There are 9 Firewall Blocking options that determine what data is checked on each page request. Depending on certain incompatibilities with other plugins, you may need to disable certain options to ensure maximum compatibility.

Recommendation: Turn on as many options here as you can. If you find an incompatibility or something stops working, uncheck 1 option at a time until you find the problem or review the Audit Trail

Firewall Blocking options explanations

The following options help you to chose what kind of malicious data to scan for.

Option: Include Cookies

The Firewall tests GET and POST, but with this option checked you can also have it check the site cookies.

Option: Directory Traversals

This option will block directory traversal paths in application parameters (e.g. ../, ../../etc/passwd, etc).

There is typically no need for file paths that indicates attempts to move between directories on the filesystem. Be careful, as this might interfere with sites that publish content containing code snippets – it might be an idea to use the “Ignore Administrators” option. 

Option: SQL Queries

This option will block sql in application parameters (e.g. union select, concat(, /**/, ..), etc).

Option: WordPress Terms

Malicious requests might try and reference common WordPress terms in their attacks – this option ensures that some of the most common terms are restricted. It will block WordPress specific terms in application parameters (wp_, user_login, etc.).

Option: Field Truncation

This option will block field truncation attacks in application parameters.

Much like file system traversals, you typically shouldn’t have SQL queries in data submitted to your site. This option will try to look for keywords and patterns associated with SQL queries.

Option: PHP Code

This option will block any data that appears to try and include PHP files. It will probably block saving within the Plugin/Theme file editors.

Just like SQL, WordPress terms etc., you typically shouldn’t have PHP code in data submitted to your site. If you use the plugins/themes editor, this might trip the Firewall checks.

Option: Exe File Uploads

This option will block executable file uploads. When files are uploaded to your site, this option looks for executable file extensions such as .dll, .php, .exe, .py, etc.

Option: Leading Schemas

This option will block leading schemas http:// and https:// in application parameters (off by default; may cause problems with other plugins).

Option: Aggressive Scan

This option aggressively blocks data. It employs a set of aggressive rules to detect and block malicious data submitted to your site.

Important: Be careful with this option. It may cause an increase in false-positive firewall blocks.

For further reading on Shield's Firewall, read the blog article here.