A convenient and easy-to-use File Scanner for your website to detect various Changes.
A Change Report can be sent by Email for more detailed analysis.

== Features ==

* File system monitoring for Modified, Added, and Deleted Files.
– Change Criteria: File Size, Modification Date, Access Permissions, Contents.
– Multiple Email Addresses can be specified to receive Reports.
– Paths can be specified to Exclude Files from Scanning. For example, cached folders, error logs, etc.
* File Extensions can be specified to Exclude Files from Scanning. For example, images.
* Automatic Scanning by Schedule or Manual.
* Selectable Time Intervals for Automatic Scanning: Hourly, Twice a Day, or Once a Day.
* Customizing the formatting of Scan Reports via a CSS Stylesheet file.
* Fully compatible with WordPress versions 4.1 and higher
* Fully compatible with PHP versions 5.4.7 and higher

Version: 2.14 (2026.05.11) You can download it from here.

Download “Files Changes Monitor” wpgear-files-changes-monitor_2.14.zip – Downloaded 76 times – 19 KB

Or from the Official WordPress Repository

== Installation==

Normal automatic installation.

1. Upload wpgear-files-changes-monitor’ folder to the ‘/wp-content/plugins/’ directory.
2. Activate the plugin through the ‘Plugins’ menu in WordPress.
3. Configure plugin settings.
4. If you have any problems – please ask for support.

== Frequently Asked Questions ==
N/A

== Screenshots ==

1. screenshot-1.png – Settings.
2. screenshot-2.png – Example Email Scan Report.

151 total views, 2 views today

Adaptive Login Form: Adjusting compromise between Comfort and Paranoia.

Conception:

2 Conception’s:
1. “Zero Trust Mode”
Recommended for small groups of regular Users with a Static IP Address.
Not recommended for Dynamic IP Addresses or Mobile Users.

If my current IP address is not marked as Dangerous since my last successful login, then there is no need to distrust me and force me to go through Quests to solve different types of Captchas.
In this case, the standard “Password” field is sufficient for one attempt.

But if the Attempt is unsuccessful, then we mark the IP address as Dangerous, and then it is possible and necessary to trick me (or the one who is trying to be me) with a more thorough login procedure.

There may be multilevel options. It doesn’t matter (this will be gradually added to the functionality). We are now talking about the General Principle.

2. “Dynamics IP Mode”
Recommended for mobile Users with a Dynamic IP Address.
Not recommended for Static IP Addresses.

If the User’s previous login was successful, their next authentication is performed using a simplified method.
Simply enter the correct password. However, only one attempt is allowed.
If the password was entered incorrectly, an additional security element is added to the login form: the “Secret Key” field.

= Futured =

* Separate statistics are generated for each IP address and the ratio “Successful number of entries” / “Total number of entries” is determined. Depending on how close this parameter is to 100%, we can talk about the need for the Toughness of the Mistrust process.

This mechanism starts before the User enters his Login.

The more Unsuccessful Login attempts occur from a given IP Address, the more thoroughly it is checked.
Conversely, the Login procedure can be simplified as much as possible if there is no obvious reason.

* Regardless of what kind of Authentication Error occurred, be it:
– Invalid Username;
– Invalid User Password;
– Incorrectly specified additional security elements: “Secret Key” / Captcha / etc.
This will not be indicated in the error message. There will always be only one message: “Authentication Failed”.
Thus, we do not explicitly indicate to the potential Villain / Bot the reason for the denial of access. And the more such Reasons there are, the more complicated the Entry procedure becomes.

* If multiple consecutive unsuccessful login attempts occur, a Restrictive Timeout may be activated for the given User.

* Интегрирован с плагином “New Users Monitor“.

Version: 2.10.1 (2026.03.01) You can download it from here

Download “adaptive-login-action.zip” adaptive-login-action_v3.11.zip – Downloaded 789 times – 19 KB

Or from the Official WordPress Repository

== Installation ==

1. Upload ‘adaptive-login-action’ folder to the `/wp-content/plugins/` directory.
2. Activate the plugin through the ‘Plugins’ menu in WordPress.
3. If you have any problems – please ask for support.

== Frequently Asked Questions ==
* After installation, with default settings, at the first login attempt, what should be entered in the “Secret Key” field?
– Nothing! Just leave this field blank. But after logging in, go to the settings and set “Secret Key”.

== Screenshots ==

1. screenshot-1.png This is the “Login Form” with “Adaptive Login Action” – Mode: Normal.
2. screenshot-2.png This is the “Login Form” with “Adaptive Login Action” – Mode: Security.
3. screenshot-3.png This is the “Login Form” with “Adaptive Login Action” – Mode: Security. 1 Attempt left before Blocking.
4. screenshot-4.png This is the “Login Form” with “Adaptive Login Action” – Mode: Security. Access temporarily blocked.
5. screenshot-5.png This is the “Adaptive Login Action” Options page.

556 total views, 3 views today

“Hack-Info” – Free tools (Now, “Hack-Info” – it is a standalone independent complete tool.
Previously, it was like Add-On for “iThemes Security”. But time has shown that it is bad to be dependent on others.. Especially when their DB structure changes.
) to make improve the perception of information about events, which is important to quickly and in detail see and understand. Without the need for unnecessary clicks and conversions. “Hack-Info” notifies the site administrator by providing a detailed list of IP addresses, requests – attempts to scan resources and search for passwords with names.

Version: 4.25 (2026.03.19) You can download it from here

Download “hack-info.zip” hack-info_v4.25.zip – Downloaded 868 times – 19 KB

Or from the Official WordPress Repository

• An additional level of security for your site.
• Even without going to the site admin area, you will be informed about the activity of the current day.
• Any person can be a recipient of notifications. Not necessarily the Administrator.
• Adjustable interval for the formation of the Digest.
• The e-mail report received contains full and detailed information about the nature of attempts to hack your site:
  • In cases of Brite Force, user names are displayed.
    So, one glance is enough for you to understand what you’re dealing with: a routine search or a targeted attack on an already compromised name.
  • In cases of URL scanning, requests are displayed.
    Timely analysis of such requests allows you to draw conclusions about which Plugins, Themes or Scripts are vulnerable, and in time to abandon their use in their projects.
  • The information digest is compact and minimalistic, but at the same time it easily and visually gives a complete information picture. You do not have to go to your site to get more details.
    Therefore, even being outside the usual workspace, on a slow Internet, but having the ability to read mail – you will be fully informed, and therefore, if necessary, you can make the necessary and fast decisions.
    And this approach is many times more effective than messages like: “To see the list of blocked IP addresses and to know the parameters of requests – click on the button …” And then, still it will be necessary to login …

Screenshots:

578 total views, 4 views today

“Users Login Monitor” – A freeware plugin, for daily-notify site administrator, about users who logged in during the day.

Version: 5.25 (2026.05.08) You can download free it from here

Download “users-login-monitor.zip” users-login-monitor_v5.25.zip – Downloaded 723 times – 34 KB

Download from WordPress

• Ext Security.
• Even without going to the site admin area, you will be informed about the activity of the current day.
• Any person can be a recipient of notifications. Not necessarily the Administrator.
• Now in the Admin console you have a new widget with a list of users in order of decreasing Login time.
• Determine and save the IP address, device and browser details, from which the was made Login. (if your server is configured correctly)
• It is important to understand that the time to enter the site and the time of the last activity of the user are different events.
• Displays “Login Success” Statistics for each User.
• Display Role for each User.
• Determining Users Activity over the past 24 hours.
• User Activity Counter at the moment.

Скриншоты:

469 total views, 1 views today

“New Users Monitor” – A freeware plugin that will help you quickly find out that you have already been hacked. This is main task of ‘NUM’. Well, in general, ‘NUM’ will inform about the appearance of a new user in WP. If you are an administrator, then such an event is important to you.

* All new users will be highlighted in red until Admin confirm each of them in User-Profile.

* This plugin has already helped out many times when some of our sites were hacked. But we quickly found out about it. And we were able to fast stop the problem.

* With the active Option: “Deny Login if User is not confirmed”, you will sleep much more peacefully.

Version: 3.22 (2026.03.04) You can download it from here

Download “new-users-monitor.zip” users-login-monitor_v5.23.zip – Downloaded 764 times – 33 KB

Download

• Ext Security.
• You may not know that your site has already been hacked. Set the scan period for the Database. (1 hour – default)
• There are many ways to add a new user to the system, without your knowledge. (even with the inactive WP option “Anyone can register”)
• This plugin will promptly notify you that a new user has registered on your site. If a new user appears (and if it is not legitimate, then it is more likely that it will be an Administrator), you will be notified by mail.
• Now the console has a widget that displays all new users. Now in the Admin console you have a new widget with a list of new users, and those that you have not yet confirmed are highlighted in red. A new user, even with Administrator rights, can not confirm himself.
• The “Users” Table has a sortable Column “Confirm” ON/OFF. Users who are not Verified are highlighted in red.
• Option: “Allow to change Settings – only for Admin”. Default = ON
• Option: “Deny Login if User is not confirmed”. Default = ON
• Integration with “Adaptive Login Action“.

Screenshots:

548 total views, 1 views today