{"id":340018,"date":"2026-07-18T17:42:18","date_gmt":"2026-07-18T17:42:18","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/malware-guard-security\/"},"modified":"2026-07-18T18:27:03","modified_gmt":"2026-07-18T18:27:03","slug":"swairish-site-security","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/swairish-site-security\/","author":17753273,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"0.4.53","stable_tag":"0.4.53","tested":"7.0.2","requires":"6.0","requires_php":"7.4","requires_plugins":null,"header_name":"Swairish Site Security","header_author":"Swadhin Khan","header_description":"WordPress malware protection, audit logging, firewall controls, file scanning, hardening, and reporting.","assets_banners_color":"","last_updated":"2026-07-18 18:27:03","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/swadhinkhan.com\/wp-malware-guard\/","header_author_uri":"https:\/\/swadhinkhan.com\/","rating":0,"author_block_rating":0,"active_installs":0,"downloads":65,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"0.4.51":{"tag":"0.4.51","author":"ssswadhin","date":"2026-07-18 17:41:50"},"0.4.52":{"tag":"0.4.52","author":"ssswadhin","date":"2026-07-18 18:16:26"},"0.4.53":{"tag":"0.4.53","author":"ssswadhin","date":"2026-07-18 18:27:03"}},"upgrade_notice":[],"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3612905,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3612905,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["0.4.51","0.4.52","0.4.53"],"block_files":[],"assets_screenshots":{"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":3612886,"resolution":"1","location":"assets","locale":"","width":1560,"height":941},"screenshot-2.jpg":{"filename":"screenshot-2.jpg","revision":3612886,"resolution":"2","location":"assets","locale":"","width":1560,"height":941},"screenshot-3.jpg":{"filename":"screenshot-3.jpg","revision":3612886,"resolution":"3","location":"assets","locale":"","width":1560,"height":941},"screenshot-4.jpg":{"filename":"screenshot-4.jpg","revision":3612886,"resolution":"4","location":"assets","locale":"","width":1560,"height":2289}},"screenshots":{"1":"Security overview with monitored event counts, severity mix, top categories, and active response status.","2":"SOC dashboard with security mode, live event stream, severity and category summaries, and session correlation.","3":"WordPress hardening controls for login URL, XML-RPC, REST API, directory indexing, headers, and file permissions.","4":"Reports and evidence backups with HTML, A4 PDF, and protected download controls."}},"plugin_section":[],"plugin_tags":[8533,1174,31093,1184,600],"plugin_category":[54],"plugin_contributors":[266408],"plugin_business_model":[],"class_list":["post-340018","plugin","type-plugin","status-publish","hentry","plugin_tags-audit","plugin_tags-firewall","plugin_tags-hardening","plugin_tags-malware","plugin_tags-security","plugin_category-security-and-spam-protection","plugin_contributors-ssswadhin","plugin_committers-ssswadhin"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/swairish-site-security\/assets\/icon-128x128.png?rev=3612905","icon_2x":"https:\/\/ps.w.org\/swairish-site-security\/assets\/icon-256x256.png?rev=3612905","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/swairish-site-security\/assets\/screenshot-1.jpg?rev=3612886","caption":"Security overview with monitored event counts, severity mix, top categories, and active response status."},{"src":"https:\/\/ps.w.org\/swairish-site-security\/assets\/screenshot-2.jpg?rev=3612886","caption":"SOC dashboard with security mode, live event stream, severity and category summaries, and session correlation."},{"src":"https:\/\/ps.w.org\/swairish-site-security\/assets\/screenshot-3.jpg?rev=3612886","caption":"WordPress hardening controls for login URL, XML-RPC, REST API, directory indexing, headers, and file permissions."},{"src":"https:\/\/ps.w.org\/swairish-site-security\/assets\/screenshot-4.jpg?rev=3612886","caption":"Reports and evidence backups with HTML, A4 PDF, and protected download controls."}],"raw_content":"<!--section=description-->\n<p>Swairish Site Security helps site owners monitor and respond to WordPress security threats from wp-admin.<\/p>\n\n<p>Free features include:<\/p>\n\n<ul>\n<li>Security dashboard with event totals, severity mix, category summaries, and recent events.<\/li>\n<li>Audit event log with IP address, method, URI, user agent, severity, category, risk score, and context.<\/li>\n<li>Suspicious HTTP request detection for SQL injection, cross-site scripting, remote code execution, file inclusion, scanner probes, user enumeration, and upload indicators.<\/li>\n<li>Monitor or block firewall modes with manual IP\/CIDR blocklist controls.<\/li>\n<li>Rate limiting and login brute-force protection.<\/li>\n<li>Malware and file scanner for suspicious PHP, web-shell indicators, executable uploads, risky permissions, recent executable changes, and WordPress core checksum drift.<\/li>\n<li>Focused tools for suspicious files, sensitive files, file monitoring, obfuscated PHP, file permissions, core integrity, and quarantine response.<\/li>\n<li>Quarantine, restore, delete, and selected-finding CSV\/JSON export controls.<\/li>\n<li>Hardening options for XML-RPC, REST API restriction, WordPress version hiding, custom login URL, directory indexing, security headers, author enumeration, and file permission review.<\/li>\n<li>CAPTCHA protection with a built-in math challenge for WordPress and WooCommerce forms.<\/li>\n<li>HTML and A4 PDF security reports with site details, settings, recent events, hardening status, and scan summary.<\/li>\n<li>Evidence backup exports for incident handoff.<\/li>\n<li>CSV\/JSON compliance exports, retention cleanup, pagination, and bulk actions.<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the plugin ZIP from Plugins &gt; Add New &gt; Upload Plugin.<\/li>\n<li>Activate Swairish Site Security.<\/li>\n<li>Open Swairish Site Security in wp-admin.<\/li>\n<li>Review the dashboard, run a file scan, and adjust firewall\/hardening settings.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"does%20swairish%20site%20security%20block%20requests%20by%20default%3F\"><h3>Does Swairish Site Security block requests by default?<\/h3><\/dt>\n<dd><p>The default security mode is active, but the request firewall starts in monitor mode. You can switch blocking on from the firewall settings.<\/p><\/dd>\n<dt id=\"does%20the%20scanner%20delete%20files%20automatically%3F\"><h3>Does the scanner delete files automatically?<\/h3><\/dt>\n<dd><p>No. The scanner reports findings. Administrators choose whether to quarantine, restore, delete, or export selected findings.<\/p><\/dd>\n<dt id=\"does%20captcha%20require%20an%20external%20service%3F\"><h3>Does CAPTCHA require an external service?<\/h3><\/dt>\n<dd><p>No. This directory build uses the built-in math CAPTCHA and does not require an external service.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>0.4.53<\/h4>\n\n<ul>\n<li>Preserved real admin screenshot captions in the WordPress.org directory package and excluded listing assets from the plugin ZIP.<\/li>\n<\/ul>\n\n<h4>0.4.52<\/h4>\n\n<ul>\n<li>Added real installed-admin screenshots for the WordPress.org listing and product landing page.<\/li>\n<\/ul>\n\n<h4>0.4.51<\/h4>\n\n<ul>\n<li>Excluded the standalone Free dashboard presentation band from the WordPress.org package.<\/li>\n<\/ul>\n\n<h4>0.4.50<\/h4>\n\n<ul>\n<li>Finalized the standalone Free dashboard presentation band and package validation.<\/li>\n<\/ul>\n\n<h4>0.4.49<\/h4>\n\n<ul>\n<li>Kept the standalone Free dashboard banner independent of the Pro license client while preserving the WordPress.org-free build rule.<\/li>\n<\/ul>\n\n<h4>0.4.48<\/h4>\n\n<ul>\n<li>Added an optional dashboard presentation band for the standalone Free package.<\/li>\n<\/ul>\n\n<h4>0.4.47<\/h4>\n\n<ul>\n<li>Added translator context to the generated free CAPTCHA fallback used in the WordPress.org package.<\/li>\n<\/ul>\n\n<h4>0.4.46<\/h4>\n\n<ul>\n<li>Added translator context comments for dynamic security, scan, report, and admin messages in the WordPress.org build.<\/li>\n<\/ul>\n\n<h4>0.4.45<\/h4>\n\n<ul>\n<li>Preserved the verified public Plugin URI in the WordPress.org build and added package checks for report assets and metadata.<\/li>\n<\/ul>\n\n<h4>0.4.44<\/h4>\n\n<ul>\n<li>Corrected the review build's public Plugin URI, standalone report asset handling, and file-editor audit validation.<\/li>\n<\/ul>\n\n<h4>0.4.43<\/h4>\n\n<ul>\n<li>Renamed the public plugin to Swairish Site Security and requested the swairish-site-security directory slug.<\/li>\n<\/ul>\n\n<h4>0.4.42<\/h4>\n\n<ul>\n<li>Completed the Swairish Site Security naming consistency pass across public packages and documentation.<\/li>\n<\/ul>\n\n<h4>0.4.41<\/h4>\n\n<ul>\n<li>Rebranded the plugin and WordPress.org distribution as Swairish Site Security.<\/li>\n<\/ul>\n\n<h4>0.4.40<\/h4>\n\n<ul>\n<li>Made protected export download verification explicit before request data is read.<\/li>\n<\/ul>\n\n<h4>0.4.39<\/h4>\n\n<ul>\n<li>Completed the final WordPress.org package pass for static report assets and protected-download nonce handling.<\/li>\n<\/ul>\n\n<h4>0.4.38<\/h4>\n\n<ul>\n<li>Removed remaining hardcoded WordPress content paths from directory-build tools and removed unused paid-interface styling from the WordPress.org package.<\/li>\n<\/ul>\n\n<h4>0.4.37<\/h4>\n\n<ul>\n<li>Prepared the WordPress.org distribution for the pending review: a distinctive directory name and slug, packaged static report CSS, protected export storage, authenticated downloads, and uploads-directory quarantine storage.<\/li>\n<\/ul>\n\n<h4>0.4.36<\/h4>\n\n<ul>\n<li>Corrected WordPress.org package cleanup for external CAPTCHA setting validation.<\/li>\n<\/ul>\n\n<h4>0.4.35<\/h4>\n\n<ul>\n<li>Finalized the math-only CAPTCHA surface for the WordPress.org package.<\/li>\n<\/ul>\n\n<h4>0.4.34<\/h4>\n\n<ul>\n<li>Added recursive sanitization for submitted security settings.<\/li>\n<\/ul>\n\n<h4>0.4.33<\/h4>\n\n<ul>\n<li>Updated the WordPress.org package builder after translation-loader cleanup.<\/li>\n<\/ul>\n\n<h4>0.4.32<\/h4>\n\n<ul>\n<li>Made action nonce verification explicit and hardened read-only request handling for Plugin Check.<\/li>\n<\/ul>\n\n<h4>0.4.31<\/h4>\n\n<ul>\n<li>Fixed the free package event-count query and tightened timeline query validation.<\/li>\n<\/ul>\n\n<h4>0.4.30<\/h4>\n\n<ul>\n<li>Hardened prepared custom-table queries for the WordPress.org package.<\/li>\n<\/ul>\n\n<h4>0.4.29<\/h4>\n\n<ul>\n<li>Fixed the WordPress.org package cleanup for the built-in CAPTCHA settings.<\/li>\n<\/ul>\n\n<h4>0.4.28<\/h4>\n\n<ul>\n<li>Hardened the free directory build for WordPress.org Plugin Check compatibility.<\/li>\n<\/ul>\n\n<h4>0.4.27<\/h4>\n\n<ul>\n<li>Simplified historical package notes to keep the WordPress.org readme focused on the Free distribution.<\/li>\n<\/ul>\n\n<h4>0.4.26<\/h4>\n\n<h4>0.4.25<\/h4>\n\n<ul>\n<li>Improved generated Free and WordPress.org package hygiene.<\/li>\n<li>Fixed WordPress.org dashboard asset loading for the directory package slug.<\/li>\n<li>Added package validation for excluded commercial classes and routes.<\/li>\n<\/ul>\n\n<h4>0.4.24<\/h4>\n\n<ul>\n<li>Improved security event context used by reports and exports.<\/li>\n<li>Updated package metadata for the current release.<\/li>\n<\/ul>\n\n<h4>0.4.23<\/h4>\n\n<ul>\n<li>Improved release packaging and cleanup workflows.<\/li>\n<li>Kept the Free and WordPress.org ZIPs focused on their documented feature set.<\/li>\n<\/ul>\n\n<h4>0.4.22<\/h4>\n\n<ul>\n<li>Cleaned the regular Free ZIP and rebuilt the review-safe distribution.<\/li>\n<li>Kept the Free ZIP focused on its documented security, reporting, and evidence-export features.<\/li>\n<li>Rebuilt the WordPress.org package as a review-safe free distribution with matching normal and flat-root ZIP variants.<\/li>\n<\/ul>\n\n<h4>0.4.21<\/h4>\n\n<ul>\n<li>Prepared a clean WordPress.org free distribution package.<\/li>\n<li>Kept dashboard metric icons and the free security scanning, firewall, hardening, CAPTCHA, reporting, and evidence export workflows.<\/li>\n<\/ul>\n\n<h4>0.4.20<\/h4>\n\n<ul>\n<li>Added relevant icons to dashboard, SOC, scanner, timeline, and tool metric cards while keeping the existing colored stat shapes.<\/li>\n<\/ul>","raw_excerpt":"WordPress malware protection, audit logging, firewall controls, file scanning, hardening, CAPTCHA, and reports.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/340018","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=340018"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/ssswadhin"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=340018"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=340018"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=340018"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=340018"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=340018"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=340018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}