WordPress.org

Nederlands (België)

Download WordPress
WordPress.org

Plugin Directory

Vulnity Security

Vulnity Security

Door manuelgalan
Download

Beschrijving

Vulnity Security brings enterprise-grade threat detection to WordPress. It connects your site to Vulnity’s SIEM platform, correlates events, and alerts you before issues become incidents.

Features

  • Real-time security event collection and forwarding to Vulnity SIEM.
  • Dashboard widgets that highlight critical findings and remediation steps.
  • Scheduled security scans for core files, plugins, and themes.
  • Centralized logging compatible with major SOC workflows.

Integration Requirements

To receive alerts, configure an API token and endpoint URL provided by your Vulnity SIEM account. Detailed configuration instructions are displayed after activating the plugin under Vulnity > Settings.

External Services

This plugin connects to Vulnity’s external API hosted on Supabase Edge Functions (domain: euxnoekqasvzwfcbybkg.supabase.co, base URL https://euxnoekqasvzwfcbybkg.supabase.co/functions/v1) to power SIEM alerts, inventory sync, and mitigation updates.

  • What the service is and what it is used for:
    • Vulnity SIEM API for pairing/unpairing, heartbeat checks, sending alerts, testing connectivity, syncing inventory, and receiving mitigation policies.
  • Endpoints used:
    • /pair-plugin, /unpair-plugin (pairing and disconnecting the site).
    • /heartbeat (periodic health check).
    • /connection-test (manual connection test).
    • /scan-site-info (inventory sync).
    • /generic-alert, /brute-force-alert, /file-security-alert, /manage-user, /user-management-alert, /permission-change-alert, /file-editor-alert, /plugin-change-alert, /theme-change-alert, /core-update-alert, /suspicious-query-alert, /scanner-detected-alert (security alerts).
    • /mitigation-config, /mitigation-update (mitigation policy sync and block/unblock updates).
  • What data is sent and when:
    • Pairing/unpairing: site ID, pair code, plugin/WordPress/PHP versions, and timestamp when pairing or disconnecting occurs.
    • Heartbeat: site ID, URLs, site metadata (name, language, timezone, theme), and runtime info (plugin/WordPress/PHP versions, latency) on a scheduled interval.
    • Alerts: site ID, alert type/severity, timestamps, and event details (such as IP address, user/action metadata, or file change context) whenever a security event is detected.
    • Inventory sync: site inventory details (installed plugins/themes/core metadata) when inventory sync runs.
    • Mitigation: site ID, block/unblock actions, IP address, reason, duration, and rule metadata when mitigation rules are synced or enforcement actions occur.
  • Why the data is sent:
    • To associate the site with your Vulnity account, deliver security alerts to the SIEM, validate connectivity, synchronize inventory and mitigation policies, and keep firewall enforcement consistent.
  • Policies: See the Vulnity Terms of Service and Privacy Policy for details on how data is handled.

License

This plugin is licensed under the GNU General Public License v2.0 or later. You are free to redistribute and/or modify it under the terms of the GPL as published by the Free Software Foundation. The complete license text is included in the bundled license.txt file and is also available online at https://www.gnu.org/licenses/gpl-2.0.html.

Schermafbeeldingen

  • Dashboard overview with real-time threat summary.
  • Alert detail screen showing remediation steps.
  • Settings page for configuring API credentials and scan schedules.

Installatie

  1. Upload the plugin files to the /wp-content/plugins/vulnity directory or install from the WordPress plugin repository.
  2. Activate the plugin through the Plugins screen in WordPress.
  3. Navigate to Vulnity > Settings, enter your Vulnity SIEM credentials, and save.
  4. (Optional) Enable scheduled scans on the Monitoring tab to receive weekly reports.

FAQ

Do I need a Vulnity SIEM subscription?

Yes. The plugin requires an active Vulnity SIEM account to collect and analyze events.

Will the plugin slow down my site?

No. Event collection runs asynchronously and offloads processing to the Vulnity cloud platform.

Can I disable certain alerts?

Absolutely. Use the Alert Policies section within the plugin settings to mute or reclassify events.

Beoordelingen

Er zijn geen beoordelingen voor deze plugin.

Bijdragers & ontwikkelaars

“Vulnity Security” is open source software. De volgende personen hebben bijgedragen aan deze plugin.

Bijdragers

Vertaal “Vulnity Security” naar jouw taal.

Interesse in de ontwikkeling?

Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.

Changelog

1.1.9

  • Send whitelist IPs (user public IP + localhost) to the SIEM during pairing so the whitelist persists after synchronization.

1.1.8

  • Fixed Nginx warning notice appearing repeatedly on every admin page load; it now displays only once.
  • Improved notice format: each protected path is shown on its own line for better readability.
  • Added link to solution documentation for Nginx .htaccess compatibility.

1.1.7

  • Fixed deactivation not clearing all cron jobs (4 missing hooks, plus events re-scheduled by late-firing alert hooks).
  • Added final_deactivation_cleanup at priority 9999 to ensure complete cron and .htaccess cleanup after all hooks fire.
  • Replaced wp_clear_scheduled_hook with wp_unschedule_hook to clear single events with arguments.
  • Added native PHP fallback for .htaccess marker removal when WP_Filesystem is unavailable.
  • Fixed Plugin Check error: replaced direct is_writable() with vulnity_path_is_writable() and WP_Filesystem_Direct.

1.1.5

  • Fix uninstall multisite cleanup query when sitemeta table is not available to prevent SQL warnings in debug.log.

1.1.4

  • Ensure uninstall removes Vulnity firewall/log folders recursively so no plugin-owned folders are left behind.

1.1.3

  • Ensure uninstall removes Vulnity firewall/log folders even when permissions are restrictive by attempting safe chmod before cleanup.

1.1.2

  • Added a dedicated Vulnity log with line-based rotation and safe fallbacks when uploads are not writable.
  • Added admin warning when firewall storage cannot be written, with clear remediation guidance.
  • Expanded uninstall cleanup to remove Vulnity log files and firewall artifacts across fallback paths.

1.1.1

  • Fixed deactivation cleanup so Vulnity hardening marker blocks are removed fully from .htaccess without modifying user-defined rules.
  • Improved deactivation safety in shared hosting environments with conservative, marker-only rollback behavior.

1.1.0

  • Improved admin UI consistency across Dashboard, Synchronization, Mitigation, Hardening, and Setup screens.
  • Hardened plugin lifecycle behavior for shared hosting compatibility and safer deactivation/uninstall flows.
  • Added conservative server integration safeguards to reduce side effects in Apache/Nginx environments.

1.0.5

  • Version bump to 1.0.5.

1.0.4

  • Version bump to 1.0.4.

1.0.3

  • Standardized admin asset enqueues and AJAX URL localization for compliant loading.
  • Hardened nonce and capability checks across alerts and admin handlers.
  • Improved path resolution using WordPress APIs for non-default installs.
  • Documented external Supabase services used for alerts and mitigation updates.

1.0.2

  • Initial release.

Meta

Beoordelingen

Er zijn nog geen beoordelingen ingediend.

Mijn beoordeling toevoegen

Bekijk alle beoordelingen

Bijdragers

Ondersteuning

Iets te melden? Hulp nodig?

Het supportforum bekijken