Janric Simple Attack Monitor

Most security plugins try to do everything — firewall, blocking, malware scanning, email alerts — and end up bloated, slow, and full of upsells. Attack Monitor does one thing: it watches your site for common attack patterns and quietly logs them, so you always know what’s being thrown at your site. What it detects

Brute force login attempts XML-RPC abuse (including system.multicall floods) User enumeration via ?author= and the REST API Admin area probing by unauthenticated visitors Path and plugin scanning (phpinfo.php, .env, phpmyadmin, wp-config.php and more) SQL injection attempts in URLs and POST data XSS attempts in URLs and POST data Comment flooding

What you get

A dashboard widget showing this week’s attacks by category at a glance A full log page with day / week / 30-day / all-time views A bar chart of attack volume over time Top attacking IPs ranked by hit count Filterable event log with timestamps, IPs, URLs and detail Safe IP whitelist — exclude your own monitoring tools, cron jobs or office IP ranges CIDR range support (e.g. 192.168.1.0/24) for the whitelist A single lightweight database table — nothing else added to your WordPress installation

Philosophy Detection and blocking are separate concerns. This plugin handles detection only, leaving you free to choose how you respond — whether that’s Fail2ban, Cloudflare, a companion blocking plugin, or simply reviewing the data. No firewall rules are added, no requests are blocked or slowed down, and no data is sent anywhere outside your own database. Ideal for developers, agencies and site owners who want visibility without handing over control to an all-in-one security suite.