Add wildcard htpasswd and whitelist support for multisite subdomains and alias domains #57
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Modified generate_site_auth_files() to create _wildcard.site_url file for subdomain multisites (app_sub_type === 'subdom') - Handle alias_domains: create htpasswd files for each alias domain - Convert *.domain format aliases to _wildcard.domain - For subdomain multisites, also create wildcard versions of alias domains - Updated all callers to pass site_data parameter - Fetch site data from DB when regenerating auth for all sites globally Signed-off-by: Riddhesh Sanghvi <riddhesh237@gmail.com>
Add array_unique() to deduplicate domains array before processing, preventing duplicate htpasswd file creation when alias domains overlap with wildcard domains (e.g., *.example.com alias on a subdomain multisite) Signed-off-by: Riddhesh Sanghvi <riddhesh237@gmail.com>
- Modified generate_site_whitelist() to create whitelist files for _wildcard.site_url on subdomain multisites - Handle alias_domains: create whitelist files for each alias domain - Convert *.domain format aliases to _wildcard.domain - For subdomain multisites, also create wildcard versions of alias domains - Updated all callers to pass site_data parameter - Fetch site data from DB when regenerating whitelist for all sites globally Signed-off-by: Riddhesh Sanghvi <riddhesh237@gmail.com>
When alias_domains contains *.site_url (e.g., *.example.com for site example.com), skip it ONLY if the site is a subdomain multisite since _wildcard.site_url is already added in that case. For non-multisite sites with *.site_url alias, create the _wildcard.site_url file. Signed-off-by: Riddhesh Sanghvi <riddhesh237@gmail.com>
When no auths or whitelists exist for a site, explicitly remove all related htpasswd/whitelist files (including wildcards and aliases) and return early. This makes the cleanup behavior more explicit rather than silently iterating over an empty array. Signed-off-by: Riddhesh Sanghvi <riddhesh237@gmail.com>
Always remove _wildcard.site_url htpasswd and whitelist files at the start of regeneration. This ensures orphan wildcard files are cleaned up when a site changes from subdomain multisite to regular site type. Signed-off-by: Riddhesh Sanghvi <riddhesh237@gmail.com>
There was a problem hiding this comment.
Pull request overview
This PR adds support for wildcard htpasswd and IP whitelist files for WordPress multisite subdomain installations and alias domains. The main purpose is to enable HTTP authentication and IP whitelisting to work correctly on subdomains of multisite installations (e.g., site1.example.com, site2.example.com) by creating _wildcard.example.com configuration files.
Key changes:
- Modified
generate_site_auth_filesandgenerate_site_whitelistmethods to accept optional$site_dataparameter - Added logic to create wildcard (
_wildcard.domain) htpasswd/whitelist files for subdomain multisites - Added support for processing alias domains, including converting
*.domainformat to_wildcard.domainfilenames - Updated all call sites to pass the
$site_dataparameter
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+307
to
+345
| // Collect all domains to generate htpasswd files for | ||
| $domains = [ $site_url ]; | ||
|
|
||
| // For subdomain multisites, add wildcard file | ||
| if ( $site_data && ! empty( $site_data->app_sub_type ) && 'subdom' === $site_data->app_sub_type ) { | ||
| $domains[] = '_wildcard.' . $site_url; | ||
| } | ||
|
|
||
| // Add alias domains (excluding main site_url) | ||
| if ( $site_data && ! empty( $site_data->alias_domains ) ) { | ||
| $alias_list = array_map( 'trim', explode( ',', $site_data->alias_domains ) ); | ||
| foreach ( $alias_list as $alias ) { | ||
| if ( empty( $alias ) || $alias === $site_url ) { | ||
| continue; | ||
| } | ||
| // Skip *.site_url as it transforms to _wildcard.site_url (already added for subdomain multisite) | ||
| if ( ! empty( $site_data->app_sub_type ) && 'subdom' === $site_data->app_sub_type && '*.' . $site_url === $alias ) { | ||
| continue; | ||
| } | ||
| // Replace *.domain with _wildcard.domain | ||
| if ( 0 === strpos( $alias, '*.' ) ) { | ||
| $domains[] = '_wildcard.' . substr( $alias, 2 ); | ||
| } else { | ||
| $domains[] = $alias; | ||
| // For subdomain multisites, also add wildcard for non-wildcard alias domains | ||
| if ( ! empty( $site_data->app_sub_type ) && 'subdom' === $site_data->app_sub_type ) { | ||
| $domains[] = '_wildcard.' . $alias; | ||
| } | ||
| } | ||
| } | ||
| } | ||
|
|
||
| $auths = array_merge( | ||
| Auth::get_global_auths(), | ||
| Auth::where( 'site_url', $site_url ) | ||
| ); | ||
|
|
||
| foreach ( $auths as $key => $auth ) { | ||
| $flags = 'b'; | ||
| // Remove duplicates (e.g., *.example.com alias + subdomain multisite both create _wildcard.example.com) | ||
| $domains = array_unique( $domains ); |
There was a problem hiding this comment.
The domain collection logic in this method is duplicated in generate_site_whitelist (lines 412-445). Consider extracting this logic into a shared private method like collect_site_domains($site_url, $site_data) that returns the array of domains. This would reduce code duplication and make future maintenance easier.
| if ( $key === 0 ) { | ||
| $flags = 'bc'; | ||
| } | ||
| EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/%s %s %s', EE_PROXY_TYPE, $flags, $domain, $auth->username, $auth->password ) ); |
There was a problem hiding this comment.
EE::exec builds a shell command string for docker exec htpasswd by directly interpolating untrusted username, password, and domain values without any escaping or argument separation. A user who can control --user/--pass (or stored auth entries) can include shell metacharacters in these fields so that, when this command is executed, arbitrary additional commands run on the host or in the proxy container. Replace this string-based command construction with a safe-by-default execution API that passes each argument separately or properly escapes every dynamic value before invoking the shell.
Suggested change
| EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/%s %s %s', EE_PROXY_TYPE, $flags, $domain, $auth->username, $auth->password ) ); | |
| $container = escapeshellarg( EE_PROXY_TYPE ); | |
| $escaped_domain = escapeshellarg( $domain ); | |
| $escaped_username = escapeshellarg( $auth->username ); | |
| $escaped_password = escapeshellarg( $auth->password ); | |
| EE::exec( | |
| sprintf( | |
| 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/%s %s %s', | |
| $container, | |
| $flags, | |
| $escaped_domain, | |
| $escaped_username, | |
| $escaped_password | |
| ) | |
| ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Adds support for creating
_wildcard.site_urlhtpasswd and whitelist files for WordPress multisite subdomain sites, enabling HTTP authentication and IP whitelisting to work correctly on subdomains.Changes
New Features
_wildcard.site_urlhtpasswd/whitelist files for subdomain multisites (app_sub_type === 'subdom')alias_domains*.domainalias format to_wildcard.domainfilenameDepends on: EasyEngine/dockerfiles#298