Description

Rapls AI Chatbot add an AI chatbot to your site with OpenAI, Claude, Gemini, or OpenRouter. Includes site learning, knowledge base, and web search.

Key Features

Multiple AI Providers — OpenAI, Anthropic Claude, Google Gemini, and OpenRouter (100+ models via single API key)
Web Search — AI automatically searches the web when the knowledge base lacks a sufficient answer, using each provider’s built-in capability (OpenAI web_search_preview, Claude web_search, Gemini google_search)
Site Learning — Crawl and index your website content (posts, pages, custom post types, WooCommerce products) for context-aware responses
Vector Embedding RAG — Hybrid search combining keyword matching (40%) and vector similarity (60%) for accurate retrieval
Custom Knowledge Base — Add Q&A pairs, free-form content, PDF/DOCX uploads with priority levels and draft/published workflow
MCP Server — 7 built-in tools via JSON-RPC 2.0 for AI agent integration (Claude Desktop, Cursor, VS Code)
WordPress Abilities API — Auto-register MCP tools as WordPress Abilities for discovery by MCP Adapters
Gutenberg Block — Insert AI Chatbot block in the block editor with height, theme, and bot-id settings; SSR support
Response Language Auto-detect — Automatically detect browser language for welcome message and AI responses
Cross-site Embed — Embed the chatbot on external sites via iframe or script loader
Conversation History — Save and review all chat conversations with configurable retention
Usage Statistics — Track token usage and estimated API costs with visual charts and provider breakdown
Feedback & Regeneration — Users can rate responses (thumbs up/down) and request regeneration
6 Built-in Themes — Default, Simple, Classic, Light, Minimal, Flat
Security — reCAPTCHA v3, rate limiting, consent mode, Cloudflare support, security diagnostics
Settings Import/Export — Backup and restore all settings as JSON
Multilingual — Japanese translation included; welcome messages configurable in 13 languages

Supported AI Models

OpenAI:
* GPT-5.2, GPT-5.1, GPT-5 series (Latest generation)
* GPT-4.1 series (Long context, 1M tokens)
* GPT-4o, GPT-4o-mini (Multimodal)
* o1, o3, o4-mini (Reasoning models)

Anthropic Claude:
* Claude Opus 4.6 (Most powerful)
* Claude Sonnet 4.5 (Recommended — fast and powerful)
* Claude Haiku 4.5 (Recommended — fastest)
* Claude Opus 4.5, Opus 4.1, Sonnet 4, 3.7 Sonnet

Google Gemini:
* Gemini 3 Pro/Flash (Preview, latest)
* Gemini 2.5 Pro/Flash (Recommended)
* Gemini 2.0 Flash (Stable)
* Gemini 1.5 Pro/Flash (Legacy)

OpenRouter:
* Access 100+ models from multiple providers through a single API key

Dashboard

The dashboard provides an at-a-glance overview of your chatbot’s activity:

Statistics cards: total conversations, today’s messages, indexed pages, knowledge entries, monthly AI responses with usage limit
Status indicators: AI provider, site learning, conversation history
API usage statistics (past 30 days): total tokens, input/output tokens, estimated cost, daily usage chart, provider breakdown

Settings (5 Tabs)

AI Settings — Configure your AI provider, model, and API key. Enable vector search (RAG) with embedding provider. Set up MCP server with API key generation and Claude Desktop configuration example.

Chat Settings — Customize bot name, avatar (emoji or image), welcome messages (13 languages: English, Japanese, Chinese, Korean, Spanish, French, German, Portuguese, Italian, Russian, Arabic, Thai, Vietnamese), system prompt, response language, message history count, feedback buttons, and API quota error message. Advanced: context prompts for knowledge matching, Q&A format, and site learning; feature prompts for regeneration instructions, good/bad example learning, and conversation summary.

Display Settings — Choose from 6 free themes (Default, Simple, Classic, Light, Minimal, Flat). Configure badge position (4-corner grid), margins, primary/secondary colors, mobile display, Markdown rendering, typing indicator, maximum input length, page exclusion, footer text, and cross-site embed options (script or iframe).

Security Settings — Enable reCAPTCHA v3 with site key, secret key, and score threshold. Configure access control: consent strict mode, rate limiting, Cloudflare integration, reverse proxy trust, reCAPTCHA failure mode. View security diagnostics (read-only): allowed origins, trusted proxies, IP detection, API key status, WP Consent API, rate limiting, reCAPTCHA, SSL/TLS, CSRF.

Data Management — Enable/disable conversation history with configurable retention period. Import/export settings (optionally including knowledge base). Reset all settings to defaults.

Knowledge Base

Add entries as text: title, content, category, priority level
File import: .txt, .csv, .md, .pdf, .docx (server-side parsing)
Statistics: total entries, active, inactive, categories
Filter by status: all, published, draft
Sortable table: ID, title, category, type, priority, updated date
Unlimited entries

Site Learning

The plugin crawls and indexes your published content for context-aware AI responses:

Posts and Pages
Custom Post Types
WooCommerce Products
Any public content

With vector embedding enabled, hybrid search combines keyword matching (40%) and vector similarity (60%) for better retrieval accuracy.

Free vs Pro

The free version is fully functional with no artificial limits — you pay only your own AI API costs. An optional Pro add-on is available for business-oriented features.

Free — Full AI chat, unlimited responses, unlimited knowledge base, 6 themes, MCP server, Gutenberg block
Pro — Adds analytics, lead capture, scenarios, operator mode, WooCommerce, LINE, and more

What Free includes:

All 4 AI providers (OpenAI, Claude, Gemini, OpenRouter)
Unlimited AI responses and knowledge base entries
Web search, site learning with vector RAG
MCP server, Gutenberg block, cross-site embed
6 themes, feedback, regeneration, reCAPTCHA, security diagnostics

What Pro adds:

Analytics dashboard with satisfaction scores, FAQ ranking, and PDF export
Lead capture forms, CSV/JSON export, webhooks, Google Sheets
Conversation scenarios, business hours, human handoff, operator mode
WooCommerce product cards, LINE Messaging API, Slack notifications
10 additional themes, dark mode, voice input/TTS, multimodal
Response caching, encryption, audit logs, and more

Learn more at raplsworks.com

External Services

This plugin connects to the following external third-party services. No data is sent to any service until you configure an API key and enable the feature in the plugin settings. Each service requires the site administrator to create an account and obtain API credentials. By using these services, you agree to their respective terms and privacy policies listed below.

1. OpenAI (GPT models) — AI Provider

Used when you select OpenAI as your AI provider. User messages and optionally site content are sent to generate AI responses.

Service URL: https://api.openai.com/
Terms of Use: https://openai.com/terms/
Privacy Policy: https://openai.com/privacy/

2. Anthropic (Claude models) — AI Provider

Used when you select Anthropic Claude as your AI provider. User messages and optionally site content are sent to generate AI responses.

Service URL: https://api.anthropic.com/
Terms of Use: https://www.anthropic.com/terms
Privacy Policy: https://www.anthropic.com/privacy

3. Google (Gemini models) — AI Provider

Used when you select Google Gemini as your AI provider. User messages and optionally site content are sent to generate AI responses.

Service URL: https://generativelanguage.googleapis.com/
Terms of Use: https://policies.google.com/terms
Privacy Policy: https://policies.google.com/privacy

4. OpenRouter — AI Provider

Used when you select OpenRouter as your AI provider. OpenRouter is a unified API gateway that routes requests to various AI models.

Service URL: https://openrouter.ai/api/
Terms of Use: https://openrouter.ai/terms
Privacy Policy: https://openrouter.ai/privacy

5. Google reCAPTCHA v3 (Optional)

Used only if you enable reCAPTCHA in the plugin settings for spam protection. The visitor’s IP address and interaction data are sent to Google for verification.

Service URL: https://www.google.com/recaptcha/
Terms of Use: https://policies.google.com/terms
Privacy Policy: https://policies.google.com/privacy

6. LINE Messaging API (Pro Add-on, Optional)

Used only if you enable the LINE integration via the Pro add-on. Connects to the LINE Messaging API for chatbot-to-LINE messaging.

Service URL: https://api.line.me/
Terms of Use: https://terms.line.me/
Privacy Policy: https://line.me/en/terms/policy/

Cross-Site Embed

The plugin includes an optional embed loader script (embed-loader.js) for embedding the chatbot on external websites via an iframe. This script does not load any external CDN resources or third-party scripts — it creates an iframe pointing back to your own WordPress site. All data processing occurs on your server.

Data Transmitted to External Services

User messages: Chat messages entered by visitors (sent to the configured AI provider only)
Site content (if Site Learning is enabled): Excerpts from your published posts/pages (sent to the configured AI provider)
Knowledge base (if configured): Custom Q&A entries you create (sent to the configured AI provider)
IP address (reCAPTCHA only): Sent to Google for spam verification

Data Storage

Conversation history: Stored locally in your WordPress database (can be disabled)
Visitor IP: Stored as SHA-256 hash (not plain text) for rate limiting
Retention: Configurable auto-deletion period (default 90 days)

User Controls

You can disable these features in the plugin settings:
* Conversation history saving
* Site content crawling/learning
* Google reCAPTCHA verification
* Web search

Privacy

Data Collected

When conversation history is enabled, the plugin stores:
* Chat messages (user and AI responses)
* Session identifiers
* Page URLs where chats occurred
* Hashed IP addresses (SHA-256, not reversible)
* Timestamps

Data Retention

Conversation data is automatically deleted after the configured retention period (default: 90 days). Administrators can manually delete conversations at any time.

User Rights

Site administrators can:
* View all conversation history
* Delete individual or all conversations
* Export settings (does not include conversation data)
* Disable history saving entirely= Developer Information =

The plugin provides hooks and filters for customization:

Available Filters

raplsaich_system_prompt — Modify the system prompt sent to AI
raplsaich_context — Modify the context from site learning
raplsaich_ai_response — Filter the AI response before display
raplsaich_chatbot_enabled — Control chatbot visibility programmatically
raplsaich_allowed_origins — Add allowed origin hosts for same-origin check
raplsaich_chat_response_data — Filter chat response data before returning to client
raplsaich_gpt5_token_multiplier — GPT-5 reasoning token multiplier (default: 4, range: 1-8)

Example: Custom System Prompt

add_filter( 'raplsaich_system_prompt', function( $prompt, $settings ) {
    return $prompt . "\n\nAlways end responses with a friendly emoji.";
}, 10, 2 );

Example: Conditionally Hide Chatbot

add_filter( 'raplsaich_chatbot_enabled', function( $enabled ) {
    // Hide on checkout page
    if ( is_page( 'checkout' ) ) {
        return false;
    }
    return $enabled;
} );

REST API Endpoints

The plugin registers REST API endpoints under the rapls-ai-chatbot/v1 namespace:

Session authentication: Pass the session ID via the X-RAPLSAICH-Session HTTP header (recommended). When the header is present, any session_id in the request body is ignored (prevents APM/WAF body-logging leakage). Query string parameters (?session_id=...) are not accepted for GET requests to prevent session leakage in server access logs.

Free:

GET /rapls-ai-chatbot/v1/session — Get or create a chat session
POST /rapls-ai-chatbot/v1/chat — Send a message and receive AI response
GET /rapls-ai-chatbot/v1/history/{session_id} — Get conversation history
POST /rapls-ai-chatbot/v1/feedback — Rate a response (thumbs up/down)
POST /rapls-ai-chatbot/v1/regenerate — Regenerate AI response
GET /rapls-ai-chatbot/v1/message-limit — Check message limits
POST /rapls-ai-chatbot/v1/lead — Submit lead form
GET /rapls-ai-chatbot/v1/lead-config — Lead form configuration

The Pro add-on registers additional endpoints for analytics, scenarios, LINE, and more. See the Pro documentation for details.

Settings Architecture

Extension settings are stored under the extensions key in raplsaich_settings. For backward compatibility, the legacy pro_features key is read as a fallback but all new settings are written to extensions.

Database Tables

The plugin creates the following database tables:

{prefix}_aichat_conversations — Chat sessions
{prefix}_aichat_messages — Individual messages with token tracking
{prefix}_aichat_index — Site learning content index
{prefix}_aichat_knowledge — Custom knowledge base entries
{prefix}_aichat_leads — Lead capture data

Uninstallation

When uninstalled with “Delete data on uninstall” enabled, the plugin removes all database tables, options, and transients. Without this setting, data is preserved for re-installation.

Development

Release ZIPs are CI-verified for packaging correctness. Report any issues via the support forum.

Credits

Chart.js (MIT License) — Usage statistics charts

Screenshots

Dashboard — Overview of conversations, messages, and usage statistics with cost tracking
Settings — Configure AI provider, model selection, and chat behavior
Site Learning — Automatic content indexing and manual learning controls
Knowledge Base — Custom Q&A management with priority levels and PDF/DOCX upload
Conversation History — View and manage all chat conversations
Chatbot Widget — Clean, modern chat interface on your website
Analytics Dashboard (Pro) — Conversation insights, satisfaction tracking, and FAQ analysis

Blocks

This plugin provides 1 block.

AI Chatbot Embed an AI chatbot inline on your page.

Installation

Upload the rapls-ai-chatbot folder to the /wp-content/plugins/ directory
Activate the plugin via the ‘Plugins’ menu in WordPress
Go to AI Chatbot > Settings to configure your AI provider and API key
Customize the chatbot appearance and behavior as needed
The chatbot will automatically appear on your site

API Key Setup

You’ll need an API key from at least one AI provider:

OpenAI: Get your key at platform.openai.com
Anthropic Claude: Get your key at console.anthropic.com
Google Gemini: Get your key at aistudio.google.com
OpenRouter: Get your key at openrouter.ai

MCP Server Setup

Go to AI Chatbot > Settings > AI Settings
Enable MCP and click “Generate API Key”
Copy the endpoint URL and API key
Add the configuration to your AI agent (Claude Desktop, Cursor, or VS Code)

The plugin provides 7 MCP tools: get_site_info, search_content, get_knowledge, manage_knowledge, get_conversations, get_settings, search_products (Pro).

FAQ

Which AI provider should I choose?

Each provider has different strengths:
* OpenAI GPT-4o-mini — Best balance of cost and performance for most use cases
* Claude Sonnet 4.5 — Excellent for nuanced, helpful responses
* Gemini 2.5 Flash — Fast and cost-effective, good for high-volume sites
* OpenRouter — Access to 100+ models from multiple providers with a single API key

How much does it cost to use?

The plugin itself is free. You pay for AI API usage directly to your chosen provider. Typical costs:
* GPT-4o-mini: ~$0.15/1M input tokens, ~$0.60/1M output tokens
* Claude Haiku 4.5: ~$0.80/1M input tokens, ~$4.00/1M output tokens
* Gemini 2.5 Flash: ~$0.15/1M input tokens, ~$0.60/1M output tokens

Can I use multiple AI providers?

You can configure multiple API keys, but only one provider is active at a time. You can switch between providers in the settings.

How does Site Learning work?

The plugin crawls your published content and creates a searchable index. When users ask questions, relevant content is included in the AI context for accurate, site-specific responses. With vector embedding enabled, hybrid search combines keyword matching (40%) and vector similarity (60%) for better retrieval.

How does Web Search work?

When the knowledge base and site content don’t have a sufficient answer, the AI automatically searches the web using each provider’s built-in capability (OpenAI web_search_preview, Claude web_search, Gemini google_search). Web sources are shown with a globe icon.

What is the MCP Server?

MCP (Model Context Protocol) allows external AI agents like Claude Desktop, Cursor, and VS Code to interact with your chatbot’s data. The plugin provides 7 built-in tools for searching content, managing knowledge, and viewing conversations. Tools are also registered as WordPress Abilities for auto-discovery.

Can I embed the chatbot on external sites?

Yes. The plugin provides a cross-site embed page (?raplsaich_embed=1) and a loader script (assets/js/embed-loader.js) for easy integration on any external website via iframe.

Can I use the Gutenberg block?

Yes. Search for “AI Chatbot” in the block editor to insert the chatbot block. Configure height, theme, and bot-id settings. Server-side rendering (SSR) is supported.

Can I customize the chatbot appearance?

Yes. You can customize:
* Bot name and avatar (emoji or image)
* Primary and secondary colors
* Theme (6 built-in themes)
* Welcome message (13 languages)
* Badge position, margins, and icon
* Mobile visibility
* Excluded pages
* Typing indicator and Markdown rendering

Is conversation history saved?

Yes, by default. You can disable this in Settings > Data Management. Saved conversations are auto-deleted after the configured retention period (default: 90 days).

Does it work with page builders?

Yes, the chatbot widget works with any theme and page builder including Elementor, Divi, Beaver Builder, and Gutenberg.

Can I use custom system prompts?

Yes. Configure your own system prompt to define the AI’s personality, behavior, and response style. The raplsaich_system_prompt filter is also available for programmatic customization. Advanced feature prompts (regeneration, feedback learning, summary) are also customizable.

What happens if I exceed my API quota?

The plugin displays a customizable error message when your AI provider’s quota limits are reached. There is no artificial response limit in the plugin itself.

What is the Pro add-on?

The Pro add-on is a separate plugin that adds business-oriented features such as analytics, lead capture, conversation scenarios, operator mode, WooCommerce integration, and LINE integration. The free version is fully functional on its own with no artificial limits.

What happens to my data when I uninstall?

By default, the plugin keeps your settings and conversation data so you can re-install without losing anything. To delete all data on uninstall, enable “Delete data on uninstall” in Settings > Data Management. Temporary cache and diagnostic counters are always removed regardless of this setting. On multisite, each site has its own setting.

How can I adjust multisite uninstall performance?

On large multisite networks, uninstall batch size is adjustable via filters. Add to your functions.php or an MU-plugin:

add_filter( 'raplsaich_uninstall_batch_size', function() { return 50; } );

add_filter( 'raplsaich_uninstall_snapshot_threshold', function() { return 1000; } );

Guide: low-memory/slow-DB batch size 20-50, standard 100, fast/large-scale 200-500.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Rapls AI Chatbot” is open source software. The following people have contributed to this plugin.

rapls

Translate “Rapls AI Chatbot” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.5.6

Fixed: Response Language setting now works when set to “Site language” — was silently ignored
Fixed: AI responses in wrong language when RAG context is in a different language (triple enforcement)
Fixed: Chatbot placeholder language now respects site locale over browser language
Fixed: Response cache now includes language in hash key to prevent stale translations
Fixed: Reset confirm dialog newlines not rendering in prompt()
Improved: Response language instruction placed at beginning, end of system prompt, and in user message

1.5.5

Improved: Complete Free/Pro code separation — all Pro UI code moved to separate Pro plugin
Improved: Frontend chatbot.js reduced by 50% (4,300 2,175 lines) for faster page loads
Improved: Consolidated admin menu into single “Pro Features” overview page
Improved: Hook-based extension architecture for Pro features
Security: Removed arbitrary custom CSS injection — use WordPress Customizer instead
Security: All CSS variable values escaped with esc_attr(), position margins with absint()
Security: Block render output sanitized with wp_kses() and widget-aware allow-list
Security: Added rel="noopener noreferrer" to all external links
Security: Inline JS/CSS now uses wp_add_inline_script() and wp_add_inline_style() instead of raw output
Fixed: Lead form display and submission when Pro is active
Changed: Settings key renamed from pro_features to extensions with automatic migration
Changed: Unique prefix raplsaich_ applied to all functions, options, hooks, and REST namespace
Updated: External Services section with per-service documentation and embed-loader.js clarification
Updated: Chart.js to v4.5.1, html2canvas bundled locally

1.5.2

Fixed: WordPress Plugin Check compliance (WP_Filesystem annotations, prepared SQL annotations)
Removed: Artificial free-tier limits — all core features are fully available
Removed: Default “Powered by” footer from chatbot widget
Updated: Neutral error messages replacing promotional upsell text

1.5.0

Added: Gutenberg block — Insert AI Chatbot block in the block editor with height, theme, and bot-id settings; SSR (server-side rendering) support; i18n (JA/EN translation JSON)
Added: WordPress Abilities API Bridge — Register all 7 MCP tools as WordPress Abilities for auto-discovery by MCP Adapters (Claude Desktop, Cursor, VS Code)
Added: Response language auto-detect — Automatically detect browser language for welcome message and AI responses; choose from “Site language”, “Auto-detect”, or manual
Added: OpenRouter provider support (100+ models via single API key)
Added: Pro add-on compatibility layer for extended features
Fixed: MCP tool registration timing for reliable integration
Fixed: Abilities API category registration and naming compliance
Updated: Japanese translation — all strings translated including Abilities API, Gutenberg block, and response language settings
Updated: WordPress Plugin Check compliance fixes

1.4.0

Added: Web search integration — AI automatically searches the web when knowledge base lacks a sufficient answer (OpenAI web_search_preview, Claude web_search, Gemini google_search grounding)
Added: Web search toggle in AI Settings tab with per-provider cost notice
Added: Web source citations displayed with globe icon, separate from knowledge base sources
Added: Cross-site embed page — embed chatbot on external sites via iframe (?raplsaich_embed=1 endpoint)
Added: Embed loader script (assets/js/embed-loader.js) for easy cross-site integration
Added: PDF and DOCX file upload support in knowledge base (server-side parsing)
Added: Vector embedding RAG with hybrid search (keyword 40% + vector 60%)
Updated: AI model lists — OpenAI GPT-5.2/5.1/5/4.1 series, Claude Opus 4.6/Sonnet 4.5/Haiku 4.5, Gemini 3/2.5 series
Updated: Japanese translation

1.3.2

Security: Session ID now transmitted via X-RAPLSAICH-Session header instead of query strings (prevents access log leakage)
Security: GET requests no longer accept ?session_id= query parameter
Security: POST requests ignore body session_id when header is present (prevents APM/WAF body-logging leakage)
Security: Removed client-side raplsaich_user_id remnant from JavaScript
Security: Context key derivation simplified to session-only HMAC (removed IP binding for stability)
Security: DOM-based URL linking and offline form rendering (XSS hardening)
Security: Dompdf post-init safety assertion (isPhpEnabled / isRemoteEnabled check)
Added: Rate-limited error logging (raplsaich_rate_limited_log()) with filterable interval via raplsaich_rate_limited_log_interval
Added: Server-side offline message dedup (30-second window, session-preferred key)
Added: Client-side offline form dedup via sessionStorage
Improved: Offline message endpoint allows unauthenticated submissions (allow_no_headers)
Improved: Rate limit fallback keys hashed to prevent wp_options bloat
Improved: Standardized REST error responses with error_code field
Improved: Dompdf errors return JSON response instead of wp_die() for better admin UX
Improved: REST API session authentication documented in readme

1.3.1

Added: Pro add-on compatibility for enhanced rate limiting and PDF export
Improved: Rate limit error messages are now customizable
Improved: Diagnostic options renamed to raplsaich_diag_* namespace
Improved: Frontend debug minimum capability is now filterable via raplsaich_frontend_debug_min_cap

1.3.0

Added: Pro add-on compatibility for response caching, audit logs, conversion tracking, offline messages, and answer templates
Improved: Knowledge base supports ‘qa’ and ‘template’ entry types
Improved: Database schema updates for caching and conversion tracking

1.2.23

Added: Sortable column headers in admin tables — Dashboard model stats, Conversations, Knowledge, and Crawler pages now support click-to-sort with ascending/descending toggle
Added: Knowledge base draft status — entries can be “published” or “draft”, with filter tabs and draft count badge
Added: Enhanced content extraction (Pro) — DOMDocument-based HTML parsing preserves document structure as Markdown-style text for better AI context
Added: Session reset feature — administrators can invalidate all existing chat sessions at once
Improved: Session cookie set as httpOnly with SameSite=Lax for better security
Improved: Knowledge base model supports status filtering and sorting with SQL whitelist validation
Improved: Content index model supports orderby/order parameters for sorted admin views
Updated: Japanese translation

1.2.22

Improved: Default system prompt now enforces accuracy, honesty, and no-fabrication rules for better AI response quality
Improved: Site learning context prompt explicitly instructs AI not to guess or fabricate when information is missing
Added: raplsaich_system_prompt filter — developers can now modify the system prompt programmatically
Added: Customizable feature prompts — regenerate instruction, feedback learning headers, and summary prompt are now editable in Settings
Added: Advanced prompt sections gated behind checkboxes (disabled by default) for safe editing
Added: Placeholder documentation for regeneration prompt ({variation_number}, {forbidden_start}, {style})
Updated: Debugging guide with new prompt customization section

1.2.21

Added: Knowledge base export support (CSV/JSON) — available with Pro add-on
Added: Budget limit check integration in REST API (blocks AI calls when Pro budget limit exceeded)
Added: Budget alert hook after AI responses (triggers Pro email notifications)
Added: Pro features stub methods for budget management (check_budget_limit, get_budget_block_message, maybe_send_budget_alert)
Improved: Default settings include budget and monthly report configuration keys
Added: Detailed debugging guide documentation (docs/debugging-guide.md)

1.2.20

Added: Knowledge page prefill support (prefill_question parameter for quick FAQ creation from analytics)

1.2.19

Security: API key encryption now covers Google Gemini keys (AIza…) in addition to OpenAI and Claude
Security: Added OpenSSL availability check with graceful fallback for encryption/decryption
Security: Conversation history endpoint (/history) now verifies session ownership via cookie and IP
Security: Chart.js bundled locally instead of loading from external CDN (WordPress.org compliance)
Added: Session cookie (raplsaich_session_id) set on session creation for reliable history access across IP changes

1.2.18

Security: Sanitized API error messages to prevent information leakage
Security: Proxy-aware client IP detection for rate limiting (Cloudflare, X-Forwarded-For)
Security: Consistent SHA-256 hashing for IP-based rate limiting
Fixed: User message duplication in AI context (improved response accuracy)
Fixed: Uninstall now removes all tables including leads and user_context
Fixed: Transient cleanup uses prepared statements
Improved: Database schema checks cached per request (performance)
Improved: Consolidated database upgrade logic in Activator class
Improved: Pro-only REST routes only registered when Pro is active
Added detailed Japanese descriptions for all AI models
Translation improvements

1.2.5

Security improvements and code quality enhancements
WordPress Plugin Check compliance updates
Updated AI model pricing information
Bug fixes and performance improvements

1.0.0

Initial release
Multiple AI provider support (OpenAI, Claude, Gemini)
Site learning with automatic content crawling
Custom knowledge base with Q&A format support
Priority levels for knowledge entries
Conversation history with search
Usage statistics with cost estimation
Daily token usage charts
Model-by-model cost breakdown
Customizable chatbot appearance
Rate limiting support
Quota error handling with custom messages
Settings import/export/reset
Japanese translation included
Mobile-responsive chat widget
Page exclusion settings