What is Nova Core? Nova Core is the free framework required by every Nova Heaven plugin. It handles activation, signed updates, email delivery, threat intelligence sync, and self-audit - all in one secure core. Install it once and every Nova plugin you add inherits its infrastructure automatically.
Is Nova Core free? Yes, forever. Nova Core and your divine key are completely free - no credit card, no trial, no expiration. Register for your free divine key.
Why is Nova Core required? Nova Core provides the secure update pipeline, license verification, and inter-plugin communication that every Nova plugin depends on. Without it, plugins cannot verify update integrity, sync threat intelligence, or deliver email notifications. It's the foundation the entire ecosystem is built on.
How do I install Nova Core? Register a free account, get your divine key, then upload Nova Core to your WordPress site and paste your key. That's it - 2 minutes. Every Nova plugin you install after that activates automatically through Nova Core.
Does Nova Core work on shared hosting? Yes. Nova Core requires no shell access, no special PHP extensions, and no server configuration. It works on Hostinger, SiteGround, Bluehost, and every major shared host.
What does the self-audit do? Nova Core monitors its own integrity. Built-in checks detect if any Nova plugin files have been tampered with and alert you immediately. It watches itself so you don't have to.
Does Nova Core send any data off my server? Nova Core communicates with Nova Heaven servers only for license verification, signed update downloads, and optional opt-in telemetry. No site content, no file data, and no personally identifiable information is ever transmitted. Telemetry can be disabled per-plugin.
Is Nova Scan really free forever? Yes. Nova Scan with the NDE detection engine, two-mode firewall, repository integrity checks, and brute-force protection is completely free on one site. No credit card, no trial, no catch. Register for your free divine key.
What is the NDE detection engine? NDE is our custom-built detection system that uses N-dimensional code analysis to identify malware - not just by matching known signatures. It consists of 4 dedicated engines covering PHP, JavaScript, database, and WAF layers. Each engine is trained on tens of thousands of real-world samples, delivering industry-leading detection with near-zero false positives in published validation. The models are lightweight enough to load entirely in PHP memory - no shell access, no special hosting requirements.
How does NDE differ from signature-based scanning? Traditional scanners like Wordfence match code against a database of known malware signatures. If the malware is new or obfuscated, they miss it. NDE uses N-dimensional code analysis designed to detect novel threats, including zero-day variants that no signature database covers.
What is the detection rate and false positive rate? In published validation, NDE delivers industry-leading detection with near-zero false positives across all 4 engines. These results come from rigorous validation on real-world malware and benign samples - not cherry-picked test sets. Specific benchmarks are published in our documentation. All models are lightweight and fully shared-hosting compatible.
Does Nova Scan work on shared hosting? Yes - Nova Scan was built specifically for shared hosting. The NDE engines load entirely in PHP memory with no shell access required. It runs within PHP execution limits using chunked scanning and has been tested on Hostinger, SiteGround, Bluehost, and other major shared hosts.
How does the two-mode firewall work? Nova Scan's firewall operates in two modes: (1) Active WAF mode that blocks malicious requests in real-time before they reach WordPress, and (2) Monitor mode that logs threats without blocking, useful for testing. Both modes include brute-force protection, IP rate limiting, and geo-blocking.
What types of malware does Nova Scan detect? Backdoors, PHP web shells (c99, r57, WSO), cryptominers, SEO spam injections, card skimmers, phishing redirects, ClearFake infections, obfuscated eval() payloads, file inclusion exploits, and malicious cron jobs. The NDE engine also catches zero-day variants that signature databases miss.
How does auto-clean and rollback work? When Nova Scan detects malware, it quarantines the infected file to a .quarantine directory and attempts to restore the clean version from the WordPress.org repository. If the file is a custom theme or plugin, it's quarantined but not auto-restored - you're notified to review it manually.
What are Canary Tripwire Sentinels? Canary files are decoy files placed in critical directories (wp-content, wp-includes). If an attacker modifies or accesses them, Nova Scan immediately alerts you. They act as early-warning tripwires that detect breaches before any real damage occurs.
Does Nova Scan protect against brute-force attacks? Yes. Nova Scan includes IP-based rate limiting on wp-login.php and xmlrpc.php, with configurable thresholds. After X failed attempts, the IP is temporarily blocked. You can also enable country-level geo-blocking to prevent entire regions from accessing login pages.
How often are NDE models updated? NDE models are retrained on new malware samples as they're collected. Rule-based signatures are updated continuously as new campaigns emerge. All users receive automatic updates through Nova Core - free and paid alike.
Can Nova Scan detect ClearFake and JavaScript injection attacks? Yes. NDE was specifically trained on ClearFake variants, cryptominer injections, and obfuscated JS payloads. It catches JS-based attacks that bypass traditional PHP-focused scanners.
What is Hyper Nova? Hyper Nova is our advanced WordPress caching engine with intelligent cache warming, surgical purge controls, REST API integration, and real-time analytics - built for shared hosting where performance matters most.
When will Hyper Nova launch? Hyper Nova is currently in final development. Join our Telegram community to be the first to know when it launches.
What makes Hyper Nova different from other caching plugins? Hyper Nova is built specifically for shared hosting constraints with features like intelligent cache warming, surgical purge by URL or post type, and a REST API for programmatic control - all without root access or server configuration.
What is Nova Ascend? Nova Ascend is our upcoming SEO intelligence plugin for WordPress. It provides automated schema markup generation, intelligent sitemap optimisation, and real-time ranking insights - all designed to help your sites ascend the search rankings.
When will Nova Ascend launch? Nova Ascend is currently in development. Join our Telegram community to be the first to know when it launches.
What SEO features will it include? Planned features include: automatic JSON-LD schema generation for all content types, XML sitemap optimisation with priority scoring, Open Graph and Twitter Card management, heading hierarchy analysis, internal linking suggestions, and a real-time SEO score dashboard.
What is Nova Burst? Nova Burst is our upcoming backup and migration plugin. It provides one-click backups, instant recovery, and seamless site migration - ensuring your WordPress sites never die, even when disaster strikes.
When will Nova Burst launch? Nova Burst is currently in development. Join our Telegram community to be the first to know when it launches.
How will backup storage work? Nova Burst will support multiple storage destinations including local server storage, cloud providers (S3, Google Cloud, Backblaze B2), and remote SFTP servers. Free tier includes local backups; paid tiers unlock cloud storage and automated scheduling.
How do divine keys work? When you register a free account and confirm your email, a unique divine key is generated. This single key is entered into Nova Core on your WordPress site and activates all your licenced plugins - Nova Scan, Hyper Nova, Nova Ascend, and Nova Burst. One key, one licence, all plugins.
What are the site tiers? We offer five divine tiers based on how many sites you need to cover: Alpha (1 site), Trinity (3 sites), Seraph (6 sites), Divine (9 sites), and Omega (unlimited sites). Each tier covers all your selected plugins. See pricing.
How do bundle discounts work? Select multiple paid plugins and save - bundle pricing is applied automatically in our pricing calculator. The more plugins you add, the more you save. Bundle discounts stack with annual billing savings.
Can I upgrade or downgrade my tier? Yes, anytime. Upgrades are prorated - you only pay the difference for the remaining billing period. Downgrades take effect at the start of your next billing cycle.
How are site activations tracked? All licence management happens through your Nova Heaven dashboard. You can see all active sites, deactivate sites to free up slots, and reassign plugins between sites at any time. Nova Core on your WordPress site handles the activation handshake automatically.
Can I use different plugins on different sites? Yes. Your site tier covers activations per plugin. For example, with a Trinity tier (3 sites), you could run Hyper Nova on all 3 sites and Nova Ascend on just 1 - each plugin gets its own allocation within your tier.
Is there a refund policy? We offer a 14-day no-questions-asked refund on all paid plans. If it's not for you, contact us within 14 days and we'll refund every penny. No hoops, no forms, no guilt.
Do licences auto-renew? Yes, paid subscriptions auto-renew at the end of each billing cycle (monthly or annual). You can cancel anytime from your dashboard - your access continues until the end of the current billing period.
What payment methods are accepted? We accept all major credit cards (Visa, Mastercard, Amex) and PayPal. All payments are processed securely through our payment provider. We never store your card details on our servers.
What is Nova Heaven? Nova Heaven is a suite of WordPress plugins built on Nova Core, our free foundation framework. The ecosystem includes security (Nova Scan - free), performance (Hyper Nova), SEO (Nova Ascend), and backup (Nova Burst). Our mission is to give every WordPress site divine-level protection and performance, even on shared hosting.
Who is behind Nova Heaven? Nova Heaven is built by SephX, a WordPress developer and security researcher with deep experience in shared hosting environments and malware analysis. The NDE detection engine is the result of years of real-world malware research.
How do I get support? Reach us through our contact form or Telegram community. We respond to every message.
Is there a Telegram community? Yes! Join Nova Heaven on Telegram for announcements, security tips, early access to new features, and direct conversation with the development team.
Do you offer affiliate or partner programmes? We're building a partner programme for agencies and developers who recommend Nova Heaven plugins. Contact us if you're interested in early access to the affiliate programme.
How is my data protected? All scanning runs entirely on your server - your site files and content never leave your hosting environment. The optional Community Feed shares only anonymized threat signatures to help improve detection for everyone - no site data, no URLs, no personally identifiable information is ever transmitted. This feature is opt-in and can be disabled at any time. Read our full Privacy Policy.