Registration FORM
Register
LOGIN FORM
login
| Feature / Benefit | Free | Pro |
|---|---|---|
| Core & Dashboard | ||
| Lightweight security framework optimized for shared hosting | β | β |
| Zero-bloat design that avoids heavy scans and server overload | β | β |
| Central AegisShield dashboard with overall security status and quick links | β | β |
| One-click enable/disable for major security modules (Login Guard, FIM, Malware, etc.) | β | β |
| Safe WP-Cron scheduling (no external schedulers or heavy daemons) | β | β |
| License & Upgrades page to manage your AegisShield Pro license key | β (view only) | β (activate & manage) |
| Login Guard | ||
| Protects wp-login.php and login form against brute-force attacks | β | β |
| Configurable lockout after X failed login attempts per IP in Y minutes | β | β |
| Lockout duration setting to automatically unblock after a safe period | β | β |
| Invisible honeypot field to instantly block bots that fill hidden inputs | β | β |
| View currently locked-out IPs and manually unblock from the admin panel | β | β |
| Login activity logged into the Activity Log (successful & failed attempts) | β (7-day history) | β (extended history) |
| File Integrity Monitoring | ||
| Create baseline checksums of core and plugin files to detect tampering | β | β |
| Manual βScan Nowβ file integrity scan with clean/changed status report | β | β |
| Scan history with ability to view past reports | β (limited) | β (extended) |
| Detect new, changed, or removed PHP/critical files in monitored paths | β | β |
| Ignore list to mark specific files or paths as safe so they donβt trigger alerts | β (basic) | β (advanced) |
| Include theme directories and additional custom paths in integrity scans | β | β |
| Automatic scheduled daily/weekly file integrity scans via WP-Cron | β | β |
| Email alerts when critical files are modified or suspicious changes are found | β | β |
| Malware & Suspicious Code Scanner | ||
| Manual malware scan focusing on uploads and plugin/theme folders | β | β |
| Heuristic detection of suspicious patterns (eval/base64, obfuscation, etc.) | β (core rules) | β (expanded rules) |
| List of suspicious files with brief reason/score for each finding | β | β (more detail) |
| βMark as safeβ / ignore options for files you trust to reduce noise | β | β (with better controls) |
| Malware scan results logged into the Activity Log for auditing | β (7-day history) | β (extended history) |
| Automatic scheduled malware scans (daily or weekly) | β | β |
| Email alerts when new suspicious or high-risk files are detected | β | β |
| Activity Log | ||
| Central activity log for security-relevant events (logins, role changes, plugins, etc.) | β | β |
| Filter logs by event type, date range, and basic parameters | β (basic filters) | β (advanced) |
| Configurable log retention with automatic cleanup | β (up to 7 days) | β (up to 90+ days) |
| Export activity logs to CSV/JSON for audits or external analysis | β | β |
| Webhook / integration hooks to push critical events into external tools | β | β (via hooks) |
| WordPress Hardening | ||
| Disable theme and plugin file editing from the WordPress dashboard | β | β |
| Disable XML-RPC endpoint to block common exploit and brute-force vectors | β | β |
| Block author enumeration (e.g. ?author=1) to prevent user enumeration attacks | β | β |
| Hide WordPress version from front-end output to reduce targeted exploits | β | β |
| Force strong passwords for higher-risk roles (admin/editor, etc.) | β | β |
| Force HTTPS/SSL for wp-admin to keep login and admin traffic encrypted | β | β |
| Additional advanced hardening checks and recommendations | β | β |
| Security Headers | ||
| Send safe default headers (X-Frame-Options, X-Content-Type-Options, X-XSS-Protection, Referrer-Policy) | β | β |
| Toggle security headers on/off with a simple UI switch | β | β |
| Enable HTTP Strict Transport Security (HSTS) with SSL-aware safety checks | β | β |
| Content-Security-Policy (CSP) presets (None / Basic / Strict) for advanced mitigation | β | β |
| Separate header control for front-end vs. admin area | β | β |
| Vulnerability Checks | ||
| Detect when WordPress core, plugins, or themes are out of date | β | β |
| Remote vulnerability intelligence via Pro API (known CVEs, severity, fixed versions) | β | β |
| Email alert when a critical vulnerability is discovered on your site stack | β | β |
| Database Tools | ||
| Database table overview (name, size, engine, rows) for quick health check | β | β |
| Manual safe βOptimize Nowβ for core tables | β | β |
| Warning when DB prefix is still the default wp_ value | β | β |
| Weekly scheduled optimization of tables via WP-Cron | β | β |
| Growth monitoring for large or rapidly expanding tables with email alerts | β | β |
| DB prefix manager and guided tools to safely change table prefix | β | β |
| Export database health summary and table list to CSV | β | β |
| Notifications & Email Alerts | ||
| Basic critical notifications sent to the main site admin email | β (limited) | β (enhanced) |
| Configure multiple recipient email addresses for security alerts | β | β |
| Per-event notification controls (choose which events send email) | β | β |
| Licensing & Pro Management | ||
| View βWhat You Get With Proβ and Pro feature descriptions inside the plugin | β | β |
| Enter and activate AegisShield Pro license key to unlock premium features | β | β |
| De-activate or move your Pro license between sites | β | β |
