{"id":296282,"date":"2026-04-02T07:55:32","date_gmt":"2026-04-02T07:55:32","guid":{"rendered":"https:\/\/cn.wordpress.org\/plugins\/smart-security-lockdown\/"},"modified":"2026-04-03T07:39:41","modified_gmt":"2026-04-03T07:39:41","slug":"zhangsir1724-smart-shield","status":"publish","type":"plugin","link":"https:\/\/lmo.wordpress.org\/plugins\/zhangsir1724-smart-shield\/","author":23473095,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.4","stable_tag":"1.0.4","tested":"6.9.4","requires":"5.0","requires_php":"7.4","requires_plugins":null,"header_name":"Zhangsir1724 Smart Shield","header_author":"Zhangsir1724","header_description":"A comprehensive WordPress security plugin with WAF, login protection, file protection, and dangerous function monitoring.","assets_banners_color":"","last_updated":"2026-04-03 07:39:41","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/wp.mianka.xyz\/plugin\/zhangsir1724-smart-shield\/","header_author_uri":"https:\/\/wp.mianka.xyz","rating":0,"author_block_rating":0,"active_installs":0,"downloads":77,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description"],"tags":{"1.0.4":{"tag":"1.0.4","author":"zhangsir","date":"2026-04-03 07:39:41"}},"upgrade_notice":[],"ratings":[],"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.4"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3497511,"resolution":"1","location":"assets","locale":""},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3497511,"resolution":"2","location":"assets","locale":""},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3497511,"resolution":"3","location":"assets","locale":""},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3497511,"resolution":"4","location":"assets","locale":""},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3497511,"resolution":"5","location":"assets","locale":""},"screenshot-6.png":{"filename":"screenshot-6.png","revision":3497511,"resolution":"6","location":"assets","locale":""},"screenshot-7.png":{"filename":"screenshot-7.png","revision":3497511,"resolution":"7","location":"assets","locale":""}},"screenshots":[],"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[2439,1174,15756,600,18199],"plugin_category":[54],"plugin_contributors":[259323],"plugin_business_model":[],"class_list":["post-296282","plugin","type-plugin","status-publish","hentry","plugin_tags-brute-force","plugin_tags-firewall","plugin_tags-login-protection","plugin_tags-security","plugin_tags-waf","plugin_category-security-and-spam-protection","plugin_contributors-zhangsir","plugin_committers-zhangsir"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/zhangsir1724-smart-shield.svg","icon_2x":false,"generated":true},"screenshots":[{"src":"https:\/\/ps.w.org\/zhangsir1724-smart-shield\/assets\/screenshot-1.png?rev=3497511","caption":""},{"src":"https:\/\/ps.w.org\/zhangsir1724-smart-shield\/assets\/screenshot-2.png?rev=3497511","caption":""},{"src":"https:\/\/ps.w.org\/zhangsir1724-smart-shield\/assets\/screenshot-3.png?rev=3497511","caption":""},{"src":"https:\/\/ps.w.org\/zhangsir1724-smart-shield\/assets\/screenshot-4.png?rev=3497511","caption":""},{"src":"https:\/\/ps.w.org\/zhangsir1724-smart-shield\/assets\/screenshot-5.png?rev=3497511","caption":""},{"src":"https:\/\/ps.w.org\/zhangsir1724-smart-shield\/assets\/screenshot-6.png?rev=3497511","caption":""},{"src":"https:\/\/ps.w.org\/zhangsir1724-smart-shield\/assets\/screenshot-7.png?rev=3497511","caption":""}],"raw_content":"<!--section=description-->\n<p>Zhangsir1724 Smart Shield is a powerful security plugin designed to protect your WordPress site from various attacks. It provides multiple layers of protection including Web Application Firewall (WAF), login brute-force protection, file integrity monitoring, and dangerous PHP function detection.\nZhangsir1724 Smart Shield \u662f\u4e00\u6b3e\u5f3a\u5927\u7684\u5b89\u5168\u63d2\u4ef6\uff0c\u65e8\u5728\u4fdd\u62a4\u60a8\u7684 WordPress \u7f51\u7ad9\u514d\u53d7\u5404\u79cd\u653b\u51fb\u3002\u5b83\u63d0\u4f9b\u591a\u5c42\u9632\u62a4\uff0c\u5305\u62ec Web \u5e94\u7528\u9632\u706b\u5899\uff08WAF\uff09\u3001\u767b\u5f55\u66b4\u529b\u7834\u89e3\u9632\u62a4\u3001\u6587\u4ef6\u5b8c\u6574\u6027\u76d1\u63a7\u548c\u5371\u9669 PHP \u51fd\u6570\u68c0\u6d4b\u3002<\/p>\n\n<h4>Battle-Tested Security<\/h4>\n\n<h4>\u5b9e\u6218\u68c0\u9a8c\u7684\u5b89\u5168\u9632\u62a4<\/h4>\n\n<p>This plugin has been rigorously tested through ongoing <strong>Red Team vs Blue Team exercises<\/strong>. Our WAF (Web Application Firewall) achieves a <strong>73%+ interception rate<\/strong> against common attack vectors, validated through comprehensive penetration testing including 822 attack tests:\n\u672c\u63d2\u4ef6\u901a\u8fc7\u6301\u7eed\u7684<strong>\u7ea2\u84dd\u5bf9\u6297\u6f14\u7ec3<\/strong>\u8fdb\u884c\u4e86\u4e25\u683c\u6d4b\u8bd5\u3002\u6211\u4eec\u7684 WAF\uff08Web \u5e94\u7528\u9632\u706b\u5899\uff09\u5bf9\u5e38\u89c1\u653b\u51fb\u5411\u91cf\u5b9e\u73b0\u4e86 <strong>73%+ \u7684\u62e6\u622a\u7387<\/strong>\uff0c\u901a\u8fc7\u5305\u542b 822 \u4e2a\u653b\u51fb\u6d4b\u8bd5\u7684\u7efc\u5408\u6e17\u900f\u6d4b\u8bd5\u9a8c\u8bc1\uff1a<\/p>\n\n<ul>\n<li><strong>SQL Injection Protection<\/strong> - 76%+ interception rate (246 tests)<\/li>\n<li><p><strong>SQL \u6ce8\u5165\u9632\u62a4<\/strong> - 76%+ \u62e6\u622a\u7387\uff08246 \u4e2a\u6d4b\u8bd5\uff09<\/p><\/li>\n<li><p><strong>XSS Attack Protection<\/strong> - 80%+ interception rate (303 tests)<\/p><\/li>\n<li><p><strong>XSS \u653b\u51fb\u9632\u62a4<\/strong> - 80%+ \u62e6\u622a\u7387\uff08303 \u4e2a\u6d4b\u8bd5\uff09<\/p><\/li>\n<li><p><strong>Brute Force Protection<\/strong> - 88%+ interception rate (36 tests)<\/p><\/li>\n<li><p><strong>\u66b4\u529b\u7834\u89e3\u9632\u62a4<\/strong> - 88%+ \u62e6\u622a\u7387\uff0836 \u4e2a\u6d4b\u8bd5\uff09<\/p><\/li>\n<li><p><strong>File Protection<\/strong> - 55%+ interception rate (225 tests)<\/p><\/li>\n<li><strong>\u6587\u4ef6\u4fdd\u62a4<\/strong> - 55%+ \u62e6\u622a\u7387\uff08225 \u4e2a\u6d4b\u8bd5\uff09<\/li>\n<\/ul>\n\n<p>We continuously conduct red-blue confrontation exercises to improve detection rules and enhance security capabilities, ensuring your website stays protected against evolving threats.\n\u6211\u4eec\u6301\u7eed\u5f00\u5c55\u7ea2\u84dd\u5bf9\u6297\u6f14\u7ec3\u4ee5\u6539\u8fdb\u68c0\u6d4b\u89c4\u5219\u5e76\u589e\u5f3a\u5b89\u5168\u80fd\u529b\uff0c\u786e\u4fdd\u60a8\u7684\u7f51\u7ad9\u514d\u53d7\u4e0d\u65ad\u6f14\u53d8\u7684\u5a01\u80c1\u3002<\/p>\n\n<h4>Key Features<\/h4>\n\n<h4>\u6838\u5fc3\u529f\u80fd<\/h4>\n\n<ul>\n<li><strong>Web Application Firewall (WAF)<\/strong> - 73%+ interception rate validated through red-blue team exercises with 822 comprehensive tests. Detects and blocks SQL injection (76%+), XSS (80%+), path traversal, LFI, RFI, and malicious scanners<\/li>\n<li><p><strong>Web \u5e94\u7528\u9632\u706b\u5899\uff08WAF\uff09<\/strong> - \u901a\u8fc7\u7ea2\u84dd\u5bf9\u6297\u9a8c\u8bc1\u7684 73%+ \u62e6\u622a\u7387\uff0c\u5305\u542b 822 \u4e2a\u7efc\u5408\u6d4b\u8bd5\u3002\u68c0\u6d4b\u5e76\u62e6\u622a SQL \u6ce8\u5165\uff0876%+\uff09\u3001XSS\uff0880%+\uff09\u3001\u8def\u5f84\u904d\u5386\u3001LFI\u3001RFI \u548c\u6076\u610f\u626b\u63cf\u5668<\/p><\/li>\n<li><p><strong>Login Protection<\/strong> - Prevents brute-force attacks with configurable attempt limits and lockout durations. Tracks failed login attempts and automatically locks suspicious IPs<\/p><\/li>\n<li><p><strong>\u767b\u5f55\u4fdd\u62a4<\/strong> - \u901a\u8fc7\u53ef\u914d\u7f6e\u7684\u5c1d\u8bd5\u9650\u5236\u548c\u9501\u5b9a\u65f6\u957f\u9632\u6b62\u66b4\u529b\u7834\u89e3\u653b\u51fb\u3002\u8ddf\u8e2a\u5931\u8d25\u7684\u767b\u5f55\u5c1d\u8bd5\u5e76\u81ea\u52a8\u9501\u5b9a\u53ef\u7591 IP<\/p><\/li>\n<li><p><strong>File Protection<\/strong> - Protects sensitive files (wp-config.php, .htaccess) and monitors file permissions. Blocks direct access to PHP files in uploads directory<\/p><\/li>\n<li><p><strong>\u6587\u4ef6\u4fdd\u62a4<\/strong> - \u4fdd\u62a4\u654f\u611f\u6587\u4ef6\uff08wp-config.php\u3001.htaccess\uff09\u5e76\u76d1\u63a7\u6587\u4ef6\u6743\u9650\u3002\u963b\u6b62\u76f4\u63a5\u8bbf\u95ee\u4e0a\u4f20\u76ee\u5f55\u4e2d\u7684 PHP \u6587\u4ef6<\/p><\/li>\n<li><p><strong>Dangerous Functions Monitor<\/strong> - Scans installed plugins and themes for dangerous PHP functions (exec, eval, system, etc.) with risk level classification<\/p><\/li>\n<li><p><strong>\u5371\u9669\u51fd\u6570\u76d1\u63a7<\/strong> - \u626b\u63cf\u5df2\u5b89\u88c5\u7684\u63d2\u4ef6\u548c\u4e3b\u9898\u4e2d\u7684\u5371\u9669 PHP \u51fd\u6570\uff08exec\u3001eval\u3001system \u7b49\uff09\uff0c\u5e76\u8fdb\u884c\u98ce\u9669\u7b49\u7ea7\u5206\u7c7b<\/p><\/li>\n<li><p><strong>Real-time Logging<\/strong> - Tracks all security events with detailed logs for forensic analysis<\/p><\/li>\n<li><p><strong>\u5b9e\u65f6\u65e5\u5fd7<\/strong> - \u8ddf\u8e2a\u6240\u6709\u5b89\u5168\u4e8b\u4ef6\uff0c\u63d0\u4f9b\u8be6\u7ec6\u65e5\u5fd7\u7528\u4e8e\u53d6\u8bc1\u5206\u6790<\/p><\/li>\n<li><p><strong>Easy Configuration<\/strong> - User-friendly admin interface with one-click enable\/disable and security score dashboard<\/p><\/li>\n<li><strong>\u7b80\u5355\u914d\u7f6e<\/strong> - \u7528\u6237\u53cb\u597d\u7684\u7ba1\u7406\u754c\u9762\uff0c\u652f\u6301\u4e00\u952e\u542f\u7528\/\u7981\u7528\u548c\u5b89\u5168\u8bc4\u5206\u4eea\u8868\u677f<\/li>\n<\/ul>\n\n<h4>Comprehensive Attack Detection<\/h4>\n\n<h4>\u5168\u9762\u7684\u653b\u51fb\u68c0\u6d4b<\/h4>\n\n<ul>\n<li><strong>SQL Injection<\/strong> - 40+ detection patterns covering UNION-based, Boolean-based, Time-based, and Error-based SQLi<\/li>\n<li><p><strong>SQL \u6ce8\u5165<\/strong> - 40+ \u68c0\u6d4b\u6a21\u5f0f\uff0c\u8986\u76d6\u57fa\u4e8e UNION\u3001\u5e03\u5c14\u3001\u65f6\u95f4\u548c\u9519\u8bef\u7684 SQL \u6ce8\u5165<\/p><\/li>\n<li><p><strong>Cross-Site Scripting (XSS)<\/strong> - 80+ patterns detecting script injection, event handlers, JavaScript protocol, and DOM-based XSS<\/p><\/li>\n<li><p><strong>\u8de8\u7ad9\u811a\u672c\u653b\u51fb\uff08XSS\uff09<\/strong> - 80+ \u6a21\u5f0f\u68c0\u6d4b\u811a\u672c\u6ce8\u5165\u3001\u4e8b\u4ef6\u5904\u7406\u5668\u3001JavaScript \u534f\u8bae\u548c\u57fa\u4e8e DOM \u7684 XSS<\/p><\/li>\n<li><p><strong>Local File Inclusion (LFI)<\/strong> - Path traversal detection including encoded variants (..\/, ..%2f, ..%5c)<\/p><\/li>\n<li><p><strong>\u672c\u5730\u6587\u4ef6\u5305\u542b\uff08LFI\uff09<\/strong> - \u8def\u5f84\u904d\u5386\u68c0\u6d4b\uff0c\u5305\u62ec\u7f16\u7801\u53d8\u4f53\uff08..\/\u3001..%2f\u3001..%5c\uff09<\/p><\/li>\n<li><p><strong>Remote File Inclusion (RFI)<\/strong> - Detects remote file inclusion attempts and PHP stream wrappers<\/p><\/li>\n<li><p><strong>\u8fdc\u7a0b\u6587\u4ef6\u5305\u542b\uff08RFI\uff09<\/strong> - \u68c0\u6d4b\u8fdc\u7a0b\u6587\u4ef6\u5305\u542b\u5c1d\u8bd5\u548c PHP \u6d41\u5305\u88c5\u5668<\/p><\/li>\n<li><p><strong>Remote Code Execution (RCE)<\/strong> - Command injection detection for Unix and Windows environments<\/p><\/li>\n<li><p><strong>\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\uff08RCE\uff09<\/strong> - Unix \u548c Windows \u73af\u5883\u7684\u547d\u4ee4\u6ce8\u5165\u68c0\u6d4b<\/p><\/li>\n<li><p><strong>Malicious Scanners<\/strong> - Identifies vulnerability scanners and sensitive file access attempts<\/p><\/li>\n<li><p><strong>\u6076\u610f\u626b\u63cf\u5668<\/strong> - \u8bc6\u522b\u6f0f\u6d1e\u626b\u63cf\u5668\u548c\u654f\u611f\u6587\u4ef6\u8bbf\u95ee\u5c1d\u8bd5<\/p><\/li>\n<li><p><strong>Brute Force Protection<\/strong> - Configurable attempt limits with automatic IP lockout<\/p><\/li>\n<li><strong>\u66b4\u529b\u7834\u89e3\u9632\u62a4<\/strong> - \u53ef\u914d\u7f6e\u7684\u5c1d\u8bd5\u9650\u5236\u548c\u81ea\u52a8 IP \u9501\u5b9a<\/li>\n<\/ul>\n\n<h4>Pro Version Available<\/h4>\n\n<h4>Pro \u7248\u672c\u53ef\u7528<\/h4>\n\n<p>A Pro version is available with advanced features including enhanced WAF rules (96%+ interception rate), IP management, file integrity monitoring, and more. <a href=\"https:\/\/wp.mianka.xyz\/zhangsir1724-smart-shield-pro\/\">Learn More<\/a>\nPro \u7248\u672c\u63d0\u4f9b\u9ad8\u7ea7\u529f\u80fd\uff0c\u5305\u62ec\u589e\u5f3a\u7684 WAF \u89c4\u5219\uff0896%+ \u62e6\u622a\u7387\uff09\u3001IP \u7ba1\u7406\u3001\u6587\u4ef6\u5b8c\u6574\u6027\u76d1\u63a7\u7b49\u3002<a href=\"https:\/\/wp.mianka.xyz\/zhangsir1724-smart-shield-pro\/\">\u4e86\u89e3\u66f4\u591a<\/a><\/p>\n\n<h3>Short Description<\/h3>\n\n<p>WordPress security plugin, with WAF (interception rate of 73%+), login protection and other functions. After 822 penetration tests in combat testing.<\/p>\n\n<h3>\u5b89\u88c5<\/h3>\n\n<ol>\n<li>Upload the plugin files to the <code>\/wp-content\/plugins\/zhangsir1724-smart-shield<\/code> directory, or install the plugin through the WordPress plugins screen directly.<\/li>\n<li><p>\u5c06\u63d2\u4ef6\u6587\u4ef6\u4e0a\u4f20\u5230 <code>\/wp-content\/plugins\/zhangsir1724-smart-shield<\/code> \u76ee\u5f55\uff0c\u6216\u901a\u8fc7 WordPress \u63d2\u4ef6\u5c4f\u5e55\u76f4\u63a5\u5b89\u88c5\u63d2\u4ef6\u3002<\/p><\/li>\n<li><p>Activate the plugin through the 'Plugins' screen in WordPress.<\/p><\/li>\n<li><p>\u5728 WordPress \u7684\"\u63d2\u4ef6\"\u5c4f\u5e55\u4e2d\u6fc0\u6d3b\u63d2\u4ef6\u3002<\/p><\/li>\n<li><p>Go to the plugin settings page (Zhangsir1724 Smart Shield menu) to configure.<\/p><\/li>\n<li><p>\u8fdb\u5165\u63d2\u4ef6\u8bbe\u7f6e\u9875\u9762\uff08Zhangsir1724 Smart Shield \u83dc\u5355\uff09\u8fdb\u884c\u914d\u7f6e\u3002<\/p><\/li>\n<li><p>Enable the security features you need.<\/p><\/li>\n<li>\u542f\u7528\u60a8\u9700\u8981\u7684\u5b89\u5168\u529f\u80fd\u3002<\/li>\n<\/ol>\n\n<h3>\u5e38\u89c1\u95ee\u9898<\/h3>\n\n<h4>How effective is the WAF protection?<\/h4>\n\n<h4>WAF \u9632\u62a4\u6709\u591a\u6709\u6548\uff1f<\/h4>\n\n<p>Our WAF achieves a 73%+ overall interception rate against common attack vectors, validated through continuous red-blue team exercises with 822 comprehensive penetration tests. Detailed results: SQL Injection 76%+ (246 tests), XSS 80%+ (303 tests), Brute Force 88%+ (36 tests), File Protection 55%+ (225 tests). We regularly update detection rules based on real-world attack patterns discovered during these security exercises.\n\u6211\u4eec\u7684 WAF \u5bf9\u5e38\u89c1\u653b\u51fb\u5411\u91cf\u5b9e\u73b0\u4e86 73%+ \u7684\u603b\u4f53\u62e6\u622a\u7387\uff0c\u901a\u8fc7\u6301\u7eed\u7684\u7ea2\u84dd\u5bf9\u6297\u6f14\u7ec3\u548c 822 \u4e2a\u7efc\u5408\u6e17\u900f\u6d4b\u8bd5\u9a8c\u8bc1\u3002\u8be6\u7ec6\u7ed3\u679c\uff1aSQL \u6ce8\u5165 76%+\uff08246 \u4e2a\u6d4b\u8bd5\uff09\u3001XSS 80%+\uff08303 \u4e2a\u6d4b\u8bd5\uff09\u3001\u66b4\u529b\u7834\u89e3 88%+\uff0836 \u4e2a\u6d4b\u8bd5\uff09\u3001\u6587\u4ef6\u4fdd\u62a4 55%+\uff08225 \u4e2a\u6d4b\u8bd5\uff09\u3002\u6211\u4eec\u6839\u636e\u8fd9\u4e9b\u5b89\u5168\u6f14\u7ec3\u4e2d\u53d1\u73b0\u7684\u771f\u5b9e\u653b\u51fb\u6a21\u5f0f\u5b9a\u671f\u66f4\u65b0\u68c0\u6d4b\u89c4\u5219\u3002<\/p>\n\n<h4>Does this plugin work with caching plugins?<\/h4>\n\n<h4>\u8fd9\u4e2a\u63d2\u4ef6\u80fd\u4e0e\u7f13\u5b58\u63d2\u4ef6\u4e00\u8d77\u5de5\u4f5c\u5417\uff1f<\/h4>\n\n<p>Yes, Zhangsir1724 Smart Shield is compatible with most caching plugins. The WAF rules are executed before caching, ensuring all requests are properly scanned.\n\u662f\u7684\uff0cZhangsir1724 Smart Shield \u4e0e\u5927\u591a\u6570\u7f13\u5b58\u63d2\u4ef6\u517c\u5bb9\u3002WAF \u89c4\u5219\u5728\u7f13\u5b58\u4e4b\u524d\u6267\u884c\uff0c\u786e\u4fdd\u6240\u6709\u8bf7\u6c42\u90fd\u7ecf\u8fc7\u6b63\u786e\u626b\u63cf\u3002<\/p>\n\n<h4>Will this plugin slow down my site?<\/h4>\n\n<h4>\u8fd9\u4e2a\u63d2\u4ef6\u4f1a\u62d6\u6162\u6211\u7684\u7f51\u7ad9\u5417\uff1f<\/h4>\n\n<p>The plugin is optimized for performance. Security checks are lightweight and only run when necessary. Pattern matching uses efficient regular expressions, and the impact on site performance is minimal.\n\u8be5\u63d2\u4ef6\u5df2\u9488\u5bf9\u6027\u80fd\u8fdb\u884c\u4f18\u5316\u3002\u5b89\u5168\u68c0\u67e5\u8f7b\u91cf\u7ea7\u4e14\u4ec5\u5728\u5fc5\u8981\u65f6\u8fd0\u884c\u3002\u6a21\u5f0f\u5339\u914d\u4f7f\u7528\u9ad8\u6548\u7684\u6b63\u5219\u8868\u8fbe\u5f0f\uff0c\u5bf9\u7f51\u7ad9\u6027\u80fd\u7684\u5f71\u54cd\u5fae\u4e4e\u5176\u5fae\u3002<\/p>\n\n<h4>Can I use this with other security plugins?<\/h4>\n\n<h4>\u6211\u53ef\u4ee5\u4e0e\u5176\u4ed6\u5b89\u5168\u63d2\u4ef6\u4e00\u8d77\u4f7f\u7528\u5417\uff1f<\/h4>\n\n<p>While you can use multiple security plugins, we recommend using Zhangsir1724 Smart Shield as your primary security solution to avoid conflicts and duplicate functionality.\n\u867d\u7136\u60a8\u53ef\u4ee5\u4f7f\u7528\u591a\u4e2a\u5b89\u5168\u63d2\u4ef6\uff0c\u4f46\u6211\u4eec\u5efa\u8bae\u5c06 Zhangsir1724 Smart Shield \u4f5c\u4e3a\u4e3b\u8981\u5b89\u5168\u89e3\u51b3\u65b9\u6848\uff0c\u4ee5\u907f\u514d\u51b2\u7a81\u548c\u529f\u80fd\u91cd\u590d\u3002<\/p>\n\n<h4>How do you validate the security rules?<\/h4>\n\n<h4>\u4f60\u4eec\u5982\u4f55\u9a8c\u8bc1\u5b89\u5168\u89c4\u5219\uff1f<\/h4>\n\n<p>We conduct ongoing red team vs blue team exercises to test and improve our security rules. This real-world testing ensures our detection patterns remain effective against current attack techniques.\n\u6211\u4eec\u6301\u7eed\u5f00\u5c55\u7ea2\u84dd\u5bf9\u6297\u6f14\u7ec3\u6765\u6d4b\u8bd5\u548c\u6539\u8fdb\u5b89\u5168\u89c4\u5219\u3002\u8fd9\u79cd\u771f\u5b9e\u4e16\u754c\u7684\u6d4b\u8bd5\u786e\u4fdd\u6211\u4eec\u7684\u68c0\u6d4b\u6a21\u5f0f\u5bf9\u5f53\u524d\u653b\u51fb\u6280\u672f\u4fdd\u6301\u6709\u6548\u3002<\/p>\n\n<h4>How do I report a security issue?<\/h4>\n\n<h4>\u5982\u4f55\u62a5\u544a\u5b89\u5168\u95ee\u9898\uff1f<\/h4>\n\n<p>Please report any security vulnerabilities to our security team at <a href=\"mailto:1601800014@qq.com\">1601800014@qq.com<\/a>. We take security seriously and will respond promptly.\n\u8bf7\u901a\u8fc7 <a href=\"mailto:1601800014@qq.com\">1601800014@qq.com<\/a> \u5411\u6211\u4eec\u7684\u5b89\u5168\u56e2\u961f\u62a5\u544a\u4efb\u4f55\u5b89\u5168\u6f0f\u6d1e\u3002\u6211\u4eec\u91cd\u89c6\u5b89\u5168\u5e76\u5c06\u53ca\u65f6\u54cd\u5e94\u3002<\/p>\n\n<h3>\u5c4f\u5e55\u622a\u56fe<\/h3>\n\n<ol>\n<li>Dashboard overview showing security score and protection status<\/li>\n<li><p>\u4eea\u8868\u677f\u6982\u89c8\uff0c\u663e\u793a\u5b89\u5168\u8bc4\u5206\u548c\u4fdd\u62a4\u72b6\u6001<\/p><\/li>\n<li><p>File protection settings and permission monitoring<\/p><\/li>\n<li><p>\u6587\u4ef6\u4fdd\u62a4\u8bbe\u7f6e\u548c\u6743\u9650\u76d1\u63a7<\/p><\/li>\n<li><p>Login protection configuration with attempt tracking<\/p><\/li>\n<li><p>\u767b\u5f55\u4fdd\u62a4\u914d\u7f6e\uff0c\u663e\u793a\u5c1d\u8bd5\u8ddf\u8e2a<\/p><\/li>\n<li><p>WAF firewall settings with attack statistics and blocked requests<\/p><\/li>\n<li><p>WAF \u9632\u706b\u5899\u8bbe\u7f6e\uff0c\u663e\u793a\u653b\u51fb\u7edf\u8ba1\u548c\u62e6\u622a\u8bf7\u6c42<\/p><\/li>\n<li><p>Dangerous functions scanner with risk classification<\/p><\/li>\n<li><p>\u5371\u9669\u51fd\u6570\u626b\u63cf\u5668\uff0c\u663e\u793a\u98ce\u9669\u5206\u7c7b<\/p><\/li>\n<li><p>Plugin settings and configuration options<\/p><\/li>\n<li><p>\u63d2\u4ef6\u8bbe\u7f6e\u548c\u914d\u7f6e\u9009\u9879<\/p><\/li>\n<li><p>Security test report showing red-blue team exercise results<\/p><\/li>\n<li>\u5b89\u5168\u6d4b\u8bd5\u62a5\u544a\uff0c\u663e\u793a\u7ea2\u84dd\u5bf9\u6297\u6f14\u7ec3\u7ed3\u679c<\/li>\n<\/ol>\n\n<h3>\u66f4\u65b0\u65e5\u5fd7<\/h3>\n\n<h4>1.0.4<\/h4>\n\n<ul>\n<li>Enhanced WAF detection rules based on red-blue team exercise findings with 822 comprehensive tests<\/li>\n<li><p>\u57fa\u4e8e\u7ea2\u84dd\u5bf9\u6297\u6f14\u7ec3\u53d1\u73b0\u589e\u5f3a WAF \u68c0\u6d4b\u89c4\u5219\uff0c\u5305\u542b 822 \u4e2a\u7efc\u5408\u6d4b\u8bd5<\/p><\/li>\n<li><p>Improved SQL injection detection patterns (40+ patterns, 76%+ interception rate)<\/p><\/li>\n<li><p>\u6539\u8fdb SQL \u6ce8\u5165\u68c0\u6d4b\u6a21\u5f0f\uff0840+ \u6a21\u5f0f\uff0c76%+ \u62e6\u622a\u7387\uff09<\/p><\/li>\n<li><p>Expanded XSS protection coverage (80+ patterns, 80%+ interception rate)<\/p><\/li>\n<li><p>\u6269\u5c55 XSS \u9632\u62a4\u8986\u76d6\u8303\u56f4\uff0880+ \u6a21\u5f0f\uff0c80%+ \u62e6\u622a\u7387\uff09<\/p><\/li>\n<li><p>Enhanced brute force protection (88%+ interception rate)<\/p><\/li>\n<li><p>\u589e\u5f3a\u66b4\u529b\u7834\u89e3\u9632\u62a4\uff0888%+ \u62e6\u622a\u7387\uff09<\/p><\/li>\n<li><p>Added malicious scanner detection rules<\/p><\/li>\n<li><p>\u6dfb\u52a0\u6076\u610f\u626b\u63cf\u5668\u68c0\u6d4b\u89c4\u5219<\/p><\/li>\n<li><p>Optimized performance for high-traffic websites<\/p><\/li>\n<li><p>\u9488\u5bf9\u9ad8\u6d41\u91cf\u7f51\u7ad9\u4f18\u5316\u6027\u80fd<\/p><\/li>\n<li><p>Bug fixes and security improvements<\/p><\/li>\n<li>\u9519\u8bef\u4fee\u590d\u548c\u5b89\u5168\u6539\u8fdb<\/li>\n<\/ul>\n\n<h4>1.0.3<\/h4>\n\n<ul>\n<li>Initial release<\/li>\n<li><p>\u521d\u59cb\u53d1\u5e03<\/p><\/li>\n<li><p>Web Application Firewall with multiple attack pattern detection<\/p><\/li>\n<li><p>\u5177\u6709\u591a\u79cd\u653b\u51fb\u6a21\u5f0f\u68c0\u6d4b\u7684 Web \u5e94\u7528\u9632\u706b\u5899<\/p><\/li>\n<li><p>Login brute-force protection<\/p><\/li>\n<li><p>\u767b\u5f55\u66b4\u529b\u7834\u89e3\u9632\u62a4<\/p><\/li>\n<li><p>File protection and integrity monitoring<\/p><\/li>\n<li><p>\u6587\u4ef6\u4fdd\u62a4\u548c\u5b8c\u6574\u6027\u76d1\u63a7<\/p><\/li>\n<li><p>Dangerous PHP functions monitoring<\/p><\/li>\n<li><p>\u5371\u9669 PHP \u51fd\u6570\u76d1\u63a7<\/p><\/li>\n<li><p>Admin dashboard with security score<\/p><\/li>\n<li><p>\u5e26\u5b89\u5168\u8bc4\u5206\u7684\u7ba1\u7406\u4eea\u8868\u677f<\/p><\/li>\n<li><p>Real-time logging and statistics<\/p><\/li>\n<li>\u5b9e\u65f6\u65e5\u5fd7\u548c\u7edf\u8ba1<\/li>\n<\/ul>\n\n<h3>\u5347\u7ea7\u63d0\u793a<\/h3>\n\n<h4>1.0.4<\/h4>\n\n<p>Enhanced WAF detection rules and improved performance with 73%+ interception rate validated by 822 comprehensive tests. Recommended update for all users.\n\u589e\u5f3a\u7684 WAF \u68c0\u6d4b\u89c4\u5219\u548c\u6539\u8fdb\u7684\u6027\u80fd\uff0c\u901a\u8fc7 822 \u4e2a\u7efc\u5408\u6d4b\u8bd5\u9a8c\u8bc1\u7684 73%+ \u62e6\u622a\u7387\u3002\u63a8\u8350\u6240\u6709\u7528\u6237\u66f4\u65b0\u3002<\/p>\n\n<h4>1.0.3<\/h4>\n\n<p>Initial release of Zhangsir1724 Smart Shield.\nZhangsir1724 Smart Shield \u521d\u59cb\u53d1\u5e03\u3002<\/p>\n\n<h3>Additional Info<\/h3>\n\n<h3>\u9644\u52a0\u4fe1\u606f<\/h3>\n\n<h4>Privacy Policy<\/h4>\n\n<h4>\u9690\u79c1\u653f\u7b56<\/h4>\n\n<p>This plugin does not collect or transmit any user data to external servers. All security logs are stored locally in your WordPress database.\n\u672c\u63d2\u4ef6\u4e0d\u6536\u96c6\u6216\u4f20\u8f93\u4efb\u4f55\u7528\u6237\u6570\u636e\u5230\u5916\u90e8\u670d\u52a1\u5668\u3002\u6240\u6709\u5b89\u5168\u65e5\u5fd7\u5b58\u50a8\u5728\u60a8\u7684 WordPress \u6570\u636e\u5e93\u4e2d\u3002<\/p>\n\n<h4>Data Storage<\/h4>\n\n<h4>\u6570\u636e\u5b58\u50a8<\/h4>\n\n<p>The plugin stores the following data in your WordPress database:\n\u63d2\u4ef6\u5728\u60a8\u7684 WordPress \u6570\u636e\u5e93\u4e2d\u5b58\u50a8\u4ee5\u4e0b\u6570\u636e\uff1a<\/p>\n\n<ul>\n<li>Security settings (wp_options table)<\/li>\n<li><p>\u5b89\u5168\u8bbe\u7f6e\uff08wp_options \u8868\uff09<\/p><\/li>\n<li><p>Blocked request logs (wp_options table)<\/p><\/li>\n<li><p>\u62e6\u622a\u8bf7\u6c42\u65e5\u5fd7\uff08wp_options \u8868\uff09<\/p><\/li>\n<li><p>Login attempt records (custom table)<\/p><\/li>\n<li><p>\u767b\u5f55\u5c1d\u8bd5\u8bb0\u5f55\uff08\u81ea\u5b9a\u4e49\u8868\uff09<\/p><\/li>\n<li><p>Locked IP addresses (transients)<\/p><\/li>\n<li>\u9501\u5b9a\u7684 IP \u5730\u5740\uff08transients\uff09<\/li>\n<\/ul>\n\n<p>All data can be removed by deactivating and deleting the plugin.\n\u6240\u6709\u6570\u636e\u53ef\u4ee5\u901a\u8fc7\u505c\u7528\u548c\u5220\u9664\u63d2\u4ef6\u6765\u79fb\u9664\u3002<\/p>\n\n<h4>License<\/h4>\n\n<h4>\u8bb8\u53ef\u8bc1<\/h4>\n\n<p>This plugin is licensed under the GNU General Public License v2.0 or later. You are free to use, modify, and distribute this software under the terms of this license.\n\u672c\u63d2\u4ef6\u6839\u636e GNU \u901a\u7528\u516c\u5171\u8bb8\u53ef\u8bc1 v2.0 \u6216\u66f4\u9ad8\u7248\u672c\u6388\u6743\u3002\u60a8\u53ef\u4ee5\u6839\u636e\u8be5\u8bb8\u53ef\u8bc1\u7684\u6761\u6b3e\u81ea\u7531\u4f7f\u7528\u3001\u4fee\u6539\u548c\u5206\u53d1\u672c\u8f6f\u4ef6\u3002<\/p>","raw_excerpt":"WordPress security plugin, with WAF (interception rate of 73%+), login protection and other functions. After 822 penetration tests in combat testing.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/296282","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=296282"}],"author":[{"embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/zhangsir"}],"wp:attachment":[{"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=296282"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=296282"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=296282"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=296282"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=296282"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/lmo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=296282"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}