Safe Sites

Safe Sites provides advanced security features to help keep your WordPress website safe from threats. With real-time monitoring, detailed security insights, and easy-to-use permission management, you can ensure your site is always protected.

Key Features

• Smart File Permission Control – Easily manage file permissions based on your server type (Windows/Linux).
• Visual File Permissions Map – See a color-coded structure of your site’s file security.
• Malware Scanner – Analyze your domain, URLs, and HTML security headers for vulnerabilities.
• Security Dashboard – View a complete overview of your site’s security health.
• Plugin & Theme Security – Detect vulnerabilities in plugins and themes and receive alerts.
• SSL Configuration & Status – Verify SSL status and ensure a secure connection.
• Server & Site Health Info – Get details on your WordPress version, PHP version, and database info.
• DNS & URL Security Analysis – Scan for blacklist issues and check security headers.

Detailed Features

General Security & Server Health:

• SSL Status – Check if SSL is active for secure connections.
• Site Health & Server Info – Displays PHP version, database version, and server details.

Security Monitoring & Protection:

• File Permissions Management:
  • Windows Servers – Show file read/write permissions.
  • Linux Servers – Display numeric file permissions along with current and recommended settings.
  • Fix Permissions – Select files and fix incorrect permissions directly.
• Visual File Permission Map – Interactive file structure with security indicators.

Malware & Security Scanner:

• Domain & URL Analysis – Scan domain and URLs for malware.
• Security Header & DNS Scan – Check security headers and DNS settings.
• Alert System – Receive alerts for detected threats.

WordPress Management & Security:

• Plugin & Theme Security:
  • Vulnerability Scanner – Check for known security flaws.
  • Inactive Plugin Alerts – Warns about inactive components that pose risks.
• Security Dashboard – A centralized panel for all security settings.

External Services Used

Safe Sites relies on the following third-party services for security analysis and malware detection. Below is a detailed breakdown of what each service does, what data is sent, and where you can review their policies:

1. JSONPlaceholder API

Purpose: Used to fetch demo user data for the demo block feature.

What data is sent & when?
– The plugin makes GET requests to JSONPlaceholder’s users endpoint when loading the demo block in the editor.
– No user data is sent to the service; it only receives GET requests.
– Data is cached for 7 days to minimize API calls.

Terms of Service & Privacy Policy:
– JSONPlaceholder Terms
– This is a free fake API for testing and prototyping.

2. VirusTotal API

Purpose: Used to scan file hashes for malware detection and security threats.

What data is sent & when?
– When a user initiates a manual malware scan, the plugin sends file hashes to VirusTotal for analysis.
– No actual file contents are sent—only the hash values of files are transmitted.

Terms of Service & Privacy Policy:
– VirusTotal Terms of Service
– VirusTotal Privacy Policy