Descrição
XO Security is a plugin to enhance login related security.
This plugin does not write to .htaccess file. Besides Apache, LiteSpeed, Nginx and IIS also work.
Functions
- Record login log.
- Limit login attempts.
- Login Alert.
- Add Captcha to the login form and comment form.
- Change the URL of the login page. (WordPress multisite subdomain type is not supported).
- Disable login by mail address.
- Disable login by user name.
- Change login error message.
- Disable XML-RPC and XML-RPC Pingback.
- Disable REST API.
- Change REST API URL prefix.
- Disable author archive page.
- Remove comment author class of comments list.
- WordPress multisite support.
- WooCommerce login page protection.
- Anti-spam comment.
- Hide WordPress version information.
- Edit the author slug.
- Disable RSS and Atom feeds.
Instalação
- Upload the
XO-Security
folder to the/wp-content/plugins/
directory. - Activate the plugin through the Plugins menu in WordPress.
- Go to “Settings” -> “XO Security” and customize behaviour as needed.
FAQ
-
Login page is not displayed.
-
Please initialize the settings.
- In wp_options table, the value of the option_name field (column) is to remove the record of “xo_security_options”.
- If you have set the login page, please delete the file.
-
The CAPTCHA is not displayed.
-
Please install mbstring and GD module.
Avaliações
Contribuidores e desenvolvedores
“XO Security” é um software com código aberto. As seguintes pessoas contribuíram para este plugin.
Contribuidores“XO Security” foi traduzido para 1 localidade. Obrigado aos tradutores por suas contribuições.
Traduzir “XO Security” para o seu idioma.
Interessado no desenvolvimento?
Navegue pelo código, dê uma olhada no repositório SVN ou assine o registro de desenvolvimento via RSS.
Registro de alterações
3.1.8
- Fixed a bug that the post list page for each creator on the admin screen is not displayed when the creator archive page is disabled.
- Fixed a bug that login may fail when using CAPTCHA.
3.1.7
- Fixed the html of the setting screen after it was incorrect.
- Omitted the lazy loading attribute of CAPTCHA in the login form.
3.1.6
- Fixed a vulnerability in Authenticated (author +) Time-based SQL Injection. (Thanks to Kenta Yoshida)
3.1.5
- Added the ability to choose whether spam comments should be blocked, marked as spam and saved, or put in the trash.
- Code refactoring.
3.1.4
- Fixed a bug that an error message may be displayed on the admin screen during a new installation.
3.1.3
- Fixed a bug in login log recording.
3.1.2
- Added an option to set the default display method of the login log.
3.1.1
- Fixed a bug where CAPTCHA was ignored and login was possible when PHP session was not available. (Thanks to Jazz@ifNoob)
3.1.0
- In the case of WordPress multisite, the log is recorded for each site.
- Added the ability to disable RSS and Atom feeds.
3.0.0
- Added the editing function of the author slug.
- Disabled auto-completion for CAPTCHA input fields.
2.9.0
- Added the ability to hide WordPress version information.
2.8.0
- Added the ability to block spam comment.
2.7.0
- Restructured the settings page.
- Added the function to customize the login form.
2.6.0
- Changed to remove the standard sitemap user provider when disabling the author archive.
2.5.0
- Added login type column to login log.
2.4.0
- Added the option to select the method of acquiring the IP address.
2.3.0
- Added a feature to disable login by user name and enable login by email only.
2.1.3
- Fixed a bug that could slow down the display of the admin page. (Thanks to mocchii)
2.1.0
- Added function to display site information.
2.0.0
- Added option to change login error message.
- Added option to disable login by mail address.
1.5.3
- Fixed XSS vulnerability.
1.0.0
- Initial release.