What Are The Instant Alerts Options And How Do They Work?

Instant Alerts options are used for receiving instant alert email reports to critical security events that occur on your WordPress site.

They can be accessed from within the main Config menu > General > Instant Alerts:

You can be alerted by email

  • Shield Deactivated. When the Shield plugin is deactivated.
  • Admin Accounts. To any important change on any admin account.
  • Vulnerabilities. To discovery of any vulnerable plugin/theme.
  • FileLocker Changes. To any changes to FileLocker items.

Like any other emails, these alerts will be sent to the site admin email address or the one you configured in the Report Email setting.

If you don't want to use any of these options, just select "Disable" from the drop down menu for that option.

How the Shield Deactivated option works

You’ll receive an alert as soon as the Shield plugin is deactivated.

How the Admin Accounts option works

This alert is critical to your site integrity. If anything important changes about any administrator account on the site, you’ll be instantly alerted to it. Changes that are monitored are:

  • Admin account added
  • Admin account deleted
  • Admin account demoted (e.g. demoted to Author role)
  • Non-Admin account promoted to Admin
  • Admin password changed
  • Admin email address changed

If your site has been compromised, or is subject to an SQL vulnerability (for example), hackers may be able to directly modify the WordPress database and bypass the dashboard. In this way they could silently create new WordPress admins on your site without you ever realising.

Example: A new admin user created

Example: Admin user deleted

How the Vulnerabilities option works

Let's say the Shield's Vulnerability Scanner detected vulnerable plugin on your site.

At the moment it was detected, you'll receive email alerting you about the name of the vulnerable plugin, the vulnerable version and vulnerabilities info link.

Example

You can take an action to either upgrade the plugin or remove it from your site

Important: If you've set Shield to automatically upgrade vulnerable plugins, it may have been upgraded by the time you view the email.

How the FileLocker Changes option works

Much like the vulnerabilities option above, you’d normally be alerted to FileLocker changes through the standard Shield Reporting. But, you can receive dedicated email alerts of any changes as soon as they’ve been detected. For this alert, you’ll need to be running the FileLocker feature.

Example

Note: ShieldPRO is required for the Admin Accounts, Vulnerabilities and FileLocker Changes options. To find out what the extra ShieldPRO features are and how to purchase, please follow this link here.