Title: MJP Security Tools
Author: zackdesign
Published: <strong>7 de juny de 2010</strong>
Last modified: 23 de febrer de 2026

---

Cerca extensions

![](https://s.w.org/plugins/geopattern-icon/mjp-security-plugin.svg)

# MJP Security Tools

 Per [zackdesign](https://profiles.wordpress.org/zackdesign/)

[Baixa](https://downloads.wordpress.org/plugin/mjp-security-plugin.2.0.0.zip)

 * [Detalls](https://ca.wordpress.org/plugins/mjp-security-plugin/#description)
 * [Ressenyes](https://ca.wordpress.org/plugins/mjp-security-plugin/#reviews)
 *  [Instal·lació](https://ca.wordpress.org/plugins/mjp-security-plugin/#installation)
 * [Desenvolupament](https://ca.wordpress.org/plugins/mjp-security-plugin/#developers)

 [Suport](https://wordpress.org/support/plugin/mjp-security-plugin/)

## Descripció

MJP Security Tools is a focused hardening plugin that does four things well:

 * **XSS Database Scanner** — scans every table for `<script>`, `<iframe>`, `onclick`,`
   javascript:` and other injection patterns
 * **POST Request Log** — records all POST data (passwords masked) with IP, user
   agent, and URL for CSRF/audit detection
 * **Failed Login Log** — tracks every failed login attempt with username, IP, and
   timestamp
 * **File Permission Checker** — verifies WordPress root files and directories have
   safe permissions, checks for missing `index.html` files and SVN working copies

**What this plugin does NOT do** (because WordPress core already handles it):

 * SSL enforcement — use `FORCE_SSL_ADMIN` or let WordPress 5.7+ auto-redirect
 * Password strength — WordPress core enforces strong passwords since 4.3
 * Login rate limiting — use a dedicated plugin like Limit Login Attempts Reloaded
 * Version number hiding — marginal benefit, not worth the complexity

**Upgrading from v1.x:**

 * The admin page has moved from jQuery UI tabs to native WordPress nav tabs
 * SSL forcing, password enforcement, login throttling, version hiding, admin username
   changing, database prefix randomization, password reset, and .htaccess generation
   have been removed — WordPress core and dedicated security plugins handle these
   better
 * PHP sessions replaced with WP transients for flash messages
 * Log data is now stored as JSON instead of serialized PHP
 * The Javacrypt client-side crypt(3) script has been removed

## Instal·lació

 1. Upload the `mjp-security-plugin` folder to `/wp-content/plugins/`
 2. Activate through the Plugins menu
 3. Go to Tools > MJP Security Tools

## PMF

### What happened to all the other features?

WordPress 6.x handles SSL, password strength, and many security basics natively.
Rather than duplicating core functionality, v2.0.0 focuses on the four features 
that WordPress does NOT provide out of the box: XSS scanning, POST logging, failed
login logging, and file permission checking.

### Is this a replacement for Wordfence/iThemes?

No — those are comprehensive security suites. MJP Security Tools is a lightweight
auditing companion that provides specific database scanning and logging features.

## Ressenyes

No hi ha ressenyes per a aquesta extensió.

## Col·laboradors i desenvolupadors

«MJP Security Tools» és programari de codi obert. La següent gent ha col·laborat
en aquesta extensió.

Col·laboradors

 *   [ zackdesign ](https://profiles.wordpress.org/zackdesign/)
 *   [ AliasIO ](https://profiles.wordpress.org/elbertf/)

[Traduïu «MJP Security Tools» a la vostra llengua.](https://translate.wordpress.org/projects/wp-plugins/mjp-security-plugin)

### Interessats en el desenvolupament?

[Navegueu pel codi](https://plugins.trac.wordpress.org/browser/mjp-security-plugin/),
baixeu-vos el [repositori SVN](https://plugins.svn.wordpress.org/mjp-security-plugin/),
o subscriviu-vos al [registre de desenvolupament](https://plugins.trac.wordpress.org/log/mjp-security-plugin/)
per [fisl de subscripció RSS](https://plugins.trac.wordpress.org/log/mjp-security-plugin/?limit=100&mode=stop_on_copy&format=rss).

## Registre de canvis

#### 2.0.0

 * Rewrite: focused on 4 core features — XSS scanner, POST log, failed login log,
   file permissions
 * Removed: SSL forcing, password enforcement, login throttling, version hiding (
   handled by WP core)
 * Removed: Admin username changer, DB prefix randomizer, password reset all users,.
   htaccess generator
 * Removed: jQuery UI 1.8.10 dependency and Javacrypt crypt(3) JavaScript (~500 
   lines)
 * Removed: PHP sessions — uses WP transients for flash messages
 * New: Native WordPress nav-tab interface (no jQuery UI)
 * New: Dedicated CSS/JS assets instead of inline styles and CDN links
 * New: Clear log buttons for POST and failed login logs
 * New: Log data stored as JSON instead of serialized PHP
 * New: File permission scan limited to 2 levels deep (prevents timeout on large
   installs)
 * Fixed: HTML parse error in admin template (missing `>` on div tag)
 * Fixed: Admin page uses dedicated slug instead of `__FILE__`
 * Changed: Requires WordPress 6.0+

#### 1.2.1

 * Fixed PHP 8.1 deprecation: get_option() returning false passed to substr()

#### 1.2.0

 * PHP 8.x compatibility fixes
 * Replaced deprecated functions and constants
 * Tested with WP 6.9.1

#### 1.1

 * Tested in WP 3.3.2

#### 1.0

 * First Release

## Meta

 *  Versió **2.0.0**
 *  Darrera actualització **fa 3 mesos**
 *  Instal·lacions actives **10+**
 *  Versió del WordPress ** 6.0 o posterior **
 *  Provada fins a **6.9.4**
 *  Versió del PHP ** 7.4 o posterior **
 *  Idioma
 * [English (US)](https://wordpress.org/plugins/mjp-security-plugin/)
 * Etiquetes
 * [audit](https://ca.wordpress.org/plugins/tags/audit/)[login](https://ca.wordpress.org/plugins/tags/login/)
   [permissions](https://ca.wordpress.org/plugins/tags/permissions/)[security](https://ca.wordpress.org/plugins/tags/security/)
   [xss](https://ca.wordpress.org/plugins/tags/xss/)
 *  [Vista avançada](https://ca.wordpress.org/plugins/mjp-security-plugin/advanced/)

## Valoracions

Encara no s'ha enviat cap ressenya.

[Your review](https://wordpress.org/support/plugin/mjp-security-plugin/reviews/#new-post)

[Visualitzeu totes les ressenyes](https://wordpress.org/support/plugin/mjp-security-plugin/reviews/)

## Col·laboradors

 *   [ zackdesign ](https://profiles.wordpress.org/zackdesign/)
 *   [ AliasIO ](https://profiles.wordpress.org/elbertf/)

## Suport

Teniu quelcom a dir? Necessiteu ajuda?

 [Visualitza els fòrums de suport](https://wordpress.org/support/plugin/mjp-security-plugin/)

## Feu una donació

Voleu ajudar a què l’extensió millori?

 [ Feu una donació a aquesta extensió ](https://zackdesign.biz/)