PLUGIN INFORMATION:
Smart Security Tools is a powerful plugin for improving security of your WordPress powered website. Plugin contains collection of tweaks and tools for extra security protection along with Security Advisor that can help you determine what needs to be done. Plugin includes integration of Sucuri Free Security Scanner (shows malware on the website and blacklisting status on major security related websites). Plugin includes database based Security Log that can log different event types you can use to detemerime problems, potential attacks and exploits, IP’s used for access, referers, user agents… You can ban IP’s from Security Log.
Plugin offers tips on what you need to improve on your website. Based on the status of tips on this panel, plugin will calculate security percentage. It is important to follow all recommended tips and as much as you need optional tips.
Collection of easy to use security tweaks:
General tweaks are easy to set up, and you can solve many security issues directly with these. Some of these tweaks, if active will also log security events into database.
List of general tweaks:
Prevent access to banned IP’s (v1.5)
Prevent SQL injections
Prevent too long URL’s
Simple registration honeypot
Remove errors from login screen
Restrict username length
Remove username from comments CSS classes
Remove WordPress version
Remove RSD link
Remove WLW manifest link
Disable XML-RPC
Collection of powerful .htaccess enhancements:
Most important security features are implemented using .htaccess file in the WordPress root directory. This is available only for Apache (and LiteSpeed) based web servers.
List of .htaccess tweaks :
Prevent WordPress installation directory browsing.
Disable the Server Signature on server error pages.
Deny all comments requests with no valid referer.
Prevent access to WordPress root system files.
Ban access to IP’s banned in Security Log.
Ban access to additional listed IP’s.
Limit body size of a single request and file upload size.
Prevent access to XML-RPC due to Pingback Vulnerability.
Disable Trace and Track request methods.
Blacklist Query Strings using listed rules.
Blacklist Request Strings using listed rules.
Blacklist User Agents using listed rules.
Security Logs to track security related events:
Security Log adds two database tables to log all sorts of security related events. For each event you will get information about user (or visitor), IP, user agent, referer and other information depending on event that can help you track sources of new security probes or attacks. You can ban IP addresses through the security log panel.
List of events types logged by plugin:
Login
Logout
Login Error
Error 404
Error 404: PHP
Error 404: Query
Registration
Registration Honeypot
SQL Injection URL
Too Long URL
Other Plugin Features Included:
Change ‘admin’ username if exists.
Change any username.
Export and Import settings.
Support for Multisite WordPress mode.
System and WordPress Requirements:
WordPress 3.2 or newer.
PHP 5.2.4 or newer.
Apache Web Server (for .htaccess based tweaks and tools).
Access to .htaccess file (if not, you need to manually add changes to it).
Disclaimers:
For .htaccess based tweaks and tools plugin supports only Apache (and LiteSpeed) web servers. If you use some other web server, you can only use other plugin features.
Make sure you read plugin documentation and all the information provided by the plugin for each tweak and tool.
If you make changes to blacklist .htaccess tweaks, or list of IP’s to ban, be careful with those changes, or you can even lock yourself out of the website.
You are using Smart Security Tools for WordPress at your own risk.
Demo :
http://codecanyon.net/item/smart-security-tools/6210378?WT.ac=category_item&WT.seg_1=category_item&WT.z_author=GDragoN
No comments:
Post a Comment