StatusMiddleware
extends AbstractMiddleware
in package
Table of Contents
- $configs : Configs
- $isAdminKiosk : bool|null
- $isMultitenant : bool|null
- $isShortInit : bool|null
- $routeSecret : string|null
- $services : Container
- $logger : LoggerInterface
- __construct() : mixed
- matchPaths() : bool
- Matches two URL paths, considering optional trailing slashes.
- process() : ResponseInterface
- Processes the health check request and returns status information.
- checkCriticalUrls() : array<string|int, mixed>
- Check a list of "critical" URLs to ensure they return a 200 response.
- getAllowedAccessPaths() : null|array<string|int, mixed>
- Retrieve allowed access paths for wp-admin routes.
- getSubdomain() : null|array<string|int, string>
- isAdminRoute() : mixed
- isAdminRouteRestricted() : bool
- Check if a given URL or route matches the WordPress admin route pattern.
- isHybridMode() : bool
- isMultitenantApp() : bool
- Determines if the application is configured to operate in multi-tenant mode.
- isSecureMode() : bool
- isValidTenantId() : false|int
- log() : LoggerInterface
- multiMerge() : array<string|int, mixed>
- Merges two multi-dimensional arrays recursively.
- when() : void
- checkCacheConnection() : array<string|int, mixed>
- Cache connection health check.
- checkDatabaseConnection() : bool
- Database connection health check.
- checkDiskSpace() : array<string|int, mixed>
- checkMemoryUsage() : array<string|int, mixed>
- Check: Memory usage.
- checkSingleUrl() : array<string|int, mixed>
- Use cURL (built into PHP) to check if a URL returns 200.
- checkSystemStatus() : array<string|int, bool|bool[]|string>
- Checks the system's health status.
- convertToBytes() : int
- Convert shorthand memory size (e.g., "512M") to bytes.
- humanReadableSize() : string
- Produce a human-readable size from bytes, e.g. "2.34 MB".
- isHealthStatusCheck() : bool
Properties
$configs
protected
Configs
$configs
$isAdminKiosk
protected
bool|null
$isAdminKiosk
$isMultitenant
protected
bool|null
$isMultitenant
$isShortInit
protected
bool|null
$isShortInit
$routeSecret
protected
string|null
$routeSecret
$services
protected
Container
$services
$logger
private
LoggerInterface
$logger
Methods
__construct()
public
__construct([Container $serviceContainer = null ]) : mixed
Parameters
- $serviceContainer : Container = null
Return values
mixed —matchPaths()
Matches two URL paths, considering optional trailing slashes.
public
static matchPaths(string $uriPath, string $dbadminUrlPath) : bool
Parameters
- $uriPath : string
- $dbadminUrlPath : string
Return values
bool —process()
Processes the health check request and returns status information.
public
process(ServerRequestInterface $request, RequestHandlerInterface $handler) : ResponseInterface
Parameters
- $request : ServerRequestInterface
- $handler : RequestHandlerInterface
Return values
ResponseInterface —checkCriticalUrls()
Check a list of "critical" URLs to ensure they return a 200 response.
protected
checkCriticalUrls([array<string|int, mixed> $criticalUrls = [] ]) : array<string|int, mixed>
Parameters
- $criticalUrls : array<string|int, mixed> = []
Return values
array<string|int, mixed> —getAllowedAccessPaths()
Retrieve allowed access paths for wp-admin routes.
protected
getAllowedAccessPaths() : null|array<string|int, mixed>
This method fetches a list of allowed paths for the wp-admin directory based on configuration. It is designed to ensure that critical functionality like AJAX handling can operate without unnecessary restrictions while still securing other sensitive admin functionalities.
Configuration behavior:
-
security.restrict_wpadmin.enabled: Enables or disables the restriction mechanism (disabled by default). -
security.restrict_wpadmin.secure: If true, applies stricter matching for wp-admin paths. -
security.restrict_wpadmin.allowed: An array of specific paths to allow, e.g.,['admin-ajax.php'].
Example Usage:
- Allow
admin-ajax.phpfor AJAX requests to ensure plugins function correctly. - Restrict paths like
theme-editor.phpor custom plugin endpoints unless explicitly allowed. - Ensure security while allowing flexibility for specific use cases.
Example Configuration: 'restrict_wpadmin' => [ 'enabled' => true, 'secure' => false, 'allowed' => [ 'admin-ajax.php' ] ];
Tags
Return values
null|array<string|int, mixed> —Returns an array of allowed paths if restriction is enabled, null otherwise.
getSubdomain()
protected
getSubdomain(ServerRequestInterface $request) : null|array<string|int, string>
Parameters
- $request : ServerRequestInterface
Tags
Return values
null|array<string|int, string> —isAdminRoute()
protected
isAdminRoute(ServerRequestInterface $request) : mixed
Parameters
- $request : ServerRequestInterface
Return values
mixed —isAdminRouteRestricted()
Check if a given URL or route matches the WordPress admin route pattern.
protected
isAdminRouteRestricted(ServerRequestInterface $request) : bool
This method ensures that only specified paths within the wp-admin directory are allowed based on configurations. This is crucial for security as it prevents unauthorized access to sensitive WordPress admin functionalities.
Context:
When the restrict_wpadmin configuration is enabled (disabled by default), all requests to paths
under /wp/wp-admin will be restricted with a 401 response unless explicitly allowed.
The isAdminRouteRestricted method determines whether a request matches restricted
wp-admin routes and handles the restriction logic upstream.
Examples of wp-admin paths to consider:
-
wp-admin/admin-ajax.php: Frequently used by plugins for AJAX requests, should generally be allowed. -
wp-admin/theme-editor.php: Sensitive path that should typically be restricted. -
wp-admin/options.php: Core settings path that requires strict access control. -
wp-admin/admin-post.php: A common custom plugin endpoint that may require special handling.
Example Configuration: 'restrict_wpadmin' => [ 'enabled' => true, // Enables or disables wp-admin restrictions (disabled by default) 'secure' => false, // Enables stricter matching for wp-admin paths 'allowed' => [ 'admin-ajax.php' // Paths allowed even when restrictions are enabled ] ];
Parameters
- $request : ServerRequestInterface
-
The server request instance.
Return values
bool —Returns true if the route matches a restricted wp-admin route, false otherwise.
isHybridMode()
protected
static isHybridMode() : bool
Return values
bool —isMultitenantApp()
Determines if the application is configured to operate in multi-tenant mode.
protected
static isMultitenantApp(mixed $composerConfig) : bool
Parameters
- $composerConfig : mixed
Return values
bool —Returns true if the application is in multi-tenant mode, otherwise false.
isSecureMode()
protected
static isSecureMode() : bool
Return values
bool —isValidTenantId()
protected
isValidTenantId(string $tenantId) : false|int
Parameters
- $tenantId : string
Tags
Return values
false|int —log()
protected
log() : LoggerInterface
Return values
LoggerInterface —multiMerge()
Merges two multi-dimensional arrays recursively.
protected
static multiMerge(array<string|int, mixed> $array1, array<string|int, mixed> $array2) : array<string|int, mixed>
This function will recursively merge the values of $array2 into $array1.
If the same key exists in both arrays, and both corresponding values are arrays,
the values are recursively merged.
Otherwise, values from $array2 will overwrite those in $array1.
Parameters
- $array1 : array<string|int, mixed>
-
The base array that will be merged into.
- $array2 : array<string|int, mixed>
-
The array with values to merge into
$array1.
Return values
array<string|int, mixed> —The merged array.
when()
protected
when() : void
Return values
void —checkCacheConnection()
Cache connection health check.
private
checkCacheConnection() : array<string|int, mixed>
Return values
array<string|int, mixed> —checkDatabaseConnection()
Database connection health check.
private
checkDatabaseConnection() : bool
Return values
bool —checkDiskSpace()
private
checkDiskSpace() : array<string|int, mixed>
Return values
array<string|int, mixed> —checkMemoryUsage()
Check: Memory usage.
private
checkMemoryUsage() : array<string|int, mixed>
Return values
array<string|int, mixed> —checkSingleUrl()
Use cURL (built into PHP) to check if a URL returns 200.
private
checkSingleUrl(string $url) : array<string|int, mixed>
Parameters
- $url : string
Return values
array<string|int, mixed> —checkSystemStatus()
Checks the system's health status.
private
checkSystemStatus(array<string|int, mixed> $criticalRoutes) : array<string|int, bool|bool[]|string>
Parameters
- $criticalRoutes : array<string|int, mixed>
Tags
Return values
array<string|int, bool|bool[]|string> —convertToBytes()
Convert shorthand memory size (e.g., "512M") to bytes.
private
convertToBytes(string $value) : int
Parameters
- $value : string
Return values
int —humanReadableSize()
Produce a human-readable size from bytes, e.g. "2.34 MB".
private
humanReadableSize(int $bytes[, int $decimals = 2 ]) : string
Parameters
- $bytes : int
- $decimals : int = 2
Return values
string —isHealthStatusCheck()
private
static isHealthStatusCheck(mixed $isEnabled, mixed $statusRoute, ServerRequestInterface $request) : bool
Parameters
- $isEnabled : mixed
- $statusRoute : mixed
- $request : ServerRequestInterface