WordPress.org

Polska

Pobierz WordPressa
WordPress.org

Plugin Directory

Secure Setup

Secure Setup

Autor: Deep Rahman
Pobierz

Opis

Securing Setup helps protect your WordPress installation by:
1. Allowing users to set recommended file permissions for directories and subdirectories.
2. Automatically modifying the .htaccess file to:
– Protect the debug.log file from being accessed via the web.
– Restrict execution of specific file types (e.g., .png, .jpg), ensuring only selected file types are processed by the web server.
3. Disabling sensitive WordPress endpoints such as:
system.multicall from XML-RPC.
– The users endpoint in the REST API.

The plugin is user-friendly and includes an easy-to-access settings page.

You can view or contribute to the plugin’s source code on GitHub:
[GitHub Repository]https://github.com/deeprahman/sswp)

Features

  • Set directory and subdirectory permissions for enhanced security.
  • Automate .htaccess file modifications.
  • Disable potentially vulnerable endpoints.
  • Tested with the latest version of WordPress.

Notes

After activation, the plugin adds a submenu named File Permission under the Tools menu, where you can configure settings.

Instalacja

  1. Upload the securing-setup folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the 'Plugins’ menu in WordPress.
  3. Navigate to Tools > File Permission to configure settings.

Najczęściej zadawane pytania

What are recommended file permissions?

The plugin will recommend secure file permissions (e.g., 755 for directories and 644 for files) to reduce risks from unauthorized access.

Can I undo `.htaccess` modifications?

Yes, the plugin provides options to revert changes made to the .htaccess file.

Will this plugin break my media uploads or other file handling?

No, you can configure which file types are allowed for execution by the web server, ensuring normal functionality.

What endpoints are disabled by this plugin?

The plugin disables:
– The system.multicall function in XML-RPC to prevent potential attacks.
– The users endpoint in the REST API to hide user enumeration.

Recenzje

Wtyczka nie ma jeszcze żadnej recenzji.

Kontrybutorzy i deweloperzy

„Secure Setup” jest oprogramowaniem open source. Poniższe osoby miały wkład w rozwój wtyczki.

Zaangażowani

Przetłumacz wtyczkę “Secure Setup” na swój język.

Interesuje cię rozwój wtyczki?

Przeglądaj kod, sprawdź repozytorium SVN lub czytaj dziennik rozwoju przez RSS.

Rejestr zmian

1.0.2

  • Readme updated

1.0.1

  • Added OS warning.
  • Implemented REST API rate limiting.

1.0.0

  • Initial release.
  • File permissions management for directories and files.
  • .htaccess customization for secure file handling.
  • Disabled system.multicall and users REST endpoint for added protection.

Meta

Oceny

Nie przesłano jeszcze żadnych recenzji.

Dodaj recenzję

Zobacz wszystkierecenzje.

Wsparcie

Masz coś do dodania? Potrzebujesz pomocy?

Zobacz forum wsparcia