[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fyKdDfgWAaNAHJowkWnmk-EL7Fwyw2nNfWnvSgPZnri4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":150,"fingerprints":180},"square-bracket-hack-prevention","Square Bracket Hack Prevention","1.0","Miina Sikk","https:\u002F\u002Fprofiles.wordpress.org\u002Fmiinasikk\u002F","\u003Cp>The Square Bracket Hack Prevention plugin prevents a simple but very common exploit of WordPress, by adding in a .htaccess rule upon activation preventing hackers from adding a “[” to the URL.\u003C\u002Fp>\n\u003Cp>A common attempt at a WPSOS exploit is to add a “[” to a URL, which can often break a site and expose an ability to inject code. This plugin stops it by banning all attempts at adding a “[” to the URL. It does so via adding code to the .htaccess file.\u003C\u002Fp>\n\u003Cp>Additionally, upon the uninstallation of the plugin, the line is removed. And if the .htaccess file is not editable, then the admin user is warned.\u003C\u002Fp>\n\u003Cp>If you have any suggestions let us know via http:\u002F\u002Fwww.wpsos.io\u002Fwordpress-plugin-square-bracket-hack-prevention\u002F\u003C\u002Fp>\n\u003Cp>For more information and support, check out: http:\u002F\u002Fwww.wpsos.io\u002Fwordpress-plugin-square-bracket-hack-prevention\u002F\u003C\u002Fp>\n","The Square Bracket Hack Prevention plugin prevents hackers from adding a \"[\" to the URL.",10,1761,0,"2016-02-05T23:16:00.000Z","4.4.34","3.0.1","",[19,20,21,22,23],"hack","htaccess","redirect","security","wpsos","http:\u002F\u002Fwww.wpsos.io\u002Fwordpress-plugin-square-bracket-hack-prevention\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsquare-bracket-hack-prevention.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"miinasikk",9,8050,30,84,"2026-04-05T01:53:22.627Z",[38,53,78,101,127],{"slug":39,"name":40,"version":6,"author":7,"author_profile":8,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":48,"homepage":51,"download_link":52,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"htaccess-site-access-control",".htaccess Site Access Control","\u003Cp>Using the password protection will give you extra security layer of protection from brute force hacking attacks. Additionally, it’s also an easy way to password protect your entire site, without needing to create separate WordPress users for each visitor.\u003C\u002Fp>\n\u003Cp>When you enable the password protection, the user won’t be able to see anything – not even see the protected page – until he\u002Fshe inserts the username\u002Fpassword. You can password protect the whole website, including the administrator pages; you can password protect the administrator pages; or you can password protect the WordPress login page.\u003C\u002Fp>\n\u003Cp>Free plugin options include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enabling\u002Fdisabling the password protection to wp-login.php, WordPress admin pages. Note that you’ll be asked to re-type the .htaccess username\u002Fpassword you created before enabling any of the settings – to ensure that you wouldn’t enable the password protection without even knowing the password yourself!\u003C\u002Fli>\n\u003Cli>Modifying the existing users: you can change any .htaccess user’s password and remove the users.\u003C\u002Fli>\n\u003Cli>Adding one .htaccess user.   \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Premium plugin options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create\u002Fmodify an unlimited number of .htaccess users;\u003C\u002Fli>\n\u003Cli>Protect your whole site, making it accessible to only those who have the .htaccess user.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you have any other suggestions, please let us know! You can contact us via http:\u002F\u002Fwww.wpsos.io\u002Fwordpress-plugin-htaccess-site-access-control\u002F\u003C\u002Fp>\n\u003Cp>For more information and support, check out: http:\u002F\u002Fwww.wpsos.io\u002Fwordpress-plugin-htaccess-site-access-control\u002F\u003C\u002Fp>\n","Using the password protection will give you extra security layer of protection from brute force hacking attacks. Additionally, it's also an easy  &hellip;",800,9428,80,3,"2016-05-11T14:32:00.000Z",[20,49,50,22,23],"htpasswd","securing","http:\u002F\u002Fwww.wpsos.io\u002Fwordpress-plugin-htaccess-site-access-control\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhtaccess-site-access-control.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":73,"download_link":74,"security_score":75,"vuln_count":76,"unpatched_count":13,"last_vuln_date":77,"fetched_at":28},"redirection","Redirection","5.7.5","John Godley","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnny5\u002F","\u003Cp>Redirection is the most popular redirect manager for WordPress. With it you can easily manage 301 redirections, keep track of 404 errors, and generally tidy up any loose ends your site may have. This can help reduce errors and improve your site ranking.\u003C\u002Fp>\n\u003Cp>Redirection is designed to be used on sites with a few redirects to sites with thousands of redirects.\u003C\u002Fp>\n\u003Cp>It has been a WordPress plugin for over 10 years and has been recommended countless times. And it’s free!\u003C\u002Fp>\n\u003Cp>Full documentation can be found at \u003Ca href=\"https:\u002F\u002Fredirection.me\" rel=\"nofollow ugc\">https:\u002F\u002Fredirection.me\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Redirection is compatible with PHP from 7.4 to 8.4.\u003C\u002Fp>\n\u003Ch4>Redirect manager\u003C\u002Fh4>\n\u003Cp>Create and manage redirects quickly and easily without needing Apache or Nginx knowledge. If your WordPress supports permalinks then you can use Redirection to redirect any URL.\u003C\u002Fp>\n\u003Cp>There is full support for regular expressions so you can create redirect patterns to match any number of URLs. You can match query parameters and even pass them through to the target URL.\u003C\u002Fp>\n\u003Cp>The plugin can also be configured to monitor when post or page permalinks are changed and automatically create a redirect to the new URL.\u003C\u002Fp>\n\u003Ch4>Conditional redirects\u003C\u002Fh4>\n\u003Cp>In addition to straightforward URL matching you can redirect based on other conditions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Login status – redirect only if the user is logged in or logged out\u003C\u002Fli>\n\u003Cli>WordPress capability – redirect if the user is able to perform a certain capability\u003C\u002Fli>\n\u003Cli>Browser – redirect if the user is using a certain browser\u003C\u002Fli>\n\u003Cli>Referrer – redirect if the user visited the link from another page\u003C\u002Fli>\n\u003Cli>Cookies – redirect if a particular cookie is set\u003C\u002Fli>\n\u003Cli>HTTP headers – redirect based on a HTTP header\u003C\u002Fli>\n\u003Cli>Custom filter – redirect based on your own WordPress filter\u003C\u002Fli>\n\u003Cli>IP address – redirect if the client IP address matches\u003C\u002Fli>\n\u003Cli>Server – redirect another domain if also hosted on this server\u003C\u002Fli>\n\u003Cli>Page type – redirect if the current page is a 404\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Full logging\u003C\u002Fh4>\n\u003Cp>A configurable logging option allows to view all redirects occurring on your site, including information about the visitor, the browser used, and the referrer. A ‘hit’ count is maintained for each redirect so you can see if a URL is being used.\u003C\u002Fp>\n\u003Cp>Logs can be exported for external viewing, and can be searched and filtered for more detailed investigation.\u003C\u002Fp>\n\u003Cp>Display geographic information about an IP address, as well as a full user agent information, to try and understand who the visitor is.\u003C\u002Fp>\n\u003Cp>You are able to disable or reduce IP collection to meet the legal requirements of your geographic region, and can change the amount of information captured from the bare minimum to HTTP headers.\u003C\u002Fp>\n\u003Cp>You can also log any redirect happening on your site, including those performed outside of Redirection.\u003C\u002Fp>\n\u003Ch4>Add HTTP headers\u003C\u002Fh4>\n\u003Cp>HTTP headers can be added to redirects or your entire site that help reduce the impact of redirects or help increase security. You can also add your own custom headers.\u003C\u002Fp>\n\u003Ch4>Track 404 errors\u003C\u002Fh4>\n\u003Cp>Redirection will keep track of all 404 errors that occur on your site, allowing you to track down and fix problems.\u003C\u002Fp>\n\u003Cp>Errors can be grouped to show where you should focus your attention, and can be redirected in bulk.\u003C\u002Fp>\n\u003Ch4>Query parameter handling\u003C\u002Fh4>\n\u003Cp>You can match query parameters exactly, ignore them, and even pass them through to your target.\u003C\u002Fp>\n\u003Ch4>Migrate Permalinks\u003C\u002Fh4>\n\u003Cp>Changed your permalink structure? You can migrate old permalinks simply by entering the old permalink structure. Multiple migrations are supported.\u003C\u002Fp>\n\u003Ch4>Apache & Nginx support\u003C\u002Fh4>\n\u003Cp>By default Redirection will manage all redirects using WordPress. However you can configure it so redirects are automatically saved to a .htaccess file and handled by Apache itself.\u003C\u002Fp>\n\u003Cp>If you use Nginx then you can export redirects to an Nginx rewrite rules file.\u003C\u002Fp>\n\u003Ch4>Fine-grained permissions\u003C\u002Fh4>\n\u003Cp>Fine-grained permissions are available so you can customise the plugin for different users. This makes it particularly suitable for client sites where you may want to prevent certain actions, and remove functionality.\u003C\u002Fp>\n\u003Ch4>Import & Export\u003C\u002Fh4>\n\u003Cp>The plugin has a fully-featured import and export system and you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Import and export to Apache .htaccess\u003C\u002Fli>\n\u003Cli>Export to Nginx rewrite rules\u003C\u002Fli>\n\u003Cli>Copy redirects between sites using JSON\u003C\u002Fli>\n\u003Cli>Import and export to CSV for viewing in a spreadsheet\u003C\u002Fli>\n\u003Cli>Use WP CLI to automate import and export\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also import from the following plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple 301 Redirects\u003C\u002Fli>\n\u003Cli>SEO Redirection\u003C\u002Fli>\n\u003Cli>Safe Redirect Manager\u003C\u002Fli>\n\u003Cli>Rank Math\u003C\u002Fli>\n\u003Cli>WordPress old slug redirects\u003C\u002Fli>\n\u003Cli>Quick Post\u002FPages redirects\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Search Regex compatible\u003C\u002Fh4>\n\u003Cp>Redirection is compatible with \u003Ca href=\"https:\u002F\u002Fsearchregex.com\" rel=\"nofollow ugc\">Search Regex\u003C\u002Fa>, allowing you to bulk update your redirects.\u003C\u002Fp>\n\u003Ch4>Wait, it’s free?\u003C\u002Fh4>\n\u003Cp>Yes, it’s really free. There’s no premium version and no need to pay money to get access to features. This is a dedicated redirect management plugin.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Please submit bugs, patches, and feature requests to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fredirection\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fjohngodley\u002Fredirection\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Please submit translations to:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fredirection\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fredirection\u003C\u002Fa>\u003C\u002Fp>\n","Manage 301 redirects, track 404 errors, and improve your site. No knowledge of Apache or Nginx required.",2000000,71280127,88,689,"2026-03-01T07:42:00.000Z","6.9.4","6.5","7.4",[70,71,72,20,21],"301","404","apache","https:\u002F\u002Fredirection.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fredirection.5.7.5.zip",97,5,"2018-11-14 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":66,"requires_at_least":91,"requires_php":68,"tags":92,"homepage":97,"download_link":98,"security_score":99,"vuln_count":46,"unpatched_count":13,"last_vuln_date":100,"fetched_at":28},"inactive-logout","Inactive Logout","3.6.1","Deepen Bajracharya","https:\u002F\u002Fprofiles.wordpress.org\u002Fj_3rk\u002F","\u003Cp>Protect your WordPress users’ sessions from prying eyes and snoopers!\u003C\u002Fp>\n\u003Cp>The Inactive Logout plugin automatically terminates idle user sessions, safeguarding your site if users leave their sessions unattended.\u003C\u002Fp>\n\u003Cp>A simple plugin which is easy to configure and use. After installing and activating it, just set the idle timeout from the plugin settings. From then on, any unattended idle WordPress sessions will be automatically terminated. You can also display a custom message to users, warning them that their session is about to end.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Try it out ==> \u003Ca href=\"https:\u002F\u002Ftastewp.org\u002Fplugins\u002Finactive-logout\u002F\" title=\"Demo Link\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>FEATURES:\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Change idle timeout time.\u003C\u002Fli>\n\u003Cli>Count down of 10 seconds before actual logout. You can remove this feature if you dont want it.\u003C\u002Fli>\n\u003Cli>Add only \u003Cstrong>Wake Up!\u003C\u002Fstrong> message where user will not logout but instead a wakeup message will be shown upon inactive.\u003C\u002Fli>\n\u003Cli>Custom Popup Message.\u003C\u002Fli>\n\u003Cli>Show idle message for non authenticated users or redirect them.\u003C\u002Fli>\n\u003Cli>Concurrent user logouts.\u003C\u002Fli>\n\u003Cli>Toast notification on Logout.\u003C\u002Fli>\n\u003Cli>Redirect to a Different Page instead of Popup box. Create a page such as timeout page and add your content there by creating a blank template or style it as you wish according to your theme.\u003C\u002Fli>\n\u003Cli>Multiple User Role Configurations for individual timeout and session logout redirects.\u003C\u002Fli>\n\u003Cli>Logout to custom page or existing page.\u003C\u002Fli>\n\u003Cli>Clean UI\u003C\u002Fli>\n\u003Cli>WooCommerce Supported.\u003C\u002Fli>\n\u003Cli>Multisite Support: Override all sites with one setting.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>EXTEND OTHER FEATURES:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Few of the key features to \u003Cstrong>\u003Ca href=\"https:\u002F\u002Finactive-logout.com\u002Fpricing\u002F\" title=\"Inactive Logout Pro\" rel=\"nofollow ugc\">Inactive Logout Pro\u003C\u002Fa>\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Auto browser close logout after defined duration.\u003C\u002Fli>\n\u003Cli>Fully functional multi-tab support.\u003C\u002Fli>\n\u003Cli>User Based Logout\u003C\u002Fli>\n\u003Cli>Track Visitors based on \u003Cstrong>(Login time, logout time, browser, online status, session duration, role, os, IP)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Force Logout All Users\u003C\u002Fli>\n\u003Cli>Logout Specific User(s)\u003C\u002Fli>\n\u003Cli>Bulk Logout Users\u003C\u002Fli>\n\u003Cli>Concurrent Login Limits.\u003C\u002Fli>\n\u003Cli>Last Login Activity\u003C\u002Fli>\n\u003Cli>Override Multiple Login priority\u003C\u002Fli>\n\u003Cli>User Lock whenever certain limit login has been reached.\u003C\u002Fli>\n\u003Cli>Track user login sessions.\u003C\u002Fli>\n\u003Cli>Logout redirects.\u003C\u002Fli>\n\u003Cli>Login redirects.\u003C\u002Fli>\n\u003Cli>Email notification and email template overrides for Locked concurrent session.\u003C\u002Fli>\n\u003Cli>Disable inactive logout for specified pages according to your need. Check this \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fgist.github.com\u002Ftechies23\u002F6d2852eedd6ae56c486056e021e4ee48\" title=\"documentation\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong> for additional post type support.\u003C\u002Fli>\n\u003Cli>Disable native wordpress login popup after logout\u003C\u002Fli>\n\u003Cli>Modal Customizer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>**See the \u003Ca href=\"https:\u002F\u002Finactive-logout.com\u002F\" title=\"Inactive Logout\" rel=\"nofollow ugc\">Inactive Logout\u003C\u002Fa> homepage for further information.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Please consider giving a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Finactive-logout\u002Freviews\u002F#new-post\" title=\"5 star thumbs up\" rel=\"ugc\">5 star thumbs up\u003C\u002Fa> if you found this useful.\u003C\u002Fstrong>\u003C\u002Fp>\n","Automatically logout idle user sessions, with logout redirections and concurrent limit logins all in one place.",20000,656143,94,106,"2025-12-09T05:09:00.000Z","6.6",[93,94,95,22,96],"concurrent-login-limit","idle-logout","logout","user-redirection","https:\u002F\u002Finactive-logout.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finactive-logout.3.6.1.zip",96,"2025-10-31 13:27:51",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":116,"tags":117,"homepage":121,"download_link":122,"security_score":123,"vuln_count":124,"unpatched_count":125,"last_vuln_date":126,"fetched_at":28},"wp-limit-login-attempts","WP Limit Login Attempts","2.6.5","Arshid","https:\u002F\u002Fprofiles.wordpress.org\u002Farshidkv12\u002F","\u003Cp>Limit Login Attempts for login protection, protect site from brute force attacks.Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in. WP Limit Login Attempts plugin limit rate of login attempts and block IP temporarily. It is detecting bots by captcha verification.\u003C\u002Fp>\n\u003Cp>Go to \u003Ccode>Settings > WP Limit Login\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login Security – Limit Login Attempts and track user login attempts\u003C\u002Fli>\n\u003Cli>Captcha Verification \u003C\u002Fli>\n\u003Cli>Light weight plugin \u003C\u002Fli>\n\u003Cli>Mechanism for slow down brute force attack \u003C\u002Fli>\n\u003Cli>Redirect to home page, when abnormal request (It will stop hacking tools)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR\u003C\u002Fstrong> compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Limit Login Attempts\u003C\u002Fh4>\n\u003Cp>A brute force attack is a trial-and-error mеthоd uѕеd tо оbtаin infоrmаtiоn such аѕ a user раѕѕwоrd оr реrѕоnаl idеntifiсаtiоn number (PIN). In a brute force attack, аutоmаtеd software iѕ uѕеd tо gеnеrаtе a lаrgе numbеr оf соnѕесutivе guesses аѕ to thе value of thе desired data. Brute force attack may bе uѕеd by сriminаlѕ tо crack еnсrурtеd dаtа, оr bу security аnаlуѕtѕ to tеѕt an оrgаnizаtiоn’ѕ nеtwоrk security.\u003C\u002Fp>\n\u003Cp>If уоu аdорt thе use оf this plugin, it will limit thе number оf timеѕ a uѕеr can аttеmрt tо log intо уоur ассоunt. Aftеr a сарtсhа verification would have bееn rеԛuеѕtеd, thе mесhаniѕm will ѕlоw dоwn brutе fоrсе аttасk hаving thе роwеr tо redirect tо home page аnd соmрlеtеlу аvоid intruder intо уоur рrесiоuѕ ассоunt.\u003C\u002Fp>\n\u003Ch4>Captcha Verification\u003C\u002Fh4>\n\u003Cp>WP Limit Login Attempts plugin provides an extra protection by Captcha.\u003Cbr \u002F>\nCaptcha Verification in seven attempts. It will be highly helpful for removing bots.\u003C\u002Fp>\n\u003Cp>For more service ,\u003Ca href=\"http:\u002F\u002Fwww.ciphercoin.com\" rel=\"nofollow ugc\">Please visit\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Donations\u003C\u002Fh4>\n\u003Cp>WP Limit Login Attempts plugin protecting your admin. Please make donation, I really appreciate it .\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>http:\u002F\u002Fwww.ciphercoin.com\u002Fcontact\u002F\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F_T8SWmMcawo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Limit rate of login attempts and block IP temporarily. Brute force attack protection. GDPR compliant. Captcha enabled.",10000,441779,92,300,"2024-08-04T01:13:00.000Z","6.6.5","6.0","5.6",[118,19,119,120,22],"authentication","login","loginizer","https:\u002F\u002Fciphercoin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-limit-login-attempts.zip",68,2,1,"2022-12-27 00:00:00",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":137,"num_ratings":138,"last_updated":139,"tested_up_to":66,"requires_at_least":140,"requires_php":116,"tags":141,"homepage":147,"download_link":148,"security_score":149,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"auto-install-free-ssl","Auto-Install Free SSL – Generate & Install Free SSL Certificates","4.6.1","Anindya Sundar Mandal","https:\u002F\u002Fprofiles.wordpress.org\u002Fspeedify\u002F","\u003Ch3>Auto-Install Free SSL\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>With over \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fauto-install-free-ssl\u002Freviews\u002F?filter=5\" rel=\"ugc\">380 five-star reviews ⭐⭐⭐⭐⭐\u003C\u002Fa> and a 4.9 out of 5 stars average rating, ‘Auto-Install Free SSL’ empowers you to generate Free SSL Certificates in your WordPress dashboard effortlessly.\u003C\u002Fstrong> This plugin helps secure your website and saves you money.\u003C\u002Fp>\n\u003Cp>Let’s Encrypt™ SSL Certificate is FREE. But they provide it through their API. If you are not a programmer, you need to study and practice programming for years to be able to use the API of Let’s Encrypt™ to generate a single Free SSL Certificate for your WordPress website.\u003C\u002Fp>\n\u003Cp>Here is where ‘Auto-Install Free SSL’ comes into play. This WordPress plugin provides a hassle-free way to obtain and install the Let’s Encrypt™ free SSL certificate for your website. You don’t need programming or coding experience to set it up. With this plugin, you don’t need to spend hours configuring SSL or waste money purchasing SSL certificates. All you need is a few minutes.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"How to set up Automation in 1 minute (cPanel) | Auto-Install Free SSL [Pro]\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F745390051?dnt=1&app_id=122963\" width=\"750\" height=\"400\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch3>Minimum System Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Linux or Windows hosting\u003C\u002Fli>\n\u003Cli>WordPress 4.1\u003C\u002Fli>\n\u003Cli>PHP 5.6\u003C\u002Fli>\n\u003Cli>OpenSSL extension\u003C\u002Fli>\n\u003Cli>Curl extension\u003C\u002Fli>\n\u003Cli>PHP directive allow_url_fopen = On\u003C\u002Fli>\n\u003Cli>The website should be assigned to a domain name (e.g., example.com) accessible online.\u003C\u002Fli>\n\u003Cli>Ensure your web server can serve static files – a standard feature in most web servers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>FREE PLUGIN FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Domain Ownership Verification.\u003C\u002Fli>\n\u003Cli>Generate and renew Free SSL Certificate.\u003C\u002Fli>\n\u003Cli>One-click Download the generated SSL certificate, Private key, and CA Bundle files.\u003C\u002Fli>\n\u003Cli>Video tutorial on cPanel: (1) How to upload HTTP-01 challenge files to verify domain ownership. (2) How to Install the Free SSL Certificate.\u003C\u002Fli>\n\u003Cli>Written tutorial on Plesk for the above two topics.\u003C\u002Fli>\n\u003Cli>One-click Force SSL activation, i.e., HTTPS redirect, fix insecure links and mixed content warning, display the padlock in the browser’s address bar with ONLY ONE CLICK.\u003C\u002Fli>\n\u003Cli>One-click revert to HTTP if required.\u003C\u002Fli>\n\u003Cli>Automatic renewal reminder by email and admin notice before the SSL expiry date.\u003C\u002Fli>\n\u003Cli>Automatic account registration with Let’s Encrypt™.\u003C\u002Fli>\n\u003Cli>Automatic CSR (Certificate Signing Request) generation.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The free https SSL certificate issued by Let’s Encrypt™ expires in 90 days. They recommend renewing 30 days before expiry. Please check the FAQ section to learn why the lifetime is 90 days.\u003C\u002Fp>\n\u003Cp> \u003C\u002Fp>\n\u003Cpre>\u003Ccode> Use this plugin only for HTTPS redirects too. \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If your WordPress website has an SSL certificate installed and you are looking ONLY for Force SSL activation (i.e., HTTPS redirect, fix insecure content), you can use the FREE version.\u003C\u002Fp>\n\u003Ch3>PREMIUM PLUGIN FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic\u003C\u002Fstrong> Verification of Domain Ownership.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic\u003C\u002Fstrong> Generation of Free SSL Certificate.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Installation\u003C\u002Fstrong> of Free SSL Security Certificate (cPanel or root access is required for this automation). [However, if you have neither cPanel nor root access, we’ll Install the SSL manually for the first time and provide documentation on how to install SSL manually].\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Renewal\u003C\u002Fstrong> of Free SSL Certificate (30 days before expiry).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Cron Job.\u003C\u002Fstrong> No need to set the Cron Job manually.\u003C\u002Fli>\n\u003Cli>Automatic account registration with Let’s Encrypt™.\u003C\u002Fli>\n\u003Cli>Automatic CSR (Certificate Signing Request) generation.\u003C\u002Fli>\n\u003Cli>One-click Force SSL activation.\u003C\u002Fli>\n\u003Cli>One-click revert to HTTP if required.\u003C\u002Fli>\n\u003Cli>One-to-one Premium Support.\u003C\u002Fli>\n\u003Cli>SSL installation training for non-cPanel websites.\u003C\u002Fli>\n\u003Cli>Automatic WildCard SSL certificate for free! (Generation and installation of an SSL certificate for a domain that covers all its sub-domains.)\u003C\u002Fli>\n\u003Cli>Automatically sets the DNS TXT record to verify the domain and generate free wildcard SSL certificates (supported DNS service providers: Cloudflare, Godaddy, Namecheap, and cPanel.)\u003C\u002Fli>\n\u003Cli>Supports Multisite.\u003C\u002Fli>\n\u003Cli>Works on all the websites hosted on a cPanel \u002F web hosting.\u003C\u002Fli>\n\u003Cli>If needed, you can revoke any SSL certificate and change your Let’s Encrypt™ account key.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>(The last five features are available for the unlimited sites license only.)\u003C\u002Fp>\n\u003Cp>If your WordPress website is hosted on a VPS or dedicated server and you don’t have cPanel, \u003Cstrong>Automatic Installation\u003C\u002Fstrong> of the Free SSL Certificate is still possible. Please get in touch with us after purchase.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ffreessl.tech\u002Ffree-ssl-certificate-for-wordpress-website\u002F?utm_source=wp_org&utm_medium=description&utm_campaign=aifs_free&utm_content=premium_features\" rel=\"nofollow ugc\">BUY PREMIUM VERSION\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Benefits of installing an SSL certificate on your WordPress website\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Protect your users’ data:\u003C\u002Fstrong> If an SSL certificate is installed, your WordPress website’s data travels through the internet with 2048-bit (or more) encryption. No computer or hacker in between can read your users’ encrypted data. Only the intended recipient (users’ browser or your server) can decrypt and read the encrypted data. The data may be credit card-like necessary payment details, user input with a contact form, or a simple login form.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Display PADLOCK:\u003C\u002Fstrong> Installing an SSL certificate is not optional anymore, even if your WordPress website doesn’t accept credit cards. Since July 2018, with version 68, Google Chrome has started to mark all HTTP (no SSL) websites as ‘Not secure’, even if it doesn’t accept user input. All other browsers followed the same path. When users visit an SSL-secured website, all browsers display a secured PADLOCK in the address bar.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Boost the Search Engine Ranking:\u003C\u002Fstrong> Google and other search engines aim to create a secure web. So, search engines now favor SSL-secured HTTPS websites and discourage insecure ones in the search results. If your WordPress website doesn’t have an SSL certificate installed, you are missing something significant regarding SEO and staying away from potential customers.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Gain the trust of your users:\u003C\u002Fstrong> If users see the secured PADLOCK and HTTPS connection in the URL, they are assured that your website is secured. Now you are gaining the trust of your potential customers. They are confident to purchase your product or service.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Please \u003Ca href=\"https:\u002F\u002Ffreessl.tech\u002Fwordpress-letsencrypt-free-ssl-certificate-documentation\u002F?utm_source=wp_org&utm_medium=description&utm_campaign=aifs_free&utm_content=documentation\" rel=\"nofollow ugc\">click here\u003C\u002Fa> for the documentation.\u003C\u002Fp>\n\u003Ch3>Support and Report a Bug\u003C\u002Fh3>\n\u003Cp>Please check the existing topics in the WordPress \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fauto-install-free-ssl\" rel=\"ugc\">support forum\u003C\u002Fa> before creating a new topic for support or reporting a bug.\u003C\u002Fp>\n\u003Ch3>‘AUTO-INSTALL FREE SSL’ IN YOUR LANGUAGE?\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fauto-install-free-ssl\u002F\" rel=\"nofollow ugc\">Translations can be added easily here\u003C\u002Fa> if you want to translate in your language.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fletsencrypt.org\" rel=\"nofollow ugc\">Let’s Encrypt™\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>I developed this plugin based on the PHP client\u002Fapp \u003Ca href=\"https:\u002F\u002Ffreessl.tech\u002F?utm_source=wp_org&utm_medium=description&utm_campaign=aifs_free&utm_content=credits\" rel=\"nofollow ugc\">‘FreeSSL.tech Auto’\u003C\u002Fa>, which I developed with a massive rewrite of \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanalogic\u002Flescript\" rel=\"nofollow ugc\">Lescript\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcpanel.com\" rel=\"nofollow ugc\">cPanel\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Let’s Encrypt™ is a trademark of the Internet Security Research Group. All rights reserved.\u003C\u002Fp>\n","Generate & install Free SSL Certificates for WordPress, HTTPS redirect, get PADLOCK in the browser, get automatic Renewal Reminders from plugin.",9000,501022,98,397,"2025-12-24T04:33:00.000Z","4.1",[142,143,144,145,146],"free-ssl","free-ssl-certificate","https-redirect","ssl-certificate","ssl-security","https:\u002F\u002Ffreessl.tech","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-install-free-ssl.4.6.1.zip",100,{"attackSurface":151,"codeSignals":168,"taintFlows":175,"riskAssessment":176,"analyzedAt":179},{"hooks":152,"ajaxHandlers":164,"restRoutes":165,"shortcodes":166,"cronEvents":167,"entryPointCount":13,"unprotectedCount":13},[153,159],{"type":154,"name":155,"callback":156,"priority":11,"file":157,"line":158},"filter","plugin_row_meta","wpsos_sbhp_set_plugin_meta","square-bracket-hack-prevention.php",24,{"type":160,"name":161,"callback":162,"file":157,"line":163},"action","admin_notices","wpsos_sbhp_add_htaccess_warning",29,[],[],[],[],{"dangerousFunctions":169,"sqlUsage":170,"outputEscaping":172,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":174},[],{"prepared":13,"raw":13,"locations":171},[],{"escaped":13,"rawEcho":13,"locations":173},[],[],[],{"summary":177,"deductions":178},"The \"square-bracket-hack-prevention\" plugin version 1.0 presents an extremely low security risk based on the provided static analysis and vulnerability history.  The code analysis reveals no discernible attack surface through common WordPress entry points like AJAX, REST API, shortcodes, or cron events.  Furthermore, the plugin avoids dangerous functions, makes no external HTTP requests, and has no file operations, indicating a clean and focused codebase.  The absence of SQL queries and output escaping also suggests no direct vulnerabilities in these areas, though their complete absence might indicate a very limited or non-functional plugin. The vulnerability history is equally reassuring, with no known CVEs ever reported for this plugin.  This track record suggests a well-developed and maintained plugin that has not historically been a target or source of security flaws.  While the lack of explicit capability checks or nonce checks on entry points could be a concern in a plugin with a larger attack surface, the complete absence of such entry points renders this a non-issue for this specific plugin. Overall, this plugin appears to be exceptionally secure, with no identified weaknesses or historical vulnerabilities.",[],"2026-03-17T00:44:08.149Z",{"wat":181,"direct":186},{"assetPaths":182,"generatorPatterns":183,"scriptPaths":184,"versionParams":185},[],[],[],[],{"cssClasses":187,"htmlComments":189,"htmlAttributes":190,"restEndpoints":191,"jsGlobals":192,"shortcodeOutput":193},[188],"error",[],[],[],[],[]]