NIS2 Compliance

NIS2 provides activity logging, file integrity monitoring, access protection and vulnerability scanning to help sites comply with the EU NIS2 directive. NIS2 Compliance: The 1st WordPress NIS2 Plugin NIS2 is the second iteration of the EU's Network and Information Security (NIS) directive, a primary cybersecurity law that expands the scope of the original NIS directive to cover more sectors and entities, such as energy, transport, banking, healthcare, and digital infrastructure. The directive mandates stricter security requirements, includes supply chain security, and assigns personal accountability to management for non-compliance. Quick and easy setup Choose which modules you want to enable, configure their settings and start monitoring your site in minutes. Available modules are:

• Activity Logger: logs important events such as user logins, content changes, plugin/theme installations and more.
• File Integrity Monitoring: monitors core WordPress files, themes and plugins for unauthorized changes.
• Access Protection: protects login and admin pages with Google reCAPTCHA v2 and limits access
• Vulnerability Scanner: scans installed plugins and themes for known vulnerabilities using the WPScan database.
• Compliance Checklist: provides a checklist of security best practices to help you improve your site's security posture

Third party services This plugin relies on the following third-party/external services: Google reCAPTCHA v2 Used to protect the WordPress login forms against automated abuse and spam.

• Data sent: when a user interacts with the login form, the plugin loads the reCAPTCHA JavaScript API and sends the user’s IP address and form interaction data to Google’s reCAPTCHA service in order to validate the request.
• Service provider: Google LLC
• Terms of Service: https://www.google.com/intl/en/policies/terms/
• Privacy Policy: https://policies.google.com/privacy IP-API.com Used to perform basic geolocation based on the visitor’s IP address (e.g., country, city, ISP).
• Data sent: the visitor’s public IP address is queried against the ip-api.com service. No additional personal or sensitive data is transmitted.
• Service provider: IP-API.com
• Terms of Service: https://ip-api.com/docs/legal
• Privacy Policy: https://ip-api.com/docs/legal

F.A.Q. Does the plugin conflict with security plugins? No. NIS2 detects other popular security plugins and integrates with them when possible.

Starting with NIS2 Compliance consists of just two steps: installing and setting up the plugin. NIS2 Compliance is designed to work with your site’s specific needs, collaborate with third party plugins and services, and let you decide which features you care most. So don’t forget to go through the Settings to enable/disable features!

1.5.0 Release date: 2025-11-06 ** Add: “Mark all as clean” feature 1.4.3 Release date: 2025-11-05 ** Fix: fatal error when uploading other files, because of hooking into filter wp_handle_upload as action ** Fix: remove wp_handle_upload monitor hook (feature yet to come) 1.4.2 Release date: 2025-11-05 ** Enhance: UI/UX ** Fix: never show our notices outside of our pages, if disabled via filter 1.4.1 Release date: 2025-11-05 ** Fix: added missing file which might cause a fatal error in some setups 1.4.0 Release date: 2025-11-05 ** New: show "disabled" critical badge when plugin is active, but all features are disabled ** New: class to handle cron/schedules ** Enhance: cron schedule time (and clear, if feature disabled) ** Enhance: general UI/UX optimization ** Enhance: file integrity changes UI responsive 1.3.1 Release date: 2025-11-03 ** Update readme version 1.3.0 Release date: 2025-10-25 ** Fix: file integrity always marked as modified 1.2.0 Release date: 2025-10-22 ** Improved: handling of Notice Suppress mode ** Fix: various core features 1.0.0 Release date: 2025-08-15 ** Initial release