In my httpd.conf
file I want to execute the following filter only, if the file tmp
doen't exists: ExtFilterDefine htmlfilter mode=output intype=text/html cmd="/usr/bin/perl -pe 's|Mountainbike|BLUE|e unless q{\"\\Q/path/to/my.test.file/.tmp\E\"}'"
. Right now it is not working. I guess the part q{...}
is wrong. What do I have to change?
CodePudding user response:
Perl uses the -e
or -f
to test existence of a file. q{}
is just a fancy way of writing single quotes.
Also, the /e
modifier of the substitution evaluates the replacement as code. Are you sure you want to run the BLUE subroutine and replace Mountainbike
with its return value?
cmd="/usr/bin/perl -pe 's/Mountainbike/BLUE/ unless -f q{/path/to/my.test.file/.tmp}'"
CodePudding user response:
Many thanks to you. My filter above is just an example. In reality I use it to add a timestamp to css
, java
and json
files to prevent the md5 checksum hash that tools like WPscan use to detect the WordPress version. My current filter works, but there is a big problem. Since the added timestamp changes the md5 checksum
, I can't install any plugins or themes since wordpress also verifies the files through this type of check. This way I don't want to run the filter when I log in as wordpress admin. To achieve this goal, I use the wp_admin
hook to create a temporary file when the admin is logged in. Then my filter in httpd.conf
checks if the file exists and if not, only the filter is executed. Maybe you guys have some more tips and a safer way to check this? I also tried to achieve my goal by checking if $_SERVER[HTTP_COOKIE]=wp_logged_in_HASH
exists. But that does not work properly.