th.guenther/kompass
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Moved Hide Login to WPS Hide Login

Browse Source 
Moved IP restrictions to Protect Login
This commit is contained in:
Thomas Günther
2024-10-31 12:35:46 +01:00
parent 4c95333c05
commit 3983108048
12 changed files with 22 additions and 788 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
modules/security/classes/Security.class.php
View File

@ -11,7 +11,6 @@ class Security
public const delete_plugins = [
'akismet/akismet.php',
'hello.php',
'wps-hide-login/wps-hide-login.php',
'limit-login-attempts-reloaded'
];
@ -23,10 +22,6 @@ class Security
self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
}
}
$loginUrl = get_option('kompass_sec_rewrite_login', null);
if (null == $loginUrl) {
$loginUrl = get_option('whl_page', null) ?? 'bdp-login';
}
enable_option_disable_xmlrpc();
enable_option_block_authorscan();
@ -38,7 +33,7 @@ class Security
enable_option_prohibit_bot_access();
enable_option_block_directory_listing();
self::resetLimitLoginAttempts();
delete_option('whl_page');
}
@ -83,26 +78,20 @@ class Security
global $wp;
add_action('template_redirect', [Security::class, 'protectAuthorScan']);
if (null !== is_login_rewritten()) {
if (str_contains($_SERVER['REQUEST_URI'], 'wp-login.php?action=logout')) {
return;
}
Security::protectLoginSecurity();
}
Security::protectLoginSecurity();
}
public static function protectLoginSecurity() {
$hideLogin = is_login_rewritten();
if (null === $hideLogin) {
return;
}
update_option('whl_page', get_option(get_option('kompass_sec_rewrite_login', null)));
delete_option('kompass_sec_rewrite_login');
kompass_install_plugin( 'https://downloads.wordpress.org/plugin/wps-hide-login.1.9.17.1.zip', 'wps-hide-login' );
if ( str_contains( $_SERVER['REQUEST_URI'], 'wp-login.php' ) && ! isset( $_POST['redirect_to'] ) && $_POST['redirect_to'] !== 'interner-bereich' ) {
if ( str_contains( $_SERVER['REQUEST_URI'], 'wp-login.php' ) && ! isset( $_POST['redirect_to'] ) && $_POST['redirect_to'] !== 'interner-bereich' ) {
wp_redirect( home_url() );
die();
}