=== Activity Guard - Security Scanner, Activity Log with IP blocking ===
Contributors: wpazleen, sambyte
Tags: slack notifications, telegram, vulnerability scanner, ip blocking, woocommerce analytics
Requires at least: 5.9
Tested up to: 7.0
Requires PHP: 5.6
Stable tag: 3.11.3
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

WordPress activity log with IP blocking, plugin vulnerability scanner, WooCommerce abandoned cart analytics, and free Slack and Telegram alerts.

== Description ==

Activity Guard is a free WordPress plugin that covers four things most plugins charge separately for: a complete activity log, an IP-based security firewall, a plugin vulnerability scanner, and WooCommerce abandoned cart analytics. Alerts go out in real time to Slack, Telegram, or email.

Most activity log plugins stop at logging. Most security plugins don't touch WooCommerce. Activity Guard does all of it in one dashboard, so you're not juggling four separate plugins or paying for features that should come standard.

[youtube https://youtu.be/KXT0QcnFLOg]

[Activity Guard Website](https://wpazleen.com/notifier-to-slack/) | [Documentation](https://wpazleen.com/docs/) | [Pro Support](https://wpazleen.com/support/)

== What Makes Activity Guard Different ==

Other free activity log plugins make you upgrade for Slack alerts, security scanning, or WooCommerce tracking. Activity Guard ships all of it for free, including Telegram notifications, IP firewall with emergency session shutdown, plugin CVE scanning, and WooCommerce incomplete-order analytics.

No other free plugin on WordPress.org combines these four in one place:

- Complete activity log with charts and visual summaries
- IP firewall with manual blocking, CIDR ranges, and conditional rules
- Plugin vulnerability scanner cross-referencing NVD, WPVulnerability.net, and the WPAzleen private API
- WooCommerce analytics including abandoned cart recovery rate tracking

== WordPress Activity Log ==

Activity Guard records every meaningful change on your site, including the IP address, username, timestamp, and the exact change made. The log covers:

- User logins, logouts, and failed login attempts
- User registrations, role changes, and profile edits
- Pages, posts, and custom post types: create, edit, delete, status changes
- Plugin and theme activations, deactivations, updates, and deletions
- WordPress core settings and configuration changes
- Menu, widget, and sidebar modifications
- Email delivery tracking (email log)
- Form submissions from Contact Form 7, SimpleForm, and others
- Admin settings changes and debug log events
- Cron job scheduling and background process tracking
- Script modification and file change detection
- Visitor traffic monitoring with an on/off toggle

Visual charts summarize your audit log at a glance. No need to scroll through raw log tables to understand what's happening on your site.

== Security Firewall and IP Blocking ==

Activity Guard actively blocks threats rather than just recording them after the fact.

- IP blocking by manual entry, CIDR range, or conditional rule
- Emergency shutdown: force-logout every active session on your site with one click
- Cloudflare Turnstile login protection against bots and brute force attacks
- Login rate limiting to stop credential-stuffing
- Bot detection and automatic IP blocking
- Restrict or fully disable XML-RPC access
- Core file integrity scanner to detect unauthorized file changes
- File integrity monitoring across plugins and themes
- Block TOR network access
- Block vulnerability scanner user agents
- HTTP security headers: custom, logged, and enforced
- WordPress version hiding
- 404 error tracking and suspicious HTTP request alerts
- Admin dashboard visitor tracking
- Cron job failure and site downtime monitoring

The Emergency Shutdown feature is specific to Activity Guard: one click and every logged-in session on your site ends immediately. Useful when you detect a breach in progress and need everyone out now.

== Plugin Vulnerability Scanner ==

Activity Guard scans every installed plugin and theme against multiple vulnerability databases before problems develop:

- Detect plugins with known CVEs across NVD, WPVulnerability.net, and the WPAzleen private API
- Flag outdated plugins not compatible with your WordPress version
- Identify abandoned plugins (not updated in over a year)
- Warn about plugins with low install counts or poor ratings

No other free activity log plugin on WordPress.org includes a built-in multi-database vulnerability scanner.

== WooCommerce Activity Log and Analytics ==

Activity Guard logs every WooCommerce event and adds analytics built specifically for store owners.

Order tracking covers status changes, payments, refunds, and cancellations. You also get stock level changes and low-stock events, coupon creation and usage, product pricing edits, billing and shipping address updates, customer registration changes, and real-time shipping status updates.

The abandoned cart and incomplete-order analytics go further than basic logging. The dashboard shows checkout drop-off rates, recovery potential, recovery rate, and how customers interact with their carts before leaving. This helps you understand where revenue is being lost, not just that it was lost.

WooCommerce abandoned cart analytics with recovery rate tracking is included free. No competing free activity log plugin on WordPress.org provides this.

== Slack and Telegram Notifications ==

Activity Guard sends alerts the moment a critical event occurs, across four channels:

- Slack: route alerts to any channel, tag specific users or groups with @mentions
- Telegram: real-time activity and security alerts direct to your Telegram chat
- Email: configurable per event type
- Admin dashboard: in-panel notification view

Events that trigger alerts include core file changes, plugin and theme updates (with the username that triggered the update), WooCommerce orders, payments, coupon usage, incomplete order follow-ups, product edits, stock changes, login and registration events, page and post changes, form submissions, and admin settings changes. A daily digest and weekly plugin download summary are also available.

You can schedule notifications for specific times and control exactly which events send alerts.

== Admin and Developer Tools ==

- Maintenance mode toggle from the dashboard
- Menu and widget change tracking
- Plugin and theme activation and deactivation logs
- Script modification detection
- HTTP security header change logging
- Debug log and fatal error detection
- Email log: full delivery history for all outgoing WordPress emails
- Contact Form 7 and SimpleForm integration alerts

== Who Uses Activity Guard ==

WooCommerce store owners use it to track every order, coupon, product change, and shipping event, and to recover revenue with abandoned cart analytics. Site administrators use it to know exactly who changed what, instantly log out suspicious users, and maintain a clean audit trail. Agencies and developers use it to monitor plugin updates, configuration changes, fatal errors, and debug logs across client sites. Security-focused admins use it to block IPs, scan for CVEs, monitor file integrity, and trigger emergency shutdowns. Multi-author sites use it to hold contributors accountable with full user activity logging and role-change tracking.

Join us: [Facebook](https://www.facebook.com/wpazleens) | [YouTube](https://www.youtube.com/channel/UCqR5SPvn6N2ZBq7AyYKfEnA) | [X / Twitter](https://x.com/wpazleen)

== External Services ==

= Slack Webhook Integration =

Activity Guard sends notifications to your Slack workspace using a Slack incoming webhook URL that you provide. To set one up:

1. Create a Slack app or use an existing one
2. Enable Incoming Webhooks in the app settings
3. Add a webhook to your workspace
4. Paste the webhook URL into Activity Guard settings

= Cloudflare Turnstile =

Activity Guard uses [Cloudflare Turnstile](https://www.cloudflare.com/application-services/products/turnstile/) for login bot protection. See Cloudflare's [privacy policy](https://www.cloudflare.com/application-services/products/turnstile/) for details.

= Plugin Vulnerability Scanner - Data Sources =

- WordPress.org Plugin API: retrieves plugin metadata including latest version, last updated date, rating, and active install count. [Privacy Policy](https://wordpress.org/about/privacy/)
- WPAzleen API: private endpoint for known vulnerabilities by plugin and version. No sensitive data is transmitted. [Privacy Policy](https://wpazleen.com/privacy-policy/)
- WPVulnerability.net: public API for CVE-based vulnerability data. [Privacy Policy](https://www.wpvulnerability.com/privacy/)
- National Vulnerability Database (NVD): official CVE data from NIST. [Privacy Policy](https://www.nist.gov/oism/site-privacy)

All scans run locally using public metadata and vulnerability feeds. Activity Guard does not collect, store, or transmit any personal information during scans.

= Freemius =

Activity Guard uses the [Freemius](https://freemius.com/) SDK for optional telemetry. No data is collected by default. Data collection only starts after you explicitly confirm in the admin notice. See the [Freemius FAQ](https://freemius.com/privacy/) for details.

= WPAzleen Settings API =
Loads display settings for the Pro upgrade modal in the plugin admin area.

[WPAzleen Privacy Policy](https://wpazleen.com/privacy-policy/)


== Source Code ==

The source files for all compiled/minified JavaScript and CSS in this plugin are publicly available at:

https://github.com/wpazleen/activity-guard

Build instructions:

1. Clone the repository or direct visit the src directory.
2. Run `npm install` in the root to install dependencies.
3. Run `npm run build` to compile the JavaScript and CSS assets.
4. The compiled files are output to `build/`.

== Installation ==

1. Upload the plugin folder to `/wp-content/plugins/`, or install directly from the WordPress admin under Plugins > Add New by searching for "Activity Guard By WPAzleen".
2. Activate the plugin from the Plugins screen.
3. Go to Activity Guard in the WordPress dashboard.
4. Configure security settings under Configuration, enable the notification channels you want, and choose which events to track.

== Frequently Asked Questions ==

= How is Activity Guard different from other WordPress activity log plugins? =

Most activity log plugins, like WP Activity Log, Simple History, or Stream, focus on logging only. Slack notifications, security features, and WooCommerce tracking are usually paid upgrades. Activity Guard ships all four in one free plugin: a complete activity log, an IP firewall, deep WooCommerce analytics with abandoned cart tracking, and multi-channel alerts via Slack, Telegram, and email.

= Does Activity Guard send Slack or Telegram notifications for free? =

Yes. Both Slack webhook integration and Telegram bot notifications are included in the free version. There is no paid plan required to use either. Go to Activity Guard > Integrations, add your Slack webhook URL or Telegram bot token and chat ID, and choose which events to alert on.

= How does the plugin vulnerability scanner work? =

Activity Guard scans every installed plugin and theme against three databases: NVD (National Vulnerability Database), WPVulnerability.net, and the WPAzleen private API. It flags plugins with known CVEs, outdated versions, plugins abandoned for over a year, low install counts, and poor ratings. Scans run locally and no personal data leaves your site.

= Can I block suspicious IP addresses? =

Yes. Activity Guard includes a manual IP blocker, a CIDR range blocker, and a conditional rule-based blocker. You can also trigger Emergency Shutdown to immediately force-logout every active session on your site if you detect an active breach.

= Does Activity Guard include WooCommerce abandoned cart tracking? =

Yes. Activity Guard tracks incomplete WooCommerce checkouts and provides analytics showing checkout drop-off rates, recovery potential, and cart recovery rate. This is included free. No other free activity log plugin on WordPress.org provides abandoned cart analytics with recovery metrics.

= How do I set up Slack notifications? =

Go to Activity Guard > Integrations in your dashboard, enter your Slack webhook URL, and choose which events to send. You can also tag specific Slack users or groups in alert messages using @mentions.

= Is there a Telegram integration? =

Yes, added in version 3.10.4. Go to Activity Guard > Integrations, enter your Telegram bot token and chat ID, and you will receive real-time alerts in your Telegram chat.

= What is Emergency Shutdown? =

Emergency Shutdown is a one-click feature that force-logs out every active user session on your WordPress site at once. It is useful when you detect a breach or suspicious session activity and need to immediately cut off all access.

= Does Activity Guard slow down my site? =

No. Frontend and backend scripts load independently and are built to avoid adding overhead to page load times.

= Does Activity Guard work on WordPress multisite? =

Activity Guard is compatible with standard WordPress installations. For network-wide logging across multisite subsites from a single dashboard, refer to the documentation at wpazleen.com/docs/.

= Where can I get support? =

Free support is available at [wordpress.org/support/plugin/notifier-to-slack](https://wordpress.org/support/plugin/notifier-to-slack/). Priority direct support is at [wpazleen.com/support](https://wpazleen.com/support/).

= Is there a Pro version? =

Visit [wpazleen.com](https://wpazleen.com/notifier-to-slack/) for information on premium features and support options.

== Screenshots ==

1. Security Dashboard: real-time overview of blocked IPs, threat activity, and security events.
2. Activity Log: full audit trail with user actions, IP addresses, timestamps, and change details. Filterable by user, event type, and date.
3. User Activity Page: per-user history showing every action taken by a specific WordPress user or admin.
4. Integration Settings: configure Slack webhook URL, Telegram bot token, and email notification channels.
5. Advanced Security Settings: IP blocking rules, Emergency Shutdown, Cloudflare Turnstile, XML-RPC controls, and file integrity settings.
6. WooCommerce Settings Panel: order tracking, abandoned cart analytics, coupon alerts, and notification preferences.
7. Slack Webhook Setup: step-by-step Slack integration with user and group @mention support.
8. Slack Notification Example: real-time Slack alert showing event type, username, IP address, and change details.
9. Plugin Vulnerability Scanner: scan results showing vulnerable, outdated, and abandoned plugins with severity ratings.

== Changelog ==

= 3.11.3 - 06 June 2026 =
* Improvement: Added compatibility support for WordPress 7.0.

= 3.11.2 - 01 May 2026 =
* Improvement: Performance optimizations and maintenance updates.

= 3.11.1 - 13 March 2026 =
* Maintenance release.

= 3.11.0 - 07 December 2025 =
* New: Single or bulk activity log deletion in one click.
* Fix: Resolved frontend activity tracking AJAX error.
* Fix: Maintenance form submission error.
* Fix: Analytics toggle no longer leaves widget on dashboard after disabling.

= 3.10.6 - 17 December 2025 =
* Improvement: SDK updated.
* Improvement: Today Sign Out UX improved.
* Improvement: Emergency Shutdown panel enhanced.

= 3.10.5 - 12 November 2025 =
* Fix: Resolved multiple issues affecting the Visitor Traffic table for smoother data display and improved stability.

= 3.10.4 - 09 November 2025 =
* New: Telegram integration - receive real-time activity and security alerts directly in your Telegram chat.
* New: Enhanced Visitor Traffic overview with a disable toggle so tracking can be turned off without impacting performance.
* Improvement: Optimized backend script loading for a faster admin experience.
* Improvement: Optimized frontend script loading for improved page speed.

For older entries, see the [changelog.txt file](https://plugins.svn.wordpress.org/notifier-to-slack/trunk/changelog.txt) in the plugin repository.