Version Description
- Enhancement: Prevent access to the login page by using the URL encoded version of wp-login.php
Download this release
Release Info
Developer | tabrisrp |
Plugin | WPS Hide Login |
Version | 1.2.1 |
Comparing to | |
See all releases |
Code changes from version 1.2 to 1.2.1
- readme.txt +4 -1
- wps-hide-login.php +4 -4
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Contributors: tabrisrp, WPServeur
|
|
4 |
Tags: rename, login, wp-login, wp-login.php, custom login url
|
5 |
Requires at least: 4.1
|
6 |
Tested up to: 4.8
|
7 |
-
Stable tag: 1.2
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
@@ -64,6 +64,9 @@ First step is to check your .htaccess file and compare it to a regular one, to s
|
|
64 |
|
65 |
== Changelog ==
|
66 |
|
|
|
|
|
|
|
67 |
= 1.2 =
|
68 |
* Enhancement: Prevent redirection to login URL when accessing /wp-admin/customize.php directly
|
69 |
* Enhancement: Redirect to admin URL when already logged-in and accessing login URL without the action query string
|
4 |
Tags: rename, login, wp-login, wp-login.php, custom login url
|
5 |
Requires at least: 4.1
|
6 |
Tested up to: 4.8
|
7 |
+
Stable tag: 1.2.1
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
64 |
|
65 |
== Changelog ==
|
66 |
|
67 |
+
= 1.2.1 =
|
68 |
+
* Enhancement: Prevent access to the login page by using the URL encoded version of wp-login.php
|
69 |
+
|
70 |
= 1.2 =
|
71 |
* Enhancement: Prevent redirection to login URL when accessing /wp-admin/customize.php directly
|
72 |
* Enhancement: Redirect to admin URL when already logged-in and accessing login URL without the action query string
|
wps-hide-login.php
CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://github.com/Tabrisrp/wps-hide-login
|
|
5 |
Description: Protect your website by changing the login URL and preventing access to wp-login.php page and wp-admin directory while not logged-in
|
6 |
Author: Remy Perona for WPServeur
|
7 |
Author URI: http://profiles.wordpress.org/tabrisrp/
|
8 |
-
Version: 1.2
|
9 |
Text Domain: wps-hide-login
|
10 |
License: GPLv2 or later
|
11 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
@@ -363,7 +363,7 @@ if ( defined( 'ABSPATH' )
|
|
363 |
|
364 |
$request = parse_url( $_SERVER['REQUEST_URI'] );
|
365 |
|
366 |
-
if ( ( strpos( $_SERVER['REQUEST_URI'], 'wp-login.php' ) !== false
|
367 |
|| untrailingslashit( $request['path'] ) === site_url( 'wp-login', 'relative' ) )
|
368 |
&& ! is_admin() ) {
|
369 |
|
@@ -427,8 +427,8 @@ if ( defined( 'ABSPATH' )
|
|
427 |
|| $result->get_error_code() === 'blog_taken' ) ) {
|
428 |
|
429 |
wp_safe_redirect( $this->new_login_url()
|
430 |
-
|
431 |
-
|
432 |
die;
|
433 |
|
434 |
}
|
5 |
Description: Protect your website by changing the login URL and preventing access to wp-login.php page and wp-admin directory while not logged-in
|
6 |
Author: Remy Perona for WPServeur
|
7 |
Author URI: http://profiles.wordpress.org/tabrisrp/
|
8 |
+
Version: 1.2.1
|
9 |
Text Domain: wps-hide-login
|
10 |
License: GPLv2 or later
|
11 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
363 |
|
364 |
$request = parse_url( $_SERVER['REQUEST_URI'] );
|
365 |
|
366 |
+
if ( ( strpos( rawurldecode( $_SERVER['REQUEST_URI'] ), 'wp-login.php' ) !== false
|
367 |
|| untrailingslashit( $request['path'] ) === site_url( 'wp-login', 'relative' ) )
|
368 |
&& ! is_admin() ) {
|
369 |
|
427 |
|| $result->get_error_code() === 'blog_taken' ) ) {
|
428 |
|
429 |
wp_safe_redirect( $this->new_login_url()
|
430 |
+
. ( ! empty( $_SERVER['QUERY_STRING'] ) ? '?' . $_SERVER['QUERY_STRING'] : '' ) );
|
431 |
+
|
432 |
die;
|
433 |
|
434 |
}
|