Security scanning built
for WordPress infrastructure
No plugin required. WPSecuritas analyses your WordPress site from the outside — Cloudflare configuration, email authentication, and WordPress exposure — and tells you exactly what needs fixing.
What gets checked
Edge & Cloudflare
- Cloudflare proxy status
- WAF and Bot Fight Mode
- HSTS configuration
- Security response headers
- TLS reachability
WordPress Exposure
- XML-RPC endpoint
- User enumeration
- REST API user list
- Version disclosure
- Login page exposure
Email Security
- SPF record validity
- DMARC policy
- MTA-STS configuration
- DNSSEC delegation