Security Ninja – Secure Firewall & Secure Malware Scanner
Security Ninja – Secure Firewall & Secure Malware Scanner Install Statistics
Try plugin: Security Ninja – Secure Firewall & Secure Malware Scanner
We'll create fresh WordPress site with Security Ninja – Secure Firewall & Secure Malware Scanner installed. You have 20 minutes to test the plugin after that site we'll be deleted.
About Security Ninja – Secure Firewall & Secure Malware Scanner
Tests security issues, malware & warns of dangerous plugins. Detailed report on your site security & how to secure it.Description
This plugin can be downloaded for free without any paid subscription from the official WordPress repository.
Get started in minutes:
For over 10 years Security Ninja has helped thousands site owners like you to feel safe. Run 50+ security tests in an instant & discover issues you didn’t even know existed. Help yourself now with Ninja’s simplicity & ease of use.
NEW: Vulnerability scanner – Warns you if you have known vulnerabilites on your website.
Automatically block 600+ million bad IPs with one click! Security Ninja Pro Cloud Firewall will help you stay one step ahead of bad guys by using the collective know-how of millions of attacked sites, and ban bad guys before they even open your site.
Read more about Pro features on the Security Ninja website
Extensions
- MainWP – The MainWP Dashboard allows administrators to manage many WordPress websites from a central location.
Install the FREE Security Ninja for MainWP Extension to get an overview of all websites you have installed Security Ninja on!
Security Tests for your website
- Vulnerability scanner – warns you of any known vulnerabilities on your website!
- Perform over 50+ security tests with one click
- Security Ninja does not make any changes – it’s your site, you have full control
- check your site for security vulnerabilities, issues & holes
- take preventive measures against attacks
- don’t let script kiddies hack your site
- prevent 0-day exploit attacks
- optimize and speed-up your database
- every test is explained, documented and instructions provided on how to fix problems
- tests include:
- brute-force attack on user accounts to test password strength
- numerous installation parameters tests
- file permissions
- version hiding
- 0-day exploits tests
- debug and auto-update modes tests
- database configuration tests
- Apache and PHP related tests
- WP options tests
- complete list of tests:
- Check if Application Passwords feature is enabled (new to WP 5.6)
- Check if WordPress core is up to date
- Check if automatic WordPress core updates are enabled
- Check if plugins are up to date
- Check if there are deactivated plugins
- Check if active plugins have been updated in the last 12 months
- Check if active plugins are compatible with your version of WP
- Check if themes are up to date
- Check if there are any deactivated themes
- Check if full WordPress version info is revealed in page’s meta data
- Check if readme.html file is accessible via HTTP on the default location
- Check if license.txt file is accessible via HTTP on the default location
- Check if REST API links are displayed in page’s meta data
- Check the PHP version is up to date
- Check the MySQL version
- Check if server response headers contain detailed PHP version info
- Check if expose_php PHP directive is turned off
- Check if user with username “admin” and administrator privileges exists
- Check if “anyone can register” option is enabled
- Check user’s password strength with a brute-force attack
- Check for display of unnecessary information on failed login attempts
- Check if database table prefix is the default one
- Check if security keys and salts have proper values
- Check the age of security keys and salts
- Test the strength of WordPress database password
- Check if general debug mode is enabled
- Check if the debug.log file exists
- Check if database debug mode is enabled
- Check if JavaScript debug mode is enabled
- Check if display_errors PHP directive is turned off
- Check if WordPress installation address is the same as the site address
- Check if wp-config.php file has the right permissions (chmod) set
- Check if install.php file is accessible via HTTP on the default location
- Check if upgrade.php file is accessible via HTTP on the default location
- Check if register_globals PHP directive is turned off
- Check if PHP safe mode is disabled
- Check if allow_url_include PHP directive is turned off
- Check if plugins/themes file editor is enabled
- Check if uploads folder is browsable by browsers
- Test if user with ID “1” and administrator role exists
- Check if Windows Live Writer link is present in pages’ header data
- Check if wp-config.php is present on the default location
- Check if MySQL server is connectable from outside with the WP user
- Check if EditURI link is present in pages’ header data
- Check if TimThumb script is used in the active theme
- Check if the server is vulnerable to the Shellshock bug #6271
- Check if the server is vulnerable to the Shellshock bug #7169
- Check if admin interface is delivered via SSL
- Check if MySQL account used by WordPress has too many permissions
- Test if a list of usernames can be fetched by looping through user IDs on http://siteurl.com/?author={ID}
- Check if server response headers contain Strict-Transport-Security
- Check if server response headers contain X-XSS-Protection
- Check if server response headers contain X-Frame-Options
- Check if server response headers contain X-Content-Type-Options
- Check if server response headers contain Content-Security-Policy
- Check if server response headers contain Strict-Transport-Security
- Check if server response headers contain Referrer-Policy
- Check if server response headers contain Feature-Policy
- Check for unwanted files in your root folder you should remove
Security Ninja PRO has extra features: Firewall, Block Suspicious Page Requests, Country Blocking, Core Scanner, Malware Scanner, Auto Fixer for some of the tests, Events Logger & Scheduled Scans.
An all-in-one security solution for any site. With premium support and continuous updates Security Ninja Pro is a perfect tool to keep your site safe. See what the PRO version offers
Pro
Try out the Pro version on your own FREE test site: Click here => https://app.instawp.io/launch?t=security-ninja-5139
What others say about the plugin
- <a href=”https://wpmayor.com/security-ninja-review-wordpress-security-plugin/>WP Mayor: “Easy-to-Use WordPress Security Plugin”
- WPLift
- WPExplorer
- WP Loop
- Bitcatcha.com
- WebHostingSecretRevealed
- Ravi Singh
- Tutorials 7
- onlinedecoded.com
License info
-
The vulnerability scanner uses data from the National Vulnerability Database – NVD
-
This product includes IP2Location LITE data available from https://lite.ip2location.com.
-
This plugin uses the Persist Admin notice Dismissals by Collins Agbonghama @collizo4sky