search

john-lang-86 / lj-maintenance-mode

Simple maintenance mode wordpress plugin.
https://plugins.itsluk.as/maintenance-mode/
0 stars 1 forks source link

Resolve lukasjuhas/lj-maintenance-mode#37 - Add "Allowed" Setting Lists to Always By-pass Maintenance Mode Page #12

Closed john-lang-86 closed 2 years ago

john-lang-86 commented 2 years ago

Resolve lukasjuhas/lj-maintenance-mode#37 by adding 6 "Allowed" setting lists; match one on a list and maintenance mode lets the request proceed.

  1. Add "Allowed IPs" setting option for $_SERVER[REMOTE_ADDR] request matching.

    • Allow for IPv4 and IPv6.
    • Allow for partial matches (starts with) to allow whole subnets access.

  2. Add "Allowed URIs (Strict)" setting option for $_SERVER[REQUEST_URI] request matching.

    • Ignore query string and trailing slashes.
    • Always allow wp-login.php as a hardcoded value (not an option to turn it off).

  3. Add "Allowed URIs (Contains)" setting, where $_SERVER[REQUEST_URI] request matching.

    • Ignore query string and trailing slashes.

  4. Add "Allowed Query Strings" setting option for $_SERVER[QUERY_STRING] request matching.

    • Always allow action=enter_recovery_mode&rm_token= as a hardcoded value (not an option to turn it off).

  5. Add "Allowed Referers" setting option for $_SERVER[HTTP_REFERER] request matching.

  6. Add "Allowed User Agents" setting option for $_SERVER[HTTP_USER_AGENT] request matching.

Tip: This could also be referred to as 'exclude' options; but, I'm going with 'allow' as the settings are from the maintenance modes perspective ... block this and allow that style language.