跳到內容
  • 關於 WordPress
    • 關於 WordPress
    • WordPress.org 香港中文
    • 線上說明
    • 技術支援
    • 意見反應
  • 登入
  • 註冊
WordPress.org
WordPress.org

Hong Kong 香港中文

  • 佈景主題
  • 外掛
  • News
  • Support
  • About
  • 重要通知
  • WordPress 常見問題
  • 團隊
  • 取得 WordPress
取得 WordPress

外掛

  • 我的收藏
  • Beta測試
  • 開發者
下載

XO Security

由Xakuro
  • 詳情
  • 評價
  • 安裝
  • 支援
  • 開發

描述

XO Security is a plugin to enhance login related security.
This plugin does not write to .htaccess file. Besides Apache, LiteSpeed, Nginx and IIS also work.

Functions

  • Record login log.
  • Limit login attempts.
  • Login Alert.
  • Add Captcha to the login form and comment form.
  • Change the URL of the login page.
  • Disable login by mail address.
  • Disable login by user name.
  • Change login error message.
  • Disable XML-RPC and XML-RPC Pingback.
  • Disable REST API.
  • Change REST API URL prefix.
  • Disable author archive page.
  • Remove comment author class of comments list.
  • WooCommerce login page protection.
  • Anti-spam comment.
  • Hide WordPress version information.
  • Edit the author slug.
  • Disable RSS and Atom feeds.

WordPress multisite considerations

If you set the login page separately for the main site and the subsite, you will not be able to use the password loss function of the subsite. We recommend that you set the login page to be common to all sites.

螢幕截圖

  • Login log page.
  • Status page.
  • Login setting page.
  • Profile page.

安裝

  1. Upload the XO-Security folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the Plugins menu in WordPress.
  3. Go to “Settings” -> “XO Security” and customize behaviour as needed.

常見問題

Login page is not displayed.

Please initialize the settings.

  • In wp_options table, the value of the option_name field (column) is to remove the record of “xo_security_options”.
  • If you have set the login page, please delete the file.

The CAPTCHA is not displayed.

Please install mbstring and GD module.

評價

awesome

ulafox 2021年8月19日
This plugin has become one of my favorite plugins, it protects my website from malicious users, and the development team provides support very quickly! Thanks!

とても良い

mainichiweb 2021年6月11日
長年、SiteGuardを使っていましたが、たまにログインできなくなってプラグインをサーバーから削除とかしたりだったので、こちらのプラグインを使い始めました。 設定画面もわかりやすく、作動も安定していて、ログイン試行履歴とかも見れます(結構不正ログインされようとしているのがわかって楽しい)、随時他のサイトのセキュリティプラグインもこちらに切り替えていこうと思っています。感謝感謝

軽量かつマルチサイトも対応で素晴らしいです。

ifnoob 2021年4月4日
ログイン関係にとどまらず、WordPress全体としてのセキュリティプラグインへの進化を期待します。

Underrated Plugin!

Horlayemi 2019年10月13日
This plugin does its job well and clean. Another thing I Love bout this plugin is the lightness. Keep up da good work guys!

Awesome!

Ko Takagi 2019年6月18日
This is awesome plugin! It has all the features I need and is very easy to use.

Recommended plugin at Nginx

IKT 2017年10月8日
I was able to change the login URL with Nginx. すばらしいプラグインです。
閱讀全部6個評價

貢獻者及開發者

“XO Security” 是一個開源的軟體。以下的人對這個外掛作出了貢獻。

貢獻者
  • ishitaka

XO Security 外掛目前已有 1 個本地化語言版本。 感謝所有譯者為這個外掛做出的貢獻。

將 XO Security 外掛本地化為台灣繁體中文版。

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄。

修改日誌

3.2.0

  • Added an option to set a common login page for all WordPress multisite sites.

3.1.9

  • Enhanced WordPress multisite support.

3.1.8

  • Fixed a bug that the post list page for each creator on the admin screen is not displayed when the creator archive page is disabled.
  • Fixed a bug that login may fail when using CAPTCHA.

3.1.7

  • Fixed the html of the setting screen after it was incorrect.
  • Omitted the lazy loading attribute of CAPTCHA in the login form.

3.1.6

  • Fixed a vulnerability in Authenticated (author +) Time-based SQL Injection. (Thanks to Kenta Yoshida)

3.1.5

  • Added the ability to choose whether spam comments should be blocked, marked as spam and saved, or put in the trash.
  • Code refactoring.

3.1.4

  • Fixed a bug that an error message may be displayed on the admin screen during a new installation.

3.1.3

  • Fixed a bug in login log recording.

3.1.2

  • Added an option to set the default display method of the login log.

3.1.1

  • Fixed a bug where CAPTCHA was ignored and login was possible when PHP session was not available. (Thanks to Jazz@ifNoob)

3.1.0

  • In the case of WordPress multisite, the log is recorded for each site.
  • Added the ability to disable RSS and Atom feeds.

3.0.0

  • Added the editing function of the author slug.
  • Disabled auto-completion for CAPTCHA input fields.

2.9.0

  • Added the ability to hide WordPress version information.

2.8.0

  • Added the ability to block spam comment.

2.7.0

  • Restructured the settings page.
  • Added the function to customize the login form.

2.6.0

  • Changed to remove the standard sitemap user provider when disabling the author archive.

2.5.0

  • Added login type column to login log.

2.4.0

  • Added the option to select the method of acquiring the IP address.

2.3.0

  • Added a feature to disable login by user name and enable login by email only.

2.1.3

  • Fixed a bug that could slow down the display of the admin page. (Thanks to mocchii)

2.1.0

  • Added function to display site information.

2.0.0

  • Added option to change login error message.
  • Added option to disable login by mail address.

1.5.3

  • Fixed XSS vulnerability.

1.0.0

  • Initial release.

其它

  • 版本:3.2.0
  • 最後更新:1 週之前
  • 運作中的安裝:7,000+
  • WordPress Version: 4.6 or higher
  • 已測試到版本:6.0
  • PHP Version: 5.6 or higher
  • 語言:

    English (US) 及 Japanese.

    翻譯成你的語言

  • 標籤:
    loginpingbackrestsecurityxmlrpc
  • 進階顯示

評分

顯示全部
  • 5星 6
  • 4星 0
  • 3星 0
  • 2星 0
  • 1星 0
Log in to submit a review.

貢獻者

  • ishitaka

支援

最近兩個月解決了的問題:

1個中的0個

檢視支援論壇

  • 關於我們
  • 最新消息
  • 寄存
  • 贊助基金會
  • 技術支援
  • 開發者資源
  • 共同參與
  • Learn
  • 展示網站
  • 外掛
  • 佈景主題
  • 區塊版面配置
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • 隱私權
  • Public Code
WordPress.org
WordPress.org

Hong Kong 香港中文

  • 訪問我們的 Facebook 專頁
  • 訪問我們的 Twitter 帳戶
代碼就是詩歌。