Title: Custonis – Security Exposure Scanner
Author: custonis
Published: <strong>23 de març de 2026</strong>
Last modified: 21 de maig de 2026

---

Cerca extensions

![](https://ps.w.org/custonis-security-exposure-scanner/assets/banner-772x250.png?
rev=3497503)

![](https://ps.w.org/custonis-security-exposure-scanner/assets/icon-256x256.png?
rev=3497350)

# Custonis – Security Exposure Scanner

 Per [custonis](https://profiles.wordpress.org/custonis/)

[Baixa](https://downloads.wordpress.org/plugin/custonis-security-exposure-scanner.1.1.7.zip)

 * [Detalls](https://ca.wordpress.org/plugins/custonis-security-exposure-scanner/#description)
 * [Ressenyes](https://ca.wordpress.org/plugins/custonis-security-exposure-scanner/#reviews)
 *  [Instal·lació](https://ca.wordpress.org/plugins/custonis-security-exposure-scanner/#installation)
 * [Desenvolupament](https://ca.wordpress.org/plugins/custonis-security-exposure-scanner/#developers)

 [Suport](https://wordpress.org/support/plugin/custonis-security-exposure-scanner/)

## Descripció

Custonis detects publicly exposed files that should never be accessible on the internet.

Many WordPress websites unintentionally expose sensitive files such as:

 * database backups (.sql, .zip)
 * exported user or customer data
 * configuration files (.env, wp-config backups)
 * debug logs and error logs
 * development leftovers

These files are actively targeted by bots and attackers because they may expose:

 * database credentials
 * API keys
 * user data
 * internal system information

### Why Custonis?

Most security plugins focus on firewalls, malware or login protection.

Custonis focuses on a different but critical attack surface:

👉 Public file exposure

It helps you identify risks that are often overlooked and complements traditional
security plugins.

### Features

✔ Detect exposed backup files (.zip, .sql, .gz)
 ✔ Detect debug logs and error logs
✔ Detect configuration backups and sensitive files ✔ Detect exposed Git repositories
✔ Detect directory listing vulnerabilities ✔ Database health checks (large tables,
autoload size, transients, revisions) ✔ Severity classification (Critical / Elevated/
Low) ✔ Security score calculation ✔ Risk level indicator ✔ Exposure age tracking(
when issues first appeared) ✔ Detailed findings dashboard with explanations and 
fixes ✔ Scan history chart ✔ Fast and lightweight scanning ✔ 100% local scanning(
no external API calls)

### How it works

 1. Install and activate the plugin
 2. Open the Custonis dashboard
 3. Run a security scan
 4. Review detected exposures and fix issues

Custonis performs read-only scans and does not modify your website.

### 1.1.7

= Fixed =
 * Fixed missing «first detected» timestamps for findings * Fixed finding
lifecycle persistence across repeated scans * Fixed overly aggressive severity classification
for transient cache findings

#### Improved

 * Improved finding history tracking and exposure timeline accuracy
 * Improved database health severity evaluation
 * Improved consistency of finding status handling (new / existing)
 * More reliable exposure age tracking between scans

#### UX

 * Clearer exposure timeline information
 * More accurate risk presentation for database-related findings

### 1.1.6

= Fixed =
 * Fixed detection regression for publicly exposed debug.log files * Fixed
exposure validation issues on hosting environments returning soft-404 responses *
Fixed multiple false positives for non-existing backup and environment files

#### Improved

 * Improved HTTP exposure verification logic
 * Improved detection accuracy for publicly accessible files
 * Better filtering of invalid HTML fallback responses
 * More reliable validation of exposed backup archives and configuration files
 * Improved compatibility with modern hosting and caching setups

#### Security

 * Improved exposure validation for debug logs and backup files
 * Reduced risk of incorrect exposure reporting

#### UX

 * Cleaner and more trustworthy scan results
 * Reduced false positives and invalid findings

### 1.1.5

= Improved =
 * Significantly improved exposure detection accuracy * Reduced false
positives for backup and environment file detection * Improved validation of publicly
accessible files and directories * Better handling of soft-404 and fallback responses
on modern hosting environments * More reliable exposure verification logic

#### Security

 * Improved detection quality for exposed backup archives
 * Improved ENV file validation using content-based verification
 * Improved filtering of invalid exposure results

#### UX

 * Cleaner and more trustworthy scan results
 * Reduced noise from invalid findings

### 1.1.4

= Improved =
 * Fixed exposure timeline (first detected now tracked correctly) *
Improved consistency of finding history across scans * Enhanced score accuracy for
repeated findings

#### Added

 * Score breakdown (critical / elevated issues) directly in dashboard
 * More transparent risk evaluation for users

#### UX

 * Improved clarity of exposure age and status
 * Cleaner and more understandable dashboard feedback

### 1.1.3

 * Optimized false positives

### 1.1.2

 * Fixed version inconsistency in trunk

### 1.1.1

 * Fixed dashboard live stats not updating after scan
 * Improved scan result persistence

### 1.1

= Improved =
 * Significantly improved scan stability and execution flow * Optimized
background scanning process * More accurate live scan progress tracking * Improved
performance for large websites * Enhanced scan result storage and reliability * 
Refined dashboard UI and scan experience

#### Added

 * Improved filesystem scanning coverage
 * Enhanced database analysis
 * More precise detection of exposed files and risks
 * Better scan step handling and progress visualization

#### Internal

 * Codebase cleanup and structural improvements
 * Optimized AJAX handling and data flow

### 1.0.1

= Fixed =
 * Removed all Pro / license / cron related functionality for full compliance
with WordPress.org guidelines * Replaced external CDN (Chart.js) with local asset*
Fixed nonce handling (sanitization and validation) * Improved escaping for all output*
Improved file path handling using WordPress functions

### 1.0.0

= Initial release =
 * Exposure scanner * Severity detection (Critical / Elevated)*
Security score calculation * Exposure age detection * Findings dashboard * Scan 
history chart

## Captures

[⌊Dashboard overview⌉⌊Dashboard overview⌉[

Dashboard overview

[⌊Findings table with severity levels⌉⌊Findings table with severity levels⌉[

Findings table with severity levels

[⌊Security score and risk indicator⌉⌊Security score and risk indicator⌉[

Security score and risk indicator

[⌊Scan progress with live status⌉⌊Scan progress with live status⌉[

Scan progress with live status

[⌊Scan history chart⌉⌊Scan history chart⌉[

Scan history chart

[[

## Instal·lació

 1. Upload the plugin files to the /wp-content/plugins/custonis directory
 2. Activate the plugin through the WordPress plugins screen
 3. Open the Custonis dashboard
 4. Run your first scan

## PMF

### Does Custonis replace a full security plugin?

No. Custonis focuses specifically on exposed files and data leaks.
 It works best
alongside firewall or malware protection plugins.

### Does Custonis modify my website?

No. Custonis performs read-only scans and does not change any files or settings.

### Does the plugin connect to external services?

No. All scans are performed locally on your server.
 No data is transmitted externally.

### Is Custonis safe for production websites?

Yes. The scanner is lightweight and designed to run safely on live websites.

## Ressenyes

No hi ha ressenyes per a aquesta extensió.

## Col·laboradors i desenvolupadors

«Custonis – Security Exposure Scanner» és programari de codi obert. La següent gent
ha col·laborat en aquesta extensió.

Col·laboradors

 *   [ custonis ](https://profiles.wordpress.org/custonis/)

[Traduïu «Custonis – Security Exposure Scanner» a la vostra llengua.](https://translate.wordpress.org/projects/wp-plugins/custonis-security-exposure-scanner)

### Interessats en el desenvolupament?

[Navegueu pel codi](https://plugins.trac.wordpress.org/browser/custonis-security-exposure-scanner/),
baixeu-vos el [repositori SVN](https://plugins.svn.wordpress.org/custonis-security-exposure-scanner/),
o subscriviu-vos al [registre de desenvolupament](https://plugins.trac.wordpress.org/log/custonis-security-exposure-scanner/)
per [fisl de subscripció RSS](https://plugins.trac.wordpress.org/log/custonis-security-exposure-scanner/?limit=100&mode=stop_on_copy&format=rss).

## Meta

 *  Versió **1.1.7**
 *  Darrera actualització **fa 2 mesos**
 *  Instal·lacions actives **Menys de 10**
 *  Versió del WordPress ** 6.0 o posterior **
 *  Provada fins a **7.0**
 *  Versió del PHP ** 7.4 o posterior **
 *  Idioma
 * [English (US)](https://wordpress.org/plugins/custonis-security-exposure-scanner/)
 * Etiquetes
 * [Debug log](https://ca.wordpress.org/plugins/tags/debug-log/)[scanner](https://ca.wordpress.org/plugins/tags/scanner/)
   [security](https://ca.wordpress.org/plugins/tags/security/)
 *  [Vista avançada](https://ca.wordpress.org/plugins/custonis-security-exposure-scanner/advanced/)

## Valoracions

Encara no s'ha enviat cap ressenya.

[Your review](https://wordpress.org/support/plugin/custonis-security-exposure-scanner/reviews/#new-post)

[Visualitzeu totes les ressenyes](https://wordpress.org/support/plugin/custonis-security-exposure-scanner/reviews/)

## Col·laboradors

 *   [ custonis ](https://profiles.wordpress.org/custonis/)

## Suport

Teniu quelcom a dir? Necessiteu ajuda?

 [Visualitza els fòrums de suport](https://wordpress.org/support/plugin/custonis-security-exposure-scanner/)