

260	.container-description p {}
261	.container-description.environment-notices img {margin-top: 10px}
262
263	+ @media screen and (max-width: 960px) {
264	+ #security-scan .outdated_plugin {clear: both; width: 100%; display: inline-block;}
265	+ }
266	+
267	@media screen and (max-width: 650px) {
268	#info_box {display: block; padding: 20px}
269	#info_box .image { text-align: center; width: 100%; max-width: 100%;}
270	#info_box .text span.split {width: 100%}
271	+ #wph .wph-postbox {display: block}
272	.wph-postbox {display: block}
273	.wph_help, .wph_input {width: 100%}
274

assets/js/devtools-detect.js ADDED Viewed

	@@ -0,0 +1,52 @@


1	+ /*!
2	+ devtools-detect
3	+ https://github.com/sindresorhus/devtools-detect
4	+ By Sindre Sorhus
5	+ MIT License
6	+ */
7	+
8	+ const devtools = {
9	+ isOpen: false,
10	+ orientation: undefined,
11	+ };
12	+
13	+ const threshold = 160;
14	+
15	+ const emitEvent = (isOpen, orientation) => {
16	+ globalThis.dispatchEvent(new globalThis.CustomEvent('devtoolschange', {
17	+ detail: {
18	+ isOpen,
19	+ orientation,
20	+ },
21	+ }));
22	+ };
23	+
24	+ const main = ({emitEvents = true} = {}) => {
25	+ const widthThreshold = globalThis.outerWidth - globalThis.innerWidth > threshold;
26	+ const heightThreshold = globalThis.outerHeight - globalThis.innerHeight > threshold;
27	+ const orientation = widthThreshold ? 'vertical' : 'horizontal';
28	+
29	+ if (
30	+ !(heightThreshold && widthThreshold)
31	+ && ((globalThis.Firebug && globalThis.Firebug.chrome && globalThis.Firebug.chrome.isInitialized) \|\| widthThreshold \|\| heightThreshold)
32	+ ) {
33	+ if ((!devtools.isOpen \|\| devtools.orientation !== orientation) && emitEvents) {
34	+ emitEvent(true, orientation);
35	+ }
36	+
37	+ devtools.isOpen = true;
38	+ devtools.orientation = orientation;
39	+ } else {
40	+ if (devtools.isOpen && emitEvents) {
41	+ emitEvent(false, undefined);
42	+ }
43	+
44	+ devtools.isOpen = false;
45	+ devtools.orientation = undefined;
46	+ }
47	+ };
48	+
49	+ main({emitEvents: false});
50	+ setInterval(main, 300);
51	+
52	+ window.devtools = devtools;

assets/js/wph.js CHANGED Viewed

	@@ -83,8 +83,8 @@
83	jQuery('#wph-check-headers .spinner').css( 'visibility', 'visible');
84
85	jQuery('#wph-headers-container').html('');
86	- jQuery('#wph-~~headers-~~graph .wph-graph-data').html( 'Loading..' );
87	- jQuery('#wph-~~headers-~~graph .wph-graph-progress').css( 'transform', 'rotate(0deg)')
88
89	jQuery.ajax({
90	type: 'POST',
	@@ -97,14 +97,14 @@
97	success:function(data) {
98	jQuery('#wph-check-headers .spinner').css( 'visibility', 'hidden');
99	jQuery('#wph-headers-container').html( data.html );
100	- jQuery('#wph-~~headers-~~graph .wph-graph-data').html( data.graph.message );
101	- jQuery('#wph-~~headers-~~graph .wph-graph-progress').css( 'transform', 'rotate(' + data.graph.value +'deg)')
102	},
103	error: function(errorThrown){
104	jQuery('#wph-check-headers .spinner').css( 'visibility', 'hidden');
105	jQuery('#wph-headers-container').html( 'Unable to call AJAX.' );
106	- jQuery('#wph-~~headers-~~graph .wph-graph-data').html( data.graph.message );
107	- jQuery('#wph-~~headers-~~graph .wph-graph-progress').css( 'transform', 'rotate(' + data.graph.value + 'deg);')
108	}
109	});
110	}
	@@ -119,6 +119,37 @@
119	document.getElementById("wph-form").submit();
120
121	}































122
123	}
124


83	jQuery('#wph-check-headers .spinner').css( 'visibility', 'visible');
84
85	jQuery('#wph-headers-container').html('');
86	+ jQuery('#wph-graph .wph-graph-data').html( 'Loading..' );
87	+ jQuery('#wph-graph .wph-graph-progress').css( 'transform', 'rotate(0deg)')
88
89	jQuery.ajax({
90	type: 'POST',

97	success:function(data) {
98	jQuery('#wph-check-headers .spinner').css( 'visibility', 'hidden');
99	jQuery('#wph-headers-container').html( data.html );
100	+ jQuery('#wph-graph .wph-graph-data').html( data.graph.message );
101	+ jQuery('#wph-graph .wph-graph-progress').css( 'transform', 'rotate(' + data.graph.value +'deg)')
102	},
103	error: function(errorThrown){
104	jQuery('#wph-check-headers .spinner').css( 'visibility', 'hidden');
105	jQuery('#wph-headers-container').html( 'Unable to call AJAX.' );
106	+ jQuery('#wph-graph .wph-graph-data').html( data.graph.message );
107	+ jQuery('#wph-graph .wph-graph-progress').css( 'transform', 'rotate(' + data.graph.value + 'deg);')
108	}
109	});
110	}

119	document.getElementById("wph-form").submit();
120
121	}
122	+
123	+
124	+
125	+ site_scan( nonce )
126	+ {
127	+ jQuery('#security-scan .spinner').css( 'visibility', 'visible');
128	+ jQuery('#security-scan .wph-postbox.item').addClass('processing');
129	+
130	+ jQuery('#wph-graph .wph-graph-data').html( 'Loading..' );
131	+ jQuery('#wph-graph .wph-graph-progress').css( 'transform', 'rotate(0deg)')
132	+
133	+ jQuery.ajax({
134	+ type: 'POST',
135	+ url: ajaxurl,
136	+ dataType: "json",
137	+ data: {
138	+ 'action':'wph_check_headers',
139	+ 'nonce' : nonce
140	+ },
141	+ success:function(data) {
142	+ jQuery('#security-scan .spinner').css( 'visibility', 'hidden');
143	+ jQuery('#wph-graph .wph-graph-data').html( data.graph.message );
144	+ jQuery('#wph-graph .wph-graph-progress').css( 'transform', 'rotate(' + data.graph.value +'deg)')
145	+ },
146	+ error: function(errorThrown){
147	+ jQuery('#security-scan .spinner').css( 'visibility', 'hidden');
148	+ jQuery('#wph-graph .wph-graph-data').html( data.graph.message );
149	+ jQuery('#wph-graph .wph-graph-progress').css( 'transform', 'rotate(' + data.graph.value +'deg)')
150	+ }
151	+ });
152	+ }
153
154	}
155

compatibility/a2-optimized.php CHANGED Viewed

	@@ -26,7 +26,7 @@
26
27	}
28
29	- ~~static~~ function is_plugin_active()
30	{
31
32	include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
	@@ -37,7 +37,7 @@
37	return FALSE;
38	}
39
40	- ~~static~~ function proces_html_buffer( $buffer )
41	{
42
43	$buffer = $this->wph->ob_start_callback( $buffer );


26
27	}
28
29	+ function is_plugin_active()
30	{
31
32	include_once( ABSPATH . 'wp-admin/includes/plugin.php' );

37	return FALSE;
38	}
39
40	+ function proces_html_buffer( $buffer )
41	{
42
43	$buffer = $this->wph->ob_start_callback( $buffer );

compatibility/jch-optimize.php ADDED Viewed

	@@ -0,0 +1,55 @@


1	+ <?php
2	+
3	+
4	+ /**
5	+ * Compatibility : JCH Optimize
6	+ * Introduced at : 3.1
7	+ */
8	+
9	+ if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
10	+
11	+ class WPH_conflict_handle_jch_optimize
12	+ {
13	+
14	+ var $wph;
15	+
16	+ function __construct()
17	+ {
18	+ if( ! $this->is_plugin_active() )
19	+ return FALSE;
20	+
21	+ global $wph;
22	+
23	+ $this->wph = $wph;
24	+
25	+ add_filter( 'jch_optimize_save_content', array( $this, 'proces_html_buffer'), 999 );
26	+
27	+ }
28	+
29	+ function is_plugin_active()
30	+ {
31	+
32	+ include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
33	+
34	+ if(is_plugin_active( 'jch-optimize/jch-optimize.php' ))
35	+ return TRUE;
36	+ else
37	+ return FALSE;
38	+ }
39	+
40	+ function proces_html_buffer( $buffer )
41	+ {
42	+
43	+ $buffer = $this->wph->ob_start_callback( $buffer );
44	+
45	+ return $buffer;
46	+
47	+ }
48	+
49	+ }
50	+
51	+
52	+ new WPH_conflict_handle_jch_optimize();
53	+
54	+
55	+ ?>

compatibility/w3-cache.php CHANGED Viewed

@@ -16,7 +16,9 @@
                                 add_filter( 'w3tc_filename_to_url',                     array('WPH_conflict_handle_w3_cache', 'w3tc_filename_to_url') , -1);
-            -
                                add_filter( 'w3tc_minify_file_handler_minify_options',  array('WPH_conflict_handle_w3_cache', 'w3tc_minify_file_handler_minify_options') );
+                            }
                         static function is_plugin_active()
@@ -105,6 +107,28 @@
                                 return $content;
+                            }
+                    }


16
17	add_filter( 'w3tc_filename_to_url', array('WPH_conflict_handle_w3_cache', 'w3tc_filename_to_url') , -1);
18
19	+ add_filter( 'w3tc_minify_file_handler_minify_options', array('WPH_conflict_handle_w3_cache', 'w3tc_minify_file_handler_minify_options') );
20	+
21	+ add_filter( 'w3tc_uri_cdn_uri', array('WPH_conflict_handle_w3_cache', 'w3tc_uri_cdn_uri') );
22	}
23
24	static function is_plugin_active()

107	return $content;
108	}
109
110	+ static function w3tc_uri_cdn_uri( $remote_uri )
111	+ {
112	+ global $wph;
113	+
114	+ $replacement_list = $wph->functions->get_replacement_list();
115	+
116	+ $home_url = str_replace ( array('https:', 'http:'), "", get_home_url() );
117	+ $home_url = trim ( $home_url, '/' );
118	+ $home_url .= '/';
119	+
120	+ foreach ( $replacement_list as $replace => $replacement )
121	+ {
122	+ $_replace = str_replace ( array ( "http://", "https://", $home_url ) , "", $replace );
123	+ $_replacement = str_replace ( array ( "http://", "https://", $home_url ) , "", $replacement );
124	+ unset ( $replacement_list[$replace] );
125	+ $replacement_list[ $_replace ] = $_replacement;
126	+ }
127	+ $remote_uri = str_ireplace ( array_keys ( $replacement_list ), array_values ( $replacement_list ), $remote_uri );
128	+
129	+ return $remote_uri;
130	+ }
131	+
132	}
133
134

include/class.compatibility.php CHANGED Viewed

	@@ -86,6 +86,7 @@
86	include_once(WPH_PATH . 'compatibility/translatepress-multilingual.php');
87	include_once(WPH_PATH . 'compatibility/wp-cloudflare-page-cache.php');
88	include_once(WPH_PATH . 'compatibility/a2-optimized.php');

89
90	/**
91	* Themes


86	include_once(WPH_PATH . 'compatibility/translatepress-multilingual.php');
87	include_once(WPH_PATH . 'compatibility/wp-cloudflare-page-cache.php');
88	include_once(WPH_PATH . 'compatibility/a2-optimized.php');
89	+ include_once(WPH_PATH . 'compatibility/jch-optimize.php');
90
91	/**
92	* Themes

include/functions.class.php CHANGED Viewed

	@@ -1010,7 +1010,7 @@
1010	return TRUE;
1011
1012	$test_url = apply_filters( 'wp-hide/test_sample_rewrite/url', trailingslashit ( home_url() ) . 'rewrite_test_' . $this->wph->settings['write_check_string'] . '/' );
1013	- $response = wp_remote_get( $test_url );
1014
1015	$response_message = '';
1016	$messages['manual_check'] = __( "Make a fix or manually check the ", 'wp-hide-security-enhancer' ) . '<b><a target="_blank" href="' . $test_url . '">' . __( "Test URL", 'wp-hide-security-enhancer' ) . '</a></b>, '. __( "if the result is a JSON response (contains a name and description), the rewrites are working correctly on your site and you can", 'wp-hide-security-enhancer' ) .' <a href="' . $this->get_current_url() . '&wph_environment=ignore-rewrite-test">' . __( "Ignore", 'wp-hide-security-enhancer' ) . '</a> ' . __( "this notification", 'wp-hide-security-enhancer' ) .'<br />';
	@@ -1129,7 +1129,7 @@
1129	return TRUE;
1130
1131	$test_url = apply_filters( 'wp-hide/test_sample_rewrite/url', trailingslashit ( home_url() ) . 'rewrite_test_' . $this->wph->settings['write_check_string'] . '/' );
1132	- $response = wp_remote_get( $test_url );
1133
1134	$response_message = '';
1135	$messages['manual_check'] = __( "Make a fix and manually check the ", 'wp-hide-security-enhancer' ) . '<b><a target="_blank" href="' . $test_url . '">' . __( "Test URL", 'wp-hide-security-enhancer' ) . '</a>.</b>';
	@@ -1240,7 +1240,7 @@
1240	return TRUE;
1241
1242	$test_url = apply_filters( 'wp-hide/test_sample_rewrite/static_file_url', trailingslashit ( home_url() ) . 'rewrite_test_static_file_' . $this->wph->settings['write_check_string'] . '/' );
1243	- $response = wp_remote_get( $test_url );
1244
1245	$response_message = '';
1246	$messages['manual_check'] = __( "Make a fix or manually check the ", 'wp-hide-security-enhancer' ) . '<b><a target="_blank" href="' . $test_url . '">' . __( "Test URL", 'wp-hide-security-enhancer' ) . '</a></b>, '. __( "if the result is a JSON response (contains a name and description), the rewrites are working correctly on your site and you can", 'wp-hide-security-enhancer' ) .' <a href="' . $this->get_current_url() . '&wph_environment=ignore-rewrite-test">' . __( "Ignore", 'wp-hide-security-enhancer' ) . '</a> ' . __( "this notification", 'wp-hide-security-enhancer' ) .'<br />';


1010	return TRUE;
1011
1012	$test_url = apply_filters( 'wp-hide/test_sample_rewrite/url', trailingslashit ( home_url() ) . 'rewrite_test_' . $this->wph->settings['write_check_string'] . '/' );
1013	+ $response = wp_remote_get( $test_url, array( 'sslverify' => false, 'timeout' => 30 ) );
1014
1015	$response_message = '';
1016	$messages['manual_check'] = __( "Make a fix or manually check the ", 'wp-hide-security-enhancer' ) . '<b><a target="_blank" href="' . $test_url . '">' . __( "Test URL", 'wp-hide-security-enhancer' ) . '</a></b>, '. __( "if the result is a JSON response (contains a name and description), the rewrites are working correctly on your site and you can", 'wp-hide-security-enhancer' ) .' <a href="' . $this->get_current_url() . '&wph_environment=ignore-rewrite-test">' . __( "Ignore", 'wp-hide-security-enhancer' ) . '</a> ' . __( "this notification", 'wp-hide-security-enhancer' ) .'<br />';

1129	return TRUE;
1130
1131	$test_url = apply_filters( 'wp-hide/test_sample_rewrite/url', trailingslashit ( home_url() ) . 'rewrite_test_' . $this->wph->settings['write_check_string'] . '/' );
1132	+ $response = wp_remote_get( $test_url, array( 'sslverify' => false, 'timeout' => 30 ) );
1133
1134	$response_message = '';
1135	$messages['manual_check'] = __( "Make a fix and manually check the ", 'wp-hide-security-enhancer' ) . '<b><a target="_blank" href="' . $test_url . '">' . __( "Test URL", 'wp-hide-security-enhancer' ) . '</a>.</b>';

1240	return TRUE;
1241
1242	$test_url = apply_filters( 'wp-hide/test_sample_rewrite/static_file_url', trailingslashit ( home_url() ) . 'rewrite_test_static_file_' . $this->wph->settings['write_check_string'] . '/' );
1243	+ $response = wp_remote_get( $test_url, array( 'sslverify' => false, 'timeout' => 30 ) );
1244
1245	$response_message = '';
1246	$messages['manual_check'] = __( "Make a fix or manually check the ", 'wp-hide-security-enhancer' ) . '<b><a target="_blank" href="' . $test_url . '">' . __( "Test URL", 'wp-hide-security-enhancer' ) . '</a></b>, '. __( "if the result is a JSON response (contains a name and description), the rewrites are working correctly on your site and you can", 'wp-hide-security-enhancer' ) .' <a href="' . $this->get_current_url() . '&wph_environment=ignore-rewrite-test">' . __( "Ignore", 'wp-hide-security-enhancer' ) . '</a> ' . __( "this notification", 'wp-hide-security-enhancer' ) .'<br />';

include/wph.class.php CHANGED Viewed

	@@ -376,6 +376,7 @@
376	include_once(WPH_PATH . '/include/admin-interface.class.php');
377	include_once(WPH_PATH . '/include/admin-interfaces/setup.class.php');
378

379	$this->admin_interface = new WPH_interface();
380
381	$system_warning = FALSE;
	@@ -400,9 +401,9 @@
400
401	$setup_interface = new WPH_setup_interface();
402	$hookID = add_submenu_page( 'wp-hide', 'WP Hide', $menu_title, 'manage_options', 'wp-hide', array( $setup_interface,'_render' ) );
403	-
404	add_action('admin_print_styles-' . $hookID , array($setup_interface, 'admin_print_styles'));
405	add_action('admin_print_scripts-' . $hookID , array($setup_interface, 'admin_print_scripts'));

406
407	foreach($this->modules as $module)
408	{


376	include_once(WPH_PATH . '/include/admin-interface.class.php');
377	include_once(WPH_PATH . '/include/admin-interfaces/setup.class.php');
378
379	+
380	$this->admin_interface = new WPH_interface();
381
382	$system_warning = FALSE;

401
402	$setup_interface = new WPH_setup_interface();
403	$hookID = add_submenu_page( 'wp-hide', 'WP Hide', $menu_title, 'manage_options', 'wp-hide', array( $setup_interface,'_render' ) );

404	add_action('admin_print_styles-' . $hookID , array($setup_interface, 'admin_print_styles'));
405	add_action('admin_print_scripts-' . $hookID , array($setup_interface, 'admin_print_scripts'));
406	+
407
408	foreach($this->modules as $module)
409	{

modules/components/general-emulate.php CHANGED Viewed

	@@ -69,8 +69,13 @@
69	function emulate_cms_meta( $buffer )
70	{
71	//ensure this is a html content
72	- if ( ~~stripos~~( $buffer, '~~<head~~' ) ~~===~~ ~~FALSE~~ )
73	return $buffer;





74
75	$emulate_cms = $this->wph->functions->get_module_item_setting('emulate_cms');
76	switch ( $emulate_cms )
	@@ -79,54 +84,54 @@
79	$headers = '<meta name="Generator" content="Drupal 8 (https://www.drupal.org)" />' . "\n" .
80	'<meta name="MobileOptimized" content="width" />' . "\n" .
81	'<meta name="HandheldFriendly" content="true" />';
82	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
83	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
84	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
85	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
86	break;
87
88	case "drupal_9":
89	$headers = '<meta name="Generator" content="Drupal 9 (https://www.drupal.org)" />' . "\n" .
90	'<meta name="MobileOptimized" content="width" />' . "\n" .
91	'<meta name="HandheldFriendly" content="true" />';
92	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
93	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
94	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
95	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
96	break;
97
98	case "ghost_4_15":
99	$headers = '<meta name="generator" content="Ghost 4.15" />';
100	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
101	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
102	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
103	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
104	break;
105
106	case "ghost_4_31":
107	$headers = '<meta name="generator" content="Ghost 4.31" />';
108	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
109	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
110	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
111	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
112	break;
113
114	case "hubspot":
115	$headers = '<meta name="generator" content="HubSpot" />';
116	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
117	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
118	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
119	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
120	break;
121
122	case "joomla":
123	$headers = '<meta name="generator" content="Joomla! - Open Source Content Management" />';
124	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
125	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
126	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
127	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
128
129	- $~~buffer~~ = $~~buffer~~ . "\n" . '<!-- URL Normalizer (by JoomlaWorks) -->';
130	break;
131
132	case "typo3":
	@@ -137,23 +142,25 @@
137	TYPO3 is copyright 1998-2021 of Kasper Skaarhoj. Extensions are copyright of their respective owners.
138	Information and contribution at https://typo3.org/
139	-->';
140	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
141	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
142	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
143	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
144
145	break;
146
147	case "wix":
148	$headers = '<meta name="generator" content="Wix.com Website Builder" />';
149	- if ( stripos ( $~~buffer~~, '<meta' ) !== FALSE )
150	- $~~buffer~~ = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $~~buffer~~, 1 );
151	- else if ( stripos ( $~~buffer~~, '<head' ) !== FALSE )
152	- $~~buffer~~ = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $~~buffer~~, 1 );
153	break;
154
155	}
156


157
158	return $buffer;
159


69	function emulate_cms_meta( $buffer )
70	{
71	//ensure this is a html content
72	+ if ( preg_match ( '/<[\/\s]?head/', $buffer ) !== 1 \|\| preg_match ( '/<[\/\s]?body/', $buffer ) !== 1 )
73	return $buffer;
74	+
75	+ $data_split = preg_split('/<body/i', $buffer );
76	+ $header_content = $data_split[0];
77	+ unset ( $data_split[0] );
78	+ $body_content = implode ( '<body', $data_split);
79
80	$emulate_cms = $this->wph->functions->get_module_item_setting('emulate_cms');
81	switch ( $emulate_cms )

84	$headers = '<meta name="Generator" content="Drupal 8 (https://www.drupal.org)" />' . "\n" .
85	'<meta name="MobileOptimized" content="width" />' . "\n" .
86	'<meta name="HandheldFriendly" content="true" />';
87	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
88	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
89	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
90	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
91	break;
92
93	case "drupal_9":
94	$headers = '<meta name="Generator" content="Drupal 9 (https://www.drupal.org)" />' . "\n" .
95	'<meta name="MobileOptimized" content="width" />' . "\n" .
96	'<meta name="HandheldFriendly" content="true" />';
97	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
98	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
99	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
100	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
101	break;
102
103	case "ghost_4_15":
104	$headers = '<meta name="generator" content="Ghost 4.15" />';
105	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
106	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
107	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
108	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
109	break;
110
111	case "ghost_4_31":
112	$headers = '<meta name="generator" content="Ghost 4.31" />';
113	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
114	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
115	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
116	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
117	break;
118
119	case "hubspot":
120	$headers = '<meta name="generator" content="HubSpot" />';
121	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
122	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
123	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
124	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
125	break;
126
127	case "joomla":
128	$headers = '<meta name="generator" content="Joomla! - Open Source Content Management" />';
129	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
130	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
131	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
132	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
133
134	+ $header_content = $header_content . "\n" . '<!-- URL Normalizer (by JoomlaWorks) -->';
135	break;
136
137	case "typo3":

142	TYPO3 is copyright 1998-2021 of Kasper Skaarhoj. Extensions are copyright of their respective owners.
143	Information and contribution at https://typo3.org/
144	-->';
145	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
146	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
147	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
148	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
149
150	break;
151
152	case "wix":
153	$headers = '<meta name="generator" content="Wix.com Website Builder" />';
154	+ if ( stripos ( $header_content, '<meta' ) !== FALSE )
155	+ $header_content = preg_replace( '/(<meta[^>]*>)/i', $headers . "\n" . '$1', $header_content, 1 );
156	+ else if ( stripos ( $header_content, '<head' ) !== FALSE )
157	+ $header_content = preg_replace( '/(<head[^>]*>)/is', '$1' . "\n" . $headers , $header_content, 1 );
158	break;
159
160	}
161
162	+
163	+ $buffer = $header_content . '<body' . $body_content;
164
165	return $buffer;
166

modules/components/general-robots-txt.php CHANGED Viewed

	@@ -13,11 +13,11 @@
13	{
14	$this->module_settings[] = array(
15	'id' => 'disable_robots_txt',
16	- 'label' => __('~~Disable~~ ~~admin~~ ~~url~~ within Robots.txt', 'wp-hide-security-enhancer'),
17	- 'description' => __('~~Disable~~ any ~~admin~~ url which is being automatically generated by WordPress when called robots.txt.', 'wp-hide-security-enhancer'),
18
19	'help' => array(
20	- 'title' => __('Help', 'wp-hide-security-enhancer') . ' - ' . __('~~Disable~~ ~~admin~~ ~~url~~ within Robots.txt', 'wp-hide-security-enhancer'),
21	'description' => __("The robots.txt file plays a major role in search engine ranking. It blocks search engine bots and helps index and crawl important parts of your site.", 'wp-hide-security-enhancer') .
22	"<br /><br />" . __("As default the robots.txt also includes an allow clause to admin URL and admin-ajax.php url. Once customized those areas, the new slugs might not want to be show to anyone. Turn this option to Yes removed any reference to new wp-admin and admin-ajax.php.", 'wp-hide-security-enhancer') .
23	"<br/><br />" . __("Sample robots.txt url:" , 'wp-hide-security-enhancer') .


13	{
14	$this->module_settings[] = array(
15	'id' => 'disable_robots_txt',
16	+ 'label' => __('Change the default urls within Robots.txt', 'wp-hide-security-enhancer'),
17	+ 'description' => __('Change any default url which is being automatically generated by WordPress when called robots.txt.', 'wp-hide-security-enhancer'),
18
19	'help' => array(
20	+ 'title' => __('Help', 'wp-hide-security-enhancer') . ' - ' . __('Change the default urls within Robots.txt', 'wp-hide-security-enhancer'),
21	'description' => __("The robots.txt file plays a major role in search engine ranking. It blocks search engine bots and helps index and crawl important parts of your site.", 'wp-hide-security-enhancer') .
22	"<br /><br />" . __("As default the robots.txt also includes an allow clause to admin URL and admin-ajax.php url. Once customized those areas, the new slugs might not want to be show to anyone. Turn this option to Yes removed any reference to new wp-admin and admin-ajax.php.", 'wp-hide-security-enhancer') .
23	"<br/><br />" . __("Sample robots.txt url:" , 'wp-hide-security-enhancer') .

modules/components/general-user-interactions.php CHANGED Viewed

@@ -140,7 +140,7 @@
                                                                                 'help'          =>  array(
                                                                                                             'title'                     =>  __('Help',    'wp-hide-security-enhancer') . ' - ' . __('Disable Developer Tools',    'wp-hide-security-enhancer'),
                                                                                                             'description'               =>  __("Every modern web browser includes a powerful tool called Developer Tools. Through the application, a user can inspect currently-loaded HTML, CSS and JavaScript.",    'wp-hide-security-enhancer') .
-            -
                                                                                                                                            "<br />" . __("To prevent the user from deeply checking into your site architecture, the functionality can be disabled using this option. ",    'wp-hide-security-enhancer'),
                                                                                                             'option_documentation_url'  =>  'https://wp-hide.com/documentation/user-interactions/'
                                                                                                             ),
@@ -207,12 +207,25 @@
                         function _init_disable_mouse_right_click( $saved_field_data )
+                            {
-            -
-            -
                                add_filter( 'wp_footer' , array ( $this,  'disable_right_mouse_click' ) );
+                            }
-            -
                        function disable_right_mouse_click()
+                            {
                                 $disable_mouse_right_click  =   $this->wph->functions->get_module_item_setting('disable_mouse_right_click');
@@ -315,6 +328,26 @@
                                         <?php } ?>
                                         });
                                 </script>
                                 <?php


140	'help' => array(
141	'title' => __('Help', 'wp-hide-security-enhancer') . ' - ' . __('Disable Developer Tools', 'wp-hide-security-enhancer'),
142	'description' => __("Every modern web browser includes a powerful tool called Developer Tools. Through the application, a user can inspect currently-loaded HTML, CSS and JavaScript.", 'wp-hide-security-enhancer') .
143	+ "<br />" . __("To prevent the user from deeply checking into your site architecture, the browser Inspect can be disabled through this option. ", 'wp-hide-security-enhancer'),
144	'option_documentation_url' => 'https://wp-hide.com/documentation/user-interactions/'
145	),
146

207
208	function _init_disable_mouse_right_click( $saved_field_data )
209	{
210	+ add_action( 'wp_enqueue_scripts', array ( $this, 'wp_enqueue_scripts' ) );
211	+ add_filter( 'wp_footer', array ( $this, 'output_footer_js' ) );
212	}
213
214	+
215	+ function wp_enqueue_scripts()
216	+ {
217	+
218	+ $disable_developer_tools = $this->wph->functions->get_module_item_setting('disable_developer_tools');
219	+
220	+ if ( $disable_developer_tools == 'no')
221	+ return;
222	+
223	+ wp_register_script('devtools-detect', WPH_URL . '/assets/js/devtools-detect.js');
224	+ wp_enqueue_script ( 'devtools-detect' );
225	+
226	+ }
227
228	+ function output_footer_js()
229	{
230
231	$disable_mouse_right_click = $this->wph->functions->get_module_item_setting('disable_mouse_right_click');

328	<?php } ?>
329
330	});
331	+
332	+
333	+ <?php if ( $disable_developer_tools == 'yes' ) { ?>
334	+
335	+ if ( window.devtools.isOpen )
336	+ DevToolsIsOpen();
337	+
338	+ window.addEventListener('devtoolschange', event => {
339	+
340	+ if ( event.detail.isOpen )
341	+ DevToolsIsOpen();
342	+ });
343	+
344	+ function DevToolsIsOpen()
345	+ {
346	+ var doc_html = document.getElementsByTagName("html")[0];
347	+ doc_html.innerHTML = 'Inspector is disabled.';
348	+ }
349	+
350	+ <?php } ?>
351
352	</script>
353	<?php

modules/components/security-check_headers.php CHANGED Viewed

	@@ -146,7 +146,7 @@
146	<h4><?php _e( 'The current protection level is', 'wp-hide-security-enhancer') ?></h4>
147	<br />
148	<link rel="stylesheet" href="<?php echo WPH_URL; ?>/assets/css/graph.css" />
149	- <div id="wph-~~headers-~~graph">
150	<div class="wph-graph-container">
151	<div class="wph-graph-bg"></div>
152	<div class="wph-graph-text"></div>


146	<h4><?php _e( 'The current protection level is', 'wp-hide-security-enhancer') ?></h4>
147	<br />
148	<link rel="stylesheet" href="<?php echo WPH_URL; ?>/assets/css/graph.css" />
149	+ <div id="wph-graph">
150	<div class="wph-graph-container">
151	<div class="wph-graph-bg"></div>
152	<div class="wph-graph-text"></div>

readme.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: nsp-code, tdgu
3	Donate link: https://www.nsp-code.com/
4	Tags: wordpress hide, hide, security, secuirty headers, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
5	Requires at least: 2.8
6	- Tested up to: 6.0.2
7	- Stable tag: 1.8.3
8	License: GPLv2 or later
9
10	Hide WordPress, wp-content, wp-includes, wp-admin, login URL, plugins, themes etc. Block the default URLs. Security Headers etc.
	@@ -387,6 +387,15 @@ Please get in touch with us and we’ll do our best to include it inthe next ver
387
388	== Changelog ==
389









390	= 1.8.3 =
391	* New options interface - User Interactions: Disable Mouse right click, Disable Text Selection, Disable Copy / Paste, Disable Print, Disable Print Screen, Disable Developer Tools, Disable View Source, Disable Drag / Drop
392	* Better accessibility for additional details regarding each of the options.
	@@ -395,7 +404,6 @@ Please get in touch with us and we’ll do our best to include it inthe next ver
395	* WordPress 6.0.2 tag compatibility update
396	* Fix CDN option external help page URL.
397
398	-
399	= 1.8.1 =
400	* Improved server environment rewrite test checking routines.
401	* Separate rewrite tests for static files and PHP files. This avoids reporting issues for servers not supporting rewrites for php-files.


3	Donate link: https://www.nsp-code.com/
4	Tags: wordpress hide, hide, security, secuirty headers, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
5	Requires at least: 2.8
6	+ Tested up to: 6.0.3
7	+ Stable tag: 1.8.5
8	License: GPLv2 or later
9
10	Hide WordPress, wp-content, wp-includes, wp-admin, login URL, plugins, themes etc. Block the default URLs. Security Headers etc.

387
388	== Changelog ==
389
390	+ = 1.8.5 =
391	+ * Improved Disable Developer Tools feature, by returning an empty page.
392	+ * W3 Total Cache - implements support for Push CDN and custom folders
393	+ * Compatibility fix with JCH Optimize.
394	+ * Ignore invalid SSL certificate when testing rewrites, to allow local instances.
395	+ * Fix: static to public functions for a2-optimized compatibility class.
396	+ * Fix: use preg_match to ensure the HTML data is valid and avoid faulty code with multiple head tags.
397	+ * Slight text changes within some options, for better explanations.
398	+
399	= 1.8.3 =
400	* New options interface - User Interactions: Disable Mouse right click, Disable Text Selection, Disable Copy / Paste, Disable Print, Disable Print Screen, Disable Developer Tools, Disable View Source, Disable Drag / Drop
401	* Better accessibility for additional details regarding each of the options.

404	* WordPress 6.0.2 tag compatibility update
405	* Fix CDN option external help page URL.
406

407	= 1.8.1 =
408	* Improved server environment rewrite test checking routines.
409	* Separate rewrite tests for static files and PHP files. This avoids reporting issues for servers not supporting rewrites for php-files.

wp-hide.php CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: https://wp-hide.com/
5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	- Version: 1.8.3
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/


5	Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
6	Author: Nsp Code
7	Author URI: http://www.nsp-code.com
8	+ Version: 1.8.5
9	Text Domain: wp-hide-security-enhancer
10	Domain Path: /languages/
11	*/

WP Hide & Security Enhancer - Version 1.8.5

Version Description

Release Info

Code changes from version 1.8.3 to 1.8.5