Shield Security for WordPress

One feature that we really could be part of your Lockdown section, is an emergency button to lock the site down for all users. Even just for maintenance, it would be extremely useful to be able to lock the site while we are busy, but from a fraud/se

It would be awesome if you could check somehow if the plugins you are using are prone to vulnerabilities or not. Perhaps Shield could add the number of vulnerabilities that occurred to each plugin in the past somewhere in the plugin overview with

I really like the automatic update features, however, would it be possible to add the option to only receive an email when something went wrong with an automated update? (I like having automated updates but I still want to have some kind of control

I want to limit access by time to user roles. So a user role logs in but they only have access for say 75 mins.

Blocking mixed content will save many sites from being shown as insecure, I'd suggest putting this in as a feature request to add this to your default options. Ticket https://icontrolwp.freshdesk.com/a/tickets/12661

Add Google Authenticator to user frontend edit profile page (or settings page) by buddypress membership management system.

Add a line for the referrer so there is a way to determine where the entry in the traffic log came from. I.e. was it a direct access or was it coming from another page link. Screenshot: https://share.getcloudapp.com/X6uzgrw6

I love the Dashboard of Shield Statistics. With all these sites, going into the logs to see info about these attacks. In one look, I can see the logins attacks and session that are attacking. As I was installing settings from site to site I could s

I adjusted my robots.txt file a few days ago to include “ahrefs”. It rapidly divided the traffic in half. It would be good to be able to add (or reduce) entries on that robots.txt file through ShieldPro.

Ability to add spam protection for forms, including Contact Form 7. Without it, I still need to run Akismet which conflicts with Shield and forces me to disable the Spam protection module in Shield. It would be great if we could use Shield protectio

I've enabled 2FA via Google Authenticator. But it seems like the existing users are not forced to enable Google Authenticator. I'd like to force my users to use 2FA Google Autehtntication. Also, it would be good to see which user has enabled 2FA Go

Especially when using woocommerce it would be perfect if one could enable the Bruteforce Protection separately - exclusively for the Site-Dashboard-Backend Login Form. At the moment one can only enable the brute force protection for all Login Forms

Is it possible to embed the Google 2FA setup in “your profile” so that is available in custom profile forms ? Perhaps a shortcode, or custom code ?

Can the 2FA prompt be customized so that it looks like the website’s theme ? I use a dark theme, and as soon as the 2FA prompt appears, it’s like a sudden floodlight being placed in front of you

Add a way to ignore the redirect we have on our site to be able to scan files. I.e.: domain.com redirects elsewhere, but we still want to run scans on domain.com/(files).