Version Description
- ADDED: Localization capabilities. All we need now are translators! Go here to get started.
- ADDED: Option to mask the WordPress version so the real version is never publicly visible.
Download this release
Release Info
Developer | paultgoodchild |
Plugin | Shield Security for WordPress |
Version | 2.0.0 |
Comparing to | |
See all releases |
Code changes from version 1.9.2 to 2.0.0
- icwp-wpsf.php +113 -22
- readme.txt +6 -1
- src/icwp-optionshandler-autoupdates.php +37 -37
- src/icwp-optionshandler-commentsfilter.php +39 -34
- src/icwp-optionshandler-firewall.php +66 -49
- src/icwp-optionshandler-lockdown.php +34 -14
- src/icwp-optionshandler-loginprotect.php +25 -24
- src/icwp-optionshandler-wpsf.php +41 -43
- src/icwp-plugins-base.php +1 -12
- src/icwp-processor-lockdown.php +17 -0
- views/icwp_options_helper.php +3 -2
- views/icwp_wpsf_access_key_request_index.php +7 -7
- views/icwp_wpsf_config_autoupdates_index.php +2 -2
- views/icwp_wpsf_config_comments_filter_index.php +2 -2
- views/icwp_wpsf_config_firewall_index.php +4 -4
- views/icwp_wpsf_config_lockdown_index.php +2 -2
- views/icwp_wpsf_config_login_protect_index.php +2 -2
- views/icwp_wpsf_firewall_log_index.php +14 -14
- views/icwp_wpsf_index.php +108 -62
icwp-wpsf.php
CHANGED
@@ -1,12 +1,13 @@
|
|
1 |
<?php
|
2 |
/*
|
3 |
-
Plugin Name: WordPress Simple Firewall
|
4 |
-
Plugin URI: http://icwp.io/2f
|
5 |
-
Description: A Simple WordPress Firewall
|
6 |
-
Version:
|
7 |
-
|
8 |
-
Author
|
9 |
-
|
|
|
10 |
|
11 |
/**
|
12 |
* Copyright (c) 2013 iControlWP <support@icontrolwp.com>
|
@@ -32,6 +33,17 @@ Author URI: http://icwp.io/2e
|
|
32 |
require_once( dirname(__FILE__).'/src/icwp-plugins-base.php' );
|
33 |
require_once( dirname(__FILE__).'/src/icwp-data-processor.php' );
|
34 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
35 |
if ( !class_exists('ICWP_Wordpress_Simple_Firewall') ):
|
36 |
|
37 |
class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
@@ -44,7 +56,7 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
44 |
* Should be updated each new release.
|
45 |
* @var string
|
46 |
*/
|
47 |
-
static public $VERSION = '
|
48 |
|
49 |
/**
|
50 |
* @var ICWP_OptionsHandler_Wpsf
|
@@ -163,6 +175,13 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
163 |
}
|
164 |
}
|
165 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
166 |
public function removePluginConflicts() {
|
167 |
if ( class_exists('AIO_WP_Security') && isset( $GLOBALS['aio_wp_security'] ) ) {
|
168 |
remove_action( 'init', array( $GLOBALS['aio_wp_security'], 'wp_security_plugin_init'), 0 );
|
@@ -551,12 +570,12 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
551 |
|
552 |
$this->m_aPluginMenu = array(
|
553 |
//Menu Page Title => Menu Item name, page ID (slug), callback function for this page - i.e. what to do/load.
|
554 |
-
$this->getSubmenuPageTitle( 'Firewall' )
|
555 |
-
$this->getSubmenuPageTitle( 'Login Protect' )
|
556 |
-
$this->getSubmenuPageTitle( 'Comments Filter' )
|
557 |
-
$this->getSubmenuPageTitle( 'Lockdown' )
|
558 |
-
$this->getSubmenuPageTitle( 'Auto Updates' )
|
559 |
-
$this->getSubmenuPageTitle( 'Log' )
|
560 |
);
|
561 |
}
|
562 |
|
@@ -622,6 +641,10 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
622 |
wp_redirect( admin_url( $_POST['redirect_page'] ) );
|
623 |
}
|
624 |
}
|
|
|
|
|
|
|
|
|
625 |
}
|
626 |
|
627 |
/**
|
@@ -629,8 +652,26 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
629 |
*
|
630 |
* @param unknown_type $innId
|
631 |
*/
|
632 |
-
protected function updateVersionUserMeta( $innId =
|
633 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
634 |
$oCurrentUser = wp_get_current_user();
|
635 |
if ( !($oCurrentUser instanceof WP_User) ) {
|
636 |
return;
|
@@ -640,7 +681,7 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
640 |
else {
|
641 |
$nUserId = $innId;
|
642 |
}
|
643 |
-
update_user_meta( $nUserId, self::OptionPrefix
|
644 |
}
|
645 |
|
646 |
public function onWpAdminNotices() {
|
@@ -654,6 +695,10 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
654 |
if ( $this->hasPermissionToView() ) {
|
655 |
$this->adminNoticeVersionUpgrade();
|
656 |
}
|
|
|
|
|
|
|
|
|
657 |
}
|
658 |
|
659 |
/**
|
@@ -1117,6 +1162,8 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
1117 |
) {
|
1118 |
$this->m_fDoAutoUpdateCheck = true;
|
1119 |
}
|
|
|
|
|
1120 |
|
1121 |
add_action( 'deactivate_plugin', array( $this, 'preventDeactivation' ), 1, 1 );
|
1122 |
$this->removePluginConflicts(); // removes conflicts with other plugins
|
@@ -1127,7 +1174,9 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
1127 |
*/
|
1128 |
public function preventDeactivation( $insPlugin ) {
|
1129 |
if ( strpos( $insPlugin, basename(__FILE__) ) !== false && !$this->hasPermissionToSubmit() ) {
|
1130 |
-
wp_die(
|
|
|
|
|
1131 |
}
|
1132 |
}
|
1133 |
|
@@ -1161,7 +1210,7 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
1161 |
|
1162 |
public function onWpPluginUpdateMessage() {
|
1163 |
echo '<div style="color: #dd3333;">'
|
1164 |
-
.
|
1165 |
. '</div>';
|
1166 |
}
|
1167 |
|
@@ -1263,6 +1312,48 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
1263 |
return false;
|
1264 |
}
|
1265 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1266 |
/**
|
1267 |
* Shows the update notification - will bail out if the current user is not an admin
|
1268 |
*/
|
@@ -1277,7 +1368,7 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
1277 |
// A guard whereby if we can't ever get a value for this meta, it means we can never set it.
|
1278 |
// If we can never set it, we shouldn't force the Ads on those users who can't get rid of it.
|
1279 |
if ( empty( $sCurrentVersion ) ) { //the value has never been set, or it's been installed for the first time.
|
1280 |
-
$
|
1281 |
return; //meaning we don't show the update notice upon new installations and for those people who can't set the version in their meta.
|
1282 |
}
|
1283 |
|
@@ -1295,8 +1386,8 @@ class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
|
1295 |
<input type="hidden" value="1" name="<?php echo self::OptionPrefix; ?>hide_update_notice" id="<?php echo self::OptionPrefix; ?>hide_update_notice">
|
1296 |
<input type="hidden" value="<?php echo $nUserId; ?>" name="user_id" id="user_id">
|
1297 |
<h4 style="margin:10px 0 3px;">
|
1298 |
-
Note: WordPress Simple Firewall plugin
|
1299 |
-
<a href="http://icwp.io/27" id="fromIcwp" title="WordPress Simple Firewall
|
1300 |
</h4>
|
1301 |
<input type="submit" value="Okay, show me the dashboard." name="submit" class="button" style="float:left; margin-bottom:10px;">
|
1302 |
<div style="clear:both;"></div>
|
1 |
<?php
|
2 |
/*
|
3 |
+
* Plugin Name: WordPress Simple Firewall
|
4 |
+
* Plugin URI: http://icwp.io/2f
|
5 |
+
* Description: A Simple WordPress Firewall
|
6 |
+
* Version: 2.0.0
|
7 |
+
* Text Domain: wp-simple-firewall
|
8 |
+
* Author: iControlWP
|
9 |
+
* Author URI: http://icwp.io/2e
|
10 |
+
*/
|
11 |
|
12 |
/**
|
13 |
* Copyright (c) 2013 iControlWP <support@icontrolwp.com>
|
33 |
require_once( dirname(__FILE__).'/src/icwp-plugins-base.php' );
|
34 |
require_once( dirname(__FILE__).'/src/icwp-data-processor.php' );
|
35 |
|
36 |
+
if ( !function_exists( '_wpsf_e' ) ) {
|
37 |
+
function _wpsf_e( $insStr ) {
|
38 |
+
_e( $insStr, 'wp-simple-firewall' );
|
39 |
+
}
|
40 |
+
}
|
41 |
+
if ( !function_exists( '_wpsf__' ) ) {
|
42 |
+
function _wpsf__( $insStr ) {
|
43 |
+
return __( $insStr, 'wp-simple-firewall' );
|
44 |
+
}
|
45 |
+
}
|
46 |
+
|
47 |
if ( !class_exists('ICWP_Wordpress_Simple_Firewall') ):
|
48 |
|
49 |
class ICWP_Wordpress_Simple_Firewall extends ICWP_WPSF_Base_Plugin {
|
56 |
* Should be updated each new release.
|
57 |
* @var string
|
58 |
*/
|
59 |
+
static public $VERSION = '2.0.0';
|
60 |
|
61 |
/**
|
62 |
* @var ICWP_OptionsHandler_Wpsf
|
175 |
}
|
176 |
}
|
177 |
|
178 |
+
/**
|
179 |
+
* Load the multilingual aspect of the plugin
|
180 |
+
*/
|
181 |
+
public function load_textdomain() {
|
182 |
+
load_plugin_textdomain( 'wp-simple-firewall', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
|
183 |
+
}
|
184 |
+
|
185 |
public function removePluginConflicts() {
|
186 |
if ( class_exists('AIO_WP_Security') && isset( $GLOBALS['aio_wp_security'] ) ) {
|
187 |
remove_action( 'init', array( $GLOBALS['aio_wp_security'], 'wp_security_plugin_init'), 0 );
|
570 |
|
571 |
$this->m_aPluginMenu = array(
|
572 |
//Menu Page Title => Menu Item name, page ID (slug), callback function for this page - i.e. what to do/load.
|
573 |
+
$this->getSubmenuPageTitle( 'Firewall' ) => array( 'Firewall', $this->getSubmenuId('firewall'), 'onDisplayAll' ),
|
574 |
+
$this->getSubmenuPageTitle( 'Login Protect' ) => array( 'Login Protect', $this->getSubmenuId('login_protect'), 'onDisplayAll' ),
|
575 |
+
$this->getSubmenuPageTitle( 'Comments Filter' ) => array( 'Comments Filter', $this->getSubmenuId('comments_filter'), 'onDisplayAll' ),
|
576 |
+
$this->getSubmenuPageTitle( 'Lockdown' ) => array( 'Lockdown', $this->getSubmenuId('lockdown'), 'onDisplayAll' ),
|
577 |
+
$this->getSubmenuPageTitle( 'Auto Updates' ) => array( 'Auto Updates', $this->getSubmenuId('autoupdates'), 'onDisplayAll' ),
|
578 |
+
$this->getSubmenuPageTitle( 'Log' ) => array( 'Log', $this->getSubmenuId('firewall_log'), 'onDisplayAll' )
|
579 |
);
|
580 |
}
|
581 |
|
641 |
wp_redirect( admin_url( $_POST['redirect_page'] ) );
|
642 |
}
|
643 |
}
|
644 |
+
if ( isset( $_POST[self::OptionPrefix.'hide_translation_notice'] ) && isset( $_POST['user_id'] ) ) {
|
645 |
+
$this->updateTranslationNoticeShownUserMeta( $_POST['user_id'] );
|
646 |
+
wp_redirect( admin_url( $_POST['redirect_page'] ) );
|
647 |
+
}
|
648 |
}
|
649 |
|
650 |
/**
|
652 |
*
|
653 |
* @param unknown_type $innId
|
654 |
*/
|
655 |
+
protected function updateVersionUserMeta( $innId = '' ) {
|
656 |
+
$this->updateUserMeta( 'current_version', self::$VERSION, $innId );
|
657 |
+
}
|
658 |
+
|
659 |
+
/**
|
660 |
+
* Updates the current (or supplied user ID) user meta data with the version of the plugin
|
661 |
+
*
|
662 |
+
* @param unknown_type $innId
|
663 |
+
*/
|
664 |
+
protected function updateTranslationNoticeShownUserMeta( $innId = '', $insValue = 'Y' ) {
|
665 |
+
$this->updateUserMeta( 'plugin_translation_notice', $insValue, $innId );
|
666 |
+
}
|
667 |
+
|
668 |
+
/**
|
669 |
+
* Updates the current (or supplied user ID) user meta data with the version of the plugin
|
670 |
+
*
|
671 |
+
* @param unknown_type $innId
|
672 |
+
*/
|
673 |
+
protected function updateUserMeta( $insKey, $inmValue, $innId = null ) {
|
674 |
+
if ( empty( $innId ) ) {
|
675 |
$oCurrentUser = wp_get_current_user();
|
676 |
if ( !($oCurrentUser instanceof WP_User) ) {
|
677 |
return;
|
681 |
else {
|
682 |
$nUserId = $innId;
|
683 |
}
|
684 |
+
update_user_meta( $nUserId, self::OptionPrefix.$insKey, $inmValue );
|
685 |
}
|
686 |
|
687 |
public function onWpAdminNotices() {
|
695 |
if ( $this->hasPermissionToView() ) {
|
696 |
$this->adminNoticeVersionUpgrade();
|
697 |
}
|
698 |
+
|
699 |
+
if ( $this->hasPermissionToView() ) {
|
700 |
+
$this->adminNoticeTranslations();
|
701 |
+
}
|
702 |
}
|
703 |
|
704 |
/**
|
1162 |
) {
|
1163 |
$this->m_fDoAutoUpdateCheck = true;
|
1164 |
}
|
1165 |
+
|
1166 |
+
$this->load_textdomain();
|
1167 |
|
1168 |
add_action( 'deactivate_plugin', array( $this, 'preventDeactivation' ), 1, 1 );
|
1169 |
$this->removePluginConflicts(); // removes conflicts with other plugins
|
1174 |
*/
|
1175 |
public function preventDeactivation( $insPlugin ) {
|
1176 |
if ( strpos( $insPlugin, basename(__FILE__) ) !== false && !$this->hasPermissionToSubmit() ) {
|
1177 |
+
wp_die(
|
1178 |
+
_wpsf__( 'Sorry, you do not have permission to disable this plugin. You need to authenticate first.' )
|
1179 |
+
);
|
1180 |
}
|
1181 |
}
|
1182 |
|
1210 |
|
1211 |
public function onWpPluginUpdateMessage() {
|
1212 |
echo '<div style="color: #dd3333;">'
|
1213 |
+
._wpsf__( 'Upgrade Now To Keep Your Firewall Up-To-Date With The Latest Features.' )
|
1214 |
. '</div>';
|
1215 |
}
|
1216 |
|
1312 |
return false;
|
1313 |
}
|
1314 |
|
1315 |
+
private function adminNoticeTranslations() {
|
1316 |
+
|
1317 |
+
$oCurrentUser = wp_get_current_user();
|
1318 |
+
if ( !($oCurrentUser instanceof WP_User) ) {
|
1319 |
+
return;
|
1320 |
+
}
|
1321 |
+
$nUserId = $oCurrentUser->ID;
|
1322 |
+
|
1323 |
+
$sAlreadyShowTranslationNotice = get_user_meta( $nUserId, self::OptionPrefix.'plugin_translation_notice', true );
|
1324 |
+
// A guard whereby if we can't ever get a value for this meta, it means we can never set it.
|
1325 |
+
if ( empty( $sAlreadyShowTranslationNotice ) ) {
|
1326 |
+
//the value has never been set, or it's been installed for the first time.
|
1327 |
+
$this->updateTranslationNoticeShownUserMeta( $nUserId, 'M' );
|
1328 |
+
return; //meaning we don't show the update notice upon new installations and for those people who can't set the version in their meta.
|
1329 |
+
}
|
1330 |
+
|
1331 |
+
if ( $sAlreadyShowTranslationNotice !== 'Y' ) {
|
1332 |
+
|
1333 |
+
$sRedirectPage = isset( $GLOBALS['pagenow'] ) ? $GLOBALS['pagenow'] : 'index.php';
|
1334 |
+
ob_start();
|
1335 |
+
?>
|
1336 |
+
<style>
|
1337 |
+
a#fromIcwp { padding: 0 5px; border-bottom: 1px dashed rgba(0,0,0,0.1); color: blue; font-weight: bold; }
|
1338 |
+
</style>
|
1339 |
+
<form id="IcwpUpdateNotice" method="post" action="admin.php?page=<?php echo $this->getSubmenuId('firewall'); ?>">
|
1340 |
+
<input type="hidden" value="<?php echo $sRedirectPage; ?>" name="redirect_page" id="redirect_page">
|
1341 |
+
<input type="hidden" value="1" name="<?php echo self::OptionPrefix; ?>hide_translation_notice" id="<?php echo self::OptionPrefix; ?>hide_translation_notice">
|
1342 |
+
<input type="hidden" value="<?php echo $nUserId; ?>" name="user_id" id="user_id">
|
1343 |
+
<h4 style="margin:10px 0 3px;">
|
1344 |
+
<?php _wpsf_e( 'Would you like to help translate the WordPress Simple Firewall into your language?' ); ?>
|
1345 |
+
<?php printf( _wpsf__( 'Head over to: %s' ), '<a href="http://translate.icontrolwp.com" target="_blank">translate.icontrolwp.com</a>' ); ?>
|
1346 |
+
</h4>
|
1347 |
+
<input type="submit" value="<?php _wpsf_e( 'Dismiss this notice' ); ?>" name="submit" class="button" style="float:left; margin-bottom:10px;">
|
1348 |
+
<div style="clear:both;"></div>
|
1349 |
+
</form>
|
1350 |
+
<?php
|
1351 |
+
$sNotice = ob_get_contents();
|
1352 |
+
ob_end_clean();
|
1353 |
+
$this->getAdminNotice( $sNotice, 'updated', true );
|
1354 |
+
}
|
1355 |
+
}
|
1356 |
+
|
1357 |
/**
|
1358 |
* Shows the update notification - will bail out if the current user is not an admin
|
1359 |
*/
|
1368 |
// A guard whereby if we can't ever get a value for this meta, it means we can never set it.
|
1369 |
// If we can never set it, we shouldn't force the Ads on those users who can't get rid of it.
|
1370 |
if ( empty( $sCurrentVersion ) ) { //the value has never been set, or it's been installed for the first time.
|
1371 |
+
$this->updateVersionUserMeta( $nUserId );
|
1372 |
return; //meaning we don't show the update notice upon new installations and for those people who can't set the version in their meta.
|
1373 |
}
|
1374 |
|
1386 |
<input type="hidden" value="1" name="<?php echo self::OptionPrefix; ?>hide_update_notice" id="<?php echo self::OptionPrefix; ?>hide_update_notice">
|
1387 |
<input type="hidden" value="<?php echo $nUserId; ?>" name="user_id" id="user_id">
|
1388 |
<h4 style="margin:10px 0 3px;">
|
1389 |
+
<?php _wpsf_e( 'Note: WordPress Simple Firewall plugin does not automatically turn on when you install/update.' ); ?>
|
1390 |
+
<?php printf( _wpsf__( 'There may also be %simportant updates to read about%s.' ), '<a href="http://icwp.io/27" id="fromIcwp" title="WordPress Simple Firewall" target="_blank">', '</a>' ); ?>
|
1391 |
</h4>
|
1392 |
<input type="submit" value="Okay, show me the dashboard." name="submit" class="button" style="float:left; margin-bottom:10px;">
|
1393 |
<div style="clear:both;"></div>
|
readme.txt
CHANGED
@@ -6,7 +6,7 @@ License URI: http://www.gnu.org/licenses/gpl.html
|
|
6 |
Tags: WordPress Firewall, protection, whitelist, blacklist, two-factor authentication, GASP, comment spam, automatic updates
|
7 |
Requires at least: 3.2.0
|
8 |
Tested up to: 3.7
|
9 |
-
Stable tag:
|
10 |
|
11 |
Complete and Simple WordPress Security. Unrestricted, with no premium features.
|
12 |
|
@@ -232,6 +232,11 @@ Best described here: http://icwp.io/2v
|
|
232 |
* ADD: Add various WordPress security features dynamically that would otherwise require wp-config.php editing.
|
233 |
* CHANGE: Interface to give a better "At-A-Glance" Dashboard summary view, that also allows you to turn on/off core features.
|
234 |
|
|
|
|
|
|
|
|
|
|
|
235 |
= 1.9.2 =
|
236 |
|
237 |
* CHANGED: Simplified the automatic WordPress Plugin updates into 1 filter for consistency
|
6 |
Tags: WordPress Firewall, protection, whitelist, blacklist, two-factor authentication, GASP, comment spam, automatic updates
|
7 |
Requires at least: 3.2.0
|
8 |
Tested up to: 3.7
|
9 |
+
Stable tag: 2.0.0
|
10 |
|
11 |
Complete and Simple WordPress Security. Unrestricted, with no premium features.
|
12 |
|
232 |
* ADD: Add various WordPress security features dynamically that would otherwise require wp-config.php editing.
|
233 |
* CHANGE: Interface to give a better "At-A-Glance" Dashboard summary view, that also allows you to turn on/off core features.
|
234 |
|
235 |
+
= 2.0.0 =
|
236 |
+
|
237 |
+
* ADDED: Localization capabilities. All we need now are translators! [Go here to get started](http://translate.icontrolwp.com/).
|
238 |
+
* ADDED: Option to mask the WordPress version so the real version is never publicly visible.
|
239 |
+
|
240 |
= 1.9.2 =
|
241 |
|
242 |
* CHANGED: Simplified the automatic WordPress Plugin updates into 1 filter for consistency
|
src/icwp-optionshandler-autoupdates.php
CHANGED
@@ -31,109 +31,109 @@ class ICWP_OptionsHandler_AutoUpdates extends ICWP_OptionsHandler_Base_WPSF {
|
|
31 |
|
32 |
public function defineOptions() {
|
33 |
|
34 |
-
$aAutoUpdatesBase =
|
35 |
-
'section_title' => 'Enable Automatic Updates Section',
|
36 |
'section_options' => array(
|
37 |
array(
|
38 |
'enable_autoupdates',
|
39 |
'',
|
40 |
'N',
|
41 |
'checkbox',
|
42 |
-
'Enable Auto Updates',
|
43 |
-
'Enable (or Disable) The
|
44 |
-
'Regardless of any other settings, this option will turn
|
45 |
)
|
46 |
)
|
47 |
);
|
48 |
-
$
|
49 |
-
|
50 |
-
array( 'core_minor', 'Minor Versions Only' ),
|
51 |
-
array( 'core_major', 'Major and Minor Versions' ),
|
52 |
-
);
|
53 |
-
$aAutoUpdateCore = array(
|
54 |
-
'section_title' => 'Automatic Plugin Self-Update',
|
55 |
'section_options' => array(
|
56 |
array(
|
57 |
'autoupdate_plugin_wpsf',
|
58 |
'',
|
59 |
'Y',
|
60 |
'checkbox',
|
61 |
-
'Auto Update Plugin',
|
62 |
-
'Always Automatically Update This Plugin',
|
63 |
-
'Regardless of any component settings below, automatically update the WordPress Simple Firewall plugin.'
|
64 |
)
|
65 |
)
|
66 |
);
|
|
|
|
|
|
|
|
|
|
|
67 |
$aAutoUpdateComponents = array(
|
68 |
-
'section_title' => 'Choose Which WordPress Components To Allow Automatic Updates',
|
69 |
'section_options' => array(
|
70 |
array(
|
71 |
'autoupdate_core',
|
72 |
'',
|
73 |
'core_minor',
|
74 |
$aAutoUpdateOptions,
|
75 |
-
'WordPress Core Updates',
|
76 |
-
'Decide how the WordPress Core will automatically update, if at all
|
77 |
-
'At least automatically upgrading minor versions is recommended (and is the WordPress default).'
|
78 |
),
|
79 |
array(
|
80 |
'enable_autoupdate_translations',
|
81 |
'',
|
82 |
'Y',
|
83 |
'checkbox',
|
84 |
-
'Translations',
|
85 |
-
'Automatically Update Translations',
|
86 |
-
'Note: Automatic updates for translations are enabled on WordPress by default.'
|
87 |
),
|
88 |
array(
|
89 |
'enable_autoupdate_plugins',
|
90 |
'',
|
91 |
'N',
|
92 |
'checkbox',
|
93 |
-
'Plugins',
|
94 |
-
'Automatically Update Plugins',
|
95 |
-
'Note: Automatic updates for plugins are disabled on WordPress by default.'
|
96 |
),
|
97 |
array(
|
98 |
'enable_autoupdate_themes',
|
99 |
'',
|
100 |
'N',
|
101 |
'checkbox',
|
102 |
-
'Themes',
|
103 |
-
'Automatically Update Themes',
|
104 |
-
'Note: Automatic updates for themes are disabled on WordPress by default.'
|
105 |
),
|
106 |
array(
|
107 |
'enable_autoupdate_ignore_vcs',
|
108 |
'',
|
109 |
'N',
|
110 |
'checkbox',
|
111 |
-
'Ignore Version Control',
|
112 |
-
'Ignore Version Control Systems Such As GIT and SVN',
|
113 |
-
'If you use SVN or GIT and WordPress detects it, automatic updates are disabled by default. Check this box to ignore version control systems and allow automatic updates'
|
114 |
)
|
115 |
)
|
116 |
);
|
117 |
$aAutoUpdateAll = array(
|
118 |
-
'section_title' => 'Disable ALL Automatic Updates',
|
119 |
'section_options' => array(
|
120 |
array(
|
121 |
'enable_autoupdate_disable_all',
|
122 |
'',
|
123 |
'N',
|
124 |
'checkbox',
|
125 |
-
'Disable All',
|
126 |
-
'Completely Disable Automatic Updates',
|
127 |
-
'When selected, regardless of any
|
128 |
)
|
129 |
)
|
130 |
);
|
131 |
|
132 |
$this->m_aOptions = array(
|
133 |
$aAutoUpdatesBase,
|
134 |
-
$
|
|
|
135 |
$aAutoUpdateComponents,
|
136 |
-
$aAutoUpdateAll
|
137 |
);
|
138 |
}
|
139 |
|
31 |
|
32 |
public function defineOptions() {
|
33 |
|
34 |
+
$aAutoUpdatesBase = array(
|
35 |
+
'section_title' => _wpsf__('Enable Automatic Updates Section'),
|
36 |
'section_options' => array(
|
37 |
array(
|
38 |
'enable_autoupdates',
|
39 |
'',
|
40 |
'N',
|
41 |
'checkbox',
|
42 |
+
_wpsf__( 'Enable Auto Updates' ),
|
43 |
+
_wpsf__( 'Enable (or Disable) The Simple Firewall Automatic Updates Feature' ),
|
44 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Auto Updates feature, or enable your selected Auto Updates options.' )
|
45 |
)
|
46 |
)
|
47 |
);
|
48 |
+
$aAutoUpdatePlugin = array(
|
49 |
+
'section_title' => _wpsf__('Automatic Plugin Self-Update'),
|
|
|
|
|
|
|
|
|
|
|
50 |
'section_options' => array(
|
51 |
array(
|
52 |
'autoupdate_plugin_wpsf',
|
53 |
'',
|
54 |
'Y',
|
55 |
'checkbox',
|
56 |
+
_wpsf__( 'Auto Update Plugin' ),
|
57 |
+
_wpsf__( 'Always Automatically Update This Plugin' ),
|
58 |
+
_wpsf__( 'Regardless of any component settings below, automatically update the WordPress Simple Firewall plugin.' )
|
59 |
)
|
60 |
)
|
61 |
);
|
62 |
+
$aAutoUpdateOptions = array( 'select',
|
63 |
+
array( 'core_never', _wpsf__('Never') ),
|
64 |
+
array( 'core_minor', _wpsf__('Minor Versions Only') ),
|
65 |
+
array( 'core_major', _wpsf__('Major and Minor Versions') ),
|
66 |
+
);
|
67 |
$aAutoUpdateComponents = array(
|
68 |
+
'section_title' => _wpsf__('Choose Which WordPress Components To Allow Automatic Updates'),
|
69 |
'section_options' => array(
|
70 |
array(
|
71 |
'autoupdate_core',
|
72 |
'',
|
73 |
'core_minor',
|
74 |
$aAutoUpdateOptions,
|
75 |
+
_wpsf__( 'WordPress Core Updates' ),
|
76 |
+
_wpsf__( 'Decide how the WordPress Core will automatically update, if at all' ),
|
77 |
+
_wpsf__( 'At least automatically upgrading minor versions is recommended (and is the WordPress default).' )
|
78 |
),
|
79 |
array(
|
80 |
'enable_autoupdate_translations',
|
81 |
'',
|
82 |
'Y',
|
83 |
'checkbox',
|
84 |
+
_wpsf__( 'Translations' ),
|
85 |
+
_wpsf__( 'Automatically Update Translations' ),
|
86 |
+
_wpsf__( 'Note: Automatic updates for translations are enabled on WordPress by default.' )
|
87 |
),
|
88 |
array(
|
89 |
'enable_autoupdate_plugins',
|
90 |
'',
|
91 |
'N',
|
92 |
'checkbox',
|
93 |
+
_wpsf__( 'Plugins' ),
|
94 |
+
_wpsf__( 'Automatically Update Plugins' ),
|
95 |
+
_wpsf__( 'Note: Automatic updates for plugins are disabled on WordPress by default.' )
|
96 |
),
|
97 |
array(
|
98 |
'enable_autoupdate_themes',
|
99 |
'',
|
100 |
'N',
|
101 |
'checkbox',
|
102 |
+
_wpsf__( 'Themes' ),
|
103 |
+
_wpsf__( 'Automatically Update Themes' ),
|
104 |
+
_wpsf__( 'Note: Automatic updates for themes are disabled on WordPress by default.' )
|
105 |
),
|
106 |
array(
|
107 |
'enable_autoupdate_ignore_vcs',
|
108 |
'',
|
109 |
'N',
|
110 |
'checkbox',
|
111 |
+
_wpsf__( 'Ignore Version Control' ),
|
112 |
+
_wpsf__( 'Ignore Version Control Systems Such As GIT and SVN' ),
|
113 |
+
_wpsf__( 'If you use SVN or GIT and WordPress detects it, automatic updates are disabled by default. Check this box to ignore version control systems and allow automatic updates.' )
|
114 |
)
|
115 |
)
|
116 |
);
|
117 |
$aAutoUpdateAll = array(
|
118 |
+
'section_title' => _wpsf__('Disable ALL WordPress Automatic Updates'),
|
119 |
'section_options' => array(
|
120 |
array(
|
121 |
'enable_autoupdate_disable_all',
|
122 |
'',
|
123 |
'N',
|
124 |
'checkbox',
|
125 |
+
_wpsf__( 'Disable All' ),
|
126 |
+
_wpsf__( 'Completely Disable WordPress Automatic Updates' ),
|
127 |
+
_wpsf__( 'When selected, regardless of any other settings, all WordPress automatic updates on this site will be completely disabled!' )
|
128 |
)
|
129 |
)
|
130 |
);
|
131 |
|
132 |
$this->m_aOptions = array(
|
133 |
$aAutoUpdatesBase,
|
134 |
+
$aAutoUpdateAll,
|
135 |
+
$aAutoUpdatePlugin,
|
136 |
$aAutoUpdateComponents,
|
|
|
137 |
);
|
138 |
}
|
139 |
|
src/icwp-optionshandler-commentsfilter.php
CHANGED
@@ -35,94 +35,99 @@ class ICWP_OptionsHandler_CommentsFilter extends ICWP_OptionsHandler_Base_WPSF {
|
|
35 |
$this->m_aDirectSaveOptions = array();
|
36 |
|
37 |
$aBase = array(
|
38 |
-
'section_title' => 'Enable Comments Filter',
|
39 |
'section_options' => array(
|
40 |
array(
|
41 |
'enable_comments_filter',
|
42 |
'',
|
43 |
'Y',
|
44 |
'checkbox',
|
45 |
-
'Enable Comments Filter',
|
46 |
-
'Enable (or Disable) The Comments Filter Feature',
|
47 |
-
'Regardless of any other settings, this option will turn
|
48 |
)
|
49 |
),
|
50 |
);
|
51 |
$aGasp = array(
|
52 |
-
'section_title' => 'G.A.S.P. Comment SPAM Protection',
|
53 |
'section_options' => array(
|
54 |
array(
|
55 |
'enable_comments_gasp_protection',
|
56 |
'',
|
57 |
'Y',
|
58 |
'checkbox',
|
59 |
-
'GASP Protection',
|
60 |
-
'Add Growmap Anti Spambot Protection to your comments',
|
61 |
-
'Taking the lead from the original GASP plugin for WordPress, we have extended it to include further protection.
|
|
|
62 |
),
|
63 |
array(
|
64 |
'enable_comments_gasp_protection_for_logged_in',
|
65 |
'',
|
66 |
'N',
|
67 |
'checkbox',
|
68 |
-
'Include Logged-In Users',
|
69 |
-
'You may also enable GASP for logged in users',
|
70 |
-
'Since logged-in users would be expected to be vetted, this is off by default.'
|
71 |
),
|
72 |
array(
|
73 |
'comments_cooldown_interval',
|
74 |
'',
|
75 |
'30',
|
76 |
'integer',
|
77 |
-
'Comments Cooldown',
|
78 |
-
'Limit posting
|
79 |
-
"By forcing a comments cooldown period, you restrict a Spambot's ability to post mutliple times to your posts."
|
80 |
),
|
81 |
array(
|
82 |
'comments_token_expire_interval',
|
83 |
'',
|
84 |
'600',
|
85 |
'integer',
|
86 |
-
'Comment Token Expire',
|
87 |
-
'A visitor has X seconds within which to post a comment',
|
88 |
-
"Default:
|
|
|
89 |
),
|
90 |
array(
|
91 |
'custom_message_checkbox',
|
92 |
'',
|
93 |
-
"I'm not a spammer
|
94 |
'text',
|
95 |
-
'Custom Checkbox Message',
|
96 |
-
|
97 |
-
"You can customise the message beside the checkbox.
|
|
|
98 |
),
|
99 |
array(
|
100 |
'custom_message_alert',
|
101 |
'',
|
102 |
-
"Please check the box to confirm you're not a spammer",
|
103 |
'text',
|
104 |
-
'Custom Alert Message',
|
105 |
-
|
106 |
-
"
|
|
|
107 |
),
|
108 |
array(
|
109 |
'custom_message_comment_wait',
|
110 |
'',
|
111 |
-
"Please wait %s seconds before posting your comment",
|
112 |
'text',
|
113 |
-
'Custom
|
114 |
-
|
115 |
-
"Where you see the '%s' this will be the number of seconds. You must ensure you include 1, and only 1, of these.
|
116 |
-
|
117 |
),
|
118 |
array(
|
119 |
'custom_message_comment_reload',
|
120 |
'',
|
121 |
-
"Please reload this page to post a comment",
|
122 |
'text',
|
123 |
-
'Custom
|
124 |
-
|
125 |
-
|
|
|
126 |
)
|
127 |
)
|
128 |
);
|
35 |
$this->m_aDirectSaveOptions = array();
|
36 |
|
37 |
$aBase = array(
|
38 |
+
'section_title' => _wpsf__( 'Enable Comments Filter' ),
|
39 |
'section_options' => array(
|
40 |
array(
|
41 |
'enable_comments_filter',
|
42 |
'',
|
43 |
'Y',
|
44 |
'checkbox',
|
45 |
+
_wpsf__( 'Enable Comments Filter' ),
|
46 |
+
_wpsf__( 'Enable (or Disable) The SPAM Comments Filter Feature.' ),
|
47 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Comments Filter feature, or enable your chosen Comments Filter options.' )
|
48 |
)
|
49 |
),
|
50 |
);
|
51 |
$aGasp = array(
|
52 |
+
'section_title' => _wpsf__( 'G.A.S.P. Comment SPAM Protection' ),
|
53 |
'section_options' => array(
|
54 |
array(
|
55 |
'enable_comments_gasp_protection',
|
56 |
'',
|
57 |
'Y',
|
58 |
'checkbox',
|
59 |
+
_wpsf__( 'GASP Protection' ),
|
60 |
+
_wpsf__( 'Add Growmap Anti Spambot Protection to your comments' ),
|
61 |
+
_wpsf__( 'Taking the lead from the original GASP plugin for WordPress, we have extended it to include further protection.' )
|
62 |
+
.' '.sprintf( _wpsf__( '%smore info%s' ), '[<a href="http://icwp.io/2n" target="_blank">', '</a>]' )
|
63 |
),
|
64 |
array(
|
65 |
'enable_comments_gasp_protection_for_logged_in',
|
66 |
'',
|
67 |
'N',
|
68 |
'checkbox',
|
69 |
+
_wpsf__( 'Include Logged-In Users' ),
|
70 |
+
_wpsf__( 'You may also enable GASP for logged in users' ),
|
71 |
+
_wpsf__( 'Since logged-in users would be expected to be vetted already, this is off by default.' )
|
72 |
),
|
73 |
array(
|
74 |
'comments_cooldown_interval',
|
75 |
'',
|
76 |
'30',
|
77 |
'integer',
|
78 |
+
_wpsf__( 'Comments Cooldown' ),
|
79 |
+
_wpsf__( 'Limit posting comments to X seconds after the page has loaded' ),
|
80 |
+
_wpsf__( "By forcing a comments cooldown period, you restrict a Spambot's ability to post mutliple times to your posts." )
|
81 |
),
|
82 |
array(
|
83 |
'comments_token_expire_interval',
|
84 |
'',
|
85 |
'600',
|
86 |
'integer',
|
87 |
+
_wpsf__( 'Comment Token Expire' ),
|
88 |
+
_wpsf__( 'A visitor has X seconds within which to post a comment' ),
|
89 |
+
_wpsf__( "Default: 600 seconds (10 minutes). Each visitor is given a unique 'Token' so they can comment. This restricts spambots, but we need to force these tokens to expire and at the same time not bother the visitors." )
|
90 |
+
|
91 |
),
|
92 |
array(
|
93 |
'custom_message_checkbox',
|
94 |
'',
|
95 |
+
_wpsf__( "I'm not a spammer" ),
|
96 |
'text',
|
97 |
+
_wpsf__( 'Custom Checkbox Message' ),
|
98 |
+
_wpsf__( 'If you want a custom checkbox message, please provide this here' ),
|
99 |
+
_wpsf__( "You can customise the message beside the checkbox." )
|
100 |
+
.'<br />'.sprintf( _wpsf__( 'Default Message: %s' ), _wpsf__("Please check the box to confirm you're not a spammer") )
|
101 |
),
|
102 |
array(
|
103 |
'custom_message_alert',
|
104 |
'',
|
105 |
+
_wpsf__( "Please check the box to confirm you're not a spammer" ),
|
106 |
'text',
|
107 |
+
_wpsf__( 'Custom Alert Message' ),
|
108 |
+
_wpsf__( 'If you want a custom alert message, please provide this here' ),
|
109 |
+
_wpsf__( "This alert message is displayed when a visitor attempts to submit a comment without checking the box." )
|
110 |
+
.'<br />'.sprintf( _wpsf__( 'Default Message: %s' ), _wpsf__("Please check the box to confirm you're not a spammer") )
|
111 |
),
|
112 |
array(
|
113 |
'custom_message_comment_wait',
|
114 |
'',
|
115 |
+
_wpsf__( "Please wait %s seconds before posting your comment" ),
|
116 |
'text',
|
117 |
+
_wpsf__( 'Custom Wait Message' ),
|
118 |
+
_wpsf__( 'If you want a custom submit-button wait message, please provide this here.' ),
|
119 |
+
_wpsf__( "Where you see the '%s' this will be the number of seconds. You must ensure you include 1, and only 1, of these." )
|
120 |
+
.'<br />'.sprintf( _wpsf__( 'Default Message: %s' ), _wpsf__('Please wait %s seconds before posting your comment') )
|
121 |
),
|
122 |
array(
|
123 |
'custom_message_comment_reload',
|
124 |
'',
|
125 |
+
_wpsf__( "Please reload this page to post a comment" ),
|
126 |
'text',
|
127 |
+
_wpsf__( 'Custom Reload Message' ),
|
128 |
+
_wpsf__( 'If you want a custom message when the comment token has expired, please provide this here.' ),
|
129 |
+
_wpsf__( 'This message is displayed on the submit-button when the comment token is expired' )
|
130 |
+
.'<br />'.sprintf( _wpsf__( 'Default Message: %s' ), _wpsf__("Please reload this page to post a comment") )
|
131 |
)
|
132 |
)
|
133 |
);
|
src/icwp-optionshandler-firewall.php
CHANGED
@@ -59,83 +59,83 @@ class ICWP_OptionsHandler_Firewall extends ICWP_OptionsHandler_Base_WPSF {
|
|
59 |
$this->m_aDirectSaveOptions = array( 'whitelist_admins' );
|
60 |
|
61 |
$this->m_aFirewallBase = array(
|
62 |
-
'section_title' => 'Enable WordPress Firewall',
|
63 |
'section_options' => array(
|
64 |
array(
|
65 |
'enable_firewall',
|
66 |
'', 'N',
|
67 |
'checkbox',
|
68 |
-
'Enable Firewall',
|
69 |
-
'Enable (or Disable) The WordPress Firewall Feature',
|
70 |
-
'Regardless of any other settings, this option will turn
|
71 |
)
|
72 |
)
|
73 |
);
|
74 |
$this->m_aBlockTypesSection = array(
|
75 |
-
'section_title' => 'Firewall Blocking Options',
|
76 |
'section_options' => array(
|
77 |
array(
|
78 |
'include_cookie_checks',
|
79 |
'',
|
80 |
'N',
|
81 |
'checkbox',
|
82 |
-
'Include Cookies',
|
83 |
-
'Also Test Cookie Values In Firewall Tests',
|
84 |
-
'The firewall
|
85 |
),
|
86 |
array(
|
87 |
'block_dir_traversal',
|
88 |
'',
|
89 |
'N',
|
90 |
'checkbox',
|
91 |
-
'Directory Traversals',
|
92 |
-
'Block Directory Traversals',
|
93 |
-
'This will block directory traversal paths in in application parameters (../, ../../etc/passwd, etc.)'
|
94 |
),
|
95 |
array(
|
96 |
'block_sql_queries',
|
97 |
'',
|
98 |
'N',
|
99 |
'checkbox',
|
100 |
-
'SQL Queries',
|
101 |
-
'Block SQL Queries',
|
102 |
-
'This will block in application parameters (union select, concat(, /**/, etc.).'
|
103 |
),
|
104 |
array(
|
105 |
'block_wordpress_terms',
|
106 |
'',
|
107 |
'N',
|
108 |
'checkbox',
|
109 |
-
'WordPress Terms',
|
110 |
-
'Block WordPress Specific Terms',
|
111 |
-
'This will block WordPress specific terms in application parameters (wp_, user_login, etc.).'
|
112 |
),
|
113 |
array(
|
114 |
'block_field_truncation',
|
115 |
'',
|
116 |
'N',
|
117 |
'checkbox',
|
118 |
-
'Field Truncation',
|
119 |
-
'Block Field Truncation Attacks',
|
120 |
-
'This will block field truncation attacks in application parameters.'
|
121 |
),
|
122 |
array(
|
123 |
'block_exe_file_uploads',
|
124 |
'',
|
125 |
'N',
|
126 |
'checkbox',
|
127 |
-
'Exe File Uploads',
|
128 |
-
'Block Executable File Uploads',
|
129 |
-
'This will block executable file uploads (.php, .exe, etc.).'
|
130 |
),
|
131 |
array(
|
132 |
'block_leading_schema',
|
133 |
'',
|
134 |
'N',
|
135 |
'checkbox',
|
136 |
-
'Leading Schemas',
|
137 |
-
'Block Leading Schemas (HTTPS / HTTP)',
|
138 |
-
'This will block leading schemas http:// and https:// in application parameters (off by default; may cause problems with
|
139 |
)
|
140 |
),
|
141 |
);
|
@@ -146,71 +146,88 @@ class ICWP_OptionsHandler_Firewall extends ICWP_OptionsHandler_Base_WPSF {
|
|
146 |
array( 'redirect_404', 'Return 404' ),
|
147 |
);
|
148 |
$this->m_aBlockSection = array(
|
149 |
-
'section_title' => 'Choose Firewall Block Response',
|
150 |
'section_options' => array(
|
151 |
-
array(
|
152 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
153 |
)
|
154 |
);
|
155 |
|
156 |
$this->m_aWhitelistSection = array(
|
157 |
-
'section_title' => '
|
158 |
'section_options' => array(
|
159 |
array(
|
160 |
'ips_whitelist',
|
161 |
'',
|
162 |
'',
|
163 |
'ip_addresses',
|
164 |
-
'Whitelist IP Addresses',
|
165 |
-
'Choose IP Addresses that are never subjected to Firewall Rules',
|
166 |
-
sprintf( 'Take a new line per address. Your IP address is: %s', '<span class="code">'.$this->getVisitorIpAddress( false ).'</span>' )
|
167 |
),
|
168 |
array(
|
169 |
'page_params_whitelist',
|
170 |
'',
|
171 |
'',
|
172 |
'comma_separated_lists',
|
173 |
-
'Whitelist Parameters',
|
174 |
-
'Detail pages and parameters that are whitelisted (ignored)',
|
175 |
-
'This should be used with caution and you should only provide parameter names that you
|
176 |
-
.' [<a href="http://icwp.io/2a" target="_blank">
|
177 |
),
|
178 |
array(
|
179 |
'whitelist_admins',
|
180 |
'',
|
181 |
'N',
|
182 |
'checkbox',
|
183 |
-
'Ignore Administrators',
|
184 |
-
'Ignore users logged in as Administrator',
|
185 |
-
'Authenticated administrator users will not be processed by the firewall
|
186 |
)
|
187 |
)
|
188 |
);
|
189 |
|
190 |
$this->m_aBlacklistSection = array(
|
191 |
-
'section_title' => 'Choose IP Addresses To Blacklist',
|
192 |
'section_options' => array(
|
193 |
array(
|
194 |
'ips_blacklist',
|
195 |
'',
|
196 |
'',
|
197 |
'ip_addresses',
|
198 |
-
'Blacklist IP Addresses',
|
199 |
-
'Choose IP Addresses that are always blocked
|
200 |
-
'Take a new line per address. Each IP Address must be valid and will be checked
|
201 |
)
|
202 |
)
|
203 |
);
|
204 |
$this->m_aFirewallMiscSection = array(
|
205 |
-
'section_title' => 'Miscellaneous Plugin Options',
|
206 |
'section_options' => array(
|
207 |
array(
|
208 |
'enable_firewall_log',
|
209 |
-
'',
|
|
|
210 |
'checkbox',
|
211 |
-
'Firewall Logging',
|
212 |
-
'Turn on a detailed Firewall Log',
|
213 |
-
'Will log every visit to the site and how the firewall processes it. Not recommended to leave on unless you want to debug something and check the firewall is working as you expect
|
214 |
)
|
215 |
)
|
216 |
);
|
59 |
$this->m_aDirectSaveOptions = array( 'whitelist_admins' );
|
60 |
|
61 |
$this->m_aFirewallBase = array(
|
62 |
+
'section_title' => _wpsf__( 'Enable WordPress Firewall' ),
|
63 |
'section_options' => array(
|
64 |
array(
|
65 |
'enable_firewall',
|
66 |
'', 'N',
|
67 |
'checkbox',
|
68 |
+
_wpsf__( 'Enable Firewall' ),
|
69 |
+
_wpsf__( 'Enable (or Disable) The WordPress Firewall Feature' ),
|
70 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Firewall feature, or enable your selected Firewall options' )
|
71 |
)
|
72 |
)
|
73 |
);
|
74 |
$this->m_aBlockTypesSection = array(
|
75 |
+
'section_title' => _wpsf__( 'Firewall Blocking Options' ),
|
76 |
'section_options' => array(
|
77 |
array(
|
78 |
'include_cookie_checks',
|
79 |
'',
|
80 |
'N',
|
81 |
'checkbox',
|
82 |
+
_wpsf__( 'Include Cookies' ),
|
83 |
+
_wpsf__( 'Also Test Cookie Values In Firewall Tests' ),
|
84 |
+
_wpsf__( 'The firewall tests GET and POST, but with this option checked it will also COOKIE values.' )
|
85 |
),
|
86 |
array(
|
87 |
'block_dir_traversal',
|
88 |
'',
|
89 |
'N',
|
90 |
'checkbox',
|
91 |
+
_wpsf__( 'Directory Traversals' ),
|
92 |
+
_wpsf__( 'Block Directory Traversals' ),
|
93 |
+
_wpsf__( 'This will block directory traversal paths in in application parameters (e.g. ../, ../../etc/passwd, etc.).' )
|
94 |
),
|
95 |
array(
|
96 |
'block_sql_queries',
|
97 |
'',
|
98 |
'N',
|
99 |
'checkbox',
|
100 |
+
_wpsf__( 'SQL Queries' ),
|
101 |
+
_wpsf__( 'Block SQL Queries' ),
|
102 |
+
_wpsf__( 'This will block sql in application parameters (e.g. union select, concat(, /**/, etc.).' )
|
103 |
),
|
104 |
array(
|
105 |
'block_wordpress_terms',
|
106 |
'',
|
107 |
'N',
|
108 |
'checkbox',
|
109 |
+
_wpsf__( 'WordPress Terms' ),
|
110 |
+
_wpsf__( 'Block WordPress Specific Terms' ),
|
111 |
+
_wpsf__( 'This will block WordPress specific terms in application parameters (wp_, user_login, etc.).' )
|
112 |
),
|
113 |
array(
|
114 |
'block_field_truncation',
|
115 |
'',
|
116 |
'N',
|
117 |
'checkbox',
|
118 |
+
_wpsf__( 'Field Truncation' ),
|
119 |
+
_wpsf__( 'Block Field Truncation Attacks' ),
|
120 |
+
_wpsf__( 'This will block field truncation attacks in application parameters.' )
|
121 |
),
|
122 |
array(
|
123 |
'block_exe_file_uploads',
|
124 |
'',
|
125 |
'N',
|
126 |
'checkbox',
|
127 |
+
_wpsf__( 'Exe File Uploads' ),
|
128 |
+
_wpsf__( 'Block Executable File Uploads' ),
|
129 |
+
_wpsf__( 'This will block executable file uploads (.php, .exe, etc.).' )
|
130 |
),
|
131 |
array(
|
132 |
'block_leading_schema',
|
133 |
'',
|
134 |
'N',
|
135 |
'checkbox',
|
136 |
+
_wpsf__( 'Leading Schemas' ),
|
137 |
+
_wpsf__( 'Block Leading Schemas (HTTPS / HTTP)' ),
|
138 |
+
_wpsf__( 'This will block leading schemas http:// and https:// in application parameters (off by default; may cause problems with other plugins).' )
|
139 |
)
|
140 |
),
|
141 |
);
|
146 |
array( 'redirect_404', 'Return 404' ),
|
147 |
);
|
148 |
$this->m_aBlockSection = array(
|
149 |
+
'section_title' => _wpsf__( 'Choose Firewall Block Response' ),
|
150 |
'section_options' => array(
|
151 |
+
array(
|
152 |
+
'block_response',
|
153 |
+
'',
|
154 |
+
'none',
|
155 |
+
$aRedirectOptions,
|
156 |
+
_wpsf__( 'Block Response' ),
|
157 |
+
_wpsf__( 'Choose how the firewall responds when it blocks a request' ),
|
158 |
+
_wpsf__( 'We recommend dying with a message so you know what might have occurred when the firewall blocks you' )
|
159 |
+
),
|
160 |
+
array(
|
161 |
+
'block_send_email',
|
162 |
+
'',
|
163 |
+
'N',
|
164 |
+
'checkbox',
|
165 |
+
_wpsf__( 'Send Email Report' ),
|
166 |
+
_wpsf__( 'When a visitor is blocked the firewall will send an email to the configured email address' ),
|
167 |
+
_wpsf__( 'Use with caution - if you get hit by automated bots you may send out too many emails and you could get blocked by your host' )
|
168 |
+
)
|
169 |
)
|
170 |
);
|
171 |
|
172 |
$this->m_aWhitelistSection = array(
|
173 |
+
'section_title' => _wpsf__( 'Whitelists - IPs, Pages, Parameters, and Users that by-pass the Firewall' ),
|
174 |
'section_options' => array(
|
175 |
array(
|
176 |
'ips_whitelist',
|
177 |
'',
|
178 |
'',
|
179 |
'ip_addresses',
|
180 |
+
_wpsf__( 'Whitelist IP Addresses' ),
|
181 |
+
_wpsf__( 'Choose IP Addresses that are never subjected to Firewall Rules' ),
|
182 |
+
sprintf( _wpsf__( 'Take a new line per address. Your IP address is: %s' ), '<span class="code">'.$this->getVisitorIpAddress( false ).'</span>' )
|
183 |
),
|
184 |
array(
|
185 |
'page_params_whitelist',
|
186 |
'',
|
187 |
'',
|
188 |
'comma_separated_lists',
|
189 |
+
_wpsf__( 'Whitelist Parameters' ),
|
190 |
+
_wpsf__( 'Detail pages and parameters that are whitelisted (ignored by the firewall)' ),
|
191 |
+
_wpsf__( 'This should be used with caution and you should only provide parameter names that you must have excluded' )
|
192 |
+
.' '.sprintf( _wpsf__( '%sHelp%s' ), '[<a href="http://icwp.io/2a" target="_blank">', '</a>]' )
|
193 |
),
|
194 |
array(
|
195 |
'whitelist_admins',
|
196 |
'',
|
197 |
'N',
|
198 |
'checkbox',
|
199 |
+
_wpsf__( 'Ignore Administrators' ),
|
200 |
+
_wpsf__( 'Ignore users logged in as Administrator' ),
|
201 |
+
_wpsf__( 'Authenticated administrator users will not be processed by the firewall' )
|
202 |
)
|
203 |
)
|
204 |
);
|
205 |
|
206 |
$this->m_aBlacklistSection = array(
|
207 |
+
'section_title' => _wpsf__( 'Choose IP Addresses To Blacklist' ),
|
208 |
'section_options' => array(
|
209 |
array(
|
210 |
'ips_blacklist',
|
211 |
'',
|
212 |
'',
|
213 |
'ip_addresses',
|
214 |
+
_wpsf__( 'Blacklist IP Addresses' ),
|
215 |
+
_wpsf__( 'Choose IP Addresses that are always blocked from accessing the site' ),
|
216 |
+
_wpsf__( 'Take a new line per address. Each IP Address must be valid and will be checked' )
|
217 |
)
|
218 |
)
|
219 |
);
|
220 |
$this->m_aFirewallMiscSection = array(
|
221 |
+
'section_title' => _wpsf__( 'Miscellaneous Plugin Options' ),
|
222 |
'section_options' => array(
|
223 |
array(
|
224 |
'enable_firewall_log',
|
225 |
+
'',
|
226 |
+
'N',
|
227 |
'checkbox',
|
228 |
+
_wpsf__( 'Firewall Logging' ),
|
229 |
+
_wpsf__( 'Turn on a detailed Firewall Log' ),
|
230 |
+
_wpsf__( 'Will log every visit to the site and how the firewall processes it. Not recommended to leave on unless you want to debug something and check the firewall is working as you expect' )
|
231 |
)
|
232 |
)
|
233 |
);
|
src/icwp-optionshandler-lockdown.php
CHANGED
@@ -36,36 +36,56 @@ class ICWP_OptionsHandler_Lockdown extends ICWP_OptionsHandler_Base_WPSF {
|
|
36 |
else if ( $this->getOpt( 'action_reset_auth_salts' ) == 'P' ) {
|
37 |
$this->setOpt( 'action_reset_auth_salts', 'N' );
|
38 |
}
|
|
|
|
|
|
|
|
|
|
|
39 |
}
|
40 |
|
41 |
public function defineOptions() {
|
42 |
|
43 |
$aBase = array(
|
44 |
-
'section_title' => 'Enable Lockdown Feature',
|
45 |
'section_options' => array(
|
46 |
array(
|
47 |
'enable_lockdown',
|
48 |
'',
|
49 |
'N',
|
50 |
'checkbox',
|
51 |
-
'Enable Lockdown',
|
52 |
-
'Enable (or Disable) The Lockdown Feature',
|
53 |
-
'Regardless of any other settings, this option will turn
|
54 |
)
|
55 |
)
|
56 |
);
|
57 |
$aAccess = array(
|
58 |
-
'section_title' => 'Access Options',
|
59 |
'section_options' => array(
|
60 |
array(
|
61 |
'disable_file_editing',
|
62 |
'',
|
63 |
'N',
|
64 |
'checkbox',
|
65 |
-
'Disable File Editing',
|
66 |
-
'Disable Ability To Edit Files',
|
67 |
-
'Removes the option to directly edit any files from within the WordPress admin area.
|
68 |
-
<br />Equivalent to setting DISALLOW_FILE_EDIT to TRUE.'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
69 |
)
|
70 |
)
|
71 |
);
|
@@ -77,17 +97,17 @@ class ICWP_OptionsHandler_Lockdown extends ICWP_OptionsHandler_Base_WPSF {
|
|
77 |
|
78 |
if ( false && $this->getCanDoAuthSalts() ) {
|
79 |
$this->m_aOptions[] = array(
|
80 |
-
'section_title' => 'Security Actions',
|
81 |
'section_options' => array(
|
82 |
array(
|
83 |
'action_reset_auth_salts',
|
84 |
'',
|
85 |
'N',
|
86 |
'checkbox',
|
87 |
-
'Reset Auth Keys/Salts',
|
88 |
-
'Reset WordPress Authentication Keys and Salts',
|
89 |
-
'Selecting this
|
90 |
-
<br /><strong>Note: This will log you and all other users out of their current session
|
91 |
)
|
92 |
)
|
93 |
);
|
36 |
else if ( $this->getOpt( 'action_reset_auth_salts' ) == 'P' ) {
|
37 |
$this->setOpt( 'action_reset_auth_salts', 'N' );
|
38 |
}
|
39 |
+
|
40 |
+
$sCurrent = $this->getOpt( 'mask_wordpress_version' );
|
41 |
+
if ( !empty( $sCurrent ) ) {
|
42 |
+
$this->setOpt( 'mask_wordpress_version', preg_replace( '/[^a-z0-9_.-]/i', '', $sCurrent ) );
|
43 |
+
}
|
44 |
}
|
45 |
|
46 |
public function defineOptions() {
|
47 |
|
48 |
$aBase = array(
|
49 |
+
'section_title' => _wpsf__( 'Enable Lockdown Feature' ),
|
50 |
'section_options' => array(
|
51 |
array(
|
52 |
'enable_lockdown',
|
53 |
'',
|
54 |
'N',
|
55 |
'checkbox',
|
56 |
+
_wpsf__( 'Enable Lockdown' ),
|
57 |
+
_wpsf__( 'Enable (or Disable) The Lockdown Feature' ),
|
58 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Lockdown feature, or enable your selected Lockdown options' )
|
59 |
)
|
60 |
)
|
61 |
);
|
62 |
$aAccess = array(
|
63 |
+
'section_title' => _wpsf__( 'Access Options' ),
|
64 |
'section_options' => array(
|
65 |
array(
|
66 |
'disable_file_editing',
|
67 |
'',
|
68 |
'N',
|
69 |
'checkbox',
|
70 |
+
_wpsf__( 'Disable File Editing' ),
|
71 |
+
_wpsf__( 'Disable Ability To Edit Files' ),
|
72 |
+
_wpsf__( 'Removes the option to directly edit any files from within the WordPress admin area.' )
|
73 |
+
.'<br />'._wpsf__( 'Equivalent to setting DISALLOW_FILE_EDIT to TRUE.' )
|
74 |
+
)
|
75 |
+
)
|
76 |
+
);
|
77 |
+
$aAccess = array(
|
78 |
+
'section_title' => _wpsf__( 'WordPress Obscurity Options' ),
|
79 |
+
'section_options' => array(
|
80 |
+
array(
|
81 |
+
'mask_wordpress_version',
|
82 |
+
'',
|
83 |
+
'',
|
84 |
+
'text',
|
85 |
+
_wpsf__( 'Mask WordPress Version' ),
|
86 |
+
_wpsf__( 'Prevents Public Display Of Your WordPress Version' ),
|
87 |
+
_wpsf__( 'Enter how you would like your WordPress version displayed publicly. Leave blank to disable this feature.' )
|
88 |
+
.'<br />'._wpsf__( 'Warning: This may interfere with WordPress plugins that rely on the $wp_version variable.' )
|
89 |
)
|
90 |
)
|
91 |
);
|
97 |
|
98 |
if ( false && $this->getCanDoAuthSalts() ) {
|
99 |
$this->m_aOptions[] = array(
|
100 |
+
'section_title' => _wpsf__( 'Security Actions' ),
|
101 |
'section_options' => array(
|
102 |
array(
|
103 |
'action_reset_auth_salts',
|
104 |
'',
|
105 |
'N',
|
106 |
'checkbox',
|
107 |
+
_wpsf__( 'Reset Auth Keys/Salts' ),
|
108 |
+
_wpsf__( 'Reset WordPress Authentication Keys and Salts' ),
|
109 |
+
_wpsf__( 'Selecting this will reset the WordPress Authentication Keys and Salts in your wp-config.php file.' )
|
110 |
+
.'<br /><strong>'._wpsf__( 'Note: This will log you and all other users out of their current session.' ).'</strong>'
|
111 |
)
|
112 |
)
|
113 |
);
|
src/icwp-optionshandler-loginprotect.php
CHANGED
@@ -32,58 +32,58 @@ class ICWP_OptionsHandler_LoginProtect extends ICWP_OptionsHandler_Base_WPSF {
|
|
32 |
$this->m_aDirectSaveOptions = array();
|
33 |
|
34 |
$this->m_aOptionsBase = array(
|
35 |
-
'section_title' => 'Enable Login Protection',
|
36 |
'section_options' => array(
|
37 |
array(
|
38 |
'enable_login_protect',
|
39 |
'',
|
40 |
'Y',
|
41 |
'checkbox',
|
42 |
-
'Enable Login Protect',
|
43 |
-
'Enable (or Disable) The Login Protection Feature',
|
44 |
-
'Regardless of any other settings, this option will turn
|
45 |
)
|
46 |
),
|
47 |
);
|
48 |
$this->m_aWhitelist = array(
|
49 |
-
'section_title' => 'Whitelist IPs that by-pass Login Protect',
|
50 |
'section_options' => array(
|
51 |
array(
|
52 |
'ips_whitelist',
|
53 |
'',
|
54 |
'',
|
55 |
'ip_addresses',
|
56 |
-
'Whitelist IP Addresses',
|
57 |
-
'Specify IP Addresses that by-pass all Login Protect rules',
|
58 |
-
sprintf( 'Take a new line per address. Your IP address is: %s', '<span class="code">'.$this->getVisitorIpAddress( false ).'</span>' )
|
59 |
)
|
60 |
)
|
61 |
);
|
62 |
$this->m_aTwoFactorAuth = array(
|
63 |
-
'section_title' => 'Two-Factor Authentication Protection Options',
|
64 |
'section_options' => array(
|
65 |
array(
|
66 |
'enable_two_factor_auth_by_ip',
|
67 |
'',
|
68 |
'N',
|
69 |
'checkbox',
|
70 |
-
'Two-Factor Authentication',
|
71 |
-
'Two-Factor Login Authentication By IP Address',
|
72 |
-
'All users will be required to authenticate their logins by email-based two-factor authentication when logging in from a new IP address
|
73 |
),
|
74 |
array(
|
75 |
'enable_two_factor_bypass_on_email_fail',
|
76 |
'',
|
77 |
'N',
|
78 |
'checkbox',
|
79 |
-
'By-Pass On Failure',
|
80 |
-
'If Sending Verification Email Sending Fails, Two-Factor Login Authentication Is Ignored',
|
81 |
-
'If you enable two-factor authentication and sending the email with the verification link fails, turning this setting on will by-pass the verification step. Use with caution
|
82 |
)
|
83 |
)
|
84 |
);
|
85 |
$this->m_aLoginProtect = array(
|
86 |
-
'section_title' => 'Login Protection Options',
|
87 |
'section_options' => array(
|
88 |
array(
|
89 |
'login_limit_interval',
|
@@ -99,23 +99,24 @@ class ICWP_OptionsHandler_LoginProtect extends ICWP_OptionsHandler_Base_WPSF {
|
|
99 |
'',
|
100 |
'Y',
|
101 |
'checkbox',
|
102 |
-
'G.A.S.P Protection',
|
103 |
-
'
|
104 |
-
'Adds a dynamically (Javascript) generated checkbox to the login form that prevents bots using automated login techniques. Recommended: ON'
|
105 |
)
|
106 |
)
|
107 |
);
|
108 |
|
109 |
$this->m_aLoggingSection = array(
|
110 |
-
'section_title' => 'Logging Options',
|
111 |
'section_options' => array(
|
112 |
array(
|
113 |
'enable_login_protect_log',
|
114 |
-
'',
|
|
|
115 |
'checkbox',
|
116 |
-
'Login Protect Logging',
|
117 |
-
'Turn on a detailed Login Protect Log',
|
118 |
-
'Will log every event related to login protection and how it is processed. Not recommended to leave on unless you want to debug something and check the login protection is working as you expect.'
|
119 |
)
|
120 |
)
|
121 |
);
|
32 |
$this->m_aDirectSaveOptions = array();
|
33 |
|
34 |
$this->m_aOptionsBase = array(
|
35 |
+
'section_title' => _wpsf__( 'Enable Login Protection' ),
|
36 |
'section_options' => array(
|
37 |
array(
|
38 |
'enable_login_protect',
|
39 |
'',
|
40 |
'Y',
|
41 |
'checkbox',
|
42 |
+
_wpsf__( 'Enable Login Protect' ),
|
43 |
+
_wpsf__( 'Enable (or Disable) The Login Protection Feature' ),
|
44 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Login Protect feature, or enable your selected Login Protect options' )
|
45 |
)
|
46 |
),
|
47 |
);
|
48 |
$this->m_aWhitelist = array(
|
49 |
+
'section_title' => _wpsf__( 'Whitelist IPs that by-pass Login Protect' ),
|
50 |
'section_options' => array(
|
51 |
array(
|
52 |
'ips_whitelist',
|
53 |
'',
|
54 |
'',
|
55 |
'ip_addresses',
|
56 |
+
_wpsf__( 'Whitelist IP Addresses' ),
|
57 |
+
_wpsf__( 'Specify IP Addresses that by-pass all Login Protect rules' ),
|
58 |
+
sprintf( _wpsf__( 'Take a new line per address. Your IP address is: %s' ), '<span class="code">'.$this->getVisitorIpAddress( false ).'</span>' )
|
59 |
)
|
60 |
)
|
61 |
);
|
62 |
$this->m_aTwoFactorAuth = array(
|
63 |
+
'section_title' => _wpsf__( 'Two-Factor Authentication Protection Options' ),
|
64 |
'section_options' => array(
|
65 |
array(
|
66 |
'enable_two_factor_auth_by_ip',
|
67 |
'',
|
68 |
'N',
|
69 |
'checkbox',
|
70 |
+
_wpsf__( 'Two-Factor Authentication' ),
|
71 |
+
_wpsf__( 'Two-Factor Login Authentication By IP Address' ),
|
72 |
+
_wpsf__( 'All users will be required to authenticate their logins by email-based two-factor authentication when logging in from a new IP address' )
|
73 |
),
|
74 |
array(
|
75 |
'enable_two_factor_bypass_on_email_fail',
|
76 |
'',
|
77 |
'N',
|
78 |
'checkbox',
|
79 |
+
_wpsf__( 'By-Pass On Failure' ),
|
80 |
+
_wpsf__( 'If Sending Verification Email Sending Fails, Two-Factor Login Authentication Is Ignored' ),
|
81 |
+
_wpsf__( 'If you enable two-factor authentication and sending the email with the verification link fails, turning this setting on will by-pass the verification step. Use with caution' )
|
82 |
)
|
83 |
)
|
84 |
);
|
85 |
$this->m_aLoginProtect = array(
|
86 |
+
'section_title' => _wpsf__( 'Login Protection Options' ),
|
87 |
'section_options' => array(
|
88 |
array(
|
89 |
'login_limit_interval',
|
99 |
'',
|
100 |
'Y',
|
101 |
'checkbox',
|
102 |
+
_wpsf__( 'G.A.S.P Protection' ),
|
103 |
+
_wpsf__( 'Use G.A.S.P. Protection To Prevent Login Attempts By Bots' ),
|
104 |
+
_wpsf__( 'Adds a dynamically (Javascript) generated checkbox to the login form that prevents bots using automated login techniques. Recommended: ON' )
|
105 |
)
|
106 |
)
|
107 |
);
|
108 |
|
109 |
$this->m_aLoggingSection = array(
|
110 |
+
'section_title' => _wpsf__( 'Logging Options' ),
|
111 |
'section_options' => array(
|
112 |
array(
|
113 |
'enable_login_protect_log',
|
114 |
+
'',
|
115 |
+
'N',
|
116 |
'checkbox',
|
117 |
+
_wpsf__( 'Login Protect Logging' ),
|
118 |
+
_wpsf__( 'Turn on a detailed Login Protect Log' ),
|
119 |
+
_wpsf__( 'Will log every event related to login protection and how it is processed. Not recommended to leave on unless you want to debug something and check the login protection is working as you expect.' )
|
120 |
)
|
121 |
)
|
122 |
);
|
src/icwp-optionshandler-wpsf.php
CHANGED
@@ -52,89 +52,87 @@ class ICWP_OptionsHandler_Wpsf extends ICWP_OptionsHandler_Base_WPSF {
|
|
52 |
if ( $this->hasEncryptOption() ) {
|
53 |
|
54 |
$aAccessKey = array(
|
55 |
-
'section_title' => 'Admin Access Restriction',
|
56 |
'section_options' => array(
|
57 |
array(
|
58 |
'enable_admin_access_restriction',
|
59 |
'',
|
60 |
'N',
|
61 |
'checkbox',
|
62 |
-
'Enable Access Key',
|
63 |
-
'Enforce Admin Access Restriction',
|
64 |
-
|
65 |
-
'
|
66 |
-
'<a href="http://icwp.io/2r" target="_blank">',
|
67 |
-
'</a>'
|
68 |
-
)
|
69 |
),
|
70 |
array(
|
71 |
'admin_access_timeout',
|
72 |
'',
|
73 |
self::Default_AccessKeyTimeout,
|
74 |
'integer',
|
75 |
-
'Access Key Timeout',
|
76 |
-
'Specify A Timeout For Plugin Admin Access',
|
77 |
-
'This will automatically expire your WordPress Simple Firewall session. Does not apply until you enter the access key again. Default: 30 minutes.'
|
78 |
),
|
79 |
array(
|
80 |
'admin_access_key',
|
81 |
'',
|
82 |
'',
|
83 |
'password',
|
84 |
-
'Admin Access Key',
|
85 |
-
'Specify Your Plugin Access Key',
|
86 |
-
'If you forget this, you could potentially lock yourself out from using this plugin.
|
|
|
87 |
)
|
88 |
)
|
89 |
);
|
90 |
}
|
91 |
|
92 |
$aGeneral = array(
|
93 |
-
'section_title' => 'General Plugin Options',
|
94 |
'section_options' => array(
|
95 |
array(
|
96 |
'enable_firewall',
|
97 |
'', 'N',
|
98 |
'checkbox',
|
99 |
-
'Enable Firewall',
|
100 |
-
'Enable (or Disable) The WordPress Firewall Feature',
|
101 |
-
'Regardless of any other settings, this option will turn
|
102 |
),
|
103 |
array(
|
104 |
'enable_login_protect',
|
105 |
'',
|
106 |
'Y',
|
107 |
'checkbox',
|
108 |
-
'Enable Login Protect',
|
109 |
-
'Enable (or Disable) The Login Protection Feature',
|
110 |
-
'Regardless of any other settings, this option will turn
|
111 |
),
|
112 |
array(
|
113 |
'enable_comments_filter',
|
114 |
'',
|
115 |
'Y',
|
116 |
'checkbox',
|
117 |
-
'Enable Comments Filter',
|
118 |
-
'Enable (or Disable) The Comments Filter Feature',
|
119 |
-
'Regardless of any other settings, this option will turn
|
120 |
),
|
121 |
array(
|
122 |
'enable_lockdown',
|
123 |
'',
|
124 |
'N',
|
125 |
'checkbox',
|
126 |
-
'Enable Lockdown',
|
127 |
-
'Enable (or Disable) The Lockdown Feature',
|
128 |
-
'Regardless of any other settings, this option will turn
|
129 |
),
|
130 |
array(
|
131 |
'enable_autoupdates',
|
132 |
'',
|
133 |
'N',
|
134 |
'checkbox',
|
135 |
-
'Enable Auto Updates',
|
136 |
-
'Enable (or Disable) The
|
137 |
-
'Regardless of any other settings, this option will turn
|
138 |
),
|
139 |
/*
|
140 |
array(
|
@@ -152,42 +150,42 @@ class ICWP_OptionsHandler_Wpsf extends ICWP_OptionsHandler_Base_WPSF {
|
|
152 |
'',
|
153 |
'Y',
|
154 |
'checkbox',
|
155 |
-
'Upgrade Notice',
|
156 |
-
'Display A Notice When An Upgrade Is Available',
|
157 |
-
'
|
158 |
),
|
159 |
array(
|
160 |
'delete_on_deactivate',
|
161 |
'',
|
162 |
'N',
|
163 |
'checkbox',
|
164 |
-
'Delete Plugin Settings',
|
165 |
-
'Delete All Plugin Settings Upon Plugin Deactivation',
|
166 |
-
'Careful: Removes all plugin options when you
|
167 |
)
|
168 |
)
|
169 |
);
|
170 |
|
171 |
$aEmail = array(
|
172 |
-
'section_title' => 'Email Options',
|
173 |
'section_options' => array(
|
174 |
array(
|
175 |
'block_send_email_address',
|
176 |
'',
|
177 |
'',
|
178 |
'email',
|
179 |
-
'Report Email',
|
180 |
-
'Where to send email reports',
|
181 |
-
'If this is empty, it will default to the blog admin email address
|
182 |
),
|
183 |
array(
|
184 |
'send_email_throttle_limit',
|
185 |
'',
|
186 |
'10',
|
187 |
'integer',
|
188 |
-
'Email Throttle Limit',
|
189 |
-
'Limit Emails Per Second',
|
190 |
-
'You throttle emails sent by this plugin by limiting the number of emails sent every second. This is useful in case you get hit by a bot attack. Zero (0) turns this off. Suggested: 10'
|
191 |
)
|
192 |
)
|
193 |
);
|
52 |
if ( $this->hasEncryptOption() ) {
|
53 |
|
54 |
$aAccessKey = array(
|
55 |
+
'section_title' => _wpsf__( 'Admin Access Restriction' ),
|
56 |
'section_options' => array(
|
57 |
array(
|
58 |
'enable_admin_access_restriction',
|
59 |
'',
|
60 |
'N',
|
61 |
'checkbox',
|
62 |
+
_wpsf__( 'Enable Access Key' ),
|
63 |
+
_wpsf__( 'Enforce Admin Access Restriction' ),
|
64 |
+
_wpsf__( 'Enable this with great care and consideration. When this Access Key option is enabled, you must specify a key below and use it to gain access to this plugin.' )
|
65 |
+
.' '.sprintf( _wpsf__( '%smore info%s' ), '[<a href="http://icwp.io/2n" target="_blank">', '</a>]' )
|
|
|
|
|
|
|
66 |
),
|
67 |
array(
|
68 |
'admin_access_timeout',
|
69 |
'',
|
70 |
self::Default_AccessKeyTimeout,
|
71 |
'integer',
|
72 |
+
_wpsf__( 'Access Key Timeout' ),
|
73 |
+
_wpsf__( 'Specify A Timeout For Plugin Admin Access' ),
|
74 |
+
_wpsf__( 'This will automatically expire your WordPress Simple Firewall session. Does not apply until you enter the access key again. Default: 30 minutes.' ),
|
75 |
),
|
76 |
array(
|
77 |
'admin_access_key',
|
78 |
'',
|
79 |
'',
|
80 |
'password',
|
81 |
+
_wpsf__( 'Admin Access Key' ),
|
82 |
+
_wpsf__( 'Specify Your Plugin Access Key' ),
|
83 |
+
_wpsf__( 'If you forget this, you could potentially lock yourself out from using this plugin.' )
|
84 |
+
.'<strong>'._wpsf__( 'Leave it blank to not update it' ).'</strong>',
|
85 |
)
|
86 |
)
|
87 |
);
|
88 |
}
|
89 |
|
90 |
$aGeneral = array(
|
91 |
+
'section_title' => _wpsf__( 'General Plugin Options' ),
|
92 |
'section_options' => array(
|
93 |
array(
|
94 |
'enable_firewall',
|
95 |
'', 'N',
|
96 |
'checkbox',
|
97 |
+
_wpsf__( 'Enable Firewall' ),
|
98 |
+
_wpsf__( 'Enable (or Disable) The WordPress Firewall Feature' ),
|
99 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Firewall feature, or enable your selected Firewall options' )
|
100 |
),
|
101 |
array(
|
102 |
'enable_login_protect',
|
103 |
'',
|
104 |
'Y',
|
105 |
'checkbox',
|
106 |
+
_wpsf__( 'Enable Login Protect' ),
|
107 |
+
_wpsf__( 'Enable (or Disable) The Login Protection Feature' ),
|
108 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Login Protect feature, or enable your selected Login Protect options' )
|
109 |
),
|
110 |
array(
|
111 |
'enable_comments_filter',
|
112 |
'',
|
113 |
'Y',
|
114 |
'checkbox',
|
115 |
+
_wpsf__( 'Enable Comments Filter' ),
|
116 |
+
_wpsf__( 'Enable (or Disable) The Comments Filter Feature' ),
|
117 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Comments Filter feature, or enable your selected Comments Filter options' )
|
118 |
),
|
119 |
array(
|
120 |
'enable_lockdown',
|
121 |
'',
|
122 |
'N',
|
123 |
'checkbox',
|
124 |
+
_wpsf__( 'Enable Lockdown' ),
|
125 |
+
_wpsf__( 'Enable (or Disable) The Lockdown Feature' ),
|
126 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Lockdown feature, or enable your selected Lockdown options' )
|
127 |
),
|
128 |
array(
|
129 |
'enable_autoupdates',
|
130 |
'',
|
131 |
'N',
|
132 |
'checkbox',
|
133 |
+
_wpsf__( 'Enable Auto Updates' ),
|
134 |
+
_wpsf__( 'Enable (or Disable) The Auto Updates Feature' ),
|
135 |
+
_wpsf__( 'Regardless of any other settings, this option will turn off the Auto Updates feature, or enable your selected Auto Updates options' )
|
136 |
),
|
137 |
/*
|
138 |
array(
|
150 |
'',
|
151 |
'Y',
|
152 |
'checkbox',
|
153 |
+
_wpsf__( 'Plugin Upgrade Notice' ),
|
154 |
+
_wpsf__( 'Display A Notice When An Upgrade Is Available' ),
|
155 |
+
_wpsf__( 'Displays a notice at the top of your WordPress admin section when a plugin upgrade is available' )
|
156 |
),
|
157 |
array(
|
158 |
'delete_on_deactivate',
|
159 |
'',
|
160 |
'N',
|
161 |
'checkbox',
|
162 |
+
_wpsf__( 'Delete Plugin Settings' ),
|
163 |
+
_wpsf__( 'Delete All Plugin Settings Upon Plugin Deactivation' ),
|
164 |
+
_wpsf__( 'Careful: Removes all plugin options when you deactivate the plugin' )
|
165 |
)
|
166 |
)
|
167 |
);
|
168 |
|
169 |
$aEmail = array(
|
170 |
+
'section_title' => _wpsf__( 'Email Options' ),
|
171 |
'section_options' => array(
|
172 |
array(
|
173 |
'block_send_email_address',
|
174 |
'',
|
175 |
'',
|
176 |
'email',
|
177 |
+
_wpsf__( 'Report Email' ),
|
178 |
+
_wpsf__( 'Where to send email reports' ),
|
179 |
+
_wpsf__( 'If this is empty, it will default to the blog admin email address' )
|
180 |
),
|
181 |
array(
|
182 |
'send_email_throttle_limit',
|
183 |
'',
|
184 |
'10',
|
185 |
'integer',
|
186 |
+
_wpsf__( 'Email Throttle Limit' ),
|
187 |
+
_wpsf__( 'Limit Emails Per Second' ),
|
188 |
+
_wpsf__( 'You throttle emails sent by this plugin by limiting the number of emails sent every second. This is useful in case you get hit by a bot attack. Zero (0) turns this off. Suggested: 10' )
|
189 |
)
|
190 |
)
|
191 |
);
|
src/icwp-plugins-base.php
CHANGED
@@ -4,17 +4,6 @@ if ( !defined('ICWP_DS') ) {
|
|
4 |
define( 'ICWP_DS', DIRECTORY_SEPARATOR );
|
5 |
}
|
6 |
|
7 |
-
if ( !function_exists( '_hlt_e' ) ) {
|
8 |
-
function _hlt_e( $insStr ) {
|
9 |
-
_e( $insStr, 'hlt-wordpress-bootstrap-css' );
|
10 |
-
}
|
11 |
-
}
|
12 |
-
if ( !function_exists( '_hlt__' ) ) {
|
13 |
-
function _hlt__( $insStr ) {
|
14 |
-
return __( $insStr, 'hlt-wordpress-bootstrap-css' );
|
15 |
-
}
|
16 |
-
}
|
17 |
-
|
18 |
require_once( dirname(__FILE__).'/icwp-wpfunctions.php' );
|
19 |
|
20 |
if ( !class_exists('ICWP_WPSF_Base_Plugin') ):
|
@@ -284,7 +273,7 @@ class ICWP_WPSF_Base_Plugin {
|
|
284 |
*/
|
285 |
public function onWpPluginActionLinks( $inaLinks, $insFile ) {
|
286 |
if ( $insFile == self::$PLUGIN_BASENAME ) {
|
287 |
-
$sSettingsLink = '<a href="'.admin_url( "admin.php" ).'?page='.$this->getFullParentMenuId().'">' .
|
288 |
array_unshift( $inaLinks, $sSettingsLink );
|
289 |
}
|
290 |
return $inaLinks;
|
4 |
define( 'ICWP_DS', DIRECTORY_SEPARATOR );
|
5 |
}
|
6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
7 |
require_once( dirname(__FILE__).'/icwp-wpfunctions.php' );
|
8 |
|
9 |
if ( !class_exists('ICWP_WPSF_Base_Plugin') ):
|
273 |
*/
|
274 |
public function onWpPluginActionLinks( $inaLinks, $insFile ) {
|
275 |
if ( $insFile == self::$PLUGIN_BASENAME ) {
|
276 |
+
$sSettingsLink = '<a href="'.admin_url( "admin.php" ).'?page='.$this->getFullParentMenuId().'">' . _wpsf__( 'Settings', 'worpit' ) . '</a>';
|
277 |
array_unshift( $inaLinks, $sSettingsLink );
|
278 |
}
|
279 |
return $inaLinks;
|
src/icwp-processor-lockdown.php
CHANGED
@@ -35,6 +35,13 @@ class ICWP_LockdownProcessor extends ICWP_BaseProcessor_WPSF {
|
|
35 |
if ( $this->m_aOptions['disable_file_editing'] == 'Y' ) {
|
36 |
add_filter( 'user_has_cap', array( $this, 'disableFileEditing' ), 0, 3 );
|
37 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
38 |
|
39 |
if ( false && $this->m_aOptions['action_reset_auth_salts'] == 'Y' ) {
|
40 |
add_action( 'init', array( $this, 'resetAuthKeysSalts' ), 1 );
|
@@ -56,6 +63,16 @@ class ICWP_LockdownProcessor extends ICWP_BaseProcessor_WPSF {
|
|
56 |
return $inaAllCaps;
|
57 |
}
|
58 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
59 |
/**
|
60 |
*
|
61 |
*/
|
35 |
if ( $this->m_aOptions['disable_file_editing'] == 'Y' ) {
|
36 |
add_filter( 'user_has_cap', array( $this, 'disableFileEditing' ), 0, 3 );
|
37 |
}
|
38 |
+
|
39 |
+
if ( !empty( $this->m_aOptions['mask_wordpress_version'] ) ) {
|
40 |
+
global $wp_version;
|
41 |
+
$wp_version = $this->m_aOptions['mask_wordpress_version'];
|
42 |
+
// add_filter( 'bloginfo', array( $this, 'maskWordpressVersion' ), 1, 2 );
|
43 |
+
// add_filter( 'bloginfo_url', array( $this, 'maskWordpressVersion' ), 1, 2 );
|
44 |
+
}
|
45 |
|
46 |
if ( false && $this->m_aOptions['action_reset_auth_salts'] == 'Y' ) {
|
47 |
add_action( 'init', array( $this, 'resetAuthKeysSalts' ), 1 );
|
63 |
return $inaAllCaps;
|
64 |
}
|
65 |
|
66 |
+
/**
|
67 |
+
* @return array
|
68 |
+
*/
|
69 |
+
public function maskWordpressVersion( $insOutput, $insShow ) {
|
70 |
+
// if ( $insShow === 'version' ) {
|
71 |
+
// $insOutput = $this->m_aOptions['mask_wordpress_version'];
|
72 |
+
// }
|
73 |
+
// return $insOutput;
|
74 |
+
}
|
75 |
+
|
76 |
/**
|
77 |
*
|
78 |
*/
|
views/icwp_options_helper.php
CHANGED
@@ -5,11 +5,12 @@ function printOptionsPageHeader( $insSection = '' ) {
|
|
5 |
echo '<div class="page-header">';
|
6 |
echo '<a href="http://icwp.io/2k" target="_blank"><div class="icon32" id="icontrolwp-icon"><br /></div></a>';
|
7 |
echo '<h2>';
|
|
|
8 |
if ( !empty($insSection) ) {
|
9 |
-
echo sprintf(
|
10 |
}
|
11 |
else {
|
12 |
-
echo
|
13 |
}
|
14 |
echo '</h2></div>';
|
15 |
}
|
5 |
echo '<div class="page-header">';
|
6 |
echo '<a href="http://icwp.io/2k" target="_blank"><div class="icon32" id="icontrolwp-icon"><br /></div></a>';
|
7 |
echo '<h2>';
|
8 |
+
$sBaseTitle = sprintf( _wpsf__( 'WordPress Simple Firewall (from %s)' ), $sLinkedIcwp );
|
9 |
if ( !empty($insSection) ) {
|
10 |
+
echo sprintf( '%s :: %s', $insSection, $sBaseTitle );
|
11 |
}
|
12 |
else {
|
13 |
+
echo $sBaseTitle;
|
14 |
}
|
15 |
echo '</h2></div>';
|
16 |
}
|
views/icwp_wpsf_access_key_request_index.php
CHANGED
@@ -9,11 +9,11 @@ $fCommentsFilteringOn = $icwp_aMainOptions['enable_comments_filter'] == 'Y';
|
|
9 |
|
10 |
<div class="wrap">
|
11 |
<div class="bootstrap-wpadmin">
|
12 |
-
<?php echo printOptionsPageHeader( 'Admin Access Restriction' ); ?>
|
13 |
<div class="row">
|
14 |
<div class="span9">
|
15 |
<?php
|
16 |
-
if ( isset( $_COOKIE[ 'TODOcookie-name' ] ) ) { //the user hasn't created an encryption salt
|
17 |
?>
|
18 |
<div class="alert alert-info">
|
19 |
<p>You are currently authorized to access your cPanel Manager functions with this plugin.</p>
|
@@ -29,25 +29,25 @@ $fCommentsFilteringOn = $icwp_aMainOptions['enable_comments_filter'] == 'Y';
|
|
29 |
else {
|
30 |
?>
|
31 |
<div class="well">
|
32 |
-
<h3
|
33 |
-
<p
|
34 |
</div>
|
35 |
<form action="<?php echo $icwp_form_action; ?>" method="post" class="form-horizontal">
|
36 |
<div class="control-group">
|
37 |
-
<label class="control-label" for="icwp_wpsf_admin_access_key_request"
|
38 |
<div class="controls">
|
39 |
<div class="option_section selected_item active" id="option_section_icwp_wpsf_admin_access_key">
|
40 |
<label>
|
41 |
<input type="text" name="icwp_wpsf_admin_access_key_request" value="" />
|
42 |
</label>
|
43 |
-
<p class="help-block"
|
44 |
</div>
|
45 |
</div><!-- controls -->
|
46 |
</div>
|
47 |
<div class="form-actions">
|
48 |
<?php wp_nonce_field( $icwp_nonce_field ); ?>
|
49 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
50 |
-
<button type="submit" class="btn btn-primary" name="submit"><?php
|
51 |
</div>
|
52 |
</form>
|
53 |
<?php
|
9 |
|
10 |
<div class="wrap">
|
11 |
<div class="bootstrap-wpadmin">
|
12 |
+
<?php echo printOptionsPageHeader( _wpsf__('Admin Access Restriction') ); ?>
|
13 |
<div class="row">
|
14 |
<div class="span9">
|
15 |
<?php
|
16 |
+
if ( false && isset( $_COOKIE[ 'TODOcookie-name' ] ) ) { //the user hasn't created an encryption salt
|
17 |
?>
|
18 |
<div class="alert alert-info">
|
19 |
<p>You are currently authorized to access your cPanel Manager functions with this plugin.</p>
|
29 |
else {
|
30 |
?>
|
31 |
<div class="well">
|
32 |
+
<h3><?php _wpsf_e( 'What should you enter here?');?></h3>
|
33 |
+
<p><?php _wpsf_e( 'At some point you supplied an Admin Access Key - to manage this plugin, you must supply it here first.');?>.</p>
|
34 |
</div>
|
35 |
<form action="<?php echo $icwp_form_action; ?>" method="post" class="form-horizontal">
|
36 |
<div class="control-group">
|
37 |
+
<label class="control-label" for="icwp_wpsf_admin_access_key_request"><?php _wpsf_e( 'Enter Access Key');?><br></label>
|
38 |
<div class="controls">
|
39 |
<div class="option_section selected_item active" id="option_section_icwp_wpsf_admin_access_key">
|
40 |
<label>
|
41 |
<input type="text" name="icwp_wpsf_admin_access_key_request" value="" />
|
42 |
</label>
|
43 |
+
<p class="help-block"><?php _wpsf_e( 'To manage this plugin you must enter the access key.');?></p>
|
44 |
</div>
|
45 |
</div><!-- controls -->
|
46 |
</div>
|
47 |
<div class="form-actions">
|
48 |
<?php wp_nonce_field( $icwp_nonce_field ); ?>
|
49 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
50 |
+
<button type="submit" class="btn btn-primary" name="submit"><?php _wpsf_e( 'Submit Key' ); ?></button>
|
51 |
</div>
|
52 |
</form>
|
53 |
<?php
|
views/icwp_wpsf_config_autoupdates_index.php
CHANGED
@@ -4,7 +4,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
-
<?php echo printOptionsPageHeader( 'Auto WordPress Updates' ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
@@ -17,7 +17,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
-
<button type="submit" class="btn btn-primary" name="submit"><?php
|
21 |
</div>
|
22 |
</form>
|
23 |
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
+
<?php echo printOptionsPageHeader( _wpsf__('Auto WordPress Updates') ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
+
<button type="submit" class="btn btn-primary" name="submit"><?php _wpsf_e( 'Save All Settings' ); ?></button>
|
21 |
</div>
|
22 |
</form>
|
23 |
|
views/icwp_wpsf_config_comments_filter_index.php
CHANGED
@@ -4,7 +4,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
-
<?php echo printOptionsPageHeader( 'Comments (SPAM) Filter' ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
@@ -17,7 +17,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
-
<button type="submit" class="btn btn-primary" name="submit"><?php
|
21 |
</div>
|
22 |
</form>
|
23 |
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
+
<?php echo printOptionsPageHeader( _wpsf__('Comments (SPAM) Filter') ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
+
<button type="submit" class="btn btn-primary" name="submit"><?php _wpsf_e( 'Save All Settings' ); ?></button>
|
21 |
</div>
|
22 |
</form>
|
23 |
|
views/icwp_wpsf_config_firewall_index.php
CHANGED
@@ -4,11 +4,11 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
-
<?php echo printOptionsPageHeader( 'Firewall' ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
11 |
-
|
12 |
<form action="<?php echo $icwp_form_action; ?>" method="post" class="form-horizontal">
|
13 |
<?php
|
14 |
wp_nonce_field( $icwp_nonce_field );
|
@@ -17,9 +17,9 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
-
<button type="submit" class="btn btn-primary" name="submit"><?php
|
21 |
<?php if ( get_option ('WP_firewall_redirect_page') ) :?>
|
22 |
-
<button type="submit" class="btn btn-warning" name="import-wpf2-submit"><?php
|
23 |
<?php endif; ?>
|
24 |
</div>
|
25 |
</form>
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
+
<?php echo printOptionsPageHeader( _wpsf__('Firewall') ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
11 |
+
|
12 |
<form action="<?php echo $icwp_form_action; ?>" method="post" class="form-horizontal">
|
13 |
<?php
|
14 |
wp_nonce_field( $icwp_nonce_field );
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
+
<button type="submit" class="btn btn-primary" name="submit"><?php _wpsf_e( 'Save All Settings' ); ?></button>
|
21 |
<?php if ( get_option ('WP_firewall_redirect_page') ) :?>
|
22 |
+
<button type="submit" class="btn btn-warning" name="import-wpf2-submit"><?php _wpsf_e( 'Import From WordPress Firewall 2' ); ?></button>
|
23 |
<?php endif; ?>
|
24 |
</div>
|
25 |
</form>
|
views/icwp_wpsf_config_lockdown_index.php
CHANGED
@@ -4,7 +4,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
-
<?php echo printOptionsPageHeader( 'Lockdown' ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
@@ -17,7 +17,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
-
<button type="submit" class="btn btn-primary" name="submit"><?php
|
21 |
</div>
|
22 |
</form>
|
23 |
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
+
<?php echo printOptionsPageHeader( _wpsf__('Lockdown') ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
+
<button type="submit" class="btn btn-primary" name="submit"><?php _wpsf_e( 'Save All Settings' ); ?></button>
|
21 |
</div>
|
22 |
</form>
|
23 |
|
views/icwp_wpsf_config_login_protect_index.php
CHANGED
@@ -4,7 +4,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
-
<?php echo printOptionsPageHeader( 'Login Protection' ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
@@ -17,7 +17,7 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
-
<button type="submit" class="btn btn-primary" name="submit"><?php
|
21 |
</div>
|
22 |
</form>
|
23 |
|
4 |
?>
|
5 |
<div class="wrap">
|
6 |
<div class="bootstrap-wpadmin">
|
7 |
+
<?php echo printOptionsPageHeader( _wpsf__('Login Protection') ); ?>
|
8 |
|
9 |
<div class="row">
|
10 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
17 |
<div class="form-actions">
|
18 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
19 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
20 |
+
<button type="submit" class="btn btn-primary" name="submit"><?php _wpsf_e( 'Save All Settings' ); ?></button>
|
21 |
</div>
|
22 |
</form>
|
23 |
|
views/icwp_wpsf_firewall_log_index.php
CHANGED
@@ -4,9 +4,9 @@ include_once( dirname(__FILE__).ICWP_DS.'widgets'.ICWP_DS.'icwp_widgets.php' );
|
|
4 |
$sPluginName = 'WordPress Simple Firewall';
|
5 |
|
6 |
$aLogTypes = array(
|
7 |
-
0 => 'Info',
|
8 |
-
1 => 'Warning',
|
9 |
-
2 => 'Critical'
|
10 |
);
|
11 |
?>
|
12 |
<style>
|
@@ -38,7 +38,7 @@ $aLogTypes = array(
|
|
38 |
|
39 |
<div class="wrap">
|
40 |
<div class="bootstrap-wpadmin">
|
41 |
-
<?php echo printOptionsPageHeader( 'Firewall Log' ); ?>
|
42 |
|
43 |
<div class="row">
|
44 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
@@ -48,37 +48,37 @@ $aLogTypes = array(
|
|
48 |
?>
|
49 |
<div class="form-actions">
|
50 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
51 |
-
<button type="submit" class="btn btn-primary" name="clear_log_submit"><?php
|
52 |
</div>
|
53 |
</form>
|
54 |
-
|
55 |
<?php if ( !$icwp_firewall_log ) : ?>
|
56 |
<?php echo 'There are currently no logs to display. If you expect there to be some, use the button above to Clean/Fix them.'; ?>
|
57 |
<?php else : ?>
|
58 |
-
|
59 |
<table class="table table-bordered table-hover table-condensed">
|
60 |
<tr>
|
61 |
-
<th
|
62 |
-
<th
|
63 |
</tr>
|
64 |
<?php foreach( $icwp_firewall_log as $sId => $aLogData ) : ?>
|
65 |
<tr class="row-log-header">
|
66 |
<td>IP: <strong><?php echo $aLogData['ip']; ?></strong></td>
|
67 |
<td colspan="2">
|
68 |
<span class="cell-section section-ip">
|
69 |
-
[ <a href="http://whois.domaintools.com/<?php echo $aLogData['ip']; ?>" target="_blank"
|
70 |
[
|
71 |
<?php if ( in_array( $aLogData['ip_long'], $icwp_ip_blacklist ) ) : ?>
|
72 |
-
<a href="<?php echo $icwp_form_action; ?>&unblackip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"
|
73 |
<?php else: ?>
|
74 |
-
<a href="<?php echo $icwp_form_action; ?>&blackip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"
|
75 |
<?php endif; ?>
|
76 |
]
|
77 |
[
|
78 |
<?php if ( in_array( $aLogData['ip_long'], $icwp_ip_whitelist ) ) : ?>
|
79 |
-
<a href="<?php echo $icwp_form_action; ?>&unwhiteip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"
|
80 |
<?php else: ?>
|
81 |
-
<a href="<?php echo $icwp_form_action; ?>&whiteip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"
|
82 |
<?php endif; ?>
|
83 |
]
|
84 |
</span>
|
4 |
$sPluginName = 'WordPress Simple Firewall';
|
5 |
|
6 |
$aLogTypes = array(
|
7 |
+
0 => _wpsf__('Info'),
|
8 |
+
1 => _wpsf__('Warning'),
|
9 |
+
2 => _wpsf__('Critical')
|
10 |
);
|
11 |
?>
|
12 |
<style>
|
38 |
|
39 |
<div class="wrap">
|
40 |
<div class="bootstrap-wpadmin">
|
41 |
+
<?php echo printOptionsPageHeader( _wpsf__('Firewall Log') ); ?>
|
42 |
|
43 |
<div class="row">
|
44 |
<div class="<?php echo $icwp_fShowAds? 'span9' : 'span12'; ?>">
|
48 |
?>
|
49 |
<div class="form-actions">
|
50 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
51 |
+
<button type="submit" class="btn btn-primary" name="clear_log_submit"><?php _wpsf_e( 'Clear/Fix Log' ); ?></button>
|
52 |
</div>
|
53 |
</form>
|
54 |
+
|
55 |
<?php if ( !$icwp_firewall_log ) : ?>
|
56 |
<?php echo 'There are currently no logs to display. If you expect there to be some, use the button above to Clean/Fix them.'; ?>
|
57 |
<?php else : ?>
|
58 |
+
|
59 |
<table class="table table-bordered table-hover table-condensed">
|
60 |
<tr>
|
61 |
+
<th><?php _wpsf_e('Message Type'); ?></th>
|
62 |
+
<th><?php _wpsf_e('Message'); ?></th>
|
63 |
</tr>
|
64 |
<?php foreach( $icwp_firewall_log as $sId => $aLogData ) : ?>
|
65 |
<tr class="row-log-header">
|
66 |
<td>IP: <strong><?php echo $aLogData['ip']; ?></strong></td>
|
67 |
<td colspan="2">
|
68 |
<span class="cell-section section-ip">
|
69 |
+
[ <a href="http://whois.domaintools.com/<?php echo $aLogData['ip']; ?>" target="_blank"><?php _wpsf_e('IPWHOIS Lookup');?></a> ]
|
70 |
[
|
71 |
<?php if ( in_array( $aLogData['ip_long'], $icwp_ip_blacklist ) ) : ?>
|
72 |
+
<a href="<?php echo $icwp_form_action; ?>&unblackip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"><?php _wpsf_e('Remove From Firewall Blacklist');?></a>
|
73 |
<?php else: ?>
|
74 |
+
<a href="<?php echo $icwp_form_action; ?>&blackip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"><?php _wpsf_e('Add To Firewall Blacklist');?></a>
|
75 |
<?php endif; ?>
|
76 |
]
|
77 |
[
|
78 |
<?php if ( in_array( $aLogData['ip_long'], $icwp_ip_whitelist ) ) : ?>
|
79 |
+
<a href="<?php echo $icwp_form_action; ?>&unwhiteip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"><?php _wpsf_e('Remove From Firewall Whitelist');?></a>
|
80 |
<?php else: ?>
|
81 |
+
<a href="<?php echo $icwp_form_action; ?>&whiteip=<?php echo $aLogData['ip']; ?>&_wpnonce=<?php echo wp_create_nonce($icwp_nonce_field); ?>&icwp_link_action=1"><?php _wpsf_e('Add To Firewall Whitelist');?></a>
|
82 |
<?php endif; ?>
|
83 |
]
|
84 |
</span>
|
views/icwp_wpsf_index.php
CHANGED
@@ -6,6 +6,11 @@ $fFirewallOn = $icwp_aMainOptions['enable_firewall'] == 'Y';
|
|
6 |
$fLoginProtectOn = $icwp_aMainOptions['enable_login_protect'] == 'Y';
|
7 |
$fCommentsFilteringOn = $icwp_aMainOptions['enable_comments_filter'] == 'Y';
|
8 |
$fLockdownOn = $icwp_aMainOptions['enable_lockdown'] == 'Y';
|
|
|
|
|
|
|
|
|
|
|
9 |
?>
|
10 |
|
11 |
<div class="wrap">
|
@@ -25,7 +30,7 @@ $fLockdownOn = $icwp_aMainOptions['enable_lockdown'] == 'Y';
|
|
25 |
<div class="form-actions">
|
26 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
27 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
28 |
-
<button type="submit" class="btn btn-primary" name="submit"><?php
|
29 |
</div>
|
30 |
</form>
|
31 |
|
@@ -54,113 +59,148 @@ $fLockdownOn = $icwp_aMainOptions['enable_lockdown'] == 'Y';
|
|
54 |
<?php endif; ?>
|
55 |
|
56 |
<div class="row" id="tbs_docs">
|
57 |
-
<h2
|
58 |
<div class="span6" id="tbs_docs_shortcodes">
|
59 |
<div class="well">
|
60 |
-
<
|
61 |
-
|
62 |
-
<
|
63 |
-
[ <a href="admin.php?page=icwp-wpsf-firewall">Configure Now</a> ]</h4>
|
64 |
<?php if ( $fFirewallOn ) : ?>
|
65 |
<ul>
|
66 |
-
<li
|
67 |
-
<li
|
68 |
<?php
|
69 |
if( $icwp_aFirewallOptions['block_response'] == 'redirect_die' ) {
|
70 |
-
|
71 |
}
|
72 |
else if ( $icwp_aFirewallOptions['block_response'] == 'redirect_die_message' ) {
|
73 |
-
|
74 |
}
|
75 |
else if ( $icwp_aFirewallOptions['block_response'] == 'redirect_home' ) {
|
76 |
-
|
77 |
}
|
78 |
else if ( $icwp_aFirewallOptions['block_response'] == 'redirect_404' ) {
|
79 |
-
|
80 |
}
|
81 |
else {
|
82 |
-
|
83 |
}
|
84 |
?>
|
85 |
</li>
|
86 |
<?php if ( isset($icwp_aFirewallOptions['ips_whitelist']['ips']) ) : ?>
|
87 |
-
<li>
|
|
|
88 |
<?php foreach( $icwp_aFirewallOptions['ips_whitelist']['ips'] as $sIp ) : ?>
|
89 |
-
|
|
|
90 |
<?php endforeach; ?>
|
91 |
</li>
|
92 |
<?php endif; ?>
|
93 |
-
|
94 |
<?php if ( isset($icwp_aFirewallOptions['ips_blacklist']['ips']) ) : ?>
|
95 |
-
<li>
|
|
|
96 |
<?php foreach( $icwp_aFirewallOptions['ips_blacklist']['ips'] as $sIp ) : ?>
|
97 |
-
|
|
|
98 |
<?php endforeach; ?>
|
99 |
</li>
|
100 |
<?php endif; ?>
|
101 |
-
|
102 |
-
<li
|
103 |
-
<li
|
104 |
-
<li
|
105 |
-
<li
|
106 |
-
<li
|
107 |
-
<li
|
|
|
|
|
108 |
</ul>
|
109 |
<?php endif; ?>
|
110 |
-
|
111 |
-
<h4 style="margin-top:20px;">
|
112 |
-
|
|
|
113 |
<?php if ( $fLoginProtectOn ) : ?>
|
114 |
<ul>
|
115 |
<?php if ( isset($icwp_aLoginProtectOptions['ips_whitelist']['ips']) ) : ?>
|
116 |
-
<li>
|
|
|
117 |
<?php foreach( $icwp_aLoginProtectOptions['ips_whitelist']['ips'] as $sIp ) : ?>
|
118 |
-
|
|
|
119 |
<?php endforeach; ?>
|
120 |
</li>
|
121 |
<?php endif; ?>
|
122 |
-
<li
|
123 |
-
<li
|
124 |
-
<li
|
125 |
-
<li
|
126 |
-
<li
|
127 |
</ul>
|
128 |
<?php endif; ?>
|
129 |
-
|
130 |
-
<h4 style="margin-top:20px;">
|
131 |
-
|
|
|
132 |
<?php if ( $fCommentsFilteringOn ) : ?>
|
133 |
<ul>
|
134 |
-
<li
|
135 |
-
<li
|
136 |
-
<li
|
137 |
</ul>
|
138 |
<?php endif; ?>
|
139 |
-
|
140 |
-
<h4 style="margin-top:20px;">
|
141 |
-
|
|
|
142 |
<?php if ( $fLockdownOn ) : ?>
|
143 |
<ul>
|
144 |
-
<li
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
145 |
</ul>
|
146 |
<?php endif; ?>
|
147 |
</div>
|
148 |
</div><!-- / span6 -->
|
149 |
<div class="span6" id="tbs_docs_examples">
|
150 |
<div class="well">
|
151 |
-
<h3
|
152 |
-
<p
|
153 |
-
<p
|
154 |
<?php
|
155 |
$aNewLog = array(
|
156 |
-
'ADDED:
|
157 |
-
'ADDED:
|
158 |
-
'FIXED: Several small bugs and streamlined codebase.',
|
159 |
);
|
160 |
?>
|
161 |
<ul>
|
162 |
<?php foreach( $aNewLog as $sItem ) : ?>
|
163 |
-
<li><span class="label"
|
164 |
<?php endforeach; ?>
|
165 |
</ul>
|
166 |
<?php
|
@@ -172,10 +212,16 @@ $fLockdownOn = $icwp_aMainOptions['enable_lockdown'] == 'Y';
|
|
172 |
<li><?php echo $sItem; ?></li>
|
173 |
<?php endforeach; ?>
|
174 |
</ul>
|
175 |
-
|
|
|
176 |
<?php
|
177 |
$aLog = array(
|
178 |
|
|
|
|
|
|
|
|
|
|
|
179 |
'1.8.x' => array(
|
180 |
'ADDED: Admin Access Key Restriction feature.',
|
181 |
'ADDED: WordPress Lockdown feature.'
|
@@ -202,14 +248,14 @@ $fLockdownOn = $icwp_aMainOptions['enable_lockdown'] == 'Y';
|
|
202 |
'Huge improvements on database calls and efficiency in loading plugin options'
|
203 |
),
|
204 |
'1.3.x' => array(
|
205 |
-
|
206 |
-
|
207 |
-
|
208 |
-
|
209 |
-
|
210 |
-
|
211 |
-
|
212 |
-
|
213 |
),
|
214 |
|
215 |
'1.2.x' => array(
|
@@ -242,7 +288,7 @@ $fLockdownOn = $icwp_aMainOptions['enable_lockdown'] == 'Y';
|
|
242 |
);
|
243 |
?>
|
244 |
<?php foreach( $aLog as $sVersion => $aItems ) : ?>
|
245 |
-
<h3
|
246 |
<ul>
|
247 |
<?php foreach( $aItems as $sItem ) : ?>
|
248 |
<li><?php echo $sItem; ?></li>
|
6 |
$fLoginProtectOn = $icwp_aMainOptions['enable_login_protect'] == 'Y';
|
7 |
$fCommentsFilteringOn = $icwp_aMainOptions['enable_comments_filter'] == 'Y';
|
8 |
$fLockdownOn = $icwp_aMainOptions['enable_lockdown'] == 'Y';
|
9 |
+
$fAutoUpdatesOn = $icwp_aMainOptions['enable_autoupdates'] == 'Y';
|
10 |
+
|
11 |
+
$sLatestVersionBranch = '2.0.x';
|
12 |
+
$sOn = _wpsf__( 'On' );
|
13 |
+
$sOff = _wpsf__( 'Off' );
|
14 |
?>
|
15 |
|
16 |
<div class="wrap">
|
30 |
<div class="form-actions">
|
31 |
<input type="hidden" name="<?php echo $icwp_var_prefix; ?>all_options_input" value="<?php echo $icwp_all_options_input; ?>" />
|
32 |
<input type="hidden" name="icwp_plugin_form_submit" value="Y" />
|
33 |
+
<button type="submit" class="btn btn-primary" name="submit"><?php _wpsf_e( 'Save All Settings' ); ?></button>
|
34 |
</div>
|
35 |
</form>
|
36 |
|
59 |
<?php endif; ?>
|
60 |
|
61 |
<div class="row" id="tbs_docs">
|
62 |
+
<h2><?php _wpsf_e( 'Plugin Configuration Summary'); ?></h2>
|
63 |
<div class="span6" id="tbs_docs_shortcodes">
|
64 |
<div class="well">
|
65 |
+
<h4 style="margin-top:20px;">
|
66 |
+
<?php printf( _wpsf__('Firewall is %s'), $fFirewallOn ? $sOn : $sOff ); ?>
|
67 |
+
[ <a href="admin.php?page=icwp-wpsf-firewall"><?php _wpsf_e('Configure Now'); ?></a> ]</h4>
|
|
|
68 |
<?php if ( $fFirewallOn ) : ?>
|
69 |
<ul>
|
70 |
+
<li><?php printf( _wpsf__('Firewall logging is %s'), ($icwp_aFirewallOptions['enable_firewall_log'] == 'Y') ? $sOn : $sOff ); ?></li>
|
71 |
+
<li><?php _wpsf_e( 'When the firewall blocks a visit, it will:'); ?>
|
72 |
<?php
|
73 |
if( $icwp_aFirewallOptions['block_response'] == 'redirect_die' ) {
|
74 |
+
_wpsf_e( 'Die' );
|
75 |
}
|
76 |
else if ( $icwp_aFirewallOptions['block_response'] == 'redirect_die_message' ) {
|
77 |
+
_wpsf_e( 'Die with a message' );
|
78 |
}
|
79 |
else if ( $icwp_aFirewallOptions['block_response'] == 'redirect_home' ) {
|
80 |
+
_wpsf_e( 'Redirect to home page' );
|
81 |
}
|
82 |
else if ( $icwp_aFirewallOptions['block_response'] == 'redirect_404' ) {
|
83 |
+
_wpsf_e( 'Redirect to 404 page' );
|
84 |
}
|
85 |
else {
|
86 |
+
_wpsf_e( 'Unknown' );
|
87 |
}
|
88 |
?>
|
89 |
</li>
|
90 |
<?php if ( isset($icwp_aFirewallOptions['ips_whitelist']['ips']) ) : ?>
|
91 |
+
<li>
|
92 |
+
<?php printf( _wpsf__('You have %s whitelisted IP addresses'), count( $icwp_aFirewallOptions['ips_whitelist']['ips'] ) ); ?>
|
93 |
<?php foreach( $icwp_aFirewallOptions['ips_whitelist']['ips'] as $sIp ) : ?>
|
94 |
+
<br />
|
95 |
+
<?php printf( _wpsf__('%s labelled as %s'), long2ip($sIp), $icwp_aFirewallOptions['ips_whitelist']['meta'][md5( $sIp )] ); ?>
|
96 |
<?php endforeach; ?>
|
97 |
</li>
|
98 |
<?php endif; ?>
|
99 |
+
|
100 |
<?php if ( isset($icwp_aFirewallOptions['ips_blacklist']['ips']) ) : ?>
|
101 |
+
<li>
|
102 |
+
<?php printf( _wpsf__('You have %s blacklisted IP addresses'), count( $icwp_aFirewallOptions['ips_blacklist']['ips'] ) ); ?>
|
103 |
<?php foreach( $icwp_aFirewallOptions['ips_blacklist']['ips'] as $sIp ) : ?>
|
104 |
+
<br />
|
105 |
+
<?php printf( _wpsf__('%s labelled as %s'), long2ip($sIp), $icwp_aFirewallOptions['ips_blacklist']['meta'][md5( $sIp )] ); ?>
|
106 |
<?php endforeach; ?>
|
107 |
</li>
|
108 |
<?php endif; ?>
|
109 |
+
|
110 |
+
<li><?php printf( _wpsf__('Firewall blocks Directory Traversals: %s'), ($icwp_aFirewallOptions['block_dir_traversal'] == 'Y')? $sOn : $sOff ); ?></li>
|
111 |
+
<li><?php printf( _wpsf__('Firewall blocks SQL Queries: %s'), ($icwp_aFirewallOptions['block_sql_queries'] == 'Y')? $sOn : $sOff ); ?></li>
|
112 |
+
<li><?php printf( _wpsf__('Firewall blocks WordPress Specific Terms: %s'), ($icwp_aFirewallOptions['block_wordpress_terms'] == 'Y')? $sOn : $sOff ); ?></li>
|
113 |
+
<li><?php printf( _wpsf__('Firewall blocks Field Truncation Attacks: %s'), ($icwp_aFirewallOptions['block_field_truncation'] == 'Y')? $sOn : $sOff ); ?></li>
|
114 |
+
<li><?php printf( _wpsf__('Firewall blocks Directory Traversals: %s'), ($icwp_aFirewallOptions['block_dir_traversal'] == 'Y')? $sOn : $sOff ); ?></li>
|
115 |
+
<li><?php printf( _wpsf__('Firewall blocks Executable File Uploads: %s'), ($icwp_aFirewallOptions['block_exe_file_uploads'] == 'Y')? $sOn : $sOff ); ?></li>
|
116 |
+
<li><?php printf( _wpsf__('Firewall blocks Leading Schemas (HTTPS / HTTP): %s'), ($icwp_aFirewallOptions['block_leading_schema'] == 'Y')? $sOn : $sOff ); ?></li>
|
117 |
+
<li><?php printf( _wpsf__('Firewall Logging is %s'), ($icwp_aFirewallOptions['enable_firewall_log'] == 'Y')? $sOn : $sOff ); ?></li>
|
118 |
</ul>
|
119 |
<?php endif; ?>
|
120 |
+
<hr/>
|
121 |
+
<h4 style="margin-top:20px;">
|
122 |
+
<?php printf( _wpsf__('Login Protection is %s'), $fLoginProtectOn ? $sOn : $sOff ); ?>
|
123 |
+
[ <a href="admin.php?page=icwp-wpsf-login_protect"><?php _wpsf_e('Configure Now'); ?></a> ]</h4>
|
124 |
<?php if ( $fLoginProtectOn ) : ?>
|
125 |
<ul>
|
126 |
<?php if ( isset($icwp_aLoginProtectOptions['ips_whitelist']['ips']) ) : ?>
|
127 |
+
<li>
|
128 |
+
<?php printf( _wpsf__('You have %s whitelisted IP addresses'), count( $icwp_aLoginProtectOptions['ips_whitelist']['ips'] ) ); ?>
|
129 |
<?php foreach( $icwp_aLoginProtectOptions['ips_whitelist']['ips'] as $sIp ) : ?>
|
130 |
+
<br />
|
131 |
+
<?php printf( _wpsf__('%s labelled as %s'), long2ip($sIp), $icwp_aLoginProtectOptions['ips_whitelist']['meta'][md5( $sIp )] ); ?>
|
132 |
<?php endforeach; ?>
|
133 |
</li>
|
134 |
<?php endif; ?>
|
135 |
+
<li><?php printf( _wpsf__('Two Factor Login Authentication: %s'), ($icwp_aLoginProtectOptions['enable_two_factor_auth_by_ip'] == 'Y')? $sOn : $sOff ); ?></li>
|
136 |
+
<li><?php printf( _wpsf__('Two Factor Login By Pass: %s'), ($icwp_aLoginProtectOptions['enable_two_factor_bypass_on_email_fail'] == 'Y')? $sOn : $sOff ); ?></li>
|
137 |
+
<li><?php printf( _wpsf__('Login Cooldown Interval: %s'), ($icwp_aLoginProtectOptions['login_limit_interval'] == '0')? $sOff : sprintf( _wpsf__('%s seconds'), $icwp_aLoginProtectOptions['login_limit_interval'] ) ); ?></li>
|
138 |
+
<li><?php printf( _wpsf__('Login Form GASP Protection: %s'), ($icwp_aLoginProtectOptions['enable_login_gasp_check'] == 'Y')? $sOn : $sOff ); ?></li>
|
139 |
+
<li><?php printf( _wpsf__('Login Protect Logging: %s'), ($icwp_aLoginProtectOptions['enable_login_protect_log'] == 'Y')? $sOn : $sOff ); ?></li>
|
140 |
</ul>
|
141 |
<?php endif; ?>
|
142 |
+
<hr/>
|
143 |
+
<h4 style="margin-top:20px;">
|
144 |
+
<?php printf( _wpsf__('Login Protection is %s'), $fCommentsFilteringOn ? $sOn : $sOff ); ?>
|
145 |
+
[ <a href="admin.php?page=icwp-wpsf-comments_filter"><?php _wpsf_e('Configure Now'); ?></a> ]</h4>
|
146 |
<?php if ( $fCommentsFilteringOn ) : ?>
|
147 |
<ul>
|
148 |
+
<li><?php printf( _wpsf__('Enchanced GASP Protection: %s'), ($icwp_aCommentsFilterOptions['enable_comments_gasp_protection'] == 'Y')? $sOn : $sOff ); ?></li>
|
149 |
+
<li><?php printf( _wpsf__('Comments Cooldown Interval: %s'), ($icwp_aCommentsFilterOptions['comments_cooldown_interval'] == '0')? $sOff : sprintf( _wpsf__('%s seconds'), $icwp_aCommentsFilterOptions['comments_cooldown_interval'] ) ); ?></li>
|
150 |
+
<li><?php printf( _wpsf__('Comments Token Expire: %s'), ($icwp_aCommentsFilterOptions['comments_token_expire_interval'] == '0')? $sOff : sprintf( _wpsf__('%s seconds'), $icwp_aCommentsFilterOptions['comments_token_expire_interval'] ) ); ?></li>
|
151 |
</ul>
|
152 |
<?php endif; ?>
|
153 |
+
<hr/>
|
154 |
+
<h4 style="margin-top:20px;">
|
155 |
+
<?php printf( _wpsf__('WordPress Lockdown is %s'), $fLockdownOn ? $sOn : $sOff ); ?>
|
156 |
+
[ <a href="admin.php?page=icwp-wpsf-lockdown"><?php _wpsf_e('Configure Now'); ?></a> ]</h4>
|
157 |
<?php if ( $fLockdownOn ) : ?>
|
158 |
<ul>
|
159 |
+
<li><?php printf( _wpsf__('Disable File Editing: %s'), ($icwp_aLockdownOptions['disable_file_editing'] == 'Y')? $sOn : $sOff ); ?></li>
|
160 |
+
<li><?php printf( _wpsf__('Mask WordPress Version: %s'), empty($icwp_aLockdownOptions['mask_wordpress_version'])? $sOff : $icwp_aLockdownOptions['mask_wordpress_version'] ); ?></li>
|
161 |
+
</ul>
|
162 |
+
<?php endif; ?>
|
163 |
+
<hr/>
|
164 |
+
<h4 style="margin-top:20px;">
|
165 |
+
<?php printf( _wpsf__('Auto Updates is %s'), $fAutoUpdatesOn ? $sOn : $sOff ); ?>
|
166 |
+
[ <a href="admin.php?page=icwp-wpsf-autoupdates"><?php _wpsf_e('Configure Now'); ?></a> ]</h4>
|
167 |
+
<?php if ( $fAutoUpdatesOn ) :
|
168 |
+
|
169 |
+
if ( $icwp_aAutoUpdatesOptions['autoupdate_core'] == 'core_never' ) {
|
170 |
+
$sAutoCoreUpdateOption = $sOff;
|
171 |
+
}
|
172 |
+
else if ( $icwp_aAutoUpdatesOptions['autoupdate_core'] == 'core_minor' ) {
|
173 |
+
$sAutoCoreUpdateOption = _wpsf__('Minor Versions Only');
|
174 |
+
}
|
175 |
+
else {
|
176 |
+
$sAutoCoreUpdateOption = _wpsf__('Major and Minor Versions');
|
177 |
+
}
|
178 |
+
?>
|
179 |
+
<ul>
|
180 |
+
<li><?php printf( _wpsf__('Automatically Update WordPress Simple Firewall Plugin: %s'), ($icwp_aAutoUpdatesOptions['autoupdate_plugin_wpsf'] == 'Y')? $sOn : $sOff ); ?></li>
|
181 |
+
<li><?php printf( _wpsf__('Automatically Update WordPress Core: %s'), $sAutoCoreUpdateOption ); ?></li>
|
182 |
+
<li><?php printf( _wpsf__('Automatically Update Plugins: %s'), ($icwp_aAutoUpdatesOptions['enable_autoupdate_plugins'] == 'Y')? $sOn : $sOff ); ?></li>
|
183 |
+
<li><?php printf( _wpsf__('Automatically Update Themes: %s'), ($icwp_aAutoUpdatesOptions['enable_autoupdate_themes'] == 'Y')? $sOn : $sOff ); ?></li>
|
184 |
+
<li><?php printf( _wpsf__('Automatically Update Translations: %s'), ($icwp_aAutoUpdatesOptions['enable_autoupdate_translations'] == 'Y')? $sOn : $sOff ); ?></li>
|
185 |
+
<li><?php printf( _wpsf__('Ignore Version Control Systems: %s'), ($icwp_aAutoUpdatesOptions['enable_autoupdate_ignore_vcs'] == 'Y')? $sOn : $sOff ); ?></li>
|
186 |
</ul>
|
187 |
<?php endif; ?>
|
188 |
</div>
|
189 |
</div><!-- / span6 -->
|
190 |
<div class="span6" id="tbs_docs_examples">
|
191 |
<div class="well">
|
192 |
+
<h3><?php printf( _wpsf__('Release v%s'), $sLatestVersionBranch ) ; ?></h3>
|
193 |
+
<p><?php printf( _wpsf__('The following summarises the main changes to the plugin in the v%s release'), $sLatestVersionBranch ) ; ?></p>
|
194 |
+
<p><?php printf( _wpsf__('%snew%s refers to the absolute latest release.'), '<span class="label">', '</span>' ) ; ?></p>
|
195 |
<?php
|
196 |
$aNewLog = array(
|
197 |
+
'ADDED: Localization capabilities. All we need now are translators.',
|
198 |
+
'ADDED: Option to mask the WordPress version so the real version is never publicly visible.'
|
|
|
199 |
);
|
200 |
?>
|
201 |
<ul>
|
202 |
<?php foreach( $aNewLog as $sItem ) : ?>
|
203 |
+
<li><span class="label"><?php _wpsf_e('new'); ?></span> <?php echo $sItem; ?></li>
|
204 |
<?php endforeach; ?>
|
205 |
</ul>
|
206 |
<?php
|
212 |
<li><?php echo $sItem; ?></li>
|
213 |
<?php endforeach; ?>
|
214 |
</ul>
|
215 |
+
</div>
|
216 |
+
<div class="well">
|
217 |
<?php
|
218 |
$aLog = array(
|
219 |
|
220 |
+
'1.9.x' => array(
|
221 |
+
'ADDED: Block deactivation of plugin if admin access restriction is on.',
|
222 |
+
'ADDED: New feature to manage WordPress Automatic Updates.',
|
223 |
+
'FIXED: Several small bugs and streamlined codebase.',
|
224 |
+
),
|
225 |
'1.8.x' => array(
|
226 |
'ADDED: Admin Access Key Restriction feature.',
|
227 |
'ADDED: WordPress Lockdown feature.'
|
248 |
'Huge improvements on database calls and efficiency in loading plugin options'
|
249 |
),
|
250 |
'1.3.x' => array(
|
251 |
+
"New Feature - Email Throttle. It will prevent you getting bombarded by 1000s of emails in case you're hit by a bot.",
|
252 |
+
"Another Firewall die() option. New option will print a message and uses the wp_die() function instead.",
|
253 |
+
"Option to separately log Login Protect features.",
|
254 |
+
"Refactored and improved the logging system.",
|
255 |
+
"Option to by-pass 2-factor authentication in the case sending the verification email fails.",
|
256 |
+
"Login Protect checking now better logs out users immediately with a redirect.",
|
257 |
+
"We now escape the log data being printed - just in case there's any HTML/JS etc in there we don't want.",
|
258 |
+
"Optimized and cleaned a lot of the option caching code to improve reliability and performance (more to come).",
|
259 |
),
|
260 |
|
261 |
'1.2.x' => array(
|
288 |
);
|
289 |
?>
|
290 |
<?php foreach( $aLog as $sVersion => $aItems ) : ?>
|
291 |
+
<h3><?php printf( _wpsf__('Change log for the v%s release'), $sVersion ); ?></h3>
|
292 |
<ul>
|
293 |
<?php foreach( $aItems as $sItem ) : ?>
|
294 |
<li><?php echo $sItem; ?></li>
|