brianhansonxyz/homeproz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Phase 6: AIOS security plugin with conservative login lockdown config (10 attempts)

Browse Source
This commit is contained in:
Hanson.xyz Dev
2025-11-28 17:19:54 -06:00
parent 78a744ef06
commit abbd3502e8
430 changed files with 137111 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/cookie-based-brute-force-prevention-disabled.php
Executable
+9
View File
@@ -0,0 +1,9 @@
<?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
<div class="error">
<h3><?php echo esc_html__('Cookie based brute force login prevention currently disabled', 'all-in-one-wp-security-and-firewall');?></h3>
<p>
<?php /* translators %s: wp-config.php path */ ?>
<?php echo sprintf(esc_html__('Cookie based brute force login prevention is currently disabled via the AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION constant (which is most likely to be defined in your %s)', 'all-in-one-wp-security-and-firewall'), esc_html(AIOWPSecurity_Utility_File::get_home_path()) . 'wp-config.php'); ?>
</p>
</div>
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/custom-notice.php
Executable
+39
View File
@@ -0,0 +1,39 @@
<?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
<div class="aiowps_ad_container error">
<div class="aiowps_notice_container">
<div class="aiowps_advert_content_right">
<h3 class="aiowps_advert_heading">
<?php // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- PCP error. Escaping done in wp-security-notices.php ?>
<?php echo $title; ?>
<div class="aiowps_advert_dismiss">
<?php if (!empty($dismiss_time)) { ?>
<a href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>'}});"><?php esc_html_e('Dismiss', 'all-in-one-wp-security-and-firewall'); ?></a>
<?php } else { ?>
<a href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp();"><?php esc_html_e('Dismiss', 'all-in-one-wp-security-and-firewall'); ?></a>
<?php } ?>
</div>
</h3>
<p>
<?php // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- PCP errpr. Escaping done in wp-security-notices.php ?>
<?php echo $text; ?>
</p>
<?php
if (!empty($button_link) && !empty($button_meta)) {
?>
<p>
<a class="aiowps_notice_link button button-primary" href="<?php esc_url($button_link);?>">
<?php echo esc_html($button_meta); ?>
</a>
<a class="aiowps_notice_link button button-secondary" style="margin-left: 8px;" href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>', dismiss_forever: '1'}});">
<?php esc_html_e('No', 'all-in-one-wp-security-and-firewall'); ?>
</a>
</p>
<?php
}
?>
</div>
</div>
<div class="clear"></div>
</div>
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/disable-login-whitelist.php
Executable
+8
View File
@@ -0,0 +1,8 @@
<?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
<div class="error">
<h3><?php esc_html_e('Login whitelisting currently disabled', 'all-in-one-wp-security-and-firewall');?></h3>
<p>
<?php esc_html_e('Login whitelisting is currently disabled via the AIOS_DISABLE_LOGIN_WHITELIST constant (which is mostly likely to be defined in your wp-config.php)', 'all-in-one-wp-security-and-firewall'); ?>
</p>
</div>
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/firewall-installed-notice.php
Executable
+9
View File
@@ -0,0 +1,9 @@
<div id="aios-firewall-installed-notice" class='notice notice-success is-dismissible'>
<p><strong><?php esc_html_e('All-In-One Security', 'all-in-one-wp-security-and-firewall'); ?></strong></p>
<p>
<?php
echo esc_html__('Your firewall has been installed with the highest level of protection.', 'all-in-one-wp-security-and-firewall').' '.
esc_html__('You may have to wait 5 minutes for the changes to take effect.', 'all-in-one-wp-security-and-firewall');
?>
</p>
</div>
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/firewall-setup-notice.php
Executable
+33
View File
@@ -0,0 +1,33 @@
<?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
<div id="aios-firewall-setup-notice" class="notice notice-information">
<form action="<?php echo esc_url(admin_url('admin-post.php')); ?>" method="POST">
<?php wp_nonce_field('aiowpsec-firewall-setup'); ?>
<input type="hidden" name="action" value="aiowps_firewall_setup">
<p>
<strong><?php esc_html_e('All-In-One Security', 'all-in-one-wp-security-and-firewall'); ?></strong>
</p>
<p>
<?php echo esc_html__('Our PHP-based firewall has been created to give you even greater protection.', 'all-in-one-wp-security-and-firewall') . ' ' .
esc_html__('To ensure the PHP-based firewall runs before any potentially vulnerable code in your WordPress site can be reached, it will need to be set up.', 'all-in-one-wp-security-and-firewall');
?>
</p>
<p>
<?php esc_html_e('If you already have our .htaccess-based firewall enabled, you will still need to set up the PHP-based firewall to benefit from its protection.', 'all-in-one-wp-security-and-firewall'); ?>
</p>
<p>
<?php esc_html_e('To set up the PHP-based firewall, press the \'Set up now\' button below:', 'all-in-one-wp-security-and-firewall'); ?>
</p>
<div style='padding-bottom: 10px; padding-top:10px;'>
<input class="button button-primary" type="submit" name="btn_setup_now" value="<?php esc_html_e('Set up now', 'all-in-one-wp-security-and-firewall'); ?>">
</form>
<?php if ($show_dismiss) { ?>
<form action="<?php echo esc_url(admin_url('admin-post.php')); ?>" method="POST" style='display:inline;'>
<?php wp_nonce_field('aiowpsec-firewall-setup-dismiss'); ?>
<input type="hidden" name="action" value="aiowps_firewall_setup_dismiss">
<input class="button button-secondary" type="submit" name="btn_dismiss_setup_now" value="<?php esc_html_e('Dismiss', 'all-in-one-wp-security-and-firewall'); ?>">
</form>
<?php } ?>
</div>
</div>
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/horizontal-notice.php
Executable
+104
View File
@@ -0,0 +1,104 @@
<?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
<?php if (!empty($button_meta) && 'review' == $button_meta) : ?>
<div class="aiowps_ad_container updated">
<div class="aiowps_notice_container aiowps_review_notice_container">
<div class="aiowps_advert_content_left_extra">
<?php // phpcs:ignore PluginCheck.CodeAnalysis.ImageFunctions.NonEnqueuedImage -- PCP error. Image hard coded. Cannot be enqueued. ?>
<img src="<?php echo esc_url(AIO_WP_SECURITY_URL) . '/images/' . esc_attr($image);?>" width="100" alt="<?php esc_html_e('notice image', 'all-in-one-wp-security-and-firewall');?>" />
</div>
<div class="aiowps_advert_content_right">
<p>
<?php echo wp_kses_post($text); ?>
</p>
<?php if (!empty($button_link)) { ?>
<div class="aiowps_advert_button_container">
<a class="button button-primary" href="<?php echo esc_url($button_link);?>" target="_blank" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>', dismiss_forever: '1'}});">
<?php esc_html_e('Review', 'all-in-one-wp-security-and-firewall'); ?>
</a>
<div class="dashicons dashicons-calendar"></div>
<a class="aiowps_notice_link" href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>', dismiss_forever: '0'}});">
<?php esc_html_e('Maybe later', 'all-in-one-wp-security-and-firewall'); ?>
</a>
<div class="dashicons dashicons-no-alt"></div>
<a class="aiowps_notice_link" href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>', dismiss_forever: '1'}});">
<?php esc_html_e('Never', 'all-in-one-wp-security-and-firewall'); ?>
</a>
</div>
<?php } ?>
</div>
</div>
<div class="clear"></div>
</div>
<?php else : ?>
<div class="aiowps_ad_container updated">
<div class="aiowps_notice_container">
<div class="aiowps_advert_content_left">
<?php // phpcs:ignore PluginCheck.CodeAnalysis.ImageFunctions.NonEnqueuedImage -- PCP error. Image hard coded. Cannot be enqueued. ?>
<img src="<?php echo esc_url(AIO_WP_SECURITY_URL) . '/images/' . esc_attr($image);?>" width="60" height="60" alt="<?php esc_html_e('notice image', 'all-in-one-wp-security-and-firewall');?>" />
</div>
<div class="aiowps_advert_content_right">
<h3 class="aiowps_advert_heading">
<?php
if (!empty($prefix)) echo esc_html($prefix) . ' ';
echo wp_kses_post($title);
?>
<div class="aiowps_advert_dismiss">
<?php if (!empty($dismiss_time)) { ?>
<a href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>'}});"><?php esc_html_e('Dismiss', 'all-in-one-wp-security-and-firewall'); ?></a>
<?php } else { ?>
<a href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp();"><?php esc_html_e('Dismiss', 'all-in-one-wp-security-and-firewall'); ?></a>
<?php } ?>
</div>
</h3>
<p>
<?php
echo wp_kses_post($text);
if ('inline' == $button_meta) {
?>
<br>
<a href="<?php echo esc_attr(apply_filters('updraftplus_com_link', $button_link));?>"><strong><?php echo esc_html($button_text); ?></strong></a>
<?php
echo wp_kses_post($text2);
}
if (isset($discount_code)) echo ' <b>' . esc_html($discount_code) . '</b>';
if (!empty($button_link) && !empty($button_meta) && 'inline' != $button_meta) {
?>
<a class="aiowps_notice_link" href="<?php echo esc_url($button_link);?>"><?php
if ('updraftcentral' == $button_meta) {
esc_html_e('Get UpdraftCentral', 'all-in-one-wp-security-and-firewall');
} elseif ('updraftplus' == $button_meta) {
esc_html_e('Get UpdraftPlus', 'all-in-one-wp-security-and-firewall');
} elseif ('wp-optimize' == $button_meta) {
esc_html_e('Get WP-Optimize', 'all-in-one-wp-security-and-firewall');
} elseif ('all-in-one-wp-security-and-firewall' == $button_meta) {
esc_html_e('Get Premium.', 'all-in-one-wp-security-and-firewall');
} elseif ('signup' == $button_meta) {
esc_html_e('Sign up', 'all-in-one-wp-security-and-firewall');
} elseif ('go_there' == $button_meta) {
esc_html_e('Go there', 'all-in-one-wp-security-and-firewall');
} elseif ('learn_more' == $button_meta) {
esc_html_e('Learn more', 'all-in-one-wp-security-and-firewall');
} else {
esc_html_e('Read more', 'all-in-one-wp-security-and-firewall');
}
?></a>
<?php
}
?>
</p>
</div>
</div>
<div class="clear"></div>
</div>
<?php
endif;
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/htaccess-to-php-feature-notice.php
Executable
+43
View File
@@ -0,0 +1,43 @@
<?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
<div class="aiowps_ad_container error">
<div class="aiowps_notice_container">
<div class="aiowps_advert_content_right">
<h3 class="aiowps_advert_heading">
<?php echo esc_html($title); ?>
<div class="aiowps_advert_dismiss">
<?php if (!empty($dismiss_time)) { ?>
<a href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>'}});"><?php esc_html_e('Dismiss', 'all-in-one-wp-security-and-firewall'); ?></a>
<?php } else { ?>
<a href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp();"><?php esc_html_e('Dismiss', 'all-in-one-wp-security-and-firewall'); ?></a>
<?php } ?>
</div>
</h3>
<p>
<?php echo wp_kses_post($text); ?>
</p>
<?php
if (!empty($button_link) && !empty($button_meta)) {
?>
<p>
<a class="aiowps_notice_link button button-secondary" href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>', turn_it_back_on: '1'}});">
<?php echo esc_html($action_button_text); //Turn it back on ?>
</a>
<a class="aiowps_notice_link button button-secondary" style="margin-left: 8px;" href="#" onclick="jQuery(this).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>', dismiss_forever: '1'}});">
<?php echo esc_html($dismiss_text); // Keep it off ?>
</a>
<a style="margin-left: 8px;" class="aiowps_notice_link button button-secondary" href="javascript:void(0);" onclick="jQuery(this).prop('disabled', true ).closest('.aiowps_ad_container').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: '<?php echo esc_js($dismiss_time);?>', dismiss_forever: '1'}}, function(resp) {
window.location.href = '<?php echo esc_js($button_link); ?>';
return false;
}).done(function() { jQuery(this).prop('disabled', false); });">
<?php echo esc_js($button_meta); // Edit the settings ?>
</a>
</p>
<?php
}
?>
</div>
</div>
<div class="clear"></div>
</div>
wp-content/plugins/all-in-one-wp-security-and-firewall/templates/notices/thanks-for-using-main-dash.php
Executable
+84
View File
@@ -0,0 +1,84 @@
<?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
<div id="aiowps-dashnotice" class="updated">
<?php /* translators: %s: Number of months */ ?>
<div style="float: right;"><a href="#" onclick="jQuery('#aiowps-dashnotice').slideUp(); jQuery.post(ajaxurl, {action: 'aios_ajax', subaction: 'dismiss_notice', nonce: '<?php echo esc_js(wp_create_nonce('wp-security-ajax-nonce')); ?>', data: { notice: 'dismissdashnotice'}});"><?php printf(esc_html__('Dismiss (for %s months)', 'all-in-one-wp-security-and-firewall'), 12); ?></a></div>
<h3>
<?php
if (AIOWPSecurity_Utility_Permissions::is_premium_installed()) {
esc_html_e('Thank you for using All-In-One Security Premium!', 'all-in-one-wp-security-and-firewall');
} else {
esc_html_e('Thank you for using All-In-One Security!', 'all-in-one-wp-security-and-firewall');
}
?>
</h3>
<?php // phpcs:ignore PluginCheck.CodeAnalysis.ImageFunctions.NonEnqueuedImage -- Image does not have an attachment number. Cannot use image attachment API. ?>
<a href="https://teamupdraft.com/all-in-one-security/"><img id="aiowps-notice-logo" alt="All-In-One Security" src="<?php echo esc_url(AIO_WP_SECURITY_URL) . '/images/plugin-logos/aios_logo_wide.svg'; ?>"></a>
<div id="aiowps-dashnotice_wrapper" style="max-width: 800px;">
<p>
<?php
esc_html_e('Protect your investment with the ultimate in WordPress website security.', 'all-in-one-wp-security-and-firewall');
echo '&nbsp;';
if (!AIOWPSecurity_Utility_Permissions::is_premium_installed()) {
printf(
/* translators: %s 'AIOS Premium' URL */
esc_html__('Get malware scanning, country blocking, premium support and more advanced security features with %s.', 'all-in-one-wp-security-and-firewall'),
'<a href="https://teamupdraft.com/all-in-one-security/pricing/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=aios-premium&utm_creative_format=advert" target="_blank">' . esc_html__('AIOS Premium', 'all-in-one-wp-security-and-firewall') . '</a>'
);
}
?>
</p>
<p><?php esc_html_e('Explore more top-rated plugins', 'all-in-one-wp-security-and-firewall'); ?> :</p>
<ul>
<li>
<a href="https://teamupdraft.com/wp-optimize/pricing/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=wp-optimize-premium&utm_creative_format=advert" target="_blank">
<strong><?php esc_html_e('WP-Optimize Premium:', 'all-in-one-wp-security-and-firewall'); ?></strong>
</a>
<?php
esc_html_e('Unlock new ways to speed up your WordPress website.', 'all-in-one-wp-security-and-firewall');
echo '&nbsp;';
esc_html_e('Optimize from the WP-CLI, cache multilingual and multi currency websites and more.', 'all-in-one-wp-security-and-firewall');
?>
</li>
<li>
<a href="https://teamupdraft.com/updraftplus/pricing/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=updraftplus-premium&utm_creative_format=advert" target="_blank">
<strong><?php esc_html_e('UpdraftPlus Premium:', 'all-in-one-wp-security-and-firewall'); ?></strong>
</a>
<?php
esc_html_e('Schedule automatic backups, run backups before updates, and restore with ease.', 'all-in-one-wp-security-and-firewall');
?>
</li>
<li>
<a href="https://burst-statistics.com/pricing/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=burst-statistics&utm_creative_format=advert" target="_blank">
<strong><?php esc_html_e('Burst Statistics:', 'all-in-one-wp-security-and-firewall'); ?></strong>
</a>
<?php
esc_html_e('Privacy-friendly analytics that lets you track traffic without collecting personal data.', 'all-in-one-wp-security-and-firewall');
?>
</li>
<li>
<a href="https://www.internallinkjuicer.com/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=internal-link-juicer&utm_creative_format=advert" target="_blank">
<strong><?php esc_html_e('Internal Link Juicer:', 'all-in-one-wp-security-and-firewall'); ?></strong>
</a>
<?php
esc_html_e('Automatically build internal links to save time and boost SEO.', 'all-in-one-wp-security-and-firewall');
echo '&nbsp;';
esc_html_e('You dont have to be an SEO expert to use this plugin!', 'all-in-one-wp-security-and-firewall');
?>
</li>
<li>
<a href="https://wpovernight.com/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=wp-overnight&utm_creative_format=advert" target="_blank">
<strong><?php esc_html_e('WP Overnight:', 'all-in-one-wp-security-and-firewall'); ?></strong>
</a>
<?php
esc_html_e('Premium WooCommerce add-ons built to optimize your store, improve UX, and increase revenue.', 'all-in-one-wp-security-and-firewall');
?>
</li>
</ul>
<p>
<?php echo '<strong>' . esc_html__('Browse more', 'all-in-one-wp-security-and-firewall') . ' </strong>' . '<a href="https://www.simbahosting.co.uk/s3/shop/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=premium-woocommerce-plugins&utm_creative_format=advert" target="_blank">' . esc_html__('Premium WooCommerce plugins', 'all-in-one-wp-security-and-firewall') . '</a>'; ?>
</p>
</div>
</div>