This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* WordPress (5.6+) allows the use of Application Passwords when authenticating logins. | |
* However, only certain requests are considered to be requests from an "Application". Officially, these are | |
* XML-RPC and REST API requests. | |
* | |
* However, you may customize this to ensure that authenticated requests from your service | |
* (if they don't use XML-PRC/RESTAPI) are put through the appropriate authentication process. | |
* | |
* To achieve this, you make use of the filter: application_password_is_api_request |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* The plugin badge array has 5 attributes represented by the following keys: | |
* name, url, logo, protected_by, custom_css | |
* | |
* This filter is only available is the plugin is activated for ShieldPRO. | |
* | |
* You may also use your Whitelabel settings to overwrite many of the defaults: | |
* See: https://icontrolwp.freshdesk.com/support/solutions/articles/3000078466 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Use this filter to change the precise location where Shield's Antibot features will be | |
* output within the Woocommerce checkout form. | |
*/ | |
add_filter( 'icwp-wpsf-woocommerce_checkout_hook_location', function ( $hook ) { | |
/** | |
* This is the default hook location used by Shield. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Adding custom roles is a case of using the filter provided, adding your | |
* roles to the array of roles that has 2FA by email forced upon them. | |
* | |
* The role you add will be the 'slug' of the role, not the name of the role. | |
* For example, WordPress comes with built-in roles such as Administrator. | |
* The slug for this role is 'administrator', not 'Administrator'. | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Both of these functions return a boolean (true|false) on whether the current visitor | |
* IP address is whitelisted. | |
* | |
* Be sure to use the most appropriate, depending on your Shield version. | |
*/ | |
if ( class_exists( '\FernleafSystems\Wordpress\Plugin\Shield\Controller\Controller' ) ) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Shield Security's 2FA timeout defaults to 5 minutes. This means that a user must | |
* supply their 2FA code(s) within this time or they'll need to start again (re-login). | |
* | |
* Some email providers can be a bit slow at times with their email delivery, and | |
* 5 minutes isn't long enough. To provide a bit more time, you can use a filter to | |
* extend the timeout to as many minutes as you need. | |
* | |
* Reference: https://support.getshieldsecurity.com/support/solutions/articles/3000101220 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Add this to your functions.php and then call your site URL with "get_my_server_ip" in your query. | |
* e.g. https://www.example.com/?get_my_server_ip=1 | |
*/ | |
if ( isset( $_GET[ 'get_my_server_ip' ] ) ) { | |
add_action( 'init', function () { | |
echo 'Server IPs:<br/>'.implode( '<br/>', array_unique( [ | |
wp_remote_get( 'https://api.ipify.org' )[ 'body' ], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* You can whitelist certain directories from the Shield malware scanner using | |
* the following WordPress filter. | |
* | |
* All paths you provide must be relative to your ABSPATH | |
* (i.e. from the directory where your wp-settings.php file resides) | |
* | |
* You must always return the $paths variable at the end. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
add_action( 'admin_init', function () { | |
if ( function_exists( 'shield_security_get_plugin' ) ) { | |
$oShield = shield_security_get_plugin(); | |
if ( !empty( $oShield ) ) { | |
add_filter( | |
$oShield->getController()->prefix( 'show_dashboard_widget' ), | |
function ( $bShow ) { | |
// restrict display to administrators only (i.e. they have capability to "manage_options") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
add_action( 'init', function () { | |
if ( is_admin() && !( defined( 'DOING_AJAX' ) && DOING_AJAX ) && !current_user_can( 'edit_posts' ) ) { | |
wp_safe_redirect( home_url() ); | |
} | |
} ); |