Nice but

This is a good security plugin, but why are most of the settings disabled as standard? And why are there no options at the audit log? You can’t even deactivate logging and this bloats the database. The only way is to insert cryptic code in the functions and that’s not user friendly.