Threat Intelligence
WPSEC uses a global threat intelligence network to identify and block attackers before they can compromise your site.
How It Works
Every WPSEC-protected site contributes anonymized telemetry to the network. When an attacker is detected on one site, that information is shared to protect all other sites in the network.
- Shared intelligence — Attack patterns detected on any site improve protection for everyone.
- Anonymized data — Only threat indicators are shared, never site content or user data.
- Real-time updates — New threat data is distributed to all protected sites continuously.
Free vs PRO Intelligence
| Feature | Free | PRO |
|---|---|---|
| Threat intelligence feed | 14-day delay | Real-time |
| Attack pattern updates | Daily batch | Continuous |
| Priority scan queue | Standard | Priority |
Geo Dashboard
The geographic dashboard shows where attacks originate:
- Country statistics — See which countries generate the most blocked requests.
- Top countries — Ranked list of attack origins.
- Detail drill-down — Click a country to see specific attack patterns from that region.
Activity Log
The activity log records all security events with full context. You can export the log in CSV or JSON format for external analysis or compliance reporting.
Tip: The more sites in the WPSEC network, the stronger the collective defense. Every installation makes the network smarter.