Skip to content

Instantly share code, notes, and snippets.

@thokra

thokra/add_wp_security.rb

Created February 29, 2012 12:48
Show Gist options
  • Save thokra/1940570 to your computer and use it in GitHub Desktop.
Save thokra/1940570 to your computer and use it in GitHub Desktop.
Download ZIP
Quick and dirty wp security thing. Renaming constants, filenames and directorynames
Raw
add_wp_security.rb
#!/usr/bin/env ruby
# encoding: utf-8
if RUBY_VERSION.to_f < 1.9
raise "You have to use ruby 1.9 or higher"
end
require 'fileutils'
RENAME_FILES = true
RENAME_DIRECTORIES = true
RENAME_FILES_PREFIX = "iso"
RENAME_CONSTANTS = true
CONSTANTS_PREFIX = "ISO_"
#TABLE_PREFIX = "iso_"
CONSTANTS = {
'DB_NAME' => "#{CONSTANTS_PREFIX}DB_NAME",
'DB_USER' => "#{CONSTANTS_PREFIX}DB_USER",
'DB_PASSWORD' => "#{CONSTANTS_PREFIX}DB_PASSWORD",
'DB_HOST' => "#{CONSTANTS_PREFIX}DB_HOST",
'$table_prefix' => "$iso_table_prefix",
'WP_DEBUG' => "#{CONSTANTS_PREFIX}WP_DEBUG",
'WPINC' => "#{CONSTANTS_PREFIX}WPINC",
'WP_MEMORY_LIMIT' => "#{CONSTANTS_PREFIX}WP_MEMORY_LIMIT",
'WP_MAX_MEMORY_LIMIT' => "#{CONSTANTS_PREFIX}WP_MAX_MEMORY_LIMIT",
'WP_CONTENT_DIR' => "#{CONSTANTS_PREFIX}WP_CONTENT_DIR",
'WP_LANG_DIR' => "#{CONSTANTS_PREFIX}WP_LANG_DIR",
'LANGDIR' => "#{CONSTANTS_PREFIX}LANGDIR",
'WP_CONTENT_DIR' => "#{CONSTANTS_PREFIX}WP_CONTENT_DIR",
'WP_PLUGIN_DIR' => "#{CONSTANTS_PREFIX}WP_PLUGIN_DIR",
'WP_PLUGIN_URL' => "#{CONSTANTS_PREFIX}WP_PLUGIN_URL",
'PLUGINDIR' => "#{CONSTANTS_PREFIX}PLUGINDIR",
'WPMU_PLUGIN_DIR' => "#{CONSTANTS_PREFIX}WPMU_PLUGIN_DIR",
'WPMU_PLUGIN_URL' => "#{CONSTANTS_PREFIX}WPMU_PLUGIN_URL",
'MUPLUGINDIR' => "#{CONSTANTS_PREFIX}MUPLUGINDIR",
'COOKIEHASH' => "#{CONSTANTS_PREFIX}COOKIEHASH",
'USER_COOKIE' => "#{CONSTANTS_PREFIX}USER_COOKIE",
'PASS_COOKIE' => "#{CONSTANTS_PREFIX}PASS_COOKIE",
'AUTH_COOKIE' => "#{CONSTANTS_PREFIX}AUTH_COOKIE",
'SECURE_AUTH_COOKIE' => "#{CONSTANTS_PREFIX}SECURE_AUTH_COOKIE",
'LOGGED_IN_COOKIE' => "#{CONSTANTS_PREFIX}LOGGED_IN_COOKIE",
'TEST_COOKIE' => "#{CONSTANTS_PREFIX}TEST_COOKIE",
'COOKIEPATH' => "#{CONSTANTS_PREFIX}COOKIEPATH",
'SITECOOKIEPATH' => "#{CONSTANTS_PREFIX}SITECOOKIEPATH",
'ADMIN_COOKIE_PATH' => "#{CONSTANTS_PREFIX}ADMIN_COOKIE_PATH",
'PLUGINS_COOKIE_PATH' => "#{CONSTANTS_PREFIX}PLUGINS_COOKIE_PATH",
'TEMPLATEPATH' => "#{CONSTANTS_PREFIX}TEMPLATEPATH",
'STYLESHEETPATH' => "#{CONSTANTS_PREFIX}STYLESHEETPATH",
'WP_DEFAULT_THEME' => "#{CONSTANTS_PREFIX}WP_DEFAULT_THEME"
}
puts
puts
puts "THIS ACTION WILL RENAME AND EDIT A LOT OF FILES"
puts "PLUGINS MIGHT HAVE TO BE UPDATED IN ORDER TO WORK"
puts "THESE CHANGES ARE INREVERSABLE AND YOU SHOULD TAKE BACKUP BEFORE CONTINUING"
puts
print "Are you sure you want to continue? [yes|no] : "
promt = gets.chomp
exit unless promt == 'yes' || promt == 'y'
puts
puts
class WPSecurity
def initialize
@basepath = File.expand_path(File.join(__FILE__, '..'))
end
def run
files = Dir["**/*.*"] # **/*.php
directories = Dir["**/"]
if RENAME_FILES
@replace_files = {}
files.each do |f|
name = f.split("/").last
@replace_files[name] = name.gsub("wp-", "#{RENAME_FILES_PREFIX}-wp-") unless name["wp-"].nil?
end
@replace_files_pattern = @replace_files.map {|k,v| k}.join('|')
end
if RENAME_DIRECTORIES
@replace_directories = {}
@replace_directories_pattern = []
directories.each do |f|
f[-1] = '' if f[-1] == '/'
name = f.split("/").last
unless name["wp-"].nil?
new_name = name.gsub("wp-", "#{RENAME_FILES_PREFIX}-wp-")
@replace_directories_pattern << "\\/#{name}"
@replace_directories["/#{name}"] = "/#{new_name}"
@replace_directories_pattern << "'#{name}'"
@replace_directories["'#{name}'"] = "'#{new_name}'"
@replace_directories_pattern << "#{name}\\/"
@replace_directories["#{name}/"] = "#{new_name}/"
end
end
@replace_directories_pattern = @replace_directories_pattern.join('|')
end
if RENAME_CONSTANTS
@replace_constants_pattern = CONSTANTS.map {|k,v| k.gsub("$", "\\$")}.join('|')
end
puts "REPLACING FILES"
files.each do |f|
fix_file(f) unless File.directory?(f) or (f['.js'] or f['.css'] or f['.php']).nil?
end
if RENAME_FILES
puts
puts "RENAMING FILES"
files.each do |f|
new_name = f.split('/')
next if new_name.last["wp-"].nil?
new_name.last.gsub!("wp-", "#{RENAME_FILES_PREFIX}-wp-")
new_name = File.join(*new_name)
File.rename(f, new_name)
end
end
if RENAME_DIRECTORIES
puts
puts "RENAMING DIRECTORIES"
directories.each do |d|
new_name = d.split('/')
next if new_name.last["wp-"].nil?
new_name.last.gsub!("wp-", "#{RENAME_FILES_PREFIX}-wp-")
new_name = File.join(*new_name)
puts "#{d} => #{new_name}"
FileUtils.mv(d, new_name)
end
end
puts
puts "Remember to use a different table prefix than 'wp_'"
puts
end
def fix_file(f)
text = File.read f
begin
search_for = []
replace_with = {}
if RENAME_FILES
search_for << @replace_files_pattern
replace_with.merge! @replace_files
end
if RENAME_DIRECTORIES
search_for << @replace_directories_pattern
replace_with.merge! @replace_directories
end
if RENAME_CONSTANTS
search_for << @replace_constants_pattern
replace_with.merge! CONSTANTS
end
text.gsub!(Regexp.new(search_for.join('|')), replace_with)
File.open(f, "w") {|a| a.puts text }
rescue Exception => e
puts "Could not replace #{f}"
puts e.message
end
end
end
WPSecurity.new.run
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment