[wordpress插件] iThemes Security (formerly Better WP Security)iThemes安全性(以前更好的WP安全性)

wordpress 插件 文章 2020-03-04 08:30 479 0 全屏看文



iThemes Security is the #1 WordPress Security Plugin

iThemes安全性是#1 WordPress安全性插件

iThemes Security (formerly Better WP Security) gives you over 30+ ways to secure and protect your WordPress site.

iThemes安全性(以前称为WP Security)可以为您提供30多种保护和保护WordPress网站的方法。

On average, 30,000 new websites are hacked each day.


WordPress sites can be an easy target for attacks because of plugin vulnerabilities, weak passwords and obsolete software.


Most WordPress admins don’t know they’re vulnerable, but iThemes Security works to lock down WordPress, fix common holes, stop automated attacks and strengthen user credentials.

大多数WordPress管理员都不知道自己容易受到攻击,但是iThemes Security可以锁定WordPress,修复常见漏洞,阻止自动攻击并增强用户凭据。

With advanced features for experienced users, our WordPress security plugin can help harden WordPress.


Maintained and Supported by iThemes


iThemes has been building and supporting WordPress tools since 2008 like BackupBuddy, our WordPress backup plugin.

iThemes自2008年以来一直在构建和支持WordPress工具,例如BackupBuddy,这是我们的 WordPress备份插件

With our full range of WordPress plugins, 插件

/themes/" rel="nofollow">themes and training, WordPress security is the next step in

/ themes /“ rel =” nofollow“>主题和培训,WordPress的安全性是下一步

providing you with everything you need to build the WordPress web.


Get Plugin Support and Pro Features


Get added peace of mind with professional support from our expert team and pro features to take your site's security to the next level with iThemes

借助我们的专家团队和专业功能的专业支持,您可以放心地使用 iThemes将您的网站的安全性提高到一个新的水平

Security Pro.


Pro Features:


    • Two-Factor Authentication – Use a mobile app such as Google Authenticator or Authy to generate a code or have a generated code emailed to you.
    • 双重身份验证–使用移动应用程序(例如Google Authenticator或Authy)来生成代码或将生成的代码通过电子邮件发送给您。

    • WordPress Salts & Security Keys – The iThemes Security plugin makes updating your WordPress keys and salts easy.
    • WordPress盐和安全密钥– iThemes安全插件可轻松更新WordPress密钥和盐。

    • Malware Scan Scheduling – Have your site scanned for malware automatically each day.

    • 恶意软件扫描计划-每天自动对您的站点进行恶意软件扫描。

      If an issue is found, an email is sent with the details.

    • 如果发现问题,则会发送一封包含详细信息的电子邮件。

    • Password Security – Generate strong passwords right from your profile screen.
    • 密码安全性–直接在您的个人资料屏幕上生成强密码。

    • Password Expiration – Set a maximum password age and force users to choose a new password.

    • 密码有效期–设置最长密码使用期限,并强制用户选择新密码。

      You can also force all users to choose a new password immediately (if needed).

    • 您还可以强制所有用户立即选择新密码(如果需要)。

    • Google reCAPTCHA – Protect your site against spammers.
    • Google reCAPTCHA –保护您的网站免受垃圾邮件发送者的侵害。

    • User Action Logging – Track when users edit content, login or logout.
    • 用户操作记录–跟踪用户何时编辑内容,登录或注销。

    • Import/Export Settings – Saves time setting up multiple WordPress sites.
    • 导入/导出设置–节省设置多个WordPress网站的时间。

    • Dashboard Widget – Manage important tasks such as user banning and system scans right from the WordPress dashboard.
    • 仪表板小部件–直接从WordPress仪表板管理重要任务,例如用户禁止和系统扫描。

    • Online File Comparison – When a file change is detected it will scan the origin of the files to determine if the change was malicious or not.

    • 在线文件比较-检测到文件更改后,它将扫描文件的来源以确定更改是否为恶意文件。

      Currently works only in WordPress core but plugins and themes are coming.

    • 目前仅适用于WordPress核心,但插件和主题即将推出。

    • Temporary Privilege Escalation – give a contractor or someone else temporary admin or editor access to your site that will automatically reset itself.
    • 临时特权升级–为承包商或其他人提供临时管理员或编辑者访问您的站点的权限,该权限将自动重置。

    • wp-cli Integration – Manage your site’s security from the command line.
    • wp-cli集成–从命令行管理您站点的安全性。

    iThemes Sync Integration


    Manage more than one WordPress site?


    Manage Away Mode, release lockouts and keep your themes, plugins and WordPress core up to date from one dashboard with iThemes Sync.

    使用iThemes Sync从一个仪表板管理离开模式,释放锁定并保持主题,插件和WordPress核心为最新。

    Start managing 10 WordPress sites for free with iThemes Sync.

    开始使用iThemes Sync免费管理10个WordPress网站

    iThemes Brute Force Attack Protection Network


    iThemes Security takes brute force attack protection to the next level by banning users who have tried to break into other sites from breaking into yours.

    iThemes Security禁止试图侵入其他站点的用户进入您的站点,从而将暴力攻击保护提高到了新的水平。

    The iThemes Brute Force Attack Protection Network will automatically report IP addresses of failed login attempts and will block them for a length of time necessary to protect your site based on the number of sites that have seen a similar attack.

    iThemes Brute Force攻击保护网络将自动报告登录尝试失败的IP地址,并根据遭受类似攻击的站点数量来阻止它们,以保护您的站点所需的时间。



    iThemes Security works to protect your site by blocking bad users and increasing the security of passwords and other vital information.

    iThemes Security通过阻止不良用户并提高密码和其他重要信息的安全性来保护您的网站。

      • Prevents brute force attacks by banning hosts and users with too many invalid login attempts
      • 通过禁止主机和用户进行过多无效登录尝试来防止暴力攻击

      • Scans your site to instantly report where vulnerabilities exist and fixes them in seconds
      • 扫描您的网站以立即报告存在漏洞的位置并在几秒钟内修复漏洞

      • Bans troublesome user agents, bots and other hosts
      • 禁止麻烦的用户代理,机器人和其他主机

      • Strengthens server security
      • 加强服务器安全性

      • Enforces strong passwords for all accounts of a configurable minimum role
      • 为可配置的最低角色的所有帐户强制使用强密码

      • Forces SSL for admin pages (on supporting servers)
      • 为管理页面强制使用SSL(在支持的服务器上)

      • Forces SSL for any page or post (on supporting servers)
      • 对任何页面或帖子强制SSL(在支持的服务器上)

      • Turns off file editing from within WordPress admin area
      • 从WordPress管理区域中关闭文件编辑

      • Detects and blocks numerous attacks to your filesystem and database
      • 检测并阻止对文件系统和数据库的大量攻击



      iThemes Security monitors your site and reports changes to the filesystem and database that might indicate a compromise.

      iThemes Security监视您的站点并报告对文件系统和数据库的更改,这些更改可能表明存在危害。

      iThemes Security also works to detect bots and other attempts to search vulnerabilities.

      iThemes Security还可以检测机器人和其他搜索漏洞的尝试。

        • Detects bots and other attempts to search for vulnerabilities.
        • 检测漫游器和其他尝试搜索漏洞的方法。

        • Monitors filesystem for unauthorized changes.
        • 监视文件系统以进行未经授权的更改。

        • Run a scan for malware and blacklists on the homepage of your site.
        • 在您网站的主页上扫描恶意软件和黑名单。

        • Receive email notifications when someone gets locked out after too many failed login attempts or when a file on your site has been changed.
        • 当登录失败次数过多或某个站点上的文件被更改后,某人被锁定时,接收电子邮件通知。



        iThemes Security hides common WordPress security vulnerabilities, preventing attackers from learning too much about your site and away from sensitive areas like your site’s login, admin, etc.

        iThemes Security隐藏了常见的WordPress安全漏洞,可防止攻击者对您的网站了解过多,并远离敏感的区域,例如网站的登录名,管理员等。


NOTE: iThemes Security makes significant changers to your database and other site files which can be problematic, so a backup is strongly recommended before making any changes to your site with this plugin.

注意:iThemes Security会对数据库和其他站点文件进行重大更改,这可能会带来问题,因此,强烈建议您在使用此插件对站点进行任何更改之前进行备份。

While problems are rare, most support requests involve the failure to make a proper backup before installation.


    1. BEFORE YOU BEGIN: Back up your WordPress database, config file, and .htaccess file.

    2. 开始之前:备份WordPress数据库,配置文件和.htaccess文件。

      We recommend using BackupBuddy, our WordPress backup plugin for a complete site backup.

    3. 我们建议使用 BackupBuddy (我们的WordPress备份插件)进行完整的网站备份。

    4. Upload the zip file to the /wp-content/plugins/ directory
    5. 将zip文件上传到 / wp-content / plugins / 目录

    6. Unzip
    7. 解压缩

    8. Activate the plugin through the ‘Plugins’ menu in WordPress
    9. 通过WordPress中的“插件”菜单激活插件

    10. Visit the Security menu for checklist and options
    11. 访问“安全”菜单以查看清单和选项

    DISCLAIMER: Under no circumstances do we release this plugin with any warranty, implied or otherwise.


    We cannot be held responsible for any damage that might arise from the use of this plugin.


