Carl Alberto carl-alberto

## gist:fcfa82121a25a52c7cc439727e2e5c49
<?php
/**
 * Disable RESTAPI
 * Using a plugin like: https://wordpress.org/plugins/disable-json-api/
 * Feature from Itheme security
 * @package wpplugin
 */

add_filter( 'rest_authentication_errors', 'cafunction1_disable_rest_api' );

## gist:d069f0e183db6ef01ecc6c8e2d482c44
<?php
/**
 * Stop user enumeration directly from code.
 * Using a plugin like: https://wordpress.org/support/topic/wp-json-user-enumeration-disable/
 * If using Wordfence: https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
 * If using Cerber: https://wordpress.org/support/topic/wp-json-user-enumeration-disable/
 * Also a feature in Itheme Security https://ithemes.com/ithemes-security-settings-checklist/
 *
 * @package wpplugin
 */

## gist:c21fe27f048b9b6fdc73d205c4f3c74b
<?php
/**
 * Stop user enumeration.
 *
 * @package wpplugin
 */

if ( ! is_admin() ) {
	// phpcs:disable
	if ( preg_match( '/author=([0-9]*)/i', $_SERVER['QUERY_STRING'] ) ) {

## gist:fe05231e571431de0dd400421b88b0b6
if (!is_admin()) {
// default URL format
if (preg_match('/author=([0-9]*)/i', $_SERVER['QUERY_STRING'])) die(); add_filter('redirect_canonical', 'shapeSpace_check_enum', 10, 2);
}
function shapeSpace_check_enum($redirect, $request) {
// permalink URL format
if (preg_match('/\?author=([0-9]*)(\/*)/i', $request)) die(); else return $redirect;
}

## gist:e896b8c281f1085a2cd5170cb2be1a2e
/**
 * Add security headers for Nginx based sites
 *
 * @param [type] $headers add security headers as array.
 *
 * @return array
 */
function additional_securityheaders( $headers ) {
	if ( ! is_admin() ) {
		$headers['Referrer-Policy']             = 'no-referrer-when-downgrade';

## gist:32dfb84d2aa485430ae7a1b848767309
// You can add this to a custom plugin or your theme's functions.php

function set_rocket_wp_cache_define_false( $turn_it_on ) {
    return 'false';
}
add_filter('set_rocket_wp_cache_define', 'set_rocket_wp_cache_define_false');

## filename.php
<h1>Pantheon MyISAM to InnoDB engine converter</h1>

<?php
/*
* Use this script ONLY if you are a Pantheon customer.
* ONLY RUN THIS SCRIPT IN DEV!
*/
$mysqli = @new mysqli($_ENV['DB_HOST'], $_ENV['DB_USER'], $_ENV['DB_PASSWORD'], $_ENV['DB_NAME'], $_ENV['DB_PORT']);

if ($mysqli->connect_errno) {

## gist:139808d4b6a3c44fa43a74df0e716438
<?php
# This is a Windows-friendly symlink
require_once WP_CONTENT_DIR . '/plugins/wp-redis/object-cache.php';

## wp-config.php
if (($_SERVER['REQUEST_URI'] == true) && (php_sapi_name() != "cli")) {
  header('HTTP/1.0 301 Moved Permanently');
  header('Location: https://'. $_SERVER['HTTP_HOST' );

  // Name transaction "redirect" in New Relic for improved reporting (optional).
  if (extension_loaded('newrelic')) {
    newrelic_name_transaction("redirect");
  }

  exit();

## functions.php
<?php

// You can add this code in the theme's functions.php
$user = get_user_by( 'email', 'user@example.com' ); // change the email that you need to update the password
wp_set_password( '$stronGp$sS', $user->ID ); // chage this to another password if you want
// dont forge to remove this code once you have access to your site

?>
	<?php
	/**
	* Disable RESTAPI
	* Using a plugin like: https://wordpress.org/plugins/disable-json-api/
	* Feature from Itheme security
	* @package wpplugin
	*/

	add_filter( 'rest_authentication_errors', 'cafunction1_disable_rest_api' );
	<?php
	/**
	* Stop user enumeration directly from code.
	* Using a plugin like: https://wordpress.org/support/topic/wp-json-user-enumeration-disable/
	* If using Wordfence: https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
	* If using Cerber: https://wordpress.org/support/topic/wp-json-user-enumeration-disable/
	* Also a feature in Itheme Security https://ithemes.com/ithemes-security-settings-checklist/
	*
	* @package wpplugin
	*/
	<?php
	/**
	* Stop user enumeration.
	*
	* @package wpplugin
	*/

	if ( ! is_admin() ) {
	// phpcs:disable
	if ( preg_match( '/author=([0-9]*)/i', $_SERVER['QUERY_STRING'] ) ) {
	if (!is_admin()) {
	// default URL format
	if (preg_match('/author=([0-9]*)/i', $_SERVER['QUERY_STRING'])) die(); add_filter('redirect_canonical', 'shapeSpace_check_enum', 10, 2);
	}
	function shapeSpace_check_enum($redirect, $request) {
	// permalink URL format
	if (preg_match('/\?author=([0-9])(\/)/i', $request)) die(); else return $redirect;
	}
	/**
	* Add security headers for Nginx based sites
	*
	* @param [type] $headers add security headers as array.
	*
	* @return array
	*/
	function additional_securityheaders( $headers ) {
	if ( ! is_admin() ) {
	$headers['Referrer-Policy'] = 'no-referrer-when-downgrade';
	// You can add this to a custom plugin or your theme's functions.php

	function set_rocket_wp_cache_define_false( $turn_it_on ) {
	return 'false';
	}
	add_filter('set_rocket_wp_cache_define', 'set_rocket_wp_cache_define_false');
	<h1>Pantheon MyISAM to InnoDB engine converter</h1>

	<?php
	/*
	* Use this script ONLY if you are a Pantheon customer.
	* ONLY RUN THIS SCRIPT IN DEV!
	*/
	$mysqli = @new mysqli($_ENV['DB_HOST'], $_ENV['DB_USER'], $_ENV['DB_PASSWORD'], $_ENV['DB_NAME'], $_ENV['DB_PORT']);

	if ($mysqli->connect_errno) {
	<?php
	# This is a Windows-friendly symlink
	require_once WP_CONTENT_DIR . '/plugins/wp-redis/object-cache.php';
	if (($_SERVER['REQUEST_URI'] == true) && (php_sapi_name() != "cli")) {
	header('HTTP/1.0 301 Moved Permanently');
	header('Location: https://'. $_SERVER['HTTP_HOST' );

	// Name transaction "redirect" in New Relic for improved reporting (optional).
	if (extension_loaded('newrelic')) {
	newrelic_name_transaction("redirect");
	}

	exit();
	<?php

	// You can add this code in the theme's functions.php
	$user = get_user_by( 'email', 'user@example.com' ); // change the email that you need to update the password
	wp_set_password( '$stronGp$sS', $user->ID ); // chage this to another password if you want
	// dont forge to remove this code once you have access to your site

	?>