=== AegisShield Security ===
Contributors: aegisify
Product link: https://aegisify.com/wordpress-aegis-shield-security-product/
Tags: security, login, malware, hardening, headers
Requires at least: 6.8
Tested up to: 6.9
Requires PHP: 8.2
Stable tag: 7.1.16
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Modular WordPress security with activity logs, login protection, file integrity checks, hardening, security headers, and malware scans.

== Description ==

AegisShield Security is an all-in-one security suite for WordPress focused on **clarity, safety, and administrator control**.

It is designed for site owners who want **real visibility and defensive tools inside WordPress** without bloat, dark patterns, forced upgrades, or aggressive marketing.

AegisShield operates entirely within your WordPress installation.  
It does **not automatically transmit site data**, inject tracking beacons, or collect analytics.

Optional actions (such as registering a free installation or activating a Pro license) require **explicit administrator consent** and are clearly labeled in the UI.

=== Core Modules ===

* **Dashboard** – At-a-glance security overview and module health indicators.
* **Activity Log** – Records important security-relevant events such as logins, role changes, settings updates, and module actions.
* **Login Guard** – Tracks login attempts, failed logins, and suspicious behavior without modifying WordPress core authentication.
* **Multi-Factor Authentication (MFA)** – Modern MFA foundation with TOTP enrollment, offline/local QR rendering, recovery flows, and extensible authentication factors.
* **File Integrity Monitoring** – Detects unexpected changes to core, plugin, and theme files.
* **Hardening** – Curated WordPress hardening options with safe, reversible controls.
* **Security Headers** – Configurable HTTP security headers including X-Frame-Options, X-Content-Type-Options, Referrer-Policy, optional HSTS, and CSP presets.
* **Malware Heuristics** – Scans for suspicious or obfuscated PHP code patterns.
* **Database Tools** – Database overview, health insights, optional optimization, and a guided DB prefix manager.

All modules are optional and configurable.  
No feature is forced or enabled without administrator action.

== Highlights ==

* Clean, modular architecture following WordPress coding standards.
* No nags, no forced upsells, no dashboard spam.
* Safe for shared hosting environments.
* Admin-first UX with clear status indicators and explanations.
* Designed to complement (not replace) hosting-level security and WAF services.

== Features ==

= Activity Log =
* Records key security-related events.
* Helps reconstruct actions leading up to incidents.
* Designed to avoid unnecessary database bloat.

= Login Guard =
* Monitors login attempts and failures.
* Surfaces suspicious IP behavior.
* Integrates with MFA when enabled.
* Does not alter WordPress core login logic.

= File Integrity =
* Tracks unexpected file changes.
* Allows manual and scheduled scans.
* Highlights changes for review without modifying files automatically.

= Hardening =
* Disable file editing.
* Control XML-RPC exposure.
* Hide WordPress version.
* Block common enumeration vectors.
* Advanced hardening options available in Pro.

= Security Headers =
* Sends modern HTTP security headers.
* Preset profiles plus manual controls.
* Headers can be enabled or disabled individually.

= Malware Heuristics =
* Detects obfuscated PHP patterns.
* Highlights potentially dangerous functions.
* Designed as an early-warning analysis tool.

= Database Tools =
* Shows table sizes, engines, and growth trends.
* Optional scheduled optimization.
* Guided DB prefix manager with preview and backup safeguards.

== Installation ==

= From within WordPress =

1. Go to **Plugins → Add New**.
2. Search for **AegisShield Security**.
3. Click **Install Now**, then **Activate**.

= Manual Installation =

1. Download the plugin ZIP.
2. Upload the `aegisshield-security` folder to `/wp-content/plugins/`.
3. Activate the plugin via the **Plugins** menu.
4. Visit **AegisShield → Dashboard** to configure modules.

== Frequently Asked Questions ==

= Does AegisShield send data to external servers? =

No. AegisShield does not automatically send site data, logs, or user information to external services.

Optional actions (such as registering a free installation or activating a license) require explicit administrator consent and are clearly explained before submission.

= Does this plugin inject tracking or analytics on public pages? =

No. AegisShield does not add tracking pixels, analytics scripts, or marketing beacons to public-facing pages.

= Is this a replacement for server-level security or a WAF? =

No. AegisShield is designed to complement hosting-level firewalls, malware scanners, and WAFs by providing insight and defensive controls inside WordPress.

= Does it modify WordPress core files? =

No. AegisShield does not modify WordPress core files.  
File Integrity and Malware modules report findings but do not make automatic changes.

= How does the DB prefix manager work? =

The DB prefix manager safely renames tables and updates the `$table_prefix` value using a guided workflow.  
It includes previews and backup safeguards. Always perform a full backup before applying changes.

== Privacy ==

This plugin:

* Does not collect or transmit personal data automatically.
* Stores logs and configuration inside your WordPress database only.
* May send administrative emails from your server to addresses you configure.

Site owners are responsible for updating their privacy policies to reflect any logging they enable.

== User Consent & External Communication ==

AegisShield does not add tracking cookies, analytics pixels, or external ads.

If optional features require external communication:

* They are disabled by default.
* They require explicit administrator consent.
* They are clearly labeled with an explanation of what data is sent and why.

== Trademarks ==

“WordPress” and “WP” are trademarks of the WordPress Foundation.  
This plugin is not affiliated with or endorsed by the WordPress Foundation or Automattic.

== Changelog ==
----------------------------------------------------
= 7.1.14 =
* Maintenance release for WordPress 6.8 / PHP 8.2 compatibility.
* Stability improvements and admin security hardening (escaping/sanitization/nonce coverage).

= 7.1.9 =
* Refined License & Upgrades page UI.
* Implemented explicit consent-based free installation registration.
* Prevented blank page submissions on license actions.
* Improved registration state handling (Register / Unregister flow).
* Removed automatic background registration behavior.
* General stability and UX improvements.

= 6.6 =
* Added database log purge tools.

= 6.5 =
* Enhanced database backup, restore, and download workflows.

= 6.4 =
* Refined malware and logging reports.

= 6.3 =
* Cleaned Malware, DB Tools, Security Headers, and Hardening modules.

= 6.2 =
* Fixed malware notifications and logging issues.

= 6.1 =
* Login Guard bug fixes.

(Older changelog entries retained for continuity.)