=== Lumiverse Security Watchdog Lite ===
Contributors: bestseogr
Tags: security, malware, scanner, monitoring, wordpress security, hardening
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Requires at least: 6.0
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 3.0.4

Lightweight WordPress security scanner and hardening tool. Detects malware, suspicious plugins, admin changes, and protects your site with built-in security options.

== Description ==

= Lumiverse Security Watchdog Lite =

Lumiverse Security Watchdog Lite is a lightweight yet powerful WordPress security plugin designed to detect early signs of compromise and reduce common attack surfaces.
It runs automated background scans and alerts you when something suspicious is detected.

---

= What it monitors =

✔ **Malware signatures (JS & PHP)**
Scans files for known malware patterns including injectors, obfuscated scripts, and common webshell families.

✔ **Changed JavaScript files**
Detects modified `.js` files and analyzes them for suspicious behavior.

✔ **Plugins (new, deleted, suspicious)**
- Detects newly installed or removed plugins  
- Flags suspicious plugin names (e.g. random/hash-based folders)  
- Detects known fake plugin families (WP Default, Cache Engine, Slick Popup, etc.)

✔ **Core integrity checks**
- Flags important WordPress core files modified recently  
- Scans recent core PHP files for suspicious patterns  

✔ **Uploads directory scanning**
- Detects PHP files inside uploads (common malware location)  
- Detects executable files (php, phtml, phar, etc.)

✔ **Admin user monitoring**
- Detects new admin accounts  
- Flags suspicious admin usernames or invalid emails  

✔ **Database backdoor indicators**
- Detects suspicious `_pre_user_id` entries used by hidden admin exploits  

---

= Security Hardening Features =

Reduce attack surface with one-click protections:

✔ Block XML-RPC  
✔ Disable application passwords  
✔ Disable file editing (wp-admin editor)  
✔ Disable plugin/theme installation & updates (optional)  
✔ Disable plugin/theme deletion  
✔ Hide login error messages  
✔ Limit login attempts (basic brute-force protection)  
✔ Block pingbacks  
✔ Block user enumeration  
✔ Block comments sitewide  
✔ Block password reset for administrators  

---

= Alerts & Monitoring =

✔ Email notifications when threats are detected  
✔ Alerts if “Anyone can register” is enabled  
✔ Optional auto-fix to disable user registration  
✔ Admin hygiene warnings (e.g. weak usernames)

---

= Performance Focused =

✔ Fast Mode: scan only recently modified files  
✔ Lightweight: no heavy server load  
✔ Designed to work alongside plugins like Wordfence  

---

= Important =

This plugin does **NOT automatically clean malware**.

It is a **detection and monitoring tool** that helps you:
- detect compromises early  
- understand what changed  
- take action before damage spreads  

---

== Installation ==

1. Go to your WordPress Dashboard → Plugins → Add New  
2. Search for: Lumiverse Security Watchdog Lite  
3. Install and Activate  
4. Go to “Security Watchdog” in the admin menu  
5. Enable scanning and configure your settings  

Or manually:

1. Upload the plugin folder to `/wp-content/plugins/`  
2. Activate the plugin  
3. Go to “Security Watchdog” and configure  

---

== Frequently Asked Questions ==

= Does this plugin remove malware? =
No. It detects suspicious activity and helps you respond quickly.

= How often does the scan run? =
Every 24 hours via WP-Cron (can be changed in settings).

= Will it send emails on every scan? =
No. Only when suspicious findings are detected.

= Can I use this with Wordfence or other security plugins? =
Yes. It is designed to complement other tools.

= Will it slow down my site? =
No. It is lightweight and optimized. Fast mode is available for large sites.

= What does “Block admin password reset” do? =
It prevents attackers from resetting administrator passwords through the default WordPress flow.

---

== Screenshots ==

1. Dashboard with health status and overview  
2. Scanning settings  
3. Hardening options  
4. Alerts and logs  

---

== Changelog ==

= 3.0.4 =
- IMPROVED: Signatures Engine

= 3.0.3 =
- IMPROVED: Signatures Engine
- FIX: The plugin was reported as malware (false possitive)


= 3.0.1 =
- FIX: False Positives


= 3.0.0 =
Major update:
- Added PHP malware scanning (plugins, themes, uploads)
- Added suspicious plugin detection (including random names)
- Added uploads executable detection
- Added core integrity checks
- Added admin hygiene and security alerts
- Added advanced hardening options
- Improved scanning performance (Fast Mode)
- Improved UI with new dashboard layout

= 1.1.4 =
New patterns  
Improved engine  

= 1.1.2 =
Initial WordPress.org release