[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feoBg_KXzcN3T7aiqITJMOTaFzumgun6uWuHMPtwfPOc":3},{"slug":4,"display_name":4,"profile_url":5,"plugin_count":6,"total_installs":7,"avg_security_score":8,"avg_patch_time_days":9,"trust_score":10,"computed_at":11,"plugins":12},"cleverplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fcleverplugins\u002F",3,17000,82,269,66,"2026-04-04T04:15:38.617Z",[13,39,63],{"slug":14,"name":15,"version":16,"author":4,"author_profile":5,"description":17,"short_description":18,"active_installs":19,"downloaded":20,"rating":21,"num_ratings":22,"last_updated":23,"tested_up_to":24,"requires_at_least":25,"requires_php":26,"tags":27,"homepage":33,"download_link":34,"security_score":35,"vuln_count":36,"unpatched_count":36,"last_vuln_date":37,"fetched_at":38},"remove-xmlrpc-pingback-ping","Remove & Disable XML-RPC Pingback","1.6","\u003Cp>Prevent your WordPress site from participating and being a victim of pingback denial of service attacks. \u003Cstrong>After activation the plugin automatically disables XML-RPC. There’s no need to configure anything.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>By disabling the XML-RPC pingback you’ll:\u003Cbr \u002F>\n* lower your server CPU usage\u003Cbr \u002F>\n* prevent malicious scripts from using your site to run pingback denial of service attacks\u003Cbr \u002F>\n* prevent malicious scripts to run denial of service attacks on your site via pingback\u003C\u002Fp>\n\u003Cp>From sucuri.net:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Any WordPress site with Pingback enabled (which is on by default) can be used in DDOS attacks against other sites.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Learn More\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwptavern.com\u002Fhow-to-prevent-wordpress-from-participating-in-pingback-denial-of-service-attacks\" rel=\"nofollow ugc\">How To Prevent WordPress From Participating In Pingback Denial of Service Attacks\u003C\u002Fa> – wptavern.com\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.sucuri.net\u002F2014\u002F03\u002Fmore-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html\" rel=\"nofollow ugc\">More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack\u003C\u002Fa> – sucuri.net\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fhackguard.com\u002Fxmlrpc-php-ping-backs-hackers-denial-service-attacks\" rel=\"nofollow ugc\">xmlrpc.php and Pingbacks and Denial of Service Attacks, Oh My!\u003C\u002Fa> – hackguard.com\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Is Your Site Attacking Others?\u003C\u002Fh4>\n\u003Cp>Use \u003Ca href=\"http:\u002F\u002Flabs.sucuri.net\u002F?is-my-wordpress-ddosing\" rel=\"nofollow ugc\">Sucuri’s WordPress DDOS Scanner\u003C\u002Fa> to check if your site is DDOS’ing other websites\u003C\u002Fp>\n\u003Ch4>Why Not Just Disable XMLRPC Altogether?\u003C\u002Fh4>\n\u003Cp>Yes, you can choose to do that, but if you use popular plugins like JetPack (that use XMLRPC) then those plugins will stop working. That is why this small plugin exists.\u003C\u002Fp>\n","Prevent pingback, XML-RPC and denial of service DDOS attacks by disabling the XML-RPC pingback functionality.",9000,94267,60,6,"2023-07-24T23:03:00.000Z","6.3.8","5.2","5.6",[28,29,30,31,32],"disable-ping","ping","pingback","xml-rpc","xmlrpc","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fremove-xmlrpc-pingback-ping","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fremove-xmlrpc-pingback-ping.1.6.zip",85,0,null,"2026-03-15T15:16:48.613Z",{"slug":40,"name":41,"version":42,"author":4,"author_profile":5,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":59,"download_link":60,"security_score":48,"vuln_count":61,"unpatched_count":36,"last_vuln_date":62,"fetched_at":38},"security-ninja","Security Ninja – WordPress Security Plugin & Firewall","5.272","\u003Cp>Security Ninja is a lightweight \u003Cstrong>WordPress security plugin\u003C\u002Fstrong> that helps protect your site from common attacks and security mistakes — without turning your dashboard into a cockpit.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Free includes a basic Web Application Firewall (WAF)\u003C\u002Fstrong> (based on the 8G ruleset) to block common malicious requests, plus 50+ security checks, a full vulnerability scanner, and a core integrity scanner to spot risky settings and unexpected file changes.\u003C\u002Fp>\n\u003Cp>Upgrade to Pro if you need deeper protection like advanced malware scanning\u002Fcleanup, stronger WAF controls (e.g. country blocking), and more automation\u002Falerting.\u003C\u002Fp>\n\u003Cp>This plugin can be downloaded for free without any paid subscription from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsecurity-ninja\u002F\" rel=\"ugc\">the official WordPress repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Security Ninja\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Included for free\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Basic Firewall (8G-based)\u003C\u002Fstrong> – Blocks common malicious requests and bot noise before it becomes a problem.\u003Cbr \u002F>\n– \u003Cstrong>50+ Security Tests\u003C\u002Fstrong> – Fast audit of common WordPress security misconfigurations.\u003Cbr \u002F>\n– \u003Cstrong>Vulnerability Scanner\u003C\u002Fstrong> – Highlights known issues in plugins\u002Fthemes so you can patch faster.\u003Cbr \u002F>\n– \u003Cstrong>Core Scanner\u003C\u002Fstrong> – Detect modified or unexpected files in WordPress core folders.\u003Cbr \u002F>\n– \u003Cstrong>Basic Events Logger\u003C\u002Fstrong> – Logs \u003Cstrong>firewall events\u003C\u002Fstrong> and \u003Cstrong>login attempts (successful\u002Ffailed)\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pro adds\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Advanced Malware Scanner\u003C\u002Fstrong> – Detect and clean malicious code and suspicious files.\u003Cbr \u002F>\n– \u003Cstrong>Advanced Firewall\u002FWAF controls\u003C\u002Fstrong> – e.g. country blocking, stronger rules and automation.\u003Cbr \u002F>\n– \u003Cstrong>Secure Login & 2FA\u003C\u002Fstrong> – Add stronger authentication and login protections.\u003Cbr \u002F>\n– \u003Cstrong>Automation & reporting\u003C\u002Fstrong> – Scheduled scans, reports, and advanced tracking.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security Ninja is a lightweight \u003Cstrong>WordPress firewall plugin\u003C\u002Fstrong> and security toolkit designed to protect your website from hackers, malware, brute-force attacks, and known vulnerabilities — without slowing it down.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Comprehensive WordPress Security Testing\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security Ninja performs 50+ advanced security tests to identify vulnerabilities before hackers exploit them. This includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Brute-force protection\u003C\u002Fstrong> – Blocks unauthorized login attempts to prevent forced entry.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File integrity monitoring\u003C\u002Fstrong> – Detects unauthorized changes to WordPress core files, themes, and plugins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database security checks\u003C\u002Fstrong> – Identifies weak database permissions and potential SQL injection threats.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User role audits\u003C\u002Fstrong> – Ensures no unauthorized administrator accounts exist.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security misconfiguration scans\u003C\u002Fstrong> – Identifies and fixes weak settings that could compromise security.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Enhanced Vulnerability Scanner\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Stay Ahead of Threats\u003C\u002Fstrong> – Our vulnerability scanner proactively alerts you to known vulnerabilities, allowing you to address potential threats before they exploit your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comprehensive Protection\u003C\u002Fstrong> – Security Ninja not only checks and warns for common issues but also checks for known vulnerabilities in plugins and themes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Peace of Mind\u003C\u002Fstrong> – Knowing your site is monitored for the latest vulnerabilities means you can focus on what matters most, growing your business and creating content, worry-free.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Core Scanner – Comprehensive Protection for Your WordPress Installation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Core Scanner module adds a critical layer of security by ensuring your WordPress installation remains untampered and free of unauthorized files.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Full Core File Integrity Check\u003C\u002Fstrong>: Every file in your core WordPress folders is scanned to ensure it hasn’t been modified or compromised.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detection of Unknown Files\u003C\u002Fstrong>: The scanner flags any extra or unknown files in your core WordPress directories, alerting you to potential threats.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built-in File Viewer\u003C\u002Fstrong>: Review flagged files directly within your WordPress dashboard using the integrated file viewer for a clear and easy inspection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restore Core Files\u003C\u002Fstrong>: If a core WordPress file has been altered, you can quickly restore it with a single click, ensuring your site is running the official version.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy File Management\u003C\u002Fstrong>: For unknown or suspicious files, you have the option to delete them right from the interface, keeping your WordPress installation clean and secure.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advanced Malware Scanner – Detect & Remove Malware Instantly (PRO)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security Ninja includes a high-performance malware scanner that automatically checks your WordPress core, plugins and themes for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Malicious scripts and backdoors\u003C\u002Fstrong> – Identifies hidden malware and harmful injections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Trojan and virus detection\u003C\u002Fstrong> – Scans for suspicious PHP and JavaScript entries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>One-click malware removal\u003C\u002Fstrong> – Instantly quarantine and delete infected files.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>WordPress Firewall & Real-Time Threat Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security Ninja includes a \u003Cstrong>basic firewall for free\u003C\u002Fstrong> (8G-based) to block common malicious requests. Upgrade to Pro for more advanced WAF controls.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Basic protection (Free)\u003C\u002Fstrong> – Blocks common exploit patterns and bad requests.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced protection (Pro)\u003C\u002Fstrong> – Country blocking, stronger controls, and additional intelligence\u002Fautomation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute-force & bot mitigation\u003C\u002Fstrong> – Reduce noisy and abusive traffic hitting WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Login Security & Two-Factor Authentication (2FA) (PRO)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Your WordPress login page is a primary target for hackers. Security Ninja enhances login security with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong> – Requires additional verification for safer logins.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute-force attack protection\u003C\u002Fstrong> – Limits failed login attempts to block unauthorized access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rename login\u003C\u002Fstrong> – Getting a lot of requests to your login form? Hide it for spammers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>One-Click Security Fixes & WordPress Hardening (PRO)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Manually fixing security issues is time-consuming. Security Ninja provides one-click hardening to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable XML-RPC\u003C\u002Fstrong> – Blocks common DDoS attacks and brute-force exploits.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restrict file editing\u003C\u002Fstrong> – Prevents unauthorized theme and plugin modifications.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide PHP error messages\u003C\u002Fstrong> – Stops hackers from exploiting sensitive error details.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And many more fixes to harden your WordPress security!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Events Logger \u002F Activity Tracking\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security Ninja includes a \u003Cstrong>basic events logger for free\u003C\u002Fstrong> so you can see what’s happening on your site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Free:\u003C\u002Fstrong> firewall events + login attempts (successful\u002Ffailed).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pro:\u003C\u002Fstrong> deeper tracking, alerting, and reporting.\u003C\u002Fli>\n\u003Cli>Export security logs for audits and compliance reports.\u003C\u002Fli>\n\u003Cli>Includes webhook functionality so you can integrate with other services (e.g. Slack\u002FDiscord\u002Fwebhooks).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Automated Security Scans & Reports (PRO)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security Ninja performs scheduled security scans and sends reports directly to your inbox.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set up daily, weekly, or monthly security scans.\u003C\u002Fli>\n\u003Cli>Receive email alerts about vulnerabilities and malware infections.\u003C\u002Fli>\n\u003Cli>Analyze detailed reports to keep your website secure.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Block Spam & Malicious Bots Instantly (PRO)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Hackers and spammers use bots to exploit WordPress websites. Security Ninja prevents:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Fake registrations and spam comments\u003C\u002Fstrong> – Stops bots from even getting to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Malicious bot attacks\u003C\u002Fstrong> – Blocks scripts attempting to hack your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unwanted traffic\u003C\u002Fstrong> – Reduces server load by preventing unnecessary bot access.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Join thousands of satisfied users who trust Security Ninja to keep their websites safe. Start protecting your online presence today and help yourself to peace of mind.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Security Ninja is Best WordPress Security Plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Security Ninja is the best WordPress security plugin because it provides a comprehensive, lightweight, and easy-to-use solution to protect your website from hackers, malware, and vulnerabilities. With 50+ security tests, an advanced malware scanner, a firewall, and two-factor authentication (2FA), it ensures complete website protection without slowing down performance.\u003C\u002Fp>\n\u003Cp>Unlike bloated security plugins, Security Ninja is optimized for speed and efficiency. It offers one-click security fixes, automated scans, real-time threat detection, and login protection, making it ideal for beginners and advanced users alike. Trusted since 2011, it keeps thousands of websites secure while offering proactive protection against cyber threats.\u003C\u002Fp>\n\u003Ch3>Extensions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>MainWP – The MainWP Dashboard allows administrators to manage many WordPress websites from a central location.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Install the \u003Cstrong>FREE \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsecurity-ninja-for-mainwp\u002F\" rel=\"ugc\">Security Ninja for MainWP Extension\u003C\u002Fa>\u003C\u002Fstrong> to get an overview of all websites you have installed Security Ninja on!\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsecurity-ninja-for-mainwp\u002F\u003C\u002Fp>\n\u003Ch3>Security Tests for your website\u003C\u002Fh3>\n\u003Cp>Security Ninja – Your WordPress Guardian\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Immediate Vulnerability Alerts\u003C\u002Fstrong>: Get instant notifications about vulnerabilities to keep your website safe and secure.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Comprehensive One-click Security Audit\u003C\u002Fstrong>: With just one click, perform over 50+ detailed security checks that scrutinize every corner of your site for security vulnerabilities and performance issues.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>You’re in Command\u003C\u002Fstrong>: Security Ninja respects your autonomy, providing insights and recommendations without making unsolicited changes to your site.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Holistic Security Evaluation\u003C\u002Fstrong>: Comprehensive checks on everything from the WordPress core, plugins, and themes to ensure they are up-to-date and secure.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Proactive Defense Strategies\u003C\u002Fstrong>: Equip yourself with the tools and knowledge to prevent attacks before they happen, safeguarding your site from potential threats.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Optimization Beyond Security\u003C\u002Fstrong>: Improve your site’s performance with database optimization tips, ensuring a seamless experience for your users.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Knowledge\u003C\u002Fstrong>: Each test comes with an easy-to-understand explanation, documentation, and actionable steps to fix identified issues.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customized Security Insights\u003C\u002Fstrong>: Tailored security assessments to check critical updates and configurations specific to your WordPress setup for a personalized protection strategy.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Future-Proof Your Site\u003C\u002Fstrong>: Stay ahead with tests that include the latest WordPress features and best practices for site security.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Prevent Unauthorized Access\u003C\u002Fstrong>: Strengthen your defenses with checks designed to prevent weak passwords and unauthorized file access.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Secure Configuration Checks\u003C\u002Fstrong>: Ensure your website is configured according to security best practices, from file permissions to security headers, for comprehensive protection against threats.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Enhance your website’s security, performance, and user experience with Security Ninja – your trusted partner in WordPress protection.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Security Ninja Pro\u003C\u002Fstrong> has extra features: Firewall, Filter Suspicious Queries, Country Blocking, Core Scanner, Malware Scanner, Auto Fixer for some of the tests, Events Logger & Scheduled Scans.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>An all-in-one security solution for any site. With premium support and continuous updates Security Ninja \u003Cstrong>Pro\u003C\u002Fstrong> is a perfect tool to keep your site safe. \u003Ca href=\"https:\u002F\u002Fwpsecurityninja.com\u002F?utm_source=wordpressorg&utm_medium=content&utm_campaign=readme&utm_content=see-what-pro-offers\" rel=\"nofollow ugc\">See what the PRO version offers\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Automatically block \u003Cstrong>600+ million bad IPs\u003C\u002Fstrong> with one click! \u003Ca href=\"https:\u002F\u002Fwpsecurityninja.com\u002F?utm_source=wordpressorg&utm_medium=content&utm_campaign=readme&utm_content=cloud-firewall\" rel=\"nofollow ugc\">Security Ninja Pro Firewall\u003C\u002Fa> will help you stay one step ahead of bad guys by using the collective know-how of millions of attacked sites, and ban bad guys before they even open your site.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Read more about Pro features on the \u003Ca href=\"https:\u002F\u002Fwpsecurityninja.com\u002F?utm_source=wordpressorg&utm_medium=content&utm_campaign=readme&utm_content=readmoreaboutpro\" rel=\"nofollow ugc\">Security Ninja website\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>What others say about the plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmayor.com\u002Fsecurity-ninja-review-wordpress-security-plugin\u002F\" rel=\"nofollow ugc\">WP Mayor: “Easy-to-Use WordPress Security Plugin”\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwplift.com\u002Fsecurity-ninja-review\" rel=\"nofollow ugc\">WPLift\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpexplorer.com\u002Fwordpress-security-can-security-ninja-keep-your-site-safe\u002F\" rel=\"nofollow ugc\">WPExplorer\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwploop.com\u002Fsecurity-ninja-review\u002F\" rel=\"nofollow ugc\">WP Loop\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.bitcatcha.com\u002Fblog\u002Fsecurity-ninja-plugin-review\u002F\" rel=\"nofollow ugc\">Bitcatcha.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.webhostingsecretrevealed.net\u002Fblog\u002Fwordpress-blog\u002F10-actionable-wordpress-security-tips\u002F\" rel=\"nofollow ugc\">WebHostingSecretRevealed\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.ravisinghblog.in\u002Fwp-security-ninja-review\u002F\" rel=\"nofollow ugc\">Ravi Singh\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftutorials7.com\u002Fsecurity-ninja-review.html\" rel=\"nofollow ugc\">Tutorials 7\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.onlinedecoded.com\u002Fsecurity-ninja-review\u002F\" rel=\"nofollow ugc\">onlinedecoded.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Tests\u003C\u002Fstrong>\u003Cbr \u002F>\n* The tests include:\u003Cbr \u002F>\n  * brute-force attack on user accounts to test password strength\u003Cbr \u002F>\n  * numerous installation parameters tests\u003Cbr \u002F>\n  * file permissions\u003Cbr \u002F>\n  * version hiding\u003Cbr \u002F>\n  * 0-day exploits tests\u003Cbr \u002F>\n  * debug and auto-update modes tests\u003Cbr \u002F>\n  * database configuration tests\u003Cbr \u002F>\n  * Apache and PHP related tests\u003Cbr \u002F>\n  * WP options tests\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Complete list of tests:\n\u003Cul>\n\u003Cli>Check if Application Passwords feature is enabled (new to WP 5.6)\u003C\u002Fli>\n\u003Cli>Check if WordPress core is up to date\u003C\u002Fli>\n\u003Cli>Check if automatic WordPress core updates are enabled\u003C\u002Fli>\n\u003Cli>Check if plugins are up to date\u003C\u002Fli>\n\u003Cli>Check if there are deactivated plugins\u003C\u002Fli>\n\u003Cli>Check if active plugins have been updated in the last 12 months\u003C\u002Fli>\n\u003Cli>Check if active plugins are compatible with your version of WP\u003C\u002Fli>\n\u003Cli>Check if themes are up to date\u003C\u002Fli>\n\u003Cli>Check if there are any deactivated themes\u003C\u002Fli>\n\u003Cli>Check if full WordPress version info is revealed in page’s meta data\u003C\u002Fli>\n\u003Cli>Check if REST API links are displayed in page’s meta data\u003C\u002Fli>\n\u003Cli>Check the PHP version is up to date\u003C\u002Fli>\n\u003Cli>Check the MySQL version\u003C\u002Fli>\n\u003Cli>Check if server response headers contain detailed PHP version info\u003C\u002Fli>\n\u003Cli>Check if expose_php PHP directive is turned off\u003C\u002Fli>\n\u003Cli>Check if user with username “admin” and administrator privileges exists\u003C\u002Fli>\n\u003Cli>Check if “anyone can register” option is enabled\u003C\u002Fli>\n\u003Cli>Check user’s password strength with a brute-force attack\u003C\u002Fli>\n\u003Cli>Check for display of unnecessary information on failed login attempts\u003C\u002Fli>\n\u003Cli>Check if database table prefix is the default one\u003C\u002Fli>\n\u003Cli>Check if security keys and salts have proper values\u003C\u002Fli>\n\u003Cli>Check the age of security keys and salts\u003C\u002Fli>\n\u003Cli>Test the strength of WordPress database password\u003C\u002Fli>\n\u003Cli>Check if general debug mode is enabled\u003C\u002Fli>\n\u003Cli>Check if the debug.log file exists\u003C\u002Fli>\n\u003Cli>Check if database debug mode is enabled\u003C\u002Fli>\n\u003Cli>Check if JavaScript debug mode is enabled\u003C\u002Fli>\n\u003Cli>Check if display_errors PHP directive is turned off\u003C\u002Fli>\n\u003Cli>Check if WordPress installation address is the same as the site address\u003C\u002Fli>\n\u003Cli>Check if wp-config.php file has the right permissions (chmod) set\u003C\u002Fli>\n\u003Cli>Check if register_globals PHP directive is turned off\u003C\u002Fli>\n\u003Cli>Check if PHP safe mode is disabled\u003C\u002Fli>\n\u003Cli>Check if allow_url_include PHP directive is turned off\u003C\u002Fli>\n\u003Cli>Check if plugins\u002Fthemes file editor is enabled\u003C\u002Fli>\n\u003Cli>Check if uploads folder is browsable by browsers\u003C\u002Fli>\n\u003Cli>Test if user with ID 1 and administrator role exists\u003C\u002Fli>\n\u003Cli>Check if Windows Live Writer link is present in pages’ header data\u003C\u002Fli>\n\u003Cli>Check if wp-config.php is present on the default location\u003C\u002Fli>\n\u003Cli>Check if MySQL server is connectable from outside with the WP user\u003C\u002Fli>\n\u003Cli>Check if EditURI link is present in pages’ header data\u003C\u002Fli>\n\u003Cli>Check if TimThumb script is used in the active theme\u003C\u002Fli>\n\u003Cli>Check if the server is vulnerable to the Shellshock bug #6271\u003C\u002Fli>\n\u003Cli>Check if the server is vulnerable to the Shellshock bug #7169\u003C\u002Fli>\n\u003Cli>Check if admin interface is delivered via SSL\u003C\u002Fli>\n\u003Cli>Check if MySQL account used by WordPress has too many permissions\u003C\u002Fli>\n\u003Cli>Test if a list of usernames can be fetched by looping through user IDs on http:\u002F\u002Fsiteurl.com\u002F?author={ID} (also called username enumeration)\u003C\u002Fli>\n\u003Cli>Check if server response headers contain Strict-Transport-Security\u003C\u002Fli>\n\u003Cli>Check if server response headers contain X-Frame-Options\u003C\u002Fli>\n\u003Cli>Check if server response headers contain X-Content-Type-Options\u003C\u002Fli>\n\u003Cli>Check if server response headers contain Content-Security-Policy\u003C\u002Fli>\n\u003Cli>Check if server response headers contain Strict-Transport-Security\u003C\u002Fli>\n\u003Cli>Check if server response headers contain Referrer-Policy\u003C\u002Fli>\n\u003Cli>Check if server response headers contain Feature-Policy\u003C\u002Fli>\n\u003Cli>Check for unwanted files in your root folder you should remove\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>License info\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcarhartl\u002Fjquery-cookie\" rel=\"nofollow ugc\">jQuery Cookie Plugin, Copyright 2013 Klaus Hartl\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The vulnerability scanner uses data from the \u003Ca href=\"https:\u002F\u002Fnvd.nist.gov\u002F\" rel=\"nofollow ugc\">National Vulnerability Database – NVD\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This product includes IP2Location LITE data available from \u003Ca href=\"https:\u002F\u002Flite.ip2location.com\" rel=\"nofollow ugc\">https:\u002F\u002Flite.ip2location.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin uses the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcollizo4sky\u002Fpersist-admin-notices-dismissal\" rel=\"nofollow ugc\">Persist Admin notice Dismissals\u003C\u002Fa> by Collins Agbonghama @collizo4sky\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Firewall rules are based on 8G Firewall by Jeff Starr – https:\u002F\u002Fperishablepress.com\u002F8g-blacklist\u002F\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How can I report security bugs?\u003C\u002Fh4>\n\u003Cp>You can report security bugs through the Patchstack Vulnerability Disclosure Program. The Patchstack team help validate, triage and handle any security vulnerabilities. \u003Ca href=\"https:\u002F\u002Fpatchstack.com\u002Fdatabase\u002Fvdp\u002Fsecurity-ninja\" rel=\"nofollow ugc\">Report a security vulnerability.\u003C\u002Fa>\u003C\u002Fp>\n","WordPress security plugin with free basic firewall\u002FWAF, vulnerability scanning, and 50+ core integrity checks.",7000,846284,92,99,"2026-03-04T22:31:00.000Z","6.9.4","4.7","7.4",[54,55,56,57,58],"firewall","malware","security","vulnerability","waf","https:\u002F\u002Fwpsecurityninja.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecurity-ninja.5.272.zip",1,"2025-07-23 00:00:00",{"slug":64,"name":65,"version":66,"author":4,"author_profile":5,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":71,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":25,"requires_php":52,"tags":75,"homepage":80,"download_link":81,"security_score":82,"vuln_count":6,"unpatched_count":61,"last_vuln_date":83,"fetched_at":38},"seo-booster","SEO Booster","6.1.8","\u003Cp>Import GSC data and monitor your keywords. Use GSC overview to dive in to the keyword data across your website.\u003C\u002Fp>\n\u003Cp>Create internal links easily everywhere by entering a keyword or phrase and where to link to.\u003C\u002Fp>\n\u003Cp>This allows you to enter a keyword you wish to rank for on an individual page. All other pages and posts that have that keyword in the content will convert that keyword in to a link to the page you want to rank for.\u003C\u002Fp>\n\u003Ch3>Automatic Links\u003C\u002Fh3>\n\u003Cp>Automatically make keywords in your text link to the right pages on your website. Easy way to create internal links on your website – all places you write “contact us” you can link to your contact page automatically.\u003C\u002Fp>\n\u003Cp>Works great with WooCommerce products also.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cp>This plugin is not affiliated with, endorsed, or sponsored by Google. Google Search Console, Google APIs, and any related trademarks are the property of Google LLC. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.\u003C\u002Fp>\n","Discover new keywords, create automatic internal links, monitor 404 errors, and track incoming links. Not your usual SEO plugin.",1000,197545,96,54,"2025-02-08T23:05:00.000Z","6.7.5",[76,77,78,79],"google","google-search-console","gsc","seo","https:\u002F\u002Fseoboosterpro.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fseo-booster.6.1.8.zip",63,"2026-01-19 00:00:00"]