Swadhin Khan

WordPress security, audit, protection

Run WordPress security like a SOC.

Swairish Site Security combines malware scanning, request detection, audit logging, active defense, hardening, reports, and Dodo-powered commercial licensing in one WordPress plugin.

One license can be used on one site only. Agency includes 100 single-site licenses.
A4 PDFFormatted reports with logo, footer, timestamp, and incident details.
MITRE + OWASPSecurity events include framework mapping when detections match.
Bulk controlsPagination, exports, quarantine, and bulk actions for busy sites.
Dodo readyFree download stays separate from the Pro ZIP and license activation flow.
Swairish Site Security security dashboard showing event counts, security mode, scan status, and recent events.

The real WordPress admin, not a mockup.

See the installed interface for security visibility, SOC triage, hardening controls, and incident-ready reports.

Installed Swairish Site Security overview dashboard with monitored events, severity mix, categories, and active blocks.
Security overviewEvent totals, severity mix, category signals, and active response status.
Installed Swairish Site Security SOC dashboard with live events, severity mix, categories, and session correlation.
SOC dashboardLive security activity, risk context, event categories, and correlated sessions.
Installed Swairish Site Security hardening controls for login URL, XML-RPC, REST, indexing, headers, and permissions.
Hardening controlsLogin URL, XML-RPC, REST, directory indexing, headers, and permission review.
Installed Swairish Site Security reports and evidence backups with HTML, PDF, and download controls.
Reports and evidenceGenerate HTML and A4 PDF reports, then create an evidence handoff bundle.

Security features for real response.

The plugin is built around response workflows: detect attacks, log context, block abusive traffic, harden the site, scan files, export evidence, and explain what happened.

SOC Dashboard

Live event visibility, not just a static scan result.

Track security activity with summaries, severity mix, category charts, live event view, and session correlation by IP, user agent, and user.

  • Logins, plugin/theme changes, file edits, and suspicious requests.
  • IP, method, URI, user agent, severity, category, and risk score.
  • MITRE and OWASP mapping for incident review.
Swairish Site Security SOC dashboard with severity mix, categories, live event view, and session correlator.
Active Defense

Detect abuse and respond from inside WordPress.

The active defense layer watches for scanning, login sprays, exploit probes, and suspicious HTTP payloads, then rate-limits or blocks based on risk.

  • SQL injection, XSS, RCE, LFI, scanner, and enumeration patterns.
  • Manual IP/CIDR blocklist with temporary or permanent blocks.
  • Cloudflare support for pushing single-IP blocks to the edge.
Swairish Site Security dashboard with active mode, firewall settings, and recent monitored events.

Security controls beyond malware scanning.

Swairish Site Security is designed as a defense and audit layer, not only a file scanner.

File Integrity

Find suspicious PHP and checksum drift.

Scan for obfuscation, web shells, sensitive files, risky permissions, and WordPress core checksum mismatches.

Quarantine

Respond without FTP.

Quarantine, restore, delete, and export selected findings directly from wp-admin.

Hardening

Reduce the attack surface.

Custom login URL, XML-RPC controls, REST restrictions, CAPTCHA, directory indexing, headers, author enumeration, and file permission review.

Simulator

Validate detection safely.

Run safe simulations for brute-force, SQL injection, XSS, and malicious upload indicators to test alerts and team readiness.

Cleanup

Clean malware from files and content.

Use the Pro Recovery Center to review suspicious files, clean injected posts/pages, preserve snapshots, and restore if needed.

Recovery

Fix post-hack and white-screen incidents.

Force logout sessions, apply recovery hardening, disable broken plugins, switch fallback themes, and review fatal error clues.

Backups

Create evidence and restore bundles.

Generate evidence backups plus full-site backup and restore controls for files and database workflows.

Compliance

Export logs for audits.

Use CSV/JSON exports, retention cleanup, filters, pagination, and bulk actions for high-volume sites.

Alerts

Route important incidents.

Send admin-login notices, detailed scan-problem emails, scheduled security digests, and SIEM webhooks with editable templates.

Host Friendly

No heavy UI framework.

The plugin keeps the admin lightweight and uses WordPress-native storage patterns without extra database tables.

Reports and evidence

A4 PDF reports built for real handoff.

Generate readable HTML and A4 PDF reports that include site identity, timestamp, security mode, settings, recent events, timeline sessions, hardening status, and last scan summary.

Swairish Site Security reports and evidence backup screen with PDF report and evidence backup controls.

Simple pricing by license count.

Start free with core protection and response tools. Upgrade when you need SOC operations, malware cleanup, post-hack recovery, white-screen repair tools, SIEM routing, simulator drills, complete restore workflows, and multi-site licensing.

Every normal license activates one WordPress site. Agency includes 100 site licenses.
Plan Price License Included Action
FreeStarter protection for one site. $0 forever 1 siteFree package.
  • Overview dashboard and events
  • Scanner, file tools, and quarantine
  • Firewall, hardening, and CAPTCHA
  • HTML and A4 PDF reports
Download
Single Site ProBest for one business site. $9 /mo 1 siteOne license, one website.
  • Everything in Free
  • SOC dashboard and live view
  • Alerts and SIEM routing
  • Cleanup, recovery, simulator, and full backup/restore
Buy Monthly
10 Site ProFor operators managing client sites. $19 /mo 10 sitesOne activation per site.
  • Everything in Single Site Pro
  • 10 one-site activations
  • Client-site SOC workflows
  • Consistent cleanup, reports, and restore controls
Buy Monthly
AgencyFor agencies and security service providers. $49 /mo 100 sites100 single-site licenses.
  • Everything in Pro
  • 100 license capacity
  • White-label client reports
  • Agency cleanup and incident handoff
Buy Monthly

Compare the plan levels.

Free includes the core security toolkit. Pro and Agency add SOC operations, cleanup and recovery workflows, SIEM routing, simulator drills, complete restore workflows, and commercial license capacity.

Feature Free Pro Agency
Security overview dashboardYesYesYes
SIEM dashboard and timelineProYesYes
Event log, filters, pagination, CSV/JSON exportYesYesYes
LCAT attack timeline and session correlationYesYesYes
Suspicious HTTP detection and risk scoringYesYesYes
Firewall, rate limit, IP blocklist, Cloudflare pushYesYesYes
File integrity, recommendations, and quarantineYesYesYes
Form CAPTCHA protectionYesYesYes
HTML and A4 PDF report exportYesYesYes
Evidence backup exportYesYesYes
Editable email alerts, admin-login notices, scan-problem emails, digests, and SIEM routingProYesYes
Threat simulator drillsProYesYes
Complete backup and restoreProYesYes
Malware cleanup assistant and post/page cleanupProYesYes
White-screen recovery and post-hack wizardProYesYes
Emergency shield, vulnerability intelligence, and login OTPProYesYes
Agency white-label report brandingProYesYes
License capacity1 free site1 or 10 sites100 sites

Frequently asked questions.

Short answers for installation, licensing, reports, and security operations.

Can one license be used on multiple sites?

No. One normal license is for one WordPress site only. Agency includes 100 single-site licenses.

Does the free package include a download?

Yes. The Free package is available from the download button on this page.

What makes Pro different?

Pro adds SOC dashboards, live view, malware cleanup, post-hack and white-screen recovery, editable alert emails, admin-login notices, scan-problem emails, scheduled digests, SIEM routing, threat simulator drills, complete backup/restore, and commercial one-site licensing. Agency adds 100 single-site activations and white-label reporting.

Does the Free plugin become Pro after entering a key?

No. The Free package does not show a license input. Paid customers install the Pro ZIP from the purchase delivery, then activate the Dodo license key inside the Pro package.

Does it create PDF reports?

Yes. Swairish Site Security can generate A4 PDF reports with site identity, timestamp, footer, event details, settings, hardening status, and scan summary.

Does it need FTP for quarantine?

No. Suspicious files can be quarantined, restored, or deleted from the WordPress admin response controls.

Is Dodo Payments licensing supported?

Yes. The plugin has commercial license activation, validation, deactivation, tier mapping, and Pro feature gating ready for Dodo-powered sales.

Ready to protect your site?

Install Swairish Site Security today.

Start with the free package, then move to Pro when you need full SOC-grade event logging, active defense, reports, backups, and licensing workflows.

Complimentary Consultation

Claim Your Free
30-Minute Expert Session

Thank you for your interest. Schedule a one-on-one consultation and receive personalized recommendations tailored to your business goals.

⏱️ Select the 30-Minute Session
Exclusive Promo Code
30MVIP
Apply this code during checkout to make your session 100% FREE.
Schedule My Consultation →