前言介紹
- 這款 WordPress 外掛「TotalWeb – Security, Firewall & Malware Scanner」是 2025-12-07 上架。
- 目前尚無安裝啟用數,是個很新的外掛。如有要安裝使用,建議多測試確保功能沒問題!
- 上一次更新是 2025-12-08,距離現在已有 80 天。
- 外掛最低要求 WordPress 5.0 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 7.4 以上。
- 尚未有人給過這款外掛評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
外掛標籤
malware | firewall | security | hardening | Brute Force |
內容簡介
<!DOCTYPE html>
<html lang="zh-tw">
<head>
<meta charset="UTF-8">
</head>
<body>
<h2>WordPress 外掛總結:</h2>
<p>TotalWeb 提供多層次的 WordPress 安全性解決方案,結合先進的防護機制與直觀的管理介面。從即時監控到主動威脅檢測和預防,TotalWeb 賦予網站管理員維護安全的線上存在。</p>
<h2>功能:</h2>
<ul>
<li>
<h3>登入安全性</h3>
<ul>
<li>監控和記錄所有登入嘗試,包括成功和失敗,包括 IP 地址和使用者名稱。</li>
<li>雙因素驗證 (2FA):使用 TOTP 基礎的 2FA 增強登入安全性,支援 WooCommerce。</li>
<li>IP 和使用者鎖定:在可配置的失敗登入嘗試次數後自動鎖定 IP 地址和使用者。</li>
<li>登入記錄管理:查看、篩選、批量刪除和匯出登入嘗試記錄至 CSV。</li>
</ul>
</li>
<li>
<h3>CAPTCHA 整合</h3>
<ul>
<li>多種形式 CAPTCHA 保護:對以下進行加入 CAPTCHA:</li>
<li>Login Form</li>
<li>Registration Form</li>
<li>Lost Password Form</li>
<li>Reset Password Form</li>
<li>Comment Form</li>
<li>WooCommerce Forms</li>
<li>支援的 CAPTCHA 類型:reCAPTCHA v2、reCAPTCHA v3、hCaptcha 和 Math CAPTCHA。</li>
<li>Contact Form 7 Integration:無縫嵌入 CAPTCHA 到 CF7 表單中。</li>
</ul>
</li>
<li>...
</li>
</ul>
</body>
</html>
原文外掛簡介
TotalWeb offers a multi-layered approach to WordPress security, combining advanced protection mechanisms with an intuitive administrative interface. From real-time monitoring to proactive threat detection and prevention, TotalWeb empowers website administrators to maintain a secure online presence.
Features
1. Login Security
Login Attempt Tracking: Monitors and logs all login attempts, both successful and failed, including IP addresses and usernames.
Two-Factor Authentication (2FA): Enhances login security using TOTP-based 2FA with WooCommerce support.
IP and User Lockouts: Automatically locks IP addresses and users after a configurable number of failed login attempts.
Login Log Management: View, filter, bulk delete, and export login attempt logs to CSV.
2. CAPTCHA Integration
Multi-form CAPTCHA Protection: Adds CAPTCHA to:
Login Form
Registration Form
Lost Password Form
Reset Password Form
Comment Form
WooCommerce Forms
Supported CAPTCHA Types: reCAPTCHA v2, reCAPTCHA v3, hCaptcha, and Math CAPTCHA.
Contact Form 7 Integration: Seamlessly injects CAPTCHA into CF7 forms.
3. File and Database Security
Comprehensive File Scanning: Scans core files, plugins, and themes for modifications, new files, and deletions.
Scheduled & On-Demand Scans: Run daily scheduled scans or manual scans anytime.
Customizable Monitoring: Configure file types, exclusions, and email alerts.
REST API Integration: Initiate scans and check status programmatically.
MD5 Hash Verification: Detects unauthorized file changes.
Database Backup & Restore: Perform manual or automated backups and restore previous versions.
Database Prefix Change: Enhances security by changing the WP database prefix.
SQL Injection Protection: Blocks suspicious queries and monitors DB activity.
Query Monitoring: Detects and blocks suspicious SQL patterns.
WordPress Hardening: Disable insecure WP features such as:
File Editor
Unfiltered HTML (non-admins)
XML-RPC
Force SSL
Hide WP version
Block PHP execution in uploads
Block dangerous file types
Protect sensitive files (e.g., wp-config.php, .htaccess)
REST API Controls: Manage security settings and logs via API.
4. Malware Scanner
Malicious Code Detection: Scans core, themes, plugins, and uploads for malware signatures.
Manual & Scheduled Scans: Flexible scanning options.
Issue Tracking: Detects modified, missing, unknown, and infected files.
Email Reports: Sends alerts when malware is detected.
5. Firewall
Web Application Firewall (WAF): Supports custom regex rules and ModSecurity CRS patterns.
IP Blacklist/Whitelist: Block malicious IPs or allow trusted ones.
Geo-Blocking: Restrict access by country.
Rate Limiting & DDoS Protection: Limits requests per IP.
Comment Spam IP Monitoring: Auto-blocks frequent spam IPs.
Bad Bot Protection: Blocks known scrapers and bots.
Smart 404 Blocking: Blocks IPs generating excessive 404 errors.
General Firewall Options:
Disable RSS/ATOM feeds
Block proxy comment submissions
Advanced string filtering
Enable 6G Firewall rules
Block unauthorized REST requests
Block blank user-agent or referrer POST requests
6. Redirects
Custom 301 Redirects: Manage permanent redirect rules.
Admin Interface: Add, edit, and delete redirects easily.
URL Validation: Prevents duplicates and formatting issues.
7. Security Hardening
HTTP Security Headers: Configure:
HSTS
X-Frame-Options
Content Security Policy (CSP)
Referrer-Policy
Role-Based Access Restrictions: Limit access to specific plugin features.
One-Click Setup Wizard: Apply recommended hardening automatically.
8. Audit Logging
Logs:
Logins (success/failure)
User profile changes
Role/capability changes
Plugin/theme activation/deactivation/updates
Theme switches
Daily summaries.
Email alerts for important events.
Dashboard widget with recent events.
REST API access to logs.
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「TotalWeb – Security, Firewall & Malware Scanner」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
延伸相關外掛(你可能也想知道)
Wordfence Security – Firewall, Malware Scan, and Login Security 》fective way to manage multiple WordPress sites with Wordfence installed from a single location., Monitor security status across all your sites from...。
Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall 》Limit Login Attempts Reloaded 是一款WordPress外掛,可阻止暴力破解攻擊並透過限制常規登錄、XMLRPC、Woocommerce和自訂登錄頁面的登錄嘗試次數來優化您的...。
Security Optimizer – The All-In-One Protection Plugin 》透過精心挑選且易於配置的功能,SiteGround Security 外掛提供了您所需的一切來保護您的網站並預防多種威脅,例如暴力破解攻擊、登錄錯誤、資料外洩等等。, ...。
All-In-One Security (AIOS) – Security and Firewall 》vated to your website, All-in-One Security's WAF will detect and block hacking attempts, adding an extra layer of security to your WordPress site. ...。
Sucuri Security – Auditing, Malware Scanner and Security Hardening 》Sucuri Inc. 是全球公認的網站安全權威,專門為 WordPress 安全提供專業知識。, Sucuri Security WordPress 擴充套件對所有 WordPress 使用者免費提供。它是...。
MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall 》at Is MalCare Security Services?, MalCare Security Services 是一款 WordPress 網站的安全外掛程式。★★★★★, 這款 WordPress 安全外掛程式可以確保您的網站...。
NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall 》真正的網路應用防火牆, NinjaFirewall (WP Edition)是一個真正的網路應用防火牆。雖然它可以像外掛一樣安裝和設定,但它是一個獨立的防火牆,位於 WordPress ...。
Login Lockdown & Protection 》Login LockDown 記錄每次失敗的登入嘗試的 IP 位址和時間戳記。如果在短時間內來自相同 IP 範圍的嘗試次數超過一定數量,那麼該 IP 位址的所有登入請求都會被...。
WP Ghost (Hide My WP Ghost) – Security & Firewall 》Hide My WP Ghost 是一個 WordPress 安全外掛,透過強大且易於使用的功能,提供最佳的安全解決方案。它可以在不改變任何目錄或檔案的情況下,將網站的安全性...。
Anti-Malware Security and Brute-Force Firewall 》特點:, , 下載定義更新以保護免受新威脅。, 運行完整掃描以自動刪除已知的安全威脅、後門腳本和資料庫注入等問題。, 阻止防火牆 SoakSoak 和其他惡意軟體利...。
BBQ Firewall – Fast & Powerful Firewall Security 》, 安裝、啟用、完成!, WP 最快的防火牆外掛程式提供強大的保護。, , BBQ Firewall 是一個輕量級、超快速的外掛程式,可以保護您的網站免受各種威脅。BBQ 會...。
Defender Security – Malware Scanner, Login Security & Firewall 》our WordPress website with Defender. This plugin offers comprehensive security features that protect against various vulnerabilities and hacks, inc...。
Shield: Blocks Bots, Protects Users, and Prevents Security Breaches 》你一定會喜歡的功能, , 獨家AntiBot Detection Engine - 強大的替代 Google reCAPTCHA 和 CloudFlare Turnstile。, 自動防止機器人和 IP - 基於評分的安全智...。
Login Security, FireWall, Malware removal by CleanTalk 》安全功能, , 安全防火牆可按 IP、網路或國家篩選網站訪問, 網路應用程式安全防火牆, 安全惡意程式掃描器,具有防病毒功能, 每日自動惡意程式掃描, 停止密碼暴...。
Patchstack – WordPress & Plugins Security 》Patchstack 是一個強大的工具,可幫助您識別所有網站的外掛、佈景主題和核心中的安全漏洞。, Patchstack 是由 WordPress 生態系統中最活躍的道德黑客社區所驅...。