설명
WORDFENCE LOGIN SECURITY
Wordfence Login Security contains a subset of the functionality found in the full Wordfence plugin: Two-factor Authentication, XML-RPC Protection and Login Page CAPTCHA.
Are you looking for comprehensive WordPress Security? Check out the full Wordfence plugin.
TWO-FACTOR AUTHENTICATION
- Two-factor authentication (2FA), one of the most secure forms of remote system authentication available.
- Use any TOTP-based authenticator app or service like Google Authenticator, Authy, 1Password or FreeOTP.
- Enable 2FA for any WordPress user role.
- Completely free to use, no limits or restrictions of any kind.
LOGIN PAGE CAPTCHA
- Easily enable Google ReCAPTCHA v3 on your login and registration pages.
- Stops bots from logging in without inconveniencing your site visitors.
- Robust protection against password guessing and credential stuffing attacks distributed across large IP pools
XML-RPC PROTECTION
- XML-RPC is the biggest target for WordPress attacks, but is often overlooked.
- Protect XML-RPC with 2FA or disable it altogether if it’s not needed.
스크린샷
Take login security to the next level with two-factor authentication. 
Logging in is easy with Wordfence 2FA. 
Configuration options include XML-RPC protection and login page CAPTCHA.
설치
Secure your website using the following steps to install Wordfence:
- Install Wordfence Login Security automatically or by uploading the ZIP file.
- Activate the Wordfence Login Security through the ‘Plugins’ menu in WordPress. Wordfence Login Security is now activated.
- Go to the ‘Login Security’ menu and activate two-factor authentication and configure other settings.
To install Wordfence Login Security on WordPress Multisite installations:
- Install Wordfence Login Security via the plugin directory or by uploading the ZIP file.
- Network Activate Wordfence Login Security. This step is important because until you network activate it, your sites will see the plugin option on their ‘Plugins’ menu. Once activated, that option disappears.
- Now that Wordfence Login Security is network activated, it will appear on your Network Admin menu for super administrators and individual sites for users who have permission to activate 2FA.
후기
2021년 1월 17일
Good compliment to Wordfence, but please add login URL obfuscation!
Because you do not do this either I take another plugin as well like WPS Hide Login, or I just take WP Cerber which does everything!
2020년 11월 17일
Fantastic Plugin!
2020년 11월 8일
I have installed this plugin but still showing this error:
CODE REQUIRED: Please provide your 2FA code when prompted.
How to get rid of that. Please help me?
2020년 9월 4일
It requires admin level access for any user to setup 2fa. So if you need 2fa for users that you don't want admin access you can't use this plugin. I learned this the hard way after setting it all up and asking all our users to setup 2fa. non admin users got an error requiring admin capabilities.
2020년 7월 10일
Really great !
2020년 6월 24일
The Plugin works and integrates nicely into wordfence security and wp itself. TOTP works great, and the captcha integration works too. Sadly it doesn't support multiple 2fa methods like TOTP & "backup codes" as well as email as backup. Other 2fa methods like U2F are not supported. This Plugin doesn't work with the yubico yubikey hardware keys.
기여자 & 개발자
“Wordfence Login Security”(은)는 오픈 소스 소프트웨어입니다. 다음의 사람들이 이 플러그인에 기여하였습니다.
기여자
자국어로 “Wordfence Login Security”(을)를 번역하세요.
개발에 관심이 있으십니까?
변경이력
1.0.6 – January 14, 2021
- Improvement: Made a number of WordPress 5.6 and jQuery 3.x compatibility improvements.
- Improvement: Replaced the terms whitelist and blacklist with allowlist and blocklist.
- Fix: Sync roles to new sites in multisite configurations
- Fix: Corrected 2FA config links in notices for multisite
- Fix: Corrected inactive user count when users with 2FA have been deleted
- Fix: reCAPTCHA will no longer block requests with missing tokens in test mode
1.0.5 – January 13, 2020
- Changed: AJAX endpoints now send the application/json Content-Type header.
- Changed: Added compatibility messaging for reCAPTCHA when WooCommerce is active.
- Fixed: The “Require 2FA for all administrators” notice is now automatically dismissed if an administrator sets up 2FA.
1.0.4 – November 6, 2019
- Fix: Added styling fix to the 2FA code prompt for WordPress 5.3.
- Fix: Added compatibility tags for WP Tide.
1.0.3 – July 16, 2019
- Improvement: Added additional information about reCAPTCHA to its setting control.
- Improvement: Added a constant that may be overridden to customize the expiration time of login verification email links.
- Improvement: reCAPTCHA keys are now tested on saving to prevent accidentally inputting a v2 key.
- Improvement: Added a setting to control the reCAPTCHA human/bot threshold.
- Improvement: Added an option to trigger removal of Login Security tables and data on deactivation.
- Improvement: Reworked the reCAPTCHA implementation to trigger the token check on login/registration form submission to avoid the token expiring.
- Fix: Widened the reCAPTCHA key fields to allow the full keys to be visible.
- Fix: Addressed an issue when outbound UDP connections are blocked where the NTP check could log an error.
- Fix: Added handling for reCAPTCHA’s JavaScript failing to load, which previously blocked logging in.
- Fix: Fixed the functionality of the button to send 2FA grace period notifications.
- Fix: Fixed a missing icon for some help links when running in standalone mode.
1.0.2 – May 30, 2019
- Initial release