hvg-dev/blog
1
0
Fork 0
Code Actions Packages Activity
Files
696fb9b22c9849bd8f3e03adc52e681558694700
blog/web/app/mu-plugins/app-mu.php
felegy 696fb9b22c + ADD keycloack.hvg.hu auth via SAML
2025-08-28 13:40:08 +00:00

213 lines
6.7 KiB
PHP
Raw Blame History

<?php
/**
* Plugin Name: App config
* Description: App configuration must use functions
* - Add SVG to mime_types.
* - Clean file name when uploading files in WordPress.
* - Disable Login errors.
* - Add Security headers.
* - Add s3 uploads custom endpoint (S3_UPLOADS_ENDPOINT)
* - Remove WordPress version from HTML source.
* - WP error log to stdout (ERROR_LOG_TO_STDOUT)
* - Setup PHPMailer with SMTP (SMTP_SERVER, SMTP_PORT, SMTP_LOGIN, SMTP_PASSWORD and SMTP_SECURE)
* Version: 202309-01
* Author: felegy
* Author URI: https://github.com/felegy
*/
defined( 'ABSPATH' ) || die('Restricted Area');
class AppMuPlugin
{
public function __construct()
{
// Define constants
$this->define_constants();
if (defined('ERROR_LOG_TO_STDOUT')) {
if (ERROR_LOG_TO_STDOUT) {
// WP error log to stdout
$this->error_log_to_stdout();
}
}
if (defined('S3_UPLOADS_ENDPOINT')) {
// Filter S3 Uploads params.
$this->s3_uploads_endpoint();
}
if (defined('SMTP_ENABLED') && SMTP_ENABLED) {
// If SMTP is enabled, setup PHPMailer
if (defined('SMTP_SERVER') && defined('SMTP_PORT')) {
$this->setup_phpmailer();
}
}
$this->header_security();
$this->no_wordpress_errors();
$this->sanitize_file_name();
$this->remove_wp_version();
$this->cc_mime_types();
$this->two_factor_default();
$this->on_logout_redirect();
}
private function define_constants() {
if ( ! defined( 'SMTP_SERVER') ) {
define( 'SMTP_SERVER', '127.0.0.1' );
}
if ( ! defined( 'SMTP_PORT') ) {
define( 'SMTP_PORT', 1025 );
}
if ( ! defined( 'BLOG_SLUG') ) {
define( 'BLOG_SLUG', 'wp' );
}
}
private function error_log_to_stdout() {
// Add your initialization code here.
// WP error log to stdout
add_action('init', function () {
ini_set ('error_log', '/dev/stdout'); // phpcs:ignore
}, 10);
}
private function s3_uploads_endpoint() {
// Filter S3 Uploads params.
add_filter('s3_uploads_s3_client_params', function ($params) {
$params['endpoint'] = defined('S3_UPLOADS_ENDPOINT') ? S3_UPLOADS_ENDPOINT : "";
$params['use_path_style_endpoint'] = true;
$params['debug'] = false; // Set to true if uploads are failing.
return $params;
});
}
private function header_security() {
// Add Security headers.
add_filter('wp_headers',
function ($headers) {
$headers['X-Frame-Options'] = 'SAMEORIGIN';
$headers['X-Content-Type-Options'] = 'nosniff';
$headers['X-XSS-Protection'] = '1; mode=block';
$headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains';
$headers['Referrer-Policy'] = 'same-origin';
$headers['Permissions-Policy'] = 'geolocation=()';
$headers['Content-Security-Policy'] = 'upgrade-insecure-requests';
return $headers;
});
}
private function no_wordpress_errors()
{
add_filter('login_errors', function () {
return 'Hiba történt a belépés során!';
});
}
private function sanitize_file_name()
{
// Clean file name when uploading files in WordPress.
add_filter('sanitize_file_name', function ($filename){
$extension = substr($filename, strrpos($filename, '.') + 1);
$filename = substr($filename, 0, strrpos($filename, '.'));
return sanitize_title($filename) . '.' . $extension;
});
}
private function remove_wp_version() {
// Remove WordPress version from HTML source.
add_filter('the_generator', '__return_empty_string');
}
private function cc_mime_types() {
// Add SVG to mime_types.
add_filter('upload_mimes', function ($mimes)
{
$mimes['svg'] = 'image/svg+xml';
return $mimes;
});
}
private function setup_phpmailer() {
add_action('phpmailer_init', function ($phpmailer) {
$phpmailer->Host = SMTP_SERVER;
$phpmailer->Port = SMTP_PORT;
// If SMTP_LOGIN is defined, use it for authentication
if (defined('SMTP_LOGIN')) {
$phpmailer->SMTPAuth = true; // Enable SMTP authentication
$phpmailer->Username = SMTP_LOGIN; // Set the SMTP username
$phpmailer->Password = defined('SMTP_PASSWORD') ? SMTP_PASSWORD : '';
} else {
$phpmailer->SMTPAuth = false; // Disable SMTP authentication
}
if (defined('SMTP_DEBUG') && SMTP_DEBUG) {
$phpmailer->SMTPDebug = 2; // Enable verbose debug output
} else {
$phpmailer->SMTPDebug = 0; // Disable debug output
}
if (defined('SMTP_SECURE') && SMTP_SECURE) {
$phpmailer->SMTPSecure = SMTP_SECURE; // Set the encryption type
} else {
$phpmailer->SMTPSecure = false; // Disable encryption
}
if(defined('SMTP_DOMAIN')) {
$phpmailer->From = BLOG_SLUG . '@' . SMTP_DOMAIN;
}
else {
$dsn = (object) parse_url(get_bloginfo('url'));
$phpmailer->From = BLOG_SLUG . '@' . $dsn->host;
}
$phpmailer->FromName = get_bloginfo('name');
$phpmailer->isSMTP();
});
}
private function two_factor_default() {
add_filter('two_factor_providers', function ($providers)
{
// Disable FIDO U2F by default
// ISSUE https://wordpress.org/support/topic/i-cant-add-my-yubikey/
$providers['Two_Factor_FIDO_U2F'] = '';
// Disable Dummy provider by default
$providers['Two_Factor_Dummy'] = '';
return $providers;
});
// Enable Two Factor Email by default
// force email two factor authentication
add_filter('two_factor_enabled_providers_for_user', function ($providers)
{
if (! in_array('Two_Factor_Email', $providers))
{
array_push($providers, 'Two_Factor_Email');
}
return $providers;
});
}
private function on_logout_redirect() {
add_action('wp_logout', function ()
{
if (defined('LOGOUT_REDIRECT_URL')) {
wp_redirect( LOGOUT_REDIRECT_URL );
exit;
}
});
}
}
new AppMuPlugin();
View Git Blame Copy Permalink