前言介紹
- 這款 WordPress 外掛「SecureFusion: Ultimate WP Security – Firewall, SSL Control, Anti Spam, Login Security」是 2019-03-10 上架。
- 目前有 20 個安裝啟用數。
- 上一次更新是 2024-01-19,距離現在已有 475 天。超過一年沒更新,安裝要確認版本是否可用。以及後續維護問題!
- 外掛最低要求 WordPress 4.9 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 7.4.1 以上。
- 有 1 人給過評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
ugurbicer | codeplusdev |
外掛標籤
ssl | login | firewall | security | anti-spam |
內容簡介
SecuPlug 是 WordPress 最簡單、最快速的安全外掛。它可以禁用你所選擇的特定 XML-RPC 服務,
隱藏登入頁面 URL 並將 HTTP 流量重定向到 HTTPS。
功能:
XMLRPC
WordPress 駭客攻擊(以及垃圾評論)主要是在 XML-RPC 請求上進行的。
Secuplug 幫助你管理一些關鍵的 XML-RPC 服務。它禁用了你所選擇的特定 XML-RPC 服務。
因此,它可以使你的網站對 XML-RPC 攻擊(例如垃圾評論)進行保護,而不必禁用所有 XML-RPC 服務。
XML-RPC 全面保護(禁用所有 xml-rpc)
拒絕所有遠端請求。最常用於阻止所有遠端攻擊。
XML-RPC 登入保護
拒絕遠端登入請求。最常用於防止暴力登入嘗試。
XML-RPC PINGBACK 保護
拒絕遠端 pingback 請求。最常用於防止 DDoS 攻擊。
自我 pingback 保護
拒絕遠端自我 pingback 請求。最常用於防止 DDoS 攻擊。
SSL
如果你有 SSL 憑證,你可以啟用 SSL。但首先必須從任何 SSL 經銷商購買 SSL 憑證。
同樣地,你可以使用 Cloudflare 免費的 SSL 服務。Secuplug 強制將你的網站選定區域的 URL 重定向為 HTTPS/SSL。
此外,它透過隱藏地址和確保你的登入頁面的 SSL,增強了你的登入頁面的安全性。
啟用 HTTPS/SSL
SSL 自動加密你的關鍵信息數據。
強制 HTTPS 登入
將登入頁面協議由 HTTP 重定向為 HTTPS。
強制 HTTPS 管理頁面
將管理頁面協議由 HTTP 重定向為 HTTPS。
強制 HTTPS 前台頁面
將前台頁面協議由 HTTP 重定向為 HTTPS。
登入
更改登入錯誤
禁用預設的登入錯誤,給攻擊者留下較少的提示。
更改管理員ID
如果你的管理員ID是 1,攻擊者不難預測你的管理員ID,進而對你的網站發起簡單的 SQL 漏洞攻擊。
新的自訂登入 URL 名稱
你可以變更你的登入頁面URL名稱而不會遇到 SSL 問題。
防火牆
過濾惡意請求
有助於保護你的網站免受 XSS、CSRF、代碼注入等攻擊。
禁用 Rest API
隱藏你的敏感信息。例如,管理員用戶ID、用戶列表和它們的ID。
有關詳細信息,請訪問我們的網站SecuPlug網站。
原文外掛簡介
SecureFusion acts as a robust shield against all known attack types, including login attempts and DDoS attacks via XML-RPC.
It not only enhances security but also significantly improves your site’s performance.
By preventing the collection of sensitive information from your site, it neutralizes many attack vectors.
This is a flawless solution for ensuring user safety and maintaining the speed of your site.
Features :
XMLRPC
SecureFusion aids in managing your critical XML-RPC services, often a prime target for WordPress hack attempts and spam comments.
The plugin allows you to selectively disable specific XML-RPC services, defending your site from XML-RPC attacks like spam comments without entirely disabling all XML-RPC services.
However, be aware that blocking all XML-RPC requests may impact the interaction of certain applications and services with WordPress.
XML-RPC FULL PROTECTION (Disable all XML-RPC)
This feature blocks all remote requests, offering an effective countermeasure against various remote attacks.
Remember, this might impact certain functionalities that rely on XML-RPC.
XML-RPC LOGIN PROTECTION
This feature denies remote login requests, providing an extra line of defense against brute force login attempts.
XML-RPC PINGBACK PROTECTION
This feature blocks remote pingback requests, assisting in the prevention of DDoS attacks.
SELF PINGBACK PROTECTION
This feature prevents remote self pingback requests, further strengthening your defenses against DDoS attacks.
SSL
SecureFusion facilitates SSL integration into your site, provided you have an SSL certificate purchased from any SSL dealer or acquired through a free SSL service like Cloudflare.
The plugin forces the redirection of selected zone URLs on your site to HTTPS/SSL.
Note that SSL certificates must always be valid and correctly configured; otherwise, users may face issues accessing the site.
Enable HTTPS / SSL
Automatically encrypts sensitive data via SSL.
Force HTTPS Login
Redirects login page protocol from HTTP to HTTPS.
Force HTTPS Admin
Redirects admin page protocol from HTTP to HTTPS.
Force HTTPS Front Page
Redirects front page protocol from HTTP to HTTPS.
Login
Login Attempt Limit
Set the maximum number of login attempts and the waiting time after reaching this limit to prevent brute force attacks on your login page.
Change Login Error
SecureFusion allows you to modify default login errors, making it harder for potential attackers to gather information.
Change Admin ID
This feature lets you change your admin ID, making it more difficult to guess user credentials rather than providing protection from SQL vulnerabilities as such.
New Custom Login URL
This feature lets you change your login page URL name.
Be aware that any changes to a URL, especially when using SSL/HTTPS, require the SSL certificate to be correctly configured to avoid potential issues.
Firewall
Filter Bad Requests
The plugin helps secure your site against various attacks such as XSS, CSRF, and Code Injections.
Disable Rest API
SecureFusion safeguards sensitive information from potential attackers by hiding it.
However, keep in mind that disabling the REST API can restrict the functionality of your WordPress site since some plugins and themes depend on it.
For complete information, please visit our website the SecureFusion website.
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「SecureFusion: Ultimate WP Security – Firewall, SSL Control, Anti Spam, Login Security」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
1.3 | 1.2.0 | 1.2.1 | 1.2.2 | 1.2.3 | 1.2.4 | 1.2.6 | 1.2.7 | 1.2.8 | 1.2.9 | 1.3.1 | 1.3.2 | 1.3.3 | 1.3.4 | 1.3.5 | 1.3.6 | 1.3.7 | 1.3.8 | 1.4.0 | trunk | 1.2.10 | 1.2.11 | 1.3.4.2 | 1.3.4.3 | 1.3.7.1 |
延伸相關外掛(你可能也想知道)
Wordfence Security – Firewall, Malware Scan, and Login Security 》fective way to manage multiple WordPress sites with Wordfence installed from a single location., Monitor security status across all your sites from...。
Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall 》Limit Login Attempts Reloaded 是一款WordPress外掛,可阻止暴力破解攻擊並透過限制常規登錄、XMLRPC、Woocommerce和自訂登錄頁面的登錄嘗試次數來優化您的...。
Security Optimizer – The All-In-One Protection Plugin 》透過精心挑選且易於配置的功能,SiteGround Security 外掛提供了您所需的一切來保護您的網站並預防多種威脅,例如暴力破解攻擊、登錄錯誤、資料外洩等等。, ...。
All-In-One Security (AIOS) – Security and Firewall 》vated to your website, All-in-One Security's WAF will detect and block hacking attempts, adding an extra layer of security to your WordPress site. ...。
Sucuri Security – Auditing, Malware Scanner and Security Hardening 》Sucuri Inc. 是全球公認的網站安全權威,專門為 WordPress 安全提供專業知識。, Sucuri Security WordPress 擴充套件對所有 WordPress 使用者免費提供。它是...。
MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall 》at Is MalCare Security Services?, MalCare Security Services 是一款 WordPress 網站的安全外掛程式。★★★★★, 這款 WordPress 安全外掛程式可以確保您的網站...。
Spam protection, Anti-Spam, FireWall by CleanTalk 》Forms spam filter, Plugin extends spam protection for Gravity Forms. It filters spam submissions for each form created with Gravity Forms., MemberP...。
NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall 》真正的網路應用防火牆, NinjaFirewall (WP Edition)是一個真正的網路應用防火牆。雖然它可以像外掛一樣安裝和設定,但它是一個獨立的防火牆,位於 WordPress ...。
Login Lockdown & Protection 》Login LockDown 記錄每次失敗的登入嘗試的 IP 位址和時間戳記。如果在短時間內來自相同 IP 範圍的嘗試次數超過一定數量,那麼該 IP 位址的所有登入請求都會被...。
WP Ghost (Hide My WP Ghost) – Security & Firewall 》Hide My WP Ghost 是一個 WordPress 安全外掛,透過強大且易於使用的功能,提供最佳的安全解決方案。它可以在不改變任何目錄或檔案的情況下,將網站的安全性...。
Anti-Malware Security and Brute-Force Firewall 》特點:, , 下載定義更新以保護免受新威脅。, 運行完整掃描以自動刪除已知的安全威脅、後門腳本和資料庫注入等問題。, 阻止防火牆 SoakSoak 和其他惡意軟體利...。
BBQ Firewall – Fast & Powerful Firewall Security 》, 安裝、啟用、完成!, WP 最快的防火牆外掛程式提供強大的保護。, , BBQ Firewall 是一個輕量級、超快速的外掛程式,可以保護您的網站免受各種威脅。BBQ 會...。
Defender Security – Malware Scanner, Login Security & Firewall 》our WordPress website with Defender. This plugin offers comprehensive security features that protect against various vulnerabilities and hacks, inc...。
Titan Anti-spam & Security 》ime for new hacking patterns and malicious IP addresses, to block attacks., [PRO] We provide 24/7 technical support., [PRO] Protect your website fr...。
Shield: Blocks Bots, Protects Users, and Prevents Security Breaches 》你一定會喜歡的功能, , 獨家AntiBot Detection Engine - 強大的替代 Google reCAPTCHA 和 CloudFlare Turnstile。, 自動防止機器人和 IP - 基於評分的安全智...。