Fenrir WP Bridge — WordPress security that speaks your language

01 · What it captures

Eight event categories, one single language.

WP Bridge captures what matters on your WordPress and turns it into a report you understand even if you’re not a developer. Lite works offline; Premium adds the AI.

Login & brute-force

Successful and failed logins, password resets, registrations. Auto-block IP after 10 consecutive attempts.

User & admin changes

Role changes (critical alert if it becomes administrator), siteurl, admin_email. Events flagged as critical.

Plugins, themes & drift

Lifecycle of plugins and themes. A daily cron compares versions with WordPress.org and flags new risks.

File integrity & self-audit

SHA-256 hash of wp-config.php, .htaccess and core. Alert if they change outside an update. EOL and exposed files.

CVE intelligence

Every outdated plugin compared against over 40,000 known CVEs (MITRE/CVE), with a CVSS score. Premium.

AI investigation in plain language

Verdict, confidence and concrete recommendations in ~30 seconds. Premium.

The AI advises. You decide.

There is no automatic block imposed on your site from the outside: the AI investigates high-severity events, gives you a verdict in plain language and concrete recommendations — then you stay in control. Calm is competence.

Verdict, confidence and recommendations in plain language
Live feed of the SOC investigations in WP-admin
Email + Telegram notifications for every confirmed alert
Monthly PDF report delivered on the 1st of the month

Fenrir → Dashboard · posture PREMIUM · AI ACTIVE

Plugin no longer in the repository

contact-form-pro · abandoned

HIGH

Webshell in /uploads

no unauthorised PHP file

OK

DISALLOW_FILE_EDIT missing

PHP file editor enabled from the panel

MEDIUM

wp-config.php · integrity

SHA-256 hash unchanged

OK

~15

findings · 1st audit

~30s

AI verdict

12 months

log retention

coexistence · no conflict

# Wordfence, Sucuri, iThemes?

→ keep them. firewall and malware-scan

Fenrir works on top: the managed SOC

· AI investigation in plain language

· business-readable self-audit

· NIS2 / GDPR compliance

Keep your plugin. Add the SOC.

WP Bridge doesn’t replace Wordfence, Sucuri or iThemes: it does something different. It captures the same events — logins, admin changes, plugin lifecycle — and adds the layer of AI investigation and readable self-audit. They coexist without conflict.

Performance impact perceptibly zero · native hooks
AI data in the EU · on-premise engine, no CLOUD Act
Works on WordPress ≥ 5.8, PHP ≥ 7.4, multisite too

02 · Editions

Lite is free. Premium when you want the AI.

The plugin is the same: you choose the edition from the settings after activation. Premium is per site, per year.

Lite

€0

free · forever

Self-audit and event capture, locally. Works offline, no pairing.

Self-audit · versions, EOL, config, exposed files
Local dashboard in WP-admin
Captures logins, roles, plugins and themes
Daily file integrity (SHA-256)
Auto-block IP after 10 failed logins
PDF export of the report

Install free

Most chosen

Premium

€948

/year · per site

Everything in Lite + streaming to the SOC and plain-language AI investigation.

Everything in Lite, plus:
HMAC-signed event streaming to the SOC
AI investigation in plain language · verdict + confidence
CVE intelligence · over 40,000 vulnerabilities (CVSS)
Email + Telegram notifications
Monthly PDF report · 12-month retention

Non-profit

€569

/year · −40% (€568.80)

Same features as Premium, for bodies registered with the RUNTS.

All Premium features
Dedicated −40% rate
For charities, voluntary bodies, foundations, social enterprises
RUNTS tax-code verification

Premium activation within 24h with site-id + HMAC secret · billing by P3 Consulting OÜ (VAT EE102977772). Coexists with Wordfence / Sucuri / iThemes. 30-day Premium trial at our discretion for multi-site and Third Sector organisations.

03 · Installation