Pirajki Website Advance Security

Pirajki Website Advance Security gives you the core protections every WordPress site needs, without bloating your dashboard with features you’ll never use.

Key Features (Free)

• Firewall – blocks common attack patterns (SQL injection attempts, XSS, path traversal) in incoming requests, and lets you manually block or unblock individual IP addresses.
• Core File Integrity Checks – compares your WordPress core files against the official checksums published by the WordPress.org API and flags anything that’s been modified.
• Manual & Automatic Core Restoration – restore modified core files with one click, or opt in to automatic background restoration on a schedule you control. Automatic restoration is disabled by default; you choose to turn it on.
• Malware Scanner – scans your uploads folder, plugins, and themes for known malware signatures (obfuscated eval() calls, suspicious PHP files in uploads, etc.).
• One-Click Hardening – disable the file editor, protect wp-config.php, and disable XML-RPC.
• Auto-Restore Activity Log – see exactly what the plugin checked, restored, or failed to restore, and when.

Pro Add-On

The free version covers the essentials. A separate Pro add-on (available from the developer’s own site, not on WordPress.org) adds:

• Unlimited, full-site malware and integrity scans (the free version scans your highest-risk directories up to a file limit, to stay fast on shared hosting)
• Automated scheduled scans that run daily in the background
• Email alerts when security events occur
• Brute-force login protection and two-factor authentication
• Country-based IP blocking
• Extended scan and firewall log history
• Priority support

The Pro add-on is entirely optional. This plugin is fully functional as a free plugin and will always remain so — the add-on simply removes the file-scan limits and adds automation for larger or higher-traffic sites.

External Services

This plugin connects to the following third-party services as part of its core functionality:

• WordPress.org Core Checksums API (api.wordpress.org) — used to fetch the official list of checksums for your installed WordPress version, so the plugin can detect modified core files. This request includes your WordPress version number and locale. See the WordPress.org API documentation and WordPress.org Privacy Policy.
• WordPress.org Core SVN Repository (core.svn.wordpress.org) — used only when you click “Restore Modified Files” (or, if you’ve enabled it, during scheduled automatic restoration) to download an official, unmodified copy of a specific core file. No data about your site is sent with this request beyond the file path being requested.

No data is sent to any service operated by the plugin author. No analytics, tracking, or telemetry is included in the free version.