Free WordPress Security Plugin · Janric Limited · Southport
Most WordPress site owners have no idea their site is under attack — until it's too late. This free plugin silently watches in the background and logs every suspicious attempt, so you're never caught off guard.
Download Free Plugin Free Security Check ↓Why This Exists
It's not paranoia — it's just the internet. Automated bots scan millions of WordPress sites every single day, hunting for weak passwords, outdated plugins, exposed files and known vulnerabilities.
Most of the time this activity is completely invisible to you. You log into your dashboard, everything looks fine, and meanwhile someone has tried your admin password 400 times overnight.
The Janric Simple Attack Monitor changes that. It's a lightweight, no-fuss plugin that watches for these attack patterns and keeps a clear, readable log — right inside your WordPress dashboard. No subscriptions, no monthly fees, no upsells. Just data.
"The first step to securing your site is knowing what you're up against. You can't fix what you can't see."
— Keith, Janric LimitedWhat It Watches For
You don't need to configure anything. The moment you activate it, the plugin starts watching for the most common attacks targeting WordPress sites.
Repeated password guessing attempts on your login page — one of the most common WordPress attacks.
Hackers using WordPress's remote publishing feature to fire thousands of login attempts in seconds.
Bots quietly harvesting your username list via the author pages and REST API — the first step before a targeted attack.
Unauthenticated visitors repeatedly hitting your wp-admin, looking for a way in.
Automated scans hunting for exposed files like .env, wp-config.php, phpMyAdmin and debug logs.
Malicious database commands smuggled into your URLs and forms, trying to read or destroy your data.
Cross-site scripting attacks trying to inject malicious code into your website pages.
Rapid-fire spam comment submissions, often used to overload your server or sneak in malicious links.
Automated tools harvesting your user data through the WordPress REST API endpoint.
What You Get
No digging through server logs. No decoding cryptic files. Everything is presented clearly inside WordPress, where you already work.
Every time you log into WordPress, a summary widget shows you this week's attack categories and counts — a simple bar chart that tells you instantly whether things are quiet or something unusual is happening.
Drill into the full event log filtered by time period. Switch between views with one click to spot trends — is traffic spiking on a particular day? Has a new attack type appeared this week?
See exactly which IP addresses are responsible for the most attempts against your site. Useful for reporting to your hosting provider or feeding into a blocking tool.
Running automated monitoring, a cron job, or working from the same office every day? Add those IP addresses (or whole ranges) to the safe list and they'll never appear in your log. Supports CIDR notation for networks.
This plugin deliberately does not block anything. Detection and blocking are separate concerns — and mixing them in one plugin is how you end up accidentally locking yourself out of your own site. Use the data here to make informed decisions about what to block, and how.
Before you can fix anything, you need to know what you're dealing with. Run a free instant security check on your site right now — no signup, no email address, no catch. It takes about 30 seconds and gives you a clear picture of where your site stands today.
Run Your Free WordPress Security Check →Go Deeper
The free check gives you a snapshot. The full audit goes much further — and comes with the expertise to actually fix what's found.
If the free check flags issues — or if you just want total confidence that your site is properly locked down — Keith offers a thorough 25-point WordPress security audit carried out personally, not by an automated tool.
The audit covers every layer of your WordPress installation: server configuration, file permissions, login security, plugin vulnerabilities, database exposure, SSL setup, spam protection and more. You receive a plain-English report explaining every finding, why it matters, and exactly how to fix it.
No jargon. No scaremongering. No padding to justify the fee. Just a clear, actionable picture of your site's security — from someone who has been doing this for over 20 years.
Who Built This
This isn't a plugin churned out to fill a marketplace gap. It came from genuine frustration with bloated security suites that slow your site down and bury the important stuff under upsell prompts.
I've been building websites since 2003. Before focusing on small businesses, I spent years building secure systems for NHS Trusts and blue-chip companies — environments where a security failure isn't just embarrassing, it's genuinely dangerous. That background shapes how I think about security for every site I touch.
I built this plugin because I kept seeing small business owners blindsided by attacks they never knew were happening. The plugin gives you the visibility. The free check gives you a starting point. And if you need someone to sit down and properly sort it out — that's what the full audit is for.
Based in Southport, serving small businesses across Merseyside and the UK. Read more about me →
Related searches: WordPress security plugin UK · free WordPress malware check · WordPress brute force protection · WordPress security audit Southport · small business WordPress security · WordPress hack prevention · secure WordPress site · WordPress login protection · detect WordPress attacks