SECURE shows you exactly how to lock down your WordPress sites.
Everyday new security risks are found and hackers are ready to use them against your websites.
We at SEC Consult have a dedicated team in multiple time zones that tracks all security risks and makes them available to you in real-time.
The pro version of SECURE comes with the following unique benefits:
- You’ll receive an e-mail alert as soon as vulnerabilities are identified that affect any of your sites.
- The vulnerability alerts will tell you exactly how to address the vulnerability and become safe again.
- You’ll receive weekly status mails informing you about outdated versions and vulnerabilities in your sites.
The free version of SECURE identifies the following security issues and more:
- Outdated Plugins, Themes and WordPress itself
- Known security issues in installed Plugins, Themes and WordPress itself (information is 30 days old)
- User accounts with weak passwords
- Files that might leak information to attackers
- Insecure file permissions for important core files
- Unencrypted communication with the WordPress admin interface
- Directory listings are enabled
- The upload of dangerous file types is allowed
- Debugging is enabled
- User Registration is enabled
- WordPress file editing is enabled
- Default database prefix is used
- Root database user is used
- Dangerous PHP functions are enabled
- Multiple issues with error reporting that might leak information to attackers
- PHP leaking version information
- What is SECURE
SECURE is a WordPress plugin that identifies security problems in your website and helps you lock down your WordPress installation in three simple steps. The plugin covers most of the hardening tips of the WordPress Security Codex and includes a lot of additional security checks. It was designed to clearly show at a single glance what security problems exist in your website and to provide you with all the information needed to understand these issues and eliminate them.
The free SECURE plugin will also show you vulnerabilities that have been made public 30 days ago or longer. As a SECURE pro user you get immediate access to the most up-to-date security issues put your site at risk.
- What is MVIS
MVIS stands for Managed Vulnerability Information Service and is an enterprise grade service provided for our customers around the world.
Our security experts gather all security vulnerabilities that are disclosed publicly (more than 7000 each year!), pre-filter them to eliminate false positives and thoroughly analyse them for validity, criticality, impact and other relevant criteria. This information is stored in our central database and allows us to give you detailed information about security vulnerabilities in a given software version.
- What do I get as a paying user of SECURE
As a paying user you get access to SEC Consult’s Managed Vulnerability Information Service (MVIS) that was specifically created for WordPress. We have an international team in 3 time zones that monitor all incoming vulnerabilities for WordPress. As soon as any new security issue is identified that affects your unique site you will receive a security alert per e-mail. This way you can react immediately and don’t give attackers a chance to exploit these flaws in your website.
- Does this plugin support Multisite or Windows WordPress installations
Yes it does. Currently no known issues exist for WordPress installations on Windows and for Multisite installations. If you have a WordPress set up on Windows or a Multisite, it would be great if you can give some feedback.
- Initial release