Introducing Shield – The professional WordPress security solution
Shield’s goal is also to help you become free from repetitive and complicated security work, allowing you to re-focus and re-dedicate yourself to the work you love to do.
For more information about Shield Security, visit our website here.
Here are the most important things you should know about Shield Security plugin:
Shield plugin compatibility
Using multiple WordPress security plugins may have unpredictable results. To find out how Shield works when combined with Wordfence, Sucuri, JetPack, read the articles here.
Shield installation instructions
This plugin should install as any other WordPress.org repository plugin.
- Browse to Plugins > Add Plugin
- Search: Shield Security
- Click "Install"
- Click to Activate
A new menu item will appear on the left-hand side called ‘Shield Security".
If you want to install Shield from a .zip file, you can download it from here:
https://wordpress.org/plugins/wp-simple-firewall/
ShieldPRO license activation
Before you activate ShieldPRO license on your site, install free version explained above ("Shield installation instructions").
Then, please follow this guide here.
Integrations
Shield automatically integrates with 3rd party plugins, such as MainWP.
It can also automatically protect 3rd party contact, login and registration forms against Bots. It uses our exclusive AntiBot Detection Engine to reliably identify bots.
How to enable/disable Shield Security plugin
Once installed, Shield (with all its modules) is enabled by default. If you want to disable the plugin entirely, you can do that through General Settings (sidebar navigation menu > Config > General > Disable Shield).
Note: This plugin contains various different sections/modules of protection for your site and you should choose which you need based on your own requirements. Why this? It’s simple: performance and optimization – there is no reason to automatically turn on features for people that don’t need it as each site and set of requirements is different.
This guide here may be helpful for you to get started.
The Shield Security's sections/modules and their purpose
Shield Security is composed of various different modules / sections and each one of them has a certain purpose.
- Shield General Settings section - General plugin settings that apply across the entire plugin operation.
- Security Admin module - Restricts access to the plugin preventing unauthorized changes to your security settings.
- Block Bad IPs/Visitors module - Detect malicious bots and visitors, and block them from accessing the site.
- Hack Guard module - Automatically detect & repair vulnerable and suspicious files, plugins and themes.
- Login Guard module - Add protections to your WordPress login forms and protect user accounts with 2-Factor Authentication.
- User Management module - Control user sessions, duration, timeouts and account sharing.
- Activity Log module - Track all site activity: who, what, when and where.
- Traffic Log module - Track and monitor all HTTP requests to the site.
- Comments SPAM module - Block comment SPAM while retaining your privacy.
- Firewall module - Automatically block malicious HTTP requests and data sent to your site.
- WP Lockdown module - Lockdown access to some built-in features of a WordPress site.
- Third Party Integrations - Shield automatically integrates with 3rd party plugins including MainWP. Protects your user and contact forms form automatic bots.
- Automatic Updates module - Take back full control of WordPress automatic updates.
- HTTP Headers module - Control HTTP Security Headers.
- Security Dashboard section - Your entire WordPress site security at a glance.
- Reports section - View and create new security reports.
- IP Rules section - View and manage IP rules that block malicious visitors and bots.
- Scans section - View and manage all scan results.
- Activity section - Track and monitor activity on your site by users, visitors and bots.
- Site Traffic section - View and explore details of HTTP requests made to your site.
- Custom Rules Builder section - View, edit and remove custom security rules.
- Tools section - security tools, such as Import/Export, Site Lockdown, White Label, Guided Setup Wizard etc..
- ShieldPRO section - ShieldPRO license management.
Security Admin PIN
Security Admin module is a critical component to the WordPress Shield Security plugin. When this module is turned on, you limit access to whole Shield plugin. Only administrators that know the authentication key will have access.
If you leave Security Admin PIN field empty, no changes will be made to the key, but if you put anything in this option, it will be saved as the authentication PIN and will be used for future Super Admin session.
Note: The Super Admin protection feature can’t be enabled with an empty authentication PIN. If the authentication PIN is empty the option will be switched off automatically.
If you forget your Security Admin PIN, you could potentially lock yourself out from using this plugin. If that happens, please follow this help article.
For more information on the Security Admin PIN, read the blog article here.
How to use AntiBot Detection Engine (ADE) to detect Bots
AntiBot Detection Engine (ADE) is ShieldPRO's exclusive bot-detection technology that removes the needs for CAPTCHA and other challenges.
It distinguishes bad bots from all your other “good” traffic (humans + good bots)
To learn more about ADE, read the article here.
How to monitor your site activities
If you want to monitor your site activities (or if you are blocked and you want to find out why) the Activity Log module is the best solution for you. This module will let you see exactly what has been happening on your site so you can easily look back on events and analyse what happened and what may have gone wrong.
To review your site activities, simply use the Activity Logger.
How to monitor your site traffic
If you want to monitor and review all requests to your site, you can use Traffic Watch module.
Find out how to use Traffic Watch Viewer here.
How to analyse and manage whitelisted and blacklisted IP addresses
To do this, you can use IP Management and Analysis tool.
Find out how to use this tool here.
What is the Shield Security plugin badge?
This is a completely 100% optional plugin option and it does not come enabled on your site by default. It is a means of promoting the Shield Security plugin to visitors who may not be using a WordPress security plugin.
You can simply enable this option and it will place a small badge on the bottom-left of your website. This badge contains the logo of the plugin along with a link to further information.
For more information on the Shield Security plugin badge, read the blog article here.
What is the Shield Welcome Wizard?
Welcome Wizard is added in the Shield with the purpose to help you to perform certain actions easier.
You can find more information on this here.
Shield Security Overview
Shield Security Overview is designed to provide a high-level summary of your WordPress site security and Shield activity.
It provides a real-time, in-depth analysis of your WordPress site to proactively identify threats to security and stability.
White Label
White Label system provides you the ability to rename and re-brand the Shield plugin for your client site installations. With this system, you can own your own brand.
It's easy to use and it meets the needs of the small and larger organization.
Learn more about White Label here.
What is the ShieldPRO?
ShieldPRO takes an already established WordPress Shield Security plugin to the level required by businesses and professionals to get the job done better and faster. It optimises your workflow making it easier to implement security across all the sites that you manage.
To find out what the extra features for ShieldPRO are, read the article here.
Note: If you'd like to read more about ShieldPRO and how to purchase, please follow this link here.
Bottom Line
Shield is our answer to WordPress security management. We built it to solve a few key issues we found with WordPress security and existing WordPress security plugins, namely:
- Ease of use (or lack thereof)
- WordPress and web hosting compatibility (or lack thereof)
- Effectiveness combined with simplicity (or lack thereof)
In this article, we have covered the most important things you should know about Shield Security plugin. But, we also recommend you to:
- visit us at WordPress.org
- visit our Blog
- check our Helpdesk Solution Center
- join our Shield Security Facebook group
In case you want to know what other users say about Shield, please follow this link.
Or, if you are a ShieldPRO customer and you need help, please see here how to contact us.