Run WordPress security like a SOC.
Swairish Site Security combines malware scanning, request detection, audit logging, active defense, hardening, reports, and Dodo-powered commercial licensing in one WordPress plugin.
One license can be used on one site only. Agency includes 100 single-site licenses.
The real WordPress admin, not a mockup.
See the installed interface for security visibility, SOC triage, hardening controls, and incident-ready reports.
Security features for real response.
The plugin is built around response workflows: detect attacks, log context, block abusive traffic, harden the site, scan files, export evidence, and explain what happened.
Live event visibility, not just a static scan result.
Track security activity with summaries, severity mix, category charts, live event view, and session correlation by IP, user agent, and user.
- Logins, plugin/theme changes, file edits, and suspicious requests.
- IP, method, URI, user agent, severity, category, and risk score.
- MITRE and OWASP mapping for incident review.
Detect abuse and respond from inside WordPress.
The active defense layer watches for scanning, login sprays, exploit probes, and suspicious HTTP payloads, then rate-limits or blocks based on risk.
- SQL injection, XSS, RCE, LFI, scanner, and enumeration patterns.
- Manual IP/CIDR blocklist with temporary or permanent blocks.
- Cloudflare support for pushing single-IP blocks to the edge.
Security controls beyond malware scanning.
Swairish Site Security is designed as a defense and audit layer, not only a file scanner.
Find suspicious PHP and checksum drift.
Scan for obfuscation, web shells, sensitive files, risky permissions, and WordPress core checksum mismatches.
Respond without FTP.
Quarantine, restore, delete, and export selected findings directly from wp-admin.
Reduce the attack surface.
Custom login URL, XML-RPC controls, REST restrictions, CAPTCHA, directory indexing, headers, author enumeration, and file permission review.
Validate detection safely.
Run safe simulations for brute-force, SQL injection, XSS, and malicious upload indicators to test alerts and team readiness.
Clean malware from files and content.
Use the Pro Recovery Center to review suspicious files, clean injected posts/pages, preserve snapshots, and restore if needed.
Fix post-hack and white-screen incidents.
Force logout sessions, apply recovery hardening, disable broken plugins, switch fallback themes, and review fatal error clues.
Create evidence and restore bundles.
Generate evidence backups plus full-site backup and restore controls for files and database workflows.
Export logs for audits.
Use CSV/JSON exports, retention cleanup, filters, pagination, and bulk actions for high-volume sites.
Route important incidents.
Send admin-login notices, detailed scan-problem emails, scheduled security digests, and SIEM webhooks with editable templates.
No heavy UI framework.
The plugin keeps the admin lightweight and uses WordPress-native storage patterns without extra database tables.
A4 PDF reports built for real handoff.
Generate readable HTML and A4 PDF reports that include site identity, timestamp, security mode, settings, recent events, timeline sessions, hardening status, and last scan summary.
Simple pricing by license count.
Start free with core protection and response tools. Upgrade when you need SOC operations, malware cleanup, post-hack recovery, white-screen repair tools, SIEM routing, simulator drills, complete restore workflows, and multi-site licensing.
| Plan | Price | License | Included | Action |
|---|---|---|---|---|
| FreeStarter protection for one site. | $0 forever | 1 siteFree package. |
|
Download |
| Single Site ProBest for one business site. | $9 /mo | 1 siteOne license, one website. |
|
Buy Monthly |
| 10 Site ProFor operators managing client sites. | $19 /mo | 10 sitesOne activation per site. |
|
Buy Monthly |
| AgencyFor agencies and security service providers. | $49 /mo | 100 sites100 single-site licenses. |
|
Buy Monthly |
Compare the plan levels.
Free includes the core security toolkit. Pro and Agency add SOC operations, cleanup and recovery workflows, SIEM routing, simulator drills, complete restore workflows, and commercial license capacity.
| Feature | Free | Pro | Agency |
|---|---|---|---|
| Security overview dashboard | Yes | Yes | Yes |
| SIEM dashboard and timeline | Pro | Yes | Yes |
| Event log, filters, pagination, CSV/JSON export | Yes | Yes | Yes |
| LCAT attack timeline and session correlation | Yes | Yes | Yes |
| Suspicious HTTP detection and risk scoring | Yes | Yes | Yes |
| Firewall, rate limit, IP blocklist, Cloudflare push | Yes | Yes | Yes |
| File integrity, recommendations, and quarantine | Yes | Yes | Yes |
| Form CAPTCHA protection | Yes | Yes | Yes |
| HTML and A4 PDF report export | Yes | Yes | Yes |
| Evidence backup export | Yes | Yes | Yes |
| Editable email alerts, admin-login notices, scan-problem emails, digests, and SIEM routing | Pro | Yes | Yes |
| Threat simulator drills | Pro | Yes | Yes |
| Complete backup and restore | Pro | Yes | Yes |
| Malware cleanup assistant and post/page cleanup | Pro | Yes | Yes |
| White-screen recovery and post-hack wizard | Pro | Yes | Yes |
| Emergency shield, vulnerability intelligence, and login OTP | Pro | Yes | Yes |
| Agency white-label report branding | Pro | Yes | Yes |
| License capacity | 1 free site | 1 or 10 sites | 100 sites |
Frequently asked questions.
Short answers for installation, licensing, reports, and security operations.
Can one license be used on multiple sites?
No. One normal license is for one WordPress site only. Agency includes 100 single-site licenses.
Does the free package include a download?
Yes. The Free package is available from the download button on this page.
What makes Pro different?
Pro adds SOC dashboards, live view, malware cleanup, post-hack and white-screen recovery, editable alert emails, admin-login notices, scan-problem emails, scheduled digests, SIEM routing, threat simulator drills, complete backup/restore, and commercial one-site licensing. Agency adds 100 single-site activations and white-label reporting.
Does the Free plugin become Pro after entering a key?
No. The Free package does not show a license input. Paid customers install the Pro ZIP from the purchase delivery, then activate the Dodo license key inside the Pro package.
Does it create PDF reports?
Yes. Swairish Site Security can generate A4 PDF reports with site identity, timestamp, footer, event details, settings, hardening status, and scan summary.
Does it need FTP for quarantine?
No. Suspicious files can be quarantined, restored, or deleted from the WordPress admin response controls.
Is Dodo Payments licensing supported?
Yes. The plugin has commercial license activation, validation, deactivation, tier mapping, and Pro feature gating ready for Dodo-powered sales.
Install Swairish Site Security today.
Start with the free package, then move to Pro when you need full SOC-grade event logging, active defense, reports, backups, and licensing workflows.