Help Documentation

VMP™ Security plugin documentation and support

Free Support

Support for users of the free version of the plugin is available on our support forums. The majority of features shown are available in the free version of VMP™ Security which helps protect millions of sites around the world.

Go to support forums

Access Upgraded Support Now

Our support engineers, equipped in Premium tickets within a few hours on weekdays, will be pleased to help you with advanced topics, provide comprehensive answers to your questions, and respond to all others in 24 hours or less.

Premium Support

VMP Security PHP API

Most integrations with VMP Security are best done through the standard WordPress admin and the Tools → Import/Export Options tab. For deeper integrations — embedding plugin functionality in your own admin pages, reacting to security events from custom code, or scripting routine maintenance — the plugin exposes a small PHP API.

In This Article

API stability

Public hooks, filters, and class methods documented here are part of the plugin’s supported integration surface. Other classes and methods inside the plugin are internal and may change without notice between releases. If you depend on something that is not documented here, pin the plugin version and re-check on each upgrade.

Public classes

The most useful classes for integrators:

  • VMPFence_License — license inspection. VMPFence_License::get_license_type() returns 'free' or 'premium'; VMPFence_Constants::LICENSE_FREE / LICENSE_PREMIUM are the canonical constants for comparison.
  • VMPFence_Config — read and write plugin options with the same validation the admin UI uses. VMPFence_Config::get($key, $default) and VMPFence_Config::set($key, $value).
  • VMPFence_Audit_Log — programmatic access to the audit log. Use this to emit custom events from your own integration code so they show up alongside the plugin’s captured events.
  • VMPFence_API_Client — thin wrapper around the secure HTTP client used to talk to the VMP Security API.
  • VMPFence_HTAccess_Manager — safe read/modify of .htaccess; use for any code that needs to add directives without conflicting with the WAF Optimizer.

All public classes follow the VMPFence_ class-name prefix and standard WordPress class naming conventions.

WordPress action hooks

The plugin’s hooks all use the vmpfence_* prefix. The most generally useful is:

  • do_action( 'vmpfence_scheduled_cleanup' ) — fired when the plugin runs its periodic cleanup. Hook in to piggyback on the same schedule for your own housekeeping.

Many internal events (block hits, audit-log writes, scan progress) also fire vmpfence_* hooks. They are not formally part of the supported API yet; if you have a specific integration use case, get in touch with support so we can stabilise the relevant hook before you depend on it.

Shortcodes

One frontend shortcode is exposed:

  • [vmpfence_2fa] — renders the user’s 2FA management interface. The shortcode must be enabled on the Login Security page before it will render. Useful for membership and ecommerce sites that build their own account pages outside of WooCommerce.
Contents