We’ve been hard at work rebuilding much of the Shield Security plugin as we bring it up to standard and upgrade our minimum PHP requirements to PHP 7.2.
As always, we recommend you review the upgrade guide to ensure that you are fully aware of all changes and any breaking changes.
Let’s dig into all the new enhancements…
#1 Enhanced User Interface: Faster, Smoother, More Intuitive
Our long-term Shield members will know that our Shield Security plugin UI has gone through many, many iterations. Each step has been an improvement on the previous, and moves usability forward.
This time is no different and we’re really happy with the new layout and improved usability of the plugin with this release.
Some of what we’ve been able to improve include:
- Simplification of the sidebar navigation menu with fewer sub-items
- Omnipresent sidebar navigation to ensure a consistent UI
- Contextual Actions Menu for each main admin page
- Improved Search Box to allow for better display of large results
- Date filters on important tables, such as IP Rules, Activity Log, and Traffic Log
#2 Major Code Overhaul
Inspired by our switch to PHP 7.2+, we’ve done a major code review and overhaul of the plugin. Often, over time, old code can get lost as newer, better code gets introduced and it’s easy to let that older code go forgotten. We’ve purged a lot of older and dated design decisions.
#3 Improved IP Rules Management
After we integrated with CrowdSec, the number of IP Rules on any given site has increased and can even go beyond 10,000. We use highly optimised SQL queries and tables so your site won’t slow down.
However, when you want to browse the IP Rules, it required loading all the IP rules upfront, and this could take quite a lot of time.
With version 17.0, loading is now much faster as we no longer need to load all the IPs upfront. Instead, you can search directly for the IP addresses you need, and you can even use partial IP addresses – you don’t need a full IP address to search.
#4 Improved NotBot JS
We’ve talked many times about the trouble that Page Caching causes in WordPress. And the problem will never go away. Our NotBot JS feature can be broken by Page Caching, and to-date we’ve introduced a number of techniques to work around the problem. We’ve made a few further improvements to address issues reported to us from SiteGround-hosted websites.
#5 Improved File Locker & WP Config Protection
Protecting the WordPress wp-config.php file is a tricky thing to do as it is often highly customized. And, since there are no “official” wp-config.php file contents, it’s impossible to scan it for modifications like we can do for all other WordPress core files.
This is why we introduced our exclusive File Locker feature which, to the best of our knowledge, isn’t available in any form, anywhere else.
So this is an important ShieldPRO feature and we’ve seen over the last 12 months an increase in failures to create file locks on some websites. This appears to have been caused by newer, upgraded server hosting stacks. These newer servers with more recent versions of the OpenSSL library don’t appear to support legacy encryption ciphers.
This means our WordPress FileLocker must now support both legacy and new encryption ciphers, so we went back to the drawing board and did a big rework of how encryption ciphers are implemented.
#6 Better Security Overview & New WordPress Site Health
The Security Overview calculations have been tweaked and we’ve added a few more metrics to provide visibility on some security items.
We’ve also adapted the Overview metrics to work easily with WordPress’ built-in Site Health tool. If you prefer to review issues using the Site Health tool, you can see all the same items there, too.
Other Important Changes
We’ve moving towards simplification of Shield’s Configuration system over the next few major releases. We want to reduce the number of separate “Modules” and consolidate options into the same screens.
This means that the location for changing certain options will have moved. In this release we’ve removed a few “invisible” modules, along with Reporting module. You can now find Reporting options within the “General” module, under a new tab for “Reporting”.
Comments, Feedback and Suggestions
A lot of work has gone into this release that will, we hope, improve security for all users by making it much easier to see what’s going on and what areas need improved.
As always, we welcome your thoughts and feedback so please do feel free to leave your comments and suggestions below.
Hello dear reader!
If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)
You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.
We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.
ShieldPRO Testimonials
@camilobuitrago
I love how it is organized and so easy to manage
I’m using it for the shielding it gives for my login. I can change the default wp-admin login location to one I choose. I can do this and many other easy to implement security measures in minutes. Thanks for this great plugin
@vishwakarma226
WP Shield Plugin
Hello, Every One…!! This is Ajay for Indore. I really love WP Sheild Plugin in this plugin have more security feature which can full fill your security requirement.
@felixhirschfeld
Best security Plugin
Works awesome, it’s just a bit ugly in the backend
@soojooko
A WP security plugin with a hassle free experience
I have been a user of Shield Pro for a month now and am incredibly happy with the experience. It’s been completely hassle-free, which is something I can’t say for every other security plugin I’ve tried so far. Shield is fast, non-intrusive and extensive. And the service from the Shield…
