ShieldPRO 12.0 Upgrade Guide
Important: We changed minimum required MySQL version for Shield v12.0+. Shield processed IPv4 and IPv6 addresses and stores them in the MySQL database. With this upgrade, the minimum required MySQL database engine is moving to 5.6. You may find more details about this here.
Firstly, we're going to explain what major changes are made and which options you'd need to review.
Change 1: All-New WordPress Security Audit Log
A full detailed log of each and every event that happens on a WordPress site is critical to knowing what threats the website is facing and if, and how, they’re being handled.
As this is a complete rewrite of the security audit log system for Shield, there have been a number of changes that you may want to be aware of and here are just a few of them:
- Security Log Severity Levels
Every single event in the Shield system has a log “level” or “severity”. By default, Shield will switch on Alert, Warning & Notice events. If you’re seeing any issues and you’d like more information about what’s happening on a site, you can enable extra levels as you require.
What logging levels your audit trail is going to log depends on your settings under the Audit Trail module => Configure.
Note: ShieldFREE has access to only DB-based Logging.
If you would like access to filesystem-based logging or any of the future developments in this area, you will need to upgrade to ShieldPRO.
There are x2 types of log destination settings available:
- Log to database
- Log to file
You can log events to the file system, and you can select which log levels are sent to that location (separately from the DB log levels).
Important: Only events with the levels selected in the setting explained above will be logged.
Under the main menu => View Docs => Event Details you can view all event details and their assigned levels:
- Improved Security Log Display
We’ve moved log tables display to our preferred table UI system ( datatables.js) and provided complete search and filtering options so you can drill down into the events on your sites with ease. You’ll be able to filter by IP addresses, log severity, event names, and more.
- More Logs For ShieldFREE
This means the options for limiting the quantity of DB-stored logs has been completely removed (option Max Trail Length)...
... and replaced with a time-based limit option (above).
For further details on the audit trail changes, please read the release blog post here.
Change 2: Tighter Integration With Traffic Data
Traffic logs are no longer limited by amount. They are instead limited by age (in days). Updated configuration options are available.
This means that option for limiting the quantity of DB-stored traffic logs has been completely removed (option Max Log Length):
Only a time-based limit option is available:
Change 3: NotBot JS is always loaded by default
Since many customers are using caching and optimisation plugins that interfere with NotBot JS, it is now loaded for all visitors by default.
An option within the plugin has been provided to revert to the normal optimised loading of the NotBot JS.
Read more about this option here.
Change 4: U2F 2-Factor Authentication bypasses MFA
U2F is a strong 2FA mechanism and so it doesn't really need to be used in conjunction with other factors. When the Chained/MFA option is enabled, when U2F is supplied, this can be done alone without the need for other factors.
We've made the following improvements:
- 12.0 release
- Audit Trail Logs Description
Logged events now have more descriptive messages along with more meta details for the event.
- Audit Trail Meta Data
By linking the Audit Trail to the Traffic Log, you can now see request data alongside Audit Logs.
- Plugin Data Storage
We're adding some smarter data storage to the plugin through more complex and interconnected database tables. This approach reduces repeated and redundant data storage and disk usage.
Scanning Improvements and Fixes
Based on customer feedback we've made some adjustments and fixes to the scans and results processing.
- Audit Trail Logs Description
We removed the following options:
- Audit Trail - Max Trail Length
- Traffic Watch - Max Log Length and download .csv file
We've made the following fixes
- 12.0.4 release
- Prevent PHP exception being thrown in certain cases.
- 12.0.8 release
- Ensure Shield runs only on supported MySQL servers.
- 12.0.9 release
Error when processing certain types of query strings in the firewall.
Yubikey 2FA verification was failing with a nonce less than 16 characters.
- 12.0.11 release
- A few minor fixes, along with slight optimisation of NotBot JS.
- Issue with managing Shield Central profiles.
- 12.0.13 release
- Improve support for auto-login systems like ManageWP admin login.
For more information about this release, read the blog article here.