WPHardening 1.5 - Fortify the security of any WordPress installation


Fortify the security of any WordPress installation.

Installation

Installing WPHardening requires you to execute one console command:
$ pip install -r requirements.txt

Usage
$ python wphardening.py -h 

__ _______ _ _ _ _
\ \ / / __ \| | | | | | (_)
\ \ /\ / /| |__) | |__| | __ _ _ __ __| | ___ _ __ _ _ __ __ _
\ \/ \/ / | ___/| __ |/ _` | '__/ _` |/ _ \ '_ \| | '_ \ / _` |
\ /\ / | | | | | | (_| | | | (_| | __/ | | | | | | | (_| |
\/ \/ |_| |_| |_|\__,_|_| \__,_|\___|_| |_|_|_| |_|\__, |
__/ |
Fortify the security of any WordPress installation. |___/

Sponsored by SYHUNT - http://www.syhunt.com

Usage: python wphardening.py [options]

Options:
--version show program's version number and exit
-h, --help show this help message and exit
-v, --verbose Active verbose mode output results
--update Check for WPHardening latest stable version

Target:
This option must be specified to modify the package WordPress.

-d DIRECTORY, --dir=DIRECTORY
**REQUIRED** - Working Directory.
--load-conf=FILE Load file configuration.

Hardening:
Different tools to hardening WordPress.

-c, --chmod Chmod 755 in directory and 644 in files.
-r, --remove Remove files and directory.
-b, --robots Create file robots.txt
-f, --fingerprinting
Deleted fingerprinting WordPress.
-t, --timthumb Find the library TimThumb.
--chown=user:group Changing file and directory owner.
--wp-config Wizard generated wp-config.php
--plugins Download Plugins Security.
--proxy=PROXY Use a HTTP proxy to connect to the target url for
--plugins and --wp-config.
--indexes It allows you to display the contents of directories.
--minify Compressing static file .css and .js
--malware-scan Malware Scan in WordPress project.

Miscellaneous:
-o FILE, --output=FILE
Write log report to FILE.log

Examples

Check a WordPress Project
Before using the tool, we must ensure that our working directory is WordPress.
$ python wphardening.py -d /home/path/to/wordpress -v

Change permissions
This option is to add the correct permissions to files and directories.
$ python wphardening.py -d /home/path/to/wordpress --chmod -v

Remove files that are not used
Part of the fortification of any system is to remove those files, directories or components required.
$ python wphardening.py -d /home/path/to/wordpress --remove -v

Create your robots.txt file
WordPress default does not incorporate the robots.txt file with this option poemos customize our robots.txt
$ python wphardening.py -d /home/path/to/wordpress --robots -v
For more information robots.txt

Remove all fingerprinting and Version
$ python wphardening.py -d /home/path/to/wordpress --fingerprinting -v

Check a TimThumb library
$ python wphardening.py -d /home/path/to/wordpress --timthumb -v

Create Index file
This file is created as a way to avoid sailing in a directory.
$ python wphardening.py -d /home/path/to/wordpress --indexes -v

Download Plugins security
The following is a list of the most commonly used security plugins that you can download automatically:
$ python wphardening.py -d /home/path/to/wordpress --plugins

Wizard generated wp-config.php
This command automatically creates a file called wp-config-wphardening.php which can then rename it.
$ python wphardening.py -d /home/path/to/wordpress --wp-config

WPHardening update
With this option you can always have the latest version of WPHardening.
$ python wphardening.py --update

Use all options
$ python wphardening.py -d /home/path/to/wordpress -c -r -f -t --wp-config --indexes --plugins -o /home/user/wphardening.log


Disqus Comments