WordPress Scanner FAQ
Introduction
WordPress scanner is a free online resource that blog administrators can use to provide a measure of their wordpress security level. It is BETA software and is continually being developed.
If you have landed here directly we suggest starting at the wp-scanner launch page.
This page is part of a group of pages discussing various aspects of wp-scanner. This particular page provides a list of frequently asked questions (FAQ) for wp-scanner. This page will be updated from time to time as additional questions are received.
WP-Scanner tells me it requires the Activation Plugin?
That is correct. We have to be able to validate that you own the blog and have permission to test it. In order to run the scan, you’ll need to download and enable the plugin. Instructions here.
I have enabled the plugin and wp-scanner still doesn’t work?
We have had this issue reported a couple times. Some WordPress themes aren’t compatible with the plugin.
If the plugin fails for some reason, wp-scanner now supports text file verification. Simply download the following file and place it in your blog directory (i.e. /wordpress/wpscan.txt).
What does the WP Activator plugin do?
If you open the plugin file in a text editor likeĀ notepad, you’ll notice the plugin is only about 10 lines of code. It simply adds <!–wp-scanner–> to your WordPress header. This allows us to validate that you own the blog and that you give wp-scanner permission to run its security tests.
My problem isn’t listed here, what shall I do?
If none of the above FAQs help, please drop us an email giving us your blog name and contact email address. Please don’t be shy to submit your questions, chances are you may be helping others who are having the same problem.
Where will the scan come from?
Currently, all scans are performed from the blogsecurity server. These scans will come from the BlogSecurity server “blogsecurity.net”.
Random Posts
If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
First off, I like the scanner. Thanks.
Second, a good thing to have in this FAQ would be the server’s IP address. It’s currently 212.241.213.73. Because in peoples logs they will see a bunch of access to there sites that look like intrusion attempts and they’d would of course… block it. So when they come back to WPScan and it doesn’t work they’ll wonder why.
Thanks again for the scanner.