=== Atmosvere (Formerly Trusted Accounts) for WordPress ===
Contributors: trustedaccounts
Tags: bot, spam, security, captcha, protection
Requires at least: 5.0
Tested up to: 6.9
Requires PHP: 7.2
Stable tag: 5.0.3
License: GPLv2

Protect your pages from bots, scrapers and spam — fully in the background and invisible to visitors. We stop bad visitors before they reach your site. Strong protection from deep request data and real-time behaviour checks; works for guests and logged-in communities.

== Description ==

**Stop bots and scrapers without affecting real visitors.**

Atmosvere protects your WordPress pages in the background. Each request is checked (allow / challenge / block, typically under 50 ms) — we stop bots before they even reach your site, so you get effective bot, scraper & spam protection without CAPTCHAs. On the page, our SDK sends behaviour data for additional real-time security. Works for anonymous traffic and for logged-in users.

**Try the Admin Panel without installing:** [Admin Panel Demo](https://admin.atmosvere.eu/home?demo=true)

**Use the code EARLY-WORDPRESS-BIRD at checkout** — Get **3 months free** on the Starter suite. Limited to the first 50 early birds. [Get started at Atmosvere →](https://admin.atmosvere.eu/register)

= What Makes Atmosvere Special? =

* **Invisible to Real Users** - Protection runs in the background; no annoying CAPTCHAs or steps for legitimate users
* **Request + Behaviour** - Request check before the page loads (under 50 ms); real-time behaviour data on the page
* **Bot, Scraper & Spam Protection** - Block or challenge bots, scrapers and abusive traffic before they reach your site
* **Account Protection** - Detect fake accounts and suspicious user behaviour to support safer communities and logins
* **Marketing Protection** - Reduce fake clicks, invalid leads and low-quality traffic so growth decisions are based on real users
* **Admin Panel** - Deep insights into bots and scrapers on your site; Advanced Crawler Management
* **Works for Everyone** - Guests and logged-in users; for communities, distinguish real vs. fake users
* **Easy Integration** - Works with any WordPress theme; simple setup with API keys

= Product Coverage =

Atmosvere for WordPress supports use cases across all three Atmosvere product areas:

* **Bot Shield** - Block bots, scrapers and automated abuse on pages and endpoints
* **Account Shield** - Strengthen user trust with fake-account detection and user risk signals
* **Marketing Shield** - Improve traffic quality by filtering suspicious clicks, visits and lead activity

== Screenshots ==

1. Plugin Dashboard Screenshot
2. Basic Configuration
3. User Validation Settings
4. Admin Panel Dashboard
5. Challenge page — where a visitor is redirected when we think they might be a bot, to prove they're real
6. Challenge page — text challenge open for verification

= Perfect For =

* **Content & Media Sites** - Stop scrapers from stealing your content; block comment and form spam before it reaches your site
* **Community Forums** - Protect pages from bots and spam; tell real users from fake in your community
* **E-commerce Sites** - Block scrapers and bot traffic; reduce fake reviews, abusive accounts and form spam
* **Membership Sites** - Keep premium content for real users; block bots and scrapers in the background
* **Any WordPress Site** - Bot, scraper and spam protection that runs before the page loads, with no CAPTCHAs for real users

= Key Features =

* **Bot, Scraper & Spam Protection** - Request check before the page loads (allow/challenge/block, typically under 50 ms); stop bots and abuse before they reach your site
* **Admin Panel** - Deep insights into bots and scrapers; [Try the demo](https://admin.atmosvere.eu/home?demo=true) without installing
* **Deep Request Checks** - Every request is analyzed before it reaches your Site
* **Advanced Behavioural Checks** - Real-time behavioural analysis on the frontend
* **Easy Setup** - API keys in the plugin; works with any theme
* **User Validation** - Automatic session binding and user validation for logged-in users
* **Developer Friendly** - Clean, documented code with hooks and filters
* **Configurable Flag Behavior** - Customize how different security flags are handled (e.g. block, restrict, watch)

= Privacy & Data =

Atmosvere is built for **full data privacy** and **GDPR compliance**. We use minimal data and **zero PII for real users**: deep request checks and advanced behavioural checks run without collecting personally identifiable information from legitimate visitors. Your real users stay anonymous; only the signals needed to detect bots, scrapers and abuse are used. Data is processed in line with GDPR and privacy-by-design principles.

= Quick Start =

1. **Install & Activate** - Upload and activate the plugin
2. **Configure Settings** - Set up your verification preferences in the admin panel
3. **Configure Flag Behavior** - Set up how different security flags should be handled
4. **Analyze Users** - Use the Atmosvere Admin Panel to monitor user verification and trust status
5. **Moderate Community** - Manage and moderate users directly from the admin dashboard
6. **Monitor Results** - Watch fake accounts disappear from your WordPress site

= Shortcodes =

* `[trustedaccounts_button]` - Optionally display the verification button anywhere on your site

= Real Results =

**"Atmosvere revealed that much of our traffic was not even real. At first this might be a bummer. But then we learned how we can acquire more real users and build growth strategies based on real data to create a flourishing, engaged community and lasting growth."** - Community Manager

**"Setup took 5 minutes and we immediately identified real users vs bots. With real users and authentic data, our conversion rates improved dramatically."** - SaaS Startup Founder

== Installation ==

1. Upload the plugin files to `/wp-content/plugins/trusted-accounts/`
2. Activate the plugin through the 'Plugins' menu in WordPress
3. Configure your verification settings in the admin panel
4. Start protecting your WordPress site from fraud and abuse

== Frequently Asked Questions ==

= How does Atmosvere protect my site? =

Before a visitor sees your page, we check the request and decide: allow them through, send them to a challenge page, or block them. We also look at how they behave on your site. If we think someone might be a bot, we show them a challenge page where they can prove they are a real person. Real visitors usually never see this; it runs in the background.

= Will this slow down my site? =

No. The check happens very quickly (usually in under 50 milliseconds) and in the background. Your visitors will not notice any delay.

= Is this compatible with my theme? =

Yes. Atmosvere works with any WordPress theme. You only need to add your API keys in the plugin settings.

= What if a real user is challenged? =

Real users are rarely challenged. If it does happen, they will see a short challenge page where they can prove they are human. After that, they can use your site as normal.

= Do you collect personal data? =

No. We do not collect or store personally identifiable information (PII) from your real visitors. We only use what we need to spot bots and bad traffic. We follow GDPR and privacy-by-design so your users stay anonymous.

== Changelog ==

= 5.0.3 =
* Rebranded plugin UI and documentation to Atmosvere.
* Updated admin panel links to `admin.atmosvere.eu`.
* Improved WordPress.com readme list formatting and expanded product coverage messaging.
* Updated request-check behavior: async check-request is sent only when Bot Detection is enabled; Bot Protection remains synchronous and enforced.

= 5.0.2 =
* Updated challenge and blocked redirect defaults to the DigitalOcean Spaces domains.
* Added/updated redirect host allow-list for new production and staging challenge/blocked hosts.
* Kept local development defaults unchanged (`http://localhost:3003/pages/...`).

= 4.0.0 =
* Added configurable flag behavior management
* Added support for different flag severities (INFO, LOW, MEDIUM, HIGH, RESTRICT, BLOCK)
* Enhanced user validation with verified user access for restricted accounts
* Improved admin interface with severity level display
* Added comprehensive flag behavior documentation

= 3.0.3 =
* optimized user experience
* simplifications

= 3.0.2 =
* Fixed developer console linking

= 3.0.1 =
* User verification information in user list
* User verification details in user profile
* Added email validation and browser fingerprints
* Added VoIP checks
* Simplified user verification flow

= 3.0.0 =
* Major release with complete rewrite
* New modular architecture
* Enhanced security features
* Improved user experience

== Upgrade Notice ==

= 3.0.3 =
This version includes a complete code refactoring with improved architecture, enhanced security, and better maintainability. All existing settings and functionality are preserved.

= 1.0.0 =
First version of the plugin