This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Server Security Scan


♦ Check your server’s overall security
♦ Detect unsafe PHP settings
♦ Detect unsafe PHP functions
♦ Check for security modules
♦ Detect unwanted write permissions
♦ Detect all errors and error levels

Server Security Scan identifies possible vulnerabilities and loopholes in your sever by inspecting various PHP configurations and settings, checking write permissions of directories, checking for presence of security modules and by detecting the presence of any unsafe PHP functions. Thus it helps to protect your server from various possible web site hacks such as variable injection, code injection and SQL injection etc.

Unsafe PHP configuration scan

Server Security Scan checks for certain PHP configurations in your server to identify whether they are configured safely so as to safeguard your server from hackers. The scanner suggests possible issues of wrongly configuring these settings as well as the criticality level of misconfiguring these settings.

Unsafe PHP function scan

Hackers may misuse some of the PHP functions which you do not use in your applications. Often these functions might be enabled by default in most of the servers. The Server Security Scanner detects whether such functions are enabled in your server and suggests the criticality level and issues related to those functions.

Directory permission scan

It is unsafe to leave your web accessible directories with write permission. The Server Security Scanner detects all writable folder permissions and reports them.

Security module scan

There are certain PHP extensions which can be used to enhance the security of your PHP installation. The Server Security Scan detects whther such modules are installed on your server and reprts the same.

The Server Security Scan detects various possiblities of hacking your server and reports them. The items are reported with criticality of each of the detection. You may contact your host to get the issues rectified if you are not familiar with updating server configurations.


Server Security Scan is developed and maintained by wordpressutils.

More Information


Please read the FAQ first if you are having problems.


WordPress 2.8+
PHP 5+


  1. Extract to your /wp-content/plugins/ directory.
  2. In the admin panel under plugins activate Server Security Scan.
  3. You can now run the checks now by clicking Run Checks link in the menu.


The Server Security Scan is not working properly.

Please check the wordpress version you are using. Make sure it meets the minimum recommended version. Make sure all files of the Server Security Scan plugin are uploaded to the folder wp-content/plugins/

Does the Server Security Scan automatically fix errors in my server ?

No, the plugin scans and detects vulnerable parts in your server and reports the same to you. You have to manually rectify the reported issues either by yourself or by contacting your host.

Does the Server Security Scan report the seriousness of issues ?

Yes the plugin categorizes the issues into 3 levels based on seriousness, Critical(most important), Warning and Notice(least important).

Does Server Security Scan work on all type of servers ?

Yes it does work with all kinds of servers.

Is Server Security Scan Network / MU / Multisite Compatible ?

Yes. Server Security Scan works well with Network / MU /Multisite installations.


There are no reviews for this plugin.

Contributors & Developers

“Server Security Scan” is open source software. The following people have contributed to this plugin.


Translate “Server Security Scan” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.


Server Security Scan 1.0.1

  • Fixed minor bugs.

Server Security Scan 1.0.0

  • First official launch.