plugin-icon

Janric Simple Attack Monitor

作者:keithlunt·
Lightweight attack detection for WordPress. Logs brute force, XML-RPC abuse, SQL injection, XSS attempts and more. No bloat, no blocking — just data.
版本
1.0.0
最后更新
Jun 15, 2026
Janric Simple Attack Monitor

Most security plugins try to do everything — firewall, blocking, malware scanning, email alerts — and end up bloated, slow, and full of upsells. Attack Monitor does one thing: it watches your site for common attack patterns and quietly logs them, so you always know what’s being thrown at your site. What it detects

Brute force login attempts XML-RPC abuse (including system.multicall floods) User enumeration via ?author= and the REST API Admin area probing by unauthenticated visitors Path and plugin scanning (phpinfo.php, .env, phpmyadmin, wp-config.php and more) SQL injection attempts in URLs and POST data XSS attempts in URLs and POST data Comment flooding

What you get

A dashboard widget showing this week’s attacks by category at a glance A full log page with day / week / 30-day / all-time views A bar chart of attack volume over time Top attacking IPs ranked by hit count Filterable event log with timestamps, IPs, URLs and detail Safe IP whitelist — exclude your own monitoring tools, cron jobs or office IP ranges CIDR range support (e.g. 192.168.1.0/24) for the whitelist A single lightweight database table — nothing else added to your WordPress installation

Philosophy Detection and blocking are separate concerns. This plugin handles detection only, leaving you free to choose how you respond — whether that’s Fail2ban, Cloudflare, a companion blocking plugin, or simply reviewing the data. No firewall rules are added, no requests are blocked or slowed down, and no data is sent anywhere outside your own database. Ideal for developers, agencies and site owners who want visibility without handing over control to an all-in-one security suite.

免费基于付费套餐
通过安装,您同意 WordPress.com 服务条款第三方插件条款
目前已测试版本
WordPress 7.0
这个插件是可用的下载,适用于您的站点。