Lumiverse Security Watchdog Lite

FAQ

Does this plugin remove malware?

No. Lumiverse Security Watchdog Lite is a monitoring, detection, hardening and traffic protection plugin. It helps detect suspicious files, suspicious changes, malware indicators, login attacks and abusive traffic so you can respond quickly. It does not automatically delete or clean infected files.

What is the difference between the Scanner and Live Watch?

The Scanner performs deeper checks for suspicious files, malware indicators, new plugins, new admin users and other security signals. Live Watch is a lightweight file-change monitor that checks file metadata such as path, modified time and size, so it can detect new, modified or deleted files without running a full scan every few minutes.

How often does the scanner run?

The normal scanner can run every 6, 12, or 24 hours depending on your settings. Live Watch, when enabled, runs a lightweight metadata check every 30 minutes.

Will Live Watch slow down my website?

Live Watch is designed to be lightweight. It uses metadata-based checks instead of repeatedly reading every file. In the Lite version, Live Watch tracks up to 3000 files.

What is Traffic Shield?

Traffic Shield is a smart behavior-based protection layer for WordPress traffic. It watches dynamic request pressure, WooCommerce cart/wishlist actions, XML-RPC requests, dynamic 404s, suspicious query strings and internal abuse scores. It is designed to react to abusive patterns instead of treating every page load, image, CSS or JavaScript file as an attack. It does not use a geolocation or country-blocking database.

Is Traffic Shield a full DDoS protection system?

No. Traffic Shield helps with abusive WordPress-level traffic and request patterns. Large network-level attacks should still be handled by your hosting provider, server firewall or CDN-level protection.

Will Traffic Shield block normal visitors?

Traffic Shield Lite uses safe locked defaults and internal abuse scoring to reduce false positives on normal WordPress and WooCommerce websites. Static assets such as CSS, JavaScript, images, fonts, maps and media files are ignored by dynamic traffic counters, and Emergency Mode requires suspicious request pressure instead of raw traffic alone.

Does Traffic Shield protect WooCommerce websites?

Yes. Traffic Shield includes WooCommerce-aware protection for common cart and wishlist abuse patterns, including add-to-cart and add-to-wishlist request floods. It also gives more weight to repeated cart/wishlist actions and suspicious cart/wishlist behavior, while avoiding automatic blocking of normal category-page Add to Cart usage.

What is Emergency Mode?

Emergency Mode temporarily tightens Traffic Shield limits only when site-wide dynamic traffic pressure is high and suspicious request pressure is also detected. This helps protect busy stores without cutting normal traffic just because many real shoppers are online. In the Lite version, Emergency Mode runs for 30 minutes and uses 60% of the locked per-IP limits. Temporary Traffic Shield blocks expire after 90 minutes.

Is the Emergency threshold per IP or site-wide?

The Emergency threshold is site-wide, not per IP. In Lite, Emergency Mode can activate when total non-static dynamic requests across the site reach 400 requests in one minute and suspicious request pressure is also detected. Individual IP blocking uses separate per-IP limits.

What are the Lite Traffic Shield limits?

Lite uses locked safe defaults: 120 dynamic requests per IP per minute, 15 cart/wishlist requests per IP per minute, 20 404 requests per IP per minute, 90-minute temporary blocks, and a site-wide Emergency threshold of 400 dynamic requests per minute combined with suspicious request pressure. During Emergency Mode, per-IP limits are tightened to 60% of their normal values.

Can I whitelist trusted IP addresses?

Yes. Traffic Shield Lite includes a Whitelisted IPs field. Add one trusted IP per line for office, developer, monitoring or administrator addresses that should not be temporarily blocked by Traffic Shield.

Does Traffic Shield use only raw request counting?

No. Traffic Shield Lite also uses internal abuse scoring to better separate normal shoppers from abusive request patterns. Normal dynamic page views receive a very low score, while repeated cart/wishlist actions, dynamic 404s, suspicious query strings, missing referrers on cart/wishlist actions and repeated URL hits add more pressure. This means a real customer browsing products is treated differently from a bot repeatedly hitting cart, wishlist, 404 or suspicious URLs.

What is Login Guard?

Login Guard helps protect the WordPress login form from repeated failed login attempts. It can also help protect XML-RPC login attempts and block login attempts using the username “admin”.

Can I change Login Guard limits in Lite?

No. Lite uses fixed safe defaults: 3 failed attempts, a 30-minute failure window and a 90-minute lockout duration.

What does “Block username admin” do?

It blocks login attempts using the username “admin”. This helps reduce common brute-force attacks against WordPress sites that still receive automated login attempts for the default admin username.

What does “Protect XML-RPC login attempts” do?

It helps detect and limit failed login attempts made through XML-RPC, which is commonly targeted by automated attacks.

What does “Block admin password reset” do?

It prevents administrator password reset requests through the default WordPress password reset flow. This can help reduce password reset abuse against administrator accounts.

Will it send emails on every scan?

No. Email alerts are sent only when suspicious findings or important security events are detected, depending on your settings.

Why did I not receive an email alert?

Email delivery depends on your WordPress mail configuration and hosting environment. The plugin records wp_mail success or failure in logs to help you confirm whether WordPress attempted to send the message.

Can I use this with Wordfence or other security plugins?

Yes. Lumiverse Security Watchdog Lite is designed to complement other security tools. However, if another plugin also blocks XML-RPC, login attempts or abusive traffic, review your settings to avoid overlapping behavior.

Will it slow down my site?

The plugin is designed to be lightweight. Scans run in the background, Live Watch uses metadata-based checks, and Traffic Shield ignores static assets such as images, CSS, JavaScript and fonts.

Does this plugin use country blocking or geolocation?

No. Traffic Shield is behavior-based and does not rely on country blocking or geolocation databases.

Does the plugin change WordPress core files?

No. The plugin monitors and reports suspicious changes. It does not modify WordPress core files as part of normal operation.

Should I delete every file reported by the scanner?

No. Scanner findings should be reviewed carefully before deleting anything. Some findings may require manual investigation, especially on websites with custom code or complex plugins.

What should I do if malware indicators are detected?

Review the reported files, compare them with clean backups or original plugin/theme files, remove confirmed malware carefully, update all plugins/themes/core, change administrator passwords, review admin users, and consider a professional cleanup if you are unsure.

Is this plugin enough to fully secure my website?

No single plugin can guarantee full security. Lumiverse Security Watchdog Lite adds monitoring, hardening, login protection and traffic protection, but you should also keep WordPress updated, use strong passwords, maintain clean backups, secure your hosting account and use server/CDN-level protection when needed.

Is a PRO version available?

A PRO version is in development. The Lite plugin includes a contact link where you can ask to be notified when it becomes available.