June 24, 2021 by Paul G. | Blog, Features, Shield Pro, Shield Security

ShieldNET: WordPress Network Threat Intelligence

Shield Security Pro Logo

We’re levelling-up your WordPress security by giving ShieldPRO access to data about threats seen throughout the entire WordPress network.

We’re calling this new platform ShieldNET, and in this article we’ll outline what it is, and how it’ll revolutionise your WordPress security and protection.

Please watch the video below outlining what ShieldNET is and why it’s so important:

What is ShieldNET?

ShieldNET is the all-encompassing term that covers the technology and features that we use to gather security and threat information from across our entire WordPress ecosystem.

By collecting information from all active Shield Security plugins, we can offer this information back as threat intelligence to all sites running Shield.

The responsibility of identifying threats is then shifted away from individual sites to the collective.

A single site only knows what it knows. But when 10,000 sites get together and share information, they each know what 10,000 sites know.

This is massive. It completely transforms what’s possible when mitigating threats to our WordPress sites.

A ShieldNET Example: Bad Bot Identification

You may have come to realise we’re focusing a lot of our attention on bad bots and malicious visitors. As we learn more about websites security, our priorities shift towards areas that will yield the greatest impact.

For this reason we’re heavily invested in speedy and reliable indentification of bad bots.

Each time a visitor accesses a WordPress site running ShieldPRO for the first time, Shield starts from zero. It has no information about that visitor from which to make any adjustments to protect the site.

Shield must rely on the visitor to perform a number of requests and capture those behaviours, before it can make an assessment. And while Shield uses 25+ different signals to build a threat assessment, it’s still doing so completely independently.

But what if we could give it a head-start? What if we could tell Shield that this IP address has been seen on 100 other WordPress websites already? Perhaps those sites have already identified it as a bad bot?

Wouldn’t that help Shield make an informed decision, much more quickly, to block that visitor?

But now think of it the other way around. Perhaps the IP has been seen elsewhere and it has a great reputation, but on 1 particular site it’s triggered the plugin and Shield is about to block the visitor.

False positives is something we absolutely want to avoid!

With intelligence drawn from the network, we can reduce false positives where legitimate visitors are locked-out from a site.

Imagine then, all of this happening across all WordPress sites for all visitors, in real time?

ShieldNET and Privacy

Privacy of information and data is an critical aspect in a system like ShieldNET.

Let’s first discuss what information ShieldNET tracks and stores and just as importantly, what it doesn’t.

When a Shield plugin sends us IP information, it sends:

  • IP Addresses
  • Bot Signals that Shield has tracked for the IP addresses
  • Offense Counts
  • IP Blocked status

It’s important to also understand what information is NEVER shared.

It doesn’t share:

  • Any activity log data
  • Any traffic log data
  • Any associated WP users and sessions
  • Any information about any individual requests

When Shield receives the data, it makes a unique, one-way hash of the site’s useragent to help identify and eliminate duplicates.

“One-way hash” means that if anyone ever had access to the resulting hash, they can’t ever “reverse” the hash to identify the originating user-agent/site.

ShieldNET then records the information about the IP address.

If this IP data is accessed, either internally or externally by a 3rd party, there is no way to derive information about any IP address and its relationship to any websites. The data is structured in such a way as to be absolutely useless, except for the purpose it’s intended – to build a picture of activity on an IP address across many different websites.

The Future Of ShieldNET and Opting Out

If you feel that you don’t want to be a “part” of ShieldNET and share this sort of anonymised information, that’s entirely up to you. We always respect that choice.

We don’t fully understand why, given that there are no privacy implications as we’ve already discussed. But this doesn’t mean we don’t respect your decision, so we’d love to hear your thoughts on it, if this is the case.

You can simply select to not be involved in ShieldNET, and then any IP reputation data wont be shared. The downside is that since ShieldNET is built by the network, if you’re not contributing to it, then you can’t draw from it.

It’s only by working together, pooling resources and information, can we really work to thwart the ever-evolving nature of threats to our sites.

As always, the choice is entirely yours.

Over time the features and enhancements provided by ShieldNET will only grow. If you decide to opt-out of contributing, your site security won’t benefit from these changes.

Availability of ShieldNET

We’re doing a soft-launch of ShieldNET in ShieldPRO 11.4 due out very soon.

It’ll include some integrated access to network-based IP address information but it wont yet be used by Shield itself to make any important decisions. There’ll be more detailed information in our release notes for Shield 11.4 at a later date.

As always, please do leave us your thoughts in the comments about anything discussed here.

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials
@eastman-9's Gravatar @eastman-9


Cybercrime it hits you when your not aware of the consequences. Everybody insures their car. We don’t make accidents. Someone else will do that. Why not insure your website with this Pro-Plugin. Do not wait to long.

@ehr's Gravatar @ehr

Just give it a try and you'll understant

Well .. we’ve tried few solutions including 3rd party shit but none did the hell of the job that this plugin did. We’ve didn’t activate or use all features and just stick with exactly what we needed. The fact that allow(ed) to manage blacklisted IPs and see where are weird…

@tux255's Gravatar @tux255

One of thr best wordpress security plugin

This plugin saved multiple my websites. Thank you for doing this.

@stopdesign's Gravatar @stopdesign

Excellent security plugin with great support

I’ve been using Shield for over a year now. I manage about 20 instances of WordPress, plus some staging servers for each. And I now install Shield by default every time I get WP going. Shield is comprehensive in what it helps protect, its settings are easy to understand and…

Leave a Comment

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese