Linux 软件免费装

在这里免费安装WordPress以及其他软件

Banner图

VMP Security - Firewall, Malware Scan, and Login Security

开发者 tanveer269
更新时间 2026年4月22日 18:27
PHP版本: 7.4 及以上
WordPress版本: 6.9
版权: GPLv2 or later
版权网址: 版权信息

标签

security two factor authentication firewall malware brute force protection

下载

1.0.0 2.1.1 2.2.6 2.2.2 2.2.3 2.2.1 2.2.8 2.2.5 2.2.7 2.2.4 2.0.0 2.1.0 2.1.2 2.2.0

详情介绍:

Other WordPress security plugins delay firewall rules by 30 days and charge $149/year for country blocking and audit logs. We don't. VMP Security is a free WordPress security plugin that gives you 280+ real-time firewall rules, 9 specialized malware scanners, 170,000+ threat signatures, country blocking, audit logging, two-factor authentication, and brute force protection. Everything runs on your server. Your files and database never leave your hosting. What's Included ✅ Web Application Firewall — 280+ real-time rules, zero-day detection, pre-WordPress execution mode ✅ 9 Malware Scanners — Malware, file integrity, CVE, user accounts, content, public files, server state, binary, domain reputation ✅ Country Blocking — Block by country, login-only or full-site (free — competitors charge for this) ✅ Brute Force & Rate Limiting — Login limits, leaked password detection, bot throttling ✅ Two-Factor Authentication — QR setup, backup codes, role enforcement, WooCommerce support ✅ Audit Log & Live Traffic — Complete security event history with real-time monitoring ✅ Privacy-First — All scanning on your server. Files and database never sent externally. How VMP Security Compares Feature | VMP Security Free | Wordfence Free | Wordfence Premium ($149/yr) | Real-time firewall rules | ✅ 280+ | ❌ 30-day delay | ✅ | Real-time malware signatures | ✅ 170,000+ | ❌ 30-day delay | ✅ | Malware scanners | 9 specialized | 1 general | 1 general | Country blocking | ✅ | ❌ | ✅ | Audit log | ✅ | ❌ | ✅ | IP blocklist | ✅ | ❌ | ✅ | Two-factor authentication | ✅ | ✅ | ✅ | See It In Action https://www.youtube.com/watch?v=3TrZaaReeaA 🔥 Web Application Firewall (WAF) Your first line of defense. Every request is inspected before it reaches WordPress. What It Stops: Extended Protection (WAF Optimizer) Run the firewall before WordPress loads — malicious requests are blocked before any vulnerable plugin or theme code can execute. One-click setup with automatic server detection (Apache/LiteSpeed) and built-in backup. 🔍 9 Specialized Malware Scanners Not one scanner — nine. Each specialized for a different threat type.
  1. Malware Scanner — 170,000+ signatures detect backdoors, trojans, and malicious code
  2. File Integrity Monitor — Compares your files against official WordPress checksums
  3. Vulnerability Scanner — Checks plugins and themes against known CVEs
  4. User Security Scanner — Finds suspicious admin accounts and weak credentials
  5. Content Safety Scanner — Detects malicious content injected into posts and comments
  6. Public Files Scanner — Finds exposed configuration files (wp-config backups, .env, debug logs)
  7. Server State Scanner — Audits PHP settings, file permissions, and server configuration
  8. Binary Scanner — Detects malware embedded in images and executables
  9. Domain Reputation Scanner — Checks URLs against Google Safe Browsing and threat databases
Obfuscation analysis catches encoded malware that basic scanners miss. Behavior analysis flags suspicious file operations beyond known signatures. Legitimacy assessment reduces false positives. Choose from quick, standard, high sensitivity, or custom scan modes. 🌍 Country Blocking & IP Management Block entire countries or fine-tune access with advanced pattern rules. 🛡️ Brute Force Protection & Rate Limiting Stop password guessing and resource exhaustion attacks. 🔐 Two-Factor Authentication (2FA) Even if someone steals your password, they can't get in. 📊 Dashboard, Monitoring & Tools Set it up in 5 minutes. Go deep when you want to. 🔒 Privacy-First Security All scanning happens on YOUR server. Period. What We DON'T Do: ❌ We don't send your file content or database data to external servers ❌ We don't track your users ❌ We don't collect analytics about your site ❌ We don't send data without your knowledge External Services (Optional): We use external services only when necessary for specific security features. You can see exactly what's sent: VMP Security Servers Installation
  1. Install from the WordPress plugin directory or upload the plugin files
  2. Activate the plugin
  3. Go to VMP Security > Dashboard and run your first scan
  4. Enable 2FA for your admin account
  5. That's it — the firewall and all protection features are active by default

屏幕截图:

  • **Active Scan Interface** - Real-time scan progress with detailed statistics and threat detection
  • **Scan Results** - Complete threat analysis with actionable remediation options
  • **Firewall Dashboard** - WAF protection status, attack statistics, and blocked threats
  • **Attack Log** - Detailed view of blocked attacks with IP, attack type, and violated rules
  • **Firewall Summary & Attack Graph** - Firewall attack summary and global network attack graph
  • **Firewall Configuration** - Comprehensive settings for WAF, brute force, and rate limiting
  • **2FA Setup Screen** - QR code setup for two-factor authentication
  • **Live Traffic Monitor** - Real-time traffic view with human vs bot classification

升级注意事项:

2.2.8 Blocked IPs Management, WAF Reliability & Custom Login Compatibility - Adds bulk actions and export for blocked IPs, WAF fallback sync for broken-cron environments, and custom login URL compatibility. Safe to update. 2.2.7 Translation Support & Portal Connection - Full internationalization support with translatable strings, language pack compatibility, and portal connection flow. Safe to update. 2.2.6 Email Alerts & Scan Results Update - Updated email alert functionality, enhanced audit log, and improved scan result curation. Safe to update. 2.2.5 All Options & Audit Log Update - Completed All Options page UI, added update notifications, and enhanced audit log integration. Safe to update. 2.2.4 Performance & UX Update - Adds WAF Optimizer with extended protection wizards, onboarding tours for new users, and major signature loading performance improvements. Recommended for all users. Safe to update. 2.2.3 Maintenance Update - Improved cleanup on deactivation, cron management, and UI polish. Safe to update. 2.2.2 Enhanced Features & Branding Update - Updated plugin name, Adds auto-update option, dashboard widget, dynamic update intervals, data retention choice, and improved auto-sync for security rules. Recommended for all users. Safe to update. 2.2.1 WordPress.org Compliance Update - Updated plugin name and documentation to comply with WordPress.org guidelines. No functional changes. 2.2.0 Major Feature Release! Adds Country Blocking, Custom Pattern Matching, comprehensive Diagnostics tool, and Settings Export/Import. Three new database tables will be created automatically. Recommended for all users seeking advanced geo-blocking and pattern-based protection. 2.1.2 Scanner Optimized & Bug Fixed Improved security scanner's performance, bug fixed, firewall UI improved, status indicator improved. 2.1.1 Scanner Optimized Improved security scanner's performance and bug fixed. 2.1.0 Major Feature Update! Adds Two-Factor Authentication, live traffic monitoring, enhanced IP blocking, and reCAPTCHA integration. Recommended for all users. Database will auto-migrate on activation. 2.0.0 Critical Security Update! Adds complete Web Application Firewall with 150+ rules, brute force protection, and rate limiting. Highly recommended for all users. Review firewall settings after upgrade. 1.0.0 Initial release. Install to enable comprehensive WordPress security protection.

常见问题:

How is VMP Security different from Wordfence?

VMP Security includes country blocking, audit logging, IP blocklists, and real-time firewall rules in the free version. With Wordfence, these features require the $119/year premium plan. VMP Security also runs 9 specialized malware scanners (vs. Wordfence's 1 general scanner) and performs all scanning on your server — no file data is sent externally.

Is VMP Security completely free?

Yes. The free version includes the full firewall (280+ rules), all 9 malware scanners (170,000+ signatures), country blocking, audit log, 2FA, brute force protection, and live traffic monitoring. Premium adds YARA scanning with 1,000+ rules for advanced threat detection.

Will this slow down my website?

Nope. We're obsessed with performance. The firewall uses efficient pattern matching, scanners run in the background, and we optimize memory usage. Your visitors won't notice any slowdown.

Do I need to configure anything?

Not really. It works great out of the box with secure defaults. But if you want to customize, we give you full control over every feature.

What happens when an attack is blocked?

The attacker gets a 403 Forbidden page. We log the attack details (IP, type, time, violated rules) so you can see what happened. Repeat offenders get permanently banned.

Can I whitelist my own IP address?

Yes! Go to Firewall > Options and add your IP to the allowlist. You'll bypass all firewall rules (useful for testing).

How does 2FA work?

Use any authenticator app (Google Authenticator, Authy, 1Password, etc.). Scan the QR code during setup, and you're done. You'll enter a 6-digit code when logging in.

Will it detect all malware?

No security tool catches 100% of threats. But our specialized scanners with pattern matching, behavior analysis, and reputation checking catch the vast majority. We're constantly updating our detection signatures.

Can it help with malware removal?

Yes. When we find infected WordPress core files, you can restore the original clean version with one click. For plugins and themes, we guide you through reinstalling from official sources. Our 9 scanners detect the malware — you control the cleanup.

Does it work with WooCommerce?

Yes! We have special integrations for WooCommerce to protect your store and customer data.

How do I update firewall rules?

Rules are updated automatically with plugin updates. You can also add custom rules in Firewall > WAF Rules.

Can I schedule automatic scans?

Absolutely. Daily, twice daily, weekly, weekdays only, weekends only, or custom schedules. The scan monitor ensures they complete successfully.

What if I get locked out?

2FA includes backup codes that you save during setup. For firewall lockouts, you can disable the plugin via FTP or use WordPress recovery mode.

Do you offer support?

Yes! We provide support through the WordPress.org forums. Premium support options coming soon.

更新日志:

2.2.8 - April 22, 2026 Blocked IPs Management, WAF Reliability & Custom Login Compatibility 2.2.7 - April 1, 2026 Translation Support & Portal Connection 2.2.6 - March 16, 2026 Email Alerts, Audit Log & Scan Results Update 2.2.5 - March 5, 2026 All Options, Update Notice & Audit Log Update 2.2.4 - February 18, 2026 WAF Optimizer, Onboarding, Performance & UX Update ** New Features:** 2.2.3 - January 31, 2026 Maintenance & Optimization Update 2.2.2 - January 20, 2026 Enhanced Features Performance, Branding & UI Consistency Update 2.2.1 - January 19, 2026 WordPress.org Compliance Update 2.2.0 - January 18, 2026 MAJOR UPDATE: Country Blocking, Custom Pattern Matching, Export/Import & Diagnostics Tools ** New Features:** 2.1.2 - January 10, 2026 2.1.1 - January 9, 2026 2.1.0 - January 7, 2026 MAJOR UPDATE: Two-Factor Authentication, Enhanced Blocking, Tools & Advanced Features ** New Features:** 2.0.0 - December 11, 2025 MAJOR UPDATE: Advanced Firewall Protection & Attack Prevention ** Firewall Features:** 1.0.0 - September 29, 2025 Initial Release - Comprehensive Security Scanner