ShieldPRO 11.1 Upgrade Guide

ShieldPRO for WordPress v11.1 is a release designed to improve overall navigation and ease-of-use.

It introduces a new UI navigation menu, stats, improved Security Admin and much more.

You can get more information about this in the release blog post here.

This guide outlines what have been added/removed, changed, or improved and what fixes we've made.

Firstly, we're going to explain what major changes are made and which options you'd need to review.

Change 1: New UI design - all-new Shield plugin navigation added

Firstly, central Security Dashboard page is completely removed:

Now, the first page you'll see when you open Shield is Security Overview - danger and warning status:

he main change in this release is adding a new navigation system. Every single aspect of the Shield Security plugin is accessible from the new sidebar navigation.

We also added a search box into this navigation menu. It helps you to easily locate any plugin option setting. Just type the keyword into this box and you'll be directed to that particular option setting page:


This is the brief explanation of the navigation menu items:

  • Search box - for searching plugin option
  • Overview - review your entire Shield Security configuration at a glance to see what's working and what's not.
  • Reports - reports and charts you can use to see how Shield is performing over time and in which areas your site has been most impacted. Also, you can see here Shield's summary stats - some important counters/stats are displayed that shows how many major events Shield has handled.
  • Settings - list of the all plugin modules, plugin settings.
  • Scans - use to run scans, see scan results and automatic scan settings.
  • IPs and Bots - use to manage IPs, change IPs blocking settings, antibot settings, and download IPs file.
  • Audit Trail - use to review your audit trail logs, change audit trail settings, download logs file, and find audit trail glossary.
  • Traffic - use to review your traffic logs, set traffic rate limiting, and download traffic logs file
  • Users - use to view user sessions, set Security Admin, manage user session settings, set password policies, and user suspension.
  • Integrations - these are built-in Shield integrations, such as MainWP (accessible under "Settings"), list of forms for antibot SPAM detection.
  • ShieldPRO - use to manage your ShieldPRO license for that site.
  • Tools - use to run import/export options, set white label, manage admin notes, and launch the debug info page.
  • View Docs - review an important information about Shield releases and changes.

Change 2: New section added: Shield Security stats 

A new Quick Stats screen is available to see the activity of Shield over time. The implementation is currently basic, but it forms the foundation of future development and offers users the option to offer suggestions. 


Change 3: Automatic user unblock now uses AntiBot Detection Engine (ADE)

Till now, users had to check the GASP checkbox to unblock themselves:

Now, inline with our move towards exclusively using our newer AntiBot Detection Engine (ADE), we’ve updated the User Auto Unblock feature to use the ADE to ensure that bots can’t automatically unblock themselves.

GASP will be hidden:

Change 4: Security Admin Timeout 

ill now, when the Security Admin session has timed-out, the dialog box was showing the options to either click "OK" or "Cancel" to reload.

Now, it just shows "Click OK to reload and re-authenticate.".


Improvements

We've made the following improvements: 

  • 11.1 release
    • Improved Security Admin implementation
      We decided to rewrite much of the code and ensure that it’s uptodate and as efficient as it needs to be. The code rewrite has squashed a few niggling bugs and improved the accuracy and efficiency of the feature.
    • Beaver Builder, and WPML plugins added into the Unrecognised File scan exclusion list:

    • File Locker will better handle the scenario where a site is moved/migrated.
      File Locker for wp-config.php files will also better detect when this file is placed 1 directory higher than the site.White Label settings that are empty aren't applied and defaults remain.

Fixes

We've made the following fixes: 

  • 11.1 release
    • Report emails that outlined Stats didn’t properly count all events so you should start to see higher stats in reporting emails.
    • Audit Trail didn't capture all upgrades when upgrading plugins/themes in-bulk.
      The Audit Trial would only capture 1 upgrade when a bulk upgrade was performed.
    • The Unrecognised File Scanner had a few bugs with parsing regular expressions
    • Exclusions for unrecognised file scanner weren't stored correctly in the case of regular expressions.
  • 11.1.1 release
    • In some rare scenarios, user sessions wouldn't be properly created and user automatically logged-out.
    • WP Config FileLocker bug not correctly maintaining its state and resulting in locks not being created.
    • The .htaccess file in the root of the Shield plugin directory is only created if its supported.
    • Whitelabel settings were misleading and didn't properly update the dashboard log.
    • SPAM detection for Ninja Forms would report as SPAM when not SPAM.
    • wpForo integration produced a PHP Warning in certain circumstances.

For more information on Shield 11.1 release, read the blog article here.