Skip to content

Instantly share code, notes, and snippets.

View soderlind's full-sized avatar

Per Søderlind soderlind

View GitHub Profile
@soderlind
soderlind / README.md
Last active October 9, 2024 09:18
WordPress Web Application Firewall (WAF) Custom rules for Azure Front Door (AFD)

WordPress WAF Custom rules for Azure Front Door (AFD)

AFD WAF Managed Rules DRS 2.1 blocks WordPress. The below WP* custom rules let you access WordPress URLs that you need. I also implemented a rate-limiting rule to prevent brute force attacks.

The WP* rules are based on the OWASP CRS - WordPress Rule Exclusions Plugin rules

  • AFD Premuim supports max 5 (!) regex, so I had to convert the regex rules to separate rules.

Custom WordPress Allow Rules

@soderlind
soderlind / waf-policy.bicep
Last active September 19, 2024 10:40
WordPress: Use Azure Front Door to rate limit access the login page
resource wafPolicy 'Microsoft.Network/FrontDoorWebApplicationFirewallPolicies@2022-05-01' = {
name: wafPolicyName
location: 'global'
sku: {
name: frontDoorSkuName
}
tags: tags
properties: {
policySettings: {
enabledState: 'Enabled'
@soderlind
soderlind / README.md
Last active September 11, 2024 08:30
WordPress: Add a media inserter to the block editor using the registerInserterMediaCategory

I did this to show how easy it is to create your own media inserter. In production I would create a a server that returns the json.

Install

  1. Create a block
    • in wp-content/plugins run npx @wordpress/create-block@latest my-image-inserter
    • cd my-image-inserter
  2. Copy index.js to my-image-inserter/src/index.js
  3. Delete my-image-inserter/my-image-inserter.php
  4. Copy plugin.php to my-image-inserter/plugin.php
@soderlind
soderlind / Install.txt
Last active September 7, 2024 05:45
macOS DoH! (DNS over HTTPS) using cloudflared
1) Install cloudflared using homebrew:
brew install cloudflare/cloudflare/cloudflared
2) Create /usr/local/etc/cloudflared/config.yaml, with the following content
proxy-dns: true
proxy-dns-upstream:
- https://1.1.1.1/dns-query
- https://1.0.0.1/dns-query
@soderlind
soderlind / mu-super-admin-all-sites-menu.php
Last active July 27, 2024 12:00
Fast REST Response for Super Admin All Sites Menu (https://github.com/soderlind/super-admin-all-sites-menu), save in mu-plugins
<?php
/**
* name: Fast REST Response for Super Admin All Sites Menu
*
* @package Soderlind\Multisite\MU
* @author Per Soderlind
* @copyright 2021 Per Soderlind
* @license GPL-2.0+
*
* @wordpress-plugin
@soderlind
soderlind / hardcode-number-of-items.php
Created August 28, 2023 08:27
WordPress Admin: Hardcode max number of items per page.
<?php
/**
* name
*
* @package Soderlind\MuPlugins\HardcodeNumberOfItems
* @author Per Soderlind
* @copyright 2021 Per Soderlind
* @license GPL-2.0+
*
@soderlind
soderlind / dropzonejs-wp-rest-api.js
Last active July 27, 2024 11:21
DropzoneJS & WordPress REST API
/*
Uploading images is a two step process (from https://github.com/WP-API/WP-API/issues/1768#issuecomment-160540932):
POST the data to /wp/v2/media - this can either be as the request body, or in multipart format. This will upload the file, and give you a 201 Created response with a Location header. This header points to the post object for the attachment that has just been created.
PUT the post data to the endpoint returned in the Location header (which will look something like /wp/v2/media/{id}).
I do step 2 (PUT), if POST is a success, in myDropzone.on("success", function(file, response){}
*/
// dropzoneWordpressRestApiForm is the configuration for the element that has an id attribute
@soderlind
soderlind / docker-compose.yml
Last active July 9, 2024 08:55
Buggregator for local WordPress development
services:
buggregator:
image: ghcr.io/buggregator/server:latest
depends_on:
buggregator-database:
condition: service_healthy
ports:
- 127.0.0.1:8000:8000 # Sentry, Ray
- 127.0.0.1:1025:1025 # SMTP
environment:
@soderlind
soderlind / copilot.aliases.zshrc
Last active July 6, 2024 14:07
GitHub Copilot CLI aliases
# GitHub CLI aliases
eval "$(gh copilot alias -- zsh)" # or bash
# Old school aliases
alias '??'='ghcs'
alias 'git?'='ghcs -t git'
alias 'gh?'='ghcs -t gh'
alias 'explain'='ghce'
@soderlind
soderlind / class-google-maps-oembed-provider.php
Last active April 29, 2024 11:44
WordPress Google Maps oEmbed Provider using the Google Maps Embed API
<?php
/**
* Create a Google Maps oEmbed Provider using the Google Maps Embed API
*
* @see https://developers.google.com/maps/documentation/embed/
* @link https://gist.github.com/soderlind/db6dae8a73253329bc97ac50d7ebedef
* @since 1.0.0
* @package Google_Maps_oEmbed_Provider
*/
class DSS_oEmbed_Add_Provider {