內容簡介
總結:Reflecters 的 Security Control 外掛透過偵測新裝置、用密碼覆蓋封鎖、並透過警報和橫幅通知用戶,提高 WordPress 的安全性。
**問題與答案:**
1. 如何偵測新裝置?
- 使用一個安全的基於 cookie 的系統來辨識新裝置。
2. 如何封鎖新裝置?
- 透過全螢幕密碼提示(預設密碼為 2210)來封鎖新裝置。
3. 什麼時候會通知管理員、編輯和作者用戶?
- 當新裝置登入時,會以警報音和警告橫幅通知所有管理員、編輯和作者用戶。
4. 有哪些功能是只有特定主管理員可以控制的?
- 只有指定的主管理員可以管理設定、封鎖/解封使用者,或重置受信任的裝置。
5. 什麼時候會暫時封鎖 IP?
- 在多次密碼嘗試失敗後,會暫時封鎖 IP。
6. 如何自訂警報音?
- 可以上傳自訂 MP3 音檔作為警報音。
7. 這個外掛適合哪些 WordPress 網站?
- 適合需要強大安全功能的多用戶環境的 WordPress 網站,確保只有受信任的裝置能存取管理區域,同時通知授權使用者有可能的威脅。
8. 使用這個外掛會要求哪個版本的 PHP?
- 需要 PHP 7.4+ 以使用現代功能如型別陣列。
外掛標籤
開發者團隊
② 後台搜尋「Security Control by Reflecters」→ 直接安裝(推薦)
原文外掛簡介
Security Control by Reflecters secures WordPress by detecting new devices, blocking them with a password overlay, and alerting users with sirens and banners.
Key Features
New Device Detection: Identifies new devices using a secure cookie-based system.
Siren Password Overlay: Blocks new devices with a full-screen password prompt (default password: 2210).
Broadcast Alerts: Notifies all admin, editor, and author users with a siren sound and warning banner when a new device logs in.
Master Admin Control: Only the designated master admin can manage settings, block/unblock users, or reset trusted devices.
IP Blocking: Temporarily blocks IPs after multiple failed password attempts.
Email Notifications: Sends alerts to admins, editors, and authors for new device logins, blocks, or trusted devices (configurable).
Trusted Device Management: Allows users to trust their devices after verification and admins to manage trusted devices.
Customizable Siren: Upload custom MP3 audio for the siren alert.
Security Headers: Adds X-Frame-Options, X-Content-Type-Options, and Referrer-Policy headers for admin pages.
This plugin is ideal for WordPress sites needing robust security for multi-user environments, ensuring only trusted devices access the admin area while keeping authorized users informed of potential threats.
Additional Notes
Default Password: The default siren stop password is 2210. Change it in the settings for security.
Security: The plugin uses nonces for AJAX security, secure cookies for device tracking, and hashes passwords client-side before transmission.
Performance: Uses transients for temporary data (new device detection, IP blocking) to minimize database load.
Compatibility: Tested with WordPress 6.8. Requires PHP 7.4+ for modern features like typed arrays.
For support, contact Reflecters at [email protected] or visit https://reflecters.com.