The following plugins are provided by DTS to help with WordPress sites hosted by DTS on-premises or in the cloud:
DTS Functions Plugin
This plugin adds many features to help harden WordPress including:
- Integrated Utah.gov header
- Catapult site information to DTS Catapult engine
- Canary Page for determining if the site is working correctly
- Provides an endpoint for determining software versions
- Creates a user role called “Content Admin” that has the ability to edit any content related stuff, but not install plugins or do WordPress updates.
- Disables WordPress REST API for the following:
- users: http://yoursite.com/wp-json/wp/v2/users
- comments: http://yoursite.com/wp-json/wp/v2/comments
- Hide the admin bar from users who can’t edit
- Redirect users who can’t edit to the homepage from wp-admin
- Disable the auto password change email
- Disable the auto email address change email
- Disable the auto new user welcome email
- Disable WordPress Emoji scripts.
- Disallow direct PHP access to the Theme folder (option)
- Disallow direct PHP access to the Plugins folder (option)
- Disallow direct PHP access to wp-includes
- Disallow direct PHP access to wp-content/uploads
- Session cookies http only
- Session cookies SSL only
- Disallow directory indexes
- Route error document to the built in WordPress error page
- Disallow xmlrpc.php access
- Disallow wp-config.php and htaccess access
- Disable comments globally. (posts and media)
DTS Database Search and Replace Plugin
This plugin/tool allows you to perform search and replace functions on MySQL databases. When a WordPress site is being moved from AT (Acceptance Testing) to Production (Live), this plugin will be used to convert the AT url to the new url in Production. The change is made at the database level.
For example, this tool could change dts.at.utah.gov to dts.utah.gov after being moved to production.
UMD Login Plugin
This plugin uses UMD to manage user access. By going to Settings > UMD Login, the admin can change the destination of where users are directed after logging out.