In this walk-through guide, we are going to explain what the next steps you should take upon upgrading to Pro.
Please follow the steps detailed below.
Step 1: Activate Pro features (if not already)
If you have Shield v6.6+ running on that site, you wont need a license key for the Pro features activation.
You simply log into the site associated to that license, and then:
- Open the Shield Pro section
- Be sure to have first activated your site URL (the URL of the site you want to license inside your One Dollar Plugin account) by clicking the "Keyless Activation control panel" link.
- Hit the "Check License" button and all the Pro features will be automatically licensed on the site within 30 seconds.
Important: If you have any trouble with activation (screenshot 1), just click a little "Debug" link beneath the "Check License" button (screenshot 2) and send us an error you see. We will investigate the problem for you.
To learn more about Keyless Activation, read the release article here.
Step 2: Enable General Pro features
General section contains the following Pro features:
- Google reCAPTCHA Style
Helps you to automatically import options and deploy configurations across your entire security network. You can easily setup the Shield Security plugin on 1 site and have all options replicated to your other sites automatically.
To activate this feature, go to Shield => General section => Import/Export => click the slider to Allow Import/Export, and then follow the guide outlined in the article here.
Note: You can also use Import/Export wizard:
Google reCAPTCHA Style
Before you use this feature, please ensure that Google reCAPTCHA is enabled. (See here)
With Google reCAPTCHA Style feature, you have the ability to choose your own reCAPTCHA style:
- "light" theme
- "dark" theme
- "invisible recaptcha"
To learn more about Google reCAPTCHA Style feature, read the article here.
Note: This feature is also available within the following modules:
Important: If you set "default" theme for all reCAPTCHA features, it will fallback to the General section settings - i.e. if you want "dark theme" throughout the plugin, choose "Dark Theme" within General section and set "Default" for Login Guard and Comments SPAM.
Step 3: Enable Security Admin Pro feature (optional)
Security Admin module contains the following Pro feature:
- White Label
It gives you the opportunity to rename and re-brand the Shield plugin for your client site installations. With White Label, you can own your own brand.
The following changes will take place when you setup your White Label:
- The WP admin menu for the plugin will be renamed and the icon displayed in the menu will be updated to use your icon.
- The plugin name displayed on the plugins page will be renamed
- The ‘details’ link in the plugins page will be updated to your link
- The option to edit the plugin files directly from Plugin Editor screen (if you haven’t disabled editing) will be removed
- If you enable the option, non-Security Admin users will not see available updates listed in the plugins/updates pages
- Any emails sent out to users will display your custom plugin name in place of “Shield Security”
To activate White Label, please follow these steps:
- Ensure that Security Admin system is enabled
- Enable White Label (see the screenshot below)
- Activate options you want (i.e. Change the plugin name... ). Options explanations along with screenshots can be found here.
To learn more about While Label for Shield Security, read the article here.
Step 4: Enable Login Guard Pro features
Login Guard module contains the following Pro features:
- Protection Locations
- Google reCAPTCHA style (see Step 2)
- 2FA "Remember me"
This feature helps you to choose the forms for which bot protection measures will be deployed. It works with 3rd party systems such as WooCommerce.
You can choose the following forms:
- Login form
- Registration form
- Lost password form
- Checkout (WooCommerce)
Please note that, before you choose the forms, ensure that Bot Protection is enabled:
To learn more about Protection Locations feature, read the article here.
2FA "Remember me"
This feature helps you to set the number of days that Shield will "remember" a successful 2FA login.
To enable it, go to Login Guard module => Multi-Factor Authentication and enter the number of days a user can by-pass future MFA after a successful MFA-login (i.e. 5):
To learn more about 2FA "Remember me" feature, read the article here.
Step 5 : Enable Hack Guard Pro features
Hack Guard module contains the following Pro features:
- Plugins and Themes Guard
- Vulnerabilities Scanner
- Scan Schedule
Plugins and Themes Guard
Detect any changes to active plugins and themes. For example, if you upgrade a plugin to a new version using WordPress, then this would not trigger alerts from the Guard. The Guard will detect normal changes and update its records so that it doesn't alert you unnecessarily.
Please note that this feature requires PHP v5.4 and above.
To enable this feature, go to Hack Guard module and:
- enable the Guard
- set the scan depth (i.e. 2)
- add the file types you want to be included in the scan (optional)
- enable "Show Re-Install Links" option
To learn how Plugins and Themes Guard work, read the article here.
There is also a help video available for this feature (see the screenshot below).
Note: Once you have Plugins and Themes Guard enabled, you can manually run the scan by using wizard (optional):
Regularly (once daily) scan your list of the installed WordPress plugins and compare their current versions against a list of known plugin vulnerabilities.
To enable this feature, go to Hack Guard module and:
- enable the scanner with receiving or not receiving email notifications
- enable auto updates to vulnerable plugins
- select on how you want vulnerable plugins to be displayed
To learn how Vulnerabilities Scanner works, read the article here.
Daily Scan Frequency
Helps you to set how frequently the Hack Guard scans will run.
To set, simply select the scan frequency from the drop-down list, and click to Save:
To learn how Daily Scan Frequency works, read the article here.
Please note that there is a Scan Indicator available for Hack Guard scanners. It is a special type of feature that will indicate the exact time that a scan last run.
Scan Indicator for i.e. Vulnerabilities Scanner:
To learn more about this, read the article here.
Step 6: Enable User Management Pro feature
User Management module contains the following Pro features:
- Password Policies
- User Login Notification Email
This feature allows you to have full control over passwords used by all users on your site.
Please note that this requires PHP v5.4+ and above.
To enable this feature, go to User Management module and:
- enable Password Policies
- enable Prevent Pwned Passwords to prevent use of ‘pwned passwords’
- set the minimum password length
- set the minimum password strength
- enable "Apply To Existing Users" to apply these policies retrospectively to existing passwords forcing users to update passwords when they login again
- set the password expiration to enforce all users to to reset their passwords after they next login
To learn more about Password Policies feature, read the article here.
User Login Notification Email
This feature sends email notification to each user upon successful login. To enable it, simply click the slider:
To learn more about User Login Notification Email feature, read the article here.
Step 7: Enable Automatic Updates Pro feature
Automatic Updates module contains the following Pro feature:
- Auto-Updates Delay
This feature forces any automatic upgrade to be delayed for a set number of days. This allows time for killer bugs to be discovered and patched before your site automatically updates.
To enable this feature, go to Automatic Updates module and:
- set the delay automatic updates for period of stability
- turn on email notices from automatic updates
- decide where you want Shield to send upgrade notification reports
To learn more about Auto-Updates delay feature, read the article here.
Step 8: Enable IP Manager Pro feature
IP Manager module contains the following Pro feature:
- Request Tracking
The Request Tracking system tracks strange behavior on your site. It uses 404s as a transgression to determine whether visitors are legitimate or not. It works against visitor's IP address.
To enable this feature, go to IP Manager module and select one of the options available from the drop-down list:
- Ignore 404s - The 404s will not be used as a transgression - transgression limit will not be increased.
- Log Only (Audit Trail) - Tracks visitor logs activities with Audit Trail only. 404s are excluded.
Note: "Users and logins" option within Audit Trail module must be turned on. Read more about this here.
- Increment Transgression - The 404s events will be added to the number of the transgressions - the transgression limit will be increased by the number of the 404s events.
To learn more about Request Tracking feature, read the article here.
Step 9: Enable Audit Trail Pro feature
This feature helps you to set the maximum Audit Trail length you want to keep. When the number is set, any audit trail entries will be automatically removed when the given limit is exceeded.
To set this lenght, go to Audit Trail module and enter the number into this field:
Step 10: Customize messages displayed to the users
This feature is available within the following modules:
- Login Guard
- IP Manager
If you want to communicate to the users in a particular manner and add your own custom messages, you can do that by using the following options:
- Firewall module: Firewall Block Message - Customize the messages displayed to the user that trigger the firewall
- Login Guard module: GASP Checkbox Text - Change the text displayed to the user beside the checkbox
- Login Guard module: GASP Alert Text - Change the text displayed to the user in the alert message if they don't check the box
- IP Manager module: Login Failed - Customize the message displayed if the visitor fails a login attempt
- IP Manager module: Remaining Transgressions - Customize the message displayed if the visitor triggered the IP Transgression system and reports how many transgressions remain before being blocked
To learn how to customize user messages, read the article here.
Step 11: Enable Traffic Watcher
Traffic Watcher can be found within its own module. It's a window; a view into your WordPress site traffic and any requests made to your WordPress site.
To enable it, simply go to the Traffic Watch module => Enable/Disable Module => and simply click the slider to enable it.
Then, go to the Traffic Watch Options and set the following:
- Traffic log exclusions - select request types that you don't want to be included in the traffic viewer. Read more here.
- Auto expiry cleaning - enable traffic log auto expiry (optional)
- Maximum log lenght - limit the size of the log to ensure it will be trimmed to your desired size regularly (optional)
- Auto disable - enable this option to automatically turn off the logging after 1 week.
Once you've done this, you can start reviewing your WordPress site traffic by using the Traffic Watch viewer.
To learn more about the Traffic Watcher, read the article here.
To find out how to use Traffic Watch Viewer, read the article here.
Step 12: Use 3rd-Party Support (optional)
This feature works with 3rd party platforms such as WooCommerce, BuddyPress, and Easy Digital Downloads. It is enabled by default on Pro sites.
You can use this feature if you need to add support for 3rd-party login, register, and password reset forms.
It provides the following:
- User Registration & Login Bot Protection
- 2-Factor Authentication for users and customers
- Support WooCommerce social logins
Please note that enabling/using of any of the Shield Pro features explained in this guide depends on your personal requirements.
How to send support requests
If you have issues with any of the Shield features, you can contact us any time. Please see here on how to structure your support requests.