Hi Andreas, “Lovely” message there, but I decided to let it …

By 9th May 2024 Uncategorised

Comment on New: WordPress Security Administrator Protection by Paul G..

Hi Andreas,

“Lovely” message there, but I decided to let it go live anyway. And here’s why:

The email message you quoted there shows the plugin did the job – it alerted you to the fact that someone logged-in who shouldn’t have. They clearly went through the normal login procedure on your site, since that email could only have been received if they did.

This therefore points to the fact that you probably don’t have two-factor authentication enabled, as this plugin provides. Our plugin is great, but you need to turn on the features for it to work.

You say hackers are working hard on MySQL security holes… Where is the evidence that this is a result of a MySQL security hole? Further, why would you say we don’t give a damn about it? Of course we do… that’s a slightly ridiculous statement.

There are a million ways to circumvent website security, our plugin does the job of blocking and preventing some of them… it cannot possibly do them all. That’s your responsibility. Sorry.

There are always things to improve, but unfortunately your comment provides no constructive feedback to do so – there is no way to know how they circumvented your login procedure.

Further, I would question what plugins and themes you have running and if they are, along with your WordPress site, ALL completely up-to-date. If you are using a plugin or theme with a security vulnerability, then this plugin probably wont help you.

Just think, were it not for that email, you would NEVER have known that your site was compromised in the first place. Yay, go us! ๐Ÿ˜€

Thanks for your comment.

Recent Comments by Paul G.

One Less Thing For You To Do: Monitor Your WordPress Core Files For Hacks!
Hi Terry,

Glad you like the new v7 interface.

The exclusions you mention for that scanner used to be in place but they got “lost” in the transition to v7. We’ve reinstated these and those filed will be ignored in the scan from v7.1 onwards.

Shield should be ignoring inactive themes and it already detects child/parent themes. Have a check to make sure your child-parent setup is exactly as you think it is. We’ve seen several cases where people thought it was setup as a child-parent, but it wasn’t…

Thanks!
Paul.

WordPress CloudFlare Flexible SSL – Making It Work
You can use our Shield Security plugin found here:
https://wordpress.org/plugins/wp-simple-firewall/

Google Authenticator Backups – The Right Way To Do Two Factor Authentication
hmm… I don’t know if that’s covered. Worth checking it…

Honestly, I wouldn’t be relying on that to have my back on this :/

Part 3: WordPress Firewall – Shield Security Plugin for WordPress
Hi George,

Shield does have this option – you’ll find it under the IP Manager module. It is a Pro-only feature so you’ll need to upgrade to access it. But at $12/year, it’s not a lot… and you get all the other Pro extras too ๐Ÿ™‚

Thanks,
Paul.

Beware New WordPress Security Theat: The WordPress Misinformation Virus
Thanks so much, Tito. We really appreciate your support! ๐Ÿ™‚

x Logo: Shield Security
This Site Is Protected By
Shield Security