February 22, 2018 by Paul G. | Blog, Features, Shield Pro

The Plugin & Theme Guard For WordPress

Shield Image

Keeping your WordPress sites secure is a never-ending game of cat and mouse.

100% protection against intrusion is impossible. We can do our best to stop it, but we must be ready to deal with any intrusions once they occur.

Shield Security already has several scanners that detect and repair alterations to your WordPress filesystem.

These include:

  • detecting and repairing any changes to Core WordPress files.
  • detecting and removing any files in your Core WordPress folders that are not part of WordPress.

So it looks like we have your WordPress Core covered.

But of course, WordPress is more than just its core files.

Making A Stand To Protect WordPress Plugins and Themes

It’s quite common for site hacks to involve quiet changes to scripts within your plugins and theme folders that can go unnoticed for months.

These are nearly impossible to detect without some sort of automatic scanning.

So with Shield Security 6.4, we’re introducing a brand new scanner that guards against unauthorized changes to your plugins and theme files. It’ll alert you as soon as it detects any changes.

It’s important to understand what this scanner IS and what it IS NOT.

To Help with these, we’ve provided a full explanatory video (below).

Please note that the UI featured in the video demonstrating the Plugin & Theme Guard scanner may differ from the current interface due to updates and improvements made after the time of recording.

Plugins & Themes Guard Explanatory Video

Plugin & Theme Guard: What It Is Not

It is not a malware scanner – it does not detect the presence of malware on your site.

Plugin & Theme Guard: What It Is

It is a change-detection system.

The Guard will take a “snapshot” of your files, and, if they are modified in any way, deleted, or new files are added, the Guard will alert you.

The Guard does not care about what these changes are, whether they’re good, bad, intended, or unintentional. It only cares about changes.

If there’s a change, you will be notified.

The Guard: Important Notes

  • The Guard only monitors active plugins and themes. If a plugin or theme is installed, but remains deactivated, it will not be monitored.
  • The Guard will also monitor the Parent theme, if you’re using a Child theme.
  • The Guard does not take a snapshot when you install a plugin, but only when you activate it. (If you deactivate it, monitoring for that plugin will stop).
  • The Guard will update its snapshot if you use WordPress to install, update or re-install a plugin or theme.
    • If you update a plugin or theme outside of WordPress e.g. using FTP, this will cause the Guard to alert you. The Guard doesn’t know anything about FTP. It only understands changes you make using WordPress.
    • The Guard understands updates made by iControlWP and will update its snapshot correctly.
  • The Guard will send alerts for changes made using WordPress’ built-in Editors. This is by-design.

When Does The Scanner Run?

The Guard’s scanner runs once every 24hrs using the WordPress Cron.

You can of course increase the frequency using the scan frequency setting released with Shield 6.2.

Understanding the File Scan Areas

As you can imagine, scanning the file system for changes can be resource intensive.

To strike a balance between resource usage and protection, the Guard will only scan and monitor the scan areas you select in the settings.

You must understand that increasing the scan areas will cause processing times and resource usage to increase. It is up to you to decide which level of protection you want vs resource allocation.

The Guard: How To Handle Changes

The results of the scanner can be accessed only through the Scan Results section. This is the only way to respond to alerts sent from the Guard.

You will be presented with a clear list of all changes that have been detected. It is your role as the security administrator to decide whether these changes are “ok”, or whether they must be cleaned.

Shield Security can’t make this decision for you.

For plugins, your options include:

  • Re-install / Upgrade. Shield will attempt to re-install (and potentially upgrade if an update is available) a plugin. This is only available for plugins from WordPress.org
  • Repair. Shield can immediately repair the affected plugin
  • Delete. Shield can’t repair unrecognised/unidentified plugin/theme files. You can do that manually only.
  • Ignore Changes. If you feel that the changes detect are legitimate, you can ignore them. Shield wont alert you to these changes again.

For themes, your options include just as with plugins above.

You can make manual modifications in response to the scanner, using FTP for example, and then re-scan your site.

Requirements For The Plugins & Theme Guard

  • Shield Security 6.4+
  • PHP Version 5.4+
  • WordPress 4.0+
  • Shield Pro – upgrade here

Since late 2017, we made the decision to develop new features for Shield using PHP 5.4. To learn more about this decision, please see here.

Comments and Questions?

As always, we’re open to feedback and suggestions. Please feel free to leave your comments below.

Thank you for your support!

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials
@bapun26's Gravatar @bapun26

A solid plugin at an unbelievable price

Purchased it and used it. The plugin is excellent, not slowing down my site like other firewall plugins Support is brilliant Price is just absolutely cheap looking at the competitors. Go for it ! 5 stars 🙂

@shiyashamsu's Gravatar @shiyashamsu

The security expert !!

I was tired of blocking automated login attempts and bruteforce attacks. When IP blocking/locking out is not effective when IP spoofing attacks takes place, Simple Security Firewall has its options to block these kind of automated attacks. I love it !!

@graceys's Gravatar @graceys

Amazingly Simple, but powerful

Although I’ve only had this installed for a few days, already it has “saved my bacon”, and my sanity. I have had my wp “limit login attempts” locked down to a pretty tight time frame and boot out before I installed it, but WP Simple Firewall does everything it says,…

@paulcrompton's Gravatar @paulcrompton

Effective

Certainly worked for me yesterday. Blocked a log in from the Ukraine. Could not make out who it was from the info. Rather block a possible good one than let a bad one through. Thanks, Paul

Comments (3)

    Thanks for the video tutorial, it does a much better job at explaining the functionality than text and screenshots. Next time ensure the volume is up.

      Great, glad you liked it. And thanks for the feedback on the volume. We may be able to re-release it with higher volume, so thanks for sharing your thoughts! 🙂

    Great information about keeping your WordPress sites secure.
    Thanks for sharing this useful information..

Leave a Reply to Robert Diaz Cancel reply

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese