plugin-icon

Site Lockdown Security

Audit, protect, monitor, firewall, and secure WordPress with premium tools at no cost.
Рейтинги
5
Версия
9.1.1
Активные установки
400
Последние изменения
Jun 30, 2026
Site Lockdown Security

View full plugin documentation — CLICK HERE

Site Lockdown Security gives WordPress administrators, agencies, developers, and support teams a full security command center without hiding the best tools behind a paid upgrade.

Most WordPress security plugins reserve their strongest features for premium plans: firewalls, file change monitoring, malware scanning, scheduled reports, branded client dashboards, email alerts, login protection, cleanup tools, Cloudflare controls, and advanced hardening. Site Lockdown Security includes those kinds of features in one plugin, and they are not treated as upsells.

Use Site Lockdown Security to audit files, lock down important folders, monitor file changes, verify WordPress core integrity, scan for suspicious code, review abandoned folders, enforce password resets, check public file exposure, monitor redirects, protect logins, review risky software, receive branded email alerts, and run a WordPress-aware firewall with Cloudflare and WooCommerce compatibility controls.

Premium Features Without Premium Upgrade Fees

Site Lockdown Security is built around a simple promise: powerful WordPress security features should not require surprise upgrade fees.

Features that are commonly sold as premium add-ons in other WordPress security plugins are included here, including white label branding, firewall controls, file change monitoring, scheduled security reports, infection scanning, cleanup tools, email notification previews, Cloudflare edge actions, login security, and client-ready branded alerts.

We will never charge for plugin upgrades or future features. When Site Lockdown Security improves, your security tools improve with it.

Key Features

  • Firewall Security with Smart Block, Monitor Only, WooCommerce Safe, and Emergency Shield protection modes
  • WooCommerce-aware firewall handling for checkout, cart, Store API, REST API, AJAX, and payment gateway flows
  • Cloudflare integration with visitor IP detection, API credential testing, edge actions, managed challenges, access rule syncing, and automatic rule cleanup
  • Firewall Event Timeline with searchable and filterable events, severity details, manual IP actions, pagination, and daily summary alerts
  • IP allowlist and blocklist controls for trusted IPs, CIDR ranges, immediate blocks, and manual firewall response management
  • Custom blocked request page with editable title, subtitle, message, button, footer note, and live preview
  • Site Lock to make important WordPress files and folders read-only after a site is clean and stable
  • Watch Dog File Change Monitor with trusted baselines, new/modified/deleted file detection, review actions, scheduled scans, and alerts
  • WordPress Core Check using official WordPress.org checksums to detect modified, missing, unreadable, or unexpected core files
  • Infection Scanner for suspicious patterns, malware indicators, obfuscated code, backdoors, spam injections, and unwanted scripts
  • Scheduled infection scans, security reports, update checks, and digest emails
  • Email notification previews for individual alert types before notifications are sent
  • Branded security emails for plugin updates, file changes, core changes, reports, infection scans, risk reviews, software health, digests, and firewall summaries
  • White Label Branding for agencies, developers, maintenance providers, and support teams
  • White Label import and export to move branding settings between client sites
  • Custom branding controls for plugin text, colors, icons, dark icons, banners, email imagery, and dashboard presentation
  • Folder and file auditing for root files, wp-content, plugins, themes, uploads, .htaccess files, abandoned folders, and suspicious items
  • File preview, download, approve, ignore, delete, include, and bulk actions
  • Cleanup tools for old backups, temporary files, logs, cache files, abandoned folders, and other clutter
  • Plugin Refresher and Theme Refresher to reinstall clean WordPress.org copies of plugins and themes
  • Permissions Check for important WordPress files and folders, including Site Lock-aware status
  • Software Health to identify outdated, abandoned, or potentially risky plugins and themes
  • Risk Review for common local security issues, severity sorting, ignore/include controls, scheduled checks, and alerts
  • Redirect Monitor to test public visitor behavior and alert when visitors may be redirected to an unauthorized website
  • Update Monitor for pending WordPress core, plugin, and theme updates with alerts only when updates are available
  • Password Reset Enforcement by user role, including immediate session logout and secure reset guidance
  • Public File Exposure Check for sensitive backup, log, configuration, database, and metadata files
  • Login Security with protected login URL controls, login limits, activity tracking, session controls, and role-based expiration
  • Security Tools for XML-RPC exposure, author scans, debug exposure, SSL information, blacklist status, file finding, and hardening reviews
  • Setup Guide with progress tracking for recommended protection steps
  • Responsive AJAX admin interface designed for fast navigation and practical daily use

Built For Agencies And Client Support Teams

Site Lockdown Security includes White Label Branding because security work is often delivered as a professional service.

You can brand the admin experience, email imagery, colors, icons, banners, and plugin presentation around your business or client support program. Branding settings can be exported and imported between sites so the same client-ready experience can be reused across multiple installations.

These are the kinds of client-facing tools that are often locked behind agency or premium licenses elsewhere. In Site Lockdown Security, they are included.

Firewall Security

Firewall Security helps protect WordPress from suspicious requests, exploit payloads, scanner signatures, bot signatures, dangerous methods, XML-RPC abuse, REST API exposure, suspicious query strings, and excessive request rates.

Protection modes include Smart Block for high-confidence malicious traffic, Monitor Only for tuning without blocking, WooCommerce Safe for checkout and payment compatibility, and Emergency Shield for active attack situations where public traffic needs to be restricted while administrators retain access.

Firewall Security also includes event logging, severity tracking, searchable timelines, IP allow/block actions, Cloudflare-aware IP detection, Cloudflare edge actions, notification settings, email summaries, and a customizable blocked request page.

Site Lock

Site Lock helps prevent unwanted file additions, injected scripts, unauthorized edits, and accidental deletions by making selected WordPress files and folders read-only.

You can unlock the site when legitimate updates or maintenance are needed, then apply Site Lock again when finished.

Site Lock is useful after a site has been cleaned, audited, updated, or stabilized and you want to reduce the chance of future unexpected file changes.

Watch Dog

Watch Dog creates a trusted baseline of your site files and compares future scans against that baseline.

It reports new, modified, and deleted files so administrators can quickly review changes after updates, maintenance, cleanup work, or suspicious activity.

Watch Dog includes file change monitoring, baseline rebuilding, review actions, scheduled scans, protected baseline storage, and email alerts when changes are detected.

Watch Dog Baseline Storage

Watch Dog stores protected baseline data under:

wp-content/uploads/site-lock/watch-dog/

This keeps baseline data outside the plugin folder so it is not removed during plugin updates.

Sites updating from older versions automatically migrate Watch Dog baseline storage from the previous location:

wp-content/uploads/guard-dog/watch-dog/

After a successful migration, the old storage folder is safely removed and the new Watch Dog storage path remains excluded from Site Lock so baseline files can continue to be updated when needed.

Redirect Monitor

Redirect Monitor tests public site behavior as different visitor types and alerts when visitors may be redirected to an unauthorized website.

It can test the homepage, login page, custom paths, and same-site navigation menu URLs using a focused scan strategy designed to avoid oversized scan jobs.

Core Check

Core Check compares installed WordPress core files against the official WordPress.org checksum API.

It reports modified, missing, unreadable, or unexpected files in WordPress core areas so administrators can review potential core file integrity problems.

Update Monitor

Update Monitor checks pending WordPress core, plugin, and theme updates and sends email alerts only when updates are available.

Infection Scanner

The infection scanner reviews site files for suspicious patterns commonly associated with malware, backdoors, obfuscated scripts, spam injections, and unwanted code.

Scans can be run manually or scheduled, and results can be included in reports and notifications.

Email Notifications

Site Lockdown Security includes configurable email alerts for important security events and scheduled checks.

Supported notification types include:

  • Plugin Update Notification
  • Security Snapshot Digest
  • Scheduled Infection Scan
  • Automated Security Report
  • File Change Notification
  • Core Change Notification
  • Software Health Alert
  • Risk Review Alert
  • Firewall Realtime Alerts
  • Firewall Summary Notifications

Each individual alert includes a preview option so administrators can review the email layout before using it.

The global email notification settings form allows administrators to set the default frequency and recipient email for alerts in one place.

White Label Branding

White Label Branding is one of the standout features of Site Lockdown Security because it lets agencies and service providers present security work under their own brand.

Administrators can customize branding text, colors, icons, dark icons, banners, email imagery, and dashboard presentation.

White Label settings can be exported to a JSON file and imported on another site, making it easier to reuse the same branding across multiple installations.

The Reset Settings option restores the default Site Lockdown theme and brings back the default support contact button when branding is returned to its original values.

Plugin Refresher

Plugin Refresher helps reinstall fresh copies of WordPress.org plugins.

This can be useful when a plugin may have been modified, corrupted, or affected by suspicious files.

Site Lockdown Security uses native WordPress upgrade handling for safer refresh workflows and supports both individual and bulk plugin refreshes.

Theme Refresher

Theme Refresher helps reinstall fresh copies of WordPress.org themes.

It includes version information, update status, WordPress.org availability detection, and support for individual or bulk theme refresh workflows.

Password Reset Enforcement

Require selected user roles to change their password. Active sessions for those users are logged out immediately, and their next valid login attempt shows a clear password-change message with a secure reset link.

Public File Exposure Check

Test whether sensitive backup, log, configuration, database, and metadata files can be accessed publicly from the website URL.

File Finder and Removal Tool

Quickly scan for specific files or identify extensionless files that may require review or removal. No shell commands or complex server tasks are required.

Login Security

Login Security helps protect the WordPress login area with protected login URL controls, login attempt limits, activity tracking, session controls, and role-based expiration options.

Permissions Check

Permissions Check reviews important WordPress files and folders and compares current permissions against recommended values.

It helps identify writable files, risky permissions, and items that may need attention.

When Site Lock protects a file or folder, permissions results account for that protected status.

Software Health

Software Health checks installed plugins and themes for maintenance signals that may indicate abandoned or outdated software.

It helps administrators identify items that may need updates, replacement, removal, or closer review.

Risk Review

Risk Review checks local site risk signals and common security configuration concerns.

It includes severity sorting, ignore/include controls, scheduled checks, and optional email alerts.

Setup Guide

The Setup Guide helps administrators complete recommended Site Lockdown Security settings.

Setup items include Site Lock, scheduled infection scans, automated reports, file change baselines, file change notifications, core change notifications, software health alerts, risk review alerts, firewall settings, login protection, and branded email notifications.

Progress tracking helps administrators see which recommended protection steps are complete.

Проверено на
WordPress 7.0.1
Этот плагин можно скачать и использовать при .