Paul G.
Paul Goodchild is the founder and CEO of Shield Security for WordPress – a best-in-class security plugin for the protection of critical WordPress-based websites and businesses.
Paul focuses on security features that deliver realworld results for client through the prevention of security breaches before they can happen. Prevention is preferrable over busy-security-work that sees you putting out fires and cleaning up your sites after an infection has taken hold.
Paul maintains that while a security plugin for WordPress is absolutely crucial, “security” is a practice and must involve your entire website and WordPress hosting environment, including your own local device security and security hygiene.

Latest blogs from Paul

Waves of Attacks Leave Millions Vulnerable; & Stop Spam Bots Hijacking WPForms
This week in WordPress security: the spotlight’s back on popular plugins and themes as new vulnerabilities put millions of sites at risk. Our latest guide, featuring expert-level WPForms spam prevention strategies, is perfect for those ready to level up their defences.
Continue Reading →
High-Stakes Plugin Risks & Mastering X-XSS-Protection
This week, Everest Forms tops the vulnerability list again. We’re taking a closer look at what needs patching, how to tighten defenses with X-XSS-Protection, and what’s ahead for WordPress developers.
Continue Reading →
WordPress Vulnerabilities, Malware Threats; & Recovery Guide
From unpatched vulnerabilities to hidden malware in the ‘mu-plugins’ directory, this roundup covers recent WordPress security threats, with a link to our recovery guide in case things go wrong.
Continue Reading →How to Easily Set Up Automatic WordPress Backups
Discover how to set up automatic WordPress backups quickly. Compare top plugins, optimise settings, and safeguard your site with minimal effort.
Continue Reading →Recover WordPress with Database Backup: A Guide
Learn how to recover your WordPress site using only a database backup. Step-by-step guide for restoring functionality and troubleshooting common issues.
Continue Reading →
Recent WordPress Risks; & Improve HSTS Security
New WordPress vulnerabilities in plugins and themes, including persistent Elementor issues, have surfaced this week. We also have a blog article that walks you through HSTS security for your sites.
Continue Reading →Beyond CAPTCHA: Advanced WPForms Spam Prevention Strategies
Stop WPForms spam in its tracks. Learn prevention strategies beyond CAPTCHA, from built-in features to third-party tools. Protect your forms effectively!
Continue Reading →How to Configure X-XSS-Protection Header in WordPress
Secure your WordPress site: Learn to set up X-XSS-Protection header and advanced XSS defences. Protect against cross-site scripting now.
Continue Reading →
Critical WordPress Threats; & Shield Your Comment Forms
A wave of security risks is hitting countless WordPress sites this week, fueled by WP Ghost, while DollyWay malware continues to target thousands. Explore our blog for smarter solutions to fight spam and protect your comment forms.
Continue Reading →Implementing WordPress HSTS: Step-by-Step Guide
Boost WordPress security with our step-by-step HSTS guide. Learn manual and plugin methods, best practices, and troubleshooting tips to protect your site from attacks.
Continue Reading →