Title: ShadowScan Security Link Author: shadowscan Published: 2026 年 2 月 23 日 Last modified: 2026 年 4 月 1 日 --- 搜尋外掛 ![](https://ps.w.org/shadowscan-security-link/assets/banner-772x250.png?rev=3467414) ![](https://ps.w.org/shadowscan-security-link/assets/icon-256x256.png?rev=3467414) # ShadowScan Security Link 由 [shadowscan](https://profiles.wordpress.org/shadowscan/) 開發 [下載](https://downloads.wordpress.org/plugin/shadowscan-security-link.1.1.1.zip) * [詳細資料](https://tw.wordpress.org/plugins/shadowscan-security-link/#description) * [使用者評論](https://tw.wordpress.org/plugins/shadowscan-security-link/#reviews) * [安裝方式](https://tw.wordpress.org/plugins/shadowscan-security-link/#installation) * [開發資訊](https://tw.wordpress.org/plugins/shadowscan-security-link/#developers) [技術支援](https://wordpress.org/support/plugin/shadowscan-security-link/) ## 外掛說明 ShadowScan Security Link pairs your site to the ShadowScan portal and keeps it in sync with heartbeat status, Guard Layer signals, login abuse detection, and security commands. ShadowScan does not install, activate, or configure third-party security tools. If another security plugin is present, the connector only records its presence as metadata. ### External services This plugin connects to external services to sync status, process security workflows, and support optional diagnostics. * Service: ShadowScan API (hosted at Supabase Edge Functions) * URL: https://foemwjtosslaiynduiyt.supabase.co/functions/v1/ * Used for: site pairing, heartbeat sync, command polling, command-result upload, subscription/policy sync, and support contact submissions. * Data sent and when: site URL, WordPress version, PHP version, connector version, Guard Layer/control status, heartbeat timestamps, and command execution metadata whenever the connector syncs with ShadowScan; contact form fields only when an admin submits support contact. * Terms: https://shadowscan.com.au/terms * Privacy: https://shadowscan.com.au/privacy * Service: Have I Been Pwned Passwords API * URL: https://api.pwnedpasswords.com * Used for: optional breached-password checks in password policy enforcement. * Data sent and when: k-anonymity password hash prefix (first 5 SHA-1 characters, no raw passwords) only when a password is checked by the policy flow. * Terms: https://haveibeenpwned.com/TermsOfUse * Privacy: https://haveibeenpwned.com/Privacy * Service: Sentry * URL: https://sentry.io * Used for: optional error and fatal-event telemetry to assist troubleshooting. * Data sent and when: error event metadata (such as exception messages, stack traces, and runtime context) only after an admin explicitly enables Sentry telemetry in plugin settings and a Sentry DSN is configured; the optional MU diagnostics helper can send early-startup fatal errors only while both Sentry telemetry and remote diagnostics are enabled. * Terms: https://sentry.io/terms/ * Privacy: https://sentry.io/privacy/ ### Third-Party Libraries This plugin bundles: * pragmarx/google2fa (MIT License) * bacon/bacon-qr-code ( BSD-2-Clause; Copyright (c) 2017-present, Ben Scholzen “DASPRiD”) ### Hooks shadowscan_log Fires when the plugin emits an internal log message. You can hook this in a must‑use plugin or theme if you want to capture logs. ## 螢幕擷圖 * [[ * ShadowScan setup dashboard in WordPress admin. ## 安裝方式 1. Upload the plugin ZIP in WordPress: Plugins Add New Upload Plugin. 2. Activate “ShadowScan Security Link”. 3. Open ShadowScan in WP Admin and follow the setup steps. ## 常見問題集 ### Does this plugin require a ShadowScan account? Yes. You need a ShadowScan account to generate a pairing code and connect the site. ### Does deactivating the plugin disconnect the site from ShadowScan? By default, no. Deactivation pauses scheduled connector activity, but disconnect is only performed from explicit disconnect/uninstall actions. ### What data is sent to ShadowScan? The connector sends basic environment details (site URL, WordPress/PHP versions, plugin version) and heartbeat status so we can monitor connection health. ### Does it send administrator credentials? No. Credentials are never sent by the plugin. ### Does remote diagnostics install anything on the site? Only after an admin explicitly enables Sentry telemetry and remote diagnostics, ShadowScan can install a temporary must-use helper from the portal to capture early startup errors for troubleshooting. It can be removed from the portal or automatically when telemetry/remote diagnostics are disabled. ## 使用者評論 這個外掛目前沒有任何使用者評論。 ## 參與者及開發者 以下人員參與了開源軟體〈ShadowScan Security Link〉的開發相關工作。 參與者 * [ shadowscan ](https://profiles.wordpress.org/shadowscan/) [將〈ShadowScan Security Link〉外掛本地化為台灣繁體中文版](https://translate.wordpress.org/projects/wp-plugins/shadowscan-security-link) ### 對開發相關資訊感興趣? 任何人均可[瀏覽程式碼](https://plugins.trac.wordpress.org/browser/shadowscan-security-link/)、 查看 [SVN 存放庫](https://plugins.svn.wordpress.org/shadowscan-security-link/), 或透過 [RSS](https://plugins.trac.wordpress.org/log/shadowscan-security-link/?limit=100&mode=stop_on_copy&format=rss) 訂閱[開發記錄](https://plugins.trac.wordpress.org/log/shadowscan-security-link/)。 ## 變更記錄 #### 1.1.1 * Improves onboarding copy to more accurately reflect available plan options during setup. * Improves in-plugin messaging so status and connection labels match your active plan type. * Improves trial and quick-action wording to better reflect self-serve options across all plans. #### 1.1.0 * Improves subscription visibility so trial, billing, and active protection states are easier to understand in WordPress admin. * Improves setup guidance and status messaging so getting started with ShadowScan feels clearer and more reassuring. #### 1.0.12 * Improves portal connection reliability and policy syncing consistency. * Improves command delivery and signature compatibility so queued actions complete more reliably. * Improves connector diagnostics and status reporting, including admin geo and plugin auto-update signals. * Improves evidence export handling and clears stale connector errors after successful syncs. #### 1.0.11 * Improves plugin package reliability for smoother updates. * Improves quality checks so releases are more consistent. * Improves release process stability to reduce update issues. #### 1.0.10 * Improves privacy controls for diagnostics and telemetry settings. * Improves account protection flows during profile and sign-in updates. * Improves compatibility by updating bundled dependencies. #### 1.0.9 * Improves connection recovery behavior when the portal temporarily rejects requests. * Improves admin status reporting so connection state is easier to understand. #### 1.0.8 * Strip non-production vendor scripts/tests from release ZIP for WordPress.org compliance. * Keep release guard clean after POT generation. * Document external password breach check service. #### 1.0.7 * Improve release workflow stability and dependency locking. * Add MU helper diagnostics commands and admin visibility. * Harden logging and input sanitization for compliance. #### 1.0.6 * Improve release pipeline and runtime resilience. * Strengthen API reliability, event delivery, and enforcement handling. * Tighten sanitization and filesystem safety checks. #### 1.0.5 * Same changes as 1.0.6 (superseded by tag v1.0.6). #### 1.0.4 * Adds Admin Access Guard with location-based protection for wp-login/wp-admin, including observe/enforce modes and emergency bypass. * Improves plugin safety and recovery behavior (fail-open access, clearer status visibility, safer handling during billing pauses). * Refines plugin UI and diagnostics to make protection coverage, controls, and troubleshooting easier to understand and use. #### 1.0.3 * Adds PHP 7.4 compatibility for MFA using Google2FA and Bacon QR. * Improves admin UI clarity and offboarding/diagnostics handling. #### 1.0.2 * Adds emergency containment, targeted integrity scans, and server controls. * Adds operational controls for htaccess, enumeration protections, and security headers. * Refines third-party security plugin detection and updates tooling/docs. ## 中繼資料 * 版本 **1.1.1** * 最後更新 **4 天前** * 啟用安裝數 **少於 10 次** * WordPress 版本需求 ** 6.0 或更新版本 ** * 已測試相容的 WordPress 版本 **6.9.4** * PHP 版本需求 ** 7.4 或更新版本 ** * 語言 * [English (US)](https://wordpress.org/plugins/shadowscan-security-link/) * 標籤 * [monitoring](https://tw.wordpress.org/plugins/tags/monitoring/)[security](https://tw.wordpress.org/plugins/tags/security/) * [進階檢視](https://tw.wordpress.org/plugins/shadowscan-security-link/advanced/) ## 評分 這個項目尚無任何評論記錄。 [新增使用者評論](https://wordpress.org/support/plugin/shadowscan-security-link/reviews/#new-post) [查看全部使用者評論](https://wordpress.org/support/plugin/shadowscan-security-link/reviews/) ## 參與者 * [ shadowscan ](https://profiles.wordpress.org/shadowscan/) ## 技術支援 使用者可在技術支援論壇提出意見反應或使用問題。 [檢視技術支援論壇](https://wordpress.org/support/plugin/shadowscan-security-link/)