內容簡介
WP-Sentinel 是 WordPress 平台的外掛,它可以提高您的部落格對抗來自駭客、 lamers、黑帽駭客等攻擊的安全性。
這個外掛將在其他安裝的外掛之前被 WordPress 載入,並在每個 HTTP 請求到達時執行一些安全性檢查。當其中一個或多個請求觸發系統警報時,它們將被封鎖,Sentinel 將向用戶顯示警告消息並向部落格管理員發送包含整個攻擊詳細信息的通知電子郵件。
此外,wp-sentinel 將與一個集中式服務器通信,收集攻擊者的資料並建立 IP 地址黑名單。
這個外掛可以封鎖以下類型的攻擊:
跨站腳本
HTML 注入
遠程文件包含
遠程命令執行
本地文件包含
SQL 注入
整數和字符串溢出
跨站請求偽造
登錄暴力破解
洪水攻擊
…等等 🙂
WP-Sentinel 不會檢查以管理員身分登入的用戶的請求,因此如果您想檢查安裝情況,您需要首先登出。
外掛標籤
開發者團隊
📦 歷史版本下載
原文外掛簡介
WP-Sentinel, is a plugin for the WordPress platform which will increase the security of your blog against attacks
from crackers, lamers, black hats, h4x0rs, etc .
The plugin will be loaded by wordpress before every other installed plugin and will execute some security checks upon incoming http requests and, when one of more
requests turn on the system alarm, they will be blocked, the sentinel then will show a warning message to the user and send a notification email to the blog
administrator with the whole attack details.
Furthermore wp-sentinel will communicate with a centralized server to collect attackers data and build a ip address blacklist.
This plugin is able to block those kind of attacks :
Cross Site Scriptings
HTML Injections
Remote File Inclusions
Remote Command Executions
Local File Inclusions
SQL Injections
Integer & string overflows
Cross Site Request Forgery
Login bruteforcing
Flooding
… and so on 🙂
WP-Sentinel will NOT check requests from the user logged in as administrator, so if you want to check the installation you have to log out first.
