Comment on Get Your Head Straight With WordPress HTTP Security Headers by ale5000.
Hi,
what about Strict-Transport-Security header?
Recent Comments by ale5000
Eliminate Hacker Files With The WordPress File Security Bouncer
Thanks to you.
Eliminate Hacker Files With The WordPress File Security Bouncer
It works now, thanks.
But is it possible to uniform the behaviour?
It is fine on Windows whether is slash or backslash (both are working) but it would be nice to not have both together.
Now on the e-mail it is showed like this:
– D:\inetpub\webs\mysitenamecom/wp-admin\test.php
Eliminate Hacker Files With The WordPress File Security Bouncer
Hi,
it would be nice to have a button “Scan now” for both Core File Scanner and Unrecognised Files Scanner.
It is annoying waiting one day to test it.
Also running the cron job forcedly doesn’t seem to work.
Eliminate Hacker Files With The WordPress File Security Bouncer
Unfortunately on IIS server under Windows it detect all files as unrecognized.
See:
[QUOTE]Shield detected files on your site which are not recognised.This is part of the Hack Protection module for the WordPress Unrecognised File Scanner.
…
The following files do not match the official WordPress.org Core Files:
– D:\inetpub\webs\mysitenameycom/wp-admin\about.php
– D:\inetpub\webs\mysitenameycom/wp-admin\admin-ajax.php
– D:\inetpub\webs\mysitenameycom/wp-admin\admin-footer.php
– D:\inetpub\webs\mysitenameycom/wp-admin\admin-functions.php
– D:\inetpub\webs\mysitenameycom/wp-admin\admin-header.php
– D:\inetpub\webs\mysitenameycom/wp-admin\admin-post.php
– D:\inetpub\webs\mysitenameycom/wp-admin\admin.php
…
[/QUOTE]
Eliminate Hacker Files With The WordPress File Security Bouncer
Please exclude also Web.config (correspond to .htaccess but for IIS servers).
