Skip to content

elcodigok/wphardening

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
2 branches 7 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
data
 
 
doc
 
 
lib
 
 
templates
 
 
.coveralls.yml
 
 
.gitignore
 
 
.travis.yml
 
 
README.md
 
 
requirements.txt
 
 
wphardening.conf
 
 
wphardening.py
 
 
WPHardening Installation Usage Examples Check a WordPress Project Change permissions Remove files that are not used Create your robots.txt file Remove all fingerprinting and Version Check a TimThumb library Create Index file Download Plugins security Wizard generated wp-config.php 6G Firewalls Disable REST API WPHardening update Use all options Project Home Git Repository Issues

README.md

WPHardening Build Status Coverage Status

WPHardening

Fortify the security of any WordPress installation.

❮ NOTE ❯ This tool releases new versions on a regular basis. Make sure to update your dependencies frequently to get the latest version. Check out the changelog or CHANGELOG.md to learn about the new features.

Installation

Installing WPHardening requires you to execute one console command:

$ pip install -r requirements.txt

Usage

$ python wphardening.py -h 

 __          _______  _    _               _            _
 \ \        / /  __ \| |  | |             | |          (_)
  \ \  /\  / /| |__) | |__| | __ _ _ __ __| | ___ _ __  _ _ __   __ _
   \ \/  \/ / |  ___/|  __  |/ _` | '__/ _` |/ _ \ '_ \| | '_ \ / _` |
    \  /\  /  | |    | |  | | (_| | | | (_| |  __/ | | | | | | | (_| |
     \/  \/   |_|    |_|  |_|\__,_|_|  \__,_|\___|_| |_|_|_| |_|\__, |
                                                                 __/ |
        Fortify the security of any WordPress installation.     |___/

     Caceria de Spammers - http://www.caceriadespammers.com.ar

Usage: python wphardening.py [options]

Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit
  -v, --verbose         Active verbose mode output results
  --update              Check for WPHardening latest stable version

  Target:
    This option must be specified to modify the package WordPress.

    -d DIRECTORY, --dir=DIRECTORY
                        **REQUIRED** - Working Directory.
    --load-conf=FILE    Load file configuration.

  Hardening:
    Different tools to hardening WordPress.

    -c, --chmod         Chmod 755 in directory and 644 in files.
    -r, --remove        Remove files and directory.
    -b, --robots        Create file robots.txt
    -f, --fingerprinting
                        Deleted fingerprinting WordPress.
    -t, --timthumb      Find the library TimThumb.
    --chown=user:group  Changing file and directory owner.
    --wp-config         Wizard generated wp-config.php
    --plugins           Download Plugins Security.
    --proxy=PROXY       Use a HTTP proxy to connect to the target url for
                        --plugins and --wp-config.
    --indexes           It deny you to display the contents of directories.
    --minify            Compressing static file .css and .js
    --malware-scan      Malware Scan in WordPress project.
    --6g-firewall       6G Firewall.
    --rest-api          Disable REST API.

  Miscellaneous:
    -o FILE, --output=FILE
                        Write log report to FILE.log

Examples

Check a WordPress Project

Before using the tool, we must ensure that our working directory is WordPress.

$ python wphardening.py -d /home/path/to/wordpress -v

Change permissions

This option is to add the correct permissions to files and directories.

$ python wphardening.py -d /home/path/to/wordpress --chmod -v

Remove files that are not used

Part of the fortification of any system is to remove those files, directories or components required.

$ python wphardening.py -d /home/path/to/wordpress --remove -v

Create your robots.txt file

WordPress default does not incorporate the robots.txt file with this option poemos customize our robots.txt

$ python wphardening.py -d /home/path/to/wordpress --robots -v

For more information robots.txt

Remove all fingerprinting and Version

$ python wphardening.py -d /home/path/to/wordpress --fingerprinting -v

Check a TimThumb library

$ python wphardening.py -d /home/path/to/wordpress --timthumb -v

Create Index file

This file is created as a way to avoid sailing in a directory.

$ python wphardening.py -d /home/path/to/wordpress --indexes -v

Download Plugins security

The following is a list of the most commonly used security plugins that you can download automatically:

$ python wphardening.py -d /home/path/to/wordpress --plugins

Wizard generated wp-config.php

This command automatically creates a file called wp-config-wphardening.php which can then rename it.

$ python wphardening.py -d /home/path/to/wordpress --wp-config

6G Firewalls

$ python wphardening.py -d /home/path/to/wordpress --6g-firewall

Disable REST API

$ python wphardening.py -d /home/path/to/wordpress --rest-api

WPHardening update

With this option you can always have the latest version of WPHardening.

$ python wphardening.py --update

Use all options

$ python wphardening.py -d /home/path/to/wordpress -c -r -f -t --wp-config --indexes --plugins --6g-firewall --rest-api -o /home/user/wphardening.log

Project Home

www.caceriadespammers.com.ar

Git Repository

https://github.com/elcodigok/wphardening

Issues

https://github.com/elcodigok/wphardening/issues

About

Fortify the security of any WordPress installation.

danielmaldonado.com.ar

Resources

Readme
Activity

Stars

159 stars

Watchers

25 watching

Forks

34 forks
Report repository

Releases 7

v1.6 Latest
May 4, 2017
+ 6 releases

Packages

No packages published

Languages