Wanted: Swiss Army Knife of Security Plugins

0

Do you have one, or plans to make one?

  • AbleReach
    • Flash Drive

    There is more… and I don’t know if this is possible, but this is some of what would make me happy.

    Select an email address for a technical admin.

    To run once, whenever a new theme is loaded:

    1. Scan the currently running theme for encoded links.

    2. Generate a list of all js and frames currently running on the current theme, with “safe” and “investigate” checkboxes by each. Show a warning message until the technical admin checks off all as “safe.”

    Ongoing:

    3. Send the technical admin a notice whenever js or frames not on the list is loaded

    ………………

    In the interest of full disclosure:

    In the past I’ve gotten an evil thrill out of running the WP Firewall plugin on the sites of clients who “didn’t realize” staying upgraded is a good idea, or always seemed to be sending me trojans via email or getting their Social Media accounts hacked. It’s an eye opener for them to get an alert about some bot thang that is checking for the insecure version of an older plugin.

  • AbleReach
    • Flash Drive

    Login lockdown cuts repetitive unsuccessful login attempts.

    There are a few things that remove WP version info or change the wp_ table prefix to something else. As I recall, Yoast’s SEO plugin has some of that.

    Haven’t there been a few WP security scans that come and go? One of those (but maintained) could be good link-bait!

    Security can encompass a lot and get confusing in a hurry. To simplify plugin conflict management, I’d like to see as much as possible done in one plugin: fewer outside gizmos to get snarled with, no overlap of plugin capabilities. Less updating to keep up with and a clean usable interface would make everyone happy. The ability to designate a technical admin who gets email notices would help out those of us who do minimal if-needed maintenance on client blogs… or multi-author blogs with a fuzzy division of labor.

    Another thing I’d like to see is a sort of a disaster insurance setup, with automatic backups and an interface to make it easier to restore an infected site. Jetpack is going in that direction with a paid service.

    It’s a trifecta: Be safe, back it up, clean up messes when they happen.