The average WordPress site owner discovers a breach long after it happened – sometimes days later, when they notice something obviously wrong. A defaced homepage. A Google warning. A hosting suspension. By then, the attacker has had all the time they needed.
The gap between “something happened” and “you found out” is where the real damage occurs. Security alerts close that gap. When your security system detects a threat and immediately notifies you – wherever you are, on whatever channel you’re watching – you can respond in minutes instead of days.
What Trusti Security Can Alert You About
Trusti Security’s notification system covers the security events that matter most for your WordPress site:
Brute Force Attacks
When an IP address exceeds your configured failed login threshold and gets locked out, you receive an alert immediately. The notification tells you which IP was blocked, how many attempts were made, and when the lockout expires. This is often the first sign of a targeted attack against your site.
Unknown Username Attempts
Attackers probing your site often try common usernames like “admin”, “administrator”, or “root” – usernames that don’t exist on your site. When Trusti Security detects a login attempt with a non-existent username and blocks it, you can get an alert. This is a useful signal that someone is actively scanning your login page.
Vulnerability Detections
When a vulnerability scan finds a known security issue in one of your installed plugins, themes, or WordPress core, you get notified with details about the affected component and the vulnerability. This means you don’t need to check your dashboard manually after every scan – the results come to you.
Core Integrity Issues
If Trusti Security’s file integrity scanner detects an unexpected change to your WordPress core files – a modification, an unauthorized addition, or a missing file – you receive an alert immediately. This is often the earliest signal of a compromise that has already occurred.
Admin Activity Events
You can configure alerts for specific administrative actions: plugin installations, theme changes, user account changes, logins, logouts, and content modifications. This is particularly useful for multi-user sites where you want to know when someone makes a significant change – or when admin activity happens at an unexpected time.
Five Notification Channels
Trusti Security supports five delivery channels for security alerts. You can use one, several, or all of them simultaneously depending on how your team works and how urgently you need to be notified.
The simplest option. Configure one or more recipient email addresses and alerts are delivered directly to your inbox. Works without any third-party accounts or webhook setup. Good for audit trails since email notifications are automatically archived.
Slack
If your team lives in Slack, security alerts belong there too. Connect Trusti Security using a Slack incoming webhook URL and specify which channel should receive the alerts. Security events show up alongside your team’s regular communication – no separate dashboard to check, no email to miss.
Telegram
Telegram is a strong choice for personal site owners and small teams who want mobile push notifications without the overhead of email. Create a Telegram bot, add your bot token and chat ID to Trusti Security, and alerts arrive as instant messages on your phone – even if you’re not at your desk.
Pushover
Pushover is a dedicated push notification service for mobile devices. It’s purpose-built for exactly this kind of use case: important alerts that you need to see immediately, without the noise of a general-purpose messaging app. Add your Pushover user key and app token to Trusti Security and alerts appear as priority notifications on your phone.
Mailgun
For teams that need reliable transactional email delivery and detailed sending logs, Mailgun is the professional choice. Configure your Mailgun API key, domain, and recipient addresses in Trusti Security for email alerts with high deliverability and full delivery tracking.
How to Think About Alert Configuration
The goal is to be informed about threats without being overwhelmed by noise. A few principles that help:
Match alert urgency to channel urgency. Brute force attacks and core integrity issues are immediate threats – they belong on your most-watched channel, whether that’s Slack, Telegram, or Pushover. Admin activity logs can go to email where they’re archived for later review if needed.
Be selective with admin activity alerts. If you’re the only person managing your site, alerting on every login and post edit will create noise. Focus on the events that would indicate unauthorized access: new user creation, role changes, plugin installations, and logins at unusual hours.
Use multiple channels for critical events. For high-stakes events like core integrity issues or vulnerability detections, consider routing alerts to both email (for the archive) and Slack or Pushover (for immediate visibility). Redundancy ensures you don’t miss something important because you weren’t watching one particular channel.
Security Visibility as a Practice
Setting up alerts is one part of security visibility. The other part is actually responding when they fire. An alert that gets ignored is only marginally better than no alert at all.
When Trusti Security sends you a brute force notification, the right response is to check the blocked IP, review recent login attempts in the activity log, and consider whether any accounts may have been compromised. When you get a vulnerability notification, the right response is to check whether an update is available and apply it as soon as possible.
Trusti Security provides the alerts. The logs, the block lists, the vulnerability details – all of it is available in your dashboard to support a fast, informed response. The combination of immediate notification and rich context means you can act on security events before they become security incidents.