內容簡介
<html>
<body>
<h2>S4E: 輕鬆連續的網路安全</h2>
<p>這是一個強大的 WordPress 外掛程式,與 S4E 掃描 API 無縫整合,為您的網站提供全面的安全掃描功能。此外,這個外掛還提供了用戶友好的界面,可觸發各種類型的安全掃描並查看詳細報告。</p>
<h3>重點功能:</h3>
<ul>
<li>用戶友好的界面,支持明亮/暗黑主題</li>
<li>多種掃描類型:
<ul>
<li>完整掃描</li>
<li>輕量級掃描</li>
<li>單一掃描</li>
<li>網站爬蟲掃描</li>
</ul>
</li>
<li>即時掃描進度追蹤</li>
<li>詳細的掃描報告</li>
<li>安全的 API 整合</li>
<li>響應式設計</li>
</ul>
<h3>如何使用:</h3>
<ol>
<li><strong>Step 1: 創建 S4E 帳戶</strong>
<ol>
<li>訪問 S4E 註冊並創建免費帳戶</li>
<li>驗證您的電子郵件地址</li>
<li>登錄到您的 S4E 儀表板</li>
</ol>
</li>
<li><strong>Step 2: 獲取您的 API 標記</strong>
<ol>
<li>在您的 S4E 儀表板中,導航到 API 標記頁面</li>
<li>生成新的 API 標記</li>
<li>複製標記(您將需要此標記用於外掛程式)</li>
</ol>
</li>
<li>...</li>
</ol>
</body>
</html>
</body>
</html>
外掛標籤
開發者團隊
② 後台搜尋「S4E: Effortless & Continuous Cybersecurity」→ 直接安裝(推薦)
原文外掛簡介
S4E: Effortless & Continuous Cybersecurity is a powerful WordPress plugin that seamlessly integrates with the S4E scan API to provide comprehensive security scanning capabilities for your website. This plugin offers a user-friendly interface to trigger various types of security scans and view detailed reports.
Key Features
User-friendly interface with light/dark theme support
Multiple scan types:
Full Scan
Light Scan
Single Scan
Crawler Scan
Real-time scan progress tracking
Detailed scan reports
Secure API integration
Responsive design
How to Use
Step 1: Create an S4E Account
1. Visit S4E Signup and create a free account
2. Verify your email address
3. Login to your S4E dashboard
Step 2: Get Your API Token
1. In your S4E dashboard, navigate to API Token page
2. Generate a new API token
3. Copy the token (you’ll need this for the plugin)
Step 3: Install and Configure the Plugin
1. Install and activate the plugin in WordPress
2. The plugin will automatically create a new “S4E Security” menu item in your WordPress admin sidebar
Step 4: Access the Plugin
1. In your WordPress admin area, navigate to “S4E Security” in the sidebar menu
2. You’ll see a login form where you can enter your S4E API token
3. Enter your S4E API token in the login field
4. Click “Login” – you’ll be redirected to your profile dashboard
Step 5: Add Your Asset for Auto-Verification
1. In the Profile tab, you will see your WordPress site’s domain automatically detected.
2. To enable auto-verification, add this asset to your S4E account by clicking “Add Asset”.
3. After adding the asset, you will see a popup to choose a verification method. Both security.txt and HTML file methods are available for verification.
4. When you choose a verification method, a file will be automatically created in the root of your domain (e.g., wordpress.net/security.txt or wordpress.net/s4e-ft6PdLzawaNM.html).
5. Click the “Verify Asset” button to complete verification. For successful verification, the security.txt file must be accessible at your base domain (e.g., wordpress.net/security.txt).
6. Your asset will be verified automatically once the file is detected.
Step 6: Start Your First Scan
1. Go to the “Reports” tab
2. Click “Start a new scan”
3. Choose your scan type:
– Full Scan: Comprehensive security analysis (recommended for first scan)
– Light Scan: Quick security check
– Single Scan: Redirects to S4E web interface for advanced scanning
– Crawler: Maps your website structure
4. Click “Start Scan”
Step 7: View Results
1. Scan progress will be displayed in real-time with status updates.
2. Once every scan is completed, detailed reports will be available in the Reports tab.
3. Click on any report to view vulnerability details and remediation recommendations in the S4E web interface.
Demo Credentials:
For review purposes, you can contact S4E support at [email protected] for a demo token.
Requirements
WordPress 5.8 or higher
PHP 7.4 or higher
Active S4E account and API credentials
External Services
This plugin connects to external services to provide security scanning capabilities. The following external services are used:
S4E API (https://api.s4e.io/api)
What the service is and what it is used for:
The S4E API is a comprehensive security scanning service that provides vulnerability assessment and reporting capabilities for websites and web applications.
What data is sent and when:
– API Token: Sent with every request for authentication
– User Information: Sent when retrieving user profile and package information
– Asset Information: Sent when adding, checking ownership, or retrieving details about domains/URLs to be scanned
– Scan Parameters: Sent when initiating various types of security scans (Full Scan, Light Scan, Single Scan, Crawler Scan)
– Scan History Requests: Sent when retrieving scan history and reports
– Activity Logs: Sent when retrieving scan activity and progress information
Service Provider Information:
– Service Provider: S4E (Security 4 Everyone)
– Terms of Service: https://s4e.io/terms-of-use
– Privacy Policy: https://s4e.io/privacy-policy
S4E SRS Service (https://srs.s4e.io)
What the service is and what it is used for:
The S4E SRS (security.txt Reporting Service) is used to generate security.txt files for domains, providing contact information for security researchers and vulnerability disclosure.
What data is sent and when:
– Domain Information: Sent when generating security.txt files for vulnerability disclosure
Service Provider Information:
– Service Provider: S4E (Security 4 Everyone)
– Terms of Service: https://s4e.io/terms-of-use
– Privacy Policy: https://s4e.io/privacy-policy
Additional Information
For more information about S4E and its services, please visit S4E.io.
