In this walk-through guide, we are going to explain what the next steps you should take upon upgrading to Pro.
Please follow the steps detailed below.
Step 1: Activate Pro features
If you have Shield v6.6+ running on that site, you wont need a license key for the Pro features activation.
You simply log into the site associated to that license, and then:
- open the Shield Pro section
- be sure to have first activated your site URL ((the URL of the site you want to license inside your One Dollar Plugin account)) by clicking the "Keyless Activation control panel" link
- hit the "Check License" button and all the Pro features will be automatically licensed on the site within 30 seconds.
Important: If you have any trouble with activation (screenshot 1), just click a little "Debug" link beneath the "Check License" button (screenshot 2) and send us an error you see. We will investigate the problem for you.
To learn more about Keyless Activation, read the release article here.
Step 2: Enable Dashboard Pro features
Dashboard module contains the following Pro features:
- Google reCAPTCHA Style
Helps you to automatically import options and deploy configurations across your entire security network. You can easily setup the Shield Security plugin on 1 site and have all options replicated to your other sites automatically.
To enable this feature, go to Dashboard module and click the slider:
Note: You can also use Import/Export wizard:
Google reCAPTCHA Style
Before you use this feature, please ensure that Google reCAPTCHA is enabled. (See here)
With Google reCAPTCHA Style feature, you have the ability to choose your own reCAPTCHA style:
- "light" theme
- "dark" theme
- "invisible recaptcha"
To learn more about Google reCAPTCHA Style feature, read the article here.
Apart from Dashboard, this feature is also available within the following modules:
- Login Guard (reCAPTCHA => Google reCAPTCHA => reCAPTCHA Style)
- Comments SPAM (reCAPTCHA => Google reCAPTCHA => reCAPTCHA Style)
Important: If you set "default" theme for all reCAPTCHA features, it will fallback to the "Dashboard" settings - i.e. if you want "dark theme" throughout the plugin, choose "Dark Theme" within "Dashboard" and leave "Default" for the all other reCAPTCHA features.
Step 3: Enable Login Guard Pro features
Login Guard module contains the following Pro features:
- Google reCAPTCHA (see above)
- 2FA "Remember me"
2FA "Remember me"
This feature helps you to set the number of days that Shield will "remember" a successful 2FA login.
To learn more about 2FA "Remember me" feature, read the article here.
To enable it, go to Login Guard module => Multi-Factor Authentication and enter the number of days a user can by-pass future MFA after a successful MFA-login.
Step 4 : Enable Hack Guard Pro features
Hack Guard module contains the following Pro features:
- Plugins and Themes Guard
- Vulnerabilities Scanner
- Scan Schedule
Plugins and Themes Guard
Detect any changes to active plugins and themes. For example, if you upgrade a plugin to a new version using WordPress, then this would not trigger alerts from the Guard. The Guard will detect normal changes and update its records so that it doesn't alert you unnecessarily.
Please note that this feature requires PHP v5.4 and above.
To enable this feature, go to Hack Guard module and:
- enable the Guard
- set the scan depth (i.e. 2)
- add the file types you want to be included in the scan (optional)
- enable "Show Re-Install Links" option
To learn how Plugins and Themes Guard work, read the article here.
There is also a help video available for this feature (see the screenshot below).
Note: Once you have Plugins and Themes Guard enabled, you can manually run the scan by using wizard (optional):
Regularly (once daily) scan your list of the installed WordPress plugins and compare their current versions against a list of known plugin vulnerabilities.
To enable this feature, go to Hack Guard module and:
- enable the scanner with receiving or not receiving email notifications
- enable auto updates to vulnerable plugins
- select on how you want vulnerable plugins to be displayed
To learn how Vulnerabilities Scanner works, read the article here.
Daily Scan Frequency
Helps you to set how frequently the Hack Guard scans will run.
To set, simply select the scan frequency from the drop-down list, and click to Save:
To learn how Daily Scan Frequency works, read the article here.
Please note that there is a Scan Indicator available for Hack Guard scanners. It is a special type of feature that will indicate the exact time that a scan last run.
Scan Indicator for i.e. Vulnerabilities Scanner:
To learn more about this, read the article here.
Step 5: Enable User Management Pro feature
User Management module contains the following Pro feature:
- Password Policies
This feature allows you to have full control over passwords used by all users on your site.
Please note that it requires PHP v5.4+ and above.
To enable this feature, go to User Management module and:
- enable Password Policies
- enable Prevent Pwned Passwords to prevent use of ‘pwned passwords’
- set the minimum password length
- set the minimum password strength
- enable "Apply To Existing Users" to apply these policies retrospectively to existing passwords forcing users to update passwords when they login again
- set the password expiration to enforce all users to to reset their passwords after they next login
To learn more about Password Policies feature, read the article here.
Step 6: Enable Automatic Updates Pro feature
Automatic Updates module contains the following Pro feature:
- Auto-Updates Delay
This feature forces any automatic upgrade to be delayed for a set number of days. This allows time for killer bugs to be discovered and patched before your site automatically updates.
To enable this feature, go to Automatic Updates module and:
- set the delay automatic updates for period of stability
- turn on email notices from automatic updates
- decide where you want Shield to send upgrade notification reports
To learn more about Auto-Updates delay feature, read the article here.
Step 7: Enable IP Manager Pro feature
IP Manager module contains the following Pro feature:
- Request Tracking
The Request Tracking system tracks strange behavior on your site. It uses 404s as a transgression to determine whether visitors are legitimate or not. It works against visitor's IP address.
To learn more about this feature, read the article here.
To enable this feature, go to IP Manager module and select one of the options available from the drop-down list:
- Ignore 404s - The 404s will not be used as a transgression - transgression limit will not be increased.
- Log Only (Audit Trail) - Tracks visitor logs activities with Audit Trail only. 404s are excluded.
Note: "Users and logins" option within Audit Trail module must be turned on. Read more about this here.
- Increment Transgression - The 404s events will be added to the number of the transgressions - the transgression limit will be increased by the number of the 404s events.
Step 8: Enable Audit Trail Pro feature
This feature helps you to set the maximum Audit Trail length you want to keep. When the number is set, any audit trail entries will be automatically removed when the given limit is exceeded.
To set this lenght, go to Audit Trail module and enter the number into this field:
Step 9: Customize messages displayed to the users
This feature is available within the following modules:
- Login Guard
- IP Manager
If you want to communicate to the users in a particular manner and add your own custom messages, you can do that by using the following options:
- Firewall module: Firewall Block Message - Customize the messages displayed to the user that trigger the firewall
- Login Guard module: GASP Checkbox Text - Change the text displayed to the user beside the checkbox
- Login Guard module: GASP Alert Text - Change the text displayed to the user in the alert message if they don't check the box
- IP Manager module: Login Failed - Customize the message displayed if the visitor fails a login attempt
- IP Manager module: Remaining Transgressions - Customize the message displayed if the visitor triggered the IP Transgression system and reports how many transgressions remain before being blocked
To learn how to customize user messages, read the article here.
Step 10: Use 3rd-Party Support (optional)
This feature works with 3rd party platforms such as WooCommerce, BuddyPress, and Easy Digital Downloads. It is enabled by default on Pro sites.
You can use this feature if you need to add support for 3rd-party login, register, and password reset forms.
It provides the following:
- User Registration & Login Bot Protection
- 2-Factor Authentication for users and customers
- Support Woocommerce social logins
Please note that enabling/using of any of the Shield Pro features explained in this guide depends on your personal requirements.