Anonindo Security Advisor
·
Lightweight WordPress security coach for scanning risks, explaining issues clearly, and guiding safer site improvements.
Anonindo Security Advisor helps site owners understand and improve their WordPress security posture without acting like a full firewall suite.
The plugin follows a simple workflow:
- Scan for common WordPress security issues and misconfigurations
- Explain what each issue means in beginner-friendly language
- Show practical guidance and safer best practices
- Offer safe auto-fix actions for selected hardening steps
This plugin is designed to be lightweight, educational, and operationally safe.
Features
- Detects debug mode enabled in production
- Detects dashboard file editing enabled
- Detects XML-RPC exposure
- Detects weak file permissions on common paths
- Detects potentially exposed
wp-config.phpbackup patterns - Detects outdated plugins and themes
- Detects suspicious administrator account patterns
- Detects REST API user enumeration exposure
- Heuristically scans active theme and plugin PHP files for basic SQL injection and XSS risk patterns
- Scans selected database content for suspicious script-like patterns
- Provides a security score and prioritized recommendations
- Includes an activity log for meaningful security-related site events
- Supports safe auto-fixes for selected hardening improvements