Total Security

Description

The Total Security plugin is the must-have tool when it comes security of your WordPress installation. The plugin monitors your website for security weaknesses that hackers might exploit and tells you how to easily fix them.

Vulnerability Scan

  • Check your site for security vulnerabilities and holes.
  • Numerous installation parameters tests
  • WP options tests
  • Detailed help and description

Core Scanner

  • Scan WP core files with one click
  • Quickly identify problematic files
  • Great for removing exploits and fixing accidental file edits/deletes
  • View files source to take a closer look
  • Fix broken WP auto-updates

File System

Scours your file system by suspicious or potentially malicious files, compressed, log, binary, data, and temporary files. And any unknown file in WP core.

  • Detects unknown file found in WP core => |*any file|
  • Detects suspicious or potentially malicious files => |*.exe|*.com|*.scr|*.bat|*.msi|*.vb|*.cpl|
  • Detects compressed files => |*.zip|*.rar|*.7z|*.gz|*.tar|*.bz2|
  • Detects log, binary, data and temporary files => |*.log|*.dat|*.bin|*.tmp|

Error 404 Log

  • Logs 404 (Page Not Found) errors on your site, this also gives the added benefit of helping you find hidden problems causing 404 errors on unseen parts of your site as all errors will be logged.

Secure Hidden Login

  • Allows you to create custom URLs for user’s login, logout and admin’s login page, without editing any .htaccess files.
  • Those attempting to gain access to your login form will be automatcally redirected to a customizable URL.
  • Hide “wp-admin” folder.

Log Viewer (debug.log)

  • Adds a debug menu to the admin bar that shows real-time debugging information.

Best practices on security combined into one plugin!

Usage

For Vulnerability Scan : Once you click the Execute button all tests will be run.
For Core Scanner: Once you click the Execute button all tests will be run.

Depending on various parameters of your site this can take from ten seconds to 2-3 minutes. Please don’t reload the page until testing is done.

Each test comes with a detailed explanation which you should use to determine whether it affects your site or not. Most test have simple to follow instructions on how to strengthen your site’s security.

Color-coded results separate files into categories:
* Items in green are fully secured. Good job!
* Items in orange are partially secured. Turn on more options to fully secure these areas
* Items in red are not secured. You should secure these items immediately

A warning to redo the scan will be informed every 15 days of last inspection.

Translation

  • Non-English Speaking Users – Contribute a translation using the GlotPress web interface – no technical knowledge required (how to).

Screenshots

  • Dashboard
  • Vulnerability Scan
  • File System
  • Core Scanner
  • Secure Hidden Login - Setup
  • Error 404 Log
  • Log Viewer

Installation

Using The WordPress Dashboard

  1. Navigate to the ‘Add New’ in the plugins dashboard
  2. Search for ‘Total Security’
  3. Click ‘Install Now’
  4. Activate the plugin on the Plugin dashboard

Uploading in WordPress Dashboard

  1. Navigate to the ‘Add New’ in the plugins dashboard
  2. Navigate to the ‘Upload’ area
  3. Select total-security.zip from your computer
  4. Click ‘Install Now’
  5. Activate the plugin in the Plugin dashboard

Using FTP

  1. Download total-security.zip
  2. Extract the total-security directory to your computer
  3. Upload the total-security directory to the /wp-content/plugins/ directory
  4. Activate the plugin in the Plugin dashboard

FAQ

How do i uninstall completely this plugin
  • If deactivate the plugin on the plugins page, the plugin should clean up most of the files created and modified.
  • The uninstall function is manage by “uninstall.php” file, the plugin is completely removed when actively deleted (not just deactivated) through the WordPress Admin.

Reviews

A lot of issues

Seems complete, honest, … but has some serious issues.

If one decides to install wordpress in /wordpress but keep the homelink to /, as described on wordpress.org, you are in bad luck. All original wordpress files are being considered as being invalid.

Never try to execute some of the scans that take a long time. Your hoster might have a default timeout for execution of scripts. This plug-in does pass this timeout making those scripts fail.

Good attempt, but need some improvement to be really useful.

Great plugin for basic security

A great plugin if you want to secure your WordPress installation. Three scans that reveil the most common vulnerabilities in your WordPress installation. Not only reveil but also great help in fixing them.
It’s become a standard plugin in all my WordPress installations.

Great Starting Point Security Check

This is a great plugin as a starting point to test your website vulnerabilities. I have tested this plugin with WordPress 4.6.1 and it works very well. If you need to know how your website is doing then I suggest you install this plugin, run a test and then patch and fix any vulnerabilities it finds.

Well done to the developer 🙂 Keep up the great work.

Regards

Genial

Me parece un plugin básico para mis páginas en wordpress

Read all 33 reviews

Contributors & Developers

“Total Security” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

  • 3.4.7

    • IMPROVED – Compatibility with WordPress 4.7.3
  • 3.4.6

    • IMPROVED – Compatibility with WordPress 4.7.1
  • 3.4.5

    • IMPROVED – Compatibility with WordPress 4.7
  • 3.4.4

    • IMPROVED – Compatibility with WordPress 4.6.1
  • 3.4.3

    • IMPROVED – Compatibility with WordPress 4.6
  • 3.4.2

    • FIX – Security issues
  • 3.4.1

    • IMPROVED – Compatibility with WordPress 4.5.3
    • FIX – Persistent cross-site scripting (XSS) vulnerability
    • FIX – Settings change vulnerability
  • 3.4

    • NEW – New Test: SSL Logins and SSL Admin Access
    • IMPROVED – Performance Improvements
    • IMPROVED – Removal of Obsolete Tests
  • 3.3.7

    • IMPROVED – Compatibility with WordPress 4.5.2
  • 3.3.6

    • IMPROVED – Compatibility with WordPress 4.5.1
  • 3.3.5

    • IMPROVED – Compatibility with WordPress 4.5
  • 3.3.4

    • IMPROVED – Compatibility with WordPress 4.4.2
  • 3.3.3

    • IMPROVED – Compatibility with WordPress 4.4.1
  • 3.3.2

    • IMPROVED – Compatibility with WordPress 4.4
  • 3.3.1

    • IMPROVED – Compatibility with WordPress 4.3.1
  • 3.3

    • IMPROVED – Compatibility with WordPress 4.3
  • 3.2.7

    • IMPROVED – Compatibility with WordPress 4.2.3
  • 3.2.6

    • IMPROVED – Compatibility with WordPress 4.2.2
  • 3.2.5

    • IMPROVED – Compatibility with WordPress 4.2
  • 3.2.4

    • FIX – File System: error in jQuery
  • 3.2.3

    • IMPROVED – Compatibility with WordPress 4.1.1
  • 3.2.2

    • IMPROVED – Compatibility with WordPress 4.0
    • IMPROVED – Russian (ru) Language pack added (thanks to zerg959)
  • 3.2.1

    • Compatibility with WordPress 3.9.1
  • 3.2

    • FIX – Minor bug fixes
  • 3.1

    • NEW – Log Viewer (debug.log) – Adds a debug menu to the admin bar that shows real-time debugging information
    • FIX – strict standards error
  • 3.0.4

    • IMPROVED – Brute force dictionary: 1050 Most Common Passwords
    • IMPROVED – Table Database Info: colored list
  • 3.0.3

    • NEW – Navigation Tabs
    • IMPROVED – Minor interface tweaks
  • 3.0.2

    • Compatibility with WordPress 3.9
    • Cosmetic fixes
  • 3.0.1

    • Compatibility with WordPress 3.8.2
  • 3.0

    • New: Add Bookmarklets “Password Hash”
    • Improved: Error 404 Log
    • Cosmetic fixes
  • 2.9.9

    • Error 404 Log: Performance improvements
  • 2.9.8.1

    • Cosmetic fixes
  • 2.9.8

    • Compatibility with WordPress 3.8.1
  • 2.9.7

    • Compatibility with WordPress 3.8
  • 2.9.6

    • Compatibility with WordPress 3.7.1
  • 2.9.5

    • Compatibility with WordPress 3.7
  • 2.9.4

    • Fixing: wpdb::escape Deprecated Function
    • “Secure Hidden Login” and “Dangerous PHP Functions” change of risk status
    • Add Spanish (es_ES) translation by Juan Pablo Población Paredes
  • 2.9.3

    • Compatibility with WordPress 3.6.1
  • 2.9.2

    • Compatibility with WordPress 3.6
  • 2.9.1

    • Compatibility with WordPress 3.5.2
  • 2.9

    • Performance improvements
    • Minor interface tweaks
  • 2.8.1

    • Performance improvements
    • Minor bug fixes
  • 2.8

    • Add new feature: Secure Hidden Login
    • Cosmetic fixes
  • 2.7

    • Add new feature: Error 404 Log
    • Cosmetic fixes
  • 2.6.351

    • Performance improvements
  • 2.5.351

    • Performance improvements
  • 2.4.351

    • Minor bug fixes
  • 2.3.351

    • Compatibility with WordPress 3.5.1
  • 2.3.350

  • 2.2.350

    • Performance improvements
    • Detect .cpl and .db
    • Cosmetic fixes
  • 2.1.350

    • Add German (de_DE) translation by Silvio Paschke
  • 2.0.350

    • Compatibility with WordPress 3.5
  • 2.0.342

    • Add new feature: File System
    • Performance improvements.
  • 1.1

    • Bug Fix
  • 1.0

    • Initial release