Add/jetpack protect #1501
Merged
Add/jetpack protect #1501
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adding a function to get the jetpack blog id, or the jetpack blog id of the main blog in a network.
For the duration of development, i'll be using my .com sandbox for obtaining a jetpack protect key.
Adding some params to our request to .com for an api key. Sending them the blog id ( or the blog id of the main blog in the network ), the bruteprotect api key ( if one exists ), and the number of sites in their network.
Adding an endpoint to get the whitelist. The whitelist will be stored as a site option. This allows us, if we are on multisite, to have one option that applies to the entire network.
Added a new POST endpoint for updating a site's protect whitelist. I still need to add some IP Address validation.
Adding proper parameters to the validate_input method. It needs to match the parent class in order to jibe with Travis CI.
in a previous commit, i changed the api base to my dotcom sandbox. i realize that it is not a good practice, so i'm changing it back. from now on i'll do this in wp-config.php
On activation, if we can't find the main blog id, that means we are on multisite, and the main blog hasn't connected to Jetpack. If this is the case, we will bail on getting the protect api key. since there will be cases where getting the protect api key will fail, we'll need to make a configuration page for this module that will give more information, and give them a chance to retry. the next commits will focus on the config page.
Getting an api key for protect is now in its own function.
adding in some more error checking and saving the api key to a site option.
I'm adding the standard configuration logic to the module so we can ensure that they received an api key and their site is protected. If there was an error getting their api key, they'll be able to use the configuration screen to retry.
I've decided that I do not want to automatiaclly deactivate bruteprotect when Protect is activated. There's a small chance there could be an error while generating a key for Protect, in which case the site could be without protection. I'm going to build some custom logic for deactivating bruteprotect.
moving the config ui to it's own file as it's about to grow a bit
On the protect config page, adding some javascript functionallity to the whitelist management form
|
@roccotripaldi: I'm seeing a lot of JSHint errors on They're all mostly trivial (I think nearly all are just using doublequote strings instead of singlequote), but should be tidied before merging. |
jeherve
added
[Feature] Protect
adding a way to pre-popluate your site with a placeholder whitelist. This will allow jeff golenski to have some stuff to style!
|
+1 George. Thanks for catching that. |
Copied blocking mechanisms from the BruteProtect plugin, and refactored them into the Protect module.
We need to de-increment available attempts if user proved humanity through math
get_ip() will be needed by both the module and the endpoint
…nto add/jetpack-protect Conflicts: modules/protect.php
now that we've moved the get_ip function out of a class, we need to re-structure it.
I'd like to include the current user's ip in the endpoint response. Also fixing a translation string.
Styled whitelist config textarea
…nto add/jetpack-protect
another text area adjustment
Loading widget styles only on initial dashboard, rather than all admin pages.
thanks @jeherve for the tip
…nto add/jetpack-protect
Link to wordpress.com to enable file scanning
Conflicts: css/jetpack-admin-rtl.css css/jetpack-admin-rtl.min.css css/jetpack-admin.css.map css/jetpack-admin.min.css css/jetpack-admin.min.css.map css/jetpack-rtl.css css/jetpack.css
Let's use a site_option for 'jetpack_file_scanning_enabled' and 'jetpack_protect_blocked_attempts' because they will apply to the entire network on multisite installs
…nto add/jetpack-protect
removing inline styles from config_ui.php, added to protect css. (grunt added new styles, not sure exactly what they are)
Adding a conditional notification that tells user if the protect module is configured properly.
…nto add/jetpack-protect
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.