
內容簡介
Visitor Sentinel 是一款針對 WordPress 的安全與流量分析外掛,結合即時攻擊偵測與主動欺騙層,能有效識別並引誘攻擊者暴露自己,提升網站安全性。
【主要功能】
• 即時流量分析與攻擊偵測
• 自動封鎖可疑 IP 地址
• 主動欺騙技術(蜜罐與蜜標)
• 完整控制面板與即時儀表板
• 可選的電子郵件警報功能
• 支援 CSV 匯出被封鎖 IP 列表
外掛標籤
開發者團隊
原文外掛簡介
Visitor Sentinel is a security and traffic analysis plugin for WordPress. It combines real-time attack detection with an active deception layer, so an attacker is not just noticed — they are lured into giving themselves away.
Detection
Records site visits (IP, page visited, user-agent, device/browser, account type).
Analyzes every request in real time using multiple heuristics: unusual request rate, user-agent associated with scanning/attack tools, requests to sensitive resources (wp-config.php, .env, .git, etc.), repeated failed logins, credential-stuffing patterns, XML-RPC abuse, invisible honeypot fields on login/comment forms, submission-timing checks, and scanning of non-existent pages (404).
Calculates a risk score per IP address and permanently blocks it once the score exceeds the configured threshold — sheer browsing volume alone never triggers a block, only genuine attack/bot/spam signals do.
Blocks are permanent by design and apply everywhere on the site (the full-page cache, if any, is purged automatically on every block). Lifting one requires a signed declaration, kept permanently in History.
Deception layer (honeypots & honeytokens)
A decoy backup file (honeyfile) at a random, unlinked URL — any access to it is conclusive proof of directory scanning.
A decoy admin username that was never a real account — any login attempt against it is an instant, certain block.
A decoy REST endpoint that hands out a fake API key — using that key anywhere is what triggers the block, not merely finding it.
A hidden spam-trap email address planted only where scrapers read markup — if it ever comes back in a submitted form, that visitor harvested this exact site.
Every one of these bypasses the normal scoring threshold entirely: interacting with any of them is treated as certain malicious intent, not a “maybe.”
Management & visibility
Optional email alerts whenever an IP is blocked or escalated, and one-click CSV export of the blocked IPs list.
A complete control panel: a live dashboard, an auto-refreshing visitor log, a list of blocked IPs with details about the block reason, and options to unblock, extend, or change the block type (temporary/permanent).
Displays, to logged-in users and optionally guests, a discreet badge showing how many people are on the site right now, updating live in the browser without a page reload.
Fully responsive admin panel, usable on desktop, tablet, and phone.
All text is translation-ready. The plugin loads no external resources (CDN) and does not enable any third-party tracking. The only optional external call is described in the FAQ below, and it is off by default.
External services
This plugin connects to one third-party service, and only for a single, optional, off-by-default feature:
IP-to-country lookup (ip-api.com) — used only if you explicitly enable “Show country flags next to IPs” in Settings. When enabled, and only then, each new IP address seen by the plugin is sent to ip-api.com so it can look up which country it belongs to. Nothing else about the visitor (no page content, no personal data, no credentials) is sent. Results are cached locally for 30 days so the same IP is never looked up twice. If you never enable this setting, the plugin makes no external requests at all.
Service provided by ip-api.com: Terms of Service and Privacy Policy.
