An Internet Protocol address (IP address) is a unique numerical label assigned to each device (e.g., computer, tablet, and so on) participating in a network that uses the Internet Protocol for communication.
Example: 77.124.210.177
1) By searching for “Antihacker” via the “Plugins > Add New” screen in your WordPress dashboard;
or
2) Download the plugin via WordPress.org Upload the ZIP file through the ‘Plugins > Add New > Upload’ screen in your WordPress dashboard Activate the plugin through the ‘Plugins’ menu in WordPress
or
3) By FTP, extract the zip file and just drop the contents in the wp-content/plugins/ directory of your WordPress installation and then activate the Plugin from Plugins page.
2) Click Deactivate
3) Click Delete
or, by FTP:
Go to folder: wp-content/plugins/ and remove the folder AntiHacker with all files.
2) Find Anti Hacker Plugin
3) Click Deactivate
Your login page will request your wordpress user email and will send to you one email someone not whitelisted just made login. If the email is correct, the login go through. Then, by security, not show your wordpress user email at your page.
To avoid receive this alert email, add your IP to whitelist.
The email alert will be send to your wordpress user email. You can change this email by click over the tab email at the plugin management page.
If you forget your wordpress email, you can click over the Forgot the password link at wordpress login page and they will send you one email or you can remove this plugin by FTP.
XML-RPC on WordPress is actually an API or “application program interface“. It gives developers who make mobile apps, desktop apps and other services the ability to talk to your WordPress site.
Most users don’t need WordPress XML-RPC functionality, and it’s one of the most common causes for exploits. If you want to access and publish to your blog remotely, then you need XML-RPC enabled. Otherwise, you can just disable it at our plugin’s control panel. (General Settings Tab)
Yes. This feature was included in our last version. Just check disable it at General Settings tab.
The new WordPress 4.7 REST API allows anonymous access. The hackers can use this API to list the usernames.
To see this WP REST API function in action, simply visit a site with WordPress 4.7 installed and hit the URL: mysite.com/wp-json/wp/v2/users
This will list all users that have published a post.
To test your site, you need install our plugin, disable Json WordPress Rest API (also new WordPress 4.7 Rest API) and make logout.
We have a language file ready to you translate this plugin for your language.
You can find the file at:
/wp-content/plugins/antihacker/language
the name of the file is antihacker.pot
Please, contact me about that (contact page).
In this moment, we have only English language.
To change your site language, go to (dashboard) Settings => General => Site Language.
Since WordPress 4.0 the “WPLANG” constant is deprecated and should no longer be used, therefore removed from “wp-config.php” file.
During development of plugins or themes, as well as during deployment of a WordPress site, developers or system administrators may enable debug to see any PHP errors that occur.
WordPress makes use of the WP_DEBUG constant which is defined in wp-config.php. The constant is set to be false by default.
This can be useful while a theme, plugin or site is in development, however, if enabled on a production website, it might cause information disclosure – allowing malicious users to view errors and additional logging information.
The WP_DEBUG constant should be disabled on production systems by either removing the constant from the wp-config.php file, or setting it to false as follows.
define( 'WP_DEBUG', false );
Error login messages may expose and give hackers an idea if they’ve gotten username correct/incorrect, vice versa. It is wise to hide it from unauthorized login. Our plugin can replace it for “Wrong Username or Password.”
Our Firewall protects your site against malicious URL requests. It checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(
, base64_ and so on.
- 100% Plug-n-play functionality
- No configuration required
- Blocks a wide range of malicious requests
- Scans all incoming traffic and blocks bad requests
- Blocks directory traversal attacks
- Blocks executable file uploads
- Blocks SQL injection attacks
- Scans all types of requests: GET, POST, PUT, DELETE
You can activate notifications to receive emails with details about requests blockeds.
Yes, our plugin works fine with PHP 7.3.
if you test it with the plugin PHP Compatibility Checker, you will receive a false positive message:
“The behaviour of hexadecimal numeric strings was inconsistent prior to PHP 7 and support has been removed in PHP 7. Found: ‘0x3c62723e’”
The string it is reporting (‘0x3c62723e’) is a false positive. Our firewall uses that string as a pattern, not as a numeric hex string. The pattern is used to check if the string is included in any bad requests.
Yes, our plugin works fine with Contact Form7. Please, read below.
Go to
Dashboard => Anti Hacker => General Settings (tab)
Disable Json WordPress Rest API?
Mark: No
and
Save Changes.
The Tor Project makes a browser that allows anyone to surf the Internet anonymously. Tor stands for “the onion router”.
Anonymity is also something that provides value to online attackers. 95% of requests from the Tor network are per se malicious and they are automated requests designed to harm servers. A large percentage of the vulnerability scanning, ad click fraud, comment spam, content scraping, and login scanning comes via the Tor network.