N0WPScan
We love security testing, we do it! We love WPSCAN, we use it! However we don’t love people abusing WPSCAN and other automated methods to try and gain access to WordPress sites through known and often easy vulnerabilities. N0WPScan is not a silver bullet, but it will stop unskilled attackers, bots and automated attacks which account for over 90% of all WordPress breaches. The other 10% can be offset with a good firewall, IDS and NSM services. Server load will also be lower and sites faster as this tool will prevent a lot of WordPress related automated testing.
[!] You can prevent most of the common attacks simply by keeping plugins, themes and the core WordPress framework updated
Benefits
* Disables access to admin for everyone except admins and editors
* Disables the use of WPScan, a tool commonly used by hackers to attack WordPress, also blocks other automated WP scanners
* Blocks hackers from scanning your website for admin users, vulnerable themes, vulnerable plugins and exposed files
* Reduces the load on your server
* Prevents access to sensitive files
Download & install the zip archive
The plugin package installer can be downloaded from the WP2E project tab called “code”.
1 – Select the version to download if this option is available otherwise the “latest” version of the main plugin will be used.
2 – After downloading the zip archive install the plugin package installer in you local environment and activate the script from the plugin list.
3 – Under the section “Plugins” of the admin dashboard you should see a new “Dependencies & Licenses” link. Follow the instructions from this panel to finalize the installation of the missing dependencies.
-
- Give a name to your project
-
- Download the Installer Package
-
- Install & activate the plugin locally
-
- Install the suggested dependencies
Tips: Use the WP2E panel to add/suggest new dependencies to the local installation. Press F5 in the list of dependencies if the changes are not displayed right away.