“Security Test result interface is better for visible now, but I hope a Filter Button that hidden all PASS elements and focus on FAILED elements only. List all PASSED and FAILED is rather hurting my eyes a little bit. This button will …
This would be a test to check if the REST API itself is enabled. Another test checks if the links are displayed in the source code. Idea by Cuong.
“If I deactivate the plugin, then activate it again. I need to configure all things as begin (Site analytics, Firewall, System Analytics). It will not make sense sometimes I want to debug plugin conflict for my WordPress by deactivating one-by-one.”
Recent changes to the maxmind database forces us to replace with different database, eg https://lite.ip2location.com/database/ip-country More about why: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
having the ability to show vulnerabilities based on the versions of installed plugins, themes, WordPress core version. Suggest by Jose
“This would cover multiple admins, one out on vacation, yet the other could still receive reports. I know this can be handled with email distribution groups, so is just a thought” Suggested by Jose.
Often seen is .bak or .sql files in the root folder of WordPress – Will add scan for this kind of file and suggest removal.
White-labling would be nice to have like many companies are offering this functionality for pro and Agencies to have this. From Jay
Add an easy way to block IPs directly from the interface. – Manually (similar to whitelisting) – Clicking a “block icon” next to an IP in the admin interface will block that IP.
Keeping the definitions updated via API for quicker updates
Show warnings for old outdated plugins / themes. Find plugins not updated in x years.
prevent “admin” as a username and (then) immediately block everybody trying to log in with “admin” as a username.