WPSECi : WordPress Security Injection

WordPress Security protection against SQLi, XSS, CST, RFi, LFi, Base64, and malicious URL requests / hacking attacks. PLUS added security layers

Author:RS Publishing (profile at wordpress.org)
WordPress version required:3.0
WordPress version tested:3.5.1
Plugin version:13394
Added to WordPress repository:12-03-2013
Last updated:13-03-2013
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
Rating, %:0
Rated by:0
Plugin URI:http://www.securiilock.com/wpsecii
Total downloads:280
plugin download
Click to start download

WPSECi (WordPress Security injection) silently protects and secures your WordPress driven site against SQLi (sql injection), XSS (cross site scripting), CST (cross site tracing), RFi (remote file inclusion), LFi (local file inclusion), Base64, and malicious URL requests / hacking attacks.

WPSECi also adds several security directives to your root .htaccess file in which added security hardening layers are implemented. See the features below !

Features

  • Removes WP version in html, xhtml, atom, rss, (where necessary)
  • Removes core, theme, and update notifications from non-admins
  • Removes WLW, RSD, and several unused _rel links in head
  • Obfuscates login error message
  • Automatically removes readme.html file
  • Automatically removes install.php file
  • Disables server signature (via .htaccess)
  • Disables directory browsing (via .htaccess)
  • Secures root .htaccess file (strong pattern matching via .htaccess)
  • Secures wp-config file (via .htaccess)
  • Secures php.ini file (via .htaccess)
  • Secures error log file (via .htaccess)
  • Limits file uploading (basic ddos protection via .htaccess)
  • Blocks empty user-agents and referrers (via .htaccess)
  • Filters request methods in helping gaurd against CST and XSS (via .htaccess)
  • Secures against RFI and LFI (remote and local file inclusion via .htaccess)
  • Secures against SQLi (sql injection via .htaccess)
  • Scans incoming traffic and blocks malicous URL requests
  • Works silently in background without having to configure
  • Suitable for newly launched WordPress driven sites
  • Works on single and multi site installations
  • Simply plug in and leave !