Title: WP Guardian Author: Ciprian Popescu Published: 11 oktober 2017 Last modified: 3 april 2026 --- Plugins zoeken ![](https://ps.w.org/wp-guardian/assets/banner-772x250.jpg?rev=3060726) ![](https://ps.w.org/wp-guardian/assets/icon-256x256.jpg?rev=3060719) # WP Guardian Door [Ciprian Popescu](https://profiles.wordpress.org/butterflymedia/) [Download](https://downloads.wordpress.org/plugin/wp-guardian.zip) * [Details](https://nl.wordpress.org/plugins/wp-guardian/#description) * [Beoordelingen](https://nl.wordpress.org/plugins/wp-guardian/#reviews) * [Installatie](https://nl.wordpress.org/plugins/wp-guardian/#installation) * [Ontwikkeling](https://nl.wordpress.org/plugins/wp-guardian/#developers) [Ondersteuning](https://wordpress.org/support/plugin/wp-guardian/) ## Beschrijving WP Guardian is a simple but effective plugin that locks down your WordPress website to ensure it’s protected and safe. #### About Using this plugin couldn’t be easier as it’s designed to be as straight forward as possible to make sure you can get your website safe and secure so you can get on with more important things. WP Guardian includes features such as a powerful firewall and Two-Step verification for logging in. ## Installatie 1. Download the plugin package. 2. Upload to the /wp-content/plugins/ directory. 3. Activate the plugin in the dashboard. 4. Go to the settings page and configure the plugin to get started. ## FAQ ### How does this plugin secure my WordPress site? This plugin helps secure your website by locking things down with a range of effective tools with a simple interface. ### How good is the security of this plugin? The plugin is by no means a one stop solution for everything. It’s designed to be simple, giving you a range of essential security features to harden your site’s security defences. ### How does Two-Step verification work? The option is available on your profile page when enabled globally. It will let you choose a method in which a code is sent to a secondary location for you to enter at login before you can authenticate. ## Beoordelingen ![](https://secure.gravatar.com/avatar/d93edfb9907b386a70b322a2caeadad42aee3732bb5a45f056c2b05ad006827d? s=60&d=retro&r=g) ### 󠀁[It’s the business](https://wordpress.org/support/topic/its-the-business-2/)󠁿 [cormacsans](https://profiles.wordpress.org/cormacsans/) 9 april 2024 Happy to promote/recommend this wordpress plugin. Works seamlessly with my set up. Delighted with the support 🙂 [ Lees 1 beoordeling ](https://wordpress.org/support/plugin/wp-guardian/reviews/) ## Bijdragers & ontwikkelaars “WP Guardian” is open source software. De volgende personen hebben bijgedragen aan deze plugin. Bijdragers * [ Ciprian Popescu ](https://profiles.wordpress.org/butterflymedia/) “WP Guardian” is vertaald in 2 localen. Dank voor [de vertalers](https://translate.wordpress.org/projects/wp-plugins/wp-guardian/contributors) voor hun bijdragen. [Vertaal “WP Guardian” in je eigen taal.](https://translate.wordpress.org/projects/wp-plugins/wp-guardian) ### Interesse in ontwikkeling? [Bekijk de code](https://plugins.trac.wordpress.org/browser/wp-guardian/), haal de [SVN repository](https://plugins.svn.wordpress.org/wp-guardian/) op, of abonneer je op het [ontwikkellog](https://plugins.trac.wordpress.org/log/wp-guardian/) via [RSS](https://plugins.trac.wordpress.org/log/wp-guardian/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.9.2 * Fix: The Plugins page Settings link now points to the main WP Guardian admin page * Add: Short contextual help text under each option on the Guardian tab #### 1.9.1 * Change: Plugin Guard is now disabled by default and can be enabled manually by an administrator * Change: Plugin Guard MU behavior now checks for the main WP Guardian plugin and disables enforcement if the parent plugin is missing (e.g., forced FTP deletion) * Fix: Firewall custom redirect URL now saves correctly * Change: Removed File Guardian module code and admin submenu; old scheduled hooks are now cleaned up * Change: Removed Script Cleaner module and related settings * Change: Removed Security Measures options “Enable bot protection” and “Block access to sensitive files” from UI and save flow * Cleanup: Removed unused DataTables loading and unused CSS selectors * Cleanup: Removed unused legacy options cleanup calls and obsolete comments #### 1.9.0 * Add Plugin Guard feature to block plugin installation and activation unless an admin unlocks via Settings Plugin Guard * Remove File Guardian feature to reduce complexity and improve performance * Update WordPress compatibility #### 1.8.5 * Fix: All REST API requests (including unauthenticated) are now excluded from firewall blocking to support Gravity Forms and other plugins * Fix: Gravity Forms REST API endpoints are now whitelisted to prevent blocking form submissions * Fix: Gravity Forms form submissions from logged-out users now work correctly #### 1.8.4 * Fix: Regex pattern error in security measures file access restriction (preg_match unknown modifier warning) #### 1.8.3 * Fix: Authenticated REST API requests are now properly excluded from firewall blocking * Fix: POST scanning no longer blocks authenticated REST API requests when saving pages * Fix: Security measures no longer interfere with authenticated REST API requests #### 1.8.2 * Fix: File Guardian now correctly scans root directory for files only (not folders) * Fix: File Guardian now scans wp-admin and wp-includes directories recursively for both files and folders * Fix: File Guardian path normalization to prevent duplicate directory names in file listings * Fix: File Guardian integrity check now excludes wp-content/plugins, wp-content/ themes, and wp-content/languages from core file checks * Fix: File Guardian now automatically deletes suspicious PHP files in root directory that are not in WordPress core checksums * Fix: Circular progress bar stroke color now displays correctly * Fix: Circular progress bar percentage calculation now accurately reflects Guardian score * Security measures now included in Guardian percentage calculation (excluding Script Cleaner aggressive filter) * Guardian percentage calculation redistributed to allow 100% score when all security measures are enabled * Rename “Obfuscated Script Cleaner” to “Script Cleaner” throughout user-facing text and comments #### 1.8.1 * Fix: Script Cleaner now properly detects and removes Trojan:HTML/Redirector.SSF! MTB malware * Enhanced malware detection patterns to match real-time filter capabilities * Add detection for hex-encoded obfuscated scripts and additional obfuscation techniques( String.fromCharCode, unescape, decodeURIComponent) * Script Cleaner now detects _0x obfuscation patterns, atob/eval functions, and urshort.live redirect domains #### 1.8.0 * Add UI toggle for Script Cleaner aggressive filtering (off by default) * Script Cleaner is now less aggressive: only removes detected malicious scripts, not all HTML * Fix: HTML is no longer stripped from post/page content unless aggressive mode is enabled #### 1.7.3 * Remove SQLite logging functionality to reduce complexity and improve performance * Add Script Cleaner feature to scan and remove malicious injected scripts from all post types * Add real-time protection to block malicious content from being saved #### 1.7.2 * Optimize memory usage by reducing SQLite cache size from 32MB to 8MB * Improve memory efficiency for better performance on resource-constrained servers * Consolidate security measures: merge directory browsing protection options, combine sensitive file blocking options, and unify PHP execution prevention measures for a cleaner interface #### 1.7.1 * Fix a few minor issues for compatibility with WordPress 6.9 * Improve security measures notifications * Improve security measures for directory browsing protection #### 1.7.0 * Add Security Measures feature with 18 configurable security options * Add comprehensive file whitelist for common legitimate files * Add file permission management for wp-config.php * Improve security key validation with complexity checks * Enhanced bot protection and file access restrictions * All security measures enabled by default with toggle options * Update WordPress compatibility #### 1.6.2 * Update WordPress compatibility #### 1.6.1 * Only check for POST injection when not logged in * Fix session starting when headers are already sent #### 1.6.0 * Reduce query string length check from 2000 to 1000 characters * Remove a deprecated UA check * Test and insure compatibility with the Pepper plugin * Further sanitize and unslash data #### 1.5.2 * Add new brute force protection feature * Update WordPress compatibility #### 1.5.1 * Add option to restrict external POST requests * Clean up the plugin Dashboard #### 1.5.0 * Clean up the admin stylesheet * Remove the inefficient login lockdown feature * Remove several obsolete features (the plugin is 8 years old, after all) * Refactor the Settings page to use the native settings API, instead of jQuery accordions * Rebrand Gatekeeper to Guardian #### 1.4.6 * Fix the firewall module being requested twice * Implement a better Dashboard section * Add default settings for the firewall to make it truly plug and play * Make blocked requests count more prominent * Set foundation for SQLite lockout logging * Remove the aside section from the Dashboard #### 1.4.5 * Implement logging for malicious requests * Implement log pruning * Move all security settings to a new tab * Refactor the Dashboard tab #### 1.4.4 * Remove broken automatic core updates options * Remove unused constants * Fix request logging function * Add malicious request counter * Add new Settings tab * Move Settings page to the Settings tab * Ignore AJAX and REST requests in the firewall #### 1.4.3 * Fix issues with the firewall (for good) * Remove obsolete features, such as database backups and version control #### 1.4.2 * Fix issues with pattern matching in the firewall #### 1.4.1 * Add new firewall feature * Add new security settings * Sanitize and escape all data #### 1.4.0 * Fix the plugin header information (stable tag, tested up to, etc.) * Implement WordPress Coding Standards (WPCS) * Replace index.html with index.php in the root directory * Remove changelog.md file and move contents to readme.txt * Remove readme.md file and move contents to readme.txt #### 1.3.4 * More updates to author information #### 1.3.3 * Updated author information – Removed Daniel James danieltj * To see the full revision history, please read the `CHANGELOG.md` file which explains any changes that have been made. #### 1.3.2 * Released: 19th November 2017 * Fixed a mistake listed in the change log file. * Removed the button links to security and settings next to the page titles. #### 1.3.1 * Released: 19th November 2017 * Fixed a bug where database backups weren’t attached to emails. * Improved some of the transaltion strings throughout the plugin. #### 1.3.0 * Released: 13th November 2017 * Added the ability to remove support for Emoji scripts. * Updated how CSS and JS assets are loaded for users. * Updated a few language translation strings. #### 1.2.2 * Released: 8th November 2017 * Fixed a bug which caused some meta data to not be removed properly. * Improvements to a range of code documentation and meta data. #### 1.2.1 * Released: 26th October 2017 * Added a new directory within the uploads folder for database backups. * Improvements to database backup function and supporting documentation. * Improvements to the database upgrade notice and l10n strings. * Removed a deprecated callback function for the settings section. * Removes the user meta for Two Step Verification when the plugin is deleted. #### 1.2.0 * Released: 16th October 2017 * Added new field to send backup emails to different email address. * Added a new setting to allow WP_DEBUG to be enabled/disabled via the dashboard. * Improved the Version Control page to now include update information. * Improved the CSS styling for the plugin user interface. * Improved overall code base and removed unused functions that are no longer used. * Improved some language strings and corrected a sentence that wasn’t translatable. #### 1.1.0 * Released: 12th October 2017 * Fixed the implementation of Two Step Verification code expiry. * Improvements to core functions and inline documentation. * Improved some of the language strings and provided more context. * Updated the server config to include some essential rewrite rules. * Updated the readme.txt file with more useful information. #### 1.0.0 * Released: 11th October 2017 * Initial version ## Meta * Versie **1.9.2** * Laatst geüpdatet **2 weken geleden** * Actieve installaties **100+** * WordPress versie ** 4.9 of nieuwer ** * Getest t/m **7.0** * PHP versie ** 8.0 of nieuwer ** * Talen * [English (Canada)](https://en-ca.wordpress.org/plugins/wp-guardian/), [English (UK)](https://en-gb.wordpress.org/plugins/wp-guardian/) en [English (US)](https://wordpress.org/plugins/wp-guardian/). * [Vertaal in je eigen taal](https://translate.wordpress.org/projects/wp-plugins/wp-guardian) * Tags * [attack](https://nl.wordpress.org/plugins/tags/attack/)[firewall](https://nl.wordpress.org/plugins/tags/firewall/) [hack](https://nl.wordpress.org/plugins/tags/hack/)[malware](https://nl.wordpress.org/plugins/tags/malware/) [security](https://nl.wordpress.org/plugins/tags/security/) * [Geavanceerde weergave](https://nl.wordpress.org/plugins/wp-guardian/advanced/) ## Waarderingen 5 van 5 sterren. * [ 1 5 ster beoordeling ](https://wordpress.org/support/plugin/wp-guardian/reviews/?filter=5) * [ 0 4 sterren beoordelingen ](https://wordpress.org/support/plugin/wp-guardian/reviews/?filter=4) * [ 0 3 sterren beoordelingen ](https://wordpress.org/support/plugin/wp-guardian/reviews/?filter=3) * [ 0 2 sterren beoordelingen ](https://wordpress.org/support/plugin/wp-guardian/reviews/?filter=2) * [ 0 1 sterren beoordelingen ](https://wordpress.org/support/plugin/wp-guardian/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/wp-guardian/reviews/#new-post) [Bekijk alle beoordelingen](https://wordpress.org/support/plugin/wp-guardian/reviews/) ## Bijdragers * [ Ciprian Popescu ](https://profiles.wordpress.org/butterflymedia/) ## Ondersteuning Iets te melden? Hulp nodig? [Het supportforum bekijken](https://wordpress.org/support/plugin/wp-guardian/) ## Doneren Wil je de groei van deze plugin ondersteunen? [ Doneer aan deze plugin ](https://www.buymeacoffee.com/wolffe)