Save 15% with code 
Let's Clear Things Up
Everything you need to know about SRWorks, our plugins, licensing, and support.
General Questions
Questions about SRWorks, billing, licensing, and support.
SRWorks is a one-person WordPress plugin company run by Steve Reinhardt, based in Bend, Oregon. With 20+ years in the WordPress ecosystem—including creating two default WordPress themes in the early 2000s and running agencies focused on WordPress development—I'm building the WordPress plugins I always wished existed.
Fair question! We've been building WordPress sites for over 20 years. We've just never put our own name on a plugin before. Every WordPress plugin we've built here solves a problem we've personally dealt with on hundreds of client sites. We're not venture funded trying to figure out product market fit. We already know what WordPress sites need.
All license holders get priority support with responses typically within 24 hours on business days. For any issues, use our contact form and we'll get back to you promptly.
We've built these WordPress plugins to play nice with the entire WordPress ecosystem. They work great with Elementor, Divi, Gutenberg, WooCommerce, and most popular WordPress themes. If you run into a conflict, our support team will help you sort it out.
Yes! We offer a generous affiliate program through our affiliate page. Earn 20% commission for the first 12 months of any referred subscription and 10% on every renewal after that. Referrals are tracked with a 60-day cookie. It's free to join with no approval wait times. Visit our affiliates page to sign up and start earning.
Pricing & Licensing
Questions about plans, renewals, upgrades, and refunds.
Yes! Free "Lite" versions of all three plugins are coming soon. They're currently working through the WordPress.org submission and review process, which can take a while. Once approved, you'll be able to download them directly from WordPress.org or from our plugin pages. Every paid plan still comes with a 30-day money-back guarantee if you want to get started right away.
A license gives you access to updates and support for the number of WordPress sites included in your tier. Personal covers 1 site, Business covers up to 5 sites, and Agency covers up to 100 sites. All tiers include the exact same features.
Yep! Business covers up to 5 WordPress sites, and Agency covers up to 100 sites. Personal is for a single site. If you need to add more sites later, you can upgrade your tier at any time.
Annual subscriptions let us invest consistently in development, security updates, and support. You get a better, more actively maintained product, and we can keep prices accessible starting at just $29/year. It also means you are never stuck paying for a product that stops getting updates.
Your plugin continues to work, but you won't receive updates or support until you renew. Your settings and data are never lost. All purchases auto-renew for convenience, and you can cancel anytime from your account.
Yes. You can upgrade your license tier at any time from within your account. The cost difference is automatically prorated so you only pay the difference for the remaining time on your subscription.
The bundle includes all three SRWorks plugins: ArmorPro, CitedPro, and BoostPro. You save over 20% compared to buying them individually. Available in Personal ($69/yr), Business ($139/yr), and Agency ($299/yr) tiers.
We use Polar as our merchant of record, powered by Stripe for secure payment processing. You can pay with all major credit cards (Visa, Mastercard, American Express, Discover) or PayPal. All transactions are encrypted and PCI compliant.
Absolutely. You're fully protected by our 30-day money-back guarantee. If you're not happy, we'll refund your purchase—no questions asked. See our refund policy for full details.
Yes! Earn 20% commission for the first 12 months of any referred subscription and 10% on every renewal after that. It's free to join with no approval wait times. Visit our affiliates page to learn more and sign up.
ArmorPro Questions
Technical questions about ArmorPro features and functionality.
Nope. We obsess over WordPress performance. ArmorPro adds roughly 15ms to page load time and runs just 2 database queries. It's built to be lightweight from the ground up—the way WordPress security plugins should be.
Yes! ArmorPro plays nicely with WP Rocket, W3 Total Cache, LiteSpeed Cache, and pretty much every WordPress caching solution out there. We've tested extensively to make sure there are no conflicts.
ArmorPro includes a string-matching firewall with 600+ patterns across 5 categories and per-pattern management, plus an Enhanced Firewall (WAF) mode that runs before WordPress loads with ~1ms overhead. Also includes brute force protection with IP logging, security headers management (including HSTS, CSP, and Permissions-Policy), REST API protection, activity logs, two-factor authentication (TOTP), passkey authentication (WebAuthn/FIDO2), country blocking, custom login URL, email notifications, auto-blacklisting of repeat offenders, and CSV export. All features are included in every tier.
ArmorPro tracks failed WordPress login attempts by IP address. After a configurable number of failures (default: 3), the IP is temporarily locked out for a set duration (default: 15 minutes). Repeat offenders can be automatically blacklisted after multiple lockouts. Bot protection adds a honeypot, timestamp validation, and JS token to block automated submissions before they even count as attempts.
ArmorPro uses a string-matching firewall with 600+ patterns across 5 categories: SQL injection and malicious query strings, dangerous request URIs (shell files, config access, exploit paths), known malicious user agents (120+ scanners, scrapers, attack tools), spam referrers, and IP address patterns. Each pattern can be individually enabled or disabled through the Pattern Manager with hit counts. You can also add your own custom patterns. The Enhanced Firewall (WAF) mode runs as a standalone PHP engine before WordPress loads via auto_prepend_file, adding only ~1ms of overhead. It also blocks XML-RPC requests and enforces REST API authentication.
ArmorPro includes TOTP-based two-factor authentication for WordPress that works with any authenticator app (Google Authenticator, 1Password, Authy, etc.). Each WordPress user sets up 2FA from their profile with a QR code scan. Backup codes are provided for account recovery. Admins can require 2FA for specific WordPress user roles.
Passkeys are a modern, passwordless authentication method using the WebAuthn/FIDO2 standard. Instead of typing a password, users authenticate with Face ID, Touch ID, Windows Hello, or a hardware security key. Passkeys are phishing-resistant since they're bound to the specific website and can't be reused elsewhere. Each user can register multiple passkeys (up to 10) from their profile page.
We recommend using ArmorPro as your primary WordPress security solution rather than stacking multiple security plugins. Running multiple WordPress security plugins often causes conflicts, doubles resource usage, and can create duplicate headers or conflicting firewall patterns. If you're migrating from another WordPress security plugin, deactivate it first.
Go to ArmorPro → Access Control. Add your IP address to the whitelist. Whitelisted IPs bypass all security checks including brute force lockouts, firewall patterns, and country blocking. This is useful for developers or if you have a static office IP.
If you get locked out via brute force protection, wait for the lockout duration to expire (default 15 minutes). If you're permanently blacklisted or can't access the login, you can add
define('ARMOR_DISABLE', true); to wp-config.php to bypass all protection, or deactivate the plugin via FTP/SFTP by renaming the plugin folder.BoostPro Questions
Technical questions about BoostPro features and functionality.
BoostPro is designed to minimize that risk. The default settings are conservative and work well on the vast majority of WordPress sites. Core features like page caching, lazy loading, emoji cleanup, and heartbeat control are low risk and rarely cause issues. The advanced options (JS defer, unused CSS removal, CSS/JS minification) can push performance further, but we recommend testing them on a staging site first since every theme and plugin combination is different.
BoostPro includes file-based page caching that saves fully rendered HTML pages to disk and serves them directly on subsequent visits, bypassing PHP and WordPress entirely. It automatically excludes logged-in users, POST requests, WooCommerce carts, and pages that set the DONOTCACHEPAGE constant. You can configure the cache expiry, add custom URL exclusions, and the cache is automatically purged when you update content. If your host already provides server-level caching, BoostPro detects the conflict and disables its own cache to avoid issues.
BoostPro includes file-based page caching with configurable expiry and third-party cache purging (19+ systems), smart lazy loading for images, iframes, and CSS background images with exclusion patterns, remove unused CSS per URL with delivery options, CSS and JavaScript minification, WebP and AVIF image conversion with bulk optimization and image resizing, per-image optimize/delete from the Media Library, video placeholders for YouTube and Vimeo, add missing image dimensions, local Google Fonts hosting with font preloading, emoji and embed cleanup, heartbeat control (frontend/admin/editor independently), remove query strings, per-script JavaScript defer and delay with 28+ quick exclusion presets, speculative loading, auto-preconnect, advanced preload rules, auto-preload LCP image, CDN URL rewriting for static assets, a frontend Resource Manager for disabling scripts and styles per page, per-page/post disable controls, admin bar integration, global killswitch, scheduled database cleanup, and WP-CLI commands. All features are included in every tier.
Yes. BoostPro automatically detects when you're editing in Elementor, Divi, Beaver Builder, Brizy, Bricks, and other page builders and disables its optimizations during editing so they don't interfere with the builder interface. On the frontend, all optimizations apply normally. If you run into a visual issue on a specific page, use the per-page disable controls to turn off individual features for that URL.
BoostPro's Remove Unused CSS (RUCSS) analyzes each URL on your site and strips out CSS rules that the page doesn't use. The optimized CSS can be inlined directly into the page or served as a separate file. You control how original stylesheets are handled: load them asynchronously, delay them until user interaction, or remove them entirely. Specific stylesheets and selectors can be excluded to protect dynamic styles. Results are cached per URL so subsequent visits are served instantly.
BoostPro converts your JPEG and PNG images to WebP and AVIF formats using your server's GD or ImageMagick library. No external API or cloud service required. You can bulk optimize your entire media library, enable auto-optimize on upload, or optimize individual images from the Media Library. Original files are always preserved. Converted files are stored separately and served automatically via .htaccess rewrite rules (Apache/LiteSpeed) or picture tags (Nginx), with AVIF preferred when the browser supports it. A single quality preset maps to optimized values for each format.
BoostPro scans for 27 plugins that overlap with its features, including caching plugins, image optimizers, lazy loading plugins, and minification tools. When it finds one, it shows an admin notice with a one-click deactivation link for each conflicting plugin. For caching plugins specifically, BoostPro hard-blocks its own page cache toggle until the conflict is resolved, so you never end up with two caching layers fighting each other.
Yes. BoostPro automatically detects server-level caching from hosts like WP Engine, Kinsta, Cloudways, and SiteGround. When it finds one, it disables its own page cache to avoid conflicts and focuses on the optimizations your host doesn't provide: lazy loading, resource cleanup, font optimization, CSS optimization, and database maintenance. No duplicate functionality, no stale content issues.
AVIF is a next-generation image format that typically produces files 20-50% smaller than WebP at equivalent visual quality. BoostPro can convert images to both formats simultaneously. When serving images, browsers that support AVIF get the smallest file, while older browsers fall back to WebP or the original. AVIF conversion requires PHP 8.1+ with GD or ImageMagick AVIF support.
BoostPro automatically rewrites static asset URLs (images, CSS, JS, fonts, media files) to serve from your CDN instead of your origin server. Enter your CDN pull zone URL, choose which directories to include (defaults to wp-content and wp-includes), and optionally exclude specific URL patterns. Works with any pull-zone CDN provider like Cloudflare, BunnyCDN, KeyCDN, or StackPath.
The Resource Manager is a frontend tool that lets you disable any JavaScript or CSS asset on a per-page, per-post-type, or site-wide basis. Access it from the admin bar on any page. A slide-in panel shows every script and stylesheet loaded, grouped by source (plugins, theme, WordPress core). Toggle assets off, set scoping rules, and add exceptions. Includes a testing mode so changes only apply to logged-in admins until you're ready to go live.
CitedPro Questions
Technical questions about CitedPro features and functionality.
CitedPro covers all the same SEO ground: meta titles, descriptions, canonical URLs, open graph, Twitter cards, XML sitemaps, JSON-LD schema, and robots directives. Then it goes further. It generates llms.txt and llms-full.txt files so AI search engines can discover your site, tracks 60+ AI bots crawling your content, monitors when AI platforms send you real visitors, adds AIPREF Content-Usage directives to your robots.txt, and scores every page for both traditional SEO and AI citability. No other SEO plugin does any of this.
CitedPro imports all your existing metadata from Yoast, Rank Math, All in One SEO, SEOPress, The SEO Framework, or Slim SEO in one click. Titles, descriptions, canonical URLs, OG images, noindex flags. Everything comes with you. Nothing gets lost.
Every page gets two scores side by side: an SEO Score and an AI Citability Score. The SEO Score shows where you stand for Google. The AI Citability Score shows how visible you are to ChatGPT, Claude, and Perplexity. You see exactly what to improve on each, right in the post editor.
Just like robots.txt guides Google, llms.txt guides AI assistants. It gives language models a structured overview of your site: what your business does, what you offer, and how you want to be cited. CitedPro generates and maintains both llms.txt (a brief profile) and llms-full.txt (a comprehensive version with your services, team, FAQs, reviews, and contact info) automatically. Both files are served virtually with no physical files to manage.
CitedPro includes meta titles, descriptions, canonical URLs, open graph, Twitter cards, XML sitemaps, JSON-LD schema injection, virtual robots.txt management with AIPREF Content-Usage directives, llms.txt and llms-full.txt generation, AI bot tracking for 60+ crawlers across 5 categories, AI bot blocking with hard 403 response, LLM referral tracking across 20+ platforms, dual SEO and AI citability scoring, content analyzer, one-click SEO data import from 6 plugins, AI-powered Smart Generate with custom AI context, analytics with CSV export and AI summaries, and a WordPress dashboard widget. All features included in every tier.
CitedPro detects 60+ AI bots across 5 categories: GPTBot (OpenAI), ClaudeBot (Anthropic), PerplexityBot, Google-Extended, and dozens more. The dashboard shows which bots visit, how often, and which pages they prefer. You can block specific bots with one click or allow them all.
When someone asks ChatGPT a question and clicks through to your site, CitedPro records it. Twenty-plus platforms tracked, including ChatGPT, Claude, Perplexity, Gemini, Copilot, Grok, and DeepSeek. This is a traffic source Google Analytics does not track automatically.
Yes. When CitedPro detects an active SEO plugin (Yoast, Rank Math, AIOSEO, SEOPress, The SEO Framework, or Slim SEO), it automatically disables its own SEO meta output and sitemaps to avoid conflicts. All AI features keep running regardless: llms.txt generation, bot tracking, referral analytics, AIPREF directives, and bot blocking. You can also import your data in one click and deactivate the other plugin entirely.
AIPREF is an emerging IETF standard that lets you control how AI systems use your content. Standard robots.txt rules can only block entire bots. AIPREF adds Content-Usage directives to your robots.txt that let you allow search indexing while prohibiting AI training, or vice versa. CitedPro is the first WordPress SEO plugin to implement it, giving you granular control over AI content usage directly from your dashboard.
Smart Generate uses AI to create SEO titles, meta descriptions, focus keywords, business descriptions, services, FAQs, and more. The AI context lets you feed it your own business context and reference pages so outputs match your voice, not a generic template.
Still Have Questions?
We're here to help. Reach out and a real human will get back to you.
Contact Us