First WordPress.org release. All cloud and external service features remain opt-in by default.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3587349,"resolution":"128x128","location":"assets","locale":"","width":128,"height":131},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3587349,"resolution":"256x256","location":"assets","locale":"","width":256,"height":261}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3587349,"resolution":"1544x500","location":"assets","locale":"","width":1554,"height":354},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3587349,"resolution":"772x250","location":"assets","locale":"","width":772,"height":249}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.2.5"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Security dashboard with grade score and threat overview","2":"Onboarding wizard \u2014 3-step setup","3":"Live traffic monitoring panel","4":"Firewall and Cloudflare settings","5":"Session manager \u2014 active devices list"}},"plugin_section":[262246],"plugin_tags":[1174,602,55021,600,9217],"plugin_category":[38,54],"plugin_contributors":[253123],"plugin_business_model":[],"class_list":["post-319217","plugin","type-plugin","status-publish","hentry","plugin_section-dashboard-widgets","plugin_tags-firewall","plugin_tags-login","plugin_tags-malware-scanner","plugin_tags-security","plugin_tags-two-factor","plugin_category-authentication","plugin_category-security-and-spam-protection","plugin_contributors-syeedalireza","plugin_committers-syeedalireza"],"banners":{"banner":"https:\/\/ps.w.org\/aria-security-suite\/assets\/banner-772x250.png?rev=3587349","banner_2x":"https:\/\/ps.w.org\/aria-security-suite\/assets\/banner-1544x500.png?rev=3587349","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/aria-security-suite\/assets\/icon-128x128.png?rev=3587349","icon_2x":"https:\/\/ps.w.org\/aria-security-suite\/assets\/icon-256x256.png?rev=3587349","generated":false},"screenshots":[],"raw_content":"\n
Aria Security Suite<\/strong> is a modular, production-ready security plugin for WordPress. It delivers enterprise-level protection layers that work standalone on your server<\/strong> \u2014 and can optionally connect to your own Enterprise Security API<\/strong> for centralized WAF decisions, integrity checks, and reporting.<\/p>\n\n Built with clean PHP architecture (PSR-4), a modern AJAX admin experience, and privacy-first defaults: no outbound calls until you configure and enable each feature.<\/strong><\/p>\n\n Connect your own API endpoint for WAF offload, heartbeat health checks, hash verification, ban reporting, quota lookups, and vulnerability intelligence. Credentials are stored encrypted; every request is signed with HMAC-SHA256<\/strong>.<\/p>\n\n Developers:<\/strong> Alireza Aminazdeh<\/a> \u00b7 syeedalireza<\/a> This plugin may connect to third-party or external services only when you explicitly enable and configure the related feature<\/strong>. No outbound tracking or data collection occurs by default.<\/p>\n\n When you enter an API Base URL, Site ID, and Secret Key under API & Connection<\/strong>, the plugin can send signed requests to your configured Enterprise Security API for features such as WAF decisions, heartbeat health checks, hash integrity verification, ban reporting, quota lookups, and (if opted in) vulnerability scanning.<\/p>\n\n Data sent:<\/strong> Request metadata (IP, path, HTTP method, user-agent, query parameter names), security event logs, file hashes, and\u2014only when the Vulnerability Scanner opt-in is enabled\u2014installed plugin slugs and versions.<\/p>\n\n When:<\/strong> Only after credentials are saved and the relevant feature is turned on. Heartbeat runs on WP-Cron when the API is configured. Plugin inventory is sent only when the Vulnerability Scanner opt-in is enabled.<\/p>\n\n Service provider:<\/strong> Your own Enterprise Security API endpoint (URL you provide). You are responsible for that service's terms and privacy policy.<\/p>\n\n When Cloudflare integration<\/strong> is enabled and you provide a Zone ID and API token, the plugin calls the Cloudflare API to create firewall access rules that block malicious IP addresses at the CDN edge.<\/p>\n\n Data sent:<\/strong> IP addresses of blocked visitors and a short note identifying the block source.<\/p>\n\n When:<\/strong> Only after you enable Cloudflare integration and supply credentials, and only when a local security rule triggers an IP ban.<\/p>\n\n Service provider:<\/strong> Cloudflare, Inc. \u2014 Terms of Use<\/a>, Privacy Policy<\/a>.<\/p>\n\n When Geo-Blocking<\/strong> is enabled and you configure blocked countries, the plugin queries ip-api.com to resolve a visitor's country code from their IP address.<\/p>\n\n Data sent:<\/strong> The visitor's IP address.<\/p>\n\n When:<\/strong> Only when Geo-Blocking is enabled, a country block list is configured, and the country for an IP is not already cached locally (results are cached for 24 hours).<\/p>\n\n Service provider:<\/strong> ip-api.com \u2014 Terms & Legal<\/a>, Privacy Policy<\/a>.<\/p>\n\n When you add Slack, Telegram, or generic webhook URLs under Alerts & Notifications<\/strong>, the plugin POSTs JSON alert payloads to those URLs when security events occur.<\/p>\n\n Data sent:<\/strong> Alert severity, message text, and contextual fields (e.g., IP address, event type).<\/p>\n\n When:<\/strong> Only after you save a webhook URL and a qualifying security event fires.<\/p>\n\n Service provider:<\/strong> The third-party service behind the URL you provide (e.g., Slack, Telegram). See their respective terms and privacy policies.<\/p>\n\n\n Copy For more reliable background jobs than WP-Cron alone:<\/p>\n\n No. Malware scanning, log synchronization, and integrity checks run in the background using WP-Cron or Action Scheduler. Your front-end TTFB is unaffected.<\/p><\/dd>\n No. Remote API calls, vulnerability scanning, Cloudflare blocking, geo lookups, and webhooks are all opt-in<\/strong> and remain off until you configure and enable them.<\/p><\/dd>\n When the local firewall detects a malicious IP (brute-force, honeypot trigger, etc.), it can automatically push a block rule to Cloudflare \u2014 but only if you have enabled integration and provided API credentials.<\/p><\/dd>\nWhy Aria Security Suite?<\/h4>\n\n
\n
Setup & Dashboard<\/h4>\n\n
\n
Login & Authentication<\/h4>\n\n
\n
wp-login.php<\/code> with a custom secret URL.<\/li>\nFirewall & Network (WAF)<\/h4>\n\n
\n
uploads<\/code> via .htaccess<\/code> \/ web.config<\/code>.<\/li>\nxmlrpc.php<\/code> to stop pingback and brute-force vectors.<\/li>\n<\/ul>\n\nScanners & Integrity<\/h4>\n\n
\n
eval<\/code>, base64_decode<\/code>, obfuscated code).<\/li>\nSpam & Intrusion Prevention<\/h4>\n\n
\n
Monitoring, Logging & Alerts<\/h4>\n\n
\n
Hardening & Headers<\/h4>\n\n
\n
Optional Enterprise API<\/h4>\n\n
\nWebsites:<\/strong> aryait.net<\/a> \u00b7 ariacoder.ir<\/a><\/p>\n\nExternal services<\/h3>\n\n
Enterprise Security API (optional)<\/h4>\n\n
Cloudflare API (optional)<\/h4>\n\n
ip-api.com (optional)<\/h4>\n\n
User-configured webhooks (optional)<\/h4>\n\n
\n
aria-security-suite<\/code> folder to \/wp-content\/plugins\/<\/code>.<\/li>\nMU-Plugin early load (optional)<\/h4>\n\n
extras\/aria-security-suite-mu-loader.php<\/code> to wp-content\/mu-plugins\/<\/code> to load protection before regular plugins. Do not activate the plugin twice.<\/p>\n\nAction Scheduler (recommended)<\/h4>\n\n
composer require woocommerce\/action-scheduler\n<\/code><\/pre>\n\n\n\n
Does this plugin slow down my site?<\/h3><\/dt>\n
Is my data sent anywhere without permission?<\/h3><\/dt>\n
How does Cloudflare integration work?<\/h3><\/dt>\n