Linux 软件免费装
Banner图

Site Lockdown Security

开发者 wpfixit
更新时间 2026年7月1日 05:04
捐献地址: 去捐款
PHP版本: 7.4 及以上
WordPress版本: 7.0
版权: GPLv2 or later
版权网址: 版权信息

标签

wordpress security firewall malware scanner

下载

3.4.2 6.1 4.2 6.2 6.7 3.2 2.9.3 4.4 7.7.1 8.1 8.1.1 1.4 8.0.1 2.6 2.7 2.9 2.9.1 2.9.2 3.4 3.4.1 3.4.3 3.4.4 3.0 4.1 4.5 4.6 4.7 4.8 2.5 4.0 5.1 5.2 3.5 4.9.2 5.3 2.8 3.3 5.4 5.5 5.6 6.3 4.3 6.4 2.9.5 6.5 7.0 7.1 7.6 6.8 7.5 7.7 7.7.2 7.7.3 8.0 8.5 2.0 3.7 8.5.1 3.6 5.0 6.6 8.6 4.9.1 6.0 8.6.1 2.9.4 7.5.2 7.7.4 8.7 9.0 3.1 4.9 9.1 7.5.1 9.1.1

详情介绍:

View full plugin documentation - CLICK HERE Site Lockdown Security gives WordPress administrators, agencies, developers, and support teams a full security command center without hiding the best tools behind a paid upgrade. Most WordPress security plugins reserve their strongest features for premium plans: firewalls, file change monitoring, malware scanning, scheduled reports, branded client dashboards, email alerts, login protection, cleanup tools, Cloudflare controls, and advanced hardening. Site Lockdown Security includes those kinds of features in one plugin, and they are not treated as upsells. Use Site Lockdown Security to audit files, lock down important folders, monitor file changes, verify WordPress core integrity, scan for suspicious code, review abandoned folders, enforce password resets, check public file exposure, monitor redirects, protect logins, review risky software, receive branded email alerts, and run a WordPress-aware firewall with Cloudflare and WooCommerce compatibility controls. Premium Features Without Premium Upgrade Fees Site Lockdown Security is built around a simple promise: powerful WordPress security features should not require surprise upgrade fees. Features that are commonly sold as premium add-ons in other WordPress security plugins are included here, including white label branding, firewall controls, file change monitoring, scheduled security reports, infection scanning, cleanup tools, email notification previews, Cloudflare edge actions, login security, and client-ready branded alerts. We will never charge for plugin upgrades or future features. When Site Lockdown Security improves, your security tools improve with it. Key Features Built For Agencies And Client Support Teams Site Lockdown Security includes White Label Branding because security work is often delivered as a professional service. You can brand the admin experience, email imagery, colors, icons, banners, and plugin presentation around your business or client support program. Branding settings can be exported and imported between sites so the same client-ready experience can be reused across multiple installations. These are the kinds of client-facing tools that are often locked behind agency or premium licenses elsewhere. In Site Lockdown Security, they are included. Firewall Security Firewall Security helps protect WordPress from suspicious requests, exploit payloads, scanner signatures, bot signatures, dangerous methods, XML-RPC abuse, REST API exposure, suspicious query strings, and excessive request rates. Protection modes include Smart Block for high-confidence malicious traffic, Monitor Only for tuning without blocking, WooCommerce Safe for checkout and payment compatibility, and Emergency Shield for active attack situations where public traffic needs to be restricted while administrators retain access. Firewall Security also includes event logging, severity tracking, searchable timelines, IP allow/block actions, Cloudflare-aware IP detection, Cloudflare edge actions, notification settings, email summaries, and a customizable blocked request page. Site Lock Site Lock helps prevent unwanted file additions, injected scripts, unauthorized edits, and accidental deletions by making selected WordPress files and folders read-only. You can unlock the site when legitimate updates or maintenance are needed, then apply Site Lock again when finished. Site Lock is useful after a site has been cleaned, audited, updated, or stabilized and you want to reduce the chance of future unexpected file changes. Watch Dog Watch Dog creates a trusted baseline of your site files and compares future scans against that baseline. It reports new, modified, and deleted files so administrators can quickly review changes after updates, maintenance, cleanup work, or suspicious activity. Watch Dog includes file change monitoring, baseline rebuilding, review actions, scheduled scans, protected baseline storage, and email alerts when changes are detected. Watch Dog Baseline Storage Watch Dog stores protected baseline data under: wp-content/uploads/site-lock/watch-dog/ This keeps baseline data outside the plugin folder so it is not removed during plugin updates. Sites updating from older versions automatically migrate Watch Dog baseline storage from the previous location: wp-content/uploads/guard-dog/watch-dog/ After a successful migration, the old storage folder is safely removed and the new Watch Dog storage path remains excluded from Site Lock so baseline files can continue to be updated when needed. Redirect Monitor Redirect Monitor tests public site behavior as different visitor types and alerts when visitors may be redirected to an unauthorized website. It can test the homepage, login page, custom paths, and same-site navigation menu URLs using a focused scan strategy designed to avoid oversized scan jobs. Core Check Core Check compares installed WordPress core files against the official WordPress.org checksum API. It reports modified, missing, unreadable, or unexpected files in WordPress core areas so administrators can review potential core file integrity problems. Update Monitor Update Monitor checks pending WordPress core, plugin, and theme updates and sends email alerts only when updates are available. Infection Scanner The infection scanner reviews site files for suspicious patterns commonly associated with malware, backdoors, obfuscated scripts, spam injections, and unwanted code. Scans can be run manually or scheduled, and results can be included in reports and notifications. Email Notifications Site Lockdown Security includes configurable email alerts for important security events and scheduled checks. Supported notification types include: Each individual alert includes a preview option so administrators can review the email layout before using it. The global email notification settings form allows administrators to set the default frequency and recipient email for alerts in one place. White Label Branding White Label Branding is one of the standout features of Site Lockdown Security because it lets agencies and service providers present security work under their own brand. Administrators can customize branding text, colors, icons, dark icons, banners, email imagery, and dashboard presentation. White Label settings can be exported to a JSON file and imported on another site, making it easier to reuse the same branding across multiple installations. The Reset Settings option restores the default Site Lockdown theme and brings back the default support contact button when branding is returned to its original values. Plugin Refresher Plugin Refresher helps reinstall fresh copies of WordPress.org plugins. This can be useful when a plugin may have been modified, corrupted, or affected by suspicious files. Site Lockdown Security uses native WordPress upgrade handling for safer refresh workflows and supports both individual and bulk plugin refreshes. Theme Refresher Theme Refresher helps reinstall fresh copies of WordPress.org themes. It includes version information, update status, WordPress.org availability detection, and support for individual or bulk theme refresh workflows. Password Reset Enforcement Require selected user roles to change their password. Active sessions for those users are logged out immediately, and their next valid login attempt shows a clear password-change message with a secure reset link. Public File Exposure Check Test whether sensitive backup, log, configuration, database, and metadata files can be accessed publicly from the website URL. File Finder and Removal Tool Quickly scan for specific files or identify extensionless files that may require review or removal. No shell commands or complex server tasks are required. Login Security Login Security helps protect the WordPress login area with protected login URL controls, login attempt limits, activity tracking, session controls, and role-based expiration options. Permissions Check Permissions Check reviews important WordPress files and folders and compares current permissions against recommended values. It helps identify writable files, risky permissions, and items that may need attention. When Site Lock protects a file or folder, permissions results account for that protected status. Software Health Software Health checks installed plugins and themes for maintenance signals that may indicate abandoned or outdated software. It helps administrators identify items that may need updates, replacement, removal, or closer review. Risk Review Risk Review checks local site risk signals and common security configuration concerns. It includes severity sorting, ignore/include controls, scheduled checks, and optional email alerts. Setup Guide The Setup Guide helps administrators complete recommended Site Lockdown Security settings. Setup items include Site Lock, scheduled infection scans, automated reports, file change baselines, file change notifications, core change notifications, software health alerts, risk review alerts, firewall settings, login protection, and branded email notifications. Progress tracking helps administrators see which recommended protection steps are complete.

安装:

  1. Upload the plugin files to the /wp-content/plugins/ directory, or install through the WordPress Plugins screen.
  2. Activate the plugin through the Plugins screen in WordPress.
  3. Navigate to Site Lockdown to begin auditing and protecting your site.
  4. Use Site Lock to lock files when your site is clean and stable.
  5. Use Watch Dog > File Change Monitor to create a trusted baseline and scan for file changes.
  6. Use Watch Dog > Core Check to verify WordPress core file integrity.
  7. Use Setup Guide to complete recommended protection steps.
  8. Configure email alerts, scheduled scans, reports, and white label branding as needed.

屏幕截图:

  • **Main Folder Auditor** displaying folders and files in the root of your WordPress installation.
  • **Content Folder Auditor** listing folders and files found inside the wp-content directory.
  • **Plugins Folder Auditor** showing installed plugin folders and hidden or orphaned plugin directories.
  • **Themes Folder Auditor** displaying theme folders on disk and alerting you to invalid or unrecognized themes.
  • **Uploads Folder Auditor** showing upload folders and identifying PHP files present in uploads.
  • **.htaccess Auditor** listing every .htaccess file detected across your site for review and management.
  • **Security Settings** page where you can configure Site Lock, security headers, and user hardening features.
  • **Infection Scanner** selection screen allowing you to choose which areas of your site to scan.
  • **Security Tools** section providing access to File Finder & Remover, Blacklist Checker, SSL Checker, and Plugin Refresher.
  • **File Finder & Remover** tool for searching specific filenames or detecting files with no extension.
  • **Blacklist Checker results** showing your domain/IP status across multiple blacklist and reputation services.
  • **Plugin Refresher** tool for reinstalling a fresh copy of a WordPress.org plugin.
  • **Site Lock prevention notice** informing you that Site Lock is enabled and blocking file changes.
  • **Settings screen** for auto lock, Site Lock admin bar status, scheduled scans, automated reports, email notifications, and white label branding.
  • **Watch Dog area** for file change monitor, core check, software health, and risk review security tools.
  • **File Change Monitor** to create a trusted file baseline, scan for changes, and review individual files.
  • **Core Check** to compare WordPress core files against the official WordPress.org core checksum API.
  • **Theme Refresher** tool for reinstalling a fresh copy of a WordPress.org theme.
  • **Permissions Check** to view important file and folder permissions.
  • **Setup Guide** to complete recommended protection for your site.
  • **Software Health** to find installed plugins and themes that may no longer be maintained.
  • **Risk Review** to check local site risk signals and common security configuration concerns.
  • **White Label Settings** for customizing Site Lockdown Security branding, colors, icons, banners, and email imagery.
  • **Email Notification Preview** showing individual alert preview layouts before notifications are sent.
  • **Headers Security Review** for checking important website security headers and identifying missing or misconfigured protections.
  • **User Security Monitoring** for reviewing account activity, login behavior, role changes, and other user-related security events.
  • **Redirect Monitor** to alert when visitors may be redirected to an unauthorized website.
  • **Update Monitor** for pending WordPress core, plugin, and theme updates and send email alerts only when updates are available.
  • **Password Reset Enforcement** to force password change by user role.
  • **Public File Exposure Check** check sensitive backup, log, configuration, database, and metadata files can be accessed publicly from the website URL.
  • **Login Security** to protect your WordPress login area with URL protection, login limits, activity tracking, session controls, and role-based expiration.
  • **Firewall Security** to protect your WordPress site with smart request blocking, Emergency Shield, IP allowlist/blocklist controls, Cloudflare edge actions.

升级注意事项:

9.1.1
  • Improved Firewall UI and functions to allow even when Cloudflare is not setup
9.1 Improved Firewall UI and functions 9.0 Adds Firewall Security with Smart Block, Emergency Shield, Cloudflare edge actions, IP allow/block controls, event logging, alerts, and customizable blocked request handling. 8.7 Adds the new Login Security area with custom login URL protection, improved login attempt controls, active session management, enhanced security monitoring, and stronger MainWP bridge protection. 8.6.1 Redirect Monitor no longer runs the Facebook visitor profile. 8.6.5 Redirect Monitor uses a menu-focused URL list with a hard 25 URL cap and removes the Scan Coverage setting. 8.6.4 Reverts the Redirect Monitor scan modal contrast treatment while keeping the updated scan title. 8.6.1 Adds resumable Redirect Monitor batch scanning and dynamic progress details for large-site reliability. 8.6 Added Password Reset Enforcement, added Public File Exposure Check, ignored audit flag on default index.php files and re-styled menu for cleaner navigation 8.5.1 Added Redirect Monitor, Added Update Monitor, Improved targeted unlocking for single targets 8.5 Fixed lock and unlock actions that trigger outside of WordPress install 8.0.1 Fixed stale lock/unlock request error and updated endpoints for MainWP extension 8.0 Major release to WP Site Lockdown adding unique White Label Branding 7.7.4 Improved AJAX faster loading and style corrections 7.7.3 Style corrections 7.7.2 New CSS methods for WordPress 7.0 7.7.1 Fixed ManageWP connection 7.7 Made WordPress 7.0 ready 7.6 Massive overhaul of infection scanner 7.5.2 Made correction to Site Lock error on SiteGround servers 7.5.1 Fix Site Lock critical error issue on sites with large file counts 7.5 Major update with new Setup Guide, global alert notification settings, combined security digest, Software Health checks, Risk Review checks, improved Watch Dog baseline handling, cleaner admin navigation, refreshed styling, and Plugin Check compatibility fixes. 7.1 Added Plugin Refresher reloaded, Theme Refresher, and Permissions Check tools, plus improved Watch Dog handling, cleaner tool navigation, stronger infection-cleanup workflows, safer bulk refresh processing, and expanded Plugin Check compatibility fixes. 7.0 Major Watch Dog release. Adds File Change Monitor, trusted baselines, scheduled file change scans, email alerts, baseline exclusions, protected Watch Dog storage, and WordPress Core Check using the official checksum API. 6.8 Now compatible with hosting environments that auto lock WordPress core files. Improved Site Lock conditions to isolate certain folders and files. 6.7 Removed Site Lock status in admin bar on site frontend. Added bulk database actions to infection scanner and select file actions to file remover tool. 6.6 Fixed auto lock/unlock with MainWP. 6.5 Made plugin code run only in admin area where needed. 6.4 Fixed styling issue on scanner page. 6.3 Added a database infection scanner and a setting to disable the admin bar Site Lock status display. 6.2 Corrected typo in plugin description. 6.1 Added AJAX loading content notice. 6.0 Faster AJAX navigation, better scanners/checkers, and responsive tables. 5.6 Added scheduled infection scans. 5.5 Added additional lock exceptions. 5.4 Improved API REST endpoint call for cache bypass. 5.3 Fixed permissions issue with Site Lock and MainWP. 5.2 Added integration with MainWP. 5.1 Added a plugin refresher. 5.0 New Tools section.

常见问题:

Why do I need this plugin?

Site Lockdown Security helps you identify leftover folders, suspicious files, unexpected file changes, weak security settings, risky permissions, and WordPress core file issues. It gives administrators better visibility into what exists on the server and what may need review.

Does Site Lockdown Security automatically delete orphaned folders or suspicious files?

No. Site Lockdown Security is built to help you review and take informed action. Files and folders are shown with action buttons so you can decide whether to view, download, ignore, include, delete, approve, refresh, or lock them.

What is Site Lock?

Site Lock makes protected files and folders read-only to help prevent unauthorized changes. You can unlock the site when updates or maintenance are needed, then lock it again when finished.

What is Watch Dog File Change Monitor?

Watch Dog File Change Monitor creates a trusted baseline of your site files. Future scans compare the current site against that baseline and report new, modified, or deleted files.

What is Watch Dog Core Check?

Watch Dog Core Check compares your installed WordPress core files against the official WordPress.org checksum API. It helps detect modified, missing, unreadable, or unexpected files in WordPress core areas.

Does Core Check scan plugins and themes?

No. Core Check only verifies WordPress core files in the WordPress root, wp-admin, and wp-includes areas. Plugins, themes, uploads, and custom content are handled by other Site Lockdown Security tools.

Will Watch Dog work when Site Lock is enabled?

Yes. Watch Dog stores baseline and scan data in its protected uploads storage folder, and Site Lockdown Security allows that required Watch Dog path to remain writable while Site Lock is active.

Where is Watch Dog baseline data stored?

Watch Dog stores protected baseline data under wp-content/uploads/site-lock/watch-dog/. This keeps baseline data outside the plugin folder so it is not removed during plugin updates. Sites updating from older versions automatically migrate baseline storage from the previous wp-content/uploads/guard-dog/watch-dog/ location.

Does Watch Dog email me when file changes or core issues are found?

Yes. File Change Monitor and Core Check each include email alert settings. Emails are sent only when the related scan finds issues.

Can I preview email notifications?

Yes. Individual email alert settings include preview tools so you can review how each notification type will look. Preview layouts are available for plugin update alerts, security snapshot digests, scheduled infection scans, automated security reports, file change notifications, core change notifications, software health alerts, and risk review alerts.

What makes the White Label options unique?

Most WordPress security plugins focus only on scanning, hardening, firewalls, or alerts. Site Lockdown Security also includes built-in White Label Branding, allowing agencies, developers, and support providers to present the security dashboard, branding assets, and notification imagery with their own identity. This makes it especially useful for client management, maintenance services, and branded support programs.

Can I white label Site Lockdown Security?

Yes. Site Lockdown Security includes White Label settings for customizing plugin branding text, colors, icons, dark icons, banners, and email imagery.

Can I move White Label settings to another site?

Yes. Use White Label Export to download the current branding settings as a JSON file. Use White Label Import on another site to upload and apply those settings. Imported settings are validated and sanitized before being saved.

What happens when I reset White Label settings?

Reset Settings restores the default Site Lockdown theme. When the settings return to the default theme, the default support contact button is shown again.

Will this slow down my website frontend?

No. Site Lockdown Security tools run inside the WordPress admin area and do not run on the public frontend during normal page visits.

Does it work on multisite?

Site Lockdown Security is currently designed for single-site WordPress installations. Multisite support may be added in a future release.

更新日志:

9.1.1 9.1 9.0 8.7 8.6.1 8.6.5 8.6.4 8.6.1 8.6 8.5.1 8.5 8.0.1 8.0 7.7.4 7.7.3 7.7.2 7.7.1 7.7 7.6 7.5.2 7.5.1 7.5 7.1 7.0 6.8 6.7 6.6 6.5 6.4 6.3 6.2 6.1 6.0 5.6 5.5 5.4 5.3 5.2 5.1 5.0 4.9.2 4.9.1 4.9 4.8 4.7 4.6 4.5 4.4 4.3 4.2 4.1 4.0 3.7 3.6 3.5 3.4.4 3.4.3 3.4.2 3.4.1 3.4 3.3 3.2 3.1 3.0 2.9.4 2.9.3 2.9.2 2.9.1 2.9 2.8 2.7 2.6 2.5 2.0 1.3.1 1.3.0 1.2.0 1.0.0