Action hooks trigger custom functions at specific points in Solid Security Pro’s workflows—for example, after a site scan completes or when a user fails a login. Use these actions to integrate external systems, automate responses, or extend behavior without modifying plugin code.
Usage example:
add_action( 'itsec_new_banned_ip', function ( $ip, $context ) {
// Send to SIEM, Slack, or trigger a firewall rule.
}, 10, 2 );Action Hooks #
it_libraries_loaded
Summary: Action fires in the it libraries workflow (loaded).
Defined in: lib/updater/load.php:45, lib/icon-fonts/load.php:47
do_action( 'it_libraries_loaded' );
ithemes_updater_register
Summary: Action fires for updater register.
$this
Defined in: lib/updater/settings.php:83
do_action( 'ithemes_updater_register', $this );
ithemes_updater_settings_page_index
Summary: Action fires in the updater settings workflow (page index).
Defined in: lib/updater/admin.php:211
do_action( 'ithemes_updater_settings_page_index' );
itsec-file-change-end-hash-comparisons
Summary: Action fires in the file change workflow (end hash comparisons).
Defined in: core/modules/file-change/scanner.php:749
do_action( 'itsec-file-change-end-hash-comparisons' );
itsec-file-change-end-scan
Summary: Action fires in the file change workflow (end scan).
Defined in: core/modules/file-change/lib/chunk-scanner.php:87
do_action( 'itsec-file-change-end-scan' );
itsec-file-change-start-hash-comparisons
Summary: Action fires in the file change workflow (start hash comparisons).
Defined in: core/modules/file-change/scanner.php:676
do_action( 'itsec-file-change-start-hash-comparisons' );
itsec-file-change-start-scan
Summary: Action fires in the file change workflow (start scan).
Defined in: core/modules/file-change/lib/chunk-scanner.php:85
do_action( 'itsec-file-change-start-scan' );
itsec-handle-failed-login
Summary: Action fires in the handle failed workflow (login).
$username$details
Defined in: core/lib.php:652
do_action( 'itsec-handle-failed-login', $username, $details );
itsec-lib-clear-caches
Summary: Action fires in the lib clear workflow (caches).
Defined in: core/lib.php:49
do_action( 'itsec-lib-clear-caches' );
itsec-logs-page-init
Summary: Action fires in the logs page workflow (init).
Defined in: core/admin-pages/page-logs.php:22
do_action( 'itsec-logs-page-init' );
itsec-logs-page-register-widget
Summary: Action fires in the logs page workflow (register widget).
$this
Defined in: core/admin-pages/sidebar-widget.php:118
do_action( 'itsec-logs-page-register-widget', $this );
itsec-logs-page-register-widgets
Summary: Action fires in the logs page workflow (register widgets).
Defined in: core/admin-pages/page-logs.php:23
do_action( 'itsec-logs-page-register-widgets' );
itsec-page-ajax
Summary: Action fires for page ajax.
Defined in: core/admin-pages/init.php:148
do_action( 'itsec-page-ajax' );
itsec-page-show
Summary: Action fires for page show.
$url
Defined in: core/admin-pages/init.php:142
do_action( 'itsec-page-show', $url );
itsec-register-modules
Summary: Action fires for register modules.
Defined in: core/modules.php:829
do_action( 'itsec-register-modules' );
itsec-security-check-after-default-checks
Summary: Action fires in the security check workflow (after default checks).
self::$feedbackself::$available_modules
Defined in: core/modules/security-check/scanner.php:101
do_action( 'itsec-security-check-after-default-checks', self::$feedback, self::$available_modules );
itsec-security-check-before-default-checks
Summary: Action fires in the security check workflow (before default checks).
self::$feedbackself::$available_modules
Defined in: core/modules/security-check/scanner.php:49
do_action( 'itsec-security-check-before-default-checks', self::$feedback, self::$available_modules );
itsec-settings-page-init
Summary: Action fires in the settings page workflow (init).
Defined in: core/admin-pages/page-settings.php:46
do_action( 'itsec-settings-page-init' );
itsec-settings-page-register-module
Summary: Action fires in the settings page workflow (register module).
$this
Defined in: core/deprecated/module-settings.php:172
do_action( 'itsec-settings-page-register-module', $this );
itsec-settings-page-register-widget
Summary: Action fires in the settings page workflow (register widget).
$this
Defined in: core/admin-pages/sidebar-widget.php:117
do_action( 'itsec-settings-page-register-widget', $this );
itsec-settings-updated
Summary: Action fires for settings updated.
$this->get_id()
Defined in: core/lib/settings.php:299
do_action( 'itsec-settings-updated', $this->get_id() );
itsec-two-factor-successful-authentication
Summary: Action fires in the two factor workflow (successful authentication).
$user_id$provider_class$post_data
Defined in: core/modules/two-factor/class-itsec-two-factor-interstitial.php:214
do_action( 'itsec-two-factor-successful-authentication', $user_id, $provider_class, $post_data );
itsec_after_import
Summary: Fires after an import completes.
$data(array)
Defined in: pro/import-export/importer.php:92
do_action( 'itsec_after_import', $data );
itsec_before_import
Summary: Fires before the import starts.
$data(array)
Defined in: pro/import-export/importer.php:58
do_action( 'itsec_before_import', $data );
itsec_change_admin_user_id
Summary: Fires when the admin user with id of #1 has been changed.
$new_user(int) — The new user's ID.$user(WP_User) — The old user object.
Defined in: core/modules/admin-user/active.php:108
do_action( 'itsec_change_admin_user_id', $new_user, $user );
itsec_create_user_group
Summary: Fires when a user group is created.
$user_group(User_Group)$args(array)
Defined in: core/modules/user-groups/Repository/DB_Repository.php:78, core/modules/user-groups/Repository/In_Memory_Repository.php:52
do_action( 'itsec_create_user_group', $user_group, $args );
itsec_custom_login_slug
Summary: Action fires in the custom login workflow (slug).
Defined in: core/modules/hide-backend/class-itsec-hide-backend.php:130
do_action( 'itsec_custom_login_slug' );
itsec_dashboard_enqueue_scripts
Summary: Action fires in the dashboard enqueue workflow (scripts).
Defined in: core/admin-pages/page-dashboard.php:93
do_action( 'itsec_dashboard_enqueue_scripts' );
itsec_debug_module_request_{$module}
Summary: Fires when an ajax request is being made to a module. At some point this will probably be replaced by a more thought-out framework, but this hook will probably power it. The dynamic portion of this hook, {$module}, refers to the module name. For example, 'notification-center'.
$data(array)
Defined in: core/admin-pages/page-debug.php:78
do_action( "itsec_debug_module_request_{$module}", $_POST['data'] );
itsec_debug_page
Summary: Action fires for debug page.
Defined in: core/admin-pages/page-debug.php:210
do_action( 'itsec_debug_page' );
itsec_debug_page_enqueue
Summary: Action fires in the debug page workflow (enqueue).
Defined in: core/admin-pages/page-debug.php:37
do_action( 'itsec_debug_page_enqueue' );
itsec_encryption_rotate_user_keys
Summary: Fires when an encryption key is being rotated.
$rotator(User_Key_Rotator)$result(Result)
Defined in: core/lib/class-itsec-lib-encryption.php:235
do_action( 'itsec_encryption_rotate_user_keys', $rotator, $result );
itsec_enqueue_profile
Summary: Fires when scripts are enqueued for the User Profile JS code.
$user(WP_User)
Defined in: core/modules/core/class-itsec-core-active.php:319, core/admin-pages/init.php:227
do_action( 'itsec_enqueue_profile', wp_get_current_user() );
do_action( 'itsec_enqueue_profile', $user );
itsec_failed_recaptcha
Summary: Fires when a user fails the reCAPTCHA test.
$error(WP_Error)$args(array)
Defined in: pro/recaptcha/class-itsec-recaptcha.php:483
do_action( 'itsec_failed_recaptcha', $error, $args );
itsec_fingerprint_created
Summary: Fires when a fingerprint is created.
$this(ITSEC_Fingerprint)
Defined in: core/lib/fingerprinting/class-itsec-fingerprint.php:485
do_action( 'itsec_fingerprint_created', $this );
itsec_fingerprint_{$action}
Summary: Fires when the fingerprint is saved.
$this(ITSEC_Fingerprint)$action(string)
Defined in: core/lib/fingerprinting/class-itsec-fingerprint.php:489, core/lib/fingerprinting/class-itsec-fingerprint.php:556
do_action( "itsec_fingerprint_{$action}", $this, $action );
do_action_ref_array( "itsec_fingerprint_{$action}", $args );
itsec_firewall_deleted_rule
Summary: Fires when a firewall rule is deleted.
$rule(Rule)
Defined in: core/modules/firewall/Rules/Repository.php:149
do_action( 'itsec_firewall_deleted_rule', $rule );
itsec_firewall_saved_rule
Summary: Fires when a firewall rule is saved.
$rule(Rule)
Defined in: core/modules/firewall/Rules/Repository.php:118
do_action( 'itsec_firewall_saved_rule', $rule );
itsec_initialize_login_interstitial_session_from_global_state
Summary: Action fires in the initialize login workflow (interstitial session from global state).
$this
Defined in: core/lib/login-interstitial/class-itsec-login-interstitial-session.php:451
do_action( 'itsec_initialize_login_interstitial_session_from_global_state', $this );
itsec_initialized
Summary: Action fires on initialized.
Defined in: core/core.php:255
do_action( 'itsec_initialized' );
itsec_install_schema
Summary: Fires when the DB schema is installed or updated.
$wp_error(WP_Error)
Defined in: core/lib/schema.php:290
do_action( 'itsec_install_schema', $wp_error );
itsec_lib_delete_file
Summary: Fires when Solid Security removes a managed file.
$file(string)
Defined in: core/lib/class-itsec-lib-file.php:279
do_action( 'itsec_lib_delete_file', $file );
itsec_lib_write_to_file
Summary: Fires when Solid Security writes to a managed file.
$file(string) — The path to the file.$contents(string) — The contents written.
Defined in: core/lib/class-itsec-lib-file.php:223
do_action( 'itsec_lib_write_to_file', $file, $contents );
itsec_load_file_change_scanner
Summary: Action fires in the load file workflow (change scanner).
Defined in: core/modules/file-change/scanner.php:19
do_action( 'itsec_load_file_change_scanner' );
itsec_lockout_template_before_actions
Summary: Action fires in the lockout template workflow (before actions).
$context
Defined in: core/templates/lockout/lockout.php:30
do_action( 'itsec_lockout_template_before_actions', $context );
itsec_log_add
Summary: Action fires for log add.
$data$id$log_type
Defined in: core/lib/log.php:110
do_action( 'itsec_log_add', $data, $id, $log_type );
itsec_login_interstitial_async_action_confirmation_before_confirm
Summary: Action fires in the login interstitial workflow (async action confirmation before confirm).
$session$action
Defined in: core/lib/class-itsec-lib-login-interstitial.php:837
do_action( 'itsec_login_interstitial_async_action_confirmation_before_confirm', $session, $action );
itsec_login_interstitial_init
Summary: Fires when the Login Interstitial framework is initialized.
$this
Defined in: core/lib/class-itsec-lib-login-interstitial.php:51
do_action( 'itsec_login_interstitial_init', $this );
itsec_login_interstitial_initialize_same_browser
Summary: Fires when the login interstitial initializes the Same Browser API for async actions.
$session(ITSEC_Login_Interstitial_Session)
Defined in: core/lib/class-itsec-lib-login-interstitial.php:239
do_action( 'itsec_login_interstitial_initialize_same_browser', $session );
itsec_login_interstitial_logged_in
Summary: Fires when a user is re-logged back in after submitting an interstitial.
$user(WP_User)
Defined in: core/lib/class-itsec-lib-login-interstitial.php:936
do_action( 'itsec_login_interstitial_logged_in', $user );
itsec_login_with_fingerprint
Summary: Fires when a user logs in after the fingerprint has been determined.
$fingerprint(ITSEC_Fingerprint)$user(WP_User)
Defined in: pro/fingerprinting/class-itsec-fingerprinting.php:179
do_action( 'itsec_login_with_fingerprint', $fingerprint, $user );
itsec_modules_do_plugin_activation
Summary: Action fires in the modules do workflow (plugin activation).
Defined in: core/modules.php:877
do_action( 'itsec_modules_do_plugin_activation' );
itsec_modules_do_plugin_deactivation
Summary: Action fires in the modules do workflow (plugin deactivation).
Defined in: core/modules.php:886
do_action( 'itsec_modules_do_plugin_deactivation' );
itsec_modules_do_plugin_uninstall
Summary: Action fires in the modules do workflow (plugin uninstall).
Defined in: core/modules.php:895
do_action( 'itsec_modules_do_plugin_uninstall' );
itsec_modules_do_plugin_upgrade
Summary: Action fires in the modules do workflow (plugin upgrade).
$old_version$new_version
Defined in: core/modules.php:907
do_action( 'itsec_modules_do_plugin_upgrade', $old_version, $new_version );
itsec_new_banned_ip
Summary: Fires when a new IP has been banned. This is primarily used by the Ban Users module.
$ip(string) — The IP address.$context(Lockout\Context|null) — The lockout context that caused the ban.
Defined in: core/lockout.php:1117
do_action( 'itsec_new_banned_ip', $ip, $context );
itsec_notification_center_continue_upgrade
Summary: Action fires in the notification center workflow (continue upgrade).
$this->old_version
Defined in: core/modules/notification-center/setup.php:152
do_action( 'itsec_notification_center_continue_upgrade', $this->old_version );
itsec_notification_center_notification_disabled
Summary: Action fires in the notification center workflow (notification disabled).
$slug
Defined in: core/modules/notification-center/settings.php:64
do_action( 'itsec_notification_center_notification_disabled', $slug );
itsec_notification_center_notification_enabled
Summary: Action fires in the notification center workflow (notification enabled).
$slug
Defined in: core/modules/notification-center/settings.php:61
do_action( 'itsec_notification_center_notification_enabled', $slug );
itsec_notification_center_{$slug}_notification_disabled
Summary: Action fires in the notification center workflow ({$slug} notification disabled).
$slug
Defined in: core/modules/notification-center/settings.php:63
do_action( "itsec_notification_center_{$slug}_notification_disabled", $slug );
itsec_notification_center_{$slug}_notification_enabled
Summary: Action fires in the notification center workflow ({$slug} notification enabled).
$slug
Defined in: core/modules/notification-center/settings.php:60
do_action( "itsec_notification_center_{$slug}_notification_enabled", $slug );
itsec_password_requirements_change_form
Summary: Action fires in the password requirements workflow (change form).
$user
Defined in: core/modules/password-requirements/class-itsec-password-requirements.php:423
do_action( 'itsec_password_requirements_change_form', $user );
itsec_passwordless_login_enqueue_profile_scripts
Summary: Action fires in the passwordless login workflow (enqueue profile scripts).
$user
Defined in: pro/passwordless-login/class-passwordless-login.php:138
do_action( 'itsec_passwordless_login_enqueue_profile_scripts', $user );
itsec_passwordless_login_initialize_interstitial
Summary: Fires when the Passwordless Login interstitial session is initialized.
$session(ITSEC_Login_Interstitial_Session)$args(array)
Defined in: pro/passwordless-login/class-passwordless-login-utilities.php:408
do_action( 'itsec_passwordless_login_initialize_interstitial', $session, $args );
itsec_prepare_dashboard_response
Summary: Fires when the response for a Security Dashboard is being prepared for the REST API.
$response(WP_REST_Response)$item(WP_Post)$request(WP_REST_Request)
Defined in: core/modules/dashboard/rest/class-itsec-rest-dashboard-dashboards-controller.php:309
do_action( 'itsec_prepare_dashboard_response', $response, $item, $request );
itsec_recaptcha_api_ready
Summary: Fires when the Recaptcha API is ready to be used.
Defined in: pro/recaptcha/API.php:32
do_action( 'itsec_recaptcha_api_ready' );
itsec_register_highlighted_logs
Summary: Action fires in the register highlighted workflow (logs).
Defined in: core/lib/class-itsec-lib-highlighted-logs.php:169
do_action( 'itsec_register_highlighted_logs' );
itsec_register_password_requirements
Summary: Fires when password requirements should be registered.
Defined in: core/lib/class-itsec-lib-password-requirements.php:27
do_action( 'itsec_register_password_requirements' );
itsec_register_tools
Summary: Fires when tools should be registered.
$registry(Tools_Registry)
Defined in: core/lib/tools/Tools_Runner.php:35
do_action( 'itsec_register_tools', $this->registry );
itsec_register_user_group_settings
Summary: Action fires in the register user workflow (group settings).
$this->settings_registry
Defined in: core/modules/user-groups/Module/Module.php:79
do_action( 'itsec_register_user_group_settings', $this->settings_registry );
itsec_requirements_error
Summary: Fires when a requirements error is encountered.
$error(WP_Error)
Defined in: core/lib.php:2632
do_action( 'itsec_requirements_error', $error );
itsec_scheduled_{$job->get_id()}
Summary: Fires when a scheduled job should be executed.
$job(ITSEC_Job)
Defined in: core/lib/class-itsec-scheduler.php:388
do_action( "itsec_scheduled_{$job->get_id()}", $job );
itsec_scheduler_register_events
Summary: Register scheduled events. Events should be registered in response to a user action, for example activating a module or changing a setting. Occasionally, Solid Security will manually ask for all events to be scheduled.
$this(ITSEC_Scheduler)
Defined in: core/lib/class-itsec-scheduler.php:224
do_action( 'itsec_scheduler_register_events', $this );
itsec_security_digest_attach_additional_info
Summary: Fires when additional info should be attached to the Security Digest.
$mail(ITSEC_Mail)$data_proxy(ITSEC_Notify_Data_Proxy)$last_sent(int)
Defined in: core/notify.php:181
do_action( 'itsec_security_digest_attach_additional_info', $mail, $data_proxy, $last_sent );
itsec_security_digest_before
Summary: Fires before the main content of the Security Digest is added.
$mail(ITSEC_Mail)$data_proxy(ITSEC_Notify_Data_Proxy)$last_sent(int)
Defined in: core/notify.php:144
do_action( 'itsec_security_digest_before', $mail, $data_proxy, $last_sent );
itsec_site_scanner_scan_complete
Summary: Fires after a site scan has completed.
$scan(Scan)$site_id(int)$cached(bool)
Defined in: core/modules/site-scanner/api.php:87
do_action( 'itsec_site_scanner_scan_complete', $scan, $site_id, $cached );
itsec_software_vulnerabilities_changed
Summary: Fires when the detected software vulnerabilities have changed.
$vulnerabilities(array) — The new vulnerabilities set.$existing(array) — The existing vulnerabilities.
Defined in: core/modules/site-scanner/class-itsec-site-scanner.php:179
do_action( 'itsec_software_vulnerabilities_changed', $vulnerabilities, $existing );
itsec_two_factor_interstitial_after_auth_page
Summary: Action fires in the two factor workflow (interstitial after auth page).
$provider$session$args
Defined in: core/modules/two-factor/class-itsec-two-factor-interstitial.php:71
do_action( 'itsec_two_factor_interstitial_after_auth_page', $provider, $session, $args );
itsec_two_factor_interstitial_pre_render
Summary: Action fires in the two factor workflow (interstitial pre render).
$session$provider
Defined in: core/modules/two-factor/class-itsec-two-factor-interstitial.php:106
do_action( 'itsec_two_factor_interstitial_pre_render', $session, $provider );
itsec_two_factor_override
Summary: Action fires in the two factor workflow (override).
$usercompact( 'override_expires' )
Defined in: core/modules/two-factor/sync-verbs/itsec-override-two-factor-user.php:50
do_action( 'itsec_two_factor_override', $user, compact( 'override_expires' ) );
itsec_update_user_group
Summary: Fires when a user group is updated.
$user_group(User_Group)$args(array)
Defined in: core/modules/user-groups/Repository/DB_Repository.php:88, core/modules/user-groups/Repository/In_Memory_Repository.php:61
do_action( 'itsec_update_user_group', $user_group, $args );
itsec_user_action_{$action}
Summary: Fires when a user action should be processed. The dynamic portion of this hook $action refers to the action slug that should be applied.
$user(\WP_User)$actioned_by(\WP_User)$args(mixed)
Defined in: core/lib/User_Actions_Background_Process.php:58
do_action( "itsec_user_action_{$action}", $user, $actioned_by, $args );
itsec_validate_password
Summary: Fires when modules should validate a password according to their rules.
$error(\WP_Error)$user(\WP_User|stdClass)$new_password(string)$args(array)
Defined in: core/lib/class-itsec-lib-password-requirements.php:202
do_action( 'itsec_validate_password', $error, $user, $new_password, $args );
itsec_vulnerability_not_seen
Summary: Fires if a vulnerability was not seen in the latest Site Scan.
$vulnerability(Vulnerability)
Defined in: core/modules/site-scanner/class-itsec-site-scanner.php:162, core/modules/site-scanner/class-itsec-site-scanner.php:256, core/modules/site-scanner/class-itsec-site-scanner.php:298, core/modules/site-scanner/class-itsec-site-scanner.php:333, core/modules/site-scanner/class-itsec-site-scanner.php:371
do_action( 'itsec_vulnerability_not_seen', $vulnerability );
itsec_vulnerability_was_seen
Summary: Fires when a vulnerability has been seen.
$model(Vulnerability)$issue(Vulnerability_Issue)
Defined in: core/modules/site-scanner/class-itsec-site-scanner.php:119, core/modules/site-scanner/class-itsec-site-scanner.php:221
do_action( 'itsec_vulnerability_was_seen', $model, $issue );
do_action( 'itsec_vulnerability_was_seen', $vulnerability, $vulnerability->as_issue() );
