Le petit résumé produit par le plugin WP Security Scan
WordPress version: 3.1 You have the latest stable version of WordPress.
Your table prefix should not be wp_. Click here to change it.
Your WordPress version is successfully hidden.
WordPress DB Errors turned off.
WP ID META tag removed form WordPress core
“admin” user exists.
The file .htaccess does not exist in wp-admin/.
Source : http://wordpress.org/extend/plugins/wp-security-scan/
Un plugin qui sans dommage pour les fichiers, le code…etc. parcourt l’intégralité de votre WP afin d’en relever toutes les anomalies offrant potentiellement des failles de sécurité. Ces informations pour une plus grande clarté et lisibilté sont ensuite classées en 3 niveaux de sécurité :
Intéressant et pratique pour notamment mesurer la dangerosité et la faiblesse d’un thème ou d’un plugin développé avec les pieds ! Ne pas non plus tomber dans la paranoïa car le plugin WordPress Exploit Scanner
lui-même induit ces propres failles de sécurité mais au moins il vous en informe…
Location / Description What was matched wp-content/plugins/wp-security-scan/simplepie.inc:12488 Used by malicious scripts to decode previously obscured data/programs $data = base64_decode($data);
Source : http://wordpress.org/extend/plugins/exploit-scanner/
Efficace et peu gourmand, ce plugin de Matt Walters (http://mattwalters.net/) fait bien son boulot et vous informe proprement des ajouts ou des suppressions de fichiers. On peut voir que toutes modifications de fichiers présents dans votre WordPress vous est automatiquement signalés par mail ou dans un fichier de log. Dans le rapport ci-dessous, nous venons de désinstaller 3 plugins et d’installer le plugin WordPress File Monitor
en question.
This email is to alert you of the following changes to the file system of your website at http://127.0.0.1/wordpress_2_9_2_en/wordpress Timestamp: Wed, 09 Mar 2011 09:35:23 +0000 Added: wp-content/plugins/.DS_Store wp-content/plugins/wordpress-file-monitor/.DS_Store Removed: wp-content/plugins/wp-security-scan/database.php wp-content/plugins/wp-security-scan/functions.php wp-content/plugins/wp-security-scan/lock.png wp-content/plugins/wp-security-scan/password_tools.php wp-content/plugins/wp-security-scan/readme.txt wp-content/plugins/wp-security-scan/scanner.php wp-content/plugins/wp-security-scan/screenshot-1.jpg wp-content/plugins/wp-security-scan/screenshot-2.jpg wp-content/plugins/wp-security-scan/scripts.js wp-content/plugins/wp-security-scan/securityscan.php wp-content/plugins/wp-security-scan/simplepie.inc wp-content/plugins/wp-security-scan/style.css wp-content/plugins/wp-security-scan/support.php wp-content/plugins/wp-security-scan/js/scripts.js wp-content/plugins/wp-security-scan/images/bt.gif wp-content/plugins/wp-security-scan/images/iblogpro.jpg wp-content/plugins/wp-security-scan/images/pagelines.jpg wp-content/plugins/wp-security-scan/images/whitehouse.jpg wp-content/plugins/wp-fb-fan-box/readme.txt wp-content/plugins/wp-fb-fan-box/screenshot-1.png wp-content/plugins/wp-fb-fan-box/screenshot-2.png wp-content/plugins/wp-fb-fan-box/wp-fb-fan-box-id_ID.mo wp-content/plugins/wp-fb-fan-box/wp-fb-fan-box-id_ID.po wp-content/plugins/wp-fb-fan-box/wp-fb-fan-box.mo wp-content/plugins/wp-fb-fan-box/wp-fb-fan-box.php wp-content/plugins/wp-fb-fan-box/wp-fb-fan-box.po wp-content/plugins/exploit-scanner/exploit-scanner.php wp-content/plugins/exploit-scanner/hashes-3.0.1.php wp-content/plugins/exploit-scanner/hashes-3.0.2.php wp-content/plugins/exploit-scanner/hashes-3.0.3.php wp-content/plugins/exploit-scanner/hashes-3.0.4.php wp-content/plugins/exploit-scanner/hashes-3.0.5.php wp-content/plugins/exploit-scanner/hashes-3.0.php wp-content/plugins/exploit-scanner/hashes-3.1.php wp-content/plugins/exploit-scanner/loader.gif wp-content/plugins/exploit-scanner/readme.txt Changed: .DS_Store wp-content/.DS_Store |
Source : http://wordpress.org/extend/plugins/wordpress-file-monitor/
WP Security Scan
WordPress Exploit Scanner
WordPress File Monitor
security
sur la base de plugins WPmonitor
sur la base de plugins WP