🔌 VistoShield
WordPress Edition

File integrity monitoring against official WordPress checksums. Malware detection with 62+ pattern signatures. Vulnerability scanning for known CVEs. Quarantine management with one-click restore.

• Core file integrity checks against wordpress.org checksums
• Malware pattern scanning with 62+ detection signatures
• File quarantine with safe restore and permanent delete
• Scheduled automated scans with email notifications

WordPress Application Firewall with 7 rule categories covering SQL injection, XSS, RFI, directory traversal, and more. 14-point security hardening checklist. HTTP security headers management for HSTS, CSP, and X-Frame-Options.

• SQL injection, XSS, RFI, and directory traversal blocking
• 14-point security hardening checklist with one-click fixes
• 7 HTTP security headers (HSTS, CSP, X-Frame-Options, etc.)
• Learning mode for safe testing before enforcement

User-Agent signature matching with 143+ patterns covering scrapers, spam bots, AI crawlers, and vulnerability scanners. Behavioral scoring engine rates each visitor 0–100. rDNS verification lets legitimate search engine bots through.

• Block / Challenge / Allow / Monitor per-bot actions
• Behavioral scoring engine (0–100 threat rating)
• rDNS verification for Google, Bing, and other good bots
• AI crawler management (GPTBot, CCBot, ClaudeBot, etc.)

Brute force protection with progressive lockouts that escalate from 5 minutes to 24 hours. TOTP two-factor authentication for all user roles. Hidden honeypot field catches automated bots. Full login attempt logging with CSV export.

• Progressive lockout intervals (5m → 15m → 1h → 24h)
• TOTP two-factor authentication with QR code setup
• Hidden honeypot field for automated bot detection
• Login attempt logging with search, filter, and CSV export

Comprehensive security event monitoring that tracks logins, content changes, plugin/theme activations, user role modifications, and settings changes. Alert rules with email, Slack, and webhook notifications. GDPR-compliant data export and erasure.

• Login, content, plugin, theme, and user tracking
• Alert rules with email, Slack, and webhook notifications
• Configurable retention and automatic log cleanup
• GDPR-compliant data export and personal data erasure

Role-based password enforcement with configurable complexity rules per user role. Password expiration with grace periods. Breach detection via Have I Been Pwned using privacy-safe k-anonymity API. Password history prevents reuse of recent passwords.

• Per-role minimum length and complexity
• Configurable password expiration
• HIBP breach detection (k-anonymity)
• Password reuse prevention
• Compliance dashboard

REST API lockdown with key management, per-key rate limiting, and endpoint control. Prevent user enumeration via author queries. Disable XML-RPC. Manage CORS origins. Full API request logging with analytics.

• API key create / revoke / rotate
• Per-key rate limiting with 429 responses
• Endpoint whitelist and blacklist
• User enumeration prevention
• CORS origin management

Detect plugin and theme vulnerabilities by syncing against public vulnerability databases. Apply virtual patches via WAF rules before official fixes are released. Smart auto-updates with pre-update backups and one-click rollback.

• Vulnerability database sync
• Virtual patching via WAF rules
• Smart auto-updates by severity
• Pre-update backup and rollback
• Email notifications by severity

Automated incident detection from all VistoShield plugins with guided response playbooks. Isolate compromised plugins, enable maintenance mode, block IPs, and notify stakeholders via email or Slack. Generate post-incident reports.

• Cross-plugin incident detection
• 5 pre-built response playbooks
• Plugin isolation and maintenance mode
• Email and Slack notifications
• Incident timeline and reporting

DNS health monitoring with change detection. Validate NS, SOA, MX, SPF, DKIM, DMARC, DNSSEC, CAA records, and SSL certificates. Health score dashboard with automated scheduled checks and change alerts.

• 9 DNS record categories validated
• SSL certificate expiry monitoring
• Change detection and email alerts
• DNS health score dashboard