There are 8 repositories under wordpress-security topic.
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
WPScan rewritten in Python + some WPSeku ideas
WAF for WordPress 🔥 with 60+ security checks and weekly updates
Unique host templates to enhance own privacy in games, websites and regulary software on Desktop and Android devices
Useful plugin that will scan your theme templates for malicious injections. Automatically. Every day. For more blog security.
A command line took to check the WPScan Vulnerability Database via API to identify the security issues of WordPress plugins installed.
:shipit: A wordpress security auditor! Audit your wordpress application for security issues with even 1 request.
Prevents users from being logged into the same WordPress site from multiple places.
fail2ban setup for centminmod.com LEMP stack with CSF Firewall
Apache configuration and useful functions for more secure and performant Wordpress sites.
Require certain users to change their passwords on a regular basis.
Advanced use of WPScan (WordPress Security Scanner) with other tools like nmap, nikto, owasp-zap, ids for ethnical Hackers
Automatic updating of the comment blacklist in WordPress with antispam keys from GitHub.
Helps keeping WordPress websites secure.
EngineScript is a super fast WordPress server built on Ubuntu and optimized for Cloudflare and Digital Ocean
wordpress security best practice
Secure and performant Wordpress installation on your Kubernetes cluster
Verifies MD5 checksums of WordPress core files, sends e-mail to the mail address of your admin user warning in case of threat. Just activate it and you are done.
Super easy security for WordPress
Script for bruteforcing multiple Wordpress Users (XMLRPC)
WP EzPz Tweaks is an all-in-one WordPress plugin that helps you personalize the admin panel appearances, clean your site code and remove unwanted features to increase its security and improve performance.
Wordpress plugin to change its password hashing mechanism with PHP native password_* set of functions.
Web Appliaction Firewall reverse-proxy using Coraza WAF + Caddy with ready-to-use rulesets
Wordfence Custom "Lockout" and "Blocked" Messages that Maximize Security by minimizing information provided to attackers
Protect wordpress with .htacess for paranoid bloggers
The main task of this plugin is to increase the security of the site and improve the performance of the site by disabling completely unnecessary hooks and also optimizing SQL queries
WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.
Provides Mattermost 5-9 integration for WordPress 5/6.
WordPress Nonce Implementation Object Oriented Way
Compare the files and folders of the original source code of WordPress against a website
Need a security hardened wordpress installation without plugins? Head to your functions.php file in your theme or create one if it does not exist or download this repo and rename it according.
A simple and lightweight plugin to enhance performance, stability and security of wordpress
WordPress Security Advisories. Add this package to prevent vulnerable WordPress packages from being installed.
Proof of concept for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin (CVE-2022-0236)