This security plugin is designed for Google AMP Technology.
| Author: | XOGUM.eMAIL (profile at wordpress.org) |
| WordPress version required: | 5.0 |
| WordPress version tested: | 6.0 |
| Plugin version: | 2.4 |
| Added to WordPress repository: | 18-06-2022 |
| Last updated: | 22-06-2022 |
| Rating, %: | 0 |
| Rated by: | 0 |
| Plugin URI: | https://xogum.email/wordpress-security-plugin... |
| Total downloads: | 175 |
 Click to start download |
|
RONIN47 helps to secure your WordPress website when using Google AMP Technology.
Among other things, RONIN47 checks if you are not in the admin area and whether someone is trying to access the author name via the “?author” parameter and if so, it will redirect to another webpage.
Hackers can find your username in WordPress by appending the query /?author=1 as in example.com/?author=1 which will immediately redirect to your author webpage like example.com/author/catherine
If hackers cannot find your username, they will not Brute-Force your Login page trying to guess your password and that means less load on your server.
RONIN47 also blocks WordPress JSON REST Endpoints. When you visit example.com/wp-json/wp/v2/users/1 you will see your username in plain sight. This happens because WordPress exposes certain REST APIs by default and this allows anyone to enumerate the users via JSON.
After activating this plugin, your website will return the following message (if you visit the same link again): {“code”:”rest_no_route”,”message”:”No route was found matching the URL and request method.”,”data”:{“status”:404}}
Whenever you try to log in, you will not see any errors that may indicate the wrong password or the wrong username. You will see instead the following message: “Something is wrong! Are you a legit user?”.
RONIN47 hides Core Update Notices from all users except Admin and also removes the WordPress.org logo and links on the top left corner of the Admin dashboard.
For security reasons, RONIN47 is able to show Users ID with an extra column on Users Admin dashboard (users.php).
RONIN47 prevents many XSS code injections with a soft approach and also disables FLoC web tracking on your website, when your visitors browse it using Google Chrome.
When using Google Chrome, your browser will most probably track the websites that you visit and all the data is collected through the Federated Learning of Cohorts, FLoC.
Greatly reduces comments’ spam by blocking No-Referrer Requests and this anti-spam method does not require any changes to be made to the .htaccess file, which means that it will work in both Ngynx and Apache servers.
Support
Please, use the WordPress.org forums for community support at https://wordpress.org/support/plugin/ronin47 and if you spot a bug or if you have a suggestion to improve the code functionality, you can contact us at admin@xogum.email