Maintenance Redirect
| 开发者 |
petervandoorn
jfinch3 |
|---|---|
| 更新时间 | 2024年9月12日 02:06 |
| 捐献地址: | 去捐款 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 6.6.2 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
- They can be presented with a simple message.
- They can be presented with a custom HMTL page.
- They can be redirected to a static HTML page. This static page will need to be uploaded to the server via FTP or some other method. This plugin DOES NOT include any way to upload the static page file. Any URL can be used here, and it doesn't need to be on the same server (so you could redirect back to the client's current site if you're working on a dev site, for example). However, it should NOT be the URL of a WordPress page or post on the same site as this will result in an infinite redirect loop.
安装:
- Upload the
jf3-maintenance-modefolder to your plugins directory (usually/wp-content/plugins/). - Activate the plugin through the
Pluginsmenu in WordPress. - Configure the settings through the
Maintenance RedirectSettings panel.
屏幕截图:
常见问题:
What does Maintenance Redirect block?
This plugin is designed to block only the normal display of pages in the web browser. It will not effect any other calls to WordPress, such as the Rest API. This means that services such as the PayPal and Stripe integrations in WooCommerce, for example, are still able to function for testing WooCommerce stores. It also means that all of the usual WordPress REST endpoints are active. If you wish to completely lock down your site's data then you will need to find an additional solution to block those calls.
How can I bypass the redirect programatically?
There is a filter which allows you to programatically bypass the redirection block:
wpjf3_matches
This allows you to run pretty much any test you like, although be aware that the whole redirection thing runs before the $post global is set up, so WordPress conditionals such as is_post() and is_tax() are not available.
This example looks in the $_SERVER global to see if any part of the URL contains "demo"
function my_wpjf3_matches( $wpjf3_matches ) {
if ( stristr( $_SERVER['REQUEST_URI'], 'demo' ) )
$wpjf3_matches[] = "";
return $wpjf3_matches;
}
add_filter( "wpjf3_matches", "my_wpjf3_matches" );
Props to @brianhenryie for this!
How can I let my logged-in user see the front end?
By default, Maintenance Redirect uses the manage_options capability, but that is normally only applied to administrators. As it stands, a user with a lesser permissions level, such as editor, is able to view the admin side of the site, but not the front end. You can change this using this filter:
wpjf3_user_can
This filter is used to pass a different WordPress capability to check if the logged-in user has permission to view the site and thus bypass the redirection, such as edit_posts. Note that this is run before $post is set up, so WordPress conditionals such as is_post() and is_tax() are not available. However, it's not really meant for programatically determining whether a user should have access, but rather just changing the default capability to be tested, so you don't really need to do anything other than the example below.
function my_wpjf3_user_can( $capability ) {
return "edit_posts";
}
add_filter( "wpjf3_user_can", "my_wpjf3_user_can" );
Does this work through a proxy?
Yes, there is no problem when using access keys. However, using the IP address whitelist is now a little more problematic as, due to an over-zealous security researcher, I have been forced to drop the support for testing the http X-FORWARDED-FOR header which supplies the original IP address rather than the proxy IP address. This is unfortunate as it means that you will have to whitelist the proxy's IP address rather than the end-user's address.
更新日志:
- Removed the testing of X-FORWARDED-FOR header to get the IP address for the whitelisting bypass as some over-zealous security researcher says that can be spoofed. Access through a proxy must now be made by whitelisting the proxy IP rather than the end-user's.
- Added clarification to readme and on-screen info about the scope of what this plugin blocks (see FAQs)
- Uodated minimum requirements for WP (5.1) and PHP (5.6).
- Updated the UI with tabs for each of the sections.
- Changed the activation method from a select menu to a toggle switch.
- Split the HTML and Message storage in the database to separate fields. When the plugin is updated the message text should be copied across, but please do double-check. I suggest that you make a copy of your message or HTML before updating just in case.
- Tweaked the HTML used for the Message option.
- Added an option to delete all of the plugin's settings and database tables the next time that the plugin is deleted using the Plugins screen. There are caveats - see the About & Options tab in the plugin settings page for more info.
- Added responsive styling for the IP addresses and Access Keys tables to better display on mobile phone screens.
- Tidied up some of the on-screen information.
- Added an about section with a link to "buy me a coffee" :-)
- Additional minor code tweaks
- Fixed sprintf() PHP warning.
- Added plugin status to the admin bar.
- Fixed bug where body text was being output twice.
- Fixed Update Settings button not working.
- Added button to copy full URL of an Access Key link to the clipboard.
- You can now click on your IP or Class C address to add it to the unrestricted IP addresses field.
- General hardening of translated text escaping.
- Added links to plugin screen and the dashboard notification to go to the Settings page.
- Added information to the Site Health screen.
- Added
wpjf3_matchesfilter to allow programatical bypasses. Thanks to @brianhenryie for this. - Added
wpjf3_user_canfilter to allow the WordPress capability check to be changed so logged-in users can be allowed to bypass the redirect.
- Fixed ability to set IP address using Class C wildcard (eg, 192.168.0.*) - thanks to @tsouts for bringing that to my attention.
- Tiny translation tweak
- Phooey! Found a couple of translation strings that I missed on the previous commit!
- Now translatable! I’m a typical Englishman who doesn’t speak any other language, so at time of release there aren’t any translation packs available. However, if you’re interested in contributing, just pop over to https://translate.wordpress.org/ and get translating!
- Minimum WordPress requirement now 4.6 due to usage of certain translation bits & bobs.
- Plugin taken over by @petervandoorn due to being unmaintained for over 4 years.
- Changed name to Maintenance Redirect
- Setting added to choose whether to return 200 or 503 header
- Added nonces and other, required, security checks
- General code modernisation
- Updated to return 503 header when enabled to prevent indexing of maintenance page.
- Also, wildcards are allowed to enable entire class C ranges. Ex: 10.10.10.*
- A fix affecting some installations using a static page has been added. Thanks to Dorthe Luebbert.
- Fixed bug in Unrestricted IP table creation.
- Updated settings panel issue in WordPress 3.0 and moved folder structure to work properly with WordPress auto install.
- First release. No Changes Yet.