{"id":220940,"date":"2025-04-23T17:47:56","date_gmt":"2025-04-23T17:47:56","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/safewp\/"},"modified":"2026-03-13T07:52:32","modified_gmt":"2026-03-13T07:52:32","slug":"safe-sites","status":"publish","type":"plugin","link":"https:\/\/pcd.wordpress.org\/plugins\/safe-sites\/","author":23218544,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.1","stable_tag":"1.0.1","tested":"6.7.5","requires":"6.0","requires_php":"8.0","requires_plugins":null,"header_name":"Safe Sites","header_author":"hidayatsafewp","header_description":"Safe Sites is a WordPress security plugin offering real-time monitoring, file permission control, malware scanning, and plugin & theme security.","assets_banners_color":"426180","last_updated":"2026-03-13 07:52:32","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/haliyadwala.com\/safe-sites","header_author_uri":"https:\/\/haliyadwala.com","rating":5,"author_block_rating":0,"active_installs":30,"downloads":629,"num_ratings":1,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.0":{"tag":"1.0.0","author":"hidayatsafewp","date":"2025-04-23 17:47:19"},"1.0.1":{"tag":"1.0.1","author":"hidayatsafewp","date":"2026-03-13 07:52:32"}},"upgrade_notice":{"1.0.1":"<p>Version 1.0.1 introduces Two-Factor Authentication (2FA), site hardening, and code signing to further secure your WordPress site.<\/p>","1.0.0":"<p>The initial release of Safe Sites includes comprehensive security features to protect your WordPress website.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":1},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3280239,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3280239,"resolution":"256x256","location":"assets","locale":""},"icon.svg":{"filename":"icon.svg","revision":3280239,"resolution":false,"location":"assets","locale":false}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3280239,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3280239,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":{"safe-sites\/demo-block":{"$schema":"https:\/\/schemas.wp.org\/trunk\/block.json","apiVersion":3,"name":"safe-sites\/demo-block","version":"0.1.0","title":"Demo Block","category":"widgets","icon":"smiley","description":"Demo block scaffolded with SafeSites.","supports":{"color":{"text":true,"background":true,"link":true}},"attributes":{"selectedUser":{"type":"string"},"user":{"type":"object"}},"textdomain":"safe-sites","editorScript":"file:.\/index.js","editorStyle":"file:.\/index.css","style":"file:.\/style-index.css"}},"tagged_versions":["1.0.0","1.0.1"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3280239,"resolution":"1","location":"assets","locale":""},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3481700,"resolution":"2","location":"assets","locale":""},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3481700,"resolution":"3","location":"assets","locale":""},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3481700,"resolution":"4","location":"assets","locale":""},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3481700,"resolution":"5","location":"assets","locale":""}},"screenshots":{"1":"Dashboard Overview \u2013 Complete security status summary","2":"2FA Configuration \u2013 Secure your account with TOTP","3":"Malware Scanner \u2013 URL and Domain security analysis","4":"File Permissions \u2013 Monitor and fix file permissions","5":"Code Signing \u2013 Verify the integrity of your plugin files"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1184,600,138582,48392,15770],"plugin_category":[54],"plugin_contributors":[241285],"plugin_business_model":[],"class_list":["post-220940","plugin","type-plugin","status-publish","hentry","plugin_tags-malware","plugin_tags-security","plugin_tags-security-scanner","plugin_tags-site-protection","plugin_tags-wp-security","plugin_category-security-and-spam-protection","plugin_contributors-hidayatsafewp","plugin_committers-hidayatsafewp"],"banners":{"banner":"https:\/\/ps.w.org\/safe-sites\/assets\/banner-772x250.png?rev=3280239","banner_2x":"https:\/\/ps.w.org\/safe-sites\/assets\/banner-1544x500.png?rev=3280239","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":"https:\/\/ps.w.org\/safe-sites\/assets\/icon.svg?rev=3280239","icon":"https:\/\/ps.w.org\/safe-sites\/assets\/icon.svg?rev=3280239","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/safe-sites\/assets\/screenshot-1.png?rev=3280239","caption":"Dashboard Overview \u2013 Complete security status summary"},{"src":"https:\/\/ps.w.org\/safe-sites\/assets\/screenshot-2.png?rev=3481700","caption":"2FA Configuration \u2013 Secure your account with TOTP"},{"src":"https:\/\/ps.w.org\/safe-sites\/assets\/screenshot-3.png?rev=3481700","caption":"Malware Scanner \u2013 URL and Domain security analysis"},{"src":"https:\/\/ps.w.org\/safe-sites\/assets\/screenshot-4.png?rev=3481700","caption":"File Permissions \u2013 Monitor and fix file permissions"},{"src":"https:\/\/ps.w.org\/safe-sites\/assets\/screenshot-5.png?rev=3481700","caption":"Code Signing \u2013 Verify the integrity of your plugin files"}],"raw_content":"<!--section=description-->\n<p>Safe Sites provides advanced security features to help keep your WordPress website safe from threats. With real-time monitoring, detailed security insights, and easy-to-use permission management, you can ensure your site is always protected.<\/p>\n\n<h4>Key Features<\/h4>\n\n<ul>\n<li><strong>Two-Factor Authentication (2FA)<\/strong> \u2013 Secure your login with TOTP-based 2FA.<\/li>\n<li><strong>Smart File Permission Control<\/strong> \u2013 Easily manage file permissions based on your server type (Windows\/Linux).<\/li>\n<li><strong>Visual File Permissions Map<\/strong> \u2013 See a color-coded structure of your site's file security.<\/li>\n<li><strong>Malware Scanner<\/strong> \u2013 Analyze your domain, URLs, and HTML security headers for vulnerabilities via VirusTotal.<\/li>\n<li><strong>Security Dashboard<\/strong> \u2013 View a complete overview of your site\u2019s security health.<\/li>\n<li><strong>Plugin &amp; Theme Security<\/strong> \u2013 Detect vulnerabilities in plugins and themes and receive alerts.<\/li>\n<li><strong>Login &amp; User Security<\/strong> \u2013 Monitor login attempts and manage user sessions.<\/li>\n<li><strong>Site Hardening<\/strong> \u2013 Apply recommended security tweaks to your WordPress installation.<\/li>\n<li><strong>Code Signing<\/strong> \u2013 Verify the integrity of your plugin files.<\/li>\n<\/ul>\n\n<h3>Detailed Features<\/h3>\n\n<p><strong>General Security &amp; Server Health:<\/strong><\/p>\n\n<ul>\n<li><strong>SSL Status<\/strong> \u2013 Check if SSL is active for secure connections.<\/li>\n<li><strong>Site Health &amp; Server Info<\/strong> \u2013 Displays PHP version, database version, and server details.<\/li>\n<li><strong>Panic Mode<\/strong> \u2013 Quickly lock down your site in case of an emergency.<\/li>\n<\/ul>\n\n<p><strong>Access &amp; User Security:<\/strong><\/p>\n\n<ul>\n<li><strong>Two-Factor Authentication (2FA):<\/strong>\n\n<ul>\n<li><strong>TOTP Support<\/strong> \u2013 Use Google Authenticator, Authy, or any TOTP app.<\/li>\n<li><strong>Configurable for All Roles<\/strong> \u2013 Require 2FA for specific user roles.<\/li>\n<li><strong>Backup Codes<\/strong> \u2013 Generate backup codes for emergency access.<\/li>\n<\/ul><\/li>\n<li><strong>Login Monitoring<\/strong> \u2013 Track failed login attempts and monitor user activity.<\/li>\n<\/ul>\n\n<p><strong>Security Monitoring &amp; Protection:<\/strong><\/p>\n\n<ul>\n<li><strong>File Permissions Management:<\/strong>\n\n<ul>\n<li><strong>Windows Servers<\/strong> \u2013 Show file read\/write permissions.<\/li>\n<li><strong>Linux Servers<\/strong> \u2013 Display numeric file permissions along with current and recommended settings.<\/li>\n<li><strong>Fix Permissions<\/strong> \u2013 Select files and fix incorrect permissions directly.<\/li>\n<\/ul><\/li>\n<li><strong>Visual File Permission Map<\/strong> \u2013 Interactive file structure with security indicators.<\/li>\n<li><strong>Hardening<\/strong> \u2013 One-click security hardening for common WP vulnerabilities.<\/li>\n<li><strong>Code Signing<\/strong> \u2013 Ensure plugin files haven't been tampered with.<\/li>\n<\/ul>\n\n<p><strong>Malware &amp; Security Scanner:<\/strong><\/p>\n\n<ul>\n<li><strong>Domain &amp; URL Analysis<\/strong> \u2013 Scan domain and URLs for malware using VirusTotal API.<\/li>\n<li><strong>Security Header &amp; DNS Scan<\/strong> \u2013 Check security headers and DNS settings.<\/li>\n<li><strong>Alert System<\/strong> \u2013 Receive alerts for detected threats.<\/li>\n<\/ul>\n\n<p><strong>WordPress Management &amp; Security:<\/strong><\/p>\n\n<ul>\n<li><strong>Plugin &amp; Theme Security:<\/strong>\n\n<ul>\n<li><strong>Vulnerability Scanner<\/strong> \u2013 Check for known security flaws.<\/li>\n<li><strong>Inactive Plugin Alerts<\/strong> \u2013 Warns about inactive components that pose risks.<\/li>\n<\/ul><\/li>\n<li><strong>Security Dashboard<\/strong> \u2013 A centralized panel for all security settings.<\/li>\n<\/ul>\n\n<h3>External Services Used<\/h3>\n\n<p>Safe Sites relies on the following third-party services for security analysis and malware detection. Below is a detailed breakdown of what each service does, what data is sent, and where you can review their policies:<\/p>\n\n<h3><strong>1. VirusTotal API<\/strong><\/h3>\n\n<p><strong>Purpose:<\/strong> Used to scan domain, URLs, and file hashes for malware detection and security threats.<\/p>\n\n<p><strong>What data is sent &amp; when?<\/strong><br \/>\n- When a user initiates a manual malware or URL scan, the plugin sends the target URL or domain to VirusTotal for analysis.<br \/>\n- No user private data is sent\u2014only the target URLs\/domains or hash values of files are transmitted.<\/p>\n\n<p><strong>Terms of Service &amp; Privacy Policy:<\/strong><br \/>\n- <a href=\"https:\/\/www.virustotal.com\/terms-of-service\">VirusTotal Terms of Service<\/a><br \/>\n- <a href=\"https:\/\/www.virustotal.com\/privacy-policy\">VirusTotal Privacy Policy<\/a><\/p>\n\n<!--section=installation-->\n<ol>\n<li>Download the plugin from WordPress.org.<\/li>\n<li>Upload the <code>safe-sites<\/code> folder to the <code>\/wp-content\/plugins\/<\/code> directory.<\/li>\n<li>Activate the plugin via the WordPress \u2018Plugins\u2019 menu.<\/li>\n<li>Navigate to the \"Safe Sites\" menu in your WordPress dashboard.<\/li>\n<li>Configure your security settings and start monitoring.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"is%20safe%20sites%20compatible%20with%20my%20hosting%20environment%3F\"><h3>Is Safe Sites compatible with my hosting environment?<\/h3><\/dt>\n<dd><p>Yes! Safe Sites works with all major hosting providers and is compatible with Apache, Nginx, and LiteSpeed servers. It requires WordPress 6.0+ and PHP 8.0+.<\/p><\/dd>\n<dt id=\"does%20safe%20sites%20affect%20site%20performance%3F\"><h3>Does Safe Sites affect site performance?<\/h3><\/dt>\n<dd><p>No, Safe Sites is optimized for performance. It uses intelligent caching and efficient scans to minimize server load.<\/p><\/dd>\n<dt id=\"how%20often%20should%20i%20run%20malware%20scans%3F\"><h3>How often should I run malware scans?<\/h3><\/dt>\n<dd><p>We recommend weekly scans, but Safe Sites continuously monitors your site for threats. You can also schedule or manually run scans anytime.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Added Two-Factor Authentication (2FA) support<\/li>\n<li>Added site hardening and code signing<\/li>\n<li>Improved VirusTotal malware scanning integration<\/li>\n<li>Fixed minor security vulnerabilities<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release<\/li>\n<li>Implemented core security monitoring features<\/li>\n<li>Added real-time threat detection<\/li>\n<li>Integrated malware scanning capabilities<\/li>\n<li>User activity monitoring<\/li>\n<li>Plugin and theme vulnerability scanning<\/li>\n<\/ul>","raw_excerpt":"Safe Sites is a WordPress security plugin offering real-time monitoring, file permission control, malware scanning, and plugin &amp; theme security.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/220940","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=220940"}],"author":[{"embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/hidayatsafewp"}],"wp:attachment":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=220940"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=220940"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=220940"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=220940"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=220940"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=220940"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}