February 11, 2021 by Paul G. | Blog, Releases, Shield Pro, Updates

WP Shield Security PRO – Release 10.2

Shield Image

This new release, 10.2, is designed more as a bug-fixing release along with the removal of some options.

The next few ShieldPRO releases will directed towards improving existing features, instead of adding new ones.

There are a few reasons for this:

  • ShieldPRO is already jam-packed with powerful anti-malware and anti-hacking features.
  • In the effort to improve ShieldPRO‘s security portfolio, we added features with a view to coming back later and refining them further with enhancements.
  • We want to extend Shield’s features to make them more accessible to developers and agencies and e-commerce.

Let’s find out what’s changed in ShieldPRO 10.2…

Removal Of Most Content Security Policy Options

We discussed this a week or so ago and outlined the full reasoning behind this decision.

In summary: CSP is a massive area and requires a huge undertaking to build a system to automatically generate the necessary headers.

Shield doesn’t have this (yet), and until we do we need to remove it as it’s causing more trouble for users than it’s actually solving problems.

Empty Usernames Trigger Invalid Login Bot Rule

ShieldPRO has the following option:

ShieldPRO Option: Detect Login Bot Using Invalid Username

Until ShieldPRO 10.1 this option ignored logins with empty usernames. This was due to a technical limitation which added complexity, but we’ve solved this for 10.2.

Shield will treat logins without a username as invalid and trigger offenses according to your settings.

Malware Scanner UX Improvements – No More Automatic Re-scans

ShieldPRO‘s Malware scanner is thorough and it involves scanning the contents of every PHP file on the site against a list of code patterns that “look like” malware.

So as you can imagine, it can take some time to complete a full scan.

If a file is discovered that appears to contain malware, you have the option to delete the file through Shield’s UI. But, we had configured Shield to run a full re-scan after a malware file was deleted.

After feedback from many clients, we decided to remove this automatic re-scan and instead simply re-examine the deleted file itself and ensure it was properly erased.

This should make management of these files much easier.

We know there are other improvements you’d like to see, such as bulk delete, and we’ll definitely get to this. For now, we hope this improvement will make a big difference for you.

Malware Scanning Is Much More Efficient

While we were digging through the Malware scanning code, we made a number of improvements and optimisations which actually makes malware scanner run more quickly.

As we said, it’s a big scanner and will take a while to complete no matter what we do, but we hope this improvement will make Shield’s WordPress malware scanner a bit lighter on resources over time.

Traffic Log Viewer Show More IP Info

Based on client feedback again, we’ve enhanced the traffic log viewer by showing the IP status quite clearly for each entry – i.e how many offenses it has against your site.

This will reduce the need to jump to the IP Analyse tool each time you’re investigating an IP address’ activity on your site.

Other Shield Improvements

  • A lot of code cleanup has been performed in this release with the removal of a huge number of legacy files left over from our move to PHP 7.0.
  • Fixed a bug where the Javascript wouldn’t always allow removal of U2F and Yubikey keys from user profiles.
  • Auto-cleaning for stale options left in the WP Options table when sites are moved/migrated between staging sites.

Comments and Suggestions

As always, we welcome any feedback and suggestions – you can see in this post that many of the enhancement have come from our clients.

Please do leave your comments and feedback below.

ShieldPRO Testimonials
@yoshuahaxo's Gravatar @yoshuahaxo

The Most Secure, Easy and Useful plugin.

It is simple: this plugin it’s a MUST. I had already written my review, some time ago with the free version of the plugin and my opinion is now even better. I have 10 days since upgrade to PRO and I am truly in love with this plugin. In addition,…

@boatkung's Gravatar @boatkung

This is "must have" plugin!

I already changed all personal and client projects to use this plugin. Because it has all features what I want!, Good job!

@pipetko's Gravatar @pipetko

Good plugin, works :)

I am satisfied it does do what it says

@spookee's Gravatar @spookee

Excellent!

Excellent!

Hey there gorgeous! Do you like what you've read here? :)

If this cool feature is something you'd like, but you haven't gone PRO yet, click here to get started today. (no risk, with a 14-day satisfaction guarantee!)

You'll get all PRO features, including Malware Scanning, WP Config Protection, Plugin FileGuard, import/export, customer support, and so much more. Not only that, you'll get that warm, fuzzy feeling that comes from supporting our work and future development.

I Was Born To Go Pro →

Comments (1)

    Thank you for the updates please add a nice dashboard will all security graphics stats it will be cool

Leave a Reply to carlos Cancel reply

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese