Paul Goodchild paulgoodchild
paulgoodchild
/ functions.php
Created
March 8, 2024 11:59
Shield Security: Prevent loading of WP Site Health Security Components
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php declare( strict_types=1 ); | |
| /** | |
| * Be sure to place this in your theme's functions.php or if you're including | |
| * it within a plugin, ensure that it runs before WP's 'init' action has executed. | |
| * | |
| * This will prevent Shield's Site Health components from executing and populating | |
| * WP Site Health area with Security recommendations. | |
| */ | |
| add_filter( 'shield/can_run_site_health_security', '__return_false' ); |
paulgoodchild
/ functions.php
Created
August 9, 2023 14:01
Triggering on-demand scans on Shield Security Pro for WordPress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php declare( strict_types=1 ); | |
| use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan\Controller; | |
| /** | |
| * Launching on-demand scans for Shield Security can be done using the function outlined below. | |
| * It requires a single array parameter that contains the so-called "slugs" of the respective scans. | |
| * | |
| * Shield currently has 3 distinct scan types, namely: | |
| * - AFS: file scanner, (WordPress, plugin, themes, malware scan) |
paulgoodchild
/ gist:e15774a5307d8f65416234b4ac61203c
Last active
February 6, 2023 10:56
Easy Digital Downloads: Prevent license expiration notices being sent for licenses linked to refunded payments
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php declare( strict_types=1 ); | |
| /** | |
| * Easy Digital Downloads will send license expiration notices for any licenses, even if they | |
| * have been refunded. This is not ideal. | |
| * | |
| * This filter will prevent such notices being sent if any payments associated with this | |
| * license have been refunded. | |
| * | |
| * This may not be applicable in cases where you EDD store supports multiple products in |
paulgoodchild
/ functions.php
Created
January 20, 2022 15:05
Customize whether a request is blocked in Shield
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php declare( strict_types=1 ); | |
| /** | |
| * Use this filter to tell Shield to block a request. | |
| * | |
| * By default, Shield will block requests solely based on the IP reputation for that site. | |
| * | |
| * With this filter, you can change these criteria. | |
| * | |
| * In this example we want to block all access to the WP admin and WP login areas and |
paulgoodchild
/ functions.php
Created
October 19, 2021 08:40
Prevent running of NotBot JS based on other factors on site
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php declare( strict_types=1 ); | |
| /** | |
| * Use this filter to tell Shield to NOT run the NotBot JS system. | |
| * | |
| * If you disable the NotBot JS system then you will likely lock-out visitors. | |
| * | |
| * Use of this filter is at your own risk. | |
| */ | |
| add_filter( 'shield/can_run_antibot', function ( $canRun ) { |
paulgoodchild
/ functions.php
Last active
May 21, 2021 11:44
[Shield Security for WordPress] Filter whether the Plugin Security Badge is displayed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Note: Only available from Shield v11.2+ | |
| * | |
| * Use this filter to tell Shield whether or not the Plugin Security Badge should be displayed or not. | |
| * | |
| * More Info on badge here: https://getshieldsecurity.com/blog/feature-plugin-badge/ | |
| * | |
| * For example, you may only want to show the badge if the visitor is not on a mobile (see below). |
paulgoodchild
/ functions.php
Last active
March 27, 2021 10:29
Set Service Providers to be "untrusted" in Shield Security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Use this filter to tell Shield to NOT automatically whitelist certain providers. | |
| * | |
| * By default Shield will never block official service providers and web crawlers. You can turn off this behaviour on | |
| * a per-service basis using this filter. | |
| * | |
| * Understand that Shield doesn't then "block" the provider, it simply no longer gives it a free pass. If it abuses your | |
| * resources or performs requests that cause offenses, it may be then blocked by Shield. |
paulgoodchild
/ functions.php
Last active
March 27, 2021 15:07
Specify the hour of the day that the Shield Security plugin executes its daily cron
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * The Scanner cron job run by the Shield plugin is responsible for executing the scans. | |
| * If you're running ShieldFREE, the scans runs automatically once per day. On ShieldPRO, it can repeat up to every hour. | |
| * | |
| * The Cron is configured to have a start time - i.e. the first time that the cron will execute. Then it repeats based on your settings. | |
| * | |
| * If the hour at which the cron is set to run is 3 a.m. (the default), it will first run the next day at 3am, and then | |
| * every day thereafter at 3 a.m. If this default hour doesn't suit, you can change it using a WordPress filter. | |
| * |
paulgoodchild
/ functions.php
Created
December 12, 2020 11:37
Automatically add WordPress site to your iControlWP control panel from ManageWP (or other)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * You may automatically add any WordPress site to your iControlWP account by using the "code run" | |
| * or "code snippets" feature in ManageWP. | |
| * | |
| * Please follow these steps: | |
| * | |
| * 1) Install and activate the iControlWP plugin on your WordPress site. | |
| * 2) Grab your "AUTHENTICATION_KEY" from your iControlWP account: | |
| * - https://app.icontrolwp.com/profile/preferences |
paulgoodchild
/ functions.php
Created
December 7, 2020 12:06
WordPress: How to set that a request may use Application Password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * WordPress (5.6+) allows the use of Application Passwords when authenticating logins. | |
| * However, only certain requests are considered to be requests from an "Application". Officially, these are | |
| * XML-RPC and REST API requests. | |
| * | |
| * However, you may customize this to ensure that authenticated requests from your service | |
| * (if they don't use XML-PRC/RESTAPI) are put through the appropriate authentication process. | |
| * | |
| * To achieve this, you make use of the filter: application_password_is_api_request |
NewerOlder