auto change page password
To change the interval for password change: Change time on line# 123 in acp-directly.php
//Set the WordPress password-protected post cookie expiry time
/**
Filters the life span of the post password cookie.
By default, the cookie expires 10 days from creation. To turn this
into a session cookie, return 0.
@since 3.7.0
@param int $expires The expiry time, as passed to setcookie().
*/
add_filter( 'post_password_expires', 'acp_custom_post_password_expires' );
function acp_custom_post_password_expires( $expires ) {
return time() + 30; // Expire in 30 seconds
}
return time() + 30; // Expire in 30 seconds
change this to
return time() + 600; // Expire in 10 minutes
After writing all this I realized it's pretty simple really, it's just a password-protected page; I can figure out how to use it after it's done.
I tried shortlinks, different captchas, pretty much all the methods to stop bots, but still the logs and wordfence show many cheating accesses. I thought that using WPs password protection would be an efficient way of adding a unique anti-bot feature. Being unique is more important than being strong protection in this case, because 99% of all bots are just run by script kiddies with no clue how to adapt or improve code, and script writers are unlikely to bother with a unique barrier.
I tried it out by setting up a password and making a question/answer pair, but the problem is that once they have the password they can access it forever, so I needed to change the password regularly. Doing it manually is not ideal. Here are a few ideas. Need to discuss them but this is a start.
- Password changes from a set e.g every 2 hours.
- I keep adding new ones, but the plug-in only keeps e.g. 20 latest ones (having more entries will increase the server load?) and cycles through them if I don't add new ones. I could always keep sets complete and replace a whole set now and then to save having to keep making new ones. Wow, 'save set' would be cool... or maybe just use sets, and don't bother with single entries. I don't know what would be most efficient.
- Would be very useful to be able to put video embed code, images etc in as part of the question.
On roflfaucet.com the landing page has a link ("Follow this link,") to the faucet page. At the moment it goes via a shortlink service to http://roflfaucet.com/claim/ where they can claim. I can just remove the shortlink and we can make it a simple password field where they put in the answer. If I can get rid of the bots I can pay more, perhaps addingt. The faucet will not make money, it will lose a little but it's the cheapest way I could come up with to advertise Click For Africa. I could add the shortlink back in sometime later within the password-protected page.
The only problem I can foresee is when the password changes - if the user is already part-way through. I guess it will not happen often.
change wording of password entry bit
without messing with php:
add to css in customize.
.post-password-form p:first-child {
visibility: hidden;
}
.post-password-form p:first-child:before {
content: “whatever you want“;
visibility: visible;
}
Below may be of some use.
The post/page passwords are stored in the wp_posts
table in the post_password
field.
You can try the following demo plugin to update the post password automatically with help of wp-cron. You might alternatively consider transients or custom post meta.
<?php /** * Plugin Name: Auto Post-Password Changer * Description: Schedule a wp-cron password update event that runs every 2nd day * Plugin URI: http://wordpress.stackexchange.com/a/174820/26350 * Author: Birgir Erlendsson (birgire) * Version: 0.0.1 */ add_action( 'wpse_change_pass_event', function() { // Update the post password for a given slug. // See for example: http://wordpress.stackexchange.com/a/130535/26350 $slug = 'hello-world'; // Edit this post slug to your needs! global $wpdb; $wpdb->update( $wpdb->posts, array( 'post_password' => uniqid() ), array( 'post_name' => $slug ), array( '%s' ), array( '%s' ) ); }); add_filter( 'cron_schedules', function( $schedules ) { // Our custom cron interval: $schedules['every_2nd_day'] = array( 'interval' => 2 * DAY_IN_SECONDS, 'display' => 'Once every second day' ); return $schedules; }); register_activation_hook( __FILE__, function() { // Start the cron job: wp_schedule_event( time(), 'every_2nd_day', 'wpse_change_pass_event' ); }); register_deactivation_hook( __FILE__, function() { // Stop the cron job: wp_clear_scheduled_hook( 'wpse_change_pass_event' ); });
You just have to modify the $slug
of the page you want to modify.
Notice that you need a traffic to your site to activate the wp-cron.
Here we use the PHP function uniqid()
to generate the password, so it's of the form:
I hope you can extend this to your needs.