Will one white listed IP be excluded from all security features in Shield?

Yes. For white listed IP addresses, it’s as if the whole plugin is switched off. There are no restrictions for the user related with that IP whatsoever.

Here are just a few examples:

  • Security Admin
    • User will not need to provide security admin access key
  • Login Guard
    • User will be excluded from multi-factor authentication
    • GASP and Google reCAPTCHA will not display within login screen
    • User will not get 404 error when wp-login.php is renamed (hidden)
  • User Management
    • Whilst that user (admin) is logged in, they will not get notification email that "admin just has logged in.."

What does IP white listing do in login protection?

Any visitor whose IP address is in the list of address specified in the white listing area for the login protection will by-pass all login protection scanning.

So, there will be no check for that the user is two-factor authenticated for example.  They wont be subject to anything on this section on the firewall plugin.

Note: If you want to manage whitelisted and blacklisted IP addresses, you can use the IP Management and Analysis tool.