內容簡介
這個外掛增強了WordPress的安全性。
對付諸如暴力攻擊等恶意攻击非常有效。
包括以下具體的功能:
1. Google reCaptcha v3保護登錄屏幕免受機器人攻擊。
2. 更改登錄屏幕的URL,以避免對登錄屏幕的攻擊。
您可以防止嘗試登錄和破解,例如暴力攻擊。
添加參數到登錄URL中,這樣默認登錄URL將被隱藏。
3. 阻止作者存檔頁面的顯示。
WordPress會因為通過作者ID重定向作者存檔頁面來洩露您的登錄ID。
(如果您輸入"your-site-url/?author=1",您可以試試看。)
簡單地隱藏作者存檔頁面,以防止洩漏登錄ID。
4. 限制XML-RCP功能的部分功能以防止攻擊。
阻擋對啟用pingback的其他站點進行的DDOS攻擊。
阻止通過XML-RPC的登錄。
5. 禁用REST API功能,減少接收外部攻擊的風險。
您可以禁用所有REST API,也可以部分禁用它們。
(此功能將在版本2.1中刪除.)
這些功能可以選擇是否啟用。
此插件不會修改.htaccess
您可以放心使用。
它也可在Apache和Nginx上運行。
(照片由Keoni Cabral https://www.flickr.com/photos/keoni101/提供)
外掛標籤
開發者團隊
📦 歷史版本下載
原文外掛簡介
This plugin enhances the WordPress security.
Effective such as the brute force attack.
Includes the following specific functions.
1.Google reCaptcha v3 protect login screen from bot attacks.
2.Change the URL of the login screen, to avoid attacks on the login screen.
You can ward off tying for try to login for cracking, such as Brute-force attack.
Adding parameter to login URL so that default login url will hidden.
3.Block the display of author archive page
WordPress leaks your login id because of redirect author archive page by author id to login id.
(If you enter “your-site-url/?author=1”, you can try it.)
Simply hideing author archive page so that block to leak login id.
4.To limiting the part of the XML-RCP feature prevents the attack.
Block DDOS attacks against other sites with yor WordPress site, pingback enabled.
Block login via XML-RPC.
5.Disable the REST API function and reduce the risk of receiving external attacks.
You can disable all REST APIs and you can partially disable them.
(This feature will be removed in version 2.1.)
These features will be able to choose whether or not to enable.
This plug-in does not change the .htaccess
You can use with confidence.
Also it works in both Apache and nginx.
(photo by Keoni Cabral https://www.flickr.com/photos/keoni101/)
