anti-wpscan

Screenshots

1.1 is a beta. Tools such as wp-scan allow security professionals and malicous “hackers” to scan your blog for security holes. It detects the version of WordPress, and version of all your plugins and cross-checks with a vulnerability database to see if there are any security threats with those versions. The users of wp-scan can then exploit any vulnerabilities found to gain unauthorized access to your WordPress blog. Anti-wpscan prevents this tool from obtaining these version numbers, greatly increasing security and prevent wp-scan bots from getting your version numbers. Note. All un-even minor version numbers are considered beta. 1.1 is a beta. 1.2 would be production ready. Features: Block WordPress version detection. Block passive WordPress version detection (not just the version in your meta tags). Block plugin version detection. Block all plugin change_log files. Block directory browsing for improperly setup web hosting. Block access to css files from clients without a referring url. Block access to important files in wp-include. Strip all comments from final putput. Prevents plugins from putting comments in your blog with version information. Requirements: Must be using an updated version of WordPress. Must be using custom permalinks (this generates a .htaccess file which anti-wspcan uses). Check out my security blog at Blackfault.com for more information. Support Get support here. UnInstall To un-install, open .htaccess and remove everything between #RULES ADDED BY anti-wpscan and #END ANTI-WPSCAN RULES.