February 11, 2021 by Paul G. | Blog, Releases, Shield Pro, Updates

WP Shield Security PRO – Release 10.2

Shield Security Pro Logo

This new release, 10.2, is designed more as a bug-fixing release along with the removal of some options.

The next few ShieldPRO releases will directed towards improving existing features, instead of adding new ones.

There are a few reasons for this:

  • ShieldPRO is already jam-packed with powerful anti-malware and anti-hacking features.
  • In the effort to improve ShieldPRO‘s security portfolio, we added features with a view to coming back later and refining them further with enhancements.
  • We want to extend Shield’s features to make them more accessible to developers and agencies and e-commerce.

Let’s find out what’s changed in ShieldPRO 10.2…

Removal Of Most Content Security Policy Options

We discussed this a week or so ago and outlined the full reasoning behind this decision.

In summary: CSP is a massive area and requires a huge undertaking to build a system to automatically generate the necessary headers.

Shield doesn’t have this (yet), and until we do we need to remove it as it’s causing more trouble for users than it’s actually solving problems.

Empty Usernames Trigger Invalid Login Bot Rule

ShieldPRO has the following option:

ShieldPRO Option: Detect Login Bot Using Invalid Username

Until ShieldPRO 10.1 this option ignored logins with empty usernames. This was due to a technical limitation which added complexity, but we’ve solved this for 10.2.

Shield will treat logins without a username as invalid and trigger offenses according to your settings.

Malware Scanner UX Improvements – No More Automatic Re-scans

ShieldPRO‘s Malware scanner is thorough and it involves scanning the contents of every PHP file on the site against a list of code patterns that “look like” malware.

So as you can imagine, it can take some time to complete a full scan.

If a file is discovered that appears to contain malware, you have the option to delete the file through Shield’s UI. But, we had configured Shield to run a full re-scan after a malware file was deleted.

After feedback from many clients, we decided to remove this automatic re-scan and instead simply re-examine the deleted file itself and ensure it was properly erased.

This should make management of these files much easier.

We know there are other improvements you’d like to see, such as bulk delete, and we’ll definitely get to this. For now, we hope this improvement will make a big difference for you.

Malware Scanning Is Much More Efficient

While we were digging through the Malware scanning code, we made a number of improvements and optimisations which actually makes malware scanner run more quickly.

As we said, it’s a big scanner and will take a while to complete no matter what we do, but we hope this improvement will make Shield’s WordPress malware scanner a bit lighter on resources over time.

Traffic Log Viewer Show More IP Info

Based on client feedback again, we’ve enhanced the traffic log viewer by showing the IP status quite clearly for each entry – i.e how many offenses it has against your site.

This will reduce the need to jump to the IP Analyse tool each time you’re investigating an IP address’ activity on your site.

Other Shield Improvements

  • A lot of code cleanup has been performed in this release with the removal of a huge number of legacy files left over from our move to PHP 7.0.
  • Fixed a bug where the Javascript wouldn’t always allow removal of U2F and Yubikey keys from user profiles.
  • Auto-cleaning for stale options left in the WP Options table when sites are moved/migrated between staging sites.

Comments and Suggestions

As always, we welcome any feedback and suggestions – you can see in this post that many of the enhancement have come from our clients.

Please do leave your comments and feedback below.

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials
@thedavinator's Gravatar @thedavinator

The Best I’ve Tried

By far, this is the best WP security plug-in I’ve had the pleasure of using. The simplicity and protection is unsurpassed. As far as I’m concerned, it kicks the doors off of Wordfence.

@nirgoldberg's Gravatar @nirgoldberg

So simple, so great

As a developer and a website builder of over 200 websites, I’ve tested several security plugins, and I’m happy to say that I truly found the one – a powerful security solution and yet, so simple to configure and manage.

@tl1000rzx2's Gravatar @tl1000rzx2

Great Plugin! Easy to use.

I have been using this plugin on several of my sites and it definitely does what it is supposed to do. Setup and config were easy and straightforward. If I can use this one, anyone can.

@ehr's Gravatar @ehr

Just give it a try and you'll understant

Well .. we’ve tried few solutions including 3rd party shit but none did the hell of the job that this plugin did. We’ve didn’t activate or use all features and just stick with exactly what we needed. The fact that allow(ed) to manage blacklisted IPs and see where are weird…

Comments (1)

    Thank you for the updates please add a nice dashboard will all security graphics stats it will be cool

Leave a Comment

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese