Title: Lockora Security Audit Author: Guido Schad Published: 20 مايو، 2026 Last modified: 23 مايو، 2026 --- البحث عن الإضافات ![](https://ps.w.org/lockora-security-audit/assets/icon-256x256.png?rev=3540179) # Lockora Security Audit بواسطة [Guido Schad](https://profiles.wordpress.org/cmdgw/) [تنزيل](https://downloads.wordpress.org/plugin/lockora-security-audit.0.1.2.zip) * [تفاصيل](https://ar.wordpress.org/plugins/lockora-security-audit/#description) * [المراجعات](https://ar.wordpress.org/plugins/lockora-security-audit/#reviews) * [التنصيب](https://ar.wordpress.org/plugins/lockora-security-audit/#installation) * [التطوير](https://ar.wordpress.org/plugins/lockora-security-audit/#developers) [الدعم](https://wordpress.org/support/plugin/lockora-security-audit/) ## الوصف Lockora Security Audit helps site owners and agencies review a WordPress site’s security posture from the admin area. Current prototype features include: * Manual security scans. * Weighted security score out of 100. * WordPress core file integrity checks using official checksums. * WordPress authentication key and salt checks, with an explicit action to generate missing salts. * Must-use plugin directory presence checks. * PHP version status using WordPress.org Serve Happy data. * HTTPS and HTTP security header checks. * WordPress core, plugin, and theme update posture checks. * Administrator account posture checks for default usernames, excess admins, inactive admins, user ID 1 exposure, and an admin username/email inventory. * Optional known vulnerability matching with a configured Wordfence Intelligence API key. * Optional AI client reports on WordPress 7.0+ when the site’s AI Connector is configured. * Reversible hardening toggles for XML-RPC, REST user routes, generator tag output, and basic security headers. ### External Services Lockora Security Audit may connect to external services only when the administrator runs a scan or generates an AI client report. WordPress.org APIs: * Used for WordPress core checksums, PHP version support status, and WordPress core/plugin/theme update data. * Data sent: the site’s WordPress version and locale for core checksums and PHP compatibility; WordPress itself may send installed plugin and theme slugs/versions to WordPress.org when update data is refreshed. * WordPress.org terms: https://wordpress.org/about/terms/ * WordPress.org privacy policy: https://wordpress.org/about/privacy/ Wordfence Intelligence: * Optional. * Used only when a Wordfence Intelligence API key is configured and an administrator runs a scan that includes vulnerability matching.* Used to retrieve vulnerability data and match it locally against installed WordPress core, plugin, and theme versions. * Data sent: the configured Wordfence Intelligence API key is sent in an Authorization header when requesting the vulnerability feed. Installed software details are not sent by this plugin to the Wordfence Intelligence endpoint; matching is performed locally after the feed is retrieved. * Wordfence Intelligence terms: https://www.wordfence.com/wordfence-intelligence-terms-and-conditions/* Wordfence privacy policy: https://www.wordfence.com/privacy-policy/ WordPress AI Client / Connectors: * Optional. * Used only when the administrator clicks Generate Client Report. * Data sent: sanitized scan findings, score, counts, and recommendations needed to generate a client-facing report. The plugin is designed not to send passwords, salts, API keys, raw logs, full user lists, or file contents.* The configured AI provider is controlled by the site owner’s WordPress Connector settings. * Terms and privacy policy: these depend on the AI provider configured by the site owner in WordPress. Site owners should review the selected provider’s terms and privacy policy before enabling AI reports. ## التنصيب 1. Upload the `lockora-security-audit` folder to `/wp-content/plugins/`. 2. Activate Lockora Security Audit from the Plugins screen. 3. Go to Tools > Lockora Security Audit. 4. Click Run Scan. ## الأسئلة المتكررّة ### Does Lockora Security Audit fix every issue automatically? No. It provides reversible hardening toggles for selected low-risk settings. Other findings should be reviewed by an administrator, developer, or host. ### Does Lockora Security Audit require AI? No. The scanner works without AI on WordPress 6.0 and newer. AI client reports are optional and require WordPress 7.0 or newer with AI Client support plus a configured AI Connector. ### Does Lockora Security Audit include a vulnerability database? No. It can optionally use a configured Wordfence Intelligence API key for known vulnerability matching. ### Does Lockora Security Audit send secrets to AI providers? The plugin is designed to send sanitized scan findings only. It does not intentionally send passwords, salts, API keys, raw logs, user lists, or file contents. ## المراجعات ![](https://secure.gravatar.com/avatar/6fc3b62319f5ba421e69fa3d0f52499a6b5b3efa6fad7410d488cd9e5ce194a3? s=60&d=retro&r=g) ### 󠀁[Best security plugin I’ve used in years — flawless Claude AI integration](https://wordpress.org/support/topic/best-security-plugin-ive-used-in-years-flawless-claude-ai-integration/)󠁿 [callaf](https://profiles.wordpress.org/callaf/) 30 مايو، 2026 I’ve tested a lot of WordPress security plugins over the years, and Lockora Security Audit is genuinely the best I’ve seen in a long time. The audit engine is thorough, fast, and easy to understand even if you’re not a security expert. It flagged a few hardening issues on my site that other tools completely missed, and the recommendations were clear and actionable. What really sets it apart is the AI connection to Claude. It works perfectly … I can ask questions about scan results in plain language and get smart, contextual explanations and fixes right inside the dashboard. It turns a normally tedious security review into something quick and almost enjoyable. Setup was painless, performance impact is negligible, and it just works. Highly recommended for anyone who takes their site security seriously. Five stars! ![](https://secure.gravatar.com/avatar/01ca6885f4ee9e50021cd307793981c73288bec8c0e1ddc8364a2df8b6e09110? s=60&d=retro&r=g) ### 󠀁[Top WordPress Security Plugin for WP 7](https://wordpress.org/support/topic/top-wordpress-security-plugin-for-wp-7/)󠁿 [michaelseri](https://profiles.wordpress.org/michaelseri/) 21 مايو، 2026 Lockora is I think the first WordPress security audit which can implement AI into your security audit automatically and it works beautifully. Not a real malware scanner but shows within seconds if your system has been altered and which steps you need to take to harden your installation. 5/5 !! [ إقرأ جميع المراجعات 2 ](https://wordpress.org/support/plugin/lockora-security-audit/reviews/) ## المساهمون والمطوّرون “Lockora Security Audit” هو برنامج مفتوح المصدر. وقد ساهم هؤلاء الأشخاص بالأسفل في هذه الإضافة. المساهمون * [ Guido Schad ](https://profiles.wordpress.org/cmdgw/) [ترجمة ”Lockora Security Audit“ إلى لغتك.](https://translate.wordpress.org/projects/wp-plugins/lockora-security-audit) ### مُهتم بالتطوير؟ [تصفّح الشفرة](https://plugins.trac.wordpress.org/browser/lockora-security-audit/)، تحقق من [مستودع SVN](https://plugins.svn.wordpress.org/lockora-security-audit/)، أو الاشتراك في [سجل التطوير](https://plugins.trac.wordpress.org/log/lockora-security-audit/) بواسطة [RSS](https://plugins.trac.wordpress.org/log/lockora-security-audit/?limit=100&mode=stop_on_copy&format=rss). ## سجل التغييرات #### 0.1.2 * Lowered the required WordPress version to 6.0 for non-AI security scanning and hardening checks. * Kept AI client reports disabled unless WordPress 7.0+ AI Client support is available. #### 0.1.1 * Fixed HTTP security header scanning when a server returns duplicate headers as arrays. #### 0.1.0 * Initial prototype with manual scans, hardening checks, core integrity checks, PHP version checks, vulnerability posture checks, optional Wordfence feed matching, and optional client-ready AI reports. ## ميتا Meta * Version **0.1.2** * Last updated **قبل أسبوع واحد** * Active installations **60+** * WordPress version ** 6.0 أو أعلى ** * Tested up to **7.0** * PHP version ** 7.4 أو أعلى ** * Language * [English (US)](https://wordpress.org/plugins/lockora-security-audit/) * Tags * [AI](https://ar.wordpress.org/plugins/tags/ai/)[hardening](https://ar.wordpress.org/plugins/tags/hardening/) [security](https://ar.wordpress.org/plugins/tags/security/)[site health](https://ar.wordpress.org/plugins/tags/site-health/) [vulnerability scanner](https://ar.wordpress.org/plugins/tags/vulnerability-scanner/) * [عرض متقدم](https://ar.wordpress.org/plugins/lockora-security-audit/advanced/) ## التقييم 5 من 5 نجوم. * [ 2 5-star reviews ](https://wordpress.org/support/plugin/lockora-security-audit/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/lockora-security-audit/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/lockora-security-audit/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/lockora-security-audit/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/lockora-security-audit/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/lockora-security-audit/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/lockora-security-audit/reviews/) ## المساهمون * [ Guido Schad ](https://profiles.wordpress.org/cmdgw/) ## الدعم لديك شيء لتقوله؟ بحاجة الى مساعدة؟ [عرض منتدى الدعم](https://wordpress.org/support/plugin/lockora-security-audit/)