Jelena
Forum Replies Created
-
Hi,
This can be configured under the Reporting module:
https://help.getshieldsecurity.com/collection/77-reportingWe also have Reports Stats/Charts section you may find useful in some way too:
https://help.getshieldsecurity.com/article/445-introduction-to-the-reports-stats-charts-sectionLet us know if you have any other questions.
Thanks,
Jelena
Hi Tushar,
Thanks for your question.
Security of information and privacy are our most important assets. We’ve treated privacy of our customers and their data with the utmost importance from the very beginning, long before regulations such as GDPR came into effect.
So, yes, we are firmly committed to GDPR compliance. Please see here for in-depth details:
https://www.fernleafsystems.com/common/Thanks,
Jelena
Hi,
Thanks for your question.
This is a temporary directory used by the plugin to store temporary data.
It is used by the scans and various other purposes in the plugin (only for certain features).
The data we write can oftentime be quite large and storing them in the DB is impractical. We also don’t access the data on every page load, they’re used primarily for file system scans. Some data we store in the DB, others to files, it just depends on their nature and use-cases.
When Shield looks for the directory, we simply use the PHP constant within WordPress: WP_CONTENT_DIR
We rely on this to be correctly declared and simply then build the directory off that, so in most cases it’ll be /wp-content/shield/.
Just please make sure that ‘shield’ directory is available for writing – that Shield is able to write to that directory.
Hope this helps.
Thanks,
Jelena
Hi Aram,
Each time you can’t access your own site as a result of Shield, for whatever reason, you can always use a forceoff method. This will forcefully turn off all restrictions but keep plugin active allowing you to get back in and change settings. Once you solve the problem, you can remove a “forceoff” file.
To forceoff, please follow the guide outlined in this article here.
We also have a Guide for site admins which you may find helpful.
To disable 2FA by email, please follow these steps:
1) Go to your FTP for this site and create a “forceoff” file
2) Log into your site
3) Go to the Login Guard module and disable 2FA by email
4) Remove a “forceoff” fileThe problem with using WordPress and your server to send emails is that it’s unpredictable and unreliable. You’ll need to assess your email deliverability on your WordPress site by using a dedicated and properly configured email system such as Postmark.
It’s also worth of mentioning that Shield’s OTP 2FA defaults to 5min. Some email providers (such as Mailgun, or WP Mail SMTP, or whatever you’re using) can be a bit slow at times with their email delivery, and 5 minutes isn’t long enough. It’s definitely worth contacting them and let them know about the problem you’re having.
In case you need to extend 2FA timeout, you can use filter. We go into further details on this here.
(please note that this is available in Pro only)
Let us know if this was helpful for you.
Thanks,
Jelena
- This reply was modified 4 years, 4 months ago by Jelena.
Hi Brennan,
Thanks for your question.
With ShieldPRO you can add custom user roles to enforce 2FA by email using WordPress filter:
https://help.getshieldsecurity.com/article/330-how-to-add-custom-user-role-s-to-enforce-2fa-by-emailYou may also see this discussion here:
https://wordpress.org/support/topic/multi-vendor-marketplaces/Let us know if this was helpful for you.
Thanks,
Jelena
Hi Julie,
Please accept our sincere apologies for the confusion around this. Due to the nature and complexity of this feature, this is a ShieldPRO-only feature.
Sorry for the confusion and trouble you’ve experienced. We’ve updated the documentation to highlight this.
If you’d like to reach out to our support team directly, we can look to offering you an upgrade discount for your troubles. We can’t, however, offer support for ShieldPRO features on this forum.
Kind regards and many thanks for your understanding.
Jelena
Hi Julie,
Sorry to hear about the troubles you’re having.
May I ask you to read this guide, please?
https://help.getshieldsecurity.com/article/149-custom-templates-guidelines-read-this-firstLet us know if it was helpful for you.
Regarding your question “Is there a way to fully customize the page with the form of the verification code?”, you can only replace Shield’s logo with your own. This can be done with our White Label feature.
White Label gives you the opportunity to customise plugin name, company name, site URL, OTP logo, etc.
For example, you can customise 2FA email content (template) and then customise it further by replacing Shield plugin name with your own Plugin Name:
https://www.screencast.com/t/3sB31vtV7RWhite Label (with examples) is best explained here:
https://help.getshieldsecurity.com/article/216-shield-white-label-options-explainedLet us know how you get on sure. We’ll be here for any further help you may need.
Thanks,
Jelena
That’s great! Happy to hear that all is working fine for you now.
Regards and may we wish you a great week! 🙂
Jelena
Hi Jessica,
We’re very sorry for the troubles and we’re here to help, however we can.
There was an issue with an earlier release which we quickly fixed and perhaps your Shield plugin updated to that…
We kindly suggest you to update Shield to the latest release 12.0.13 – there are no known issues with this release.
Let us know how you get on sure.
Thanks,
Jelena
Hi Klaus,
Just to thank you for taking the time to write a review. This is more than appreciated. 🙂
Cheers!
Jelena
Hi Klaus,
There’s no problem at all. Happy to help 🙂
Glad to hear that you managed to find the problem cause and to fix it. I’m definitely going to add that into our help documentation. It’ll be helpful for other folks too.
Sorry, this is little bit out of the subject, but may I ask you a huge favour, please? Would you mind leaving a review, a few words about your experience with Shield? If so, you can do that here.
Regards and have a great week! 🙂
Jelena
Hi Klaus,
Sorry to hear about the troubles you’re having.
Whenever you’re locked out/blocked as the result of Shield, you can use a forceoff method outlined here:
https://help.getshieldsecurity.com/article/118-im-locked-out-of-my-own-siteThis will keep plugin active allowing you to get back in and change settings.
Then you can use your old (current) password to login and change Password Policies rules.
Shield uses WordPress’ normal email sending system. If email isn’t arriving, that means that it’s getting blocked somewhere. You can check your audit trail and see that email is probably sent. The problem with using WordPress and your server to send emails is that it’s unpredictable and unreliable. It might work today, and not tomorrow, or not work at all. WordPress sites and servers just aren’t meant to send emails. We discuss this further here.
You’ll need to assess your email deliverability on your WordPress site by using a dedicated and properly configured email system such as Postmark.
Regarding Google Authenticator, this can’t be used in this situation because this is a 2nd authentication factor. The first factor is always your password which you have to pass before going to 2nd factor.
Hope this helps…
Regards,
Jelena
Hi Raffi,
Happy to hear that you like our plugin. 🙂
Regarding your question… May I ask you to clarify this little bit for us, please?
If you want to offer 2FA to your users, you can use the shortcode feature:
https://help.getshieldsecurity.com/article/429-how-to-add-shields-2famfa-ui-anywhere-on-your-siteIf that’s not what you’re looking for, can you just provide more details about your request, what exactly do you need, please?
Thanks,
Jelena
Hi,
Thanks so much for your question.
We’re sorry but we can’t discuss Shield Pro on these forums. We’ll respond to your support ticket.
Regards,
Jelena
Hi,
Sorry to hear about the troubles you’re having…
Please note that there’s no point in renaming your login URL to /login/ because every WordPress site that is running will work with /login/. If you use Shield to hide your login page to “/login” – it’s not hidden. It’s always there.
You can test your WordPress site (that isn’t running any sort of security plugin or plugins that modify the login paths) and if you add /login/ to the end of it, it’ll bring you to the wp-login.php. This “feature” is built into WordPress.
Best would be to remove your current custom login URL completely => save settings. This will remove the warning. Then, you can set a new one.
If you cannot access your site at all, you can use a forceoff method outlined here:
https://support.getshieldsecurity.com/support/solutions/articles/3000000959Then, login => remove your custom URL login => save settings => remove a “forceoff” file. After that, you can set a new custom URL.
Hope this helps.
Jelena