WordPress.org

Español de República Dominicana

Get WordPress
WordPress.org

Plugin Directory

Secure Setup

Secure Setup

Por Deep Rahman
Descargar

Descripción

Securing Setup helps protect your WordPress installation by:
1. Allowing users to set recommended file permissions for directories and subdirectories.
2. Automatically modifying the .htaccess file to:
– Protect the debug.log file from being accessed via the web.
– Restrict execution of specific file types (e.g., .png, .jpg), ensuring only selected file types are processed by the web server.
3. Disabling sensitive WordPress endpoints such as:
system.multicall from XML-RPC.
– The users endpoint in the REST API.

The plugin is user-friendly and includes an easy-to-access settings page.

You can view or contribute to the plugin’s source code on GitHub:
[GitHub Repository]https://github.com/deeprahman/sswp)

Features

  • Set directory and subdirectory permissions for enhanced security.
  • Automate .htaccess file modifications.
  • Disable potentially vulnerable endpoints.
  • Tested with the latest version of WordPress.

Notes

After activation, the plugin adds a submenu named File Permission under the Tools menu, where you can configure settings.

Instalación

  1. Upload the securing-setup folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the 'Plugins' menu in WordPress.
  3. Navigate to Tools > File Permission to configure settings.

FAQ

What are recommended file permissions?

The plugin will recommend secure file permissions (e.g., 755 for directories and 644 for files) to reduce risks from unauthorized access.

Can I undo `.htaccess` modifications?

Yes, the plugin provides options to revert changes made to the .htaccess file.

Will this plugin break my media uploads or other file handling?

No, you can configure which file types are allowed for execution by the web server, ensuring normal functionality.

What endpoints are disabled by this plugin?

The plugin disables:
– The system.multicall function in XML-RPC to prevent potential attacks.
– The users endpoint in the REST API to hide user enumeration.

Reseñas

No hay reseñas para este plugin.

Colaboradores y desarrolladores

"Secure Setup" es un software de código abierto. Las siguientes personas han colaborado con este plugin.

Colaboradores

Traduce "Secure Setup" a tu idioma.

¿Interesado en el desarrollo?

Revisa el código , echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.

Registro de cambios

1.0.2

  • Readme updated

1.0.1

  • Added OS warning.
  • Implemented REST API rate limiting.

1.0.0

  • Initial release.
  • File permissions management for directories and files.
  • .htaccess customization for secure file handling.
  • Disabled system.multicall and users REST endpoint for added protection.

Meta

Valoraciones

No reviews have been submitted yet.

Añadir mi reseña

See all reviews

Soporte

¿Tienes algo que decir? ¿Necesitas ayuda?

Ver el foro de soporte