Home Plugins webfiable info
Webfiable Info logo

Webfiable Info

by webfiable on WordPress.org

Webfiable is a monitoring plugin that provides insights into your site's health and security posture. Requires a free Webfiable subscription.

(0)

Ensure your website’s security posture and configuration health with monitoring and recommendations. Requires an active Webfiable subscription (currently free).

The Webfiable Info plugin is a component of the Webfiable security service, designed to help you maintain a robust security posture for your WordPress website. By securely gathering information about your site’s plugins, themes, and WordPress version, the plugin enables the Webfiable service to perform in-depth analysis and provide weekly recommendations tailored to your specific configuration.

To verify the plugin’s functionality, users and reviewers can visit the /webfiable endpoint on their website after activation. This endpoint provides encrypted website configuration data for security monitoring. An example of this can be seen at:

External Services

This plugin connects to the Webfiable API to:
1. Retrieve an RSA public key, which is required for encrypting website configuration data before making it available to the Webfiable service.
2. Expose encrypted website configuration data through the /webfiable endpoint, which is queried by app.webfiable.com to generate a security posture report.

Data Sent:
Public Key Retrieval: No user-specific data is sent; only a request to retrieve the RSA public key.
Configuration Data Transmission: The plugin encrypts and exposes the following website information at the /webfiable endpoint:
– Installed plugins (names, slugs, and versions).
– Installed themes (names, slugs, and versions).
– WordPress version.

When Data is Sent:
Public Key Retrieval: Occurs when encryption is required for the /webfiable endpoint.
Configuration Data Transmission: Happens when app.webfiable.com queries the /webfiable endpoint to fetch encrypted data for security posture reporting.

Service URL:
https://app.webfiable.com/public-key.json (for RSA key retrieval)

Terms of Service:
https://webfiable.com/terminos-de-servicio/

Privacy Policy:
https://webfiable.com/politica-privacidad/

Features

  • Simple and Reliable Design: Built with simplicity in mind, this plugin minimizes the risk of issues arising on your website and reduces the need for frequent updates, contributing to a stable and secure environment.
  • Lightweight and Efficient: The plugin is designed to be very lightweight, executing its tasks within seconds, and running no more than once per day, ensuring no impact on your website’s performance.
  • Secure Data Transmission: Utilizes advanced hybrid encryption (AES + RSA) to securely transmit data to the Webfiable service.
  • Proactive Security Monitoring: Enables continuous monitoring of your site’s security posture and configuration health.
  • Part of the Webfiable Service: Requires an active Webfiable subscription (currently free).

Security Features

Webfiable Info is built with security at its core, ensuring that your website’s data is protected at every stage:

  • Hybrid Encryption: Combines AES and RSA encryption to safeguard your data. The plugin uses AES-256 to encrypt the collected data, and then securely transmits the AES key by encrypting it with RSA-2048.
  • Initialization Vector (IV): Each data transmission uses a unique Initialization Vector (IV) to ensure that even identical data produces different ciphertexts, enhancing security.
  • RSA Key Management: The RSA encryption ensures that only the Webfiable service can decrypt the transmitted data, using a private key that remains secure on the Webfiable infrastructure.

How to Verify Plugin Functionality

Once installed and activated, users can verify the functionality of the Webfiable Info plugin by:

  1. Checking the /webfiable Endpoint: Visit https://yourwebsite.com/webfiable/ to confirm that the plugin is providing encrypted configuration data.
  2. Comparing with an Example Site: You can see an example of the plugin’s functionality at:
  3. Ensuring Data Security: The data exposed at this endpoint is encrypted and can only be decrypted by the Webfiable service.

License

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.

Active installations0+
Weekly downloads
9+0.00%
Version1.4
Last updated2/20/2025
WordPress version5.0
Tested up to6.7.2
Tags
monitoringsecuritywordpress security