WordPress Scanner Next-Gen Released
Here it is!!!
Its been a long and exciting week. Not only are we experiencing the most severe snow in Kent but I’ve finally managed to role out the massively improved WordPress vulnerability scanner. It can also be accessed using the menu link above, “WordPress Scanner”.
It is a
I still have a fair bit of work to do writing up issues for the individual findings and applying risks but its there to play with for those who want to BETA test it. Please do, it could really use a fresh pair of eyes.
XML driven tests, yes please!
Probably the most exciting feature I can think of (its late) other then its “total awesomeness” is that all tests are now XML based. This means just about anyone can write additional tests and submit them to BlogSecurity for approval and addition into the scanning engine.
The old wp-scanner is still available for those who are still using it, although, the recent changes appear to have broken something as I have had a flood of emails about it.
Other Cool News
In addition to releasing a new version of wp-scanner, I’ve rolled out a new template for BlogSecurity as the old one was bugging me and wasted space. I’ve also performed the Feedburner Google upgrade. This means feeds are now redirected to “feeds2.feedburner” instead of “feed.feedburner”. This should be transparent, so no changes on your side should really be needed but its worth a check.
I’ve also been chatting with Jaimie Sirovich over at www.seoegghead.com. He has some exciting ideas around WordPress security and we’ll hopefully have him as a guest blogger soon. Jaimie, after this blog entry, I hope you’ll understand my min. email responses.
If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
92 Scans so far, although, some people have still not activated the wpscan activator plugin.
Note to self, I think having a total scans to date on the wpscan page would be useful.
Had a question or two around what particular tests mean, please, note the descriptions and risk ratings are not completed yet… I’ll hopefully get this done over the next few days.
170 scans now. I’ve made a few changes to the backend and added some more detailed descriptions for some of the popular findings (version, akismet, default admin account etc)
[...] Kierznowski from BlogSecurity has recently released the next generation of WordPress Scanner. The scanner is completed re-written in PHP and is massively improved for WordPress vulnerability [...]
[...] kind folks over at Blog Security have released the latest version of their Wordpress Scanner. This handy little tool will help you keep your Wordpress installation [...]
Scanner is broken – it does not accurate detect the wpscanner tag put into the page header and thus thinks the plugin is not active and so it won’t scan the site.
M, I’ll add this to FAQ. Some WP themes are not compatible with the activator plugin, I’m looking into this.
The tag is inserted into my site header just fine. I can see it in the HTML. Problem is that your code isn’t detecting it…
M, 200 other blogs have used it since its release earlier this week without problems. I’m sure there are bugs but i’ll need a little more info then “your scanner is broken” or “your code isn’t detecting it.”
Email me your blog details and I’ll take a look.
[...] spam protection to site protection Blogs Security has released a new version of their wordpress exploit scanner. So give it a shot make sure you are [...]
[...] WordPress Scanner Next-Gen Released Nova verzija sigurnosnog skenera za WordPress (tags: wordpress security) Podelite ovaj sadržaj sa drugima: [...]
[...] WordPress Scanner Next-Gen Released (tags: wordpress security) [...]