Every layer a WordPress site needs.
Four subsystems, one plugin, one license. Below: the full surface area, organised by responsibility. Skim the column titles, then dig in.
Web Application Firewall
- ›Early-load WAF runs as a must-use plugin before WordPress core
- ›25 OWASP-aligned rules: SQLi, XSS, RCE, LFI, command injection, scanner UAs
- ›ReDoS-protected regex with per-pattern backtrack limits and timeout enforcement
- ›Cloud signature updates pulled per tier (Free / Pro / Business)
AI & ML detection
- ›Behavioral anomaly detection on every request
- ›Semantic scanner for obfuscated payloads (base64, hex, split-string)
- ›Threat analyzer combines local heuristics with cloud intelligence
- ›WAF learning mode — adaptive thresholds based on your real traffic
Threat intelligence
- ›AbuseIPDB integration with circuit-breaker (won’t hang requests if the upstream is slow)
- ›GeoIP country blocking
- ›Tor exit-node and VPN detection
- ›Global IP reputation aggregated across every protected install
Hardening & monitoring
- ›File-integrity monitoring with automatic restoration of tampered core files
- ›WP core/plugin/theme vulnerability scanner (CVE feed)
- ›Structured audit logging + production error tracking
- ›Outbound webhooks for SIEM / SOAR pipelines
What unlocks at every tier.
Free is functional, not a teaser — it covers the regex pack and early WAF. Pro adds the semantic AI scanner and the threat-intel feed; Business adds operational tooling (multi-site view, attack map, custom rules).
Regex pattern scanner
Free
Early-boot WAF
Free
WP hardening checks
Free
Semantic AI scanner
Pro
Cloud threat intel
Pro
Email + WhatsApp alerts
Pro
Central dashboard
Business
Real-time attack map
Business
Webhook / SIEM out
Business
Custom alert rules
Business