Installation Instructions

1. Make a backup of your current installation
2. Unpack the download package
3. Upload the extracted files to the /wp-content/plugins/ directory
4. Activate the plugin through the 'Plugins' menu in WordPress

If you do encounter any bugs, or have comments or suggestions, please contact the WebsiteDefender team on support@websitedefender.com.

For more information on the WP Security Scan and other WordPress security news, visit the WebsiteDefender Blog and join our Facebook page. Post any questions or feedback on the WP Security Scan plugin forum.

FAQ

Can I deactivate WP Security Scan once I've run it once?

No. WP Security Scan needs to be left activated to work. Version hiding, turning off DB errors, removing WP ID META tag from HTML output, and other functionality will cease if you deactivate the plugin.

How do I change the file permissions on my WordPress installation?

From the Linux command line (for advanced users): chmod xxx filename.ext (replace xxx with with the permissions settings for the file or folder).

From your FTP client: Most FTP clients, such as filezilla, etc, allow for changing file permissions. Please consult your client's documentation for your specific directions.

For more information, please visit http://codex.wordpress.org/Changing_File_Permissions

Why do I need to hide my version of WordPress?

Many attackers and automated tools will try and determine software versions before launching exploit code. Removing your WordPress blog version may discourage some attackers and certainly will mitigate virus and malware programs that rely on software versions.

NOTE: Hiding your version of WordPress may break any plugins you have which are version dependant.

How do I make Dagon Design's sitemap generator plugin compatible?

There is currently a small compatibility issue. This can be temporarily solved by opening securityscan.php and commenting out the line

add_action("init",mrt_remove_wp_version,1);

For more information on the WP Security Scan and other WordPress security news, visit the WebsiteDefender Blog and join our Facebook page. Post any questions or feedback on the WP Security Scan plugin forum.

Changelog

v3.0.9

• New feature: Added tooltips to the most important sections of the System Information box
• Update: Added 'nonce' fields to forms where needed (thanks to julio from boiteaweb.fr)
• Update: Updated the deprecated function call get_bloginfo('siteurl') to get_bloginfo('url')
• Update: Updated paths to external resources such as javascript and css files for ssl compatibility
• Update: Updated validation for plug-in form fields (email address, user name, target id, etc.)
• Update: Enhanced the input validation for the Change Database Prefix tool
• Update: Plugin settings are now accessible only by WordPress administrators
• Update: Improved user-rights retrieval in the WordPress database

v3.0.8

• New feature: Option to open / close WebsiteDefender dashboard widget
• Update: More help resource links
• Update: Internal code updates

v3.0.7

• BugFix: The bug reported about ALTER rights retrieval has been addressed
• Update: Code cleanup
• Update: Minor internal updates

v3.0.6

• Feature: The WebsiteDefender RSS widget added to the admin dashboard
• Update: The plug-in has been made compatible with Secure WP and WebsiteDefender WordPress Security
• Update: The plug-in can be safe used in a Multi User WP environment
• Bugfix: Fixed the bug related to the database ALTER rights retrieval
• BugFix: Fixed the version information script

v3.0.5 (07/20/2011)

• Bugfix: Updated the links to websitedefender.com

v3.0.4 (07/20/2011)

• Update: the plug-in has been made compatible with Secure WP plug-in

v3.0.3 (07/14/2011)

• Bugfix: Fixed the code error in the change database prefix feature
• Update: More code cleanup

v3.0.2 (07/11/2011)

• Feature: Enabled automatic database table prefix rename feature
• Feature: Database backup functionality used in databse renaming tables
• Feature: Included more documentation / links for a number of features
• Feature: Prevent blog owner from changing table prefix if the wp-config.php file is not writable
• Update: Updated several error messages text (user friendly)
• Update: major code cleanup
• Bugfix: Fixed a number of bugs in the database tables rename utility

v3.0.1 (03/24/2011)

• Regression: Temporarily disabled database change feature
• Fixed: Resolved conflict with plugins using the reCAPTCHA library
• Bugfix: Fixed CSS image background not showing corectly

v3.0.0 (03/22/2011)

• Feature: Release new stable version
• Feature: Rebranding of the plugin
• Feature: Integrated WebsiteDefender.com registration in Settings

For more information on the WP Security Scan and other WordPress security news, visit the WebsiteDefender Blog and join our Facebook page. Post any questions or feedback on the WP Security Scan plugin forum.