feat(*): Add disable_prod_log config and remove disable_bouncing config, prepare release 1.8.0

Author: julienloizelet

CHANGELOG.md

@@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+
+## [1.8.0] - 2022-08-04
+
+### Added
+- Add `use_curl` configuration: should be used if `allow_url_fopen` is disabled and `curl` is available
+- Add `disable_prod_log` configuration
+
+### Changed
+- Change log path to `wp-content/plugins/crowdsec/logs`
+- By default, the `bouncing_level` setting is `bouncing_disabled` (instead of `normal_bouncing`)
+
+
 ## [1.7.0] - 2022-07-21
 
 ### Added

composer.json

@@ -19,7 +19,7 @@
 		}
 	},
 	"require": {
-		"crowdsec/bouncer": "0.27.0",
+		"crowdsec/bouncer": "0.28.0",
 		"symfony/polyfill-mbstring": "1.20.0",
 		"symfony/service-contracts": "2.4.1"
 	},

composer.lock

@@ -4,7 +4,7 @@
  * Plugin URI: https://github.com/crowdsecurity/cs-wordpress-bouncer
  * Description: Safer Together. Protect your WordPress application with CrowdSec.
  * Tags: crowdsec-bouncer, wordpress, security, firewall, captcha, ip-scanner, ip-blocker, ip-blocking, ip-address, ip-database, ip-range-check, crowdsec, ban-hosts, ban-management, anti-hacking, hacker-protection, captcha-image, captcha-generator, captcha-generation, captcha-service
- * Version: 1.7.0
+ * Version: 1.8.0
  * Author: CrowdSec
  * Author URI: https://www.crowdsec.net/
  * Github: https://github.com/crowdsecurity/cs-wordpress-blocker
@@ -13,7 +13,7 @@
  * Requires PHP: 7.2
  * Requires at least: 4.9
  * Tested up to: 6.0
- * Stable tag: 1.7.0
+ * Stable tag: 1.8.0
  * Text Domain: crowdsec-wp
  * First release: 2021.
  */

crowdsec.php

@@ -72,12 +72,6 @@ also be able to test your settings.
 
 ***
 
-`Bouncing feature → Disable bouncing feature`
-
-Until you have configured all the required parameters, you should disable the bouncing feature.
-
-***
-
 
 `Connection details → LAPI URL`
 
@@ -302,9 +296,16 @@ See the `Geolocation cache lifetime` setting above to set the lifetime of this r
 
 Enable if you want to see some debug information in a specific log file.
 
-When this mode is enabled, a `debug.log` file will be written in a `wp-content/plugins/crowdsec/logs` 
-sub folder.
-Note that by default, there is always a `prod.log` file in the same folder.
+When this mode is enabled, a `debug.log` file will be written in `wp-content/plugins/crowdsec/logs` folder.
+
+***
+
+`Debug mode → Disable prod log`
+
+By default, a `prod.log` file will be written in `wp-content/plugins/crowdsec/logs` folder.
+
+You can disable this log here.
+
 
 ***
 

docs/USER_GUIDE.md

@@ -50,6 +50,7 @@ public function getBouncerInstance(array $settings): Bouncer
             'api_timeout' => Constants::API_TIMEOUT,
             // Debug
             'debug_mode' => $this->getBoolSettings('crowdsec_debug_mode'),
+            'disable_prod_log' => $this->getBoolSettings('crowdsec_disable_prod_log'),
             'log_directory_path' => Constants::CROWDSEC_LOG_BASE_PATH,
             'forced_test_ip' => $this->getStringSettings('crowdsec_forced_test_ip'),
             'forced_test_forwarded_ip' => $this->getStringSettings('crowdsec_forced_test_forwarded_ip'),
@@ -210,19 +211,17 @@ public function getPostedVariable(string $name): ?string
      */
     public function shouldBounceCurrentIp(): bool
     {
-        $shouldNotBounce = $this->getBoolSettings('crowdsec_bouncer_disabled');
-        if ($shouldNotBounce) {
+        $bouncingDisabled = (Constants::BOUNCING_LEVEL_DISABLED === $this->escape($this->getStringSettings('crowdsec_bouncing_level')));
+        if ($bouncingDisabled) {
             if($this->logger){
                 $this->logger->warning('', [
                     'type' => 'WP_CONFIG_BOUNCER_DISABLED',
                     'message' => 'Will not bounce because bouncing is disabled.',
                 ]);
             }
-
             return false;
         }
 
-
         // We should not bounce when headers already sent
         if (headers_sent()) {
             return false;
@@ -274,10 +273,6 @@ public function shouldBounceCurrentIp(): bool
             return false;
         }
 
-        $bouncingDisabled = (Constants::BOUNCING_LEVEL_DISABLED === $this->escape($this->getStringSettings('crowdsec_bouncing_level')));
-        if ($bouncingDisabled) {
-            return false;
-        }
 
         return true;
     }
@@ -389,7 +384,8 @@ public function isConfigValid(): bool
     public function initLogger(array $configs): void
     {
         $isDebug = !empty($configs['crowdsec_debug_mode']);
-        $this->logger = getStandaloneCrowdSecLoggerInstance(Constants::CROWDSEC_LOG_PATH, $isDebug, Constants::CROWDSEC_DEBUG_LOG_PATH);
+        $disableProd = !empty($configs['crowdsec_disable_prod_log']);
+        $this->logger = getStandaloneCrowdSecLoggerInstance($isDebug, $disableProd);
 
     }
 }

docs/images/screenshots/config-connection.jpg

@@ -22,7 +22,7 @@ class Constants extends LibConstants
     public const CROWDSEC_DEBUG_LOG_PATH = __DIR__ . '/../logs/debug.log';
     public const CROWDSEC_CACHE_PATH = __DIR__ . '/../.cache';
     public const CROWDSEC_CONFIG_PATH = __DIR__ . '/standalone-settings.php';
-    public const CROWDSEC_BOUNCER_USER_AGENT = 'WordPress CrowdSec Bouncer/v1.7.0';
+    public const CROWDSEC_BOUNCER_USER_AGENT = 'WordPress CrowdSec Bouncer/v1.8.0';
     public const CROWDSEC_BOUNCER_GEOLOCATION_DIR = __DIR__ . '/../geolocation';
 
 }

docs/images/screenshots/config-debug.jpg

@@ -355,7 +355,11 @@ function convertInlineIpRangesToComparableIpBounds(string $inlineIpRanges): arra
 
     // Field "crowdsec_debug_mode"
     addFieldCheckbox('crowdsec_debug_mode', 'Enable debug mode', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_debug', function () {}, function () {}, '
-    <p>Should not be used in production.<br>When this mode is enabled, a debug.log file will be written in the <i>wp-content/plugins/crowdsec/logs</i> folder.<br> Note that by default, there is always a prod.log file in the same folder.</p>');
+    <p>Should not be used in production.<br>When this mode is enabled, a debug.log file will be written in the <i>wp-content/plugins/crowdsec/logs</i> folder.</p>');
+
+    // Field "crowdsec_disable_prod_log"
+    addFieldCheckbox('crowdsec_disable_prod_log', 'Disable prod log', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_debug', function () {}, function () {}, '
+    <p>By default, a prod.log file will be written in the <i>wp-content/plugins/crowdsec/logs</i> folder.<br>You can disable this log here.</p>');
 
 	/*******************************
 	 ** Section "Display errors" **