Will one white listed IP be excluded from all security features in Shield?

Yes. For white listed IP addresses, it’s as if the whole plugin is switched off. There are no restrictions for the user related with that IP whatsoever.

Here are just a few examples:

  • Security Admin
    • User will not need to provide security admin access PIN
  • Login Guard
    • User will be excluded from 2FA/MFA authentication
    • User will not get 404 error when wp-login.php is renamed (hidden)
  • User Management
    • Whilst that user (admin) is logged in, they will not get notification email that "admin just has logged in.."

What does IP white listing do in login protection?

Any visitor whose IP address is in the list of address specified in the white listing area for the login protection will by-pass all login protection scanning.

So, there will be no check for that the user is two-factor authenticated for example.  They wont be subject to anything on this section on the Shield Security plugin.

Note: If you want to manage whitelisted and blacklisted IP addresses, you can use the IP Management and Analysis tool.