Title: BoonRisk – Site Security Check & Report Author: Boon Band Published: 2026 年 2 月 16 日 Last modified: 2026 年 2 月 16 日 --- 搜索插件 ![](https://ps.w.org/boonrisk-site-security-check-report/assets/banner-772x250.png? rev=3462732) ![](https://ps.w.org/boonrisk-site-security-check-report/assets/icon-256x256.png? rev=3462732) # BoonRisk – Site Security Check & Report 作者:[Boon Band](https://profiles.wordpress.org/boonband/) [下载](https://downloads.wordpress.org/plugin/boonrisk-site-security-check-report.1.0.2.zip) * [详情](https://cn.wordpress.org/plugins/boonrisk-site-security-check-report/#description) * [评价](https://cn.wordpress.org/plugins/boonrisk-site-security-check-report/#reviews) * [安装](https://cn.wordpress.org/plugins/boonrisk-site-security-check-report/#installation) * [开发进展](https://cn.wordpress.org/plugins/boonrisk-site-security-check-report/#developers) [支持](https://wordpress.org/support/plugin/boonrisk-site-security-check-report/) ## 描述 BoonRisk gives you a **clear security and readiness report** for your WordPress site. See exactly what security risks exist, why they matter, and what to do about them — all explained in plain language. **Safe & Read-Only:** This plugin only reads your site configuration. It does not scan files, block traffic, or make any changes to your WordPress installation. #### What You Get * **Security Check Report** — See your site’s security status: PHP version, WordPress updates, user settings, HTTPS, and 30+ configuration checks * **Clear Explanations** — Every finding explains “why this matters” and “what to do about it” in plain language * **Prioritized Risks** — Top risks ranked by impact so you know what to fix first * **Printable Report** — Professional HTML report you can view, print, or share directly from WordPress admin #### What This Plugin Does NOT Do (100% Safe) * **No file scanning** — Does not scan your files or look for malware * **No traffic blocking** — Does not act as a firewall or block visitors * **No site changes** — Does not modify settings, files, or database * **No active testing** — Does not simulate attacks or run security scans * **Read-only analysis** — Only reads your configuration, never writes or changes anything #### Who Is It For? * **Site owners** — Understand your security risks without technical expertise * **Freelancers & agencies** — Generate client-ready reports in minutes * **Developers** — Quick baseline check before or after deployments * **Teams** — Consistent security reporting across multiple WordPress sites #### Free Security Check (No Account Required) Run a complete security and readiness check instantly — 100% local, no data sent anywhere: * **Overall Risk Level** — Clear Low/Medium/High rating with explanation of what it means * **Top Risks First** — See your biggest security issues ranked by impact * **30+ Configuration Checks** — WordPress updates, PHP version, HTTPS, user permissions, backups, 2FA, debug mode, and more * **Action Plan** — Every issue includes “why it matters” and “how to fix it” * **Professional Report** — Printable HTML report you can view in WordPress admin or share with your team **What you’ll learn:** “Is my site at risk?” and “What should I fix first?” **100% Private:** All checks run on your server. Nothing is sent externally. No account or email required. #### Optional: Web Dashboard Connect the plugin to the [BoonRisk web dashboard](https://boonrisk.com/) for additional capabilities (optional, requires free account): * **[Surface Scan](https://boonrisk.com/scanner/)** — External scan of your site’s public-facing security headers, SSL configuration, and exposed services * **Vulnerability Intelligence** — Known CVEs matched to your installed plugins and themes with severity ratings * **Continuous Monitoring** — Automatic daily checks with alerts when your security posture changes * **Track Over Time** — See how your site security improves (or changes) month over month * **PDF Reports** — Download professional reports to share with clients or management **Note:** The local security check is fully functional on its own. The web dashboard is completely optional. Learn more at [boonrisk.com](https://boonrisk.com/) ### How It Works #### Local Assessment (Default) 1. Install and activate the plugin 2. Go to **BoonRisk** **Local Assessment** 3. Click **Run Assessment Now** 4. View your Security Posture Summary and Top Risks 5. Click **View Full Report** for a printable HTML report All analysis happens on your server. Nothing is sent externally. #### Web Dashboard (Optional) 1. Create a free account at [boonrisk.com](https://boonrisk.com/) 2. Go to **BoonRisk** **Connect (Optional)** 3. Enter your API key 4. Send your assessment to the dashboard for vulnerability intelligence, surface scan, and monitoring External API calls only happen when you explicitly request them. ### Data Usage #### Local Assessment In local mode, **no data is sent externally**. All checks run inside WordPress. #### Web Dashboard (Optional) When you send data to the dashboard, the following is transmitted: * PHP and WordPress versions * Active plugin and theme names/versions * Configuration flags (debug mode, file editor status, etc.) What you get in return: * Known vulnerability data for your installed plugins and themes * Surface scan results for public-facing security * Severity context for identified risks * Historical trend data and monitoring alerts **What is never collected:** * User data or personal information * Passwords or credentials * Post/page content * Database contents * File contents Data is sent **only when you click** Send to Dashboard or enable automatic daily sync. No personal data is collected. ### Privacy Policy Read our full privacy policy at https://boonrisk.com/privacy ## 屏幕截图 * [[ * Security Posture Summary with risk level explanation ## 安装 1. Upload the plugin to `/wp-content/plugins/boonrisk/` or install through WordPress plugins 2. Activate through the ‘Plugins’ screen 3. Navigate to **BoonRisk** **Local Assessment** 4. Click **Run Assessment Now** — no setup required ## 常见问题 ### Do I need to register to use this plugin? No. Local assessment works immediately without any registration or API key. ### What’s the difference between the plugin and the web dashboard? The plugin runs 30+ configuration checks entirely on your server. The web dashboard( optional) adds external surface scanning, known vulnerability matching for your plugins and themes, continuous monitoring, and PDF reports. ### Does this plugin slow down my site? No. The plugin is read-only and only runs when you trigger an assessment from the admin panel. It has no impact on frontend performance. ### Is this a security plugin like Wordfence? No. BoonRisk is a security posture assessment tool, not a protection tool. It explains your configuration and risks but does not block traffic, scan for malware, or auto- fix issues. It works alongside any existing security plugin. ### Can I use this for client sites? Yes. The printable HTML report is designed to be shared. Run an assessment, click View Full Report, and print or save as PDF directly from your browser. With the optional web dashboard you can also generate PDF reports. ### Does this plugin make external connections? Only when you explicitly send data to the web dashboard (optional). Local assessment makes no external connections. ## 评价 此插件暂无评价。 ## 贡献者及开发者 「BoonRisk – Site Security Check & Report」是开源软件。 以下人员对此插件做出了贡献。 贡献者 * [ Boon Band ](https://profiles.wordpress.org/boonband/) [帮助将「BoonRisk – Site Security Check & Report」翻译成简体中文。](https://translate.wordpress.org/projects/wp-plugins/boonrisk-site-security-check-report) ### 对开发感兴趣吗? 您可以[浏览代码](https://plugins.trac.wordpress.org/browser/boonrisk-site-security-check-report/), 查看[SVN仓库](https://plugins.svn.wordpress.org/boonrisk-site-security-check-report/), 或通过[RSS](https://plugins.trac.wordpress.org/log/boonrisk-site-security-check-report/?limit=100&mode=stop_on_copy&format=rss) 订阅[开发日志](https://plugins.trac.wordpress.org/log/boonrisk-site-security-check-report/)。 ## 更新日志 #### 1.0.2 * Added sanitize_callback for register_setting() compliance * Fixed text domain to match plugin slug for community translations #### 1.0.0 * Initial public release * Local assessment mode (no registration required) * Security Posture Summary with human-readable risk level * Top Risks section prioritized by impact * 30 configuration checks across Security, Trust & Readiness * Printable HTML reports * Optional web dashboard integration for vulnerability intelligence * Read-only assessment with clear “what to do” guidance ## 额外信息 * 版本 **1.0.2** * 最后更新:**3 月前** * 活跃安装数量 **不到10** * WordPress 版本 ** 5.0 或更高版本 ** * 已测试的最高版本为 **6.9.4** * PHP 版本 ** 7.4 或更高版本 ** * 语言 * [English (US)](https://wordpress.org/plugins/boonrisk-site-security-check-report/) * 标签 * [audit](https://cn.wordpress.org/plugins/tags/audit/)[hardening](https://cn.wordpress.org/plugins/tags/hardening/) [security](https://cn.wordpress.org/plugins/tags/security/)[site health](https://cn.wordpress.org/plugins/tags/site-health/) [vulnerability](https://cn.wordpress.org/plugins/tags/vulnerability/) * [高级视图](https://cn.wordpress.org/plugins/boonrisk-site-security-check-report/advanced/) ## 评级 尚未提交反馈。 [Your review](https://wordpress.org/support/plugin/boonrisk-site-security-check-report/reviews/#new-post) [查看全部评论](https://wordpress.org/support/plugin/boonrisk-site-security-check-report/reviews/) ## 贡献者 * [ Boon Band ](https://profiles.wordpress.org/boonband/) ## 支持 有话要说吗?是否需要帮助? [查看支持论坛](https://wordpress.org/support/plugin/boonrisk-site-security-check-report/)