Descrizione

Protect your WordPress website from hackers, malware, and security vulnerabilities with Security Ninja, a trusted WordPress security plugin since 2011. This all-in-one security solution safeguards your site with 50+ security tests, malware scanning, a firewall, brute force attack protection, and real-time vulnerability detection.

Security Ninja Plugin proactively identifies security risks, ensuring your WordPress website stays secure without slowing it down. With features like automated security scans, login protection, IP blocking, and two-factor authentication (2FA), it provides comprehensive website protection against cyber threats.

Whether you’re a beginner or an advanced user, Security Ninja is designed for effortless WordPress security management, keeping your site safe while you focus on growing your business. Install today and take control of your website’s security!

This plugin can be downloaded for free without any paid subscription from the official WordPress repository.

Security Ninja Installation and Setup Video Tutorial

Why Choose Security Ninja? – The Ultimate WordPress Security Plugin

Comprehensive Security Testing – Run 50+ WordPress security tests to detect vulnerabilities before hackers exploit them.
Enhanced Vulnerability Scanner – Stay ahead of emerging threats with proactive alerts for vulnerabilities.
Core Scanner – Find and remove modified and unwanted files in your WordPress core files.
Advanced Malware Scanner (PRO) – Identify and remove malicious code, hidden threats, and suspicious files instantly.
Powerful Firewall Protection (PRO) – Block brute-force attacks, unauthorized logins, and suspicious IPs with real-time security.
Secure Login & 2FA (PRO) – Strengthen your WordPress login page with Two-Factor Authentication (2FA) and login attempt limits.
Cloud-Based Threat Intelligence (PRO) – Stay ahead of cybercriminals with real-time updates on the latest security threats.
One-Click Security Fixes (PRO) – Fix security issues instantly with an easy-to-use, beginner-friendly dashboard.
Automated Security Scans & Reports (PRO) – Schedule scans and get detailed reports sent to your inbox.
Activity Log & User Tracking (PRO) – Track all user actions on your WordPress website with a detailed activity log and receive alerts for suspicious activity.

Key Features of Security Ninja – The Ultimate WordPress Security Plugin

Security Ninja is a powerful WordPress security plugin designed to protect your website from hackers, malware, brute-force attacks, and security vulnerabilities. With 50+ security tests, real-time malware scanning, a firewall, and login protection, Security Ninja keeps your WordPress site secure without slowing it down.

Comprehensive WordPress Security Testing

Security Ninja performs 50+ advanced security tests to identify vulnerabilities before hackers exploit them. This includes:

Brute-force protection – Blocks unauthorized login attempts to prevent forced entry.
File integrity monitoring – Detects unauthorized changes to WordPress core files, themes, and plugins.
Database security checks – Identifies weak database permissions and potential SQL injection threats.
User role audits – Ensures no unauthorized administrator accounts exist.
Security misconfiguration scans – Identifies and fixes weak settings that could compromise security.

Enhanced Vulnerability Scanner

Stay Ahead of Threats – Our vulnerability scanner proactively alerts you to known vulnerabilities, allowing you to address potential threats before they exploit your website.
Comprehensive Protection – Security Ninja not only checks and warns for common issues but also checks for known vulnerabilities in plugins and themes.
Peace of Mind – Knowing your site is monitored for the latest vulnerabilities means you can focus on what matters most, growing your business and creating content, worry-free.

Core Scanner – Comprehensive Protection for Your WordPress Installation

The Core Scanner module adds a critical layer of security by ensuring your WordPress installation remains untampered and free of unauthorized files.

Full Core File Integrity Check: Every file in your core WordPress folders is scanned to ensure it hasn’t been modified or compromised.
Detection of Unknown Files: The scanner flags any extra or unknown files in your core WordPress directories, alerting you to potential threats.
Built-in File Viewer: Review flagged files directly within your WordPress dashboard using the integrated file viewer for a clear and easy inspection.
Restore Core Files: If a core WordPress file has been altered, you can quickly restore it with a single click, ensuring your site is running the official version.
Easy File Management: For unknown or suspicious files, you have the option to delete them right from the interface, keeping your WordPress installation clean and secure.

Advanced Malware Scanner – Detect & Remove Malware Instantly (PRO)

Security Ninja includes a high-performance malware scanner that automatically checks your WordPress core, plugins and themes for:

Malicious scripts and backdoors – Identifies hidden malware and harmful injections.
Trojan and virus detection – Scans for suspicious PHP and JavaScript entries.
One-click malware removal – Instantly quarantine and delete infected files.

WordPress Firewall & Real-Time Threat Protection (PRO)

The Web Application Firewall (WAF) blocks hacker attempts, bot attacks, and brute-force login attempts before they can damage your site.

Real-time protection – Prevents malicious traffic and automated hacking attempts.
IP & Country Blocking – Restrict access from high-risk countries and blacklisted IPs.
Cloud-Based Threat Intelligence – Updated with the latest security threats.

Login Security & Two-Factor Authentication (2FA) (PRO)

Your WordPress login page is a primary target for hackers. Security Ninja enhances login security with:

Two-Factor Authentication (2FA) – Requires additional verification for safer logins.
Brute-force attack protection – Limits failed login attempts to block unauthorized access.
Rename login – Getting a lot of requests to your login form? Hide it for spammers.

One-Click Security Fixes & WordPress Hardening (PRO)

Manually fixing security issues is time-consuming. Security Ninja provides one-click hardening to:

Disable XML-RPC – Blocks common DDoS attacks and brute-force exploits.
Restrict file editing – Prevents unauthorized theme and plugin modifications.
Hide PHP error messages – Stops hackers from exploiting sensitive error details.

And many more fixes to harden your WordPress security!

Activity Log & User Tracking (PRO)

Keep track of all actions on your WordPress website with a detailed activity log:

Monitor failed login attempts, plugin activations, file changes, and user actions.
Receive email alerts whenever suspicious activity is detected.
Export security logs for audits and compliance reports.
The plugin includes webhook functionality so you can integrate with any other 3rd party service, maybe send updates in the company Slack channel when a hack attempt was thwarted?

Automated Security Scans & Reports (PRO)

Security Ninja performs scheduled security scans and sends reports directly to your inbox.

Set up daily, weekly, or monthly security scans.
Receive email alerts about vulnerabilities and malware infections.
Analyze detailed reports to keep your website secure.

Block Spam & Malicious Bots Instantly (PRO)

Hackers and spammers use bots to exploit WordPress websites. Security Ninja prevents:

Fake registrations and spam comments – Stops bots from even getting to your site.
Malicious bot attacks – Blocks scripts attempting to hack your site.
Unwanted traffic – Reduces server load by preventing unnecessary bot access.

Join thousands of satisfied users who trust Security Ninja to keep their websites safe. Start protecting your online presence today and help yourself to peace of mind.

Why Security Ninja is Best WordPress Security Plugin

Security Ninja is the best WordPress security plugin because it provides a comprehensive, lightweight, and easy-to-use solution to protect your website from hackers, malware, and vulnerabilities. With 50+ security tests, an advanced malware scanner, a firewall, and two-factor authentication (2FA), it ensures complete website protection without slowing down performance.

Unlike bloated security plugins, Security Ninja is optimized for speed and efficiency. It offers one-click security fixes, automated scans, real-time threat detection, and login protection, making it ideal for beginners and advanced users alike. Trusted since 2011, it keeps thousands of websites secure while offering proactive protection against cyber threats.

Estensioni

MainWP – MainWP Dashboard consente agli amministratori di gestire molti siti web WordPress da una posizione centrale.

Installa l’estensione GRATUITA Security Ninja for MainWP per avere una panoramica di tutti i siti web su cui è stato installato Security Ninja!

https://wordpress.org/plugins/security-ninja-for-mainwp/

Test di sicurezza per il tuo sito web

Security Ninja – Your WordPress Guardian

Key Features

Immediate Vulnerability Alerts: Get instant notifications about vulnerabilities to keep your website safe and secure.
Comprehensive One-click Security Audit: With just one click, perform over 50+ detailed security checks that scrutinize every corner of your site for security vulnerabilities and performance issues.
You’re in Command: Security Ninja respects your autonomy, providing insights and recommendations without making unsolicited changes to your site.
Holistic Security Evaluation: Comprehensive checks on everything from the WordPress core, plugins, and themes to ensure they are up-to-date and secure.
Proactive Defense Strategies: Equip yourself with the tools and knowledge to prevent attacks before they happen, safeguarding your site from potential threats.
Optimization Beyond Security: Improve your site’s performance with database optimization tips, ensuring a seamless experience for your users.
Knowledge: Each test comes with an easy-to-understand explanation, documentation, and actionable steps to fix identified issues.
Customized Security Insights: Tailored security assessments to check critical updates and configurations specific to your WordPress setup for a personalized protection strategy.
Future-Proof Your Site: Stay ahead with tests that include the latest WordPress features and best practices for site security.
Prevent Unauthorized Access: Strengthen your defenses with checks designed to prevent weak passwords and unauthorized file access.
Secure Configuration Checks: Ensure your website is configured according to security best practices, from file permissions to security headers, for comprehensive protection against threats.

Enhance your website’s security, performance, and user experience with Security Ninja – your trusted partner in WordPress protection.

Security Ninja Pro has extra features: Firewall, Block Suspicious Page Requests, Country Blocking, Core Scanner, Malware Scanner, Auto Fixer for some of the tests, Events Logger & Scheduled Scans.

Una soluzione di sicurezza all-in-one per qualsiasi sito. Grazie al supporto premium e ai continui aggiornamenti, Security Ninja Pro è uno strumento perfetto per mantenere il proprio sito al sicuro. Scopri cosa offre la versione PRO

Automatically block 600+ million bad IPs with one click! Security Ninja Pro Firewall will help you stay one step ahead of bad guys by using the collective know-how of millions of attacked sites, and ban bad guys before they even open your site.

Leggi tutto sulle caratteristiche Pro sul sito web di Security Ninja

Cosa dicono gli altri del plugin

Tests
* The tests include:
* brute-force attack on user accounts to test password strength
* numerous installation parameters tests
* file permissions
* version hiding
* 0-day exploits tests
* debug and auto-update modes tests
* database configuration tests
* Apache and PHP related tests
* WP options tests

Complete list of tests:
- Check if Application Passwords feature is enabled (new to WP 5.6)
- Controlla se il core di WordPress è aggiornato
- Controlla se gli aggiornamenti automatici del core di WordPress sono abilitati
- Controlla se i plugin sono aggiornati.
- Controlla se ci sono plugin disattivati
- Controlla se i plugin attivi sono stati aggiornati negli ultimi 12 mesi
- Controlla se i plugin attivi sono compatibili con la tua versione di WP
- Controlla se i temi sono aggiornati
- Controlla se ci sono temi disattivati
- Controlla se vengono mostrate tutte le informazioni sulla versione di WordPress del tuo sito nella pagina dei metadati.
- Controlla se i link API REST vengono mostrati nei metadati della pagina
- Controlla se la versione PHP è aggiornata
- Controlla la versione MySQL
- Controlla se gli header di risposta del server contengono informazioni dettagliate della versione PHP
- Controlla se la direttiva PHP expose_php è disattivata
- Controlla se esiste un utente con nome utente “amministratore”
- Controlla se l’opzione “Chiunque può registrarsi” è abilitata
- Controlla la sicurezza della password degli utenti con un attacco brutale
- Controlla se vengono visualizzate informazioni non necessarie in caso di tentativi di accesso non riusciti
- Controlla se il prefisso della tabella del database è quello predefinito
- Controlla se le chiavi di sicurezza e i sali hanno i valori corretti impostati
- Controlla l’età delle chiavi di sicurezza e dei sali
- Testa la forza della password del database di WordPress
- Controlla se la modalità debug generale è abilitata
- Controlla se il file debug.log esiste
- Controlla se la modalità debug database è abilitata
- Controlla se la modalità debug JavaScript è abilitata
- Controlla se la direttiva PHP display_errors è disattivata
- Controlla se l’indirizzo di installazione di WordPress è lo stesso del sito
- Controlla se il file wp-config.php ha impostate le autorizzazioni corrette(chmod)
- Controlla se la direttiva PHP register_globals è disattivata
- Controlla se la modalità sicura PHP è disabilitata
- Controlla se la direttiva PHP allow_url_include è disattivata
- Controlla se il file editor plugin/temi è abilitato
- Controlla se la cartella uploads è esplorabile
- Test if user with ID 1 and administrator role exists
- Check if Windows Live Writer link is present in pages’ header data
- Controlla se wp-config.php è presente nella posizione predefinita
- Controllare se il server MySQL è accessibile dall’esterno della rete locale con l’account WP
- Check if EditURI link is present in pages’ header data
- Controlla se lo script Timthumb è utilizzato nel tema attivo
- Controlla se il server è vulnerabile al bug Shellshock #6271
- Controlla se il server è vulnerabile al bug Shellshock #7169
- Controlla se l’interfaccia d’amministrazione viene trasmessa tramite SSL
- Controlla se l’account MySQL utilizzato da WordPress ha troppe autorizzazioni
- Test if a list of usernames can be fetched by looping through user IDs on http://siteurl.com/?author={ID} (also called username enumeration)
- Controlla se gli header di risposta del server contengono la Strict-Transport-Security
- Controlla se gli header di risposta del server contengono la X-Frame-Options
- Controlla se gli header di risposta del server contengono la X-Content-Type-Options
- Controlla se gli header di risposta del server contengono la Content-Security-Policy
- Controlla se gli header di risposta del server contengono la Strict-Transport-Security
- Controlla se gli header di risposta del server contengono la Referrer-Policy
- Controlla se gli header di risposta del server contengono la Feature-Policy
- Controlla se nella cartella principale ci sono dei file indesiderati che dovresti eliminare

Informazioni sulla licenza

jQuery Cookie Plugin, Copyright 2013 Klaus Hartl
Lo scanner delle vulnerabilità utilizza i dati dal National Vulnerability Database – NVD
Questo prodotto include i dati IP2Location LITE disponibili da https://lite.ip2location.com.
Questo plugin utilizza Persist Admin notice Dismissals by Collins Agbonghama @collizo4sky

How can I report security bugs?

You can report security bugs through the Patchstack Vulnerability Disclosure Program. The Patchstack team help validate, triage and handle any security vulnerabilities. Report a security vulnerability.

Screenshot

Fast & easy to understand interface.
Security Ninja test results are simple and easy to read.
Every test has a detailed explanation and instructions on how to fix the problem.
Vulnerable plugins list with details and recommendations – prevent known exploits in plugins.

Installazione

Installazione da WordPress

Apri la pagina di amministrazione di WordPress, vai in “Plugin” e fai clic su “Aggiungi nuovo”
Immetti “Security Ninja” in ricerca e premi “Invio”
Il plugin sarà il primo della lista, fai clic su “Installa ora”
Attiva e vai in Security Ninja per rendere più sicuro il tuo sito

Installazione manuale

Scarica il plugin.
Scompatta e carica in wp-content/plugin/
Apri la pagina di amministrazione di WordPress > Plugin e fai clic su “Attiva” accanto al plugin.
Attiva e vai in Security Ninja per rendere più sicuro il tuo sito

FAQ

A chi serve questo plugin?: Security Ninja is perfect for anyone looking to bolster their site’s defenses against hackers and ensure robust security.
Will this plugin slow down my site?: No significant slowdown occurs. You might notice a brief slow down during scanning, lasting less than a minute.
Will it work with my theme?: Yes, Security Ninja is designed to be compatible with all themes, ensuring wide-ranging applicability.
Quali cambi apporterà Security Ninja al mio sito?: Security Ninja performs diagnostics and offers recommendations without making any direct changes to your site.
How safe is this plugin?: Absolutely safe. It functions solely as a diagnostic tool, providing insights without altering your site.
Is using Security Ninja legal?: Yes, it’s completely legal for your own site. It’s designed to run tests on the site where it’s installed, aiding in your site’s security enhancement.
What if I encounter issues with the plugin?: While we strive for universal compatibility, if you face any issues, our support team is ready to assist. Visit our support forum to open a new thread, and we’ll help you as soon as possible.

Recensioni

skylabb 29 Agosto 2024 4 risposte

The only thing you can run is “Test your website security” which tells you where the vulnerabilities are. My site is hacked and want to find where the malware is,

Vassos Hadjivassiliou 19 Aprile 2024 1 risposta

If you’re in the WordPress game, WP Security Ninja is a total game-changer. Seriously, it’s like a secret weapon for developers. It’s so user-friendly, you’ll wonder why you didn’t snag it sooner. And let me tell you, I grabbed the Pro version, and man, no regrets whatsoever. It’s worth every single penny.

Bastbra 23 Settembre 2024

Hi, I’ve been using Security Ninja, and I am happy, but it’s getting on my nerves that the plugin asks for acceptance on every dashboard reload to use my data for “freemius.com”. If I click “No, thanks” or “x” it will reappear again and again and again. Is this the way to get users to accept it after 10 times? Edit: Now the new update even crashed the site down and only by luck it was possible to track the problem down (Security Ninja) and gain access again.

earthwormhenry 25 Ottobre 2023

No problems after one year works perfectly.

jrostinmagnin 11 Gennaio 2023

Resolves problem with log visitors very useful The problem was resolved within a day. Very good support

james030 3 Gennaio 2023

Very useful!

Leggi tutte le recensioni di 94

Contributi e sviluppo

“Security Ninja – WordPress Security Plugin & Firewall” è un software open source. Le persone che hanno contribuito allo sviluppo di questo plugin sono indicate di seguito.

“Security Ninja – WordPress Security Plugin & Firewall” è stato tradotto in 8 lingue. Grazie ai traduttori per i loro contributi.

Traduci “Security Ninja – WordPress Security Plugin & Firewall” nella tua lingua.

Ti interessa lo sviluppo?

Esplora il codice segui il repository SVN, segui il log delle modifiche tramite RSS.

Changelog

5.235

2025-05-13
NEW: “Overview” tab – Does exactly as it says, gives you a nice overview.
IMPROVED: Much improved interface, we have moved on from the traditional WordPress style and add a bit more color and flair. This is a work in progress but already the interface is much nicer to look at.
Added Fastpixel IPs to default whitelist.

5.234

2025-05-10
Enhanced WordPress Multisite compatibility and integration – thank you for reporting issues.
Resolved translation-related PHP warnings by updating language file loading to follow WordPress standards.
Introduced “What’s New” feature for Pro users to view changelog directly within the plugin.
Added welcome message for new plugin installations to improve user onboarding.

5.233

2025-04-07
Fixed problem with custom login for some users, sorry for the hassle.

5.232

2025-04-03
Rewrote activation code, removed race conditions that created issues for some users.
Improved visitor logging interface.

5.231

2025-04-03
Enhanced admin user monitoring with improved detection of direct database admin creation, added detailed email notifications for suspicious admin user creation, and improved logging of admin user creation events; thank you Jean.
Fixed translation loading timing issue in rename-login module to comply with WordPress 6.7.0 standards
Fix: Moved translation loading in Cloud Firewall module to init hook to comply with WordPress 6.7.0 requirements.
Enhancement: Improved whitelabel functionality with WordPress media uploader integration for plugin and menu icons.
Enhancement: Added image preview functionality for whitelabel icons.
Enhancement: Improved user experience in whitelabel settings with clear buttons for icon fields.

5.230

2025-03-31
Enhanced compatibility with Trafft Booking System – A workaround has been implemented to ensure seamless integration with our plugin, even when the Trafft Booking System is active.

5.229

2025-03-20
Added checks for the unecessary themes to include theme from 2025, thank you Troy.
Added fix for incorrect CSP header values in the auto-fixer. Saving a header value containing a URL could lead to incorrect values being saved. Thank you Maxime.
Cleaning up temporary files – Thank you Heath.
Fixed: Scheduled Scanner now correctly respects the “Send an email only when test results change” setting, preventing daily emails when no changes are detected. Thank you Jean.
Fixed: Added a database update routine to fix missing URL column in visitor log table that was causing errors. Thank you Jean for reporting this issue.
Fixed: WordPress version detection issue, thanks to Tom for pointing it out.
Change: Renamed the license file from license.txt to license_key.txt for better clarity and consistency, this prevents overlap with tests trying to remove the file.

5.228

2025-02-03
Fix: Resolved PHP warnings in Events Logger related to undefined ‘notify_new_admin’ array key

5.227

2025-01-29
Security: Improved backup file encryption to prevent unauthorized access to sensitive configuration files
Security: Added file integrity verification to backup/restore functionality
Enhancement: Improved visitor log interface:
- Added refresh button for manual data updates
- Added pagination controls at both top and bottom of the table
- Improved error handling and display
- Enhanced data loading with server-side processing
Fix: Resolved PHP warnings in Events Logger related to undefined ‘notify_new_admin’ array key
Enhancement: Added default settings for Events Logger notifications to prevent PHP notices

5.226

2025-01-27
New: Added notification system for new administrator user creation, including direct database insertions – https://securityninja.productlift.dev/p/notify-when-a-new-admin-user-has-been-created-uLRYcA
New: Added periodic checks for unauthorized admin user creation through database manipulation

5.225

2025-01-27
Updated: Freemius SDK to 2.11.0
Updated language files.

5.224

2025-01-23
Improved: Enhanced UI with better color contrast in the test interface
Improved: Vulnerability scanner now shows how many vulnerabilities are in the list.
Enhanced: Improved Import/Export functionality:
- Fixed issues with firewall settings not importing correctly
- Added proper handling of boolean and array settings
- Improved validation and sanitization of imported data
- Added detailed import logs and success notifications
- Fixed scheduler settings import
- Preserved critical existing settings during import
Enhanced: Completely revamped 2FA setup flow:
- Improved session handling for more reliable authentication
- Better handling of grace period skipping
- UX: Added automatic focus on 2FA code input field
- Added proper login redirect handling
- Fixed issues with session persistence
- Improved error handling and user feedback
Fixed: Resolved compatibility issues with Nextend Social Login in 2FA module
Security: Strengthened session management in 2FA authentication process
Code refactoring for better maintainability and WordPress coding standards compliance

5.223

2025-01-17
Fix: Added missing URL column to visitor log database table to properly track request URLs.
Fix: Cleaning up the code for the 2FA module console log messages only showing for error events.
Fix: Create missing database tables when installing the plugin.
Added UptimeRobot IPs to the whitelist.
Updated: Freemius SDK to 2.10.1 and phpseclib to 2.0.48.

5.222

2024-12-12
Fix: Resolved rare PHP warnings related to undefined webhook settings in Events Logger.
New: Users IPs automatically added to the whitelist when activating the firewall. IPs are no longer added to the whitelist by successful login.
Updated Freemius SDK to 2.10.1

5.221

2024-11-10
Fixed issue with new QR code shown for some users already having 2FA enabled when trying to log in.
Fix issue with events logger not sending HTML emails.
Enhanced email reports in the events logger to look better.
Improved translation strings in events logger module.

5.220

Fixed issue with the topbar not using the correct White label icon and title for some users.
Further improvements to the translation strings.
Enhancement: White label: Now having an empty icon URL will not show the icon in the topbar.
Added more debug logging to the scheduled scanner.
Added missing Bulgarian translation.* Enhancement: 2FA code input field not focusing automatically.
Fix – visitor log table was not created on some systems.
Tested up to WordPress 6.7.

5.219

Improved translations in the plugin.
PRO: New Language Support!
We’ve expanded the language support in Security Ninja Pro to better serve our global community. With this update, we’ve added full translations for 16 languages, allowing users to navigate the plugin more comfortably in their native language. Here are the newly supported languages: Danish (da_DK), German (de_DE), Spanish (es_ES), Finnish (fi_FI), French (fr_FR), Croatian (hr_HR), Icelandic (is_IS), Italian (it_IT), Korean (ko_KR), Norwegian Bokmål (nb_NO), Dutch (nl_NL), Portuguese (pt_PT), Russian (ru_RU), Swedish (sv_SE), Chinese (Simplified) (zh_CN) and Hindi (hi_IN).

This update makes Security Ninja more accessible to millions of users worldwide, with full support for major languages in Europe, Asia, and beyond.

5.218

Added headers to prevent caching on Cloudflare and other proxies.
Fixed compatibility issue with Fluent Bookings plugin. Thank you to everyone reporting this issue.
Added Divi Dashboard to the cloud firewall whitelist. Thank you James.
Trimmed 2FA module code.
Trimmed file viewer module code.
Trimmed unused code in the test descriptions and updated the strings for translation.
Translation updates.

5.217

Fix: Events logger emails had a bug where the content generated list did not look correctly in the email.
Added .inc, .xml, .json, .md, .yml, .yaml, .sql and .ini as allowed file extensions for the file viewer.

5.216

Refactored the code for enabling the firewall.
Fix: Resolved an issue with the scheduled scanner not running properly.
Further improvements to the cloud firewall.
Added WPCompress to the cloud firewall whitelist.
When disabling the firewall, 2FA is also disabled and all user 2fa secrets are deleted.
Improved translation strings, increased the amount of the plugin being translated.

5.215

Fix: Resolved an issue with error messages showing up regarding \wf_sn_el_modules missing. Thank you everyone reporting this issue.
File Viewer: Added support for viewing debug.log and error_log files, allowing users to access important debugging information.
File Viewer: Fixed a PHP notice about a missing timestamp, $timestamp. Thank you Tom for reporting this issue.
Cloud Firewall: Added a filter secnin_show_woocommerce_login_message to allow customization of the WooCommerce login message display. https://wpsecurityninja.com/docs/filters-hooks/secnin_show_woocommerce_login_message/

5.214

Fixed issues with 2FA setup not working for some users.
Fix: Missing translations in the 2FA module.
Improved malware scanner better interface and improvements to the backend.
Started work reintroducing the database malwarescanner and preparing for a beta release.
Improvement to the license activation process.

5.213

Fixed an issue where license activation could lead to a flood of email verification requests. This occurred when users agreed to activate their license but didn’t complete the email confirmation process. Previously, users were allowed to remain anonymous, but this caused unintended complications.
Fixed an issue in the malware scanner that occasionally caused the scan to stop unexpectedly.

5.212

Resolved issues causing unexpected errors for some users.
Improved MainWP integration for smoother functionality.

5.211

Code cleanup and refactoring.
Removed anoymous feature when signing up.
Fix: Resolved an issue with the events logger not sending emails in some cases.
Improved Scheduled Scanner to load results via AJAX, reducing database load and request times.
Fix: Resolved issues loading the Core Scanner results window.

5.210

Feature: Core Scanner module now available to all users. Keeping your core files safe is important.
Enhancement: Improved file restoration process within the Core Scanner for more reliable recovery.
UI: Updated dialog messages for better user understanding in file operations.
Fix: Resolved an issue with the white label feature loading properly for some users with unlimited licenses.
Fix: Resolved an issue with inline CSS added in admin incorrectly.
Security: Strengthened nonce verification in AJAX calls for Core Scanner actions.
New: Automatic license activation for agencies: Automatically activates licenses on sites without an existing activation. Makes it easy to distribute the plugin to multiple sites.
Security: Enhanced escaping in Core Scanner’s file listing function.
Improvement: Updated Core Scanner to use WordPress’s built-in hashing function for better security.
Code: Improved PHPDoc comments in Core Scanner module for better code documentation.

5.209

Improved 2FA setup and verification process.
Fix: Resolved an issue where the 2FA setup wizard was not displayed for some users.
Updated IP2Location package to 9.7.3 to fix an issue with country detection.
Fix: Issue with country detection in the visitor log module – wrong flag used in some cases.
Enhanced send_webhook_event function for better reliability and security.
Enhanced: Vulnerability scanner now displays when each vulnerability list was last updated.
Fix: Resolved an issue with saving country settings on some sites.
Improved ‘PHP Headers’ security test for better accuracy and reliability. Thank you Stefan.
Enhanced error handling and sensitive information detection in server responses.

5.208

General: Added and updated PHPDoc comments for better code documentation and consistency.
General: Refactored white labeling functionality for improved performance and maintainability.
General: Optimized code organization, readability, and adherence to WordPress coding standards.
General: Enhanced internationalization and output escaping for user-facing strings.
General: Added a mechanism to prevent error pages from being cached by defining the DONOTCACHEPAGE constant. Thank you Björn.
Security: Strengthened nonce verification in AJAX calls.
Security: Enhanced SQL injection prevention in visitor log queries.
Security: Added validation to prevent banning of private or reserved IP addresses.
Security: Implemented a 5MB file size limit and directory traversal prevention in the File Viewer module.
Security: Restricted viewable file types to a predefined whitelist.
2FA: Improved error handling and logging.
2FA: Addressed potential issues in 2FA setup and verification process.
Core Scanner: Improved input sanitization for file deletion functionality.
Core Scanner: Enhanced error handling, logging, and security checks.
Core Scanner: Refined error messages for more useful debugging information.
File Viewer: Limited file content display to 10,000 lines to prevent excessive memory usage.
File Viewer: Updated path handling for better security and performance.
File Viewer: Fixed potential vulnerabilities in file path handling and content rendering.
Code Quality: Refactored methods to use prepared statements consistently.
Code Quality: Improved static caching for better performance.
Code Quality: Implemented proper escaping when outputting dynamic values.
Code Quality: Added constants for frequently used values.
UI: Updated warning message and button text in the setup wizard.
Tested: Confirmed compatibility with WordPress 6.6.2.
Enhanced security and code quality in secnin-wizard.js

…

Entire changelog can be seen here: changelog

Free version is useless

This plugin is amazing

I don’t want to be tracked, but also not to be asked for this on every reload

Works perfect, it’s worth to get pro

Visitors log problem resolves quickly

Awesome Plugin