WordPress.org

Jawa

Get WordPress
WordPress.org

Plugin Directory

Nyambush

Nyambush

Dening y1uda
Ngundhuh

Katrangan

Nyambush is an Attack Surface Management (ASM) plugin that connects your WordPress site to the Nyambush platform for continuous security monitoring.

Features:

  • Automatic Environment Scanning – Collects WordPress version, PHP version, installed plugins, themes, and security configuration
  • Vulnerability Detection – Cross-references your plugins and themes against known vulnerability databases
  • Dashboard Widget – View your security status at a glance from the WordPress admin dashboard
  • Scheduled Sync – Automatically syncs your site data at configurable intervals
  • Encrypted API Key Storage – Your API key is encrypted at rest using AES-256-GCM
  • Data Minimization – Only collects configuration data; never collects passwords, database credentials, or post content

How It Works:

  1. Sign up at nyambush.app and add your domain
  2. Generate a WordPress verification API key
  3. Install this plugin and enter your API key
  4. Your site will be automatically monitored for vulnerabilities

Privacy:

This plugin sends the following data to nyambush.app:

  • WordPress and PHP versions
  • List of installed plugins and themes (names, versions, active status)
  • Number of users by role
  • Debug mode and SSL status
  • File permissions for critical files (wp-config.php, .htaccess)

No passwords, database credentials, post content, or personal user data is collected or transmitted.

Pemasangan

  1. Upload the nyambush folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Go to Settings Nyambush
  4. Enter your API key from nyambush.app
  5. Click “Save Settings” to connect

FAQ

Where do I get an API key?

Sign up at nyambush.app, add your domain, and select “WordPress Plugin” as the verification method. You will receive an API key.

What data does this plugin collect?

The plugin collects non-sensitive configuration data: WordPress/PHP versions, installed plugins and themes (names and versions), user role counts, debug mode status, SSL status, and file permissions for critical files. No passwords, database credentials, or post content is ever collected.

Does this plugin slow down my site?

No. Data collection only occurs during scheduled sync events (twice daily by default) or when you manually trigger a sync from the admin panel. It does not affect frontend performance.

Is my API key stored securely?

Yes. Your API key is encrypted using AES-256-GCM (authenticated encryption) before being stored in the database. The encryption key is derived from your WordPress auth salt.

What WordPress versions are supported?

This plugin supports WordPress 4.0 and above.

Mācā ulang

There are no reviews for this plugin.

Contributors & Developers

“Nyambush” is open source software. The following people have contributed to this plugin.

Kontributor

Translate “Nyambush” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Caathetan Owahan

1.0.2

  • Bump minimum PHP version from 5.6 to 7.0

1.0.0

  • Initial release
  • WordPress environment data collection
  • Nyambush platform integration
  • Dashboard vulnerability widget
  • Scheduled and manual sync
  • AES-256-GCM API key encryption
  • Japanese language support

Meta

Peringkat

No reviews have been submitted yet.

Add my review

See all reviews

Kontributor

Sokong

Got something to say? Need help?

View support forum

Donate

Would you like to support the advancement of this plugin?

Donate to this plugin