內容簡介
Wordfence Security 是最受歡迎的 WordPress 安全防護外掛,提供端點防火牆、惡意程式掃描、登入安全防護及即時流量監控等功能,由專注於 WordPress 資安的全球團隊維護,全方位保護網站免受攻擊威脅。
【主要功能】
• 網頁應用程式防火牆,即時識別並封鎖惡意流量
• 惡意程式掃描,偵測後門與惡意程式碼
• 即時防火牆規則與惡意程式特徵碼更新
• 即時 IP 封鎖清單,自動阻擋高風險來源
• 雙重驗證(2FA)強化登入安全
• 即時流量檢視,監控網站存取狀況
外掛標籤
開發者團隊
② 後台搜尋「Wordfence Security – Firewall, Malware Scan, and Login Security」→ 直接安裝(推薦)
📦 歷史版本下載
原文外掛簡介
THE MOST POPULAR WORDPRESS FIREWALL & SECURITY SCANNER
WordPress security requires a team of dedicated analysts researching the latest malware variants and WordPress exploits, turning them into firewall rules and malware signatures, and releasing those to customers in real-time.
Choose the right protection for you: Wordfence Free, Premium, Care or Response
Wordfence is widely acknowledged as the number one WordPress security research team in the World. Our plugin provides a comprehensive suite of security features, and our team’s research is what powers our plugin and provides the level of security that we are known for.
At Wordfence, WordPress security isn’t a division of our business – WordPress security is all we do. We employ a global 24-hour dedicated incident response team that provides our priority customers with a 1 hour response time for any security incident.
The sun never sets on our global security team and we run a sophisticated threat intelligence platform to aggregate, analyze and produce ground breaking security research on the newest security threats.
Wordfence Security includes an endpoint firewall, malware scanner, robust login security features, live traffic views, and more. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures, and malicious IP addresses it needs to keep your website safe.
Rounded out by 2FA and a suite of additional features, Wordfence is the most comprehensive WordPress security solution available.
🔥 WORDPRESS FIREWALL
Web Application Firewall identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.
Real-time firewall rule and malware signature [Premium] updates via the Threat Defense Feed (free version is delayed by 30 days).
Real-time IP Blocklist [Premium] blocks all requests from the most malicious IPs, protecting your site while reducing load.
Protects your site at the endpoint, enabling deep integration with WordPress. Unlike cloud alternatives, it does not break encryption, cannot be bypassed and cannot leak data.
Integrated malware scanner blocks requests that include malicious code or content.
Protection from brute force attacks by limiting login attempts.
📡 WORDPRESS SECURITY SCANNER
Malware scanner checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.
Real-time malware signature updates [Premium] via the Threat Defense Feed (free version is delayed by 30 days).
Compares with WordPress.org repository your core files, themes and plugins, checking their integrity and reporting any changes to you.
Repair WordPress core, theme, and plugin files that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.
Malware Removal Tools “Delete File” and “Delete All Deletable Files” options allow for efficient malware removal. Remember to investigate the scan results and backup files first!
Checks your site for known security vulnerabilities and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.
Checks your content safety by scanning file contents, posts and comments for dangerous URLs and suspicious content.
Checks to see if your site or IP have been blocklisted [Premium] for malicious activity, generating spam or other security issues.
🔒 LOGIN SECURITY
Two-factor authentication (2FA), one of the most secure forms of remote system authentication available via any TOTP-based authenticator app or service.
Login Page CAPTCHA stops bots from logging in.
2FA for WooCommerce and custom integrations allow for 2FA to be setup on custom account pages
XML-RPC options including disabling or adding 2FA.
Password Security: Block logins for administrators using known compromised passwords.
📋 SECURITY AUDIT LOG [Premium]
The Audit Log monitors all changes and actions in security-sensitive areas of the site.
Remote tamper-proof data storage via Wordfence Central.
Monitor events and actions ranging from user creation and editing to plugin/theme installation and updates to post and page changes.
Configurable to log all events or significant events only, which includes all authentication, site configuration, and site functionality events.
🌐 WORDFENCE CENTRAL
Wordfence Central is a powerful and efficient way to manage the security for multiple sites in one place.
Centralized management: Efficiently assess the security status of all your websites in one view. View detailed security findings without leaving Wordfence Central.
Powerful templates make configuring Wordfence a breeze.
Highly configurable alerts can be delivered via email, SMS or Slack. Improve the signal to noise ratio by leveraging severity level options and a daily digest option.
Track and alert on important security events including administrator logins, breached password usage and surges in attack activity.
Free to use for unlimited sites.
🛠️ SECURITY TOOLS
Live Traffic monitors visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.
Block attackers by IP or build advanced rules based on IP Range, Hostname, User Agent and Referrer.
Country blocking available with Wordfence Premium.
