AegisShield Security – Frequently Asked Questions (FAQ)

FREE: Not available.

PRO: Available.

What it does: Provides expanded, security-oriented health indicators beyond basic plugin status, helping you spot risk signals and environment issues earlier.

How to use it properly: Use this as a daily snapshot for posture monitoring. Treat changes as prompts to investigate (e.g., review recent activity, scan summaries, and configuration).

FREE: Not available.

PRO: Available.

What it does: Consolidates key outputs from integrity and malware workflows into a summarized view so you can quickly identify what changed and what needs action.

How to use it properly: Review after scheduled/manual scans. Use it to prioritize which findings to open (integrity diffs, suspect files, and timeline/incident views).

FREE: Not available.

PRO: Available.

What it does: Shows which advanced modules are enabled and contributing to coverage, so you can verify protection is active after updates or configuration changes.

How to use it properly: Check after plugin updates, license changes, or migrations to confirm all expected modules are enabled and enforcing correctly.

FREE: Not available.

PRO: Available.

What it does: Exports security activity logs for offline review, auditing, or sharing with a security team.

How to use it properly: Export logs during incident response, before retention cleanup, or when you need a permanent audit artifact.

FREE: Not available.

PRO: Available.

What it does: Enables more granular filtering across events (e.g., module, type, user, IP) to isolate relevant signals quickly.

How to use it properly: Use filters during investigations to reduce noise and focus on a specific timeframe, actor, or event type.

FREE: Not available.

PRO: Available.

What it does: Retains security logs longer than the default retention window for historical review and forensics.

How to use it properly: Enable extended retention for compliance-style needs or if you regularly do long-horizon investigations.

FREE: Not available.

PRO: Available.

What it does: Lets you create rule-based alerts that trigger on specific security events.

How to use it properly: Start with high-signal events only (repeated failures, malware detections, privilege changes) to prevent alert fatigue.

FREE: Not available.

PRO: Available.

What it does: Sends notifications when configured alert rules fire.

How to use it properly: Send to a monitored inbox (team/shared mailbox). Validate mail deliverability on your host and keep alert volume low.

FREE: Not available.

PRO: Available.

What it does: Allows alerts to be triggered by signals from multiple modules for better context.

How to use it properly: Prefer correlated rules (e.g., login abuse + file change) to raise confidence and reduce false positives.

FREE: Not available.

PRO: Available.

What it does: Displays tracked sessions and access activity to help identify suspicious logins or account sharing.

How to use it properly: Review after suspicious behavior, account lockouts, or user reports. Terminate/rotate credentials as needed.

FREE: Not available.

PRO: Available.

What it does: Allows fine-tuning of lockout thresholds and enforcement behavior.

How to use it properly: Use stricter settings for admin accounts and sensitive endpoints; keep reasonable thresholds for public sites to avoid user lockouts.

FREE: Not available.

PRO: Available.

What it does: Applies stronger request throttling to authentication flows to reduce brute-force and credential-stuffing impact.

How to use it properly: Enable during active abuse or as a baseline on sites with frequent login attempts. Monitor logs to confirm efficacy.

FREE: Not available.

PRO: Available.

What it does: Notifies admins when lockouts occur so you can distinguish attacks from user error.

How to use it properly: Use lockout alerts to spot ongoing abuse and respond quickly (tighten thresholds, block IPs, or enforce MFA).

FREE: Not available.

PRO: Available.

What it does: Presents a chronological incident-style timeline to help understand how suspicious activity unfolded.

How to use it properly: Use after detections to identify entry points, scope, and likely persistence. Pair with integrity diffs and remediation steps.

FREE: Not available.

PRO: Available.

What it does: Notifies admins when suspect/infected files are detected.

How to use it properly: Treat as urgent. Review the file, confirm integrity, and remediate promptly to prevent reinfection.

FREE: Not available.

PRO: Available.

What it does: Runs malware scans automatically on a schedule using WordPress scheduling.

How to use it properly: Schedule during off-peak hours. Start conservative (e.g., nightly/weekly), then adjust based on site size and risk.

FREE: Not available.

PRO: Available.

What it does: Adds contextual metrics to scan results to help you compare scans and spot anomalies.

How to use it properly: Track trends over time; sudden increases in suspect count or scanned files can indicate compromise or drift.

FREE: Not available.

PRO: Available.

What it does: Correlates malware findings with integrity changes and alert rules to increase confidence and speed response.

How to use it properly: Prioritize correlated findings first; they are typically higher confidence than a single isolated signal.

FREE: Not available.

PRO: Available.

What it does: Tracks database table growth to detect abnormal expansion (bloat, attack artifacts, or plugin misbehavior).

How to use it properly: Review growth deltas weekly/monthly. Investigate sudden spikes and clean/optimize carefully.

FREE: Not available.

PRO: Available.

What it does: Safely changes your WordPress database prefix to reduce automated targeting and improve hygiene.

How to use it properly: Always run Preview first, ensure a backup exists, and perform changes during a maintenance window.

FREE: Not available.

PRO: Available.

What it does: Creates a safety backup prior to applying prefix changes.

How to use it properly: Do not proceed without a verified backup and a rollback plan. Store backups securely.

FREE: Not available.

PRO: Available.

What it does: Simulates the prefix change and lists impacted objects without writing changes.

How to use it properly: Use Preview to verify all tables and prefix-bound keys are accounted for before Apply.

FREE: Not available.

PRO: Available.

What it does: Updates important internal keys that embed the prefix (e.g., capabilities/roles-related keys), preventing broken permissions after renaming.

How to use it properly: This should be treated as mandatory when changing prefixes; it prevents login/role failures.

FREE: Not available.

PRO: Available.

What it does: Restores the prior database state if issues occur after applying prefix changes.

How to use it properly: If access breaks or errors spike post-change, rollback immediately and diagnose before re-attempting.

FREE: Not available.

PRO: Available.

What it does: Gives control over how many rows are shown per page in tables/logs.

How to use it properly: Increase pagination for investigations; keep it lower for everyday monitoring to stay responsive.

FREE: Not available.

PRO: Available.

What it does: Records sensitive database-related actions into the central activity log for auditing.

How to use it properly: Use this for traceability—especially around prefix changes and other high-impact operations.