ShieldPRO 18.3 is one of our most exciting releases, ever. It builds upon our recent Change Reporting feature, resulting in an all-new reporting system.
Our primary focus has been to make it easier for admins to see exactly what’s happening on a site at any given moment.
Knowing that Shield Security is protecting your WordPress site, and seeing it happening are 2 different things. After outlining how you can perform WordPress security audits, we felt Shield could do better in helping admins see what’s happening.
Let’s dig in to the new features and tools you now have to review and audit your WordPress security.
#1 All-New HTML WordPress Security Reports
ShieldPRO 18.2 introduced the new Change Reporting feature. This exclusive security reporting feature provides clear visibility to things that changed on your site, not just a list of activity logs about what happened. As we’ve explained previously, Change Reports can make it much clearer how your WordPress site is different, when compared with another moment in time.
Shield has also had a long-standing feature where it will email reports alerting and informing you of certain key statistics and important scan results that may need your attention.
These emails are useful, but they are severely limited in a few important ways:
- They’re emails! There is only so much you can put into an email, and it’s not easy to present complex information in a format that is concise, clear and easy to process.
- There is no archive or historical feature to the email reports. If you want to review security reports from 3 weeks ago, you’d have to search your emails, and also hope that you haven’t deleted them.
- It’s difficult to share. If you wanted other stakeholders to have access to reports, emails aren’t a practical way to do that, since you can’t be sure the data will always arrive in a reliable format.
With ShieldPRO 18.3 reports are still sent via email, but they provide links to the actual report content, and don’t provide the report directly.
The links bring you to full reports as HTML pages. These pages have a simple, clear design that communicate all the relevant information in a format that’s easy to review quickly.
To enhance this further, we’ve designed the report links to be accessible from anywhere without needing to be logged-into the WordPress site, while at the same time ensuring that they can’t be accessed by anyone without access to the link itself.
We’ve also ensured that these reports can be called up any time from the Shield Dashboard – you’re no longer limited to receiving the emails.
These features solve the key issues highlighted earlier by making Shield’s Security reports:
- clear and easy to read all the information
- accessible after their creation and without requiring the original notification emails
- easy to share and disseminate to stakeholders
#2 Custom Ad-Hoc Security Reports
Persuant to our goal to make WordPress Security Audits easier, you can jump into Shield on your WordPress site and create a brand new report, at any time.
Particularly useful here is the incorporation of our newer Change Reporting feature so you can select any 2 dates to compare and have a beautiful report showing exactly what changed on your WordPress site.
#3 Live Traffic Logging
Have you ever wanted to know exactly what traffic is hitting your WordPress site at any given moment?
Sometimes we just want to watch the traffic requests coming to our WordPress site because we feel there is something wrong, or not quite right going on?
Well now you can with ShieldPRO‘s brand new “live traffic log” feature. This feature comes in 2 part:
- Live traffic log option
- Live traffic log viewer
The live traffic log option lets you turn on the live traffic logging feature. What this option does is temporarily suspend any exclusions that are applied to the log system. Shield has a couple of options that let you exclude traffic logs to reduce noise and unimportant entries in the log. These are all suspended during the live logging period.
Since live logging logs everything, it could quickly cause the traffic log database to balloon and add significant load to the site and its database. For this reason the live logging system remains active for only 30 minutes, before it is automatically disabled. Of course, you are free to re-enable it, but for your site’s protected, we ensure that it automatically switches off in-case you forget it’s on.
The live traffic log viewer is a trimmed-down, simplified view on the traffic log. This view is useful regardless of whether or not the live traffic option is switched-on. It display the logs in a simply, standardised format, and will automatically update the log display on-screen every 7 seconds.
#4 Traffic Log Download
Sticking with the traffic log, another feature available to admins is the ability to download the entire traffic log to your local computer. The logs will be of a standard request log format, but we are open to feedback if different formats are required.
#5 Enhanced Security Dashboard
In-keeping with our goal to make Security Audits easier, we’ve made Shield’s dashboard much more useful by displaying data snippets taken from across the entire security system.
Until now Shield showed a grading for the site, along with granular grades for each subsystem. This has been replaced, though it is still accessible via a link from the dashboard, with a new dashboard that covers:
- summary charts for key security event stats
- your site security grades
- scan results summary
- recently blocked IP addresses
- recently offensive IP addresses
- the 5 most recent reports
- the most recent activity log entries
- the most recent traffic log entires
This covers the vast majority of Shield’s security coverage… you can think of the dashboard as a high-level overview and launchpad to all key security areas.
#6 Many More Improvements Throughout
This release sees many other minor changes that enhance your security experience, making it easier to navigate the platform and get tasks done.
We’ve tweaked the sidebar navigation menu to reduce the number of top-level items, added “breadcrumbs” navigation to the page titles, and even add simple separators to the WP Admin menu to break-up the various menu components to make it more readable.
Under the hood we’ve further optimised some of the database management and speeded up the loading of the traffic tables.
And, for those that haven’t been able to use the Activity & Traffic Logs due to PHP library conflicts with other WordPress plugins, we’ve been able to work around that restriction bringing back logging for everyone.
Comments, Suggestions and Feedback
We’re very excited about this Shield release as we feel it’s our best yet! There are so many powerful additions and improvements packed into this release that bring huge value to admins, particularly in the reporting areas, but also form a solid foundation for future improvements.
As always, we welcome your thoughts and feedback so please leave your comments and suggestions below.