This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Acunetix WP Security

説明

Acunetix WP Security plugin is a free and comprehensive security tool that helps you secure your WordPress
installation and suggests corrective measures for: securing file permissions, security of the database, version hiding,
WordPress admin protection and lots more.

Acunetix WP Security checks your WordPress website/blog for security vulnerabilities and suggests corrective actions such as:

  1. Passwords
  2. File permissions
  3. Database security
  4. Version hiding
  5. WordPress admin protection/security
  6. Removes WP Generator META tag from core code

要件

  • WordPress version 3.0 and higher
  • PHP5 (tested with PHP Interpreter >= 5.2.9)

Key security features:

  • MultiSite ready
  • Easy backup of WordPress database for disaster recovery
  • Removal of error-information on login-page
  • Addition of index.php to the wp-content, wp-content/plugins, wp-content/themes and wp-content/uploads directories to prevent directory listings
  • Removal of wp-version, except in admin-area
  • Removal of Really Simple Discovery meta tag
  • Removal of Windows Live Writer meta tag
  • Removal of core update information for non-admins
  • Removal of plugin-update information for non-admins
  • Removal of theme-update information for non-admins (only WP 2.8 and higher)
  • Hiding of wp-version in backend-dashboard for non-admins
  • Removal of version in URLs from scripts and stylesheets only on frontend
  • Reporting of security overview after WordPress blog is scanned
  • Reporting of file permissions following security checks
  • Live traffic tool to monitor your website activity in real time
  • Integrated tool to change the database prefix
  • Disabling of database error reporting (if enabled)
  • Disabling of PHP error reporting

For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.

WordPress Security

Security Scanner:

  1. Scans WordPress installation for file/directory permissions vulnerabilites
  2. Recommends corrective actions
  3. Scans for general security vulnerabilities= License =
    Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog.

For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.

スクリーンショット

  • The File Scan Report
  • The Settings page, displaying all configurable options
  • The Live Traffic page
  • The new Dashboard page
  • The new Scan Page

インストール

  • Make a backup of your current installation
  • Unpack the downloaded package
  • Upload the extracted files to the /wp-content/plugins/ directory
  • WordPress の「プラグイン」メニューからプラグインを有効化してください

If you encounter any bugs, or have comments or suggestions, please post them on the
Acunetix WP Security plug-in forum.

For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.

FAQ

Can I deactivate Acunetix WP Security once I’ve run it once?

No. Acunetix WP Security needs to be left activated to work. Version hiding,
turning off DB errors, removing WP ID META tag from HTML output, and other
functionality will cease if you deactivate the plugin.

How do I change the file permissions on my WordPress installation?

From the Linux command line (for advanced users):
chmod xxx filename.ext
(replace xxx with with the permissions settings for the file or folder).

From your FTP client:
Most FTP clients, such as FileZilla, etc, allow for changing file
permissions. Please consult your client’s documentation for your specific
directions.

I cannot activate the plugin for individual sites in MultiSite?

No, the Acunetix WP Security plugin when running in a MultiSite installation can only be network activated. It cannot be
activated per individual sites. All its features are related to the whole network and activating it per individual sites
would be pointless.

For more information, please visit https://codex.wordpress.org/Changing_File_Permissions

Why do I need to hide my version of WordPress?

Many attackers and automated tools will try and determine software versions
before launching exploit code. Removing your WordPress blog version may
discourage some attackers and certainly will mitigate virus and malware programs
that rely on software versions.

For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.

評価

Disappointing for a big company!

It was a good plugin some years ago. Then it wasn’t updated anymore.
There are two plugins and the not reccomended one seems to be more updated then this one: confusing.
Support team of Acunetix is non-existent.
File-Scan not working: Error: Error retrieving the json file from server for the detected WordPress version: 4.7.3. Scan aborted.
PHP 7 not usable: 32 | ERROR | Function name, class name, namespace name or constant name can not be reserved keyword ‘__dir__’ (since PHP version 5.3)
Disappointing for a big company!

What is the good version?

I install the 4.0.5 version and this have ip who is and country flags but plugin more than a year ago is not updated. But the version 3.0.4 is updated less than two months ago https://wordpress.org/plugins/secure-wordpress/

What is the good?

Slow. Breaks plugins. Support is a ghost

We should have known bette seeing that support issues have gone unfixed here on the forum for 2 months.

But we installed on a couple of membership WordPress sites.

all the sites became slooooooow. It is a resource hog. Page load times tripled or worse.
The changes it made to databases etc. caused the membership plugins on 3 of 5 to crash, and special login plugins on the others to crash.

And one site was totally erased. Fortunately we backed it up first with backupbuddy.

High hopes, no delivery.

Sid B.

41件のレビューをすべて表示

貢献者と開発者

Acunetix WP Security はオープンソースソフトウェアです。以下の人々がこのプラグインに貢献しています。

貢献者

変更履歴

4.0.5

  • Added CSRF prevention mechanism

4.0.4

  • Add support for WordPress 4.0

4.0.3

  • New Feature: Added support for MultiSite
  • New Feature: Added the WP file scan tool for checking the core WP files for modification date
  • New Feature: Added geo location to Live traffic tool
  • New Feature: Added ip lookup to Live Traffic tool
  • New Feature: Added support for deleting the database backup files
  • New Feature: Added the link to the plugin’s settings page in the plugins page
  • New Feature: Live traffic tool can now be enabled/disabled from the settings page
  • New Alerts: Two new security checks were added for the install.php and upgrade.php files from wp-admin directory
  • Update: Improved the Live Traffic code and functionality
  • Update: Fixed the broken path to wp-config.php file
  • Update: Improved the Dashboard’s UI
  • Update: When running in a MultiSite installation, the plugin can only be “Network activated”
  • Fixed bug when the ReflectionClass is not available.
  • Fixed various bugs reported in the forums

4.0.2

  • New Feature: Added support for MultiSite
  • New Feature: Added the WP file scan tool for checking the core WP files for modification date
  • New Feature: Added geo location to Live traffic tool
  • New Feature: Added ip lookup to Live Traffic tool
  • New Feature: Added support for deleting the database backup files
  • New Feature: Added the link to the plugin’s settings page in the plugins page
  • New Feature: Live traffic tool can now be enabled/disabled from the settings page
  • New Alerts: Two new security checks were added for the install.php and upgrade.php files from wp-admin directory
  • Update: Improved the Live Traffic code and functionality
  • Update: Fixed the broken path to wp-config.php file
  • Update: Improved the Dashboard’s UI
  • Update: When running in a MultiSite installation, the plugin can only be “Network activated”
  • Fixed bug when the ReflectionClass is not available.
  • Fixed various bugs reported in the forums

4.0.1

  • Fixed the LiveTraffic bug

4.0.0

  • Complete core update
  • Added live traffic functionality
  • Added check for the wp-config.php file one level above if not found in the install directory
  • Fixed broken functionalities
  • Security settings are now configurable

3.1.0

  • Removed the registration requirement

v3.0.9

  • New feature: Added tooltips to the most important sections of the System Information box
  • Update: Added ‘nonce’ fields to forms where needed (thanks to julio from boiteaweb.fr)
  • Update: Updated the deprecated function call get_bloginfo(‘siteurl’) to get_bloginfo(‘url’)
  • Update: Updated paths to external resources such as javascript and css files for ssl compatibility
  • Update: Updated validation for plug-in form fields (email address, user name, target id, etc.)
  • Update: Enhanced the input validation for the Change Database Prefix tool
  • Update: Plugin settings are now accessible only by WordPress administrators
  • Update: Improved user-rights retrieval in the WordPress database

v3.0.8

  • New feature: Option to open / close WebsiteDefender dashboard widget
  • Update: More help resource links
  • Update: Internal code updates

v3.0.7

  • BugFix: The bug reported about ALTER rights retrieval has been addressed
  • Update: Code cleanup
  • Update: Minor internal updates

v3.0.6

  • Feature: The WebsiteDefender RSS widget added to the admin dashboard
  • Update: The plug-in has been made compatible with Secure WP and WebsiteDefender WordPress Security
  • Update: The plug-in can be safe used in a Multi User WP environment
  • Bugfix: Fixed the bug related to the database ALTER rights retrieval
  • BugFix: Fixed the version information script

v3.0.5 (07/20/2011)

  • Bugfix: Updated the links to websitedefender.com

v3.0.4 (07/20/2011)

  • Update: the plug-in has been made compatible with Secure WP plug-in

v3.0.3 (07/14/2011)

  • Bugfix: Fixed the code error in the change database prefix feature
  • Update: More code cleanup

v3.0.2 (07/11/2011)

  • Feature: Enabled automatic database table prefix rename feature
  • Feature: Database backup functionality used in databse renaming tables
  • Feature: Included more documentation / links for a number of features
  • Feature: Prevent blog owner from changing table prefix if the wp-config.php file is not writable
  • Update: Updated several error messages text (user friendly)
  • Update: major code cleanup
  • Bugfix: Fixed a number of bugs in the database tables rename utility

v3.0.1 (03/24/2011)

  • Regression: Temporarily disabled database change feature
  • Fixed: Resolved conflict with plugins using the reCAPTCHA library
  • Bugfix: Fixed CSS image background not showing corectly

v3.0.0 (03/22/2011)

  • Feature: Release new stable version
  • Feature: Rebranding of the plugin
  • Feature: Integrated WebsiteDefender.com registration in Settings

For more information on the Acunetix WP Security plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix WP Security plug-in forum.