Descripción
This plugin is designed to implement the latest WordPress best practices
around security into your WordPress website.
Features
- Deny access to the wp-config.php file to anyone surfing for it. https://codex.wordpress.org/Hardening_WordPress#Securing_wp-config.php
- Deny access to .svn files to anyone surfing for it.
- Block access to wp-includes scripts to not intended users. https://codex.wordpress.org/Hardening_WordPress#Securing_wp-includes
- Disable file editing. https://codex.wordpress.org/Hardening_WordPress
- Remove the Compatibility View button on Internet Explorer.
- Remove the meta name generator tag from the header of every page, including RSS feeds, which contains your site’s WordPress version.
- Disable the XML-RPC (pingback) functionality to help avoid DDoS attacks. http://bit.ly/1o9RsFA
For more information, questions, requests, or comments, please email the developer.
Capturas
Instalación
This section describes how to install the plugin and get it working.
- Upload the
wp-best-standards.zip
to the/wp-content/plugins/
directory - Unzip the file
- Activate the plugin through the 'Plugins' menu in WordPress
- You are all set! Enjoy!
FAQ
- The Meta Name Generator is still displaying the WordPress version. How could this be?
-
Make sure that your template does not have a hard coded reference within the header.php file. Some older templates seem to have this reference. Please delete or comment the line.
Reseñas
No hay reseñas para este plugin.
Colaboradores y desarrolladores
"WP Best Practices" es un software de código abierto. Las siguientes personas han colaborado con este plugin.
ColaboradoresTraduce "WP Best Practices" a tu idioma.
¿Interesado en el desarrollo?
Revisa el código , echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.
Registro de cambios
1.5.3
- Performed code cleanup and removed functionality not used.
1.5.3
- Clean up.
1.5.1
- Removes the compatibility mode from Internet Explorer
1.5
- Clean up.
1.4
- Disables the file editing of themes and plugins in the admin dashboard.
- Secures the wp-includes folder.
- Secures the wp-config.php file.
1.3
- This release disabled the XML-RPC functionality in order to help prevent denial-of-service (DDoS) attacks.
1.2
- Minor code cleanup.
1.1
- This release included the ability to hide the WordPress version from the wp-login.php file.
- Minor code cleanup.
1.0
- The original release of this plugin.
- This release included the ability to remove the WordPress version from the meta generator tag and the readme.html file.