'General Settings', 'tab2' => '.htaccess File', 'tab3' => 'wp-config.php File', 'tab4' => 'WP Meta Info', ); var $menu_tabs_handler = array( 'tab1' => 'render_tab1', 'tab2' => 'render_tab2', 'tab3' => 'render_tab3', 'tab4' => 'render_tab4', ); function __construct() { $this->render_menu_page(); } function get_current_tab() { $tab_keys = array_keys($this->menu_tabs); $tab = isset( $_GET['tab'] ) ? $_GET['tab'] : $tab_keys[0]; return $tab; } /* * Renders our tabs of this menu as nav items */ function render_menu_tabs() { $current_tab = $this->get_current_tab(); echo '

'; foreach ( $this->menu_tabs as $tab_key => $tab_caption ) { $active = $current_tab == $tab_key ? 'nav-tab-active' : ''; echo '' . $tab_caption . ''; } echo '

'; } /* * The menu rendering goes here */ function render_menu_page() { $tab = $this->get_current_tab(); ?>
render_menu_tabs(); //$tab_keys = array_keys($this->menu_tabs); call_user_func(array(&$this, $this->menu_tabs_handler[$tab])); ?>
debug_logger->log_debug("Nonce check failed on disable all security features!",4); die("Nonce check failed on disable all security features!"); } AIOWPSecurity_Configure_Settings::turn_off_all_security_features(); $this->show_msg_updated(__('All the security features have been disabled successfully!', 'aiowpsecurity')); } //Site lockout feature submission tasks if(isset($_POST['aiowpsec_save_site_lockout'])) { $nonce=$_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-site-lockout')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed on site lockout feature settings save!",4); die("Nonce check failed on site lockout feature settings save!"); } //Save settings if no errors $aio_wp_security->configs->set_value('aiowps_site_lockout',isset($_POST["aiowps_site_lockout"])?'1':''); $aio_wp_security->configs->save_config(); $this->show_msg_updated(__('Site lockout feature settings saved!', 'aiowpsecurity')); } ?>

For information, updates and documentation, please visit the AIO WP Security & Firewall Plugin Page.

Follow us on Twitter, Google+ or via Email to stay upto date about the new security features of this plugin.

">
'.__('If you think that some plugin functionality on your site is broken due to a security feature you enabled in this plugin, then use the following option to turn off all the security features of this plugin.', 'aiowpsecurity').'

'; ?>

'.__('This feature allows you to lockdown the front-end of your site to all visitors except user with super admin privileges.', 'aiowpsecurity').'

'; echo '

'.__('Locking your site down to general visitors can be useful if you are investigating some issues on your site or perhaps you might be doing some maintenance and wish to keep out all traffic for security reasons.', 'aiowpsecurity').'

'; ?>
: configs->get_value('aiowps_site_lockout')=='1') echo ' checked="checked"'; ?> value="1"/>
debug_logger->log_debug("Nonce check failed on htaccess file save!",4); die("Nonce check failed on htaccess file save!"); } $htaccess_path = ABSPATH . '.htaccess'; $result = AIOWPSecurity_Utility_File::backup_a_file($htaccess_path); //Backup the htaccess file if ($result) { if (rename(ABSPATH.'.htaccess.backup', ABSPATH.'htaccess_backup.txt')) { $backup_file_url = AIOWPSEC_WP_URL . '/htaccess_backup.txt'; echo '

'; _e('Your .htaccess file was successfully backed up! Right click on the following file name and save the backup to your computer.','aiowpsecurity'); echo '

'; _e('Your .htaccess File: '); echo ''.$backup_file_url.''; echo '

'; echo '

'; } else { $aio_wp_security->debug_logger->log_debug("htaccess file rename failed during backup!",4); $this->show_msg_error(__('htaccess file rename failed during backup. Please check your root directory for the backup file using FTP.','aiowpsecurity')); } } else { $aio_wp_security->debug_logger->log_debug("htaccess - Backup operation failed!",4); $this->show_msg_error(__('htaccess backup failed.','aiowpsecurity')); } } if(isset($_POST['aiowps_restore_htaccess_button']))//Do form submission tasks { $nonce=$_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-restore-htaccess-nonce')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed on htaccess file restore!",4); die("Nonce check failed on htaccess file restore!"); } if (empty($_POST['aiowps_htaccess_file'])) { $this->show_msg_error(__('Please choose a .htaccess to restore from.', 'aiowpsecurity')); } else { //Let's copy the uploaded .htaccess file into the active root file $new_htaccess_file_path = trim($_POST['aiowps_htaccess_file']); //TODO //Verify that file chosen has contents which are relevant to .htaccess file $is_htaccess = AIOWPSecurity_Utility_Htaccess::check_if_htaccess_contents($new_htaccess_file_path); if ($is_htaccess == 1) { $active_root_htaccess = ABSPATH.'.htaccess'; if (!copy($new_htaccess_file_path, $active_root_htaccess)) { //Failed to make a backup copy $aio_wp_security->debug_logger->log_debug("htaccess - Restore from .htaccess operation failed!",4); $this->show_msg_error(__('htaccess file restore failed. Please attempt to restore the .htaccess manually using FTP.','aiowpsecurity')); } else { $this->show_msg_updated(__('Your .htaccess file has successfully been restored!', 'aiowpsecurity')); } } else { $aio_wp_security->debug_logger->log_debug("htaccess restore failed - Contents of restore file appear invalid!",4); $this->show_msg_error(__('htaccess Restore operation failed! Please check the contents of the file you are trying to restore from.','aiowpsecurity')); } } } ?>

'.__('Your ".htaccess" file is a key component of your website\'s security and it can be modified to implement various levels of protection mechanisms.', 'aiowpsecurity').'
'.__('This feature allows you to backup and save your currently active .htaccess file should you need to re-use the the backed up file in the future.', 'aiowpsecurity').'
'.__('You can also restore your site\'s .htaccess settings using a backed up .htaccess file.', 'aiowpsecurity').'

'; ?>

:

debug_logger->log_debug("Nonce check failed on wp_config file save!",4); die("Nonce check failed on wp_config file save!"); } $wp_config_path = ABSPATH . 'wp-config.php'; $result = AIOWPSecurity_Utility_File::backup_a_file($wp_config_path); //Backup the wp_config.php file if ($result) { if (rename(ABSPATH.'wp-config.php.backup', ABSPATH.'wp-config-backup.txt')) { $backup_file_url = AIOWPSEC_WP_URL . '/wp-config-backup.txt'; echo '

'; _e('Your wp-config.php file was successfully backed up! Right click on the following file name and save the backup to your computer.','aiowpsecurity'); echo '

'; _e('Your wp-config.php File: '); echo ''.$backup_file_url.''; echo '

'; echo '

'; } else { $aio_wp_security->debug_logger->log_debug("wp-config.php file rename failed during backup!",4); $this->show_msg_error(__('wp-config.php file rename failed during backup. Please check your root directory for the backup file using FTP.','aiowpsecurity')); } } else { $aio_wp_security->debug_logger->log_debug("wp-config.php - Backup operation failed!",4); $this->show_msg_error(__('wp-config.php backup failed.','aiowpsecurity')); } } if(isset($_POST['aiowps_restore_wp_config_button']))//Do form submission tasks { $nonce=$_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-restore-wp-config-nonce')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed on wp-config file restore!",4); die("Nonce check failed on wp-config file restore!"); } if (empty($_POST['aiowps_wp_config_file'])) { $this->show_msg_error(__('Please choose a wp-config.php file to restore from.', 'aiowpsecurity')); } else { //Let's copy the uploaded wp-config.php file into the active root file $new_wp_config_file_path = trim($_POST['aiowps_wp_config_file']); //TODO //Verify that file chosen has contents which are relevant to .htaccess file $is_wp_config = $this->check_if_wp_config_contents($new_wp_config_file_path); //TODO - write the function if ($is_wp_config == 1) { $active_root_wp_config = ABSPATH.'wp-config.php'; if (!copy($new_wp_config_file_path, $active_root_wp_config)) { //Failed to make a backup copy $aio_wp_security->debug_logger->log_debug("wp-config.php - Restore from backed up wp-config operation failed!",4); $this->show_msg_error(__('wp-config.php file restore failed. Please attempt to restore this file manually using FTP.','aiowpsecurity')); } else { $this->show_msg_updated(__('Your wp-config.php file has successfully been restored!', 'aiowpsecurity')); } } else { $aio_wp_security->debug_logger->log_debug("wp-config.php restore failed - Contents of restore file appear invalid!",4); $this->show_msg_error(__('wp-config.php Restore operation failed! Please check the contents of the file you are trying to restore from.','aiowpsecurity')); } } } ?>

'.__('Your "wp-config.php" file is one of the most important in your WordPress installation. It is a primary configuration file and contains crucial things such as details of your database and other critical components.', 'aiowpsecurity').'
'.__('This feature allows you to backup and save your currently active wp-config.php file should you need to re-use the the backed up file in the future.', 'aiowpsecurity').'
'.__('You can also restore your site\'s wp-config.php settings using a backed up wp-config.php file.', 'aiowpsecurity').'

'; ?>

:

debug_logger->log_debug("Nonce check failed on remove wp meta info options save!",4); die("Nonce check failed on remove wp meta info options save!"); } $aio_wp_security->configs->set_value('aiowps_remove_wp_generator_meta_info',isset($_POST["aiowps_remove_wp_generator_meta_info"])?'1':''); $aio_wp_security->configs->save_config(); //Recalculate points after the feature status/options have been altered $aiowps_feature_mgr->check_feature_status_and_recalculate_points(); $this->show_msg_settings_updated(); } ?>

'.__('Wordpress generator automatically adds some meta information inside the "head" tags of every page on your site\'s front end. Below is an example of this:', 'aiowpsecurity'); echo '
<meta name="generator" content="WordPress 3.5.1" />'; echo '
'.__('The above meta information shows which version of WordPress your site is currently running and thus can help hackers or crawlers scan your site to see if you have an older version of WordPress or one with a known exploit.', 'aiowpsecurity').'
'.__('This feature will allow you to remove the WP generator meta info from your site\'s pages.', 'aiowpsecurity').'

'; ?>

output_feature_details_badge("wp-generator-meta-tag"); ?>
: configs->get_value('aiowps_remove_wp_generator_meta_info')=='1') echo ' checked="checked"'; ?> value="1"/>