[WordPress] 外掛分享： Lumiverse Security Watchdog Lite

內容簡介

**總結：**
Lumiverse Security Watchdog Lite 是一款輕量級的 WordPress 背景安全掃描工具，可幫助您及早發現系統被入侵的早期跡象。它監控 JavaScript 檔案、外掛、管理員帳號和資料庫中的可疑選項。

**問題與答案：**
- 什麼是 Lumiverse Security Watchdog Lite？
- Lumiverse Security Watchdog Lite 是一個輕量級的 WordPress 背景安全掃描工具，用於偵測系統是否受到侵入。
- 它監控哪些內容？
- 它監控 wp-content 內變更的 .js 檔案、外掛的新增和刪除、管理員帳號以及資料庫中的可疑選項。
- 當發現可疑行為時，系统會如何通知用戶？
- 當偵測到可疑活動時，系統可以發送郵件報告，讓您能夠快速採取行動。
- Lumiverse Security Watchdog Lite 的功能包括哪些安全硬化措施？
- 它的硬化功能包括停用 XML-RPC、停用 WordPress 檔案編輯器、以及封鎖前端和管理介面的留言功能。
- Lumiverse Security Watchdog PRO 將提供哪些功能？
- Lumiverse Security Watchdog PRO 即將推出，將提供額外的安全功能、更深入的掃描和更先進的保護。

外掛標籤

開發者團隊

原文外掛簡介

Lumiverse Security Watchdog Lite
Lumiverse Security Watchdog Lite is a lightweight yet powerful WordPress security plugin designed to detect early signs of compromise and reduce common attack surfaces.
It runs automated background scans and alerts you when something suspicious is detected.
What it monitors
✔ Malware signatures (JS & PHP)
Scans files for known malware patterns including injectors, obfuscated scripts, and common webshell families.
✔ Changed JavaScript files
Detects modified .js files and analyzes them for suspicious behavior.
✔ Plugins (new, deleted, suspicious)
– Detects newly installed or removed plugins
– Flags suspicious plugin names (e.g. random/hash-based folders)
– Detects known fake plugin families (WP Default, Cache Engine, Slick Popup, etc.)
✔ Core integrity checks
– Flags important WordPress core files modified recently
– Scans recent core PHP files for suspicious patterns
✔ Uploads directory scanning
– Detects PHP files inside uploads (common malware location)
– Detects executable files (php, phtml, phar, etc.)
✔ Admin user monitoring
– Detects new admin accounts
– Flags suspicious admin usernames or invalid emails
✔ Database backdoor indicators
– Detects suspicious _pre_user_id entries used by hidden admin exploits
Security Hardening Features
Reduce attack surface with one-click protections:
✔ Block XML-RPC
✔ Disable application passwords
✔ Disable file editing (wp-admin editor)
✔ Disable plugin/theme installation & updates (optional)
✔ Disable plugin/theme deletion
✔ Hide login error messages
✔ Limit login attempts (basic brute-force protection)
✔ Block pingbacks
✔ Block user enumeration
✔ Block comments sitewide
✔ Block password reset for administrators
Alerts & Monitoring
✔ Email notifications when threats are detected
✔ Alerts if “Anyone can register” is enabled
✔ Optional auto-fix to disable user registration
✔ Admin hygiene warnings (e.g. weak usernames)
Performance Focused
✔ Fast Mode: scan only recently modified files
✔ Lightweight: no heavy server load
✔ Designed to work alongside plugins like Wordfence
Important
This plugin does NOT automatically clean malware.
It is a detection and monitoring tool that helps you:
– detect compromises early
– understand what changed
– take action before damage spreads

延伸相關外掛

Wordfence Security – Firewall, Malware Scan, and Login SecurityWordfence Security 是最受歡迎的 WordPress 安全防護外掛，...Anti-Malware Security and Brute-Force FirewallAnti-Malware Security and Brute-Force Firewall 外掛旨在保...NinjaScanner – Virus & Malware scan該款WordPress外掛為「NinjaScanner」，是一款輕量、快速且強...AntiVirusAntiVirus 是一個易於使用、安全的工具，可加固您的 WordPres...Exploit Scanner此外掛會搜尋你網站上的檔案，以及你資料庫中的文章和評論表...Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale)✔ 透過名稱、ID、SKU 或掃描條碼查找商品/訂單 ✔ 快速管理庫...Vigilant – 100% Free Security Suite: Firewall, 2FA, Login, Headers, Scanner…Vigilant 是一款完全免費的 WordPress 安全外掛，提供企業級...WP Authenticity CheckerWP Authenticity Checker 是一款掃描 WordPress 主題和外掛程...Plugin Security Scanner此外掛可檢測您的其他外掛或佈景主題是否存在安全漏洞，方法...Qr Code and Barcode Scanner Reader這個外掛是在 WordPress 中整合了 html5-qrcode 的分支版本。...QR Scanner Redirect這個 WordPress 外掛包含了一個具備重定向功能的網頁 QR 掃描...Vulnerable Plugin Checker這個外掛利用 WPScan 的 API 自動檢查已安裝插件是否存在已知...Malcure Security SuiteMI Security Suite 有助於鎖定和保護你的 WordPress 網站。Page and Post Lister這是一個文章和頁面多功用外掛，可以在一個視圖中顯示所有文...Input Scanner這個 WordPress 外掛包含一個 HTML 輸入元素的網頁條碼和 QR ...