Created by: Bill Minozzi
ANTI HACKER PLUGIN
★★★★★
No matter how small or big your server is, hackers may attempt to use it to send spam, steal traffic, and attack other computers. According to Security magazine, there is a hacker attack every 39 seconds.
In fact, some studies suggest that the majority of attacks against websites begin to occur within the first 24 hours of a site going online.
.
Improve system security, protect login (Login Security), firewall, scan for malware, block user enumeration and TOR, disable Json WordPress Rest API, xmlrpc (xml-rpc) & Pingback and more a lot of security tools. Translation ready. Files included: Dutch, English, French, Italian, Portuguese, Spanish, and German.
.
Italian: Migliora la sicurezza del sistema, proteggi l’accesso (sicurezza dell’accesso), firewall, cerca malware, blocca l’enumerazione degli utenti e TOR, disabilita l’API Rest di Json WordPress, xmlrpc (xml-rpc) e Pingback e molti altri strumenti di sicurezza. Multilingua pronto. Inclusi anche file in lingua italiana e portoghese.
.
Português: Melhora a segurança do sistema, proteje o login (Segurança de login), firewall, verifica se há malware, bloqueia a enumeração do usuário e TOR, desativa Json WordPress Rest API, xmlrpc (xml-rpc) e Pingback e mais muitas ferramentas de segurança. Pronto para vários idiomas. Incluídos também arquivos em italiano e português.
Premium Version with more features
(Our Premium version won’t empty your pocket.)
StartUp Guide
Online Documentation
FAQ Page
Plugin Site
Plugin Blog with a lot of tips
Compatible with Stop Bad Bots Plugin
Share 🙂
This plugin disables XMLRPC API in WordPress 3.5+ or above, which is enabled by default.
XMLRPC on WordPress is actually an API or “application program interface“.
It gives developers who make mobile apps, desktop apps and other services the ability to talk to your WordPress site.
Most users don’t need WordPress XMLRPC functionality, and it’s one of the most common causes for exploits.
If you want to access and publish to your blog remotely, then you need XMLRPC enabled.
Pingback allows you to notify other bloggers that you have linked to their article on your website.
A WordPress website with Pingback enabled can be used in DDOS attacks against other websites.
An attacker can exploit pingback functionality through simple command and an XMLRPC request.
(disable WordPress Rest API)
Block User enumeration to improve security.
The REST API (new WordPress 4.7) allows for anonymous access and this means that anyone can list all
the users of a website. This will enable botnets to try and Bruteforce attack a website with the user’s credentials.
A brute-force attack is an attempt to discover a password by systematically trying every
possible combination of letters, numbers, and symbols until you discover the one correct combination
that works.
Our plugin will protect your site against Brute Force Attack, by restrict access to login page to
whitelisted IP addresses.
Otherwise, your login page will request your wordpress user email.
It is not necessary Limit Login Attempts. Read below about Rate Limiting.
Rate Limiting is a substitute to Limit Login Attempts.
Bots and Hackers can make a lot of visits in a short time period.
We can just limit a number of visits.
Rate Limiting is a substitute to Simple Login Lockdown. Read above.
Rate Limiting is a substitute to Rename wp-login.php. Read above.
If the settings of Anti Hacker is Block all traffic from Tor? = “Yes”, we can test visitors Ip
from the TOR PROJECT database. We download daily Tor Database and we didn’t send any information to them.
This is a free service. TorProject is a not-for-profit organization.
Tor Documentation:
https://www.torproject.org/
Our plugin will check your status on Google regarding Google Safe Browsing.
Google Safe Browsing is a service provided by Google to help protect users from malicious websites on the internet.
To simplify your inquiry, avoiding the need to create a Google account to obtain an API,
we will perform this query for you.
We will send your domain address and Google will inform us whether it considers your site safe or not.
Obviously, if it does not consider it safe, it will not send visitors to your site.
Instead, it will inform those who intend to visit your site that it is dangerous.
Hence the importance of always monitoring this. We will add that on your plugin dashboard.
This collected data (domain name) will only be used to query Google and will not be stored.
For more information about this, visit Google.
For more details about our site, visit us.
This plugin is a service. If you choose the premium version, only in this case, when applying your purchase code, it will be sent to our server, which will return whether it is valid or not.
This plugin is a service. If you choose the premium version, your site will receive weekly updates for its bot, IP, and referrer tables.
Only in this case, when applying your purchase code, it will be sent to our server, which will return whether it is valid or not.
The Anti Hacker plugin will retrieve tips and news from our site BillMinozzi.com. This information will be displayed in the plugin dashboard, in the right-hand column under the title “Tips and News.” No data is sent to our server. Learn about the terms of use for our plugins and themes at this link:
https://siterightaway.net/terms-of-use-of-our-plugins-and-themes/
We can keep the size of the standard WordPress readme.txt file reasonable