這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

N0WPScan

外掛說明

We love security testing, we do it! We love WPSCAN, we use it! However we don’t love people abusing WPSCAN and other automated methods to try and gain access to WordPress sites through known and often easy vulnerabilities. N0WPScan is not a silver bullet, but it will stop unskilled attackers, bots and automated attacks which account for over 90% of all WordPress breaches. The other 10% can be offset with a good firewall, IDS and NSM services. Server load will also be lower and sites faster as this tool will prevent a lot of WordPress related automated testing.

[!] You can prevent most of the common attacks simply by keeping plugins, themes and the core WordPress framework updated

Benefits
* Disables access to admin for everyone except admins and editors
* Disables the use of WPScan, a tool commonly used by hackers to attack WordPress, also blocks other automated WP scanners
* Blocks hackers from scanning your website for admin users, vulnerable themes, vulnerable plugins and exposed files
* Reduces the load on your server
* Prevents access to sensitive files

安裝方式

This section describes how to install the plugin and get it working.

  1. Upload N0WPScan.php to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress

常見問題集

What is WPSCAN?

WPScan is a WordPress vulnerability scanner.

What is a vulnerability?

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.

使用者評論

2021 年 3 月 22 日
Awsome plugin , to bad its not updated. working but gives PHP errors.
閱讀全部 2 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈N0WPScan〉的開發相關工作。

參與者

將〈N0WPScan〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

5.6

  • Release date: January 15, 2020
  • Fix bug minor
  • Added more htaccess security headers
  • Added more bots, scanners and payloads to block

5.3

  • Fix bug minor

5.2

  • Fix bug minor

5.1

  • Fix bug minor

5.0

  • Fix bug minor

4.0

  • Added more htaccess security headers
  • Added more bots, scanners and payloads to block

3.0

  • Fix minor bug

2.0

  • Fully tested and stable release

1.0

  • First release