Custonis – Security Exposure Scanner
Custonis detects publicly exposed files that should not be accessible on the internet.
Many websites accidentally leave sensitive files inside the web root, for example:
- database backups
- exported data files
- configuration backups
- debug logs
- development leftovers
Attackers and automated bots actively scan websites for exactly these files because they may expose passwords, database content or internal configuration.
Custonis helps you quickly identify these risks before someone else does.
The plugin performs a fast local scan of your WordPress installation and displays the results in a clear and easy-to-understand dashboard.
Custonis focuses specifically on exposure risks, complementing traditional security plugins such as firewalls or malware scanners.
Features
✔ Exposure file scanner ✔ Detect exposed backup archives (.zip, .sql) ✔ Detect debug logs and error logs ✔ Detect database exports ✔ Detect sensitive configuration files ✔ Severity classification (Critical / Elevated) ✔ Security score calculation ✔ Risk level indicator ✔ Exposure age detection ✔ Detailed findings dashboard ✔ Scan history chart ✔ Lightweight and fast scanning
How it works
- Install and activate the plugin
- Open the Custonis dashboard
- Run a security scan
- Review detected exposures and secure affected files
Custonis performs read-only scans and does not modify your website.
1.0.1
= Fixed = * Removed all Pro / license / cron related functionality for full compliance with WordPress.org guidelines * Replaced external CDN (Chart.js) with local asset * Fixed nonce handling (sanitization and validation) * Improved escaping for all output * Improved file path handling using WordPress functions
1.0.0
= Initial release = * Exposure scanner * Severity detection (Critical / Elevated) * Security score calculation * Exposure age detection * Findings dashboard * Scan history chart