frequently asked questions
Description
Sets nofollow per content.
How it works
Saves _aegisseo_nofollow and outputs robots meta.
How to access / enable
Edit Post → AegisSEO metabox → Robots.
Recommended setting
Rare; keep follow unless special case.
Description: Chooses how QR codes are generated/handled for enrollment (Pro).
How it works: The QR engine setting (pro_mfa_qr_engine) controls QR rendering strategy to balance compatibility and privacy.
How to access / configure:
- WP Admin → AegisShield → Login Guard → MFA (Pro).
- Select the QR engine option.
- Save and test enrollment on multiple devices/browsers.
Recommended setting: Prefer the most compatible QR option; avoid third-party QR endpoints if privacy is a concern.
Description: Enforces MFA for selected WordPress roles (Pro).
How it works: On login, AegisShield checks the user’s role against the enforced list and requires MFA if applicable.
How to access / configure:
- WP Admin → AegisShield → Login Guard → MFA (Pro).
- Enable enforcement and select roles.
- Save changes and notify users.
Recommended setting: Enforce at least for administrators and editors; expand to authors on content-heavy sites.
Feature
AegisForm protection — First-class protection for AegisForm submissions with JS proof and scoring.
How it works
Because AegisForm is part of your ecosystem, AegisSpamGuard can integrate tightly: consistent tokens, clean event shapes, and shared UI/UX expectations.
How to access / enable
- WP Admin → AegisSpamGuard → Settings
- Enable JS proof + honeypot.
- Ensure AegisForm is active; integration runs automatically.
Recommended setting
Recommended: Keep enabled (default).
It gives your product suite a cohesive, premium ‘works together’ experience.
Why you need this
If you rename form fields, AegisSpamGuard still scores generically via normalized payload.
Additional information
Description: Shows which websites or sources are sending traffic to your short links.
How it works: AegisLink records the HTTP referer (when available) and aggregates top sources.
How to access / enable: WP Admin → AegisLink → ShortURL Links → Analytics → Top Referrers.
Recommended setting: Use this to validate social and partner campaigns and discover unexpected traffic sources.
Feature
Firewall log stream — A dedicated log stream for firewall pre-checks so you can report “blocked X bots before WordPress loaded.”
How it works
Firewall logging is separate from submission events. It records early actions like CHALLENGE/BLOCK/ALLOW with minimal data (privacy-safe) so you can measure edge protection.
How to access / enable
- WP Admin → AegisSpamGuard → Firewall
Recommended setting
Recommended: Enable firewall logging when Firewall pre-check is ON.
It gives you proof-of-value metrics and helps debug if a legitimate client gets challenged.
Why you need this
Admins benefit from a clear separation between ‘traffic blocked at the edge’ and ‘spam submission attempts’.
Additional information
Description: Sets which integrity findings should trigger email alerts (Pro-oriented behavior).
How it works: When a scan produces findings at or above the configured threshold, AegisShield can send notifications to configured recipients.
How to access / configure:
- WP Admin → AegisShield → File Integrity.
- Set Email Alert Threshold (e.g., High only).
- Configure recipients in File Monitor email settings and Save Changes.
Recommended setting: Alert on High-risk changes only to reduce noise; investigate immediately when triggered.
Description
Default title template for archives.
How it works
Uses title_archive with term variables.
How to access / enable
Global SEO → Titles & Meta → Archive Title Template.
Recommended setting
%%term%%%%sep%%%%sitename%%
Feature
Retention days setting (auto-delete older logs) + manual cleanup button
Description
Retention controls and cleanup.
How it works
AegisWAF applies this capability inside the Logging & Evidence module. The engine evaluates configuration, applies matching (path/method/tokens/counters/providers), then records evidence into the event log and executes the configured enforcement action when conditions are met.
How to access / Enable or disable
- Access: AegisWAF → Logs / Attack Story
- Enable/Disable: Use the module toggle/switch on this screen (or the relevant category toggle) to enable/disable.
Recommended setting
Set 30 days retention for most sites; shorten to 7–14 days on small databases.
- Reduces common WordPress attack surface (headers, hardening, login protection)
- Adds observability (activity logging + login attempts + file integrity baselines)
- Adds incident-oriented tooling (malware workflows like incremental scan / incidents / profiles / scheduler tabs in UI)
- Provides safer DB admin utilities (notably DB prefix management with a “don’t forget the internal keys” phase)
Description: Health Checks verify that short link targets are reachable and identify broken destinations.
How it works: AegisLink runs scheduled checks and records HTTP response codes and health status for each short link.
How to access / enable: WP Admin → AegisLink → Tools & Licensing → Health Checks.
Recommended setting: Keep health checks enabled for ecommerce and campaign-heavy sites to catch broken products/pages early.
Description: Builds a baseline of known-good file checksums to detect unexpected changes.
How it works: AegisShield records checksums for monitored paths; later scans compare current checksums against baseline to detect modifications.
How to access / configure:
- WP Admin → AegisShield → File Integrity.
- Run the baseline/scan to initialize monitoring.
- Review results for unexpected changes.
Recommended setting: Create a fresh baseline right after a clean install and after major updates you trust.
Feature
Attack Story: Unique routes (24h)
Description
Counts distinct routes/paths targeted in the last 24 hours.
How it works
AegisWAF applies this capability inside the Logs / Attack Story module. The engine evaluates configuration, applies matching (path/method/tokens/counters/providers), then records evidence into the event log and executes the configured enforcement action when conditions are met.
How to access / Enable or disable
- Access: AegisWAF → Logs / Attack Story
- Enable/Disable: Use the module toggle/switch on this screen (or the relevant category toggle) to enable/disable.
Recommended setting
Start conservative (LOG or Challenge) for new deployments; tighten to Block once you confirm low false positives.
Feature
Managed Rules: XSS category toggle
Description
Enable/disable cross-site scripting managed rules.
How it works
AegisWAF applies this capability inside the WAF Rules module. The engine evaluates configuration, applies matching (path/method/tokens/counters/providers), then records evidence into the event log and executes the configured enforcement action when conditions are met.
How to access / Enable or disable
- Access: AegisWAF → WAF Settings (Rules section)
- Enable/Disable: Use the toggle on this screen to turn it ON or OFF, then click Save.
Recommended setting
Start conservative (LOG or Challenge) for new deployments; tighten to Block once you confirm low false positives.
Description: Controls whether this specific short link records clicks.
How it works: When enabled, AegisLink logs click events; when disabled, redirects still work without logging.
How to access / enable: WP Admin → AegisLink → ShortURL Links → Manage → Tracking → Save.
Recommended setting: Disable on internal admin-only links; enable on public marketing links.
Feature
Progressive delay challenge — Applies a small, increasing delay only when an event falls into the Challenge band—primarily for forms—to discourage bots while keeping UX reasonable.
How it works
Instead of blocking, AegisSpamGuard can slow suspicious submissions. Higher Challenge scores receive higher delay within your configured min/max range.
How to access / enable
- WP Admin → AegisSpamGuard → Settings
- Modules & signal groups
- Enable “Progressive delay” and set min/max milliseconds.
Recommended setting
Recommended: ON with 150ms min / 1800ms max.
This is usually invisible to humans but costly for bots attempting high-volume submissions.
Why you need this
Admins reduce spam throughput without hard rejects, which helps conversions.
Additional information
Description: Limits repeated login attempts to reduce password-guessing attacks.
How it works: AegisShield counts failed attempts per IP/user and triggers lockouts when thresholds are exceeded.
How to access / configure:
- WP Admin → AegisShield → Login Guard.
- Ensure Login Guard is enabled.
- Configure Max Attempts and Lockout Duration (if available) and Save Changes.
Recommended setting: Start with 5 max attempts and 15 minutes lockout; tighten for high-risk sites.
Description
Notifies search engines after updates.
How it works
Sends ping requests (optional).
How to access / enable
Sitemap → Ping option.
Recommended setting
Optional; enable if hosting stable.
Feature
Integrations framework (placeholders for Central/CLM sync)
Description
Framework hooks for future centralized management.
How it works
AegisWAF applies this capability inside the Integrations module. The engine evaluates configuration, applies matching (path/method/tokens/counters/providers), then records evidence into the event log and executes the configured enforcement action when conditions are met.
How to access / Enable or disable
- Access: AegisWAF → Integrations
- Enable/Disable: Use the module toggle/switch on this screen (or the relevant category toggle) to enable/disable.
Recommended setting
Start conservative (LOG or Challenge) for new deployments; tighten to Block once you confirm low false positives.
Feature
Trust logged-in users — Reduces score or bypasses certain checks for authenticated users to minimize false positives.
How it works
If enabled, the engine treats logged-in users as lower risk (configurable), which helps membership and community sites.
How to access / enable
- WP Admin → AegisSpamGuard → Settings
- Trust settings section
- Toggle “Trust logged-in users”.
Recommended setting
Recommended: ON for membership/community sites; OFF for open registrations with frequent compromised accounts.
Trusted sessions reduce friction for real users; turn off only if you see abuse from compromised accounts.
Why you need this
Admins keep UX smooth for known users while still protecting public endpoints.
Additional information
Description: Controls XML-RPC behavior to reduce abuse while keeping compatibility when needed.
How it works: disable_xmlrpc_behavior determines whether XML-RPC is allowed, partially restricted, or denied with an error page.
How to access / configure:
- WP Admin → AegisShield → Hardening.
- Locate XML-RPC behavior dropdown.
- Choose the desired behavior and Save Changes.
Recommended setting: Use “Allow core XML‑RPC but restrict dangerous methods” when compatibility is needed; otherwise deny XML‑RPC on sites that don’t use it.
Feature
Inspection scope controls: Inspect headers / cookies / body
Description
Choose which request parts are inspected.
How it works
AegisWAF applies this capability inside the WAF Rules module. The engine evaluates configuration, applies matching (path/method/tokens/counters/providers), then records evidence into the event log and executes the configured enforcement action when conditions are met.
How to access / Enable or disable
- Access: AegisWAF → WAF Settings (Rules section)
- Enable/Disable: Use the module toggle/switch on this screen (or the relevant category toggle) to enable/disable.
Recommended setting
Start conservative (LOG or Challenge) for new deployments; tighten to Block once you confirm low false positives.
Description
Flags posts below word threshold.
How it works
Counts words and creates issue if below threshold.
How to access / enable
Issues & Fixes → Thin Content filter.
Recommended setting
300-word baseline; adjust for niche.
Description
Stores social profile URLs for schema and social meta defaults.
How it works
Saves social profiles and outputs sameAs links in schema.
How to access / enable
Setup Wizard → Social URLs → Save.
Recommended setting
Only add profiles you actively maintain.
FREE: Not available.
PRO: Available.
What it does: Correlates alerts across modules.
How to use it properly: Prefer correlated alerts for higher confidence.