SecuPlug is the security tools for WordPress.
| Author: | codeplusdev (profile at wordpress.org) |
| WordPress version required: | 4.9 |
| WordPress version tested: | 6.4.2 |
| Plugin version: | 1.4.0 |
| Added to WordPress repository: | 11-03-2019 |
| Last updated: | 19-01-2024 |
| Rating, %: | 100 |
| Rated by: | 1 |
| Plugin URI: | https://codeplus.dev/securefusion |
| Total downloads: | 1 725 |
| Active installs: | 10+ |
 Click to start download |
|
SecureFusion acts as a robust shield against all known attack types, including login attempts and DDoS attacks via XML-RPC.
It not only enhances security but also significantly improves your site’s performance.
By preventing the collection of sensitive information from your site, it neutralizes many attack vectors.
This is a flawless solution for ensuring user safety and maintaining the speed of your site.
Features :
XMLRPC
SecureFusion aids in managing your critical XML-RPC services, often a prime target for WordPress hack attempts and spam comments.
The plugin allows you to selectively disable specific XML-RPC services, defending your site from XML-RPC attacks like spam comments without entirely disabling all XML-RPC services.
However, be aware that blocking all XML-RPC requests may impact the interaction of certain applications and services with WordPress.
-
XML-RPC FULL PROTECTION (Disable all XML-RPC)
This feature blocks all remote requests, offering an effective countermeasure against various remote attacks.
Remember, this might impact certain functionalities that rely on XML-RPC. -
XML-RPC LOGIN PROTECTION
This feature denies remote login requests, providing an extra line of defense against brute force login attempts. -
XML-RPC PINGBACK PROTECTION
This feature blocks remote pingback requests, assisting in the prevention of DDoS attacks. -
SELF PINGBACK PROTECTION
This feature prevents remote self pingback requests, further strengthening your defenses against DDoS attacks.
SSL
SecureFusion facilitates SSL integration into your site, provided you have an SSL certificate purchased from any SSL dealer or acquired through a free SSL service like Cloudflare.
The plugin forces the redirection of selected zone URLs on your site to HTTPS/SSL.
Note that SSL certificates must always be valid and correctly configured; otherwise, users may face issues accessing the site.
-
Enable HTTPS / SSL
Automatically encrypts sensitive data via SSL. -
Force HTTPS Login
Redirects login page protocol from HTTP to HTTPS. -
Force HTTPS Admin
Redirects admin page protocol from HTTP to HTTPS. -
Force HTTPS Front Page
Redirects front page protocol from HTTP to HTTPS.
Login
-
Login Attempt Limit
Set the maximum number of login attempts and the waiting time after reaching this limit to prevent brute force attacks on your login page. -
Change Login Error
SecureFusion allows you to modify default login errors, making it harder for potential attackers to gather information. -
Change Admin ID
This feature lets you change your admin ID, making it more difficult to guess user credentials rather than providing protection from SQL vulnerabilities as such. -
New Custom Login URL
This feature lets you change your login page URL name.
Be aware that any changes to a URL, especially when using SSL/HTTPS, require the SSL certificate to be correctly configured to avoid potential issues.
Firewall
-
Filter Bad Requests
The plugin helps secure your site against various attacks such as XSS, CSRF, and Code Injections. -
Disable Rest API
SecureFusion safeguards sensitive information from potential attackers by hiding it.
However, keep in mind that disabling the REST API can restrict the functionality of your WordPress site since some plugins and themes depend on it.
For complete information, please visit our website the SecureFusion website.
Screenshots
FAQ
ChangeLog