We’re continuing our improvements to Shield’s WordPress malware scanner, while also introducing simple reporting from the statistics module.
#1 What’s new in the WordPress Malware Scanner?
If you’ve been following along, you know Shield’s malware scanner is becoming progressively smarter with each release.
And Shield Security Pro 8.4 is no different!
In the last release, we brought in a huge feature where alongside gathering information about whole files, the Shield Network now gathers data on individual lines of code that trigger the scanner.
This helps the scanner work out that if a file has changed, but the critical line of code that triggers the scanner hasn’t changed, we can filter these results from those that you see.
This means that even fewer false positives will make their way into your results. And this means less for you, as the WordPress admin, to manage and analyse.
If that was brought in with Shield 8.3, why are we talking about it here? Because, with information on whole files, and lines of code, Shield’s Network Intelligence allows us to make “inferences”, or predictions if you like, about code that Shield has never seen before.
Wait… what? How?
Let’s work through this scenario:
- Shield’s malware scanner captures a suscipious line of code.
- The admin examines it, and determines that yes, it is in-fact malware.
- This gets sent to the Shield network. The information that gets sent is:
- filename, for example,
wp-hack.php - an SHA1 hash of the file, for this example we’ll say it’s
ABC123 - an SHA1 hash of the line of malicious code, we’ll say,
DEF456
- filename, for example,
- Then let’s say another site scans a file, with a different filename and discovers a suspicious line with the same hash as above:
DEF456 - The Shield network can’t say for certain it’s malicious, but it’s been spotted before in a different file and which was known to be malicious. So when our API is queried, we can provide a confidence score that indicates whether it’s malware.
This means that it’s far less likely a file with the same line of code will remain undiscovered on a WordPress site.
The same can be said in reverse. If a line of code that seems to be malicious, but isn’t – a false positive – appears within files of different names, the API can lend confidence to the probability that it really is a false positive, and filter it from results automatically.
As we mentioned in our previous article, knowing whether a file is a “false positive” is just as important as knowing whether it really is malware.
The ability to infer confidence to unknown/unseen code, based on other “known” malware or false positives, is the new feature that comes with 8.4.
In summary: Shield’s WordPress malware scanner is just plain smarter than ever!
#2 Statistics and Charts
With the release of the Shield 8.0 series, we introduced a huge number of enhancements under-the-hood.
One of those features was a completely rewritten auditing and event tracking system.
The Shield Security plugin has, since its 8.0 release, been counting the occurrence of every event on every site it’s installed on. It’s all stored on your sites’ database, ready and waiting to be used.
And Shield 8.4 is going to start using them. It’s a small step for now, but more is coming.
You can see these charts for each of your sites on the Overview screen of the Shield Security dashboard.
We’re presenting some simple charts for now that cover the most important events on a site, and only for the past 7 days. It demonstrates the power that the new event-tracking system has in reporting to you the level of protection that Shield is providing for all of your sites.
Shield 8.5 and beyond will expand upon this and begin to provide more in-depth reporting for our Pro customers.
#3 Refactored Comments SPAM Protection
Ever since we released our comments spam feature (many years ago!) it’s been implemented as in-line Javascript. That means that the code is inserted straight into the page source code.
This is far from ideal and it can mess a little bit if you want restriction on Javascript code with your Content Security Policy.
So we decided to rewrite it, clean it up, optimise it a bit and generally make it a better experience.
For those that want to know the details, you’ll now see that:
- there’s a new JS file included on your posts:
shield-comments.js - this should only be included if there is a comment form on the particular page.
- the automated bot-thwarting part comes in 2 stages:
- the checkbox generation (a Javascript-generated checkbox)
- the unique comment token required to successfully submit a comment is only generated and requested when a visitor clicks this checkbox. (This is different where before now the token was generated on each page load and included in the page source).
#4 Further Shield Security Improvements
In this release there is a huge raft of code cleanup being undertaken. This stems from the huge changes brought in with Shield 8.0 where much of the code was completely rewritten.
This makes the Shield plugin a bit smaller, cleaner, and altogether tighter than ever. Our best Shield Security release to-date!
If you have any other questions about this release, or you’d like clarification on anything we’ve raised here, please do let us know in the comments below.
Thank you as always for your support!
Hello dear reader!
If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)
You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.
We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.
ShieldPRO Testimonials
@tetontrekker
saved my bum!
I run a few WP sites and have tried several spam and security plugins. This one saved my bum. In the span of 1 year I had 2 people associated with my sites in viral news. (this can happen to you too!) One was a member of a non-profit group,…
@justme001
Excellent and Strong!
Shield appears to offer excellent security. I used a competitor for a while, but it blew my bandwidth out of the water. so, I switched to Shield. No problems since. I had a little difficulty understanding some of the settings (a little to tech for me.) Otherwise excellent.
@rpcteks
Shield Security!!!!
This is an all in One Compact plugin that is way versatile in keeping your site safe on the web, ounce you configure Shield Security properly, it will deal with all forms of attacks in real time
@tinytiger
Works beautifully out of the box.
I use this on multiple sites for my friends and family and it works, I don’t have a need to change most of the settings so there’s far more to customise should one want to, but the “out of the box” option works great for simple sites.
