Require selected user roles to change their passwords after a selected time. In the plugin settings you can set the maximum number of days users are allowed to use the same password (100 days by default), as well as which user roles will be required to reset their passwords regularly (by default all except administrators). There is also on option to allow / disallow users to use the same password again (by default disallow).
Tag: security
Malware Scanner add-on for Safety Ninja (Add-ons)
Keep your plugin, theme and custom files in check!
- one click scan – quickly identify problematic files
- scan all (active and disabled) theme files
- scan all (active and disabled) plugin files
- scan all files uploaded to wp-content folder
- scan options DB table
- more than 20 tests performed on each file
- detects malicious code even if it’s obfuscated
- see exact parts of the file that malware scanner marked as suspicious
- whitelist files that you have inspected and know are safe
- optimised for large WP installations with numerous files
- complete integration with Security Ninja’s easy-to-use GUI
- compatible with all themes and plugins
Changelog
v1.0 - March 4th 2015 * initial release
Final Tweaker for WordPress (Utilities)
General
- Not Found(error 404) page
- Disable “wptexturize” function for page title
- Show generation time
- From address
- From name
Diagnostics
Email
Admin Area
- Block admin page for subscriber
- Enable links manager
- Default editor
- Additional TinyMCE buttons
- Different status colors
- Disable import
- Disable export
Branding
- Remove “— WordPress” from title
- “WordPress” rename
- Admin Footer Message
- Remove “Screen Options” panel
- Remove “Help” panel
- Menu logo
- Favicon
- Icon color
- Link color
- Hover color
- Logo
- Click action
- Menu
Appearance
Admin Bar
Dashboard
- Hide dashboard
- Hide dashboard widgets
- Hide “Welcome to WordPress!” widget
- Dashboard 1 column layout
- Widget visible
Custom Widget with text
Posts
- Disable revisions
- Minimum Post Word Count
- Thumbnail column in list
- Remove short words from slug
- Custom notice in editing page
- Disable pos auto-save
- Disable TinyMCE editor
- Tag Autocomplete in Posts
Menu
- Add “Menus” to root level
Themes
- Disable installation
- Disable switching
- Disable deletion
- Disable customizing
- Disable editor
Plugins
- Disable installation
- Disable activation/deactivation
- Disable deletion
- Disable editor
- Add “Upload” to sub menu
- Hide plugins in list
Users
- Disable list users
- Disable creation new
- Hide “Admin Color Scheme” selection
Widgets
- Enable shortcodes in Text Widgets
Admin Bar
- Show on hover
- Hide on site
- Hide on site for subscriber
- WordPress Logo
- My Sites
- Site
- Updates
- Comments
- New Content
- Edit
- My Account
- Search
- Add Log Out Button
- Replace Howdy text
- Add Custom Menu
Remove Buttons
Additional
Media
- Rename files on upload
- JPEG Quality
- Enable SVG support
- Contributor upload files
- Remove links around images
- Remove <p> tags from around images
- Remove width & height attributes
- Disable attachment pages
- Disable comments
Public Attachment Page
Theme
- Enable smooth scroll in Chrome
- Enable fast click on Touch-devices
- Load jQuery from CDN
- Remove version parameter from css/js
Header Cleanup
- Remove wlwmanifest
- Remove the prev and next post link
- Remove shortlink for the page
- Remove canonical link for the page
Favicon & Logos
- Favicon
- iPhone
- iPhone Retina
- iPad
- iPad Retina
- iPhone 6 Plus
- Application name
- Background color for a live tile
- Tile image
- Navigation button color
- Small tile
- Medium tile
- Wide tile
- Large tile
Apple Devices Logos
Windows Pinned site
Search
- Search off
- Redirect to single result
- Pretty url
- Search by title only
- Posts per page
Blog
- Automatically email contributor when their post is published.
- Show empty categories
- Categories include
- Categories exclude
- Tags include
- Tags exclude
Content
- Open external post links in new window
- Disable content wpautop
- Disable content wptexturize
- Make content urls clickable
- Custom After Post code
- Convert Twitter name to links in content
Protection
- Obfuscate Email
- Disable selection
- Disable right-click
- Disable image dragging
- Disable PrintScreen
Security
- Custom “generator” META-tag
- Remove WordPress generator tag
- Add nosniff header
- Add xss protection header
- Prevent embedding inside an iframe
- Expire Protected Page Cookie
- Disable file editing
- Remove Really Simple Discovery tag
- Disable Pingbacks
- Disable Self Pingbacks
reCaptcha 2
- Site key
- Secret key
- Protect Login page
- Protect Registration page
- Protect commenting form
- Theme
Comments
- Strip all tags
- Remove all urls
- Disable make_clickable
- Disable wptexturize
- Check min length
- Min length
- Enable comments closing
- Close comments after days
- Show close comments notify text
- Open external comment links in new window
- Remove form url field
- Allow anonymous comments
- Convert Twitter name to links in comments
Login & Registration
- Enable login with Email
- Login Error message
- Login Form Message
- Check “Remember Me”
- Log In required to see site
- Redirect subscribers to home page
- No new user email to admin
- No password change notification
- Auto-Login after registration
- Redirect
Registration
Page Appearance
- Login Form Image
- Login Form Image Size
- Login Form Paddings
- No Shake Login Form
- Button & links color
- Background image
- Background image size
- Transparent style
- Hide “Back to blog” link
Urls
- Change url of author to user
- Author Link
Updates
- Disable WordPress Updates
- Hide message in footer
- Hide “Updates” menu
- Core update Auto Installation
- Disable Theme Updates
- Disable Plugins Updates
SEO
- Meta copyright
- Meta Copyright Pages
- Google Analytics ID
- Usage Mode
RSS & Feeds
- Turn off feeds
- Remove the standard feed links
- Extra feeds such as category feeds
- Add featured images
- Custom Head for Rss
- Custom Footer for Rss
Custom Code
- Custom Header code
- Custom Footer or Tracking code
Maintenance Mode
- Status
- Message
- Image
- Image Size
- Background image
- Background image size
Page Appearance
WooCommerce
- Redirect to checkout after adding to cart
- Remove WooCommerce generator tag
- Remove feed
- Remove ordering
- Change “Out of stock” message
- Enable “Already in cart” button text
- Change “Description” tab text
- Change “Shop” title
- Hide tabs on product page
- Set number of products displayed per page
- Amount of products
- Automatically complete orders
Visual Composer
- Disable frontend editor
- Close windows on Esc
- Save element on Ctrl+Enter
- Open on icon click
- Hide “VC: Custom Teaser” metabox
Keyboard Shortcuts
- Enabled
Tools
- Enabled
- Show metabox
- Snow in Admin bar
- Copy taxonomies on duplicate
- Copy meta on duplicate
- Hide Ultimate Tweaker in menu
- WordPress versions 4 and later
- PHP v.5.2 or greater; MySQL v.5.0.15 or greater
Duplicator
Fast Translate
Admin Area
Site
Settings
Most JavaScript enabled Browsers will make them work without issues.
1.0.0 - Feburary 25, 2015 * Initial
Ninja Types Google reCaptcha (Add-ons)
This add-on add a the new Google reCaptcha field choice in your Ninja Forms.
Membership Leak Tracker (Membership)
Membership Leak Tracker is a WordPress plugin. It helps trace your site’s documents/assets shared on the internet via P2P softwares and other piracy sites.
It performs its task by
Embedding user (who downloaded from your site) info into files before zipping them. It is not like watermark. It hides info in way that it is not visible to humans.When you find some file shared on the internet, you can upload that file to Membership Leak Tracker plugin and it will show which user downloaded this file from your site and when.
wordpress Ghost Captcha (Kinds)
Why is it called Ghost Captcha? Because like a ghost, its an invisible force, working quietly in the background, detecting and blocking spambots. Yes, WP Ghost Captcha does come with its own standard captcha tests, but these are only displayed as a last resort, after suspicious browsing activity is detected.
But why display captcha tests only as a last resort? Because captcha tests are annoying. They treat all genuine users as suspects, who must first prove their innocence before logging in or posting anything. Many are hard to fill and inaccessible, especially for those with eye problems and other disabilities.
How then do you keep your site secure from spambots and other malicious programs out there without always displaying captcha tests? Use WP Ghost Captcha, which works by monitoring a users behavior, separating the humans from the bots using a mix of the honeypot technique and time tracking. All this is done quietly in the background and if any suspicious activity is detected, WP Ghost Captcha then loads up a normal captcha test. Using this technique, most of your genuine users will rarely ever need to see or solve a captcha test. With WP Ghost Captcha, you no longer have to choose between blocking spammers and annoying your users.
Features
- Works with all standard wordpress forms: comments, login, register and lost password.
- Can also be easily extended to work with any custom-made WordPress forms, thanks to two new WordPress hooks which come with the plugin ( ghostcaptcha_set and ghostcaptcha_validate ).
- The settings for each form can be tweaked and configured individually. For example, the captcha test for the “lost admin password” form is set to always appear by default, but you can easily set it back to work only in stealth-mode. Same applies to the standard WordPress comments, login, register. You can also tweak and adjust how each form detects spambots by adjusting the plugin’s time tracker.
- WP Ghost Captcha not only blocks, but also logs the details of any suspected spambot. This includes the IP address, date, targetted form and reason why it’s submission was blocked. The latest logs are displayed within WP Ghost Captcha’s page in the admin area.
Good Safety Instruments: Are living Reveal Addon (Add-ons)
This is NOT standalone plugin and it can’t be used on its own. This is an addon for Smart Security Tools plugin for WordPress, and it is also available on CodeCanyon here:
You need to purchase and install this main plugin first. Do not attempt to use this addon on its own, it will not work.
Addon Information
Smart Security Tools: Live Monitor Addon is very useful addon for Smart Security Tools plugin for WordPress allowing you to monitor logged events live, as they happen using Live Events Monitor panel and notifications system for browsers and website.
This addon includes 3 main modules:
- LIVE Events Panel
- Browser Notifications
- Website Notifications
LIVE Events Panel: See events as they happen
This is a new panel in Smart Security Tools top level menu and it is showing the list of events as they happen with use of World Map to mark geo locations for each logged event. For each event you see all logged information and you can ban IPs from this panel.Browser Notifications: Get quick notifications in browser
Plugin can use notifications to push notes about logged events as they happen. Browser or Desktop notifications are displayed by the browser and most modern browsers support them.Website Notifications: Get quick notifications on website pages
Similar to browser notifications, but this time plugin is using growl like notifications directly inside the website pages.Other Features
- Set list of IP exceptions and plugin will not display events originating from these IP’s
- Select list of events to show on Live Event panel and for both notifications methods
Addon Requirements
- WordPress 3.3 or newer
- Smart Security Tools 2.2 or newer: get it here
Changelog
Version 1.0 / 2014.09.18.
- First release
Safety Ninja Plugins Bundle (Utilities)
Grab all the best security plugins available on CodeCanyon, completely protect your WordPress site and save $13.
Bundle includes:
- Security Ninja – $11 value, find out more
- Login Ninja – $17 value, find out more
- Core Scanner add-on for SN – $6 value, find out more
- Scheduled Scanner add-on for SN – $6 value, find out more
- Events Logger add-on for SN – $7 value, find out more
Changelog
v1.0 - September 16th 2014 * initial release
Good Safety Instruments: Login Restrict Addon (Add-ons)
This is NOT standalone plugin and it can’t be used on it’s own. This is an addon for Smart Security Tools plugin for WordPress, and it is also available on CodeCanyon here:
You need to purchase and install this main plugin first. Do not attempt to use this addon on its own, it will not work.
Addon Information
Smart Security Tools: Login Limit Addon is powerful addition for Smart Security Tools plugin bringing additional tools for website protection related to WordPress login form.
This addon includes 3 main modules, and you can use only what you need for your website and disable other modules:
- Login Limiter
- Login Honeypot
- Blocked Usernames
Login Limiter: Prevent brute force login attacks
This module is made to prevent brute force attacks many bots use to crack the username and password. With this module you can throttle number of wrong login attempts single IP can make in a period of time. If the login fails, it will be logged, and if number of failures reaches set number, IP will be temporarilly banned. After that, if more failed logins are detected from same IP it will be banned permanently.Login Honeypot: Prevent logins from bots
With honeypot field plugin targets logins made by bots. Honeypot field is is invisible to normal users, but most bots will fill it and that will get them caught in the trap and get banned.Blocked Usernames: Prevent logins using listed usernames
Most brute force attacks attempt login as ‘admin’ (most common WordPress username). So, change your username to something else and set this module to check if someone is using admin username. If same IP does that more than once, it will get banned, and you can set number of failed logins to trigger this trap.Addon Requirements
- WordPress 3.3 or newer
- Smart Security Tools 2.0 or newer: get it here
Changelog
Version 1.0 / 2014.08.21.
- First release
