We’ve been hard at work rebuilding much of the Shield Security plugin as we bring it up to standard and upgrade our minimum PHP requirements to PHP 7.2.
As always, we recommend you review the upgrade guide to ensure that you are fully aware of all changes and any breaking changes.
Let’s dig into all the new enhancements…
#1 Enhanced User Interface: Faster, Smoother, More Intuitive
Our long-term Shield members will know that our Shield Security plugin UI has gone through many, many iterations. Each step has been an improvement on the previous, and moves usability forward.
This time is no different and we’re really happy with the new layout and improved usability of the plugin with this release.
Some of what we’ve been able to improve include:
- Simplification of the sidebar navigation menu with fewer sub-items
- Omnipresent sidebar navigation to ensure a consistent UI
- Contextual Actions Menu for each main admin page
- Improved Search Box to allow for better display of large results
- Date filters on important tables, such as IP Rules, Activity Log, and Traffic Log
#2 Major Code Overhaul
Inspired by our switch to PHP 7.2+, we’ve done a major code review and overhaul of the plugin. Often, over time, old code can get lost as newer, better code gets introduced and it’s easy to let that older code go forgotten. We’ve purged a lot of older and dated design decisions.
#3 Improved IP Rules Management
After we integrated with CrowdSec, the number of IP Rules on any given site has increased and can even go beyond 10,000. We use highly optimised SQL queries and tables so your site won’t slow down.
However, when you want to browse the IP Rules, it required loading all the IP rules upfront, and this could take quite a lot of time.
With version 17.0, loading is now much faster as we no longer need to load all the IPs upfront. Instead, you can search directly for the IP addresses you need, and you can even use partial IP addresses – you don’t need a full IP address to search.
#4 Improved NotBot JS
We’ve talked many times about the trouble that Page Caching causes in WordPress. And the problem will never go away. Our NotBot JS feature can be broken by Page Caching, and to-date we’ve introduced a number of techniques to work around the problem. We’ve made a few further improvements to address issues reported to us from SiteGround-hosted websites.
#5 Improved File Locker & WP Config Protection
Protecting the WordPress wp-config.php file is a tricky thing to do as it is often highly customized. And, since there are no “official”
wp-config.php file contents, it’s impossible to scan it for modifications like we can do for all other WordPress core files.
This is why we introduced our exclusive File Locker feature which, to the best of our knowledge, isn’t available in any form, anywhere else.
So this is an important ShieldPRO feature and we’ve seen over the last 12 months an increase in failures to create file locks on some websites. This appears to have been caused by newer, upgraded server hosting stacks. These newer servers with more recent versions of the OpenSSL library don’t appear to support legacy encryption ciphers.
This means our WordPress FileLocker must now support both legacy and new encryption ciphers, so we went back to the drawing board and did a big rework of how encryption ciphers are implemented.
#6 Better Security Overview & New WordPress Site Health
The Security Overview calculations have been tweaked and we’ve added a few more metrics to provide visibility on some security items.
We’ve also adapted the Overview metrics to work easily with WordPress’ built-in Site Health tool. If you prefer to review issues using the Site Health tool, you can see all the same items there, too.
Other Important Changes
We’ve moving towards simplification of Shield’s Configuration system over the next few major releases. We want to reduce the number of separate “Modules” and consolidate options into the same screens.
This means that the location for changing certain options will have moved. In this release we’ve removed a few “invisible” modules, along with Reporting module. You can now find Reporting options within the “General” module, under a new tab for “Reporting”.
Comments, Feedback and Suggestions
A lot of work has gone into this release that will, we hope, improve security for all users by making it much easier to see what’s going on and what areas need improved.
As always, we welcome your thoughts and feedback so please do feel free to leave your comments and suggestions below.
Great security plugin! Easy to use and accessible support!
Thank you for this awesome plugin! All the reports you send us every week! All the settings are easy to understand and there are a lot of docs to explain them too. And always accessible support!
Something better does not exist!!
Something better does not exist!!
Fast and friendly customer service!
Hey there gorgeous! Do you like what you've read here? :)
If this cool feature is something you'd like, but you haven't gone PRO yet, click here to get started today. (no risk, with a 14-day satisfaction guarantee!)
You'll get all PRO features, including Malware Scanning, WP Config Protection, Plugin FileGuard, import/export, customer support, and so much more. Not only that, you'll get that warm, fuzzy feeling that comes from supporting our work and future development.