Quick and dirty wp security thing. Renaming constants, filenames and directorynames

add_wp_security.rb

#!/usr/bin/env ruby
# encoding: utf-8

if RUBY_VERSION.to_f < 1.9
  raise "You have to use ruby 1.9 or higher"
end

require 'fileutils'

RENAME_FILES = true
RENAME_DIRECTORIES = true
RENAME_FILES_PREFIX = "iso"

RENAME_CONSTANTS = true
CONSTANTS_PREFIX = "ISO_"

#TABLE_PREFIX = "iso_"

CONSTANTS = {
  'DB_NAME' => "#{CONSTANTS_PREFIX}DB_NAME",
  'DB_USER' => "#{CONSTANTS_PREFIX}DB_USER",
  'DB_PASSWORD' => "#{CONSTANTS_PREFIX}DB_PASSWORD",
  'DB_HOST' => "#{CONSTANTS_PREFIX}DB_HOST",
  '$table_prefix' => "$iso_table_prefix",
  'WP_DEBUG' => "#{CONSTANTS_PREFIX}WP_DEBUG",
  'WPINC' => "#{CONSTANTS_PREFIX}WPINC",
  'WP_MEMORY_LIMIT' => "#{CONSTANTS_PREFIX}WP_MEMORY_LIMIT",
  'WP_MAX_MEMORY_LIMIT' => "#{CONSTANTS_PREFIX}WP_MAX_MEMORY_LIMIT",
  'WP_CONTENT_DIR' => "#{CONSTANTS_PREFIX}WP_CONTENT_DIR",
  'WP_LANG_DIR' => "#{CONSTANTS_PREFIX}WP_LANG_DIR",
  'LANGDIR' => "#{CONSTANTS_PREFIX}LANGDIR",
  'WP_CONTENT_DIR' => "#{CONSTANTS_PREFIX}WP_CONTENT_DIR",
  'WP_PLUGIN_DIR' => "#{CONSTANTS_PREFIX}WP_PLUGIN_DIR",
  'WP_PLUGIN_URL' => "#{CONSTANTS_PREFIX}WP_PLUGIN_URL",
  'PLUGINDIR' => "#{CONSTANTS_PREFIX}PLUGINDIR",
  'WPMU_PLUGIN_DIR' => "#{CONSTANTS_PREFIX}WPMU_PLUGIN_DIR",
  'WPMU_PLUGIN_URL' => "#{CONSTANTS_PREFIX}WPMU_PLUGIN_URL",
  'MUPLUGINDIR' => "#{CONSTANTS_PREFIX}MUPLUGINDIR",
  'COOKIEHASH' => "#{CONSTANTS_PREFIX}COOKIEHASH",
  'USER_COOKIE' => "#{CONSTANTS_PREFIX}USER_COOKIE",
  'PASS_COOKIE' => "#{CONSTANTS_PREFIX}PASS_COOKIE",
  'AUTH_COOKIE' => "#{CONSTANTS_PREFIX}AUTH_COOKIE",
  'SECURE_AUTH_COOKIE' => "#{CONSTANTS_PREFIX}SECURE_AUTH_COOKIE",
  'LOGGED_IN_COOKIE' => "#{CONSTANTS_PREFIX}LOGGED_IN_COOKIE",
  'TEST_COOKIE' => "#{CONSTANTS_PREFIX}TEST_COOKIE",
  'COOKIEPATH' => "#{CONSTANTS_PREFIX}COOKIEPATH",
  'SITECOOKIEPATH' => "#{CONSTANTS_PREFIX}SITECOOKIEPATH",
  'ADMIN_COOKIE_PATH' => "#{CONSTANTS_PREFIX}ADMIN_COOKIE_PATH",
  'PLUGINS_COOKIE_PATH' => "#{CONSTANTS_PREFIX}PLUGINS_COOKIE_PATH",
  'TEMPLATEPATH' => "#{CONSTANTS_PREFIX}TEMPLATEPATH",
  'STYLESHEETPATH' => "#{CONSTANTS_PREFIX}STYLESHEETPATH",
  'WP_DEFAULT_THEME' => "#{CONSTANTS_PREFIX}WP_DEFAULT_THEME"
}

puts 
puts
puts "THIS ACTION WILL RENAME AND EDIT A LOT OF FILES"
puts "PLUGINS MIGHT HAVE TO BE UPDATED IN ORDER TO WORK"
puts "THESE CHANGES ARE INREVERSABLE AND YOU SHOULD TAKE BACKUP BEFORE CONTINUING"
puts
print "Are you sure you want to continue? [yes|no] : "
promt = gets.chomp

exit unless promt == 'yes' || promt == 'y'

puts 
puts

class WPSecurity
  def initialize
    @basepath = File.expand_path(File.join(__FILE__, '..'))
  end

  def run
    files = Dir["**/*.*"] # **/*.php
    directories = Dir["**/"]

    if RENAME_FILES
      @replace_files = {}
      files.each do |f|
        name = f.split("/").last
        @replace_files[name] = name.gsub("wp-", "#{RENAME_FILES_PREFIX}-wp-") unless name["wp-"].nil?
      end

      @replace_files_pattern = @replace_files.map {|k,v| k}.join('|')
    end
    if RENAME_DIRECTORIES
      @replace_directories = {}
      @replace_directories_pattern = []
      directories.each do |f|
        f[-1] = '' if f[-1] == '/'
        name = f.split("/").last
        unless name["wp-"].nil?
          new_name = name.gsub("wp-", "#{RENAME_FILES_PREFIX}-wp-")
          @replace_directories_pattern << "\\/#{name}"
          @replace_directories["/#{name}"] = "/#{new_name}"
          @replace_directories_pattern << "'#{name}'"
          @replace_directories["'#{name}'"] = "'#{new_name}'"
          @replace_directories_pattern << "#{name}\\/"
          @replace_directories["#{name}/"] = "#{new_name}/"
        end
      end

      @replace_directories_pattern = @replace_directories_pattern.join('|')
    end

    if RENAME_CONSTANTS
      @replace_constants_pattern = CONSTANTS.map {|k,v| k.gsub("$", "\\$")}.join('|')
    end

    puts "REPLACING FILES"
    files.each do |f|
      fix_file(f) unless File.directory?(f) or (f['.js'] or f['.css'] or f['.php']).nil?
    end

    if RENAME_FILES
      puts 
      puts "RENAMING FILES"

      files.each do |f|
        new_name = f.split('/')

        next if new_name.last["wp-"].nil? 
        new_name.last.gsub!("wp-", "#{RENAME_FILES_PREFIX}-wp-")
        new_name = File.join(*new_name)

        File.rename(f, new_name)
      end
    end

    if RENAME_DIRECTORIES
      puts 
      puts "RENAMING DIRECTORIES"
      directories.each do |d|
        new_name = d.split('/')
        next if new_name.last["wp-"].nil?
        new_name.last.gsub!("wp-", "#{RENAME_FILES_PREFIX}-wp-")
        new_name = File.join(*new_name)

        puts "#{d} => #{new_name}"
        FileUtils.mv(d, new_name)
      end
    end

    puts 
    puts "Remember to use a different table prefix than 'wp_'"
    puts
  end

  def fix_file(f)
    text = File.read f
    begin
      search_for = []
      replace_with = {}
      if RENAME_FILES
        search_for << @replace_files_pattern
        replace_with.merge! @replace_files
      end
      if RENAME_DIRECTORIES
        search_for << @replace_directories_pattern
        replace_with.merge! @replace_directories
      end
      if RENAME_CONSTANTS
        search_for << @replace_constants_pattern
        replace_with.merge! CONSTANTS
      end

      text.gsub!(Regexp.new(search_for.join('|')), replace_with) 

      File.open(f, "w") {|a| a.puts text }
    rescue Exception => e
      puts "Could not replace #{f}"
      puts e.message
    end
  end

end

WPSecurity.new.run