=== ProofShield ===
Contributors: softwaregarten
Tags: security, bot protection, login security, comment protection, form protection
Requires at least: 6.4
Tested up to: 7.0
Requires PHP: 8.0
Stable tag: 1.0.25
License: GPL-2.0-or-later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Block automated abuse on WordPress login, comments, and forms with privacy-friendly, self-hosted Proof-of-Work protection.

== Description ==

Bots do not need to break into your site to cost you time. They can hammer login pages, flood comment forms, and push junk through public forms until your inbox, moderation queue, or customer workflow becomes noisy.

ProofShield adds a practical protection layer at the places where automated abuse usually enters a WordPress site: login, comments, and forms. It uses self-hosted browser proof-of-work, hidden bot traps, replay protection, and clear admin visibility so you can reduce automated submissions without adding an external CAPTCHA service for core protection.

= Why ProofShield? =

* Protect the entry points bots actually hit: WordPress login, comments, and selected forms.
* Keep core protection local: no external API key is required for the proof-of-work challenge.
* Stay usable for real visitors: the browser creates the proof quietly in the background.
* See what happened: the statistics view shows allowed and blocked events by context.
* Tune the level: choose relaxed, balanced, or strict behavior for your site.
* Keep privacy decisions visible: optional location statistics can be disabled.

= What the free plugin protects =

* WordPress login forms.
* WordPress comment forms.
* Generic HTML forms selected by CSS selector.
* Frontend forms that can carry normal hidden fields.
* Basic security statistics and recent event context.
* Optional anonymized location statistics for blocked activity.

= How it works =

When a protected form is used, ProofShield asks the browser to create a small local proof before the request is accepted. Bots that skip JavaScript, reuse old tokens, submit too quickly, or miss the hidden ProofShield fields are blocked before the protected action is processed.

For real visitors, the status card is short and clear. For site owners, the admin area shows which protection areas are active and what ProofShield has seen recently.

= Privacy-first by default =

* Core protection works locally and does not require an external API key.
* The WordPress.org free plugin does not require account registration to run core features.
* Location statistics are optional and can be disabled.
* For location statistics, only anonymized IP ranges are stored.
* Security/statistics events are retained for up to 30 days and deleted automatically.
* WordPress personal data tools are supported for relevant ProofShield settings workflows.
* Optional world map view can be disabled and is rendered locally in wp-admin.

= Need more later? =

ProofShield is built so you can start with local core protection and upgrade only if your site needs deeper integrations. An optional separate Pro plugin, sold outside WordPress.org, adds advanced form integrations, WooCommerce login protection, dynamic form support, configured AJAX/REST endpoint protection, and Secure+ risk scoring.

The free WordPress.org plugin remains useful on its own: login, comments, generic forms, local proof-of-work, and basic statistics are included.

== External services ==

ProofShield can use external Geo-IP services for optional location statistics in the admin statistics view.

When location statistics are enabled and the plugin needs approximate country/latitude/longitude data for a blocked IP address, it sends the visitor IP address to one of these services:

* `ipapi.co` by Kloudend, used to look up approximate country and coordinates for blocked-IP statistics.
  Privacy policy: https://ipapi.co/privacy/
  Terms: https://ipapi.co/terms/
* `ipwho.is` (service provided by ipwhois.io), used as a fallback to look up approximate country and coordinates for blocked-IP statistics.
  Privacy policy: https://ipwhois.io/privacy
  Terms: https://ipwhois.io/terms

No separate account is required to use this optional feature.

Core ProofShield protection (login, comments, and form protection) works locally and does not require these external services.

== Third-party assets ==

ProofShield bundles a local world map dataset for the optional statistics map in wp-admin.

* `world-atlas` by Mike Bostock, used as a bundled TopoJSON redistribution for the local world map rendering.
  Package: https://www.npmjs.com/package/world-atlas
  License: ISC
  Bundled files used by ProofShield: `assets/data/countries-110m.json`, `assets/data/land-110m.json`
* The bundled map geometry in `assets/data/countries-110m.json` and `assets/data/land-110m.json` is based on Natural Earth public domain map data.
  Source: https://www.naturalearthdata.com/
  Terms of use: https://www.naturalearthdata.com/about/terms-of-use/
* `world-countries-centroids` by Gavin Rehkemper, used as a bundled centroid dataset so country markers can be placed near the center of each country on the local map.
  Source: https://github.com/gavinr/world-countries-centroids
  License: MIT
  Bundled file used by ProofShield: `assets/data/country-centroids.csv`

The bundled world map is rendered locally in the browser and does not contact any external map service.

== Installation ==

1. Upload the plugin to `/wp-content/plugins/proofshield/` or install it via the WordPress plugin installer.
2. Activate the plugin through the "Plugins" menu in WordPress.
3. Open `ProofShield` in the admin menu and configure the protected areas.
4. Enable the protection areas you want (login, comments, forms) and save.

== Screenshots ==

1. ProofShield settings overview: activate login, comments, and generic form protection in minutes.
2. Frontend status card: visitors see a short proof status while the browser creates a local security proof.
3. Security statistics dashboard: allowed and blocked events, solve time, top context, and recent activity.
4. No-JavaScript fallback: protected forms fail closed when a browser cannot create a valid proof.

== Frequently Asked Questions ==

= Who is ProofShield for? =

ProofShield is for WordPress site owners who want fewer bot logins, junk comments, and automated form submissions without depending on a third-party CAPTCHA service for core protection.

= Is setup complicated? =

No. Enable the areas you want to protect, choose a difficulty mode, and save. Login and comments work out of the box. Generic forms can be protected with CSS selectors.

= Does ProofShield slow down my site? =

ProofShield is designed for high-risk actions such as login and form submissions, not for every page view. The browser creates a small proof only where protection is enabled.

= Can legitimate users get blocked? =

Protection is designed to be quiet for normal visitors. If needed, you can lower the difficulty, use trusted IP rules, or disable protection for a specific area.

= Does ProofShield require an external API key? =

No for core protection. Core login/comment/form protection works locally. Optional location statistics can use the external Geo-IP services listed above, but no separate API key or account is required.

= Can I use ProofShield without account registration? =

Yes. Free core features are usable without account registration.

= Is user data sent to third parties? =

Core protection runs locally. Optional location statistics can use the external Geo-IP services described above when that feature is enabled.

= Is ProofShield compatible with caching and common plugins? =

For most standard setups, yes. Since ProofShield protects the submission itself, it can work alongside normal page caching. If your site has custom forms, add their CSS selectors in the generic form settings.

= Where can I see what was blocked? =

Open `ProofShield -> Stats` in wp-admin to view blocked/allowed trends, reasons, and contexts.

= Why not just use a CAPTCHA? =

CAPTCHAs can add friction for real visitors and often depend on third-party services. ProofShield focuses on a local browser proof for core protection, so most visitors only see a short status card instead of solving a visual puzzle.

= Is there a Pro version? =

Yes. An optional separate Pro plugin is available outside WordPress.org for deeper integrations and advanced controls. The WordPress.org plugin does not require Pro to protect login, comments, and generic forms.

== Upgrade Notice ==

= 1.0.25 =

Recommended update for mobile form submission compatibility.

== Changelog ==

= 1.0.25 =

* Improved mobile form submission reliability on iOS and Android by completing ProofShield proof synchronization before replaying the protected submit.
* Added more specific form verification failure reasons to AJAX responses and security instrumentation.
* Refreshed all release packages for version 1.0.25.

= 1.0.24 =

* Added the official WordPress Plugin Check to the WP.org submission test flow and verified the generated package in new-plugin mode.
* Hardened the WP.org artifact build so upgrade, paid-code, and direct request-superglobal markers fail before submission.
* Refreshed the WP.org release packages for version 1.0.24.

= 1.0.23 =

* Replaced unsafe request input reads with sanitized request helpers, removed the license-gate implementation from the WP.org code path, and refreshed all release packages for version 1.0.23.
* Updated tested compatibility for WordPress 7.0 and made the optional Pro path easier to discover from the settings page.

= 1.0.22 =

* Tightened the admin settings query fallback used for CLI/PHPUnit so the WP.org checker no longer flags direct request handling, and refreshed the WP.org package for version 1.0.22.

= 1.0.21 =

* Added compatibility fixes for CLI/PHPUnit request handling, restored the legacy settings email accessor for tests, and refreshed the WP.org package for version 1.0.21.

= 1.0.20 =

* Cleaned the WP.org package further by removing remaining account-connection and premium-oriented wording from the free artifact and tightening the release preflight checks.

= 1.0.19 =

* Improved the statistics view for unresolved locations by reducing blocking geo lookups, retrying unknown ranges faster, and grouping `Unknown` entries into a single summary row at the end of the table.

= 1.0.18 =

* Improved stats performance by preparing geo lookups in a background queue, keeping successful geo matches in a longer-lived local cache, and showing anonymized IP ranges with visible `x` masking in the admin table.

= 1.0.17 =

* Moved world-map markers to local country centroids, hid unknown/private markers on the map, and refreshed the WP.org release package for version 1.0.17.

= 1.0.16 =

* Calibrated the local world map overlay and refreshed the WP.org release package for version 1.0.16.

= 1.0.10 =

* Improved WordPress.org metadata compatibility.
* Improved generic form frontend styling stability.
* Strengthened free-build boot safety for premium-only registration paths.

= 1.0.9 =

* Maintenance release with quality and stability improvements.

= 1.0.8 =

* Improved WooCommerce login UI behavior.
* Improved honeypot validation reliability in bot simulation flows.

= 1.0.7 =

* Improved protected-form refresh behavior.
* Hardened honeypot logic to reduce false positives.
* Improved Elementor error messaging for temporary rate limits.
* Improved operational logging clarity.

= 1.0.6 =

* Improved localization and encoding robustness.
* Stabilized no-JS event tracking in statistics.
* Improved no-JS context visibility in security reporting.

= 1.0.5 =

* Improved no-JS handling for protected form flows.
* Improved warning consistency and placement in supported form integrations.
* Improved frontend status card branding behavior.

= 1.0.4 =

* Expanded active UI language support.
* Improved admin language switching behavior.
* Improved Secure+ toggle synchronization behavior.
* Improved localized statistics wording and weekly report coverage.

= 1.0.3 =

* Improved statistics readability and context labels.
* Added contact-form summary counters in context reports.
* Reduced internal code noise in admin-facing views.

= 1.0.0 =

* Initial public release with Free/Pro-ready architecture.
