February 23, 2018 by Paul G. | Releases, Shield Pro

WP Shield Security – Release 6.4

Shield Image

Shield Security v6.4 for WordPress released 26th February, 2018.

This release sees the introduction of one of our most exciting features for a long while.

This new feature delivers protection against direct hacking and modifications of plugins and themes.

How plugins and themes can get hacked

100% Prevention of intrusion by outsiders is impossible. It can’t be done, and certainly not by WordPress plugins alone.

Shield Security offers numerous ways to lockdown access to a site and prevent many attack vectors, but once someone is inside the perimeter, we need a way to detect it.

Shield comes already equipped with 2x scanners that detect and report on changes to your files and directories. In particular, it examines your core WordPress files and will compare what is on your site with the files taken straight from WordPress.org.

There is rarely any legitimate reason for modifying core WordPress files. So if a file has been modified, then you really need to examine.

Thankfully Shield already has this covered.

While the Core is protected, what about the rest of the site? Plugins and Themes for example?

It’s common for malware and other malicious code to be injected into your theme’s functions.php file. But it could be inserted into absolutely any file.

Until now Shield wasn’t scanning plugins and themes, but this has changed with the introduction of the Plugins and Themes Guard.

What is the Plugins and Themes Guard from Shield Security?

Simply put, the guard will first analyse all your plugins and themes and then periodically scan them to detect changes to them. Changes it can detect are:

  • File modifications
  • New files added
  • File deleted

If any of these events happen inside your plugins/themes folders, you’ll be alerted.

The default for Shield is to scan once each day, but you can increase this scan up to hourly using the scanner frequency option.

We’ll not cover the finer details of the scanner in this article, so to learn more and watch the explanatory video, please go here.

Improvement: Automatic Update Delays By-Passed For Vulnerable Plugins

In the previous Shield release, we introduced an automatic updates delay – where you could turn on automatic updates, but force a delay before they were applied. This helps ensure a degree of stability has been established for that update before it’s applied to your site.

We’ve now tweaked this setting to ensure faster protection for vulnerable plugins and themes.

If Shield discovers a plugin or theme is vulnerable, and an update is ready to be applied, the update delay will be ignored so that the update can be applied immediately.

We’re too-often asked about what folk should do when they get a warning email from Shield for the WordPress Core File scanners.

So, instead of listing the details of the warning, we’re now linking directly to the Scan Wizards to allow you to more quickly and easily address the problem.

This should hopefully make things a bit clearer for everyone.

(Note: these wizards are only available to users running PHP 5.4+)

Questions and Comments

As always, questions and comments are welcome below.

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials
@tinytiger's Gravatar @tinytiger

Works beautifully out of the box.

I use this on multiple sites for my friends and family and it works, I don’t have a need to change most of the settings so there’s far more to customise should one want to, but the “out of the box” option works great for simple sites.

@rcraigb's Gravatar @rcraigb

Great Security Plugin

Simple Firewall is easy to install and configure. After trying it out on one of my websites, I have begun to use it on others, as well. I especially like the fact that it replaces several plugins with this one. Give it a try!

@ian-mcdonnell's Gravatar @ian-mcdonnell

Best Security Plugin Out There

Great value for money, and fantastic support. Minor bug reported in the morning had a response within a couple of hours and an update the same day! Can’t really ask for more than that! Couldn’t recommend highly enough,

@normsash's Gravatar @normsash

Could this replace multiple plugins?

Update: Things are still looking great with Shield! On all of my sites I have traditionally used a combination of plugins to enforce security and hack protection. Recently I’ve been testing out Shield to see if I could replace all/most of my traditional plugins with just Shield. So far, things…

Leave a Comment

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese