wordpress-security

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

WPScan rewritten in Python + some WPSeku ideas

WAF for WordPress 🔥 with 60+ security checks and weekly updates

A command line took to check the WPScan Vulnerability Database via API to identify the security issues of WordPress plugins installed.

Useful plugin that will scan your theme templates for malicious injections. Automatically. Every day. For more blog security.

Unique host templates to enhance own privacy in games, websites and regulary software on Desktop and Android devices

A wordpress security auditor! Audit your wordpress application for security issues with even 1 request.

Prevents users from being logged into the same WordPress site from multiple places.

fail2ban setup for centminmod.com LEMP stack with CSF Firewall

Require certain users to change their passwords on a regular basis.

Simple Bash Script For Collecting Wordpress Username

Verifies MD5 checksums of WordPress core files, sends e-mail to the mail address of your admin user warning in case of threat. Just activate it and you are done.

Helps keeping WordPress websites secure.

Automatic updating of the comment blacklist in WordPress with antispam keys from GitHub.

Super easy security for WordPress

Wordfence Custom "Lockout" and "Blocked" Messages that Maximize Security by minimizing information provided to attackers

Wordpress plugin to change its password hashing mechanism with PHP native password_* set of functions.

WP EzPz Tweaks is an all-in-one WordPress plugin that helps you personalize the admin panel appearances, clean your site code and remove unwanted features to increase its security and improve performance.

This script will remove the malicious eval() code in Wordpress installation.

Need a security hardened wordpress installation without plugins? Head to your functions.php file in your theme or create one if it does not exist or download this repo and rename it according.

Addresses from which various server attacks and spyware originate

A shell script for diagnosing wordpress applications

Apache configuration and useful functions for more secure and performant Wordpress sites.

WordPress Nonce Implementation Object Oriented Way

A simple web api to run wpscan.

Compare the files and folders of the original source code of WordPress against a website

Proof of concept for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin (CVE-2022-0236)

The main task of this plugin is to increase the security of the site and improve the performance of the site by disabling completely unnecessary hooks and also optimizing SQL queries