Paranoid911

外掛說明

Paranoid911 checks your wordpress installation for changes and sends you an
email when changes occur.

I decided to write this plugin when somebody hacked my blog’s ftp and uploaded
a doorway script. I found out about this only after few weeks, with
an accidental google query.

One my friends have had another problem with his wordpress installation –
somebody hacked it and added a hidden iframe tag. He found this few days
later when his readers told him that their anti-virus software did not
let them visit his blog.

This plugin will not save you from hackers. It will, however, notify you of
possible attacks allowing you to fix things before your visitors find hidden
iframes or your blog loses its rank in google.

After activation of this plugin you will receive a few emails with notices.
Don’t worry – this is a result of the first scan of your wordpress installation.

This plugin checks wordpress directory (with all subdirectories) on the server’s
filesystem and a few wordpress database tables (wp_users, wp_usermeta, wp_posts,
wp_links, wp_options). There are some smart exceptions to what it will check –
to prevent it from sending you too many false warnings.

If you still get too many false messages (for example, you have a plugin
installed or extra-fields in some tables that change often), you can try to
edit scan rules yourself (I will add UI editor in upcoming versions).

Rules are defined in paranoid911.php ($paranoid911_default_stages). You can try
to edit exceptions and excluded fields: exceptions is an array of WHERE clauses
and excluded fields is an array of column names to skip during the scan (e.g.,
comment_count in the table wp_posts).

If you will recieve false messages generated by some popular plugins – please,
don’t forget to inform me.

Paranoid911 is available in:

• English
• Russian