♦ Check your server’s overall security
♦ Detect unsafe PHP settings
♦ Detect unsafe PHP functions
♦ Check for security modules
♦ Detect unwanted write permissions
♦ Detect all errors and error levels
Server Security Scan identifies possible vulnerabilities and loopholes in your sever by inspecting various PHP configurations and settings, checking write permissions of directories, checking for presence of security modules and by detecting the presence of any unsafe PHP functions. Thus it helps to protect your server from various possible web site hacks such as variable injection, code injection and SQL injection etc.
Unsafe PHP configuration scan
Server Security Scan checks for certain PHP configurations in your server to identify whether they are configured safely so as to safeguard your server from hackers. The scanner suggests possible issues of wrongly configuring these settings as well as the criticality level of misconfiguring these settings.
Unsafe PHP function scan
Hackers may misuse some of the PHP functions which you do not use in your applications. Often these functions might be enabled by default in most of the servers. The Server Security Scanner detects whether such functions are enabled in your server and suggests the criticality level and issues related to those functions.
Directory permission scan
It is unsafe to leave your web accessible directories with write permission. The Server Security Scanner detects all writable folder permissions and reports them.
Security module scan
There are certain PHP extensions which can be used to enhance the security of your PHP installation. The Server Security Scan detects whther such modules are installed on your server and reprts the same.
The Server Security Scan detects various possiblities of hacking your server and reports them. The items are reported with criticality of each of the detection. You may contact your host to get the issues rectified if you are not familiar with updating server configurations.
Server Security Scan is developed and maintained by wordpressutils.
Please read the FAQ first if you are having problems.
WordPress 2.8+ PHP 5+
- In the admin panel under plugins activate Server Security Scan.
- You can now run the checks now by clicking
Run Checkslink in the menu.
- The Server Security Scan is not working properly.
Please check the wordpress version you are using. Make sure it meets the minimum recommended version. Make sure all files of the
Server Security Scanplugin are uploaded to the folder
- Does the Server Security Scan automatically fix errors in my server ?
No, the plugin scans and detects vulnerable parts in your server and reports the same to you. You have to manually rectify the reported issues either by yourself or by contacting your host.
- Does the Server Security Scan report the seriousness of issues ?
Yes the plugin categorizes the issues into 3 levels based on seriousness, Critical(most important), Warning and Notice(least important).
- Does Server Security Scan work on all type of servers ?
Yes it does work with all kinds of servers.
- Is Server Security Scan Network / MU / Multisite Compatible ?
Yes. Server Security Scan works well with Network / MU /Multisite installations.
Contributors & Developers
“Server Security Scan” is open source software. The following people have contributed to this plugin.Contributors
Interested in development?
Server Security Scan 1.0.1
- Fixed minor bugs.
Server Security Scan 1.0.0
- First official launch.