بازدان بۆ ناوەڕۆک
WordPress.org

وۆردپرێس بەکوردی

  • ڕووکارەکان
  • پێوەکراوەکان
  • دەربارە
  • وۆردپرێس بە دەستبێنە
وۆردپرێس بە دەستبێنە
WordPress.org

Plugin Directory

SiteGuard WP Plugin

  • پێوەکراوێک بڵاوبکەرەوە
  • دڵخوازەکانم
  • Log in
  • پێوەکراوێک بڵاوبکەرەوە
  • دڵخوازەکانم
  • Log in

SiteGuard WP Plugin

لەلایەن jp-secure
داگرتن
  • وردەکارییەکان
  • پێداچوونەوەکان
  • دامەزراندن
  • گەشەپێدان
پشتیوانی

وەسف

SiteGuard WP Plugin helps protect WordPress sites by strengthening login and admin-area security. It helps reduce brute-force login attacks, password list attacks, comment spam, and unauthorized access to /wp-admin/.

Main Features

  • Admin Page IP Filter: Restricts wp-admin access to IP addresses that have successfully logged in.
  • Rename Login: Changes the URL of the login page from wp-login.php to a custom path.
  • CAPTCHA: Adds CAPTCHA to login, comment, password reset, and user registration forms.
  • Login Lock: Temporarily locks out IP addresses after repeated failed login attempts.
  • Login Alert: Sends email notifications when users log in.
  • Fail Once: Intentionally rejects the first valid login attempt and requires the user to try again shortly after.
  • Protect XML-RPC: Disables pingbacks or all XML-RPC access to help prevent abuse.
  • Block Author Query: Helps prevent username leakage through /?author=<number> requests.
  • Update Notifications: Sends email notifications when updates are available for WordPress core, plugins, or themes.
  • WAF Tuning Support: Creates exclusion rules to help prevent false positives when SiteGuard Server Edition WAF is installed.

Requirements and Compatibility

  • WordPress multisite is not supported.
  • Apache 1.3, Apache 2.x, and Nginx are supported.
  • CAPTCHA requires the PHP extensions mbstring and gd.
  • WAF Tuning Support requires SiteGuard Server Edition on Apache.

Documentation

Documentation, FAQs, and more details are available in English and Japanese.

Translations

This plugin is translated by the community. We appreciate your help with translations on the WordPress translation platform.

سکرین شۆتەکان

SiteGuard WP Plugin dashboard.
SiteGuard WP Plugin dashboard.

دامەزراندن

From the WordPress Dashboard

  1. In the WordPress dashboard, go to Plugins > Add New.
  2. Search for “SiteGuard WP Plugin”.
  3. Install and activate the plugin.

Manual Installation

  1. Search for and download “SiteGuard WP Plugin”.
  2. In the WordPress dashboard, go to Plugins > Add New > Upload Plugin.
  3. Upload the downloaded ZIP file.
  4. Install and activate the plugin.

پهد

For FAQs, see the English or Japanese documentation.

پێداچوونەوەکان

Unsafe

alexbrowp تشرینی دووەم 27, 2024
When you log out, the session is not closed and you can still go to wp-admin. Also, redirecting wp-admin to the custom login page doesn’t help with security

.

wpuserjp202306t تەممووز 27, 2023
.

ログイン保護に利用しています

Fumiki Takahashi حوزه‌یران 23, 2023
誰でもユーザーを登録できるサイトを作っているのですが、ログイン保護機能を利用しています。スパムアカウントが減りました。

解決済/ループバックリクエストでの問題(サイトヘルス)

tsutlnps149 شوبات 6, 2021
管理ページアクセス制限を有効にすると、サイトヘルスで「サイトでループバックリクエストが完了できませんでした」という文字が出るが、この問題、site-health.phpを除外設定にしてもなお出続ける。 制限をOFFにすると、出なくなる。 バージョン「1.5.1」でのアップデートで、この問題は解決したようです。ありがとうございました。

Multisite is not supported

T. Sagawa ئەیلوول 15, 2020
Nothing work in multi-site mode.

Good Support

lw53 ئاب 31, 2020
All the features I require with easy to follow instructions of how to correctly set-up.
خوێندنەوەی 15 پێداچوونەوە

بەشداربووان و گەشەپێدەران

“SiteGuard WP Plugin” نەرمەواڵەیەکی سەرچاوە کراوەیە. ئەم کەسانەی خوارەوە بەشدارییان تێدا کردووە.

بەشداربووان
  • jp-secure

“SiteGuard WP Plugin” وەرگێڕدراوە بۆ 10 زمان. سوپاسی وەرگێڕەکان دەکەین بۆ بەشداریکردنیان.

“SiteGuard WP Plugin” وەربگێڕە بۆ زمانەکەی خۆت.

دەتەوێت بەشداربیت لە گەشەپێدان؟

گەڕان لە کۆدەکەدا بکە، سەیری تەمارگەی (SVN) بکە، یان بەشداربە لە ڕووداوتۆماری گەشەپێدان لە ڕێگەی (RSS).

ڕووداوتۆمارگەریی گۆڕین

1.8.7

  • Fixed a cross-site scripting (XSS) vulnerability in the logout URL that could occur when the login page URL is changed.

Special thanks to daroo (Patchstack) for the report.

1.8.6

  • Rename Login: when the login URL falls back to the .php (stub) form, the settings screen now explains why .htaccess could not be used.
  • Rename Login: fixed the .htaccess self-test so it works when WordPress has been given its own directory (the WordPress Address differs from the Site Address).
  • Block Author Query: the “Disable REST API” exclusion list now uses REST API namespaces instead of plugin names.

Special thanks to abcdrew and miwarock777 for their contributions to this release.

1.8.5

  • Fixed a security issue affecting the login URL protection on some server configurations.

Special thanks to goto5656 for the report.

1.8.4

  • Fixed a security issue affecting the login URL protection on some server configurations.

Special thanks to goto5656 for the report.

1.8.3

  • Fixed an issue where the cleanup of legacy .htaccess rules (which could lock administrators out of /wp-admin/) did not run on sites that had already updated to 1.8.0 or 1.8.1.

1.8.2

  • Fixed an issue where upgrading from 1.7.x to 1.8.x could leave legacy .htaccess rules in place, locking administrators out of /wp-admin/.

Special thanks to t.inoue for the report.

1.8.1

  • Fixed a security issue affecting the login URL protection.

1.8.0

  • Added support for Nginx and Apache environments that do not use an .htaccess file.
  • Improved Login Lock to apply to authentication attempts via XML-RPC.
  • Fixed several security issues affecting login URL protection.
  • Reviewed and updated the English strings. Special thanks to abcdrew.

Special thanks to Daiki Honda and Daishi Kuroki for their contributions to this release.
Special thanks to Helena Media Research Corporation for the report.

1.7.12

  • Fixed an authorization vulnerability in the login history. Special thanks to Ficus Inc.
  • Mitigated CAPTCHA authentication failures in some environments.

1.7.11

  • Fixed an issue where a syntax error occurred in PHP 5.6 or earlier.

1.7.10

  • Fixed a Guessable CAPTCHA vulnerability (CVE-2026-27411). Special thanks to Patchstack.

1.7.9

  • Fixed a deprecated notice for the get_currentuserinfo() function.

1.7.8

  • Fixed a warning that occurred in version 1.7.7.

1.7.7

  • Fixed a bug where the renamed login URL was leaked when wp-register.php was accessed.

1.7.6

  • Fixed an issue where a warning occurred on the login screen in PHP 8.x environments.

1.7.5

  • Fixed an issue where a fatal error occurred on the Update Notifications screen in PHP 8.x environments.

1.7.4

  • Changed the directory for storing CAPTCHA image files to wp-content/siteguard/.
  • Fixed some bugs.

1.7.3

  • Fixed an issue where password reset emails could not be sent from the admin page when CAPTCHA was enabled.

1.7.2

  • Reviewed and modified source code related to security.

1.7.1

  • Fixed an issue where a syntax error occurred in PHP 5.6 or earlier.

1.7.0

  • Removed the ability to get the client IP address from X-Forwarded-For due to IP spoofing risk.

مێتا

  • وەشان 1.8.7
  • دوایین بەڕۆژکردنەوە 1 حەفتە لەمەوبەر
  • دامەزراندنی چالاک 500,000+
  • وەشانی وۆردپرێس 6.0 یان بەرزتر
  • تاقیکراوەتەوە تا 7.0.2
  • زمانەکان

    Dutch، English (US)، Japanese، Persian، Russian، Spanish (Argentina)، Spanish (Chile)، Spanish (Colombia)، Spanish (Mexico)، Spanish (Spain)، و Spanish (Venezuela).

    وەریبگێڕە بۆ زمانەکەی خۆت

  • تاگەکان
    captchaLogin Alertlogin lockpingbacksecurity
  • بینینی پێشکەوتوو

هەڵسەنگاندنەکان

4.3 out of 5 stars.
  • 11 5-star reviews 5 ئەستێرە 11
  • 0 4-star reviews 4 ئەستێرە 0
  • 2 3-star reviews 3 ئەستێرە 2
  • 2 2-star reviews 2 ئەستێرە 2
  • 0 1-star reviews 1 ئەستێرە 0

Your review

See all reviews

بەشداربووان

  • jp-secure

پشتیوانی

ئەو کێشانەی چارەسەرکراون لە دوو مانگی ڕابردوودا:

9 لە 9

بینینی مەکۆی پاڵپشتی

  • دەربارە
  • هەواڵەکان
  • خانەخوێکردن
  • تایبەتمەندێتی
  • پیشاندان
  • ڕووکاره‌کان
  • پێوه‌کراوه‌کان
  • شێوەئاساکان
  • فێربە
  • پاڵپشتی
  • گەشەپێدەران
  • WordPress.tv ↖
  • بەشداری بکە
  • بۆنەکان
  • بەخشین ↖
  • پێنج بۆ داهاتوو
  • WordPress.com ↖
  • Matt ↖
  • bbPress ↖
  • BuddyPress ↖
WordPress.org
WordPress.org

وۆردپرێس بەکوردی

  • Visit our X (formerly Twitter) account
  • Visit our Bluesky account
  • سەردانی هەژماری (Mastodon) بکە
  • Visit our Threads account
  • سەردانی پەڕەی فەیسبووکمان بکە
  • سەردانی هەژماری ئینستاگراممان بکە
  • سەردانی هەژماری لینکدئینمان بکە
  • Visit our TikTok account
  • سەردانی کەناڵەکەمان بکە لە یوتیوب
  • Visit our Tumblr account
کۆد هۆنراوەیە.
The WordPress® trademark is the intellectual property of the WordPress Foundation.