Beschrijving
Acunetix WP Security plugin is a free and comprehensive security tool that helps you secure your WordPress
installation and suggests corrective measures for: securing file permissions, security of the database, version hiding,
WordPress admin protection and lots more.
Acunetix WP Security checks your WordPress website/blog for security vulnerabilities and suggests corrective actions such as:
- Passwords
- File permissions
- Database security
- Version hiding
- WordPress admin protection/security
- Removes WP Generator META tag from core code
Eigenschappen
- WordPress version 3.0 and higher
- PHP5 (tested with PHP Interpreter >= 5.2.9)
Key security features:
- MultiSite ready
- Easy backup of WordPress database for disaster recovery
- Removal of error-information on login-page
- Addition of index.php to the wp-content, wp-content/plugins, wp-content/themes and wp-content/uploads directories to prevent directory listings
- Removal of wp-version, except in admin-area
- Removal of Really Simple Discovery meta tag
- Removal of Windows Live Writer meta tag
- Removal of core update information for non-admins
- Removal of plugin-update information for non-admins
- Removal of theme-update information for non-admins (only WP 2.8 and higher)
- Hiding of wp-version in backend-dashboard for non-admins
- Removal of version in URLs from scripts and stylesheets only on frontend
- Reporting of security overview after WordPress blog is scanned
- Reporting of file permissions following security checks
- Live traffic tool to monitor your website activity in real time
- Integrated tool to change the database prefix
- Disabling of database error reporting (if enabled)
- Disabling of PHP error reporting
For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.
WordPress Security
Security Scanner:
- Scans WordPress installation for file/directory permissions vulnerabilites
- Recommends corrective actions
- Scans for general security vulnerabilities= License =
Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog.
For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.
Schermafdrukken
Installatie
- Make a backup of your current installation
- Unpack the downloaded package
- Upload the extracted files to the /wp-content/plugins/ directory
- Activeer de plugin via het ‘Plugins’ menu in WordPress
If you encounter any bugs, or have comments or suggestions, please post them on the
Acunetix WP Security plug-in forum.
For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.
FAQ
- Installation Instructions
-
- Make a backup of your current installation
- Unpack the downloaded package
- Upload the extracted files to the /wp-content/plugins/ directory
- Activeer de plugin via het ‘Plugins’ menu in WordPress
If you encounter any bugs, or have comments or suggestions, please post them on the
Acunetix WP Security plug-in forum.For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum. - Can I deactivate Acunetix WP Security once I’ve run it once?
-
No. Acunetix WP Security needs to be left activated to work. Version hiding,
turning off DB errors, removing WP ID META tag from HTML output, and other
functionality will cease if you deactivate the plugin. - How do I change the file permissions on my WordPress installation?
-
From the Linux command line (for advanced users):
chmod xxx filename.ext
(replace xxx with with the permissions settings for the file or folder).From your FTP client:
Most FTP clients, such as FileZilla, etc, allow for changing file
permissions. Please consult your client’s documentation for your specific
directions. - I cannot activate the plugin for individual sites in MultiSite?
-
No, the Acunetix WP Security plugin when running in a MultiSite installation can only be network activated. It cannot be
activated per individual sites. All its features are related to the whole network and activating it per individual sites
would be pointless.For more information, please visit https://codex.wordpress.org/Changing_File_Permissions
- Why do I need to hide my version of WordPress?
-
Many attackers and automated tools will try and determine software versions
before launching exploit code. Removing your WordPress blog version may
discourage some attackers and certainly will mitigate virus and malware programs
that rely on software versions.For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.
Beoordelingen
Bijdragers & ontwikkelaars
“Acunetix WP Security” is open source software. De volgende personen hebben bijgedragen aan deze plugin.
BijdragersVertaal “Acunetix WP Security” naar jouw taal.
Interesse in ontwikkeling?
Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.
Changelog
4.0.5
- Added CSRF prevention mechanism
4.0.4
- Add support for WordPress 4.0
4.0.3
- New Feature: Added support for MultiSite
- New Feature: Added the WP file scan tool for checking the core WP files for modification date
- New Feature: Added geo location to Live traffic tool
- New Feature: Added ip lookup to Live Traffic tool
- New Feature: Added support for deleting the database backup files
- New Feature: Added the link to the plugin’s settings page in the plugins page
- New Feature: Live traffic tool can now be enabled/disabled from the settings page
- New Alerts: Two new security checks were added for the install.php and upgrade.php files from wp-admin directory
- Update: Improved the Live Traffic code and functionality
- Update: Fixed the broken path to wp-config.php file
- Update: Improved the Dashboard’s UI
- Update: When running in a MultiSite installation, the plugin can only be “Network activated”
- Fixed bug when the ReflectionClass is not available.
- Fixed various bugs reported in the forums
4.0.2
- New Feature: Added support for MultiSite
- New Feature: Added the WP file scan tool for checking the core WP files for modification date
- New Feature: Added geo location to Live traffic tool
- New Feature: Added ip lookup to Live Traffic tool
- New Feature: Added support for deleting the database backup files
- New Feature: Added the link to the plugin’s settings page in the plugins page
- New Feature: Live traffic tool can now be enabled/disabled from the settings page
- New Alerts: Two new security checks were added for the install.php and upgrade.php files from wp-admin directory
- Update: Improved the Live Traffic code and functionality
- Update: Fixed the broken path to wp-config.php file
- Update: Improved the Dashboard’s UI
- Update: When running in a MultiSite installation, the plugin can only be “Network activated”
- Fixed bug when the ReflectionClass is not available.
- Fixed various bugs reported in the forums
4.0.1
- Fixed the LiveTraffic bug
4.0.0
- Complete core update
- Added live traffic functionality
- Added check for the wp-config.php file one level above if not found in the install directory
- Fixed broken functionalities
- Security settings are now configurable
3.1.0
- Removed the registration requirement
v3.0.9
- New feature: Added tooltips to the most important sections of the System Information box
- Update: Added ‘nonce’ fields to forms where needed (thanks to julio from boiteaweb.fr)
- Update: Updated the deprecated function call get_bloginfo(‘siteurl’) to get_bloginfo(‘url’)
- Update: Updated paths to external resources such as javascript and css files for ssl compatibility
- Update: Updated validation for plug-in form fields (email address, user name, target id, etc.)
- Update: Enhanced the input validation for the Change Database Prefix tool
- Update: Plugin settings are now accessible only by WordPress administrators
- Update: Improved user-rights retrieval in the WordPress database
v3.0.8
- New feature: Option to open / close WebsiteDefender dashboard widget
- Update: More help resource links
- Update: Internal code updates
v3.0.7
- BugFix: The bug reported about ALTER rights retrieval has been addressed
- Update: Code cleanup
- Update: Minor internal updates
v3.0.6
- Feature: The WebsiteDefender RSS widget added to the admin dashboard
- Update: The plug-in has been made compatible with Secure WP and WebsiteDefender WordPress Security
- Update: The plug-in can be safe used in a Multi User WP environment
- Bugfix: Fixed the bug related to the database ALTER rights retrieval
- BugFix: Fixed the version information script
v3.0.5 (07/20/2011)
- Bugfix: Updated the links to websitedefender.com
v3.0.4 (07/20/2011)
- Update: the plug-in has been made compatible with Secure WP plug-in
v3.0.3 (07/14/2011)
- Bugfix: Fixed the code error in the change database prefix feature
- Update: More code cleanup
v3.0.2 (07/11/2011)
- Feature: Enabled automatic database table prefix rename feature
- Feature: Database backup functionality used in databse renaming tables
- Feature: Included more documentation / links for a number of features
- Feature: Prevent blog owner from changing table prefix if the wp-config.php file is not writable
- Update: Updated several error messages text (user friendly)
- Update: major code cleanup
- Bugfix: Fixed a number of bugs in the database tables rename utility
v3.0.1 (03/24/2011)
- Regression: Temporarily disabled database change feature
- Fixed: Resolved conflict with plugins using the reCAPTCHA library
- Bugfix: Fixed CSS image background not showing corectly
v3.0.0 (03/22/2011)
- Feature: Release new stable version
- Feature: Rebranding of the plugin
- Feature: Integrated WebsiteDefender.com registration in Settings
For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.