The anti-wpscan plugin prevents the security tool wp-scan from scanning your WordPress blog and enhances other aspects of security.
| Author: | BlackFault (profile at wordpress.org) |
| WordPress version required: | 3.8 |
| WordPress version tested: | 3.9 |
| Plugin version: | 1.1 |
| Added to WordPress repository: | 14-04-2014 |
| Last updated: | 17-04-2014
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|
| Rating, %: | 20 |
| Rated by: | 1 |
| Plugin URI: | http://www.blackfault.com/projects/anti-wpsca... |
| Total downloads: | 1 135 |
| Active installs: | 70+ |
 Click to start download |
|
1.1 is a beta.
Tools such as wp-scan allow security professionals and malicous “hackers” to scan your blog for security holes. It detects the version of WordPress, and version of all your plugins and cross-checks with a vulnerability database to see if there are any security threats with those versions. The users of wp-scan can then exploit any vulnerabilities found to gain unauthorized access to your WordPress blog.
Anti-wpscan prevents this tool from obtaining these version numbers, greatly increasing security and prevent wp-scan bots from getting your version numbers.
Note. All un-even minor version numbers are considered beta. 1.1 is a beta. 1.2 would be production ready.
Features:
- Block WordPress version detection.
- Block passive WordPress version detection (not just the version in your meta tags).
- Block plugin version detection.
- Block all plugin change_log files.
- Block directory browsing for improperly setup web hosting.
- Block access to css files from clients without a referring url.
- Block access to important files in wp-include.
- Strip all comments from final putput. Prevents plugins from putting comments in your blog with version information.
Requirements:
- Must be using an updated version of WordPress.
- Must be using custom permalinks (this generates a .htaccess file which anti-wspcan uses).
Check out my security blog at Blackfault.com for more information.