Secure WordPress

1. 

   The File Scan Report

2. 

   The Settings page, displaying all configurable options

3. 

   The Live Traffic page

4. 

   The new Dashboard page

Installation Instructions

• Make a backup of your current installation
• Unpack the downloaded package
• Upload the extracted files to the /wp-content/plugins/ directory
• Activate the plugin through the ‘Plugins’ menu in WordPress

If you encounter any bugs, or have comments or suggestions, please post them on the
Acunetix Secure WordPress plug-in forum.

For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.

Can I deactivate Acunetix Secure WordPress once I’ve run it once?

No. Acunetix Secure WordPress needs to be left activated to work. Version hiding,
turning off DB errors, removing WP ID META tag from HTML output, and other
functionality will cease if you deactivate the plugin.

How do I change the file permissions on my WordPress installation?

From the Linux command line (for advanced users):
chmod xxx filename.ext
(replace xxx with with the permissions settings for the file or folder).

From your FTP client:
Most FTP clients, such as FileZilla, etc, allow for changing file
permissions. Please consult your client’s documentation for your specific
directions.

For more information, please visit https://codex.wordpress.org/Changing_File_Permissions

Why do I need to hide my version of WordPress?

Many attackers and automated tools will try and determine software versions
before launching exploit code. Removing your WordPress blog version may
discourage some attackers and certainly will mitigate virus and malware programs
that rely on software versions.

For more information on the Acunetix Secure WordPress plug-in and other WordPress security news, visit the
Acunetix Blog and join
our Facebook page. Post any questions or feedback
on the Acunetix Secure WordPress plug-in forum.

3.0.4

• Fixed XSS issue

3.0.3

• Added CSRF prevention mechanism

3.0.2

• Add support for WordPress 4.0

3.0.1

• Added the missing files

3.0.0

• Complete core update
• Added live traffic functionality
• Added check for the wp-config.php file one level above if not found in the install directory
• Fixed broken functionalities
• Security settings are now configurable
• Removed all languages

v2.0.8

• Removed the registration requirement

v2.0.7

• Update: Updated the deprecated function call get_bloginfo(‘siteurl’) to get_bloginfo(‘url’)
• Update: Updated validation for plug-in form fields (email address, user name, target id, etc.)

v2.0.6

• New setting: Option to open / close WebsiteDefender dashboard widget
• Update: Internal code updates

v2.0.5

• BugFix: The bug reported about ALTER rights retrieval has been addressed
• Update: Code cleanup
• Update: Minor internal updates

v2.0.4

• Feature: The Acunetix RSS widget added to the admin dashboard
• Update: The plug-in has been made compatible with WP Security Scan and WebsiteDefender WordPress Security
• Feature: Turkish language files added.

v2.0.3 (07/21/2011)

• Bugfix: The import of external resources has been fixed.

v2.0.2 (07/20/2011)

• Bugfix: Updated the links to websitedefender.com

v2.0.1 (07/20/2011)

• Update: Major code cleanup
• Update: Updated the class that handles the authentication/registration with WebsiteDefender.com in order to avoid code collision when both plug-ins are active.
• New: Dependent files (.css/.js/.php) have been added

v2.0.0 (03/22/2011)

• Feature: Release new stable version
• Feature: Support for WordPress 3.1
• Feature: Change owner of the plugin to WebsiteDefender
• Feature: Re-branding of the plugin
• Feature: Integrated WebsiteDefender registration in Settings

v1.0.6 (11/15/2010)

• Bugfix: change from public to var for variables to use the plugin on PHP5.2 and smaller

v1.0.5 (11/10/2010)

• Feature: Remove WordPress version on urls form scripts and stylesheets
• Maintenance: rescan and update german language file
• Remove: exclude to add string fpr wp-scanner-service; Wish of the community users

v1.0.4 (10/09/2010

• Bugfix: update options

v1.0.3 (10/06/2010)

• Bugfix: include JS for remove version in backend for Non-Admins
• Bugfix: change for php-warning at update options
• Maintenance: update italian language files
• Maintenance: update german language files
• Maintenance: update pot file

v1.0.2 (09/10/2010)

• add persian language file
• change the backend; remove WP Scanner function
• change the include of javascript for metaboxes

v1.0.1 (08/06/2010)

• add more hooks to remove WordPress Version; was change with WP3.0

v1.0 (07/09/2010)

• release stable version
• small changes on the source
• change owner of the plugin

v0.8.6 (06/18/2010)

• fix a problem with https://; see Ticket #13941

v0.8.5 (05/16/2010)

• small code changes for WP coding standards
• add free malware and vulnerabilities scan for test this; the scan has most interested informations and scan all of the server

v0.8.4 (05/05/2010)

• add method for use the plugin also on ssl-installs
• change uninstall method

v0.8.3 (04/14/2010)

• bugfix fox secure block bad queries on string for case-insensitive

v0.8.2 (03/21/2010)

• fix syntax error on ask for rights to block bad queries
• add french language files

v0.8.1 (03/08/2010)

• remove versions-information on backend with javascript
• small changes

v0.8 (03/04/2010)

• Protect WordPress against malicious URL requests, use the idea and script from Jeff Star, see post

v0.7 (03/01/2010)

• add updates for WP 3.0

v0.6 (01/11/2010)

• fix for core update under WP 2.9
• fix language file de_DE

v0.5 (12/22/2009)

• small fix for use WP and the plugin with SSL https

v0.4 (12/02/2009)

• add new feature: hide version for smaller right as admin

v0.3.9 (09/07/2009)

• change index.html in index.php for better works

v0.3.8 (06/22/2009)

• add function to remove theme-update information for non-admins
• rescan language file; edit de_DE