Documentation

UltraGuard documentation

Everything you need to install, configure, and get the most from UltraGuard — from first install to Pro features.

Documentation and technical writing
Complete documentation — installation to Pro features

Overview

UltraGuard is an all-in-one WordPress security suite available directly from UltraGuard.net. It covers every layer of your WordPress security stack — from a real-time WAF and 10-layer malware scanner, to login protection, security headers, live traffic monitoring, audit logging, and automated updates.

The plugin is modular by design. You can enable only what your site needs. The Pro tier unlocks advanced modules including vulnerability scanning with virtual patching, database scanning, passkey authentication, IP threat intelligence, and compliance reporting.

Free tier includes: WAF, 10-layer antivirus scanner, login protection, WordPress hardening, live traffic monitor, security headers, audit log, auto-updater, .htaccess manager, and notifications — all with no time limit.

Installation

Download and upload (recommended for now)

  1. Download the latest UltraGuard ZIP from the download page.
  2. Log in to your WordPress admin.
  3. Go to Plugins → Add New → Upload Plugin.
  4. Select the ZIP, click Install Now, then Activate.
  5. The onboarding wizard launches automatically and guides you through initial setup.

Manual

  1. Download the ZIP from the UltraGuard download page.
  2. Go to Plugins → Add New → Upload Plugin.
  3. Upload the ZIP and click Install Now.
  4. Activate the plugin.
  5. Navigate to UltraGuard → Dashboard to begin setup.
RequirementMinimum
WordPress5.6 or higher
PHP8.1 or higher (tested on 8.1, 8.2, 8.3)
PHP Extensionsjson, curl, openssl

Account & License

The free version of UltraGuard does not require an account. Simply download, install, and activate. For Pro features, you'll need a license key from ultraguard.net/pricing.

Activating a Pro License

  1. Purchase a Pro license from the pricing page.
  2. In your WordPress admin go to UltraGuard → License & Upgrade Center.
  3. Enter your license key and email address.
  4. Click Activate License. Pro modules unlock immediately.
FeatureFreePro
License key requiredNoYes
WAF + Scanner
Vulnerability Scanner
Database Scanner
IP Threat Intelligence
Compliance Reports

Security Modules

UltraGuard's 27 modules are grouped by area. Each module can be enabled or disabled independently from the UltraGuard Dashboard in wp-admin.

🛡️
Firewall (WAF)
IP/CIDR controls, geo-blocking, rate limiting, OWASP patterns.
🔬
Antivirus Scanner
10-layer file scanner with quarantine and core integrity check.
🔒
Login Protection
Brute-force lockout, URL obfuscation, session management.
🔧
WordPress Hardening
One-click hardening: XML-RPC, version exposure, file protection.
📡
Live Traffic Monitor
Real-time SSE request feed with threat classification.
📋
Security Headers
CSP, HSTS, X-Frame-Options, Referrer-Policy and more.
📝
Audit Log
Searchable activity trail covering all security events.
🔄
Auto Updater
Automated core, plugin, and theme updates with rollback hooks.
🌐
.htaccess Manager
Visual editor with template library and safe rollback.
🔔
Notifications
Email, webhook, and Slack alerts per event type.

Firewall (WAF)

UltraGuard's Web Application Firewall runs at the earliest possible WordPress hook — blocking threats before WordPress fully loads. It operates across 8 detection layers:

  1. IP Whitelist / Blacklist — Manual IP and CIDR range controls with hotlink protection.
  2. Rate Limiting — Sliding-window rate limiting with configurable thresholds per route.
  3. Geo-Blocking — Block or allow traffic by country code.
  4. Bot & UA Detection — Known bad user-agents and automated scanner patterns.
  5. Proxy / VPN / Datacenter — Identify and optionally block anonymised traffic sources.
  6. OWASP Pattern Matching — SQLi, XSS, RFI, RCE, Path Traversal, XXE, SSRF, CMDi, LFI.
  7. Auto-Ban — Automatic IP ban when an attacker exceeds the configured attack threshold.
  8. Reputation Feeds — Integration with threat intelligence reputation sources.
The full WAF including all 8 layers is included in the free version. No paid license required.

Antivirus Scanner

The antivirus scanner checks every file on your server across 10 independent detection layers. It is the most thorough on-server scanner available as a WordPress plugin.

#LayerWhat it detects
1MD5 Hash MatchingKnown malware signatures from the UltraGuard database.
2PHP HeuristicsWeb shells, eval+base64 chains, Remote File Inclusion.
3Obfuscation PatternsSuspicious obfuscation structures used to hide malicious code.
4Polymorphic DetectionVariable-variable patterns, chr() chains, and encoding tricks.
5Supply-Chain DroppersInstaller patterns injected via compromised plugin or theme packages.
6JavaScript ThreatsCrypto miners, checkout skimmers, obfuscated eval() calls.
7HTML InjectionHidden iframes, malicious scripts injected into HTML output.
8Core IntegrityWordPress core files verified against official api.wordpress.org checksums.
9High-Entropy StringsStatistical detection of encoded or encrypted payloads.
10Vulnerability DetectionPlugin and theme vulnerability patterns matched to known CVEs.

Pro Features

Pro unlocks 13 additional modules on top of the 14 free modules. Key Pro features:

🔑
Passkey & 2FA Pro
WebAuthn passkeys + TOTP. Per-role enforcement and backup codes.
🕵️
Vulnerability Scanner Pro
CVE detection + Virtual WAF Patching to block unpatched exploits.
🗄️
Database Scanner Pro
Scan every DB table for injected payloads and backdoors.
📂
File Integrity Monitor Pro
Instant alerts on any unexpected file creation, modification, or deletion.
🌩️
IP Threat Intelligence Pro
Cloud-synced hostile IP feeds integrated with your WAF in real time.
🛒
WooCommerce Security Pro
Checkout rules, JS skimmer detection, WooCommerce-aware logging.
🚨
Blacklist Monitor Pro
Monitor your domain and IP against major blacklists continuously.
⬆️
Uptime & SSL Monitor Pro
Availability and SSL expiry monitoring with proactive alerts.
📊
Compliance Reports Pro
Evidence reports for GDPR, PCI-DSS, ISO 27001, SOC 2.
🔌
REST API Security Pro
Route-level access controls, API keys, rate limiting, XML-RPC.

Multisite

UltraGuard natively supports WordPress Multisite/Network from the free tier. Network activation is supported via the Network: true plugin header.

For agency and multi-site licensing options, see the pricing page.

For Developers

UltraGuard is built with modern PHP and designed to be extended cleanly.

FeatureDetail
PSR-4 AutoloaderFull namespace separation — zero procedural globals.
Dependency InjectionEvery module receives the container via constructor.
Server-Sent EventsReal-time delivery — no polling overhead.
DB Query CacheGranular key-based invalidation.
Hooksultraguard_pro_init, ultraguard_pro/early_security_init/before, ultraguard_pro/early_security_init/after, and dozens more.
PHP requirement8.1+ — typed properties, named arguments, match expressions, readonly.

Quick Reference

TaskWhere
Install the pluginDownload the ZIP from the UltraGuard site, then use Plugins → Add New → Upload Plugin
Run a malware scanUltraGuard → Antivirus Scanner → Start Scan
Configure the firewallUltraGuard → Firewall → Rules
Activate a Pro licenseUltraGuard → License & Upgrade Center
View live trafficUltraGuard → Live Traffic Monitor
Enable 2FA / PasskeysUltraGuard → Authenticator (Pro)
Download compliance reportUltraGuard → Compliance Reports (Pro)
Contact supportultraguard.net/contact or support@ultraguard.net
Browse FAQ Tutorials Contact Support