Installing the wpscan utility on Ubuntu allows non-invasive scanning of a website running WordPress to find any vulnerabilities. This is very useful to run on your own website, then you may fix any problems presented after the scanning is complete. This helps ensure that your WordPress blog is as secure as you can make it.
To install wpscan on Ubuntu, firstly install all prerequisites for installation.
┌──[jason@192.168.1.2]─[~] └──╼ ╼ $ sudo apt install patch build-essential zlib1g-dev liblzma-dev ruby-dev |
Then install the required Ruby gems for the wpscan utility to operate.
┌──[jason@192.168.1.2]─[~] └──╼ ╼ $ sudo gem install nokogiri |
Then, install wpscan easily.
┌──[jason@192.168.1.2]─[~] └──╼ ╼ $ sudo gem install wpscan |
Then run it like this to scan a WordPress website.
┌──[jason@192.168.1.2]─[~] └──╼ ╼ $ wpscan --url http://www.exampleblog.com/ |
This will return information about the WordPress version and any plugins found, as well as folders with directory listing enabled. This can be fruitful at certain times.