[WordPress] 外掛分享： Iron Security – WordPress Security Plugin

Name: Iron Security – WordPress Security Plugin
Rating: 5 (1 reviews)
Author: wpiron

WordPress 外掛 Iron Security – WordPress Security Plugin 的封面圖片

40+

安裝啟用

★★★★★

5/5 分（1 則評價）

238 天前

最後更新

—

問題解決

WordPress 4.7+ PHP 7.4+ v2.5.3 上架：2025-03-23

內容目錄

1 內容簡介
2 外掛標籤
3 開發者團隊
4 原文外掛簡介
5 延伸相關外掛

內容簡介

### 摘要:
Iron Security是一款終極的WordPress安全外掛程式，旨在透過必要的保護功能來保護和加強您的網站安全。不論您是部落客、企業所有者還是開發者，Iron Security都有助於保護您的網站免受攻擊和未經授權的進入。

### 問答組合:
- **這個外掛程式的關鍵功能是什麼？**
- 一般加固
- 禁用XML-RPC API
- 禁用REST API
- 隱藏WordPress版本
- 禁用文件編輯
- 啟用插件和核心自動更新
- 登入和驗證安全
- 自定義管理員區 URL
- 限制登入嘗試次數
- 限制管理員人數
- 空閒使用者的會話超時
- 更改預設管理員ID
- 阻止使用者列舉
- 檔案和目錄保護
- 阻止PHP檔案上傳
- 防止直接檔案訪問
- HTTP安全標頭
- X-Content-Type-Options
- X-Frame-Options
- X-XSS-Protection
- Strict-Transport-Security (HSTS)
- Referrer-Policy
- Content-Security-Policy (CSP)
- Permissions-Policy

- **這個外掛程式的易用性如何？**
- 乾淨直觀的管理面板
- 輕量且針對效能進行優化
- 與主題和外掛程式相容

- **這個外掛程式適合哪一類使用者？**
- 適合任何尋找WordPress安全外掛程式的人，提供實用的保護功能，而不會使網站變得臃腫。

開發者：WPIron
授權：本外掛程式根據GPLv2或更新版本許可。

外掛標籤

2FA login malware firewall security

開發者團隊

👤 wpiron

⬇ 下載最新版 (v2.5.3) 或搜尋安裝

① 下載 ZIP → 後台「外掛 › 安裝外掛 › 上傳外掛」
② 後台搜尋「Iron Security – WordPress Security Plugin」→ 直接安裝（推薦）

📦 歷史版本下載

2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.2.7 2.2.8 2.2.9 2.3.0 2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.3.7 2.3.8 2.3.9 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.5.0 2.5.1 2.5.2 2.5.3 trunk 2.3.10 2.3.11 2.3.12 2.3.13

原文外掛簡介

Iron Security is your WordPress security bodyguard.
It shields your site from brute force attacks, unauthorized admin access, file injections, and common exploits like XML-RPC and REST API abuse. Whether you’re a solo creator or managing client sites, Iron Security delivers essential protection without the performance hit.
🔒 Don’t wait until your site is compromised. Secure it now — effortlessly.
Iron Security includes real-time brute-force protection, custom login URLs, HTTP headers, session control, malware upload prevention, and much more. All from a single, easy-to-use plugin dashboard.
Protects Against:
– 🔐 Brute Force Attacks (Limit login attempts, 2FA)
– 👮 Unauthorized Admin Access (Custom login URL, admin limit)
– 👤 User Enumeration
– 🎯 Admin Account Targeting (Admin ID & username protection)
– 💣 XML-RPC & REST API Exploits
– 🛡️ Code Injection & PHP Malware Uploads
– 📂 Direct Access to Sensitive Files
– 📛 MIME Sniffing & Content-Type Exploits
– 🖼️ Clickjacking
– 🧬 Cross-Site Scripting (XSS)
– 🌐 Referrer Leakage
🔐 Key Features
🛠 General Hardening

Disable XML-RPC & REST API
Hide WordPress & WooCommerce versions
Block AI & scraping bots
Disable file editor
Enable plugin & core auto-updates

🔍 Security Logs

View detailed logs of login attempts and alerts
Filter logs by IP, message, or date
Audit suspicious activity easily

🔑 Login & Authentication

Custom login/admin URL
Limit login attempts with lockouts
Session timeout for idle users
Limit number of administrators
Block user enumeration
Change default Admin ID and Username
Enable 2FA (Google Authenticator)

🗂 Files & Directory Protection

Block PHP file uploads
Prevent direct access to core/system files

📦 HTTP Security Headers

X-Content-Type-Options
X-Frame-Options
X-XSS-Protection
Strict-Transport-Security
Referrer-Policy
Content-Security-Policy
Permissions-Policy

Iron Security is built for creators who care about speed, simplicity, and security. If you’re not securing your site, you’re risking everything.

Credits
Developed and maintained by WPIron
License
This plugin is licensed under the GPLv2 or later.