SECURE is a WordPress plugin by secconsult that shows you exactly how to lock down your WordPress sites. Everyday new security risks are found and hackers are ready to use them against your websites. SEC Consult have a dedicated team in multiple time zones that tracks all security risks and makes them available to you in real-time.
The free version of SECURE identifies the following security issues and more:
Outdated Plugins, Themes and WordPress itself
Known security issues in installed Plugins, Themes and WordPress itself (information is 30 days old)
User accounts with weak passwords
Files that might leak information to attackers
Insecure file permissions for important core files
Unencrypted communication with the WordPress admin interface
Directory listings are enabled
The upload of dangerous file types is allowed
Debugging is enabled
User Registration is enabled
WordPress file editing is enabled
Default database prefix is used
Root database user is used
Dangerous PHP functions are enabled
Multiple issues with error reporting that might leak information to attackers
PHP leaking version information
The pro version of SECURE comes with the following unique benefits:
You’ll receive an e-mail alert as soon as vulnerabilities are identified that affect any of your sites.
The vulnerability alerts will tell you exactly how to address the vulnerability and become safe again.
You’ll receive weekly status mails informing you about outdated versions and vulnerabilities in your sites.