Wordfence Security Premium v7.5.9 – WordPress Security Plugin

最后更新于:2022-03-29 03:09:14

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

Wordfence Security Premium provides the greatest WordPress security available today for your website.

Wordfence is a WordPress security suite that includes an endpoint firewall and malware scanning. The Threat Defense Feed, which contains the most up-to-date firewall rules, malware signatures, and dangerous IP addresses, is crucial for keeping your website secure.

Wordfence is the most complete security solution available, and it comes with a set of premium features that make it better than the free version.

Demo:  https://www.wordfence.com/

⭐There is also another security option called iThemes Security Pro. Find out now!

Features: Wordfence Security Premium

  • IP Blacklist in Real-Time: Blocks all requests from IP addresses known to be actively targeting Wordfence-protected WordPress sites.
  • Updates to Firewall Rules in Real Time: Wordfence Firewall uses firewall rules to discover and prevent harmful traffic to your site, safeguarding you against the newest WordPress security gaps and assaults.
  • Malware Signature Updates in Real-Time: Thousands of malware signatures are used by the Wordfence security firewall and scanner to assist identify malware on your site and stop dangerous uploads.
  • Checking Your Reputation: Each scan generates spam or spam spam, if your website or IP address has been banned for harmful behaviour.
  • Blocking by country: Designed to thwart an attack, prevent content theft, or prohibit criminal conduct in cyberspace that originates in a certain geographic region.
Wordfence Security Premium function

变更日志: Wordfence Premium – WordPress Security Plugin

= 7.5.9 – March 22, 2022 =
* Improvement: Updated GeoIP database
* Improvement: Removed blocking data update logic in order to reduce timeouts
* Improvement: Increased timeout value for API calls in order to reduce timeouts
* Improvement: Clarified notification count on Wordfence menu
* Improvement: Improved scan compatibility with WooCommerce
* Improvement: Added messaging when application passwords are disabled
* Fix: Prevented warnings and errors when constants are defined based on the value of other constants in wp-config.php
* Fix: Corrected redundant escaping that prevented viewing or repairing files in scan results

= 7.5.8 – February 1, 2022 =
* Launch of Wordfence Care and Wordfence Response.

= 7.5.7 – November 22, 2021 =
* Improvement: Made preliminary changes for compatibility with PHP 8.1
* Change: Added GPLv3 license and updated EULA.

= 7.5.6 – October 18, 2021 =
* Fix: Prevented login errors with WooCommerce integration when manual username entry is enabled on the WooCommerce registration form.
* Fix: Corrected theme incompatibilities with WooCommerce integration.

= 7.5.5 – August 16, 2021 =
* Improvement: Enhanced accessibility.
* Improvement: Replaced regex in scan log with signature ID.
* Improvement: Updated Knockout JS dependency to version 3.5.1
* Improvement: Removed PHP 8 compatibility notice.
* Improvement: Added NTP status for Login Security to Diagnostics.
* Improvement: Updated plugin headers for compatibility with WordPress 5.8
* Improvement: Updated Nginx documentation links to HTTPS.
* Improvement: Updated IP address geolocation database.
* Improvement: Expanded WAF SQL syntax support.
* Improvement: Added optional constants to configure WAF database connection.
* Improvement: Added support for matching punycode domain names.
* Improvement: Updated Wordfence install count.
* Improvement: Deprecated support for WordPress versions older than 4.4.0
* Improvement: Added warning messages when blocking U.S.
* Improvement: Added MYSQLI_CLIENT_SSL support to WAF database connection.
* Improvement: Added 2FA and reCAPTCHA support for WooCommerce login and registration forms.
* Improvement: Added option to require 2FA for any role.
* Improvement: Added logic to automatically disable NTP after repeated failures and option to manually disable NTP.
* Improvement: Updated reCAPTCHA setup note.
* Fix: Prevented issue where country blocking changes are not saved.
* Fix: Corrected string placeholder.
* Fix: Added missing text domain to translation calls.
* Fix: Corrected warning about sprintf arguments on Central setup page.
* Fix: Prevented lost password functionality from revealing valid logins.

= 7.5.4 - June 7, 2021 =
* Fix: Resolve conflict with woocommerce-gateway-amazon-payments-advanced plugin

= 7.5.3 – May 10, 2021 =
* Improvement: Expanded WAF capabilities including better JSON and user permission handling.
* Improvement: Switched to relative paths in WAF auto_prepend file to increase portability.
* Improvement: Eliminated unnecessary calls to Wordfence servers.
* Fix: Prevented errors on PHP 8.0 when disk_free_space and/or disk_total_space are included in disabled_functions.
* Fix: Fixed PHP notices caused by unexpected plugin version data.
* Fix: Gracefully handle unexpected responses from Wordfence servers.
* Fix: Time field now displays correctly on “See Recent Traffic” overlay.
* Fix: Corrected typo on Diagnostics page.
* Fix: Corrected IP counts on activity report.
* Fix: Added missing line break in scan result emails.
* Fix: Sending test activity report now provides success/failure response.
* Fix: Reduced SQLi false positives caused by comma-separated strings.
* Fix: Fixed JS error when resolving last scan result.

= v7.5.2 - March 24, 2021 =
* Fix: Fixed fatal error on single-sites running WordPress <4.9.

= v7.4.14 – December 3, 2020 =
* Improvement: Added option to disable application passwords.
* Improvement: Updated site cleaning callout with 1-year guarantee.
* Improvement: Upgraded sodium_compat library to 1.13.0.
* Improvement: Replaced the terms whitelist and blacklist with allowlist and blocklist.
* Improvement: Made a number of WordPress 5.6 and jQuery 3.x compatibility improvements.
* Improvement: Made a number of PHP8 compatibility improvements.
* Improvement: Added dismissible notice informing users of possible PHP8 compatibility issues.
* Improvement: Initial integration of i18n in Wordfence.
* Improvement: Prevent Wordfence from loading under <PHP 5.3.
* Improvement: Updated GeoIP database.
* Improvement: Prevented wildcard from running/saving for scan's excluded files pattern.
* Improvement: Included Wordfence Login Security tables in diagnostics missing table list.
* Fix: Removed new scan issues when WordPress update occurs mid-scan.
* Fix: Specified category when saving `whitelistedServiceIPs` to WAF storage engine.
* Fix: Removed localhost IP for auto-update email alerts.
* Fix: Fixed broken message in Live Traffic with MySQLi storage engine for blacklisted hits.
* Fix: Removed optional parameter values for PHP 8 compatibility.

下载 Wordfence Security Premium v7.5.9 Nulled

Wordfence Security Premium License Key: activated automatically

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

WP Hide & Security Enhancer PRO v3.4.5

最后更新于:2022-03-29 01:18:32

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

WP Hide & Security Enhancer Pro is a simple solution to keep your WordPress core files, login page, theme, and plugin directories hidden from view on the front end. This is a significant improvement over Site Security in that no one will know you’re running a WordPress site. Provide an easy method for eliminating all WordPress fingerprints from html.

There will be no changes to the files or directories!

There are no physical changes to any files or directories; everything is done digitally! All internal functionality and features are applied via URL rewriting methods and WordPress filters in the plugin code. Everything is done automatically, with no need for user participation.

WordPress core files and plugins are really hidden.

The plugin not only allows you to adjust your WordPress default urls, but it also allows you to hide/block defaults! Other comparable plugins just modify the slugs, but the defaults are still available, displaying WordPress as a content management system.

Change the default login urls for WordPress from wp-admin and wp-login.php to anything completely random. No one will ever figure out where to try to guess a password and gain access to your website. Totally undetectable!!

⭐Learn more about the best WordPress Security Plugins available today!

演示: https://www.wp-hide.com/

Features WP Hide & Security Enhancer PRO

  • There are no modifications to files or folders: On your server, no files or folders are modified; everything is done virtually! To apply all functionality and features, the plugin algorithm use URL rewriting methods and WordPress filters.
  • Compatible with all other plugins and themes: Code that is well-designed and compatible with all themes and plugins. The site will continue to function normally after the plugin is active.
  • Compatible with WordPress MultiSite: PRO FEATURE: MultiSite environment support. It may be configured to function per site (specific settings for each network site) or worldwide ( superadmin settings )
  • Personalized login URL: Boots attempting to brute force all sites receive hits on the login page. Due to the large number of tries, this necessitates a significant increase in processing CPU power, resulting in a significant drop in site performance and response time. Boots will only visit a cached 404 error page if the default login URL is blocked, therefore no resource is needed.
  • Any host / server can use it: Different hosting server configurations based on Linux and Windows operating systems have been tested and are 100% compatible.
  • Compatible with Nginx: PRO FEATURE: LEMP stack and full Nginx support. Included is an advanced rewrite query engine that provides the most efficient and light rewriting data.
  • Rewrite deployment (automated / manual): PRO FEATURE: Apache and IIS are used to automatically deploy the rewrite data on the server. If this isn’t possible, a graphical user interface can be used to walk you through the procedure. Automatic rewriting updates can be disabled for manual updates if necessary.
  • Paths are blocked and rewritten (by default): The plugin not only allows you to adjust your WordPress default URLs, but it also allows you to hide/block defaults!
    All other comparable plugins just modify the slugs, but the default is still available.
  • Customizing the URL of the plugin: Change the path to a plugin’s folder and any unique URL for that plugin, with the option to disable all defaults.
  • Cleaning up the meta: HTML Meta clean-up for Meta Generator, wlwmanifest, feed links, rsd link, adjacent posts rel, profile link, canonical link, and more PRO FEATURE
  • Ajax calls in WordPress should be changed: PRO FEATURE: Block the default use of run-ajax.php and change it to anything else.
  • Import/Export Preferences: PRO FEATURE: Import/export feature makes it simple to migrate settings and set up plugins.
  • Compatible with PHP mod rewrite and web.config: To offer rapid and efficient URL changes, seamless interaction with current Apache mod rewrite or IIS web.config PHP extensions is provided.
  • Default WordPress folders should be changed: Replace wp-content, wp-include, and wp-admin with customized WordPress directories. Everything is done theoretically; no real folders on the server are modified.
  • Masking by Theme: To suppress the display of the theme name, version, author, and other information about the theme or child theme, hide any references to it. It won’t be obvious that it’s a WordPress theme.
  • Cleaning up the HTML: Clean up HTML comments created by plugins and themes, as well as WordPress core auto-generated classes for the body, post, and pictures, such as page-template-x, format-x, and wp-image-x.
  • Replacements in Postprocessing: PRO FEATURE: Replace any element on your site, including HTML and assets ( CSS, Javascript variables )
  • Clean up the headers: PRO FEATURE: Remove X-Powered-By, X-Pingback, and other headers from server answers.
  • Control using the XML-RPC API: Change the path and block the default path to have complete control over the XML-RPC API (xml-rpc.php path, disable XML-RPC authentication, remove pingback).
  • Control using JSON REST API: By disabling and blocking the default url, you can have complete control over the JSON REST V1 and V2 APIs. Disable the REST API link tag from being shown in the page header. Disable the WP RSD endpoint for JSON REST,
  • CSS Advanced Options: PRO FEATURE: Gives you complete control over CSS data and associated items (Html classes and IDs). Combine all assets and inline CSS into a single file, then do post-processing on the CSS assets and HTML to remove comments, minify, and replace Classes and IDs.
  • Processing in JavaScript: PRO FEATURE: Complete control over JS assets, including inline code concatenation into a single file, code cleaning, minification, and the replacement of JavaScript variables.
  • Access to the default core files is restricted: Direct access to any of the WordPress root files, such as license.txt, wp-load.php, and wp-settings.php, should be blocked. Individual file permissions/restrictions are provided.
  • Controlling the output of HTML: Disable emoji, tidy up styles and scripts resources, remove version from URLs, and delete ID attribute
  • Firewall: PRO FEATURE: Using a proactive security solution, a website may be fully protected. Adds an extra layer of security, preventing harmful and malware from reaching the server.
  • CDN: Supports integration with a Content Distribution Network by providing a specialized interface (CDN)
  • URLs for Custom Maps: PRO FEATURE: Custom Map URLs that may be used to replace any current HTML link. This feature may also be used to remap full paths and subdirectories.
  • Themes and plugins with a white label: PRO FEATURE: White label plugins/themes/code, even complicated programs like page builders, by replacing text on outputted code and assets ( Elementor, WPBakery Page Builder ).

变更日志 WP Hide & Security Enhancer PRO Nulled Free

v2.9.1 - Release Date – 2021-12-17
Add ‘ajax’ as system reserved to avoid issues when using as value

2.3.4.8
Release Date – 2021-11-17
Allow Replacements duplicate, through the constant WPH_REPLACEMENTS_ALLOW_DUPLICATE set to True

2.3.4.7
Release Date – 2021-11-16
License class updates

2.3.4.5
Release Date – 2021-11-09
Code Update check, set transient for 12 hours
WP Rocket – Optimize CSS Delivery – compatibility

v2.3.4.2 - Release Date – 2021-10-28
New filter wph/module/general_scripts/remove_id_attribute/ignore_ids https://www.wp-hide.com/documentation/wph-module-general_scripts-remove_id_attribute-ignore_ids/

v2.3.4 - Release Date – 2021-10-21
New option Remove ID from script tag, using regex

v2.3.3 Release Date – 2021-10-10
Fix API call when license key is not provided

v2.3.1.8
Release Date – 2021-08-26
Author – Nsp Code
Hash – eac64720e88f2730d6f9252245691549d610164d

New feature – JavaScript PostProcessing with InPlace processing and inline code encoding ( base64 ) to avoid dynamic JavaScript code to be saved into cache.
New Feature – Remove JavaScript scripts ID tag using filter ( faster ) or regex (slower, if filter not catching the content )
New feature – Clean the REST API response
Compatibility with WP Meteor

v2.3.1.2 - Release Date – 2021-05-05
Check if get_filesystem_method() method exists or load the filesystem files.
Allow short word as ‘vc’ for replacements to be used for Visual Composer fingerprint replacement

= v2.2.8 =
Release Date – 2020-12-29
Author – Nsp Code
Hash – 7ac7090ae63f3b8e9eb917536d5d67ab780e023b

Use pre_update_option to revert urls for saved options
Remove ‘query’ filtering to avoid breaking of seriaised arrays
Allow links to be processed when using preload attribute and no type as stylesheet

v2.2.7.4 - Release Date – 2020-11-23
Author – Nsp Code
Hash – 29e8095f9d7ac92060ef19d33cb5be37133903d8
Oxygen editor compatibility update

= v2.2.6.9 =
- WHen force-check for Updates, ignore the transient cache update for plugin
- BuddyBoss Theme – Fix redirect link if the default wp-login.php is being set to something else
- Change sanitize type for custom ajax slug to allow php extension.
- If “remote-file-css”, “local-no-css-file”, “ignore-local-file-css”, “local-not-found-file-css” continue the loop
- Astra Pro compatibility file
- WP Rocket convert relative URLs ( .e.g ../../wp-includes/ ) to absolute URLs, to ensure new slugs are updated accordingly
- Return the default JavaScript code, when stripping out comments and regex fails.
- Include Recovery link in Settings interface, which can be used to reset all option outside of WordPress interface.
- Recovery confirmation interfaces updates.
- MultiSite / Single Site setup code merge

⭐另请参考: Collection of WordPress plugins updated daily on FreeWP

下载 WP Hide & Security Enhancer PRO v3.4.5 Nulled:

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

WP Cerber Security Pro v8.9.6 – WordPress Antispam & Malware Scan

最后更新于:2022-03-28 13:20:53

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

WP Cerber Security Pro is protected WordPress from hacker assaults, spam, trojans, and malware. Limits the amount of login attempts using the login form, XML-RPC / REST API calls, or utilizing auth cookies, which mitigates brute-force attacks. Tracks user and bad actor behavior with customizable email, mobile, and desktop notifications. Spammers are stopped using a specific anti-spam engine. Google reCAPTCHA is used to safeguard the registration, contact, and comment forms. IP Access Lists are used to restrict access. An powerful malware scanner and integrity checker is used to monitor the website’s integrity. WordPress’s security is reinforced by a set of customizable security rules and advanced security algorithms.

Demo: https://wpcerber.com/

Features: WP Cerber Security Pro – WordPress Antispam & Malware Scan

  • When logging in by IP address or full subnet, limit the number of login attempts.
  • Logins made via login forms, XML-RPC calls, or auth cookies are tracked.
  • Allow or deny access using IP Access Lists using a single IP, IP range, or subnet.
  • Create a unique login URL (rename wp-login.php).
  • Cerber’s anti-spam engine safeguards contact and registration forms.
  • Automatically identifies spam comments and either transfers them to the trash or rejects them entirely.
  • From a single dashboard, you can manage many WP Cerber instances.
  • WordPress Two-Factor Authentication.
  • Users, bots, hackers, and other questionable activity are all recorded.
  • WordPress security scanner checks the integrity of files, plugins, and themes.
  • With email notifications and reports, it keeps track of file modifications and new files.
  • With a set of customizable filters, you may get mobile and email notifications.
  • Sessions manager for advanced users
  • Security for wp-login.php, wp-signup.php, and wp-register.php.
  • If a visitor is not logged in, the wp-admin (dashboard) is hidden.
  • When an intruder IP tries to log in with a non-existent or forbidden username, it is immediately blocked.
  • Restriction user registration or login to usernames that match REGEX patterns.
  • Use your own role-based security policies to restrict access to the WP REST API.
  • Completely disable access to the WordPress REST API.
  • Access to XML-RPC is restricted (block access to XML-RPC including Pingbacks and Trackbacks).
  • Feeds should be disabled (block access to the RSS, Atom and RDF feeds).
  • White IP Access lists can be used to restrict access to XML-RPC, REST API, and feeds by an IP address or an IP range.
  • Mode for only authorized users
  • A user account can be blocked.
  • Turn off the automatic redirection to the hidden login page.
  • Stop enumerating users (blocks access to author pages and prevents user data leaks via REST API).
  • Blocks IP subnet class C in advance.
  • Anti-spam: reCAPTCHA is used to defend the WordPress login, registration, and comment forms.
  • WooCommerce and WordPress forms with reCAPTCHA.
  • For WordPress comment forms, an invisible reCAPTCHA is used.
  • A Citadel mode designed for large brute force strikes.
  • Play nice with fail2ban by logging unsuccessful attempts to syslog or a custom log file.
  • Filter and check actions based on IP address, user, username, or specific activity.
  • Filter activities and save them as a CSV file.
  • Reporting: Receive weekly reports by email at the addresses you provide.
  • Limit login attempts works on a site/server that is protected by a reverse proxy.
  • Be alerted by push notifications on your mobile device.
  • The jetFlow.io automation plugin’s trigger and action.
  • Defending against denial-of-service (DoS) attacks (CVE-2018-6389).

变更日志: WP Cerber Security Pro – WordPress Antispam & Malware Scan

= v8.9.6 =
* New: A new [alert creation dialog with a set of new alert settings](https://wpcerber.com/wordpress-notifications-made-easy/) enables you to create alerts with new limits: an expiration time, the maximum number of alerts allowed to send, and optional rate-limiting. The alert conditions can include the URL of a request now.
* New: Deleting of [WordPress application passwords](https://wpcerber.com/wordpress-application-passwords-how-to/) is logged now.
* New: Ability to monitor [anti-spam](https://wpcerber.com/antispam-for-wordpress-contact-forms/), reCAPTCHA, and several other setting-specific events using links on the settings pages.
* Improved: Meaningful and actionable messages on the log screens if no activity has been found in the logs using a given search filter.
* Improved: If a WP Cerber feature requires a newer version of WordPress, such a feature will not be shown in the plugin admin interface anymore.
* Fixed: A fatal PHP error occurs while logging in on a version of WordPress older than 5.5 and a user has more than one active session.
* Fixed: A fatal PHP error occurs while using the reset password form on a version of WordPress older than 5.4.
* Fixed: While opening the Tools admin page, a PHP error might occur on some web servers.
* Fixed: While rendering the Activity tab, depending on the activities logged, the PHP warning can be logged in the server error log.
* Fixed: When [managing WP Cerber on a remote website via Cerber.Hub](https://wpcerber.com/manage-multiple-websites/), the admin page footer incorrectly displays the version of WP Cerber installed on the main website.
* Fixed: If the Site Title of a website contains some special characters like apostrophes, the subject of [email alerts and notifications](https://wpcerber.com/wordpress-notifications-made-easy/) contains such characters in encoded form.

= v8.9.5 =
* New: A new setting for [WP Cerber's anti-spam engine](https://wpcerber.com/antispam-for-wordpress-contact-forms/): "Disable bot detection engine for IP addresses in the White IP Access List".
* New: A new setting for [the reCAPTCHA module](https://wpcerber.com/how-to-setup-recaptcha/): "Disable reCAPTCHA for IP addresses in the White IP Access List".
* Improved: Logging all user session terminations including those that occurred when an admin manually terminate user sessions or [block users](https://wpcerber.com/how-to-block-wordpress-user/).
* Improved: If a user session has been terminated by a website admin, the admin’s name is logged and shown in the Activity log.
* Improved: Logging all user password changes including those made on the edit user admin page, and the WooCommerce edit account page.
* Improved: Logging [application passwords](https://wpcerber.com/wordpress-application-passwords-how-to/) changes.
* Improved: New status labels in the Activity log: "reCAPTCHA verified" is shown when a user solves reCAPTCHA successfully
* Improved: New status labels in the Activity log: "Logged out everywhere" is shown when a user has completely logged out on all devices and of all locations.
* Improved: Failed reCAPTCHA verifications are logged with form submission events they are linked to.
* Improved: A new event is logged: "Password reset request denied". With possible statuses "reCAPTCHA verification failed", "User blocked by administrator", "Username is prohibited".
* Improved: Handling reset of user passwords is improved to support changes in the WordPress core.
* Fixed: A cookie-related bug that causes a fatal software error if a user has been deleted or their password has been changed in the WordPress dashboard by the website administrator while the user is being logged in.
* Fixed: A bug with the WordPress lost password (reset password) form that prevents displaying error messages to a user.
* Fixed: When the [limit on the number of allowed concurrent user sessions](https://wpcerber.com/limiting-concurrent-user-sessions-in-wordpress/) is set to one, an attempt to log in with the user name and incorrect password terminates the existing session of the user.

= v8.9.3 =
Improved: The scanner: now checksums generated using manually uploaded ZIP archives have priority over the remote ones.
Improved: You can configure exceptions for WP Cerber's anti-spam by disabling its code on selected WordPress pages.
Improved: New diagnostic messages were added for better troubleshooting issues with ZIP archives uploaded in the scanner.
Fixed: A vulnerability that affects WP Cerber's two-factor authentication (2FA) mechanism.
Fixed: A bug that prevents uploading ZIP archives on the scan results page if the filename contains multiple dots.
Fixed: Fixed admin message "Error: Sorry, that username is not allowed." which is wrongly displayed on the user edit page while updating users with prohibited usernames.
Fixed: Not detecting malformed REST API requests with a question mark in this format: /wp-json?

v8.6.5
* New: File system analytics. It's generated based on the results of the last full integrity scan.
* New: Logging user deletions. The user’s display name and roles are temporarily stored until all log entries related to the user are deleted.
* New: Faster export with a new date format for CSV log export.
* New: Ability to disable adding the website administrator's IP address to the White IP Access List upon WP Cerber activation.
* Improved: Handling the creation of new users by WooCommerce and membership plugins.
* Improved: Handling user registrations with prohibited emails.
* Improved: Handling secure Cerber‘s cookies on websites with SSL encryption enabled.
* Improved: The performance of the integrity checker and malware scanner on huge websites with a large number of files.
* Fixed: Loading the default plugin settings has no effect. Now it’s fixed and moved from the admin sidebar to the Tools admin page.
* [Read more](https://wpcerber.com/wp-cerber-security-8-6-5/)

⭐Similar Suggestion: Wordfence Security Premium – WordPress Security Plugin

下载 WP Cerber Security Pro v8.9.6 Nulled – WordPress Antispam & Malware Scan

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

IThemes Security Pro v7.1.0 – Best WordPress Security Plugin

最后更新于:2022-03-28 10:52:15

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

The new version of the best WordPress security plugin available – iThemes Security Pro, will do everything for you to make your website more secure with an easy to enable or disable option.

WordPress is one of the most popular content management systems in the world and, without a doubt, one of the safest and most secure platforms in the Internet space.

However, even it requires additional protection after installation and new users can worry about hacker attacks. For these reasons, protection plugins are important, one of which we will look at today.

查看更多: WordPress comprehensive protection plugin – Wordfence Security Premium

演示: https://ithemes.com/security/

Features of iThemes Security Pro Plugin

Features of iThemes Security Pro Plugin
  • WordPress Password Protection (Brute Force) Limit the number of login failures allowed for users by using WordPress brute force protection. If someone tries to guess your password, it will be blocked after a few failed attempts.
  • File change detection If someone succeeds in accessing your site, they will most likely add, remove, or modify the site file. Get email notifications of recent file changes so you know if you’ve been hacked.
  • Detect 404
  • If the bot crawls your site for vulnerabilities, it will generate multiple 404 errors. iTheme Security will block this IP address after the limit you set (by default, 20 errors in 5 minutes).
  • Strong Password Protection Indicates what level of users on your site (admins, editors, users, etc) should have strong passwords. Forcing a strong password is one of the best ways to protect WordPress.
  • Block Bad Users Keep bad users away from your site if they have too many failed login attempts, if they generate too many 404 errors, or if they are blacklisted by bots.
  • Standby No changes to your site 24 hours a day? The WordPress Harden feature makes the WordPress dashboard inaccessible for certain hours so that no one else can sneak in and try to make changes.
  • “Hide Logins & Admins” Function Change the URL /wp-admin/login.php of your WordPress login credentials so that attackers don’t know where to find the entrance to your site. This feature is also good for helping customers remember their login link. Backup
  • Databases Backup your databases and send them by email. Make full backups and send them to destinations for off-server storage.
  • Email Notifications Receive email notifications when someone is blocked after too many failed login attempts or when a file on your site has been modified.
  • Scan WordPress for Malware The iThemes Security plugin uses the Sucuri SiteCheck crawler to scan for malware in WordPress. Sucuri SiteCheck uses a 10-point check to scan your site for known malware, blacklist status, site errors, and outdated software. With iThemes Security Pro, you can enable daily malware scans and receive email notifications if problems are detected.
  • WordPress Version Outdated software – whether it’s WordPress, themes, or plugins – compromises your websites because of security holes commonly known to cybercriminals. New version of iThemes Security Pro version control module can automatically update new versions of WordPress, themes and plugins, and take measures to increase security when website software fails time.
  • WordPress Magic Links Module The Magic Links feature allows you to login when your username is blocked by Local Brute Force Protection. Once your username is blocked, you can request an email with a special login link. Using email will bypass username blocking, while attackers will still be blocked.
  • Two-Factor Authentication Thanks to WordPress two-factor authentication from iThemes Security Pro, users need to enter a password and an additional code sent to a mobile device, such as a smartphone or tablet. To successfully log in to your user account, you need a password and a code. Two-factor authentication adds an extra layer of WordPress security to ensure that you are actually logging in, and not someone accessing (or even guessing) your password.

变更日志 IThemes Security Pro Plugin Nulled Free

v7.1.0 - 2022-01-31 
Important: iThemes Security now requires WordPress 5.8 or later.
New Feature: Introduce a new Import Export feature that allows for greater customization and flexibility.
Bug Fix: Scroll to top of window when navigating.
Bug Fix: Allow searching for Password Requirements.
Bug Fix: Login page would be blank when Passwordless Login was configured to use the "Username First" flow.
Bug Fix: Don't load WordPress and System Tweaks modules when the `ITSEC_DISABLE_MODULES` constant is enabled.
Bug Fix: Prevent incidentally loading the Two-Factor module when it is unregistered.
Bug Fix: Conditionally display the NGINX File Path setting.
Bug Fix: Allow saving Notifications when "default recipients must contain at least 1 item" error is present.

7.0.3 - 2021-08-10 
Enhancement: Reintroduce Feature Flags management UI.
Tweak: Reposition "Advanced" and "Tools" menu items to be more readable on lengthy screens.
Bug Fix: Sites that did not support HTTPS, but had the SSL module active, but not configured, on upgrade would get redirected to the HTTPS version of the site.
Bug Fix: When the Change Admin User tool is run, update any User Groups referencing the old user id.
Bug Fix: Unregister the iThemes Security Two-Factor module when the Two-Factor Feature Plugin is enabled.
Bug Fix: Add missing and correct erroneous textdomains.
Bug Fix: WordPress footer would appear in the middle of the logs page.

v7.0.2 - 2021-07-17
Tweak: Move "Have I Been Pwned" integration to the Core plugin.
Tweak: Reduce filename length and complexity for built CSS and JS files.
Bug Fix: Disable XML-RPC rules in server config files. Previously, XML-RPC was being disabled using the XML-RPC enabled filter.
Bug Fix: Fatal error on logs page when User Logging and Two-Factor are enabled and a user logs in using Two-Factor.
Bug Fix: Add missing constants to the debug page.
Bug Fix: Fatal error when sending the "Inactive Users" notification.
Bug Fix: Remove deleted recipients when saving notifications.
Bug Fix: Allow using reserved words as prefixes for the Hide Backend Login Slug.
Bug Fix: Enforce SSL would not redirect users from HTTP to HTTPS on the front-end of the website.
Bug Fix: Correct Site Scan statuses for scans with no issues.

v7.0.1 - 2021-06-24 
Bug Fix: Prevent Password Requirements being re-enabled if they were disabled before upgrading to iThemes Security 7.0, but had a group selected for them.
Bug Fix: Arguments to the implode function were reversed, causing a Fatal Error on PHP 8.
Bug Fix: Allow installing on WordPress 5.7.0, not just 5.7.1+.
Bug Fix: Ensure values passed to the TextareaListControl is an array.
Bug Fix: Don't run the dashboard migration if unneeded.
Bug Fix: Labels for Disable PHP Execution in Plugins and Themes were reversed.
Bug Fix: Activate the Geolocation module if Trusted Devices provided Geolocation API keys.

v7.0.0 - 2021-06-23
Important: iThemes Security now requires WordPress 5.7 and PHP 7.0 or later.
New: iThemes Security gets a redesigned interface focused on making it easier to configure and find what you're looking for. Read More: https://ithemes.com/?p=64448.
New: Instantly search over everything in iThemes Security with a new instant search feature.
New: Security Tools have been grouped into their own page. "Identify Server IPs" and "Security Check Pro" can be run manually without using Debug Mode.
New: Relevant content from the Help Center, iThemes Blog, and iThemes YouTube channel is surfaced in a new Help area based on the current page. Click the "Help" button in the toolbar or the "Info" icon next to the page title to access it.
New: The settings UI is now fully responsive and works great across mobile, tablet, and desktop devices.
Enhancement: Improved keyboard and screen reader support.
Enhancement: The User Security Profile Card now supports searching for specific users and filtering by User Role.
Enhancement: The User Security Profile Card can now be used to Force password changes, force a user to lockout, and send a Two-Factor setup reminder.
Enhancement: The Banned Users Card can add multiple bans at once.
Tweak: Add a new Global setting to control "Automatically Temporarily Authorize Hosts".
Tweak: When the Global setting "Hide Security Menu in Admin Bar" is enabled, notices will no longer be printed on non-iThemes Security pages. Instead, you can access the Message Center from the Settings or Dashbaord toolbars.
Tweak: The Security Dashboard has moved back to the Security menu and is now the default page.
Tweak: Your first security dashboard will be created automatically when you visit the dashboard for the first time. Create your own by clicking the dashboard's title, then select "Create New Dashboard".
Tweak: The Database Backups module is no longer available if you have BackupBuddy installed. If this behavior isn't desired, enable the "ITSEC_ENABLE_BACKUPS" constant.
Tweak: Activating the Magic Links module now enables the feature. The extraneous "Enable Lockout Bypass" setting has been removed.
Tweak: The Geolocation API configuration used by Trusted Devices has been moved into it's own dedicated "Geolocation" module.
Removed: The following modules have been removed: 404 Detection, Away Mode, Change Content Directory, and Multisite Tweaks.
Removed: The following WordPress and System Tweaks have been removed: Remove Windows Live Writer Header, EditURI Header, Comment Spam, Mitigate Attachment File Traversal Attack, Protect Against Tabnapping, Filter Long URL Strings, Filter Non-English Characters, Filter Request Methods, Remove File Writing Permissions.
Removed: The "Backup Full Database" setting has been removed from the Backups module.
Removed: The "Require SSL", "Front End SSL Mode", and "SSL for Dashboard" settings have been removed from the SSL module.
Removed: The "Strengthen when Outdated" setting has been removed from the Version Management module.
Bug Fix: Fix fatal errors when using PHP 8.
Bug Fix: Fix infinite loop when restricting who can use App Passwords on multisite installs.
Bug Fix: Ensure the ITSEC_Setup class does not exist before trying to load it. Display schema errors on multisite in the Network Admin.
Dev Note: Modules are now based on a module.json configuration file. If you are registering custom iThemes Security module, you should update it to include a module.json file that adheres to the core/module-schema.json JSON Schema.
Dev Note: Add a WP CLI command for running tools. See "wp help itsec tool" for more information.
Dev Note: Split the Two-Factor and Dashboard module into a Core module and a Pro module. Settings for these modules are still stored in the base module.
Dev Note: The Network Brute Force module had it's folder updated to "network-brute-force" from "ipcheck".
Dev Note: New Object Oriented API for creating Password Requirements.
Dev Note: New Settings and Modules REST API endpoints.
Dev Note: New RPC REST API namespace. There is no backward compatibility promise for these API endpoints.

v6.8.5 - 2021-06-17
Tweak: Add notice for the upcoming major 7.0 release.

= v6.8.4 - 2021-04-13 =
Security: Fix Hide Backend Bypass, thanks to Julio Potier for reporting the issue.
Tweak: Add filters to short-circuit lock APIs.
Bug Fix: Prevent wp_no_robots deprecation warning on WordPress 5.7.

= v6.8.3 - 2020-12-16 =
Tweak: Remove non-SSL fallbacks for Security Check Pro and Version Management.
Bug Fix: Tweak checkbox styles.
Security Improvement: To improve server compatibility, requests to the iThemes updater servers would automatically downgrade from https to http when https connections failed. This update removes the automatic downgrade. If your server cannot make outbound https connections, you can re-enable the downgrade capability by adding the following define in your site's wp-config.php file:
define( 'ITHEMES_ALLOW_HTTP_FALLBACK', true );

= v6.8.2 - 2020-12-07 =
- Bug Fix: Version Management compatibility with further changes in WordPress 5.6.

= v6.8.1 =
- Bug Fix: Improved compatibility with WP Engine.
- Bug Fix: Version Management compatibility with WordPress 5.6.
- Bug Fix: Follow Core UI patterns for Application Passwords.
- Bug Fix: Pass the `WP_Error` object to the `wp_login_failed` hook.
- New Feature: iThemes Security now supports Passwordless Login and reCAPTCHA v3 for Restrict Content Pro ( version 6.4.3 and later ).
- Enhancement: Overwrite Restrict Content Pro's detected IP address with the IP detected by iThemes Security.
- Tweak: Application Passwords compatibility with WordPress 5.6.
- Bug Fix: Two Factor and Passwords Requirements compatibility with Restrict Content Pro.
- Bug Fix: PHP warnings that may occur when initializing default user groups on a new installation.
- Enhancement: Add WP CLI command to run the Change Admin User tool.
- Tweak: Disable SSL verification when performing the Security Check Loopback test. Some hosts can't properly verify loopback requests. This verification is unnecessary in this circumstance, and disabling SSL verification aligns iThemes Security with default WordPress loopback behavior.
- Tweak: Override WordPress' built in auto update notices at a higher priority. This fixes issues with iThemes Security's settings being overwritten by other systems.
- Bug Fix: Some users would be force to choose a strong password twice in a row.
- Bug Fix: Warning when saving the Ban Users module outside of the Settings Page without passing the legacy host_list setting.
- Bug Fix: Fix issues with initializing a site scan from a non-licensed domain name.

⭐查看更多: Summary of free premium WordPress plugins, daily updates

下载 iThemes Security Pro v7.1.0 nulled:

下载 iThemes Security Local QR Code v1.0.1: 

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

Hide My WP v6.2.4 – Amazing Security Plugin for WordPress

最后更新于:2022-03-27 01:24:44

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

Hide My WP is the number one security plugin for WordPress. It hides your WordPress from attackers, spammers, and theme detectors. Over 26,000 satisfied customers use Hide My WP.

The Hide My WP plugin also hides your wp login URL and renames the admin URL. It detects and blocks XSS, SQL Injection security attacks on your WordPress site.

演示: https://codecanyon.net/search/4177158

Features Hide My WP – Amazing Security Plugin for WordPress

Features Hide My WP – Amazing Security Plugin for WordPress
  • Hide your wp-login.php path
  • Hide wp-admin folder and all its files (for untrusted users)
  • Change the WordPress theme directory, remove Theme Info from the stylesheet, replace the default WP classes and finally minify it!
  • Change plugin directory and plugins hash name
  • Change wp–includes folder, upload URL, AJAX URL, etc.
  • Change the WordPress query URL:
  • Change the author permalink (or disable it!)
  • Change or disable feeds
  • Hide all other WordPress files!
  • Disable WordPress archives, categories, tags, pages, posts, etc.

Trusted network

Hide My WP is the most popular security plugin on the Envato market. Wpwave has a large community of businesses based on WordPress. wpwave’s amazing volunteers allow us to collect and analyze anonymous data from their IDS database. These data are very valuable for any security company.

WPwave can instantly discover any common vulnerabilities in the network and protect wpwave customers automatically! Since everything is done in the background, you don’t need to do anything! Without a doubt, this is the simplest, fastest and most effective technique to protect WordPress based businesses!

Intrusion detection system

Using Hide My WP is one of the only WP-optimized Intrusion Detection (and Prevention) systems where you don’t even need to find a vulnerability. IDS automatically monitors the site and finds potentially dangerous requests based on a variety of patterns.

It assigns a number (Impact Factor) to each request indicating how dangerous it is. You always have access to all the details of the attacker: who they are, where they come from and how they are trying to hack your site! As and if they should block or not.

Continue reading still more!

  • Easily replace any word in your html output file!
  • Easily change/hide any URL or file with Replace URL!
  • Notifies you when someone is talking bad about your WordPress site (including visitor details like IP, user-agent, referrer, and even username!)
  • Compress html output and remove comments in source code
  • Remove WordPress meta information from header and feed
  • Change default WordPress email sender
  • Custom 404 page!
  • Remove unnecessary menu layers
  • Clean up the body layer
  • Education

变更日志 Hide My WP – Amazing Security Plugin for WordPress Nulled Free

v6.2.4 (October 26, 2021)
- Fixed security vulnerabilities reported by Envato.
- Minor Bug fixes.

v6.2.3 (January 15, 2021)
- Tested up to WordPress 5.6
- Bug: Fixed IDS Log entry when IDS is disabled.
- Bug: Fixed Gutenberg saving issue related to Rest API.
- Bug: Fixed issues in admin settings.
- Bug: Fixed robots.txt file rewrite issue.

= v6.2.2 =
- Bug: Fixed export file path issue
- Bug: Fixed site crashes issue while activating plugin.
- Bug: Fixed WP Rocket white labelling issue.
- Removed Deprecated functions.
- Redesign Dashboard boxes.
- Added option to put IDS in "alert" mode.
- Improve Instructions for renaming 'wp-admin' path.

v6.2.0 – July 10, 2020

- Support for hide Elementor page builder
- Hide Online Detectors option
- Allow Specific Countries
- Export settings to a file
- Improve ip lookup service
- Blocked IPs Listing with options to whitelist & delete
- Bug: "Open Wizard" link is incorrect when wp-admin path is renamed
- Bug: Plugin version incorrect
- Bug: Conflict with WP Rocket plugin
- Bug: High privacy breaks the site
- Deprecated: Replace `_wpnonce` option

v6.1 – 08/01/2020
Feature: IDS - Delete All Log for IP Address
Feature: Support for PHP 7.2 and 7.3
Bug: Cron job stuck
Bug: Deprecated: Function create_function()
Bug: hide_my_wp plugin name still visible in URL
Bug: PHP notice undefined variable rules
Bug: Incompatibility with Elementor v2.6
Bug: Dashboard fixes are shown with a blank line in b/w
Bug: PHP Warning: Cannot modify header information
Bug: Purchase code doesn't work for first time installation via Wizard
Bug: Wrong link to plugin settings
Bug: REST API rename issue
Bug: whatcms.org detecting WordPress
Bug: Trust Network Bugs

⭐Similar Suggestions: Wordfence Security Premium – WordPress Security Plugin

下载 Hide My WP v6.2.4 Nulled – Amazing Security Plugin for WordPress:

Note: Don’t need enter license

下载 Hide My WP Ghost Premium For WordPress v6.0.13 Nulled

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

WP Guard v1.9 – Security, Firewall & Anti-Spam plugin for WordPress

最后更新于:2022-03-27 01:18:12

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

WP Guard – Security, Firewall, and Anti-Spam for WordPress is a robust WordPress security plugin that guards your site from hackers, assaults, and other dangers. It will defend your website against SQLi (SQL Injection) assaults, XSS vulnerabilities, proxy, VPN, and TOR visitors, spam, malicious files (viruses), and a variety of other dangers.

WP Guard employs a clever algorithm (similar to that employed by big industry players) that uses code and pattern recognition to identify all known hacker assaults as well as new undiscovered threats, and then takes action automatically.

WP Guard – Security, Firewall, and Anti-Spam plugin for WordPress is directly integrated with WordPress, allowing you to view all logs in the Admin Dashboard. It also has a Banning System, which allows you to ban visitors (IP Address), countries, IP ranges, Internet Service Providers (ISPs), browsers, operating systems (OS), and referers. WP Guard comes with a lot of options and settings. You can effortlessly control the security of your website with its assistance.

WP Guard is a strong WordPress-specific Web Application Firewall. It enables any website administrator to take use of sophisticated and effective security measures. It’s really quick, well-optimized, and uses very little system resources.

演示: https://codecanyon.net/item/wp-guard-wordpress-security-firewall-antispam/23753284

dashboard-WP-Guard
ban-system
protection-modules
threat-logs
site-information

Features: WP Guard – Security, Firewall & Anti-Spam plugin for WordPress

  • Security in SQL: SQL Injection (SQLi) and XSS (Cross-Site Scripting) vulnerabilities are protected.
  • Proxy protection: Visitors or so-called persons hiding behind proxies are protected by proxy, VPN, and TOR.
  • protection against SPAM: Spammers and spammers that try to spam your website are protected.
  • DNSBL integration: To safeguard your website from bad visitors, integrate with some of the leading Spam Databases (DNSBLs).
  • AdBlocker Detection: Visitors that use AdBlockers to conceal adverts on the site should be detected and blocked.
  • Pattern recognition that is intelligent: Unknown and unknown attacks and exploits are detected.
  • Algorithms of Industrial Strength: Detect hacker assaults that are well-known.
  • System of prohibition: Allows you to ban and reroute visitors/users based on their IP address, country, IP range, operating system, browser, ISP, and referrer.
  • Bots and Invalid Crawlers must be protected: Blocking a large number of bad bots and crawlers will consume a lot of bandwidth on your website.
  • Defend Fake Bots: Check if the search engine bots that are visiting your site are genuine or not.
  • Look at the title: Any visitor response headers will be examined, and if a suspicious item is discovered, the visitor’s access to the site will be blocked.
  • Automobiles are not permitted: Attackers and threats such as Bad Bots, Crawlers, and others will be immediately blocked by the feature.
  • Log of Threats: Each threat and assault is recorded in the database and may be retrieved at any time. (There is no copy)
  • Detailed journal: Threat/Attack information like Browser, Operating System, Country, State, City, User-Agent, Map Location, and other relevant information may be found in logs.
  • Notifications by email: When an attack or threat is discovered, you will receive an email notification.
    Statistical dashboard To safeguard your site, go to the Dashboard and check your Stats.
  • Tools that come in handy: htaccess Editor, Hash Generator, and more utilities are included in this collection.
  • Error tracking: This handy tool displays all of your site’s logged faults.
  • Editor for.htaccess: There’s no need to open your.htaccess file in an external editor when you can modify it immediately from the Admin Panel.
  • Whitelist of IPs and Files: The program will disregard the list of IP addresses and files and will not block them.
  • Organize traffic: Observe your visitors as they engage with your website in real time.
  • Go to the Analytics page: Analyze and track how visitors interact with your website.
  • Checker for PHP Configuration: Check for any security issues in your current PHP configuration.
  • Information about the website: A page containing a lot of data and statistics about your website.
  • History of logins: Keeps track of all logins and attempted logins.
  • Very well-designed: The script is small and won’t take long for your site to load.
  • Meet the requirements: It looks great on a wide range of devices and screen resolutions.
  • Installation is simple: The installation is quick, simple, and straightforward.
  • Simple to use: The script’s admin page has a highly user-friendly UI.

and much more…

⭐Similar suggestions: Wordfence Security Premium – WordPress Security Plugin

变更日志: WP Guard – Security, Firewall & Anti-Spam plugin for WordPress

20 November 2021 – Version 1.9
Improved Proxy protection module
Improved Core
Improved Documentation
Fixed bugs
Optimized source code (Performance Improvements)

21 August 2021 – Version 1.8
Improved Proxy protection module
Improved Live Traffic module
Improved Core
Optimized source code (Performance Improvements)

1 August 2021 – v1.7
Improved Live Traffic module
Improved SQLi protection module
Improved Fake Bots detection
Improved Core
Fixed Bugs
Optimized source code (Performance Improvements)

24 June 2021 – v1.6.2
Improved Live Traffic module
Improved Proxy protection module
Improved IP Detection
Improved Core
Fixed Bugs
Optimized source code (Performance Improvements)

6 April 2021 – Version 1.6.1
Improved IP Detection
Improved Live Traffic module
Improved Proxy protection module
Improved Core
Fixed Bugs
Optimized source code (Performance Improvements)

1 April 2021 – Version 1.6
Improved Proxy protection module
Improved Core
Fixed Bugs
Optimized source code (Performance Improvements)

3 December 2020 – Version 1.5
Improved SQLi protection module
Improved UI (User Interface)
Improved Core
Fixed Bugs
Optimized source code (Performance Improvements)

⭐另请参考: Collection of Free Premium WordPress Plugin Repository on Codecanyon

下载 WP Guard v1.9 – Security, Firewall & Anti-Spam plugin for WordPress Nulled Free:

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

MainWP Sucuri Extension v4.0.8.1

最后更新于:2022-03-27 01:04:53

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

Sucuri’s proprietary SiteCheck Tool is used by the MainWP Sucuri Extension to scan your sites. SiteCheck uses the most up-to-date fingerprinting technology to enable web-based malware screening of your websites. It allows you to quickly identify whether your web apps are out of date, infected with malware, or even blacklisted by major search engines, all from the comfort of your MainWP Dashboard!

Check the Security Reputation and Status of Your Website

Many websites are hacked and infected long before their owners are aware of the situation. It frequently results in malware being listed in popular browsers such as Firefox and Chrome, costing you leads, your brand’s reputation, potential clients, and, ultimately, sales.

Sucuri’s proprietary SiteCheck Tool is used by the MainWP Sucuri Extension to scan your sites. SiteCheck uses the most up-to-date fingerprinting technology to enable web-based malware screening of your websites.

It allows you to quickly identify whether your web apps are out of date, infected with malware, or even blacklisted by major search engines, all from the comfort of your MainWP Dashboard!

The MainWP Sucuri Extension will remind you to scan your sites if you neglect. It will also save all of your scan reports!

Scan For:

  • Malware
  • Malicious javascript
  • Malicious iframes
  • Drive-By 下载s
  • Anomaly detection
  • IE-only attacks
  • Suspicious redirections
  • Blackhat SEO Spam
  • Spam

Also, Check For

  • Web Server Details
  • List of Scanned URLs
  • List of Javascripts Included
  • List of iFrames Included
  • List of External Javascripts Included

Check the status of your website on the blacklist.

With the Sucuri extension, you can verify the status of your site’s blacklisting using a variety of tools.

The following tools can be used to check the status of your site:

  • Google Safe Browsing
  • Norton Safe Web
  • Phish Tank
  • SiteAdvisor
  • Sucuri Malware Labs
  • Yandex
  • ESET

Protect Your Websites

To avert future tragedies, you should examine your website on a frequent basis.

Existence of a blacklist

Make sure your sites aren’t blacklisted by the main search engines and aren’t losing traffic as a result.

变更日志: MainWP Sucuri Extension

Version 4.0.8.1 – 9-10-2020
Updated: MainWP Dashboard 4.1 compatibility

Version 4.0.8 – 8-27-2020
Added: ‘mainwp_sucuri_table_features’ filter
Updated: Multiple cosmetic updates
Updated: WordPress 5.5 compatibility

Version 4.0.7 – 5-18-2020
Fixed: JS conflict issue
Updated: load extension .js file only on the Extensions and Site Overview page

Version 4.0.6 – 5-12-2020
Fixed: issue with filtering sites groups

Version 4.0.5 – 4-13-2020
Fixed: issue with double records in the reporting system
Fixed: multiple PHP Warnings

Version 4.0.4 – 2-12-2020
Fixed: multiple cosmetic problems
Fixed: issue with saving table sorting state after page reload

Version 4.0.3 – 2-3-2020
Fixed: error caused by the missing parameter in the ‘mainwp_sucuri_scan_done’ hook

Version 4.0.2 – 9-138-2019
Fixed: an issue with the table width on smaller screens
Added: save_state property to the sites list
Added: colReorder property to the sites list
Added: horizontal scroll to the sites list

Version 4.0.1 – 9-9-2019
Fixed: multiple cosmetic issues
Added: new shortcuts to the sites list on the extension page
Added: scheduled events info to the Cron Schedules list
Updated: reload page after closing the scan modal
Updated: multiple text notification

Version 4.0 – 8-28-2019
Updated: extension UI/UX redesign
Updated: support for the MainWP 4.0

Version 1.3.1 – 11-19-2018
Fixed: an issue with displaying scan results caused by a slow response from the Sucuri server.

Version 1.3 – 10-31-2018
Fixed: scan error caused by changed Sucuri response format

Version 1.2 – 4-20-2018
Added: support for the WP Cli scan command ( example: wp mainwp-sucuri scan [<siteid>] )
Version 1.1 – 2-26-2018
Updated: plugin info

Version 1.0 – 2-17-2016
Fixed: Translation issue
Fixed: Compatibility with MainWP 3.0 version
Added: An auto-update warning if the extension is not activated
Added: Support for the new API management
Added: Support for WP-CLI
Updated: “Check for updates now” link is not visible if the extension is not activated

Version 0.2.0 – 9-25-2015
Updated: Refactored code to meet WordPress coding standards

Version 0.1.2 (26-6-2015)
Added: An option to disable SSL certificate verification when scanning child sites

Version 0.1.1
Updated: Quick Start Guide layout

Version 0.1.0
Potential Security Issue – Internal Code Audit

Version 0.0.9
Added: Support for the API Manager

Version 0.0.8
Fixed: Notification email template format

Version 0.0.7
Tweaked: Notification email template format

Version 0.0.6
Added: Support for the Client Reports Extension
Added: Additional Plugin info
Added: Redirection to the extensions page after activating the extension.

Version 0.0.5
Notification added

Version 0.0.4
Quick Start Guide Added

Version 0.0.3
New Feature Added: Saving Security Scan Reports
New Feature Added: Email Notifications

Version 0.0.2
Removed Some Comments

Version 0.0.1
Initial Release

⭐另请参考: summary of all MainWP wordpress manager plugins

下载 MainWP Sucuri Extension v4.0.8.1 Nulled

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

MainWP IThemes Security Extension v4.0.4

最后更新于:2022-03-27 01:00:33

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

The MainWP iThemes Security Extension combines the power of your MainWP Dashboard with the popular MainWP iThemes Security Extension (600,000+ active installs). The iThemes Security extension allows you to control iThemes Security settings for all your subsites directly from your MainWP Dashboard.

Protect Your Child Sites!

MainWP iThemes Security Extension combines the power of your MainWP Dashboard with the popular iThemes Security Plugin (600,000+ active installs).

MainWP iThemes Security Extension allows you to control iThemes Security settings for all your subsites directly from your MainWP Dashboard.

演示: https://mainwp.com/mainwp-extensions/

Some of the things you can do directly from your MainWP Dashboard include:

  • Update, activate and deactivate the iThemes Security plugin from your MainWP Dashboard
  • Configure your iThemes Security settings in bulk across your network or customize them on individual subsites
  • Manage iThemes Security plugin features from your MainWP Dashboard such as
    • Global setting
    • 404 Detected
    • Away mode
    • Forbidden person
    • Brutal protection
    • Database backup
    • File change detection
    • Hide login area
    • Scan for malware
    • Secure Sockets Layer (SSL)
    • Strong Password
    • System Tuning
    • Edit WordPress
    • Admin User
    • Database prefix
  • Monitor the security status of iThemes
  • Follow iThemes Active Lockouts

The extension also adds an iThemes Security overview to the dashboard of each individual site allowing you to check the security status

变更日志: MainWP iThemes Security Extension Nulled

Version 4.0.4 – 1-22-2021
Updated: Compatibility with the latest iThemes Security plugin version

Version 4.0.3.1 – 9-10-2020
Updated: MainWP Dashboard 4.1 compatibility

= v4.0.3 - 7-14-2020 =
* Fixed: issue with the groups filter

= 4.0.2 - 9-13-2019 =
Fixed: an issue with the table width on smaller screens
Added: save_state property to the sites list
Added: colReorder property to the sites list
Added: horizontal scroll to the sites list

= v4.0 - 8-28-2019 =
Updated: extension UI/UX redesign
Updated: support for the MainWP 4.0

Version 1.8 – 8-10-2018
Fixed: PHP error that caused issues with activating the extension

⭐另请参考: summary of all MainWP wordpress manager plugins

下载 MainWP iThemes Security Extension v4.0.4 Nulled:

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。

Loginizer Security Pro v1.6.7

最后更新于:2022-03-27 00:36:59

格尺建站系统(GeChiUI.com)是基于WordPress深度定制中文版建站系统,优秀的主题与插件都可以无缝迁移到GeChiUI中使用。

Loginizer is a WordPress plugin that helps you combat bruteforce attacks by restricting login attempts for an IP after it reaches the maximum number of retries permitted. Loginizer allows you to filter or whitelist IP addresses for login. Other security features, like as Two Factor Authentication, reCAPTCHA, and PasswordLess Login, can be used to increase the security of your website.

More than 1000000 WordPress websites actively utilize Loginizer.

Our official documentation may be found at https://loginizer.com/docs. If you are a free user, we are also active in our community help forums on wordpress.org. https://loginizer.deskuss.com is our Premium Support Ticket System.

Features: Loginizer Security Pro

Features: Loginizer Security Pro

Free Features:

  • Protection from brute force. After three failed login attempts, IPs attempting to brute force your website will be blacklisted for 15 minutes. The IP address is restricted for 24 hours after numerous lockouts. This is the default setting, which can be adjusted in the WordPress admin panel’s Loginizer -> Brute Force page.
  • Logs of failed login attempts.
  • IPs on a blacklist
  • IPs on the whitelist
  • When a login attempt fails, you can create your own error messages.
  • Check for permissions on essential files and folders.

Pro Features:

  • MD5 Checksum of WordPress Core Files The administrator can also check and ignore files.
  • PasswordLess Login – When logging in, the username / email address will be requested, and an email with a temporary login link will be provided to that account’s email address.
  • Email-based two-factor authentication — An email will be sent to the account’s email address with a temporary 6 digit number to finish the login process.
  • Two-factor authentication through app — The user can set up the account using a 2FA app such as Google Authenticator or Authy.
  • Login Challenge Question – As an extra layer of security, the user can create a Challenge Question and Answer. After logging in, the user will be prompted to answer a question in order to complete the process.
  • reCAPTCHA — To avoid automated brute force assaults, Google’s reCAPTCHA v3/v2 can be configured for the Login page, Comments Section, Registration Form, and so on. Also works with WooCommerce.
  • Rename the Login Page — To prevent automated brute force attacks, the Admin can rename the login URL (slug) to something other than wp-login.php.
  • Rename the wp-admin URL — The wp-admin URL is used to access the WordPress admin section. You can alter it to anything you want with loginizer, such as site-admin.
  • If Rename Login with Secrecy is enabled, all Login URLs will still point to wp-login.php, and users will have to type the New Login Slug into the browser to access it.
  • Disable XML-RPC — In WordPress, you can simply disable XML-RPC. Most WordPress users don’t require XML-RPC, and it can be turned off to prevent automated brute force attacks.
  • Change XML-RPC — To prevent automated brute force attacks, the Admin can rename the XML-RPC to something other than xmlrpc.php.
  • Attackers commonly use usernames like admin, administrator, or variations of your domain name / business name. You can specify such a username here, and Loginizer will automatically blacklist any clients who try to use it (s).
  • New Registration Domain Blacklist – If you want to prevent new registrations for a specific domain, you can use this tool.
  • Change the Admin Username – The administrator can change the admin username to something more difficult to remember.
  • Auto Blacklist IPs – IP addresses will be automatically blacklisted if malicious bots or users utilize usernames saved by the Admin to log in.
  • Pingbacks Disabled – A simple technique to turn off pingbacks.

Loginizer has the following features:

  • After the maximum number of retries allowed, the IP address is blocked.
  • After the maximum number of lockouts allowed, the lockout is extended.
  • After the maximum number of lockouts, send an email to the administrator.
  • IP/IP range blacklist
  • IP/IP range whitelist
  • Examine the logs of failed attempts.
  • Make IP ranges.
  • IP ranges should be removed.
  • LGPLv2.1 is the license.
  • Secure & Safe

变更日志: Loginizer Security Pro

v1.6.5
1) [Fix] After Interim Login due to session timeout, the popup for login was not closed. This is fixed now.
2) [Fix] reCAPTCHA was not working on registration page with BuddyPress plugin. This is fixed now.

1.4.2
[Task] Tested up to: WordPress 5.2.0

1.4.1
[Task] Tested up to: WordPress 5.0.2

1.4.0
[Feature] Made Loginizer BuddyPress compatible.
[Bug Fix] There is an XSS bug introduced in version 1.3.8. This is fixed. Please upgrade ASAP.

1.3.9
[Feature] Added an option to Enable / Disable Brute Force checks.
[Feature] Added the feature to log the URL of the page from which the brute force attempt is being made.

1.3.8
[Feature] Added an option to Delete the entire Blacklist / Whitelist IP Ranges.
[Feature] Custom IP Header added as an option for detecting the IP as per the Proxy settings of a server.
[Bug Fix] In WooCommerce the number of login retries left was not being shown. This is fixed.

1.3.7
[Bug Fix] Blacklist and Whitelist IPs were not being deleted. This is fixed.

1.3.6
[Feature] Pagination added to the Blacklist and Whitelist IPs
[Bug Fix] SQL Injection fix for X-Forwarded-For. This is fixed. Vulnerability was found by Jonas Lejon of WPScans.com
[Bug Fix] There was a missing referrer check in Blacklist and Whitelist IP Wizard. This is fixed.

1.3.5
[Feature] Added a wizard for admins to set their own language strings for Brute Force messages
[Bug Fix] Twitter box shown in Loginizer was not accessed over HTTPS.

1.3.4
[Bug Fix] Fixed the BigInteger Class for PHP 7 compatibility.

1.3.3
[Feature] IPv6 support has been added.
[Feature] The last attempted username will now be shown in the Login Logs.
[Bug Fix] The documentation in the plugin was pointing to a wrong link. This is now fixed.

1.3.2
[Feature] Added option to choose between REMOTE_ADDR, HTTP_CLIENT_IP and HTTP_X_FORWARDED for websites behind a proxy
[Task] The news.js will now be loaded from HTTPS servers

1.3.1
[Feature] The Login attempt logs will now be shown as per the last attempt TIME and in Descending Order
[Feature] Added an option to Reset the Login attempts for all or specific IPs

1.3.0
[Feature] Added pagination in the Brute Force Logs Wizard
[Bug Fix] Disabling and Re-Enabling Loginizer caused an SQL error

1.2.0
[Task] The brute force logs will now be sorted as per the time of failed login attemps
[Bug Fix] Dashboard showed wrong permissions if wp-content path had been changed
[Bug Fix] Added Directory path to include files which caused issues with some plugins

1.1.1
[Bug Fix] Added ABSPATH instead of get_home_path()

1.1.0
[Feature] New Dashboard
[Feature] System Information added in the new Dashboard
[Feature] File Permissions added in the new Dashboard
[Feature] New UI
[Bug Fix] Fixed bug to add IP Range from 0.0.0.1 – 255.255.255.255
[Bug Fix] Removed /e from preg_replace causing warnings in PHP

1.0.2
Fixed Extended Lockout bug
Fixed Lockout bug
Handle login attempts via XML-RPC

1.0.1
Database structure changes to make the plugin work faster
Minor fixes

1.0
Blocks IP after maximum retries allowed
Extended Lockout after maximum lockouts allowed
Email notification to admin after max lockouts
Blacklist IP/IP range
Whitelist IP/IP range
Check logs of failed attempts
Create IP ranges
Delete IP ranges
Licensed under GNU GPL version 3
Safe & Secure

⭐Similar suggestion: Wordfence Security Premium – WordPress Security Plugin

下载 Loginizer Security Pro v1.6.7 Nulled

注意: 也许你需要在安装插件之前解压。 如果任何主题/插件包含病毒,我们不提供任何保证。在本地主机上使用,请先查杀病毒。