=== SEF WP Security Guard ===
Contributors: SEF
Tags: security, firewall, login protection, rate limiting, malware scanner, woocommerce security
Requires at least: 5.8
Tested up to: 6.6
Requires PHP: 7.4
Stable tag: 1.2.3
License: GPLv2 or later

SEF WP Security Guard protects WordPress sites with login protection, rate limiting, firewall rules, IP blocking, activity logs, file monitoring, malware pattern scanning, hardening, WooCommerce protections, alerts, and reporting.

== Version 1.2.3 ==
* License key gate: security modules stay disabled until a valid license/trial enables features.
* Free trial update visibility: trial users can see updates, but update download is blocked until an update-enabled license is active.
* Login OTP email matching fix: email logins resolve to the matching WordPress user account and send OTP to that account email.
* Plugin site URL updated to https://sefsolution.com.

== Version 1.2.0 ==
Pro-level module update:
* Cloudflare Turnstile / Google reCAPTCHA v2 hooks for login, registration, comments, and WooCommerce checkout.
* Advanced Geo Blocking with block mode, allow mode, and login/admin-only mode using Cloudflare country header.
* Advanced Bot Blocker with empty user-agent block, long query string block, and suspicious referrer block.
* Security Headers hardening option.
* Readme/license public access block.
* Weekly report email schedule.
* WooCommerce disposable email block and high cart quantity alert.
* License key scaffold for future Pro/update server integration.
* Hardening scan extended with new checks.

== Setup ==
1. Upload the ZIP from Plugins > Add New > Upload Plugin.
2. Activate SEF WP Security Guard.
3. Go to SEF Security > Settings.
4. Whitelist your own IP before enabling strict controls.
5. Enable modules one by one and test login, checkout, and REST behavior.

== Safety ==
This plugin logs and blocks suspicious behavior. For malware detections, it does not automatically delete files.
