WORDPRESS SECURITY PLUGIN

Abstract

WordPress is the most popular CMS (Content Management System) being used for building websites today. As of 2019, 33.6% of all the websites are built over it. Moreover, WordPress holds 60.5% market share among all web-based CMS software [1]. It is an open-source software which means anyone can install it for free and set up a website in a very short time. With this ease and popularity, there are tons of security breaches every day on websites built using WordPress. This is mainly due to use of insecure plugins or users not following good security practices. Therefore, the aim of this project is to build a WordPress plugin, that will make a WordPress website more secure and have a number of security-related features such as WordPress core files integrity monitoring, features related to making a website HTTPS compliant and other features which will be integrated as further research is done on the security of WordPress as part of this project. This plugin is mainly aimed towards users who own shared hosting where there is limited control over web server and thus, the user cannot install most applications that can be installed on a Linux web server normally. This plugin will assist such users in minimizing the security risks. However, the plugin will work for all WordPress installations alike irrespective of the type of hosting they are using.