WordPress Security Modules

VistoShield provides 14 security modules managed from one EU-hosted cloud dashboard.

Available Modules

🔍 Security Scanner

File integrity monitoring, malware detection, and vulnerability scanning. Checks WordPress core files against official checksums, scans for malicious patterns, and identifies known vulnerabilities.

Read Security Scanner documentation →

🛡 Firewall & WAF

WordPress Application Firewall with 7 rule categories (SQLi, XSS, LFI, RFI, RCE, Scanner Detection, Comment Spam). Includes security hardening checklist and HTTP security headers management.

Read Firewall documentation →

🤖 Bot Detector

User-Agent signature matching with 143+ patterns. Behavioral scoring engine assigns suspicion scores (0-100). Cloudflare-style inline controls for Block/Challenge/Allow/Monitor per signature.

Read Bot Detector documentation →

🔒 Login Guard

Brute force protection with progressive lockouts (5min → 15min → 24h). TOTP two-factor authentication. Hidden honeypot field. Login attempt logging with CSV export.

Read Login Guard documentation →

📋 Activity Log

Comprehensive security event monitoring — logins, content changes, plugin/theme actions, settings changes. Alert rules with email, Slack, and webhook notifications. GDPR-compliant.

Read Activity Log documentation →

📡 Live Traffic

Real-time HTTP request monitoring. Watch every request hitting your server — filter by humans, bots, and blocked traffic. User agent analysis, geographic origin data, and response code tracking.

Read Live Traffic documentation →

☁️ Cloud Dashboard

Centralized security management across all your sites. Multi-site overview, automated PDF reports, team management, alerts, and incident workflows — all from one EU-hosted interface.

Read Cloud Dashboard documentation →

Installation

  1. Go to Plugins → Add New in your WordPress admin
  2. Search for "VistoShield"
  3. Click Install Now then Activate

Or download from GitHub Releases and upload via Plugins → Add New → Upload Plugin.

Unified Dashboard

All VistoShield modules share a single VistoShield menu in the WordPress admin sidebar. A central dashboard shows summary cards for all enabled modules with live statistics.

Server Integration

All modules can optionally connect to the VistoShield Linux daemon running on the same server. This enables WordPress-level detections to feed into the server-level firewall for complete protection.

Configure the integration in each module's Settings tab → VistoShield Server section.