Description
DominoGuard is a focused, minimalistic security solution for WordPress. Designed to be fast and lightweight, it provides the essential security features every website needs with a clean configuration.
Key Features
- Limit Login Attempts: Automatically block IPs for 15 minutes after 5 continuous failed login attempts, keeping brute-force attacks at bay.
- Email Two-Factor Authentication (2FA): Add an extra layer of security for Administrators. When enabled, logging in requires a 6-digit code sent to the admin’s email address.
- Brute Force Protection: Easily disable XML-RPC, a common vector for brute force and pingback attacks.
- Block User Enumeration: Prevent attackers from discovering your administrator username by blocking
/?author=Nquery scans. - Basic Firewall: A lightweight WAF that silently blocks simple directory traversal attempts (
../) and basic malicious query strings commonly found in automated SQL injections.
Why DominoGuard?
Many security plugins suffer from excessive features that can impact performance. DominoGuard focuses on delivering efficient performance by utilizing standard WordPress functions, keeping your site secure with minimal resource usage.
Installation
- Upload the
dominoguard-securitydirectory to your/wp-content/plugins/directory, or install it directly via the WordPress Plugins menu. - Activate the plugin through the ‘Plugins’ menu in WordPress.
- Navigate to Settings > DominoGuard in the admin dashboard.
- Toggle the security features you wish to enable and click “Save Settings”.
FAQ
-
How does the Email 2FA work?
-
When “Enable Email 2FA” is active, Administrators will be prompted to enter a 2FA code during login. If the password is correct, the plugin sends a secure 6-digit code to the administrator’s email. This code must be entered into the “2FA Code” field on the login screen, alongside the username and password, to successfully log in.
-
Will DominoGuard slow down my website?
-
No. DominoGuard is built with a minimalist philosophy. It runs efficient code with minimal impact on your website performance.
-
Do I need to configure the Firewall?
-
No configuration is needed. When enabled, it quietly blocks some explicit malicious patterns in URLs before WordPress even loads fully, keeping you safe.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“DominoGuard Security” is open source software. The following people have contributed to this plugin.
Contributors
Translate “DominoGuard Security” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.0
- Initial Release.