বৰ্ণনা
Improve your site’s security posture and configuration health with monitoring and recommendations.
Webfiable Info is the on-site companion for the Webfiable security service (https://webfiable.com). It securely gathers information about your site’s WordPress version, plugins, themes, and basic site metadata and registers your site with Webfiable so you can receive ongoing reports via email. You stay in control: consent is explicit, and the public endpoint is opt-in and verified on save.
During the white march period, there is no separate signup or billing – the plugin registers your site automatically from the settings screen and you can use the service for free. A subscription may be required in the future; we will notify administrators well in advance.
Features
- One-click registration: Enter a report recipient email, grant consent, and enable the endpoint; Webfiable Info verifies the endpoint and registers the site automatically.
- Opt-in endpoint: The public
/webfiableendpoint is disabled by default and verified when enabled. If verification or registration fails, the plugin safely disables it. - Consent-aware behavior: Turning off consent simply saves your choice and disables the endpoint; you can re-enable later.
- Lightweight by design: No heavy background jobs; the endpoint serves inventory on demand and runs in milliseconds.
- Secure by default: Uses hybrid encryption (AES-256 + RSA-2048) to transport data.
- Part of the Webfiable service: Currently in white march (early access) and free to use; a subscription may be required in the future. Learn more at https://webfiable.com.
Security Features
Webfiable Info is built with security at its core, ensuring that your website’s data is protected at every stage:
- Hybrid Encryption: Combines AES and RSA. The inventory is encrypted with AES-256-CBC; the AES key is encrypted with RSA-2048.
- Fresh IV per response: Each response uses a new IV so ciphertext is always unique.
- Public endpoint, private content: The
/webfiableendpoint can be accessed by anyone, but the payload is encrypted for Webfiable only. - Rate limiting: Basic per-IP rate limiting reduces abuse.
Why It Is Secure
- Strong transport: AES-256 for data, RSA-2048 for the key – only Webfiable can decrypt.
- Unique IVs: Each response is unique even for identical content.
- Minimal inventory: Only software inventory and basic metadata needed for analysis; no credentials or content are collected.
License
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
ইনষ্টলেশ্যন
- Download the
webfiable-info.zipfile to your computer. - Log in to your WordPress admin dashboard.
- Go to
Plugins > Add New. - Click the
Upload Pluginbutton at the top of the page. - Click
Choose Fileand select thewebfiable-info.zipfile you downloaded. - Click
Install Now. - Once the installation is complete, click
Activate Plugin.
After activation:
- Go to
Settings -> Webfiable Info. - Enter the report recipient email and check the consent box.
- Enable the
/webfiableendpoint and clickSave settings. - The plugin verifies the endpoint and completes registration. If verification fails, the endpoint will be disabled and a notice explains what to fix.
সঘনাই উত্থাপিত প্ৰশ্ন
-
Do I need a Webfiable subscription?
-
Not during the white march (early access). The plugin registers your site automatically from the settings screen and you can use the service for free. A subscription may be required in the future. We will provide clear notice and a smooth upgrade path. See https://webfiable.com for updates.
-
How is my data secured?
-
Data is encrypted on your site before transport using AES-256-CBC. The AES key is encrypted with RSA-2048 so only Webfiable can decrypt the payload.
-
What information is collected?
-
Minimal inventory only: site URL, WordPress version, installed plugins and themes (name, slug, version, short description), a site identifier, consent timestamp, and the email you provide for reports. No user content or credentials.
-
What happens if I disable consent?
-
Your preference is saved immediately, and the
/webfiableendpoint is turned off. You can re-enable consent and the endpoint at any time from Settings. -
Why did registration fail?
-
The plugin enables and verifies the endpoint before registering. If your server blocks loopback requests, permalinks are misconfigured, or the OpenSSL PHP extension is missing, verification may fail. Fix the issue and click
Save settingsagain – the plugin will retry.
পৰ্য্যালোচনা
এই প্লাগিনৰ বাবে কোনো পৰ্য্যালোচনা নাই।
অৱদানকাৰী আৰু বিকাশকাৰীসকল
“Webfiable Info” হৈছে মুক্ত উৎসৰ ছফ্টৱেৰ। এইসকল লোকে এই প্লাগিনত অৱদান আগবঢ়াইছে।
অৱদানকাৰীসকল
আপোনাৰ ভাষাত “Webfiable Info” অনুবাদ কৰক।
বিকাশৰ প্ৰতি আগ্ৰহী?
ক’ড ব্ৰাউজ কৰক, SVN ৰিপজিটৰী চাওক নাইবা RSS-দ্বাৰা বিকাশৰ পঞ্জী ছাবস্ক্ৰাইব কৰক।
সলনি-পঞ্জী
2.0.3
- Resolve Plugin Check (PCP) warnings by trimming short description and updating translation loader.
2.0.2
- Finalize release packaging so WordPress.org distributions only include production files.
2.0.1
- Ensure WordPress.org releases exclude development-only files.
2.0.0
- New settings page under Settings -> Webfiable Info.
- Opt-in
/webfiableendpoint with on-save verification. - Automatic customer registration after successful verification.
- Consent gating that saves your choice and disables the endpoint when consent is off.
- Improved notices and lightweight, reliable design.
1.4
- Initial release with AES-256/RSA-2048 hybrid encryption.