外掛標籤
開發者團隊
原文外掛簡介
Sovaryx Login Security strengthens your WordPress site’s security with essential features while staying lightweight and easy to operate.
Key Features
Dashboard – Security score display with quick overview of your site’s security status
Security Headers Scan – HTTP header validation and security recommendations
REST API Scan – Comprehensive API endpoint security verification (18 checks)
Login Security – Multi-layer login protection including brute force protection, IP restrictions, reCAPTCHA, Email OTP authentication (with default email templates), and threat intelligence integration
API Protection – REST API rate limiting and user enumeration prevention
Highlights
Lightweight design – Minimal impact on site performance
Multi-language support – English and Japanese
Plugin conflict detection – Automatic detection and warnings
System Requirements
WordPress 6.0 or higher
PHP 7.4 or higher
MySQL 5.7+ / MariaDB 10.2+
External Services
This plugin connects to external services for certain features. Below is a description of each service, what data is sent, and when.
Google reCAPTCHA (Optional)
When you enable reCAPTCHA protection for the login page, this plugin loads Google reCAPTCHA scripts and sends verification requests.
Service Provider: Google LLC
What it is used for: Protecting the login page from automated bots and brute force attacks
Data sent: User IP address, browser information, and interaction data for bot detection
When data is sent: When the login page is loaded and when a login form is submitted
Terms of Service: https://policies.google.com/terms
Privacy Policy: https://policies.google.com/privacy
Threat Intelligence Services (Optional)
When threat intelligence features are enabled in Login Security settings, the plugin queries external threat databases to check visitor IP addresses for malicious activity. This helps protect your login page from known attackers.
Spamhaus
* What it is used for: Checking if an IP is listed in spam/threat databases
* Data sent: Visitor IP address
* When data is sent: When a visitor accesses the site and threat intelligence is enabled
* Website: https://www.spamhaus.org
* Terms: https://www.spamhaus.org/legal/
AbuseIPDB
* What it is used for: Checking IP abuse reports
* Data sent: Visitor IP address
* When data is sent: When a visitor accesses the site and threat intelligence is enabled
* Terms of Service: https://www.abuseipdb.com/legal
* Privacy Policy: https://www.abuseipdb.com/privacy
Project Honey Pot
* What it is used for: Identifying harvesters, spammers, and malicious bots
* Data sent: Visitor IP address
* When data is sent: When a visitor accesses the site and threat intelligence is enabled
* Website: https://www.projecthoneypot.org
* Terms: https://www.projecthoneypot.org/terms_of_service_use.php
Cloudflare Radar
* What it is used for: Checking if an IP address is associated with malware, botnets, phishing, or spam
* Data sent: Visitor IP address
* When data is sent: When a visitor accesses the site and threat intelligence is enabled
* Terms of Service: https://www.cloudflare.com/terms/
* Privacy Policy: https://www.cloudflare.com/privacypolicy/
IP2Location / IP2Proxy
* What it is used for: Detecting proxy, VPN, and Tor connections from visitor IP addresses
* Data sent: Visitor IP address
* When data is sent: When a visitor accesses the site and threat intelligence is enabled
* Terms of Service: https://www.ip2location.com/terms
* Privacy Policy: https://www.ip2location.com/privacy-policy
