Following hot off the heals of our successful 7.0 release we’re ready to bring you some fantastic new security features.
This time around, we’re focused on making the life of the administrator a bit smoother.
Managing a several WordPress sites, with multiple users, can be a huge undertaking, and we want to make that as easy as possible for you.
#1 Import options between sites using downloaded file exports
Shield Security has had automated import/export ability for nearly a year now, and while we think it’s fab, it doesn’t fit into everyone’s workflow. We’ve taken on your feedback, and many of you just want to download a file export and upload it to your other sites.
Now you can do just that. Simply clicking the export button will download a file which you can use with any WordPress site to immediately setup a brand new Shield installation.
Each file even has a bit of meta data in it too so you can see where the export came from, and the time it was created.
Please note, import/export of options suggests you have several sites, which then suggests you’re likely a professional in some capacity. We appreciate the support we get from other professionals and businesses, and so this is a pro-only feature.
#2 Allow visitors to automatically unblock themselves from Shield
This is a big one.
If a site administrator can reduce the incidents a user needs to contact you for help, then you’re winning at life.
When Shield blocks a request, the visitor is always warned. They’re given plenty of notice to discontinue what they’re doing, or they’ll get blocked.
But we’ve seen that many folk ignore these warning, and will then run screaming to the site admin when they get blocked. This is horrible for the admin, and dealing with these requests is frustrating for all parties.
With v7.1 visitors that have had their IP address blocked by Shield will have the option to click a button and unblock their IP address immediately.
Now you’re probably wondering, surely bots could do this too? We’ve created a few restrictions to prevent abuse, so it’s worth noting how this actually works:
- The button to unblock your IP is protected by bot-protection just like in the WordPress login page. This prevents automation by bots that are blocked.
- A visitor will only be able to remove themselves from the block list once in a 24 hour period. That is, if they’re blocked, and they unblocked themselves, then get blocked again, they will have to wait at least a day before they can unblock themselves. Or wait until the block expires.
So as you can see, if it’s a bot, and they get blocked and then somehow unblock themselves, they’ll get blocked again pretty quickly and there’ll be no work around for them.
#3 An Internal Plugin Changelog
We spotted a great little app for providing release notes, and we’ve integrated this into the Shield plugin. Now you’ll be able to see what’s new and changed from the Shield admin page without WP admin notices cluttering the place up.
This will also allow us to notify you directly within the plugin of potential issues we’ve discovered and when a new release might be imminent.
#4 Cron consolidation
As Shield grew, so did the number of crons that were necessary. To help with cron management and debugging, we’ve consolidated as many crons into as few as possible.
This keeps the cron queue neater and when you’re reviewing crons using cron-management plugins, it’ll be easier to review and track what’s going on.
Looking ahead to Shield v7.2
As we mentioned last week we’re already looking ahead to what’s coming in 2019.
The next Shield release will introduce a new scanner that’ll detect when WordPress.org plugins on your site have likely been abandoned by their authors.
Nobody wants to run outdated, un-maintained code.
Comments and Suggestions
As always, please feel free to leave your thoughts and comments below.
We appreciate your ongoing support!