I've just upgraded to Pro. What should I do next?
In this walk-through guide, we are going to explain what the next steps you should take upon upgrading to Pro.
The first step to take is activation of the Pro features on your site. To do this, you wont need your license key. Activation is keyless
You simply log into the site associated to that license, and then:
- Open the ShieldPRO section
- Be sure to have first activated your site URL (the URL of the site you want to license inside your Shield Security Pro account).
Hit the "Check License" button and all the Pro features will be automatically licensed on the site within 30 seconds.
Important: If you have any trouble with keyless activation, just click a little "Debug" link beneath the "Check License" button and send us an error you see.
To learn more about Keyless Activation, read the release article here.
Then, you can review the all Pro features and enable the ones you want.
Each Shield Security Zone or section contains Pro features you may want to use. This is the complete list of the Pro features, what they are used for and how to enable them.
Please note that enabling/using of any of the ShieldPRO features listed below depends on your personal requirements.
SHIELD SECURITY ZONE / SECTION |
PRO FEATURE |
DESCRIPTION / INFO LINK |
|---|---|---|
| Shield Security extension for MainWP | Easily integrate Shield Security to help you manage your site security from within MainWP. You don't need to install a separate extension for MainWP. |
|
| SPAM detection for contact forms | Use Shield's built-in SPAM detection system to identify contact form SPAM. Choose the form providers that should be checked for antibot and/ or human SPAM. |
|
| Integrations | AntiBot - Custom User Forms | Automatically detect Bot requests to custom user forms. Select your 3rd party providers to have ShieldPRO automatically detect Bot requests to these forms. |
| General Settings | ShieldNET | ShieldNET is the all-encompassing term that covers the technology and features that we use to gather security and threat information from across our entire WordPress ecosystem. By collecting information from all active Shield Security plugins, we can offer this information back as threat intelligence to all sites running Shield. |
| General Settings | Allow WP-CLI | With WP-CLI you can perform many common actions of the ShieldPRO plugin just as you would with the point-and-click UI. |
| General Settings | Import/Export | Automatically import options and deploy configurations across your entire security network. You can easily setup the Shield Security plugin on 1 site and have all options replicated to your other sites automatically. You can also exclude options you don't want to be imported. |
| General Settings | Beta Access | Enable this option to allow shield to upgrade to beta and pre-release versions. Please only enable this on non-critical sites, and if you're comfortable with bugs arising. |
| Security Admin | Persistent Security Admins | Specify usernames for Security Admin role. Admin users provided will be security admins automatically, without needing the security PIN. |
| Security Admin | Run In MU Mode | Setup the ShieldPRO plugin to run as an MU-plugin to prevent accidental deactivation. |
| Security Admin | White Label | Rename and re-brand the ShieldPRO plugin for your client site installations and own your own brand. |
| Bots & IPs Zone | User Auto Unblock | Allow visitors blocked by the plugin to automatically unblock themselves with
|
| Bots & IPs Zone | Request Path Whitelist | List of request paths that will never trigger an offense. |
| Bots & IPs Zone | CrowdSec Integration | Configure how Shield should block requests from IP addresses found on CrowdSec's list of malicious IP addresses. |
| Bots & IPs Zone | Bot Behaviors | Detect and capture illegitimate bots. Configure these options: invalid usernames, fake web crawler, 404 detect, link cheese, invalid script load, empty user agents. |
| Scans & Integrity Zone | File Scan Areas | Select which areas of your WordPress site you want to be scanned. |
| Scans & Integrity Zone | Automatic File Repair | Automatically repair files that have been changed, or infected with malware. |
| Scans & Integrity Zone | File Locker | Detect changes to the some of the most important WordPress files as they happen (in realtime). Then, examine contents and revert as required. |
| Scans & Integrity Zone | Scan Exclusions | List of file/folder paths that will never be scanned. |
| Scans & Integrity Zone | Vulnerability Scanner | Scan of all your plugins against a database of known WordPress vulnerabilities. You can also automatically apply updates to plugins with known vulnerabilities. |
| Scans & Integrity Zone | Daily Scan Frequency | Improve security, increase the schedule of the automated scanners so they run more than once per day. |
| Scans & Integrity Zone | Show Re-Install Links | Add a new link your plugins allowing you to easily re-install a plugin. It also adds a message to the "Activate" link letting you re-install the plugin right before activation. |
| Login Protection Zone | Multi-Factor By-Pass (Remember Me) | Enter the number of days a user can by-pass future MFA after a successful MFA-login. 0 to disable. |
| Login Protection Zone | Allow Backup Codes | Allow users to generate a backup code that can be used to login if MFA factors are unavailable. |
| Login Protection Zone | Enable Auto-Login Links | Provide auto-login links for simple Email 2FA. |
| Login Protection Zone | Allow Any User | Allow any user to turn-on Two-Factor Authentication by email. |
| Allow Passkeys | Allow users to register Passkeys & FIDO2-compatible devices to complete their WordPress login. |
|
| User Management | Password Policies | Have full control over passwords used by users on the site (including Security Admin). |
| User Management | User Registration | Test new user registration email address. Also choose how you want Shield to respond when someone tries to register on your site with an invalid email address. |
| User Management | User Suspension | Allow admins to manually and automatically suspend any user account to prevent future login. |
| User Management | User and Admin Login Notification Email | Be aware of when a WordPress admin has logged into your site when you are not expecting it. You can add multiple email addresses for this notification. Also, you can have Shield to send notification to each user when a successful login occurs for their account. |
| Activity Log | Log Retention | Automatically purge Activity Logs older than the set number of days. |
| Traffic - Request Logging | Live Traffic | Provide real-time visibility into all incoming traffic to your WordPress site by temporarily logging all requests, without any exclusions. Monitor your site activity, debug issues, or gain insights into user behavior. You can also download traffic logs if you need to. |
| Traffic - Request Logging | Custom Exclusions | Manually customize exclusions to skip the logging of web requests you know to be legitimate. |
| Traffic - Request Logging | Log Retention | Enter the maximum number of days you want and the Database cleanup will delete traffic logs older than that number of days. |
| Traffic - Request Logging | Traffic Rate Limiting | Restrict the number of requests a single visitor can make against your site, within a certain period of time. |
| Comments SPAM | Trusted User Roles | Specify user roles that shouldn't be scanned for comments SPAM. |
| Scans & Integrity Zone | Update Delay | Protect your WordPress site against auto-update disasters. |
| HTTP Headers | Manual CSP Rules | Add manual CSP rules which are not covered by the rules listed under the CSP Headers section. |
| SureSend Email | SureSend is a dedicated email delivery service from Shield Security. It ensures that you get 2FA email with a verification code so you can complete your login. |
|
| Login Protection Zone | Yubikey multiple keys | You can add as many Yubikey devices to your account as you’d like. |
| Reports section | Custom reports | Create custom reports if you need to. |
| Custom Security Rules Builder | Security Rules Builder | Create, view or edit your own custom security rules. |
| Bots & IP Rules section | Download IP Rules | You can download IP rules as CSV, if you need to. |
| Traffic - HTTP Request Log section | Download Traffic Logs | Download your traffic logs if you need to. |
| Other | Shield’s 2FA/MFA UI | Add exactly the same user interface as seen in the WordPress admin area, to the frontend with the use of a simple shortcode. |
| Other | Customise 2FA Email Content | You can change the content shown to users through the use of custom templates. At the moment, you can customise Two-Factor Authentication Code email. |
ShieldBACKUPS Add-On
ShieldBACKUPS is a WordPress site backup solution that provides critical disaster recovery for all sites running Shield Security PRO (Plus plan).
Need Help?
ShieldPRO support has worked very hard putting together comprehensive guides to troubleshooting. We’ve identified the most common customer questions, and have outlined solutions in many articles in our Help Center here.
If you can't find the answer to your question in the Help Center, get in touch any time so we can help. For the best place to start with your support ticket submission, please follow this link here.
Interested in Affiliate Rewards For Shield Security PRO?
All you need to do is complete the registration form, and soon your sites will be setup for automatic referral links using the plugin badge.
We go into all the details here. Also, unlike other referral schemes that only give you once-off rewards, our referrals are for life.