Beschrijving
Acunetix Secure WordPress plugin is a free and comprehensive security tool that helps you secure your WordPress
installation and suggests corrective measures for: securing file permissions, security of the database, version hiding,
WordPress admin protection and lots more.
Acunetix Secure WordPress checks your WordPress website/blog for security vulnerabilities and suggests corrective actions such as:
- Passwords
- File permissions
- Database security
- Version hiding
- WordPress admin protection/security
- Removes WP Generator META tag from core code
Eigenschappen
- WordPress version 3.0 and higher
- PHP5 (tested with PHP Interpreter >= 5.2.9)
For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.
Key security features:
- Easy backup of WordPress database for disaster recovery
- Removal of error-information on login-page
- Addition of index.php to the wp-content, wp-content/plugins, wp-content/themes and wp-content/uploads directories to prevent directory listings
- Removal of wp-version, except in admin-area
- Removal of Really Simple Discovery meta tag
- Removal of Windows Live Writer meta tag
- Removal of core update information for non-admins
- Removal of plugin-update information for non-admins
- Removal of theme-update information for non-admins (only WP 2.8 and higher)
- Hiding of wp-version in backend-dashboard for non-admins
- Removal of version in URLs from scripts and stylesheets only on frontend
- Reporting of security overview after WordPress blog is scanned
- Reporting of file permissions following security checks
- Live traffic tool to monitor your website activity in real time
- Integrated tool to change the database prefix
- Disabling of database error reporting (if enabled)
- Disabling of PHP error reporting
For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.
WordPress Security
Security Scanner:
- Scans WordPress installation for file/directory permissions vulnerabilites
- Recommends corrective actions
- Scans for general security vulnerabilities
For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.= License =
Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog.
For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.
Schermafdrukken
Installatie
- Make a backup of your current installation
- Unpack the downloaded package
- Upload the extracted files to the /wp-content/plugins/ directory
- Activeer de plugin via het ‘Plugins’ menu in WordPress
If you encounter any bugs, or have comments or suggestions, please post them on the
Acunetix Secure WordPress plug-in forum.
For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.
FAQ
- Installation Instructions
-
- Make a backup of your current installation
- Unpack the downloaded package
- Upload the extracted files to the /wp-content/plugins/ directory
- Activeer de plugin via het ‘Plugins’ menu in WordPress
If you encounter any bugs, or have comments or suggestions, please post them on the
Acunetix Secure WordPress plug-in forum.For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum. - Can I deactivate Acunetix Secure WordPress once I’ve run it once?
-
No. Acunetix Secure WordPress needs to be left activated to work. Version hiding,
turning off DB errors, removing WP ID META tag from HTML output, and other
functionality will cease if you deactivate the plugin. - How do I change the file permissions on my WordPress installation?
-
From the Linux command line (for advanced users):
chmod xxx filename.ext
(replace xxx with with the permissions settings for the file or folder).From your FTP client:
Most FTP clients, such as FileZilla, etc, allow for changing file
permissions. Please consult your client’s documentation for your specific
directions.For more information, please visit https://codex.wordpress.org/Changing_File_Permissions
- Why do I need to hide my version of WordPress?
-
Many attackers and automated tools will try and determine software versions
before launching exploit code. Removing your WordPress blog version may
discourage some attackers and certainly will mitigate virus and malware programs
that rely on software versions.For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.
Beoordelingen
Bijdragers & ontwikkelaars
“Acunetix Secure WordPress” is open source software. De volgende personen hebben bijgedragen aan deze plugin.
BijdragersVertaal “Acunetix Secure WordPress” naar jouw taal.
Interesse in ontwikkeling?
Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.
Changelog
3.0.4
- Fixed XSS issue
3.0.3
- Added CSRF prevention mechanism
3.0.2
- Add support for WordPress 4.0
3.0.1
- Added the missing files
3.0.0
- Complete core update
- Added live traffic functionality
- Added check for the wp-config.php file one level above if not found in the install directory
- Fixed broken functionalities
- Security settings are now configurable
- Removed all languages
v2.0.8
- Removed the registration requirement
v2.0.7
- Update: Updated the deprecated function call get_bloginfo(‘siteurl’) to get_bloginfo(‘url’)
- Update: Updated validation for plug-in form fields (email address, user name, target id, etc.)
v2.0.6
- New setting: Option to open / close WebsiteDefender dashboard widget
- Update: Internal code updates
v2.0.5
- BugFix: The bug reported about ALTER rights retrieval has been addressed
- Update: Code cleanup
- Update: Minor internal updates
v2.0.4
- Feature: The Acunetix RSS widget added to the admin dashboard
- Update: The plug-in has been made compatible with WP Security Scan and WebsiteDefender WordPress Security
- Feature: Turkish language files added.
v2.0.3 (07/21/2011)
- Bugfix: The import of external resources has been fixed.
v2.0.2 (07/20/2011)
- Bugfix: Updated the links to websitedefender.com
v2.0.1 (07/20/2011)
- Update: Major code cleanup
- Update: Updated the class that handles the authentication/registration with WebsiteDefender.com in order to avoid code collision when both plug-ins are active.
- New: Dependent files (.css/.js/.php) have been added
v2.0.0 (03/22/2011)
- Feature: Release new stable version
- Feature: Support for WordPress 3.1
- Feature: Change owner of the plugin to WebsiteDefender
- Feature: Re-branding of the plugin
- Feature: Integrated WebsiteDefender registration in Settings
v1.0.6 (11/15/2010)
- Bugfix: change from
public
tovar
for variables to use the plugin on PHP5.2 and smaller
v1.0.5 (11/10/2010)
- Feature: Remove WordPress version on urls form scripts and stylesheets
- Maintenance: rescan and update german language file
- Remove: exclude to add string fpr wp-scanner-service; Wish of the community users
v1.0.4 (10/09/2010
- Bugfix: update options
v1.0.3 (10/06/2010)
- Bugfix: include JS for remove version in backend for Non-Admins
- Bugfix: change for php-warning at update options
- Maintenance: update italian language files
- Maintenance: update german language files
- Maintenance: update pot file
v1.0.2 (09/10/2010)
- add persian language file
- change the backend; remove WP Scanner function
- change the include of javascript for metaboxes
v1.0.1 (08/06/2010)
- add more hooks to remove WordPress Version; was change with WP3.0
v1.0 (07/09/2010)
- release stable version
- small changes on the source
- change owner of the plugin
v0.8.6 (06/18/2010)
- fix a problem with https://; see Ticket #13941
v0.8.5 (05/16/2010)
- small code changes for WP coding standards
- add free malware and vulnerabilities scan for test this; the scan has most interested informations and scan all of the server
v0.8.4 (05/05/2010)
- add method for use the plugin also on ssl-installs
- change uninstall method
v0.8.3 (04/14/2010)
- bugfix fox secure block bad queries on string for case-insensitive
v0.8.2 (03/21/2010)
- fix syntax error on ask for rights to block bad queries
- add french language files
v0.8.1 (03/08/2010)
- remove versions-information on backend with javascript
- small changes
v0.8 (03/04/2010)
- Protect WordPress against malicious URL requests, use the idea and script from Jeff Star, see post
v0.7 (03/01/2010)
- add updates for WP 3.0
v0.6 (01/11/2010)
- fix for core update under WP 2.9
- fix language file de_DE
v0.5 (12/22/2009)
- small fix for use WP and the plugin with SSL
https
v0.4 (12/02/2009)
- add new feature: hide version for smaller right as admin
v0.3.9 (09/07/2009)
- change index.html in index.php for better works
v0.3.8 (06/22/2009)
- add function to remove theme-update information for non-admins
- rescan language file; edit de_DE