[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fLboxlGJpAetIkrsb6w42boI8CMv_SxnIqlFHj0zqG18":3},{"slug":4,"display_name":5,"profile_url":6,"plugin_count":7,"total_installs":8,"avg_security_score":9,"avg_patch_time_days":10,"trust_score":11,"computed_at":12,"plugins":13},"arkhost","ArkHost","https:\u002F\u002Fprofiles.wordpress.org\u002Farkhost\u002F",1,0,100,30,94,"2026-04-04T13:53:25.114Z",[14],{"slug":15,"name":16,"version":17,"author":5,"author_profile":6,"description":18,"short_description":19,"active_installs":8,"downloaded":20,"rating":8,"num_ratings":8,"last_updated":21,"tested_up_to":22,"requires_at_least":23,"requires_php":24,"tags":25,"homepage":31,"download_link":32,"security_score":9,"vuln_count":8,"unpatched_count":8,"last_vuln_date":33,"fetched_at":34},"arkhost-security-pack","ArkHost Security Pack","1.1","\u003Cp>A complete security plugin that’s actually free. No “pro” version, no nag screens, no made-up threat statistics.\u003C\u002Fp>\n\u003Ch4>Login Protection\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Blocks IPs after failed login attempts\u003C\u002Fli>\n\u003Cli>Custom login URL (hides wp-login.php)\u003C\u002Fli>\n\u003Cli>Hides wp-admin from logged-out users\u003C\u002Fli>\n\u003Cli>Honeypot field for bots\u003C\u002Fli>\n\u003Cli>Hides login errors (stops username enumeration)\u003C\u002Fli>\n\u003Cli>Email alerts for admin logins from new IPs\u003C\u002Fli>\n\u003Cli>Country\u002FIP restrictions on login page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>IP Control\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Whitelist and blacklist\u003C\u002Fli>\n\u003Cli>Auto-blacklist after repeated lockouts\u003C\u002Fli>\n\u003Cli>IPv4, IPv6, CIDR supported\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Geo Blocking\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block countries\u003C\u002Fli>\n\u003Cli>Uses free IP2Location LITE database\u003C\u002Fli>\n\u003Cli>One-click download\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Hardening\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable XML-RPC\u003C\u002Fli>\n\u003Cli>Disable dashboard file editing\u003C\u002Fli>\n\u003Cli>Disable application passwords\u003C\u002Fli>\n\u003Cli>Restrict REST API to logged-in users\u003C\u002Fli>\n\u003Cli>Remove WordPress version\u003C\u002Fli>\n\u003Cli>Block user enumeration (?author=1 and REST API)\u003C\u002Fli>\n\u003Cli>Disable pingbacks\u002Ftrackbacks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Headers\u003C\u002Fh4>\n\u003Cp>X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, Referrer-Policy, Permissions-Policy, Content-Security-Policy, HSTS\u003C\u002Fp>\n\u003Ch4>Two-Factor Authentication\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>TOTP (Google Authenticator, Authy, etc.)\u003C\u002Fli>\n\u003Cli>Backup codes\u003C\u002Fli>\n\u003Cli>Enforce for admins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>File Integrity Monitoring\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Checks WordPress core files against official checksums\u003C\u002Fli>\n\u003Cli>Daily scans\u003C\u002Fli>\n\u003Cli>Email alerts on changes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Malware Scanner\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Scans plugins, themes, uploads\u003C\u002Fli>\n\u003Cli>Pattern-based detection\u003C\u002Fli>\n\u003Cli>Quarantine suspicious files\u003C\u002Fli>\n\u003Cli>Weekly scans\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Activity Log\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login attempts, lockouts, blocks\u003C\u002Fli>\n\u003Cli>IP, country, username, timestamp\u003C\u002Fli>\n\u003Cli>Configurable retention\u003C\u002Fli>\n\u003Cli>CSV export\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Tools\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Export\u002Fimport settings\u003C\u002Fli>\n\u003Cli>Force logout all users\u003C\u002Fli>\n\u003Cli>Test email\u003C\u002Fli>\n\u003Cli>Delete readme.html\u002Flicense.txt\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy\u003C\u002Fh4>\n\u003Cp>No tracking. No analytics. No telemetry.\u003C\u002Fp>\n\u003Cp>External connections:\u003Cbr \u002F>\n* WordPress.org API (core file checksums)\u003Cbr \u002F>\n* IP2Location (database download, only when you click it)\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following external services under specific circumstances:\u003C\u002Fp>\n\u003Ch4>WordPress.org Checksums API\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Service: api.wordpress.org\u002Fcore\u002Fchecksums\u002F1.0\u002F\u003C\u002Fli>\n\u003Cli>Used for: Verifying WordPress core file integrity by comparing local files against official checksums\u003C\u002Fli>\n\u003Cli>Data sent: WordPress version and locale\u003C\u002Fli>\n\u003Cli>When: During daily scheduled file integrity scans and when manually triggered by the admin\u003C\u002Fli>\n\u003Cli>Privacy policy: https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>IP Detection Services\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Services: api.ipify.org, ifconfig.me, icanhazip.com\u003C\u002Fli>\n\u003Cli>Used for: Detecting the server’s public IP address for the “Whitelist My IP” tool\u003C\u002Fli>\n\u003Cli>Data sent: Standard HTTP request (no personal data)\u003C\u002Fli>\n\u003Cli>When: Only when an admin uses the “Whitelist My IP” feature in the Tools tab\u003C\u002Fli>\n\u003Cli>Terms: https:\u002F\u002Fwww.ipify.org\u002F \u002F https:\u002F\u002Fifconfig.me\u002F \u002F https:\u002F\u002Ficanhazip.com\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>IP2Location\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Service: download.ip2location.com\u003C\u002Fli>\n\u003Cli>Used for: Downloading the free IP2Location LITE geolocation database for country-based blocking\u003C\u002Fli>\n\u003Cli>Data sent: Standard HTTP request (optional: user’s download token if configured)\u003C\u002Fli>\n\u003Cli>When: Only when an admin clicks “Download IP2Location Database” in the IP Control tab\u003C\u002Fli>\n\u003Cli>Terms of service: https:\u002F\u002Fwww.ip2location.com\u002Fterms\u003C\u002Fli>\n\u003Cli>Privacy policy: https:\u002F\u002Fwww.ip2location.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n","WordPress security without the nonsense. No upsells, no premium tier, no fake threat counters.",165,"2026-02-19T18:23:00.000Z","6.9.4","5.0","7.4",[26,27,28,29,30],"2fa","firewall","login","malware","security","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farkhost-security-pack.1.1.zip",null,"2026-03-15T14:54:45.397Z"]