Free + Pro

All-in-one security that won't lock you out of your own admin.

Login hardening, 2FA, file integrity, endpoint WAF, audit log. Every blocking feature has a documented rescue path so you cannot get stuck. Run new defaults in soft mode for 14 days, promote to enforce when you trust them.

Download free version

Lifetime updates Email support 14-day refund

example.com/wp-admin

// Pro features

Cloud-driven defenses, advanced auth, and forensics - without the lockout risk.

Cloud-pushed WAF rules

Daily-updated firewall patterns from cross-site attack telemetry, layered on top of free's bundled OWASP-style rule set. No same-day delay.

CVE detection

Match every installed plugin and theme against the live vulnerability feed. Get alerted the moment a CVE lands that affects your stack, with the fixed version and severity inline.

Magic-link login & per-role MFA

Passwordless login via emailed one-time link. Force 2FA enrollment for specific roles (e.g. administrators, editors) before they can use wp-admin.

Lockdown & forensics

One-click emergency lockdown kills sessions, blocks file writes, and shows a maintenance page. Tamper-evident audit log + one-click forensic ZIP for incident response.

IP reputation & country / ASN block

Cloud-fed list of known-bad IPs is checked on every request. Block by country (ISO-3166-1) or autonomous system, with an allowlist that never gets your own session caught up.

Alerts where you actually look

Slack, Discord, Microsoft Teams, PagerDuty (Events API v2), Twilio SMS, and a generic HMAC-signed webhook. Severity threshold per channel - no Slack spam from low-priority noise.

// Free vs Pro

Compare what's in each version.

Feature	Free	Pro
Login rate-limiting + lockouts	✓	✓
Honeypot + math captcha on login form	✓	✓
Strong password policy (Pwned Passwords)	✓	✓
Login URL rename	✓	✓
TOTP two-factor authentication	✓	✓
File integrity monitoring (chunked scan)	✓	✓
Endpoint WAF (28+ bundled OWASP-style rules)	✓	✓
Audit log + health dashboard	✓	✓
10 documented lockout-rescue paths	✓	✓
Cloud-pushed WAF rules (daily updates)	-	✓
CVE detection for installed plugins / themes	-	✓
IP reputation feed	-	✓
Country & ASN blocking (with GeoIP)	-	✓
Cloud malware signature scanner	-	✓
Magic-link passwordless login	-	✓
Per-role MFA enforcement	-	✓
Trusted devices	-	✓
Emergency lockdown + maintenance page	-	✓
Tamper-evident audit log (hash-chained)	-	✓
SIEM streaming + forensic export bundle	-	✓
Slack / Discord / Teams / PagerDuty / SMS	-	✓
White-label branding	-	✓
Email support	-	✓

// Pricing

One-time payment. No subscriptions.

Pick the license that fits. Every tier includes all Pro features and email support.

3 Sites

Personal projects & small businesses

$79

one-time · lifetime updates

Use on up to 3 websites

All Pro features

Email support

10 Sites

Freelancers & growing agencies

$149

one-time · lifetime updates

Use on up to 10 websites

All Pro features

Email support

Unlimited Sites

Large agencies & unlimited scale

$299

one-time · lifetime updates

Use on unlimited websites

All Pro features

Email support

// FAQ

Frequently asked questions.

What if Sentry locks me out of my own site?

It won't, by design. The activator IP is auto-allowlisted on activation. Authenticated sessions are exempt from every block decision. There are 10 documented rescue paths, including a kill-switch file (drop sentrysec-disable.txt into wp-content) and an email-driven magic-link rescue that bypasses every blocking feature for 30 minutes. New blocking defaults run in soft / log-only mode for 14 days before they enforce.

Will Sentry slow down my site?

No. Scans are chunked across WP-Cron ticks with a persistent cursor - never set_time_limit(0) in a request path. The WAF inspects requests with a small bundled regex set; cloud rules only run if you have Pro. The audit log writes are append-only and lazy-pruned. Sentry is built to be server-light from day one.

Does Sentry play nicely with Wordfence, Sucuri, Solid Security, etc.?

Yes. On activation Sentry detects competing security plugins and softens overlapping defaults instead of double-binding (e.g. it won't add a second login limiter if Wordfence is already running). The compatibility matrix is shown in the dashboard so you can pick which plugin owns which feature.

What's actually in the free version vs Pro?

Free is fully functional standalone - login hardening, 2FA, file integrity monitoring, endpoint WAF (28+ bundled OWASP-style rules), audit log, health dashboard, and all 10 rescue paths. Pro adds cloud-driven defenses (WAF rule updates, IP reputation, GeoIP, country/ASN blocks, cloud malware sigs), advanced auth (magic-link, per-role MFA, trusted devices), forensics (tamper-evident audit log, SIEM streaming, forensic export ZIP), and notifications (Slack/Discord/Teams/PagerDuty/SMS). See the comparison table above.

Do you bundle malware signatures in the free plugin?

No, intentionally. YARA-style file content patterns trigger Plugin Check and AV false positives, so signatures are Pro-only and fetched from the cloud at runtime. WAF request patterns (regex against incoming requests) are bundled in free.

Is this a subscription?

No. One-time payment for lifetime updates and email support, for the number of sites in your license tier.

Do you offer refunds?

Yes. If Sentry doesn't work for you, request a refund within 14 days no questions asked.

Looking for documentation?

Get started quickly with our comprehensive guides and tutorials.

View Documentation