The MainWP WordFence extension allows you to scan your child sites for security issues, monitor live traffic and to manage Wordfence settings across your network and all from your Dashboard!
It is created to scan easily all child sites for malware, security issues and monitor live traffic. You can scan all sites with one button, see results in the MainWP Dashboard, block or unblock users or set scheduled scans. MainWP WordFence is intuitive and very easy to use. It requires the WordFence plugin being installed on the child site.
MainWP Vulnerability Checker extension uses WPScan Vulnerability Database API to bring you information about vulnerable plugins and themes on your Child Sites so you can act accordingly.
What is WPScan
WPScan is a black box WordPress vulnerability scanner.
It is a linux script, created by Sucuri to check WordPress for vulnerabilities. It has it’s own database with known security issues. The script is very powerful and allows you to:
Enumerate all users
Enumerate all themes
Enumerate all plugins
Check all themes against the database of vulnerabilities
Check all plugins against the database of vulnerabilities
MainWP Vulnerability Checker extension works the same way. It checks all installed themes and plugins (and their versions) and compares them to the entries in wpvulndb. If it finds one, it will notify you in the dashboard. You can check a single site or perform bulk scan.
You can avoid the security issues that this extension is looking for by keeping everything up to date, but if manage a large amount of sites, this task becomes easier said than done.
Anyone can check any plugin or theme for known vulnerabilities because the wpvulndb database is open. Researchers are disclosing these issues after the vulnerabilities have been patched. It is a good place for research if you check whether a plugin had many vulnerabilities in the past and how quickly they have been patched. Unfortunately the database has been used by attackers who have found outdated plugin or theme and are looking for known way to compromise the site.
MainWP Vulnerability Checker gives you another point of view of your sites. In combination with MainWP Sucuri extension and MainWP WordFence it provides you enough information to keep you sites secure and protect them from low level (script kiddie) attackers.
The MainWP Sucuri Extension uses Sucuri’s proprietary SiteCheck Tool to scan your sites. SiteCheck provides web-based malware scanning of your web sites using the latest in fingerprinting technology. It gives you a quick way to determine if your web applications are out of date, exploited with malware, or even blacklisted by popular search engines all directly from your MainWP Dashboard!
MainWp Sucuri is really easy to use. It adds SECURITY SCAN tab to each site’s Dashboard.
What it can do
MainWp Sucuri helps you scan your sites for security issues and offers you a quick way to fix them. According to it’s creators, it can:
Blackhat SEO Spam
Also Check For
Web Server Details
List of Scanned URLs
List of iFrames Included
The scan results tells you also if there are some other issues like directory browsing, accessible readme.html etc. It scans for things, attackers check in the fingerprinting stage of an attack and helps you hide them.
This extension is really good, but it has some problems that need to be fixed. One of the is the false positives. If the scan find readme.html file in the root directory, Sucuri flags it as an issue even if the file is not accessibe (returns 403 Forbidden). Similar thing is happening with the directory browsing results.
MainWP Advanced Uptime Monitor is an extension that works with the Uptime Robot service that checks your websites sites every 5 minutes, 24 hours a day, 7 days a week. In the case your site is not loading, it makes few more checks in next 3 minutes to make sure that site is down. If the site is still down, it will notify you immediately.
In order to use this extension, you will need a couple of things:
This extension is simple to setup and use and is really helpful for monitoring large amount of sites uptime. It displays data in the MainWP dashboard and notifies you by email for any changes in a site’s status as well as the code it returns. This gives you the ability to react quickly and fix any issues causing downtime.
The only limitations come from Uptime robot. Their Free Plan allows you to monitor 50 sites. If you need to watch more, you have to upgrade to Pro Plan which gives you the flexibility to pay according to the amount of sites you have. The maximum is 500 and it costs $29.90. The Pro Plans include sms notifications
WooCommerce has templates for everything including emails and provides developers an easy way override them.
This template can be overridden by copying it to yourtheme/woocommerce/archive-product.php.
This is very useful when you build a custom or a child theme and you want to modify the way WooCommerce looks according to your needs.
But in some cases you need to do this with a plugin.
When to use a plugin
Let’ look at some real life scenarios.
You don’t have ftp, ssh or any access to the site files.
Maybe you don’t have child theme and you don’t want to loose changes when you update the parent theme.
You want to build a plugin which needs to modify WooCommerce.
How to do it
To override WooCommerce templates wit a plugin, we can use the ‘wc_get_template’ filter. It takes a few arguments, but we will need only 2. $located – the path to the new template file $template_name – the name (and directory) of the template we are overriding.
Let’s override 2 templates – the archive product and new order email.
We created a ‘templates’ directory in our plugin containing the files re-wp-archive-product.php and re-wp-new-order.php.
$template_name returns the name of the WC template. In this case archive-product.php which is located in woocommerce/templates and admin-new-order.php which is in woocommerce/templates/emails. As a result, WooCommerce loads them from our custom directory.
Right? Well, yes, if your environment is up-to-date. Result of the last command should be like:
Renewing SSl cert for https://re-wp.com
Reload : nginx [OK]
SUCCESS: Certificate was successfully renewed For https://re-wp.com
Your cert will expire within 89 days.
Expiration DATE: Tue Sep 12 08:23:00 UTC 2017
You might come up to this problem, though:
Renewing SSl cert for https://re-wp.com
ERROR : Cannot RENEW SSL cert !
Your current cert already EXPIRED !
Check logs for reason tail /var/log/ee/ee.log & Try Again!!!
Let’s have a look at the logs then! Do you find there a line, stating like setuptools pkg_resources pip wheel failed with error code 1 ?
If so, then here is what you have to try:
Check if this solved the issues. Some people were happy to find it as a sole solution of the problem:
apt-get install letsencrypt
If that didn’t help, maybe this:
Here comes the long shot (which helped me personally):
apt-get install python-pip
pip install setuptools
pip install setuptools
pip install--upgrade setuptools
Running the command for renewing the certificate should work just fine this time.