Title: WebKernelAI Security Author: Aamir Sahil Published: May 3, 2026 Last modified: May 8, 2026 --- Search plugins ![](https://ps.w.org/webkernelai-security/assets/banner-772x250.png?rev=3521382) ![](https://ps.w.org/webkernelai-security/assets/icon-256x256.png?rev=3521382) # WebKernelAI Security By [Aamir Sahil](https://profiles.wordpress.org/aamirsahil/) [Download](https://downloads.wordpress.org/plugin/webkernelai-security.1.0.2.zip) * [Details](https://wordpress.org/plugins/webkernelai-security/#description) * [Reviews](https://wordpress.org/plugins/webkernelai-security/#reviews) * [Installation](https://wordpress.org/plugins/webkernelai-security/#installation) * [Development](https://wordpress.org/plugins/webkernelai-security/#developers) [Support](https://wordpress.org/support/plugin/webkernelai-security/) ## Description WebKernelAI Security connects your WordPress site to the WebKernelAI platform. The plugin can: * expose secure token-authenticated REST endpoints for WebKernelAI dashboard actions * enforce signed requests with HMAC + timestamp + nonce replay protection * restrict API access to trusted WebKernelAI hosts * apply rate limiting for authentication attempts and security reporting endpoints * provide file hash inventory for integrity checks (hashes only, no file contents) * sync SEO metadata (title, description, canonical, OG fields) * apply security header and CSP configuration * support advanced CSP controls including manual policy editing for advanced users * apply robots.txt and llms.txt controls * apply random-page and taxonomy archive controls * enable granular per-endpoint feature controls for safer operations * support production lock profile and advanced security policy rollback history All analysis and recommendations run in WebKernelAI cloud. ### External services This plugin connects to WebKernelAI cloud services. It sends data to: * `https://webkernelai.com` * your configured WebKernelAI dashboard/backend endpoint What data is sent: * site connection data (site URL, API endpoint, token-authenticated requests) * file integrity data (path, SHA-256 hash, file size, modification time) * SEO sync payloads (IDs and configured metadata fields) * security/text control payloads (selected options and policy text) When data is sent: * when an administrator connects the site from WebKernelAI dashboard * when dashboard actions request scans, sync, or configuration apply operations Service links: * Terms of Service: https://webkernelai.com/terms * Privacy Policy: https://webkernelai.com/privacy ## Screenshots * [[ * [[ * [[ ## Installation 1. Upload the plugin folder to `/wp-content/plugins/` or install via the WordPress plugin screen. 2. Activate the plugin. 3. Go to **Settings -> WebKernelAI Security**. 4. Generate a site token and copy Site URL, API endpoint, and token into your WebKernelAI dashboard. ## FAQ ### Does this plugin send file contents to WebKernelAI? No. The plugin sends file metadata and hashes (for supported scan modes), not raw file contents. ### Can I disable headers or CSP? Yes. Header and CSP controls are configured from the WebKernelAI dashboard. ### Can I customize CSP manually? Yes. Advanced users can manually edit CSP policy directives from the dashboard integration and choose enforcement mode. ### Does the plugin protect against replayed API requests? Yes. Signed requests include freshness validation and nonce replay defense when advanced security mode is enabled. ### Can I roll back security policy changes? Yes. Advanced security policy versioning keeps history and supports rollback to a previous known-good configuration. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “WebKernelAI Security” is open source software. The following people have contributed to this plugin. Contributors * [ Aamir Sahil ](https://profiles.wordpress.org/aamirsahil/) [Translate “WebKernelAI Security” into your language.](https://translate.wordpress.org/projects/wp-plugins/webkernelai-security) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/webkernelai-security/), check out the [SVN repository](https://plugins.svn.wordpress.org/webkernelai-security/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/webkernelai-security/) by [RSS](https://plugins.trac.wordpress.org/log/webkernelai-security/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0.2 * Added advanced security mode with signed request validation (HMAC, nonce replay protection, and timestamp freshness checks). * Added trusted-origin host validation for plugin API access. * Added rate limiting controls for authentication and selected security endpoints. * Added production lock profile support and advanced security policy versioning with rollback history. * Added advanced CSP management support including optional manual policy editing. * Improved dashboard-facing error messaging and security configuration controls. #### 1.0.1 * WordPress.org compliance: unique `webkernelai_security_*` option keys, `WebKernelAI_Security_*` class names, `X-WebKernelAI-Security-Token` auth header, automated migration from legacy option names. #### 1.0.0 * Initial release. ## Meta * Version **1.0.2** * Last updated **15 hours ago** * Active installations **Fewer than 10** * WordPress version ** 6.2 or higher ** * Tested up to **6.9.4** * PHP version ** 7.4 or higher ** * Tags * [csp](https://wordpress.org/plugins/tags/csp/)[File Integrity](https://wordpress.org/plugins/tags/file-integrity/) [headers](https://wordpress.org/plugins/tags/headers/)[security](https://wordpress.org/plugins/tags/security/) [seo](https://wordpress.org/plugins/tags/seo/) * [Advanced View](https://wordpress.org/plugins/webkernelai-security/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/webkernelai-security/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/webkernelai-security/reviews/) ## Contributors * [ Aamir Sahil ](https://profiles.wordpress.org/aamirsahil/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/webkernelai-security/)