WordPress.org

Taiwan 正體中文

取得 WordPress
WordPress.org

Plugin Directory

Nyambush

Nyambush

y1uda 開發
下載

外掛說明

Nyambush is an Attack Surface Management (ASM) plugin that connects your WordPress site to the Nyambush platform for continuous security monitoring.

Features:

  • Automatic Environment Scanning – Collects WordPress version, PHP version, installed plugins, themes, and security configuration
  • Vulnerability Detection – Cross-references your plugins and themes against known vulnerability databases
  • Dashboard Widget – View your security status at a glance from the WordPress admin dashboard
  • Scheduled Sync – Automatically syncs your site data at configurable intervals
  • Encrypted API Key Storage – Your API key is encrypted at rest using AES-256-GCM
  • Data Minimization – Only collects configuration data; never collects passwords, database credentials, or post content

How It Works:

  1. Sign up at nyambush.app and add your domain
  2. Generate a WordPress verification API key
  3. Install this plugin and enter your API key
  4. Your site will be automatically monitored for vulnerabilities

Privacy:

This plugin sends the following data to nyambush.app:

  • WordPress and PHP versions
  • List of installed plugins and themes (names, versions, active status)
  • Number of users by role
  • Debug mode and SSL status
  • File permissions for critical files (wp-config.php, .htaccess)

No passwords, database credentials, post content, or personal user data is collected or transmitted.

安裝方式

  1. Upload the nyambush folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Go to Settings Nyambush
  4. Enter your API key from nyambush.app
  5. Click “Save Settings” to connect

常見問題集

Where do I get an API key?

Sign up at nyambush.app, add your domain, and select “WordPress Plugin” as the verification method. You will receive an API key.

What data does this plugin collect?

The plugin collects non-sensitive configuration data: WordPress/PHP versions, installed plugins and themes (names and versions), user role counts, debug mode status, SSL status, and file permissions for critical files. No passwords, database credentials, or post content is ever collected.

Does this plugin slow down my site?

No. Data collection only occurs during scheduled sync events (twice daily by default) or when you manually trigger a sync from the admin panel. It does not affect frontend performance.

Is my API key stored securely?

Yes. Your API key is encrypted using AES-256-GCM (authenticated encryption) before being stored in the database. The encryption key is derived from your WordPress auth salt.

What WordPress versions are supported?

This plugin supports WordPress 4.0 and above.

使用者評論

這個外掛目前沒有任何使用者評論。

參與者及開發者

以下人員參與了開源軟體〈Nyambush〉的開發相關工作。

參與者

將〈Nyambush〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

1.0.2

  • Bump minimum PHP version from 5.6 to 7.0

1.0.0

  • Initial release
  • WordPress environment data collection
  • Nyambush platform integration
  • Dashboard vulnerability widget
  • Scheduled and manual sync
  • AES-256-GCM API key encryption
  • Japanese language support

中繼資料

評分

這個項目尚無任何評論記錄。

Your review

查看全部使用者評論

參與者

技術支援

使用者可在技術支援論壇提出意見反應或使用問題。

檢視技術支援論壇

贊助

想要支援這個外掛的發展嗎?

贊助這個外掛