{ "properties": { "version": "19.1.0", "release_timestamp": 1710858000, "build": "202403.1901", "slug_parent": "icwp", "slug_plugin": "wpsf", "text_domain": "wp-simple-firewall", "base_permissions": "manage_options", "wpms_network_admin_only": true, "logging_enabled": true, "show_dashboard_widget": true, "show_admin_bar_menu": true, "autoupdate": "confidence", "autoupdate_days": 5, "enable_premium": true }, "requirements": { "php": "7.2", "wordpress": "5.7", "mysql": "5.6" }, "reqs_rest": { "php": "7.0", "wp": "5.7" }, "upgrade_reqs": { "18.2": { "php": "7.2", "wp": "5.7", "mysql": "5.6" }, "19.0": { "php": "7.4", "wp": "5.7", "mysql": "5.6" } }, "version_upgrades": [ "19.0.7", "18.2.0", "18.2.8" ], "paths": { "config": "config", "source": "src", "autoload": "lib/vendor/autoload.php", "assets": "assets", "languages": "languages", "templates": "templates", "custom_templates": "shield_templates", "flags": "flags", "cache": "shield" }, "includes": { "tp": { "bootstrap": { "css": "https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.2/css/bootstrap.min.css", "js": "https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.2/js/bootstrap.min.js" }, "highlightjs": { "js": "https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.1.0/highlight.min.js" }, "hcaptcha": { "js": "https://hcaptcha.com/1/api.js" }, "recaptcha": { "js": "https://www.google.com/recaptcha/api.js" }, "vimeo_player": { "js": "https://player.vimeo.com/api/player.js" } }, "dist": [ { "handle": "main", "zones": [ "plugin_admin" ], "deps": [ "wp-jquery" ], "types": [ "js", "css" ], "flags": { "admin_only": true } }, { "handle": "wpadmin", "zones": [ "wp_admin" ], "deps": [ "wp-jquery" ], "types": [ "js", "css" ], "flags": { "admin_only": true } }, { "handle": "badge", "zones": [ "front" ], "types": [ "js" ], "flags": { "admin_only": false } }, { "handle": "blockpage", "zones": [ "page_shield_block" ], "types": [ "js", "css" ], "flags": { "admin_only": false } }, { "handle": "login_2fa", "zones": [ "login_2fa", "page_login" ], "deps": [ "wp-jquery" ], "types": [ "js", "css" ], "flags": { "admin_only": false } }, { "handle": "login_guard", "zones": [ "page_login" ], "deps": [ "wp-jquery" ], "types": [ "js" ], "flags": { "admin_only": false } }, { "handle": "notbot", "types": [ "js" ], "flags": { "admin_only": false } }, { "handle": "reports", "types": [ "js" ], "flags": { "admin_only": true } }, { "handle": "userprofile", "zones": [ "page_user_profile", "page_shield_login_security" ], "types": [ "js", "css" ], "deps": [ "wp-jquery" ], "flags": { "admin_only": false } }, { "handle": "mainwp_server", "types": [ "js", "css" ], "flags": { "admin_only": true } } ] }, "menu": { "show": true, "top_level": true, "do_submenu_fix": true, "has_submenu": true }, "labels": { "Name": "Shield Security", "MenuTitle": "Shield Security", "Description": "Ultimate WP Security Protection - Scans, 2FA, Firewall, SPAM, Activity Log, Security Admin, and so much more.", "Title": "Shield Security", "Author": "Shield Security", "AuthorName": "Shield Security", "PluginURI": "https://shsec.io/2f", "AuthorURI": "https://shsec.io/bv", "url_img_pagebanner": "pluginlogo_banner-1544x500.png", "url_img_logo_small": "pluginlogo_banner-170x40.png", "icon_url_16x16": "pluginlogo_16x16.png", "icon_url_16x16_grey": "pluginlogo_16x16_grey.png", "icon_url_32x32": "pluginlogo_32x32.png", "icon_url_128x128": "pluginlogo_128x128.png" }, "meta": { "url_repo_home": "https://shsec.io/eh", "privacy_policy_href": "https://shsec.io/shieldprivacypolicy" }, "plugin_meta": [ { "name": "5✩ Rate This Plugin", "href": "https://shsec.io/wpsf29" } ], "action_links": { "remove": null, "add": [ { "name": "Security Dashboard", "title": "Go To Security Dashboard", "href": "getPluginUrl_DashboardHome", "target": "_top", "show": "always" }, { "name": "↑ Go Pro ↑", "title": "Get All PRO Security Features", "href": "https://shsec.io/d8", "target": "_blank", "highlight": true, "show": "free" } ] }, "config_spec": { "modules": { "admin_access_restriction": { "slug": "admin_access_restriction", "name": "Security Admin", "tagline": "Security admin allows you to restrict access to the security plugin itself.", "load_priority": 11, "config_menu_priority": 15, "order": 20, "show_central": true, "wpcli": { "cmd_base": "secadmin" } }, "audit_trail": { "slug": "audit_trail", "name": "Activity Log", "tagline": "Track All Site Activity: Who, What, When and Where", "order": 110, "load_priority": 11, "config_menu_priority": 35, "menu_priority": 40, "show_central": true, "reqs": { "dbs": [ "at_logs", "at_meta", "ips", "req_logs" ] } }, "autoupdates": { "slug": "autoupdates", "name": "Auto Updates", "tagline": "Take back full control of WordPress automatic updates", "order": 60, "load_priority": 100, "config_menu_priority": 55, "show_central": true }, "comments_filter": { "slug": "comments_filter", "storage_key": "commentsfilter", "name": "SPAM", "tagline": "Block comment SPAM while retaining your privacy", "order": 50, "load_priority": 100, "config_menu_priority": 40, "show_central": true, "reqs": { "dbs": [ "botsignal" ] } }, "data": { "slug": "data", "name": "Data", "load_priority": 2, "show_central": false, "show_module_options": false, "wpcli": { "enabled": false } }, "firewall": { "slug": "firewall", "name": "Firewall", "tagline": "Automatically block malicious HTTP requests and data sent to your site", "order": 30, "load_priority": 1000, "config_menu_priority": 44, "show_central": true }, "hack_protect": { "slug": "hack_protect", "name": "Scanners", "tagline": "Automatically detect & repair vulnerable and suspicious files, plugins and themes.", "order": 70, "load_priority": 100, "menu_priority": 20, "config_menu_priority": 25, "show_central": true, "reqs": { "dbs": [ "scans", "scanitems", "resultitems", "resultitem_meta", "scanresults" ] }, "rest_api": { "publish": true } }, "headers": { "slug": "headers", "name": "HTTP Headers", "tagline": "Control HTTP Security Headers", "order": 80, "load_priority": 100, "config_menu_priority": 60, "show_central": true }, "integrations": { "slug": "integrations", "name": "Integrations", "load_priority": 20, "config_menu_priority": 50, "show_central": true, "reqs": { "dbs": [ "botsignal", "ips" ] } }, "ips": { "slug": "ips", "name": "Bot/IP Blocking", "tagline": "Detect malicious bots and visitors, and block them from accessing the site.", "order": 100, "load_priority": 15, "menu_priority": 30, "config_menu_priority": 20, "show_central": true, "reqs": { "dbs": [ "ips" ] }, "rest_api": { "publish": true } }, "license": { "slug": "license", "name": "Pro Security", "tagline": "The Best In WordPress Security, Only Better.", "load_priority": 0, "show_module_options": false, "show_central": false, "rest_api": { "publish": true } }, "lockdown": { "slug": "lockdown", "name": "Lockdown", "tagline": "Lockdown access to some built-in features of a WordPress site.", "order": 90, "load_priority": 100, "config_menu_priority": 45, "show_central": true }, "login_protect": { "slug": "login_protect", "storage_key": "loginprotect", "name": "Login Protection", "tagline": "Add protections to your WordPress login forms and protect user accounts with 2-Factor Authentication.", "order": 40, "load_priority": 100, "config_menu_priority": 30, "show_central": true, "reqs": { "dbs": [ "botsignal" ] } }, "plugin": { "slug": "plugin", "name": "General", "tagline": "General plugin settings that apply across the entire plugin operation.", "load_priority": 1, "order": 10, "config_menu_priority": 10, "show_central": true, "rest_api": { "publish": true } }, "traffic": { "slug": "traffic", "name": "Traffic", "tagline": "Track and monitor all HTTP requests to the site.", "load_priority": 12, "menu_priority": 50, "order": 110, "config_menu_priority": 35, "show_central": true, "reqs": { "dbs": [ "ips", "req_logs" ] } }, "user_management": { "slug": "user_management", "name": "Users", "tagline": "Control user sessions, duration, timeouts and account sharing.", "load_priority": 100, "order": 40, "config_menu_priority": 31, "show_central": true } }, "sections": [ { "slug": "section_hidden", "module": "plugin", "hidden": true }, { "slug": "section_security_admin_settings", "module": "admin_access_restriction", "primary": true, "title": "Security Admin Restriction Settings", "title_short": "Security Admin Settings", "beacon_id": 215, "summary": [ "Purpose - Restrict access using a simple Access PIN.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_admin_access_restriction_areas", "module": "admin_access_restriction", "title": "Security Admin Restriction Zones", "title_short": "Access Restriction Zones", "beacon_id": 214, "summary": [ "Purpose - Restricts access to key WordPress areas for all users not authenticated with the Security Admin Access system.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_whitelabel", "module": "admin_access_restriction", "title": "Shield White Label", "title_short": "White Label", "beacon_id": 131, "summary": [ "Purpose - Rename and re-brand the Shield Security plugin for your client site installations." ] }, { "slug": "section_enable_admin_access_restriction", "module": "admin_access_restriction", "title": "Enable Module: WordPress Security Admin", "title_short": "Disable Module", "beacon_id": 213, "summary": [ "Purpose - Restricts access to this plugin preventing unauthorized changes to your security settings.", "Recommendation - Keep the Security Admin feature turned on.", "You need to also enter a new Access PIN to enable this feature." ] }, { "slug": "section_localdb", "primary": true, "module": "audit_trail", "title": "Log To DB", "title_short": "Log To DB", "beacon_id": 241, "summary": [ "Purpose - Provides finer control over the Activity Log itself.", "Recommendation - These settings are dependent on your requirements." ] }, { "slug": "section_at_file", "module": "audit_trail", "title": "Log To File", "title_short": "Log To File", "beacon_id": 241, "summary": [ "Purpose - Provides finer control over the Activity Log itself.", "Recommendation - These settings are dependent on your requirements." ] }, { "slug": "section_enable_plugin_feature_audit_trail", "module": "audit_trail", "title": "Enable Module: Activity Log", "title_short": "Disable Module", "beacon_id": 241, "summary": [ "Purpose - The Activity Log is designed so you can look back on events and analyse what happened and what may have gone wrong.", "Recommendation - Keep the Activity Log feature turned on." ] }, { "slug": "section_automatic_updates_for_wordpress_components", "primary": true, "module": "autoupdates", "title": "Automatic Updates For WordPress Components", "title_short": "WordPress Components", "beacon_id": 236, "summary": [ "Purpose - Control how automatic updates for each WordPress component is handled.", "Recommendation - You should at least allow minor updates for the WordPress core." ] }, { "slug": "section_options", "module": "autoupdates", "title": "Auto-Update Options", "title_short": "Auto-Update Options", "beacon_id": 234, "summary": "Purpose - Make adjustments to how automatic updates are handled on your site." }, { "slug": "section_enable_plugin_feature_automatic_updates_control", "module": "autoupdates", "title": "Enable Module: Automatic Updates", "title_short": "Disable Module", "beacon_id": 234, "summary": [ "Purpose - Automatic Updates lets you manage the WordPress automatic updates engine so you choose what exactly gets updated automatically.", "Recommendation - Keep the Automatic Updates feature turned on." ] }, { "primary": true, "slug": "section_bot_comment_spam_protection_filter", "module": "comments_filter", "title": "Automatic Bot Comment SPAM Protection Filter", "title_short": "Bot SPAM", "beacon_id": 260, "summary": [ "Purpose - Blocks 100% of all automated bot-generated comment SPAM.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_human_spam_filter", "module": "comments_filter", "title": "Human Comment SPAM Protection", "title_short": "Human SPAM", "beacon_id": 262, "summary": [ "Purpose - Uses a 3rd party SPAM dictionary to detect human-based comment SPAM.", "Recommendation - Use of this feature is highly recommend.This tool, unlike other SPAM tools such as Akismet, will not send your comment data to 3rd party services for analysis." ] }, { "slug": "section_bot_comment_spam_common", "module": "comments_filter", "title": "Common Settings For All SPAM Scanning", "title_short": "Common Settings", "beacon_id": 152, "summary": [ "Purpose - Settings that apply to all comment SPAM scanning." ] }, { "slug": "section_enable_plugin_feature_spam_comments_protection_filter", "module": "comments_filter", "title": "Enable Module: Comments SPAM Protection", "title_short": "Disable Module", "beacon_id": 257, "summary": [ "Purpose - The Comments Filter can block 100% of automated spam bots and also offer the option to analyse human-generated spam.", "Recommendation - Keep the Comments Filter feature turned on." ] }, { "primary": true, "slug": "section_firewall_blocking_options", "module": "firewall", "title": "Firewall Blocking Options", "title_short": "Firewall Blocking", "beacon_id": 333, "summary": [ "Here you choose what kind of malicious data to scan for.", "Recommendation - Turn on as many options here as you can. If you find an incompatibility or something stops working, un-check 1 option at a time until you find the problem or review the Activity Log." ] }, { "slug": "section_choose_firewall_block_response", "module": "firewall", "title": "Choose Firewall Block Response", "title_short": "Firewall Response", "beacon_id": 334, "summary": [ "Here you choose how the plugin will respond when it detects malicious data.", "Recommendation - Choose the option 'Die With Message'." ] }, { "slug": "section_whitelist", "module": "firewall", "title": "Whitelists - IPs, Pages, Parameters, and Users that bypass the Firewall", "title_short": "Whitelist", "beacon_id": 335, "summary": [ "In principle you should not need to whitelist anything or anyone unless you have discovered a collision with another plugin.", "Recommendation - Do not whitelist anything unless you are confident in what you are doing." ] }, { "slug": "section_enable_plugin_feature_wordpress_firewall", "module": "firewall", "title": "Enable Module: Firewall", "title_short": "Disable Module", "beacon_id": 253, "summary": [ "Purpose - The Firewall is designed to analyse data sent to your website and block any requests that appear to be malicious.", "Recommendation - Keep the Firewall feature turned on." ] }, { "primary": true, "slug": "section_file_guard", "module": "hack_protect", "title": "File Guard", "title_short": "File Guard", "beacon_id": 217, "summary": [ "Purpose - Monitor WordPress files and protect against malicious intrusion and hacking.", "Recommendation - Keep the File Guard features turned on." ] }, { "slug": "section_scan_wpv", "module": "hack_protect", "title": "Vulnerability Scanner", "title_short": "Vulnerability Scanner", "beacon_id": 217, "summary": [ "Purpose - Regularly scan your WordPress plugins and themes for known security vulnerabilities.", "Recommendation - Ensure this is turned on and you will always know if any of your assets have known security vulnerabilities." ] }, { "slug": "section_scan_options", "module": "hack_protect", "title": "Scan Options", "title_short": "Scan Options", "beacon_id": 217, "summary": [ "Purpose - Set how often the Hack Guard scans will run." ] }, { "slug": "section_enable_plugin_feature_hack_protection_tools", "module": "hack_protect", "title": "Enable Module: Hack Guard", "title_short": "Disable Module", "beacon_id": 217, "summary": [ "Purpose - Hack Guard is a set of tools to warn you and protect you against hacks on your site.", "Recommendation - Keep the Hack Guard module turned on." ] }, { "primary": true, "slug": "section_security_headers", "module": "headers", "title": "Advanced Security Headers", "title_short": "Security Headers", "beacon_id": 267, "summary": [ "Purpose - Protect visitors to your site by implementing increased security response headers.", "Recommendation - Enabling these features are advised, but you must test them on your site thoroughly." ] }, { "slug": "section_content_security_policy", "module": "headers", "title": "Content Security Policy", "title_short": "Content Security Policy", "beacon_id": 155, "summary": [ "Purpose - Restrict the sources and types of content that may be loaded and processed by visitor browsers.", "Recommendation - Enabling these features are advised, but you must test them on your site thoroughly." ] }, { "slug": "section_enable_plugin_feature_headers", "module": "headers", "title": "Enable Module: HTTP Headers", "title_short": "Disable Module", "beacon_id": 265, "summary": [ "Purpose - Protect visitors to your site by implementing increased security response headers.", "Recommendation - Enabling these features are advised, but you must test them on your site thoroughly." ] }, { "primary": true, "slug": "section_integrations", "module": "integrations", "title": "Integrations", "title_short": "Integrations", "beacon_id": 404 }, { "slug": "section_spam", "module": "integrations", "title": "SPAM Detection", "title_short": "SPAM Detection", "beacon_id": 138 }, { "slug": "section_user_forms", "module": "integrations", "title": "User Forms Bot Detection", "title_short": "User Forms Bot Detection", "beacon_id": 239 }, { "primary": true, "slug": "section_auto_black_list", "module": "ips", "title": "Automatic IP Black List", "title_short": "Auto IP Blocking Rules", "beacon_id": 208, "summary": [ "Purpose - The Automatic IP Black List system will block the IP addresses of naughty visitors after a specified number of transgressions.", "Recommendation - Keep the Automatic IP Black List feature turned on." ] }, { "slug": "section_antibot", "module": "ips", "title": "AntiBot System", "title_short": "AntiBot System" }, { "slug": "section_crowdsec", "module": "ips", "title": "CrowdSec", "title_short": "CrowdSec" }, { "slug": "section_bot_behaviours", "module": "ips", "title": "Identify Common Bot Behaviours", "title_short": "Bot Behaviours", "beacon_id": 124, "summary": [ "Recommendation - Enable to capture bots/spiders that don't honour 'nofollow' directives." ] }, { "slug": "section_user_messages", "module": "ips", "title": "Customize Messages Shown To User", "title_short": "Visitor Messages", "beacon_id": 139, "summary": [ "Purpose - Customize the messages shown to visitors.", "Recommendation - Be sure to change the messages to suit your audience.", "Hint - To reset any message to its default, enter the text exactly: default" ] }, { "slug": "section_enable_plugin_feature_ips", "module": "ips", "title": "Enable Module: IP Manager", "title_short": "Disable Module", "beacon_id": 208, "summary": [ "Purpose - The IP Manager allows you to whitelist, blacklist and configure auto-blacklist rules.", "Recommendation - Keep the IP Manager feature turned on. You should also carefully review the automatic black list settings." ] }, { "primary": true, "slug": "section_apixml", "module": "lockdown", "title": "WordPress System Lockdown", "title_short": "System", "beacon_id": 413, "summary": [ "Purpose - Lockdown certain core WordPress system features.", "Recommendation - This depends on your usage and needs for certain WordPress functions and features." ] }, { "slug": "section_permission_access_options", "module": "lockdown", "title": "Permissions and Access Options", "title_short": "Permissions", "beacon_id": 415, "summary": [ "Purpose - Provides finer control of certain WordPress permissions.", "Recommendation - Only enable SSL if you have a valid certificate installed." ] }, { "slug": "section_wordpress_obscurity_options", "module": "lockdown", "title": "WordPress Obscurity Options", "title_short": "Obscurity", "beacon_id": 418, "summary": [ "Purpose - Obscures certain WordPress settings from public view.", "Recommendation - Obscurity is not true security and so these settings are down to your personal tastes." ] }, { "slug": "section_enable_plugin_feature_wordpress_lockdown", "module": "lockdown", "title": "Enable Module: Lockdown", "title_short": "Disable Module", "beacon_id": 272, "summary": [ "Purpose - Lockdown helps secure-up certain loosely-controlled WordPress settings on your site.", "Recommendation - Keep the Lockdown feature turned on." ] }, { "primary": true, "slug": "section_brute_force_login_protection", "module": "login_protect", "title": "Brute Force Login Guard", "title_short": "Brute Force", "beacon_id": 325, "summary": [ "Purpose - Blocks brute force hacking attacks against your login and registration pages.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_twofactor_auth", "module": "login_protect", "title": "Multi-Factor Authentication", "title_short": "2-Factor Auth", "beacon_id": 326, "summary": [ "Purpose - Verifies the identity of users who log in to your site - i.e. they are who they say they are.", "Recommendation - Use of this feature is highly recommend. However, if your host blocks email sending you may lock yourself out.", "Note: You may combine multiple authentication factors for increased security." ] }, { "slug": "section_2fa_email", "module": "login_protect", "title": "Email Two-Factor Authentication", "title_short": "2FA - Email", "beacon_id": 246, "summary": [ "Purpose - Verifies the identity of users who log in to your site using email-based one-time-passwords.", "Recommendation - Use of this feature is highly recommend. However, if your host blocks email sending you may lock yourself out.", "Note: You may combine multiple authentication factors for increased security." ] }, { "slug": "section_2fa_otp", "module": "login_protect", "title": "One-Time Passwords", "title_short": "OTP", "beacon_id": 244, "summary": [ "Purpose - Verifies the identity of users who log in to your site using Google Authenticator one-time-passwords.", "Recommendation - Use of this feature is highly recommend. However, if your host blocks email sending you may lock yourself out.", "Note: You may combine multiple authentication factors for increased security." ] }, { "slug": "section_2fa_passkeys", "module": "login_protect", "title": "Hardware 2-Factor Authentication", "title_short": "2FA - Hardware", "beacon_id": 249, "summary": [ "Purpose - Verifies the identity of users who log in to your site using Yubikey one-time-passwords.", "Note: You may combine multiple authentication factors for increased security." ] }, { "slug": "section_rename_wplogin", "module": "login_protect", "title": "Hide WP Login Page", "title_short": "Hide Login Page", "beacon_id": 316, "summary": [ "Purpose - To hide your wp-login.php page from brute force attacks and hacking attempts - if your login page cannot be found, no-one can login.", "Recommendation - This is not required for complete security and if your site has irregular or inconsistent configuration it may not work for you." ] }, { "slug": "section_enable_plugin_feature_login_protection", "module": "login_protect", "title": "Disable Login Guard Module", "title_short": "Disable", "beacon_id": 249, "summary": [ "Purpose - Login Guard blocks all automated and brute force attempts to log in to your site.", "Recommendation - Keep the Login Guard module turned on." ] }, { "slug": "section_deprecated", "module": "login_protect", "title": "Deprecated", "title_short": "Deprecated", "summary": [ "These options will be removed in the future. Please use the ADE option under Bot SPAM section." ] }, { "slug": "section_defaults", "primary": true, "module": "plugin", "title": "Plugin Defaults", "title_short": "Plugin Defaults", "beacon_id": 389 }, { "slug": "section_reporting", "module": "plugin", "title": "Reporting", "title_short": "Reporting", "beacon_id": 136 }, { "slug": "section_importexport", "module": "plugin", "title": "Import / Export", "title_short": "Import / Export", "beacon_id": 129 }, { "slug": "section_global_security_options", "module": "plugin", "title": "Global Plugin Security Options", "title_short": "Disable Shield" }, { "primary": true, "slug": "section_traffic_options", "module": "traffic", "title": "Traffic Log Options", "title_short": "Options", "beacon_id": 153, "summary": [ "Purpose - Provides finer control over the live traffic system.", "Recommendation - These settings are dependent on your requirements." ] }, { "slug": "section_traffic_limiter", "module": "traffic", "title": "Traffic Rate Limiting", "title_short": "Rate Limiting", "beacon_id": 420, "summary": [ "Purpose - Provides ability to restrict excessive requests from a single visitor.", "Recommendation - These settings are dependent on your requirements." ] }, { "slug": "section_enable_plugin_feature_traffic", "module": "traffic", "title": "Enable Module: Traffic Log", "title_short": "Disable Module", "beacon_id": 153, "summary": [ "Purpose - The Traffic Log module lets you monitor and review all requests to your site.", "Recommendation - Required only if you need to review and investigate and monitor requests to your site." ] }, { "primary": true, "slug": "section_user_session_management", "module": "user_management", "title": "User Session Management", "title_short": "Session Options", "beacon_id": 397, "summary": [ "Purpose - Allows you to better control user sessions on your site and expire idle sessions and prevent account sharing.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_passwords", "module": "user_management", "title": "Password Policies", "title_short": "Password Policies", "beacon_id": 256, "summary": [ "Purpose - Have full control over passwords used by users on the site.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_user_reg", "module": "user_management", "title": "User Registration", "title_short": "User Registration", "beacon_id": 145, "summary": [ "Purpose - Control user registration and prevent SPAM.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_suspend", "module": "user_management", "title": "Automatic And Manual User Suspension", "title_short": "User Suspension", "beacon_id": 273, "summary": [ "Purpose - Automatically suspend accounts to prevent login by certain users.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_admin_login_notification", "module": "user_management", "title": "Admin Login Notification", "title_short": "Notifications", "beacon_id": 147, "summary": [ "Purpose - So you can be made aware of when a WordPress administrator has logged into your site when you are not expecting it.", "Recommendation - Use of this feature is highly recommend." ] }, { "slug": "section_enable_plugin_feature_user_accounts_management", "module": "user_management", "title": "Enable Module: User Management", "title_short": "Disable Module", "beacon_id": 273, "summary": [ "Purpose - User Management offers real user sessions, finer control over user session time-out, and ensures users have logged-in in a correct manner.", "Recommendation - Keep the User Management feature turned on." ] } ], "options": [ { "key": "enable_admin_access_restriction", "section": "section_enable_admin_access_restriction", "advanced": true, "default": "Y", "type": "checkbox", "beacon_id": 213, "link_info": "", "link_blog": "https://shsec.io/wpsf02", "name": "Enable Security Admin", "summary": "Enforce Security Admin Access Restriction", "description": "Enable this with great care and consideration. When this Access PIN option is enabled, you must specify a key below and use it to gain access to this plugin." }, { "key": "admin_access_key", "section": "section_security_admin_settings", "sensitive": true, "default": "", "type": "password", "beacon_id": 215, "link_info": "https://shsec.io/42", "link_blog": "", "name": "Security Admin Access PIN", "summary": "Provide/Update Security Admin Access PIN", "description": "Careful: If you forget this, you could potentially lock yourself out from using this plugin." }, { "key": "sec_admin_users", "section": "section_security_admin_settings", "advanced": true, "sensitive": true, "premium": true, "default": [], "type": "array", "link_info": "https://shsec.io/dk", "link_blog": "", "beacon_id": 132, "name": "Security Admins", "summary": "Persistent Security Admins", "description": "All emails, usernames, or user IDs entered here will always be Security Admins." }, { "key": "admin_access_timeout", "section": "section_security_admin_settings", "advanced": true, "type": "integer", "default": 30, "min": 1, "link_info": "https://shsec.io/41", "link_blog": "", "beacon_id": 387, "name": "Security Admin Timeout", "summary": "Specify An Automatic Timeout Interval For Security Admin Access", "description": "This will automatically expire your Security Admin Session. Does not apply until you enter the access PIN again. Default: 60 minutes." }, { "key": "allow_email_override", "section": "section_security_admin_settings", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/gf", "link_blog": "", "beacon_id": 385, "name": "Allow Email Override", "summary": "Allow Email Override Of Admin Access Restrictions", "description": "Allow the use of verification emails to override and switch off the Security Admin restrictions." }, { "key": "enable_mu", "section": "section_security_admin_settings", "advanced": true, "premium": true, "cap": "run_as_mu", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/i1", "link_blog": "https://shsec.io/lk", "beacon_id": 460, "name": "Run In MU Mode", "summary": "Run Plugin In Must-Use (MU) Mode", "description": "Setup the plugin to run as an MU-plugin to prevent accidental deactivation." }, { "key": "admin_access_restrict_options", "section": "section_admin_access_restriction_areas", "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/a0", "link_blog": "https://shsec.io/wpsf32", "beacon_id": 214, "name": "WordPress Options", "summary": "Restrict Access To Certain WordPress Admin Options", "description": "Careful: This will restrict the ability of WordPress administrators from changing key WordPress settings." }, { "key": "admin_access_restrict_admin_users", "section": "section_admin_access_restriction_areas", "advanced": true, "default": "N", "type": "checkbox", "link_info": "https://shsec.io/a0", "link_blog": "", "beacon_id": 214, "name": "Admin Users", "summary": "Restrict Access To Create/Delete/Modify Other Admin Users", "description": "Careful: This will restrict the ability of WordPress administrators from creating, modifying or promoting other administrators." }, { "key": "admin_access_restrict_plugins", "section": "section_admin_access_restriction_areas", "advanced": true, "type": "multiple_select", "default": [], "value_options": [ { "value_key": "activate_plugins", "text": "Activate" }, { "value_key": "install_plugins", "text": "Install" }, { "value_key": "update_plugins", "text": "Update" }, { "value_key": "delete_plugins", "text": "Delete" } ], "link_info": "https://shsec.io/a0", "link_blog": "https://shsec.io/wpsf21", "beacon_id": 214, "summary": "Restrict Access To Key WordPress Plugin Actions", "description": "Careful: This will restrict access to plugin installation, update, activation and deletion. Note: Selecting 'Activate' will also restrict all other options." }, { "key": "admin_access_restrict_themes", "section": "section_admin_access_restriction_areas", "advanced": true, "type": "multiple_select", "default": [], "value_options": [ { "value_key": "switch_themes", "text": "Activate" }, { "value_key": "edit_theme_options", "text": "Edit Theme Options" }, { "value_key": "install_themes", "text": "Install" }, { "value_key": "update_themes", "text": "Update" }, { "value_key": "delete_themes", "text": "Delete" } ], "link_info": "https://shsec.io/a0", "link_blog": "https://shsec.io/wpsf21", "beacon_id": 214, "summary": "Restrict Access To WordPress Theme Actions", "description": "Careful: This will restrict access to theme installation, update, activation and deletion." }, { "key": "admin_access_restrict_posts", "section": "section_admin_access_restriction_areas", "advanced": true, "type": "multiple_select", "default": [], "value_options": [ { "value_key": "edit", "text": "Create/Edit" }, { "value_key": "publish", "text": "Publish" }, { "value_key": "delete", "text": "Delete" } ], "link_info": "https://shsec.io/a0", "link_blog": "https://shsec.io/wpsf21", "beacon_id": 214, "summary": "Restrict Access To Key WordPress Posts And Pages Actions", "description": "Careful: This will restrict access to page/post creation, editing and deletion." }, { "key": "whitelabel_enable", "section": "section_whitelabel", "premium": true, "cap": "whitelabel", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/dr", "link_blog": "https://shsec.io/ds", "beacon_id": 131, "name": "Enable White Label", "summary": "Activate Your White Label Settings", "description": "Use this option to turn on/off the whole White Label feature." }, { "key": "wl_hide_updates", "section": "section_whitelabel", "default": "Y", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Hide Updates", "summary": "Hide Available Updates From Non Security Admins", "description": "Hides the availability of Shield updates from non-security admins." }, { "key": "wl_replace_badge_url", "section": "section_whitelabel", "premium": true, "cap": "whitelabel", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Replace Plugin Badge", "summary": "Replace Plugin Badge URL and Images", "description": "When using the plugin badge, replace the URL and link with your Whitelabel settings." }, { "key": "wl_pluginnamemain", "section": "section_whitelabel", "sensitive": true, "default": "Shield", "type": "text", "beacon_id": 216, "link_info": "https://shsec.io/dt", "link_blog": "", "name": "Plugin Name", "summary": "The Name Of The Plugin", "description": "The Name Of The Plugin." }, { "key": "wl_namemenu", "section": "section_whitelabel", "sensitive": true, "default": "Shield Security", "type": "text", "beacon_id": 216, "link_info": "", "link_blog": "", "name": "Menu Title", "summary": "The Main Menu Title Of The Plugin", "description": "The Main Menu Title Of The Plugin. If left empty, the Plugin Name will be used." }, { "key": "wl_companyname", "section": "section_whitelabel", "sensitive": true, "default": "Example Company Name", "type": "text", "beacon_id": 216, "link_info": "https://shsec.io/dt", "link_blog": "", "name": "Company Name", "summary": "The Name Of Your Company", "description": "Provide the name of your company." }, { "key": "wl_description", "section": "section_whitelabel", "sensitive": true, "default": "Secure Your Sites With The World's Most Powerful WordPress Security Plugin", "type": "text", "beacon_id": 216, "link_info": "", "link_blog": "", "name": "Plugin Tag Line", "summary": "The Tag Line Of The Plugin", "description": "The Tag Line Of The Plugin." }, { "key": "wl_homeurl", "section": "section_whitelabel", "sensitive": true, "default": "https://shsec.io/7f", "type": "text", "beacon_id": 216, "link_info": "", "link_blog": "", "name": "Home URL", "summary": "Plugin Home Page URL", "description": "When a user clicks the home link for this plugin, this is where they'll be directed." }, { "key": "wl_menuiconurl", "section": "section_whitelabel", "sensitive": true, "default": "pluginlogo_16x16.png", "type": "text", "beacon_id": 216, "link_info": "https://shsec.io/dt", "link_blog": "", "name": "Menu Icon", "summary": "Menu Icon URL", "description": "The URL of the icon displayed in the menu." }, { "key": "wl_dashboardlogourl", "section": "section_whitelabel", "sensitive": true, "default": "pluginlogo_128x128.png", "type": "text", "beacon_id": 216, "link_info": "", "link_blog": "", "name": "Plugin Badge Logo", "summary": "Plugin Badge Logo URL", "description": "The URL of the logo displayed in the main dashboard. Should be 128x128px" }, { "key": "wl_login2fa_logourl", "section": "section_whitelabel", "sensitive": true, "default": "pluginlogo_banner-772x250.png", "type": "text", "beacon_id": 216, "link_info": "", "link_blog": "", "name": "Dashboard and 2FA Logo", "summary": "Dashboard and 2FA Logo URL", "description": "The URL of the logo displayed in the main dashboard. Should be 128x128px" }, { "key": "enable_audit_trail", "section": "section_enable_plugin_feature_audit_trail", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/5p", "link_blog": "https://shsec.io/a1", "beacon_id": 241, "name": "Enable Activity Log", "summary": "Enable (or Disable) The Activity Log module", "description": "Un-Checking this option will completely disable the Activity Log module" }, { "key": "log_level_db", "section": "section_localdb", "type": "multiple_select", "default": [ "alert", "warning", "notice" ], "value_options": [ { "value_key": "disabled", "text": "Logging Disabled" }, { "value_key": "alert", "text": "Alert" }, { "value_key": "warning", "text": "Warning" }, { "value_key": "notice", "text": "Notice" }, { "value_key": "info", "text": "Info" }, { "value_key": "debug", "text": "Debug" } ], "link_info": "", "link_blog": "", "beacon_id": 375, "name": "Logging Level", "summary": "Logging Level For DB-Based Logs", "description": "Logging Level For DB-Based Logs" }, { "key": "audit_trail_auto_clean", "section": "section_localdb", "type": "integer", "default": 7, "min": 1, "link_info": "https://shsec.io/a2", "link_blog": "https://shsec.io/a1", "beacon_id": 375, "name": "Auto Clean", "summary": "Enable Audit Auto Cleaning", "description": "Events older than the number of days specified will be automatically cleaned from the database" }, { "key": "log_level_file", "section": "section_at_file", "premium": true, "cap": "activity_logs_send_to_file", "type": "multiple_select", "default": [ "disabled" ], "value_options": [ { "value_key": "disabled", "text": "Logging Disabled" }, { "value_key": "same_as_db", "text": "Same As DB" }, { "value_key": "alert", "text": "Alert" }, { "value_key": "warning", "text": "Warning" }, { "value_key": "notice", "text": "Notice" }, { "value_key": "info", "text": "Info" }, { "value_key": "debug", "text": "Debug" } ], "link_info": "", "link_blog": "", "beacon_id": 375, "name": "File Logging Level", "summary": "Logging Level For File-Based Logs", "description": "Logging Level For File-Based Logs" }, { "key": "enable_autoupdates", "section": "section_enable_plugin_feature_automatic_updates_control", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/3w", "link_blog": "https://shsec.io/hj", "beacon_id": 234, "name": "Enable Automatic Updates", "summary": "Enable (or Disable) The Automatic Updates module", "description": "Un-Checking this option will completely disable the Automatic Updates module" }, { "key": "enable_autoupdate_disable_all", "section": "section_automatic_updates_for_wordpress_components", "advanced": true, "default": "N", "type": "checkbox", "link_info": "https://shsec.io/3v", "link_blog": "https://shsec.io/k6", "beacon_id": 405, "name": "Disable All", "summary": "Completely Disable WordPress Automatic Updates", "description": "When selected, regardless of any other settings, all WordPress automatic updates on this site will be completely disabled!" }, { "key": "autoupdate_core", "section": "section_automatic_updates_for_wordpress_components", "default": "core_minor", "type": "select", "value_options": [ { "value_key": "core_never", "text": "Never" }, { "value_key": "core_minor", "text": "Minor Versions Only" }, { "value_key": "core_major", "text": "Major and Minor Versions" } ], "link_info": "https://shsec.io/k5", "link_blog": "", "beacon_id": 237, "name": "WordPress Core Updates", "summary": "Decide how the WordPress Core will automatically update, if at all", "description": "At least automatically upgrading minor versions is recommended (and is the WordPress default)." }, { "key": "enable_autoupdate_plugins", "section": "section_automatic_updates_for_wordpress_components", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Plugins", "summary": "Automatically Update Plugins", "description": "Note: Automatic updates for plugins are disabled on WordPress by default." }, { "key": "enable_autoupdate_themes", "section": "section_automatic_updates_for_wordpress_components", "advanced": true, "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Themes", "summary": "Automatically Update Themes", "description": "Note: Automatic updates for themes are disabled on WordPress by default." }, { "key": "update_delay", "section": "section_options", "premium": true, "type": "integer", "default": 0, "link_info": "https://shsec.io/e5", "link_blog": "", "beacon_id": 137, "name": "Update Delay", "summary": "Delay Automatic Updates For Period Of Stability", "description": "Shield will delay upgrades until the new update has been available for the set number of days." }, { "key": "autoupdate_plugin_self", "section": "section_options", "advanced": true, "default": "auto", "type": "select", "value_options": [ { "value_key": "auto", "text": "Let The Plugin Decide" }, { "value_key": "disabled", "text": "Disabled" }, { "value_key": "immediate", "text": "As Soon As Possible" } ], "link_info": "https://shsec.io/3x", "link_blog": "", "beacon_id": 409, "name": "Auto Update Plugin", "summary": "Always Automatically Update This Plugin", "description": "Regardless of any other settings, automatically update the Shield plugin." }, { "key": "enable_upgrade_notification_email", "section": "section_options", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Send Report Email", "summary": "Send email notices after automatic updates", "description": "You can turn on/off email notices from automatic updates by un/checking this box." }, { "key": "override_email_address", "section": "section_options", "sensitive": true, "default": "", "type": "email", "link_info": "", "link_blog": "", "name": "Report Email Address", "summary": "Where to send upgrade notification reports", "description": "If this is empty, it will default to the Site Admin email address" }, { "key": "delay_tracking", "section": "section_hidden", "sensitive": true, "type": "array", "default": [] }, { "key": "enable_comments_filter", "section": "section_enable_plugin_feature_spam_comments_protection_filter", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/3z", "link_blog": "https://shsec.io/wpsf04", "beacon_id": 257, "name": "Enable SPAM Protection", "summary": "Enable (or Disable) The Comments SPAM Protection module", "description": "Un-Checking this option will completely disable the Comments SPAM Protection module" }, { "key": "trusted_commenter_minimum", "section": "section_bot_comment_spam_common", "type": "integer", "default": 1, "min": 1, "link_info": "https://shsec.io/fu", "link_blog": "", "beacon_id": 152, "name": "Trusted Commenter Minimum", "summary": "Minimum Number Of Approved Comments Before Commenter Is Trusted", "description": "Specify how many approved comments must exist before a commenter is trusted and their comments are no longer scanned." }, { "key": "trusted_user_roles", "section": "section_bot_comment_spam_common", "premium": true, "default": [ "administrator", "editor", "author", "contributor", "subscriber" ], "type": "array", "link_info": "https://shsec.io/fu", "link_blog": "", "beacon_id": 152, "name": "Trusted Users", "summary": "Don't Scan Comments For Users With The Following Roles", "description": "Shield doesn't normally scan comments from logged-in or registered users. Specify user roles here that shouldn't be scanned." }, { "key": "enable_antibot_comments", "section": "section_bot_comment_spam_protection_filter", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/k1", "link_blog": "https://shsec.io/jo", "beacon_id": 427, "name": "AntiBot Detection Technology", "summary": "Use Shield's Unique AntiBot Detection Technology", "description": "Use Shield's AntiBot Detection Engine To Detect and Block SPAM Bots." }, { "key": "comments_default_action_spam_bot", "section": "section_bot_comment_spam_protection_filter", "default": "spam", "type": "select", "value_options": [ { "value_key": "0", "text": "Move To Pending Moderation" }, { "value_key": "spam", "text": "Move To SPAM" }, { "value_key": "trash", "text": "Move To Trash" }, { "value_key": "reject", "text": "Block And Redirect" } ], "link_info": "https://shsec.io/6j", "link_blog": "", "beacon_id": 260, "name": "SPAM Action", "summary": "How To Categorise Comments When Identified To Be SPAM", "description": "When a comment is detected as being SPAM from an automatic bot, the comment will be categorised based on this setting." }, { "key": "enable_comments_human_spam_filter", "section": "section_human_spam_filter", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/57", "link_blog": "https://shsec.io/9w", "beacon_id": 262, "name": "Human SPAM Filter", "summary": "Enable (or Disable) The Human SPAM Filter module", "description": "Scans the content of WordPress comments for keywords that are indicative of SPAM and marks the comment according to your preferred setting below." }, { "key": "comments_cooldown", "section": "section_human_spam_filter", "type": "integer", "default": 30, "min": 0, "link_info": "https://shsec.io/ll", "link_blog": "", "beacon_id": 762, "name": "Comments Cooldown", "summary": "Minimum Time Interval Between Comments", "description": "Prevents comment floods and ensure a minimum period before any further comments are accepted on the site." }, { "key": "comments_default_action_human_spam", "section": "section_human_spam_filter", "default": "0", "type": "select", "value_options": [ { "value_key": "0", "text": "Move To Pending Moderation" }, { "value_key": "spam", "text": "Move To SPAM" }, { "value_key": "trash", "text": "Move To Trash" }, { "value_key": "reject", "text": "Block And Redirect" } ], "name": "SPAM Action", "summary": "How To Categorise Comments When Identified To Be SPAM'", "description": "When a comment is detected as being SPAM from a human commenter, the comment will be categorised based on this setting." }, { "key": "last_comment_request_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "enable_firewall", "section": "section_enable_plugin_feature_wordpress_firewall", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/43", "link_blog": "https://shsec.io/wpsf01", "beacon_id": 253, "name": "Enable Firewall", "summary": "Enable (or Disable) The Firewall module", "description": "Un-Checking this option will completely disable the Firewall module" }, { "key": "block_dir_traversal", "section": "section_firewall_blocking_options", "default": "Y", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Directory Traversals", "summary": "Block Directory Traversals", "description": "This will block directory traversal paths in in application parameters." }, { "key": "block_sql_queries", "section": "section_firewall_blocking_options", "default": "Y", "type": "checkbox", "link_info": "", "link_blog": "", "name": "SQL Queries", "summary": "Block SQL Queries", "description": "This will block SQL in application parameters." }, { "key": "block_wordpress_terms", "section": "section_firewall_blocking_options", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "WordPress Terms", "summary": "Block WordPress Specific Terms", "description": "This will block WordPress specific terms in application parameters (wp_, user_login, etc.)." }, { "key": "block_field_truncation", "section": "section_firewall_blocking_options", "default": "Y", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Field Truncation", "summary": "Block Field Truncation Attacks", "description": "This will block field truncation attacks in application parameters" }, { "key": "block_php_code", "section": "section_firewall_blocking_options", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "PHP Code", "summary": "Block PHP Code Includes", "description": "This will block any data that appears to try and include PHP files. Will probably block saving within the Plugin/Theme file editors." }, { "key": "block_exe_file_uploads", "section": "section_firewall_blocking_options", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Exe File Uploads", "summary": "Block Executable File Uploads", "description": "This will block executable file uploads (.php, .exe, etc.)." }, { "key": "block_aggressive", "section": "section_firewall_blocking_options", "advanced": true, "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Aggressive Scan", "summary": "Aggressively Block Data", "description": "Employs a set of aggressive rules to detect and block malicious data submitted to your site. Warning - May cause an increase in false-positive firewall blocks." }, { "key": "block_response", "section": "section_choose_firewall_block_response", "advanced": true, "default": "redirect_die_message", "type": "select", "value_options": [ { "value_key": "redirect_die_message", "text": "Die With Message" }, { "value_key": "redirect_die", "text": "Die" }, { "value_key": "redirect_home", "text": "Redirect To Home Page" }, { "value_key": "redirect_404", "text": "Return 404" } ], "beacon_id": 334, "link_info": "", "link_blog": "", "name": "Block Response", "summary": "How the firewall responds when it blocks a request", "description": "We recommend dying with a message so you know what might have occurred when the firewall blocks you." }, { "key": "block_send_email", "section": "section_choose_firewall_block_response", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Send Email Report", "summary": "When a visitor is blocked the firewall will send an email to the configured email address", "description": "Use with caution - if you get hit by automated bots you may send out too many emails and you could get blocked by your host." }, { "key": "page_params_whitelist", "section": "section_whitelist", "advanced": true, "default": "[]", "type": "array", "link_info": "https://shsec.io/2a", "link_blog": "", "beacon_id": 335, "name": "Whitelist Parameters", "summary": "Detail pages and parameters that are whitelisted (ignored by the firewall)", "description": "This should be used with caution and you should only provide parameter names that you must have excluded" }, { "key": "whitelist_admins", "section": "section_whitelist", "advanced": true, "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Ignore Administrators", "summary": "Ignore Administrators", "description": "Authenticated administrator users will not be processed by the firewall rules." }, { "key": "enable_hack_protect", "section": "section_enable_plugin_feature_hack_protection_tools", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/wpsf38", "link_blog": "", "beacon_id": 217, "name": "Enable Hack Guard", "summary": "Enable (or Disable) The Hack Guard Module", "description": "Un-Checking this option will completely disable the Hack Guard module" }, { "key": "enable_core_file_integrity_scan", "section": "section_file_guard", "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/hd", "link_blog": "https://shsec.io/wpsf37", "beacon_id": 454, "name": "WP Core File Scanner", "summary": "Automatically Scans WordPress Core Files For Alterations", "description": "Compares all WordPress core files on your site against the official WordPress files. WordPress Core files should never be altered for any reason." }, { "key": "file_scan_areas", "section": "section_file_guard", "premium": true, "cap": "scan_file_areas", "type": "multiple_select", "default": [ "wp" ], "value_options": [ { "value_key": "wp", "text": "WP core files (excludes /wp-content/)", "premium": true }, { "value_key": "malware_php", "text": "PHP Malware (all PHP files)", "premium": true, "cap": "scan_malware_local" }, { "value_key": "plugins", "text": "Plugins", "premium": true, "cap": "scan_pluginsthemes_local" }, { "value_key": "themes", "text": "Themes", "premium": true, "cap": "scan_pluginsthemes_local" }, { "value_key": "wpcontent", "text": "wp-content directory", "premium": true, "cap": "scan_files_everywhere" }, { "value_key": "wproot", "text": "WP root directory", "premium": true, "cap": "scan_files_everywhere" } ], "link_info": "https://shsec.io/wpsf36", "link_blog": "https://shsec.io/wpsf37", "beacon_id": 743, "name": "File Scan Areas", "summary": "Which Files Should Be Scanned", "description": "Specific file scan areas." }, { "key": "file_repair_areas", "section": "section_file_guard", "premium": true, "cap": "scan_auto_repair", "type": "multiple_select", "default": [], "value_options": [ { "value_key": "wp", "text": "WP Core" }, { "value_key": "plugin", "text": "Plugin Files", "premium": true }, { "value_key": "theme", "text": "Theme Files", "premium": true } ], "link_info": "https://shsec.io/wpsf36", "link_blog": "https://shsec.io/wpsf37", "beacon_id": 228, "name": "Auto File Repair", "summary": "Which Files Should Be Automatically Repaired?", "description": "When a file is modified, or malware is detected, Shield can try to repair files." }, { "key": "file_locker", "section": "section_file_guard", "premium": true, "cap": "scan_file_locker", "type": "multiple_select", "default": [], "value_options": [ { "value_key": "wpconfig", "text": "WP Config" }, { "value_key": "root_htaccess", "text": "Root .htaccess" }, { "value_key": "root_index", "text": "Root index.php" }, { "value_key": "root_webconfig", "text": "Root Web.Config" } ], "link_info": "https://shsec.io/h7", "link_blog": "https://shsec.io/h8", "beacon_id": 226, "vimeo_id": "815602380", "name": "File Locker", "summary": "Lock Files Against Tampering and Changes", "description": "As soon as changes are detected to any selected files, the contents may be examined and reverted." }, { "key": "scan_path_exclusions", "section": "section_file_guard", "advanced": true, "premium": true, "default": [ "wp-content/cache/", "wp-content/nfwlog/", "wp-content/wflogs/", "*/error_log", "*/php_error_log", "*/mail.log", "*/php_mail.log", "*/.stylelintrc-css.json", "*/.stylelintrc.json", "*/sucuri-*.php" ], "type": "array", "link_info": "", "link_blog": "", "beacon_id": 441, "name": "Scan Exclusions", "summary": "Scan File and Folder Exclusions", "description": "Scan File and Folder Exclusions." }, { "key": "enabled_scan_apc", "section": "section_scan_wpv", "type": "checkbox", "default": "Y", "link_info": "https://shsec.io/ew", "link_blog": "https://shsec.io/eo", "beacon_id": 225, "name": "Abandoned Plugin Scanner", "summary": "Enable The Abandoned Plugin Scanner", "description": "Scan your WordPress.org assets for whether they've been abandoned." }, { "key": "enable_wpvuln_scan", "section": "section_scan_wpv", "premium": true, "cap": "scan_vulnerabilities", "type": "checkbox", "default": "Y", "beacon_id": 134, "link_info": "https://shsec.io/du", "link_blog": "https://shsec.io/ah", "name": "Vulnerability Scanner", "summary": "Enable The Vulnerability Scanner", "description": "Scan all your WordPress assets for known security vulnerabilities." }, { "key": "wpvuln_scan_autoupdate", "section": "section_scan_wpv", "premium": true, "cap": "scan_vulnerabilities_autoupdate", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Automatic Updates", "summary": "Apply Updates Automatically To Vulnerable Plugins", "description": "When an update becomes available, automatically apply updates to items with known vulnerabilities." }, { "key": "optimise_scan_speed", "section": "section_scan_options", "premium": false, "type": "checkbox", "default": "Y", "link_info": "", "link_blog": "", "name": "Optimise File Scans", "summary": "Optimise File Scans", "description": "Optimise file scans wherever possible." }, { "key": "scan_frequency", "section": "section_scan_options", "premium": true, "cap": "scan_frequent", "default": "1", "type": "select", "value_options": [ { "value_key": "1", "text": "Once" }, { "value_key": "2", "text": "Twice (scan every 12hrs)", "premium": true }, { "value_key": "3", "text": "3 Times (scan every 8hrs)", "premium": true }, { "value_key": "4", "text": "4 Times (scan every 6hrs)", "premium": true }, { "value_key": "6", "text": "6 Times (scan every 4hrs)", "premium": true }, { "value_key": "8", "text": "8 Times (scan every 3hrs)", "premium": true }, { "value_key": "12", "text": "12 Times (scan every 2hrs)", "premium": true }, { "value_key": "24", "text": "24 Times (scan every hour)", "premium": true } ], "link_info": "https://shsec.io/b2", "link_blog": "https://shsec.io/kd", "beacon_id": 223, "name": "Scan Frequency", "summary": "Number Of Times To Automatically Scan Core Files In 24 Hours", "description": "Default: Once every 24hrs. To improve security, increase the number of scans per day." }, { "key": "ptg_reinstall_links", "section": "section_scan_options", "premium": true, "type": "checkbox", "default": "Y", "link_info": "https://shsec.io/bp", "link_blog": "", "beacon_id": 135, "name": "Show Re-Install Links", "summary": "Show Re-Install Links For Plugins", "description": "Show links to re-install plugins and offer re-install when activating plugins." }, { "key": "scans_to_build", "section": "section_hidden", "tracking_exclude": true, "type": "array", "default": [] }, { "key": "is_scan_cron", "section": "section_hidden", "tracking_exclude": true, "type": "boolean", "default": false }, { "key": "filelocker_state", "section": "section_hidden", "tracking_exclude": true, "type": "array", "default": [] }, { "key": "scan_results_table_display", "section": "section_hidden", "tracking_exclude": true, "type": "array", "default": [] }, { "key": "enable_headers", "section": "section_enable_plugin_feature_headers", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/aj", "link_blog": "https://shsec.io/7c", "beacon_id": 265, "name": "Enable HTTP Headers", "summary": "Enable (or Disable) The HTTP Headers module", "description": "Un-Checking this option will completely disable the HTTP Headers module" }, { "key": "x_frame", "section": "section_security_headers", "default": "on_sameorigin", "type": "select", "value_options": [ { "value_key": "off", "text": "Off: iFrames Not Blocked" }, { "value_key": "on_sameorigin", "text": "On: Allow iFrames On The Same Domain" }, { "value_key": "on_deny", "text": "On: Block All iFrames" } ], "link_info": "https://shsec.io/78", "link_blog": "https://shsec.io/7c", "name": "Block iFrames", "summary": "Block Remote iFrames Of This Site", "description": "The setting prevents any external website from embedding your site in an iFrame. This is useful for preventing so-called ClickJack attacks." }, { "key": "x_xss_protect", "section": "section_security_headers", "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/79", "link_blog": "https://shsec.io/7c", "name": "XSS Protection", "summary": "Employ Built-In Browser XSS Protection", "description": "Directs compatible browsers to block what they detect as Reflective XSS attacks." }, { "key": "x_content_type", "section": "section_security_headers", "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/7a", "link_blog": "https://shsec.io/7c", "name": "Prevent Mime-Sniff", "summary": "Turn-Off Browser Mime-Sniff", "description": "Reduces visitor exposure to malicious user-uploaded content." }, { "key": "x_referrer_policy", "section": "section_security_headers", "sensitive": false, "type": "select", "default": "unsafe-url", "value_options": [ { "value_key": "unsafe-url", "text": "Default: Full Referrer URL (aka 'Unsafe URL')" }, { "value_key": "no-referrer", "text": "No Referrer" }, { "value_key": "no-referrer-when-downgrade", "text": "No Referrer When Downgrade" }, { "value_key": "same-origin", "text": "Same Origin" }, { "value_key": "origin", "text": "Origin" }, { "value_key": "strict-origin", "text": "Strict Origin" }, { "value_key": "origin-when-cross-origin", "text": "Origin When Cross-Origin" }, { "value_key": "strict-origin-when-cross-origin", "text": "Strict Origin When Cross-Origin" }, { "value_key": "empty", "text": "Empty Header" }, { "value_key": "disabled", "text": "Disabled - Don't Send This Header" } ], "link_info": "https://shsec.io/a5", "link_blog": "", "name": "Referrer Policy", "summary": "Referrer Policy Header", "description": "The Referrer Policy Header allows you to control when and what referral information a browser may pass along with links clicked on your site." }, { "key": "enable_x_content_security_policy", "section": "section_content_security_policy", "premium": true, "default": "N", "type": "checkbox", "beacon_id": 155, "link_info": "https://shsec.io/7d", "link_blog": "https://shsec.io/7c", "name": "Enable Content Security Policy", "summary": "Enable (or Disable) The Content Security Policy module", "description": "Allows for permission and restriction of all resources loaded on your site." }, { "key": "xcsp_custom", "section": "section_content_security_policy", "premium": true, "cap": "http_headers_csp", "default": [], "type": "array", "link_info": "https://shsec.io/g9", "link_blog": "", "beacon_id": 155, "name": "Manual Rules", "summary": "Manual CSP Rules", "description": "Manual CSP rules." }, { "key": "enable_integrations", "section": "section_hidden", "type": "checkbox", "default": "Y" }, { "key": "enable_mainwp", "section": "section_integrations", "premium": true, "cap": "mainwp_level_1", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/ir", "link_blog": "https://shsec.io/ke", "beacon_id": 404, "name": "Enable MainWP", "summary": "Enable The Built-In MainWP Extension", "description": "This option will enable Shield's built-in MainWP extension for both server and client." }, { "key": "suresend_emails", "section": "section_integrations", "premium": true, "cap": "2fa_sure_send", "default": [], "type": "multiple_select", "value_options": [ { "value_key": "2fa", "text": "2FA Login Codes (admins only)" } ], "beacon_id": 156, "link_info": "https://icwp.io/ij", "link_blog": "https://icwp.io/ik", "name": "SureSend Emails", "summary": "SureSend Emails", "description": "SureSend Emails." }, { "key": "form_spam_providers", "section": "section_spam", "premium": true, "advanced": true, "type": "multiple_select", "default": [], "value_options": [ { "value_key": "calderaforms", "text": "Caldera Forms (beta)", "cap": "thirdparty_scan_spam" }, { "value_key": "contactform7", "text": "Contact Form 7", "cap": "thirdparty_scan_spam" }, { "value_key": "elementorpro", "text": "Elementor Pro", "cap": "thirdparty_scan_spam" }, { "value_key": "fluentforms", "text": "Fluent Forms", "cap": "thirdparty_scan_spam" }, { "value_key": "formidableforms", "text": "Formidable Forms", "cap": "thirdparty_scan_spam" }, { "value_key": "forminator", "text": "Forminator", "cap": "thirdparty_scan_spam" }, { "value_key": "gravityforms", "text": "Gravity Forms", "cap": "thirdparty_scan_spam" }, { "value_key": "groundhogg", "text": "Groundhogg", "cap": "thirdparty_scan_spam" }, { "value_key": "happyforms", "text": "HappyForms", "cap": "thirdparty_scan_spam" }, { "value_key": "kaliforms", "text": "Kali Forms", "cap": "thirdparty_scan_spam" }, { "value_key": "ninjaforms", "text": "Ninja Forms", "cap": "thirdparty_scan_spam" }, { "value_key": "superforms", "text": "Super Forms", "cap": "thirdparty_scan_spam" }, { "value_key": "supportcandy", "text": "Support Candy", "cap": "thirdparty_scan_spam" }, { "value_key": "weforms", "text": "WeForms", "cap": "thirdparty_scan_spam" }, { "value_key": "wpforms", "text": "WP Forms", "cap": "thirdparty_scan_spam" }, { "value_key": "wpforo", "text": "wpForo", "cap": "thirdparty_scan_spam" } ], "link_info": "https://shsec.io/k2", "link_blog": "https://shsec.io/k3", "beacon_id": 138, "name": "Form SPAM Checking", "summary": "Select The Form Providers That Should Be Checked For SPAM", "description": "Select The Form Providers That Should Be Checked For SPAM." }, { "key": "user_form_providers", "section": "section_user_forms", "advanced": true, "type": "multiple_select", "default": [ "wordpress" ], "value_options": [ { "value_key": "wordpress", "text": "WordPress" }, { "value_key": "buddyboss", "text": "BuddyBoss", "cap": "thirdparty_scan_users" }, { "value_key": "buddypress", "text": "BuddyPress", "cap": "thirdparty_scan_users" }, { "value_key": "easydigitaldownloads", "text": "Easy Digital Downloads", "cap": "thirdparty_scan_users" }, { "value_key": "classifiedlisting", "text": "Classified Listing", "cap": "thirdparty_scan_users" }, { "value_key": "learnpress", "text": "LearnPress", "cap": "thirdparty_scan_users" }, { "value_key": "lifterlms", "text": "LifterLMS", "cap": "thirdparty_scan_users" }, { "value_key": "memberpress", "text": "MemberPress", "cap": "thirdparty_scan_users" }, { "value_key": "paidmembersubscriptions", "text": "Paid Member Subscriptions", "cap": "thirdparty_scan_users" }, { "value_key": "profilebuilder", "text": "Profile Builder", "cap": "thirdparty_scan_users" }, { "value_key": "profilepress", "text": "ProfilePress", "cap": "thirdparty_scan_users" }, { "value_key": "restrictcontentpro", "text": "Restrict Content Pro", "cap": "thirdparty_scan_users" }, { "value_key": "ultimatemember", "text": "Ultimate Member", "cap": "thirdparty_scan_users" }, { "value_key": "woocommerce", "text": "WooCommerce", "cap": "thirdparty_scan_users" }, { "value_key": "wpmembers", "text": "WP Members", "cap": "thirdparty_scan_users" } ], "link_info": "https://shsec.io/k4", "link_blog": "https://shsec.io/k3", "beacon_id": 239, "name": "User Form Checking", "summary": "Select The User Form Providers That Should Be Checked For SPAM Registrations and Logins", "description": "Select The User Form Providers That Should Be Checked For SPAM Registrations and Logins" }, { "key": "enable_ips", "section": "section_enable_plugin_feature_ips", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/ea", "link_blog": "https://shsec.io/wpsf26", "beacon_id": 208, "name": "Enable IP Manager", "summary": "Enable (or Disable) The IP Manager module", "description": "Un-Checking this option will completely disable the IP Manager module" }, { "key": "antibot_minimum", "section": "section_antibot", "default": 45, "type": "integer", "min": 0, "max": 99, "link_info": "https://shsec.io/jy", "link_blog": "https://shsec.io/jz", "beacon_id": 424, "name": "AntiBot Threshold", "summary": "AntiBot Testing Threshold (Percentage)", "description": "When using Shield's AntiBot system, this is the threshold used for testing (between 1 and 99)." }, { "key": "antibot_high_reputation_minimum", "section": "section_antibot", "type": "integer", "default": 250, "min": 0, "link_info": "https://shsec.io/jy", "link_blog": "https://shsec.io/jz", "beacon_id": 431, "name": "High Reputation Bypass", "summary": "Prevent IPs/Visitors With High Reputation Scores From Being Blocked", "description": "Ensures that visitors with a high reputation are never blocked by Shield." }, { "key": "transgression_limit", "section": "section_auto_black_list", "type": "integer", "default": 10, "min": 0, "link_info": "https://shsec.io/wpsf24", "link_blog": "https://shsec.io/wpsf26", "beacon_id": 207, "name": "Offense Limit", "summary": "Visitor IP address will be Black Listed after X bad actions on your site", "description": "A black mark is set against an IP address each time a visitor trips the defenses of the Shield plugin. When the number of these offenses exceeds specified limit, they are automatically blocked from accessing the site. Set this to 0 to turn off the Automatic IP Black List feature." }, { "key": "auto_expire", "section": "section_auto_black_list", "advanced": true, "default": "day", "type": "select", "value_options": [ { "value_key": "hour", "text": "Hour" }, { "value_key": "day", "text": "Day" }, { "value_key": "week", "text": "Week" }, { "value_key": "month", "text": "Month" } ], "link_info": "https://shsec.io/wpsf25", "link_blog": "https://shsec.io/wpsf26", "beacon_id": 210, "name": "Auto Block Expiration", "summary": "After 1 'X' a black listed IP will be removed from the black list", "description": "Permanent and lengthy IP Black Lists are harmful to performance. You should allow IP addresses on the black list to be eventually removed over time. Shorter IP black lists are more efficient and a more intelligent use of an IP-based blocking system." }, { "key": "user_auto_recover", "section": "section_auto_black_list", "advanced": true, "premium": true, "cap": "user_auto_unblock", "default": [], "type": "multiple_select", "value_options": [ { "value_key": "gasp", "text": "With Shield Bot Protection" }, { "value_key": "email", "text": "Magic Email Links To Unblock Logged-In Users" } ], "link_info": "https://shsec.io/f8", "link_blog": "", "beacon_id": 125, "name": "User Auto Unblock", "summary": "Allow Visitors To Unblock Their IP", "description": "Allow visitors blocked by the plugin to automatically unblock themselves." }, { "key": "request_whitelist", "section": "section_auto_black_list", "advanced": true, "premium": true, "default": [], "type": "array", "link_info": "https://shsec.io/gd", "link_blog": "", "beacon_id": 126, "name": "Request Path Whitelist", "summary": "Request Path Whitelist", "description": "Request Path Whitelist." }, { "key": "cs_block", "section": "section_crowdsec", "advanced": true, "default": "block_with_unblock", "type": "select", "value_options": [ { "value_key": "block_with_unblock", "text": "Block Request With Ability To Auto-Unblock" }, { "value_key": "block", "text": "Block Request" }, { "value_key": "disabled", "text": "Disabled" } ], "link_info": "", "link_blog": "", "beacon_id": 471, "name": "CrowdSec IP Blocking", "summary": "How To Handle Requests From IPs Found On CrowdSec Blocklist", "description": "How should Shield block requests from IP address that are found on CrowdSec's list of malicious IP addresses." }, { "key": "cs_enroll_id", "section": "section_crowdsec", "sensitive": true, "premium": false, "default": "", "type": "text", "link_info": "", "link_blog": "", "beacon_id": 474, "name": "Enroll ID", "summary": "CrowdSec Enroll ID", "description": "CrowdSec Enroll ID." }, { "key": "track_loginfailed", "section": "section_bot_behaviours", "default": "transgression-single", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter" }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter" }, { "value_key": "block", "text": "Immediate Block" } ], "link_info": "https://shsec.io/fn", "link_blog": "https://shsec.io/f7", "beacon_id": 122, "name": "Failed Login", "summary": "Detect Failed Login Attempts By Valid Usernames", "description": "Penalise a visitor who fails to login using a valid username." }, { "key": "track_xmlrpc", "section": "section_bot_behaviours", "default": "log", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter" }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter" }, { "value_key": "block", "text": "Immediate Block" } ], "link_info": "https://shsec.io/fo", "link_blog": "https://shsec.io/f7", "beacon_id": 123, "name": "XML-RPC Access", "summary": "Identify A Bot When It Accesses XML-RPC", "description": "If you don't use XML-RPC, why would anyone access it?" }, { "key": "track_logininvalid", "section": "section_bot_behaviours", "premium": true, "default": "log", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter", "premium": true }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter", "premium": true }, { "value_key": "block", "text": "Immediate Block", "premium": true } ], "link_info": "https://shsec.io/fn", "link_blog": "https://shsec.io/f7", "beacon_id": 122, "name": "Invalid Usernames", "summary": "Detect Invalid Username Logins", "description": "Identify A Bot When It Tries To Login With A Non-Existent Username." }, { "key": "track_fakewebcrawler", "section": "section_bot_behaviours", "premium": true, "default": "log", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter", "premium": true }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter", "premium": true }, { "value_key": "block", "text": "Immediate Block", "premium": true } ], "link_info": "https://shsec.io/f5", "link_blog": "https://shsec.io/f7", "beacon_id": 124, "name": "Fake Web Crawler", "summary": "Detect Fake Search Engine Crawlers", "description": "Identify a Bot when it presents as an official web crawler, but analysis shows it's fake." }, { "key": "track_404", "section": "section_bot_behaviours", "premium": true, "default": "log", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter", "premium": true }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter", "premium": true }, { "value_key": "block", "text": "Immediate Block", "premium": true } ], "link_info": "https://shsec.io/fo", "link_blog": "https://shsec.io/f7", "beacon_id": 123, "name": "404 Detect", "summary": "Identify A Bot When It Hits A 404", "description": "Detect When A Visitor Browses To A Non-Existent Page." }, { "key": "track_linkcheese", "section": "section_bot_behaviours", "premium": true, "default": "disabled", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter", "premium": true }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter", "premium": true }, { "value_key": "block", "text": "Immediate Block", "premium": true } ], "link_info": "https://shsec.io/fo", "link_blog": "https://shsec.io/f6", "beacon_id": 206, "name": "Link Cheese", "summary": "Tempt A Bot With A Fake Link To Follow", "description": "Detect A Bot That Follows A 'no-follow' Link." }, { "key": "track_invalidscript", "section": "section_bot_behaviours", "premium": true, "default": "log", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter", "premium": true }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter", "premium": true }, { "value_key": "block", "text": "Immediate Block", "premium": true } ], "link_info": "https://shsec.io/fo", "link_blog": "https://shsec.io/f7", "beacon_id": 123, "name": "Invalid Script Load", "summary": "Identify A Bot Attempts To Load WordPress In A Non-Standard Way", "description": "WordPress should only be loaded in a limited number of ways." }, { "key": "track_useragent", "section": "section_bot_behaviours", "premium": true, "default": "log", "type": "select", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Activity Log Only" }, { "value_key": "transgression-single", "text": "Increment Offense Counter", "premium": true }, { "value_key": "transgression-double", "text": "Double-Increment Offense Counter", "premium": true }, { "value_key": "block", "text": "Immediate Block" } ], "link_info": "https://shsec.io/fi", "link_blog": "https://shsec.io/f7", "beacon_id": 124, "name": "Empty User Agents", "summary": "Detect Requests With Empty User Agents", "description": "Identify a request as a bot if the user agent is not provided." }, { "key": "crowdsec_cfg", "section": "section_hidden", "type": "array", "default": [] }, { "key": "license_activated_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "license_deactivated_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "license_last_checked_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "last_warning_email_sent_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "last_deactivated_email_sent_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "license_data", "section": "section_hidden", "type": "array", "default": [], "sensitive": true }, { "key": "wphashes_api_token", "section": "section_hidden", "type": "array", "default": [] }, { "key": "enable_lockdown", "section": "section_enable_plugin_feature_wordpress_lockdown", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/4r", "link_blog": "", "beacon_id": 272, "name": "Enable Lockdown", "summary": "Enable (or Disable) The Lockdown module", "description": "Un-Checking this option will completely disable the Lockdown module" }, { "key": "disable_xmlrpc", "section": "section_apixml", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/e6", "link_blog": "https://shsec.io/fb", "beacon_id": 414, "name": "Disable XML-RPC", "summary": "Disable The XML-RPC System", "description": "Checking this option will completely turn off the whole XML-RPC system." }, { "key": "disable_anonymous_restapi", "section": "section_apixml", "advanced": true, "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Anonymous Rest API", "summary": "Disable The Anonymous Rest API", "description": "Checking this option will completely turn off the whole Anonymous Rest API system." }, { "key": "api_namespace_exclusions", "section": "section_apixml", "default": [ "contact-form-7", "jetpack", "tho", "woocommerce", "tribe", "wpstatistics", "iawp" ], "type": "array", "link_info": "", "link_blog": "", "name": "Rest API Exclusions", "summary": "Anonymous REST API Exclusions", "description": "Any namespaces provided here will be excluded from the Anonymous API restriction." }, { "key": "disable_file_editing", "section": "section_permission_access_options", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/4q", "link_blog": "https://shsec.io/hk", "beacon_id": 416, "name": "Disable File Editing", "summary": "Disable Ability To Edit Files From Within WordPress", "description": "Removes the option to directly edit any files from within the WordPress admin area. Equivalent to setting 'DISALLOW_FILE_EDIT' to TRUE." }, { "key": "force_ssl_admin", "section": "section_permission_access_options", "default": "N", "type": "checkbox", "beacon_id": 417, "link_info": "https://shsec.io/4t", "link_blog": "", "name": "Force SSL Admin", "summary": "Forces WordPress Admin Dashboard To Be Delivered Over SSL", "description": "Please only enable this option if you have a valid SSL certificate installed. Equivalent to setting 'FORCE_SSL_ADMIN' to TRUE." }, { "key": "block_author_discovery", "section": "section_wordpress_obscurity_options", "default": "Y", "type": "checkbox", "beacon_id": 418, "link_info": "", "link_blog": "https://shsec.io/wpsf23", "name": "Block Username Fishing", "summary": "Block the ability to discover WordPress usernames based on author IDs", "description": "When enabled, any URL requests containing 'author=' will be killed. Warning: Enabling this option may interfere with expected operations of your site." }, { "key": "clean_wp_rubbish", "section": "section_wordpress_obscurity_options", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Clean WP Files", "summary": "Automatically Delete Unnecessary WP Files", "description": "Automatically delete WordPress files like wp-config-sample.php." }, { "key": "hide_wordpress_generator_tag", "section": "section_wordpress_obscurity_options", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "WP Generator Tag", "summary": "Remove WP Generator Meta Tag", "description": "Remove a meta tag from your WordPress pages that publicly displays that your site is WordPress and its current version." }, { "key": "enable_login_protect", "section": "section_enable_plugin_feature_login_protection", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/51", "link_blog": "https://shsec.io/wpsf03", "beacon_id": 249, "name": "Enable Login Guard", "summary": "Enable (or Disable) The Login Guard Module", "description": "Un-Checking this option will completely disable the Login Guard module" }, { "key": "rename_wplogin_path", "section": "section_rename_wplogin", "advanced": true, "sensitive": true, "default": "", "type": "text", "link_info": "https://shsec.io/5q", "link_blog": "https://shsec.io/5r", "beacon_id": 316, "name": "Hide WP Login & Admin", "summary": "Hide The WordPress Login And Admin Areas", "description": "Creating a path here will disable your 'wp-login.php'. Only letters and numbers are permitted: abc123" }, { "key": "rename_wplogin_redirect", "section": "section_rename_wplogin", "advanced": true, "sensitive": true, "default": "", "type": "text", "link_info": "https://shsec.io/5q", "link_blog": "https://shsec.io/5r", "beacon_id": 455, "name": "WP Login & Admin Redirect", "summary": "Automatic Redirect URL For Hidden Pages", "description": "Automatically redirect requests to this location for the hidden pages." }, { "key": "mfa_verify_page", "section": "section_twofactor_auth", "default": "wp_login", "type": "select", "value_options": [ { "value_key": "wp_login", "text": "WP Login Page" }, { "value_key": "custom_shield", "text": "Custom Shield MFA Page" } ], "link_info": "", "link_blog": "", "beacon_id": 0, "name": "MFA Verification Page", "summary": "Type Of MFA Verification Page", "description": "Choose the page type for MFA verification" }, { "key": "mfa_user_setup_pages", "section": "section_twofactor_auth", "type": "multiple_select", "default": [ "profile" ], "value_options": [ { "value_key": "profile", "text": "WP User Profile Page" }, { "value_key": "dedicated", "text": "Dedicated WP Admin Page" } ], "link_info": "", "link_blog": "", "beacon_id": 456, "name": "User 2FA Setup", "summary": "User 2FA Setup Page Locations", "description": "Pages available to users to configure 2FA." }, { "key": "mfa_skip", "section": "section_twofactor_auth", "premium": true, "cap": "2fa_remember_me", "type": "integer", "default": 0, "min": 0, "link_info": "https://shsec.io/b1", "link_blog": "", "beacon_id": 141, "name": "2FA Remember Me", "summary": "A User Can Bypass Multi-Factor Authentication (MFA) For The Set Number Of Days", "description": "Enter the number of days a user can bypass future MFA after a successful MFA-login. 0 to disable." }, { "key": "allow_backupcodes", "section": "section_twofactor_auth", "premium": true, "cap": "2fa_login_backup_codes", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/dx", "link_blog": "https://shsec.io/dy", "beacon_id": 143, "name": "Allow Backup Codes", "summary": "Allow Users To Generate A Backup Code", "description": "Allow users to generate a backup code that can be used to login if MFA factors are unavailable." }, { "key": "enable_google_authenticator", "section": "section_2fa_otp", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/shld7", "link_blog": "https://shsec.io/shld6", "beacon_id": 245, "name": "Enable Google Authenticator", "summary": "Allow Users To Use Google Authenticator", "description": "When enabled, users will have the option to add Google Authenticator to their WordPress user profile." }, { "key": "enable_yubikey", "section": "section_2fa_otp", "default": "N", "type": "checkbox", "beacon_id": 358, "link_info": "https://shsec.io/4f", "link_blog": "https://shsec.io/9t", "name": "Allow Yubikey OTP", "summary": "Allow Yubikey Registration For One Time Passwords", "description": "Combined with your Yubikey API Key (below) this will form the basis of your Yubikey Authentication." }, { "key": "yubikey_app_id", "section": "section_2fa_otp", "sensitive": true, "default": "", "type": "text", "link_info": "https://shsec.io/4g", "link_blog": "", "beacon_id": 360, "name": "Yubikey App ID", "summary": "Your Unique Yubikey App ID", "description": "Combined with your Yubikey API Key this will form the basis of your Yubikey Authentication." }, { "key": "yubikey_api_key", "section": "section_2fa_otp", "sensitive": true, "default": "", "type": "text", "link_info": "https://shsec.io/4g", "link_blog": "", "beacon_id": 360, "name": "Yubikey API Key", "summary": "Your Unique Yubikey App API Key", "description": "Combined with your Yubikey App ID this will form the basis of your Yubikey Authentication." }, { "key": "enable_email_authentication", "section": "section_2fa_email", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/3t", "link_blog": "https://shsec.io/9q", "beacon_id": 247, "name": "Enable Email Authentication", "summary": "Two-Factor Login Authentication By Email", "description": "All users will be required to verify their login by email-based two-factor authentication." }, { "key": "enable_email_auto_login", "section": "section_2fa_email", "premium": true, "cap": "2fa_webauthn", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/3t", "link_blog": "https://shsec.io/9q", "beacon_id": 247, "name": "Email Auto-Login", "summary": "Enable Email Auto-Login Links", "description": "2FA Email will contain an auto-login link so the user doesn't need to enter 2FA code manually." }, { "key": "two_factor_auth_user_roles", "section": "section_2fa_email", "advanced": true, "type": "array", "default": [ "contributor", "author", "editor", "administrator" ], "link_info": "https://shsec.io/4v", "link_blog": "", "beacon_id": 243, "name": "Enforce - Email Authentication", "summary": "All User Roles Subject To Email Authentication", "description": "Enforces email-based authentication on all users with the selected roles. Note: This setting only applies to email authentication." }, { "key": "email_any_user_set", "section": "section_2fa_email", "premium": true, "cap": "2fa_email_any_user", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/gj", "link_blog": "", "beacon_id": 142, "name": "Allow Any User", "summary": "Allow Any User To Turn-On Two-Factor Authentication By Email", "description": "Allow Any User To Turn-On Two-Factor Authentication By Email." }, { "key": "enable_antibot_check", "section": "section_brute_force_login_protection", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/k0", "link_blog": "https://shsec.io/jo", "beacon_id": 426, "name": "AntiBot", "summary": "Use AntiBot Detection Engine", "description": "Use Shield's AntiBot Detection Engine To Block Bots and Brute Force Attacks" }, { "key": "bot_protection_locations", "section": "section_brute_force_login_protection", "type": "multiple_select", "default": [ "login" ], "value_options": [ { "value_key": "login", "text": "Login" }, { "value_key": "register", "text": "Register" }, { "value_key": "password", "text": "Lost Password" }, { "value_key": "checkout_woo", "text": "Checkout (WooCommerce)" } ], "link_info": "https://shsec.io/dv", "link_blog": "", "beacon_id": 314, "name": "Protection Locations", "summary": "How Google reCAPTCHA Will Be Displayed", "description": "Choose for which forms bot protection measures will be deployed." }, { "key": "login_limit_interval", "section": "section_brute_force_login_protection", "type": "integer", "default": 5, "min": 0, "link_info": "https://shsec.io/3q", "link_blog": "https://shsec.io/9o", "beacon_id": 242, "name": "Login Cooldown Interval", "summary": "Limit login attempts to every X seconds", "description": "WordPress will process only ONE login attempt for every number of seconds specified. Zero (0) turns this off." }, { "key": "enable_login_gasp_check", "section": "section_deprecated", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/3r", "link_blog": "https://shsec.io/9n", "beacon_id": 313, "name": "Bot Protection", "summary": "Protect WP Login From Automated Login Attempts By Bots", "description": "Adds a dynamically (Javascript) generated checkbox to the login form that prevents bots using automated login techniques. Recommended: ON." }, { "key": "antibot_form_ids", "section": "section_deprecated", "advanced": true, "premium": true, "type": "array", "default": [], "link_info": "https://shsec.io/hg", "link_blog": "", "beacon_id": 144, "name": "AntiBot Forms", "summary": "Enter The IDs Of The 3rd Party Login Forms For Use With AntiBot JS", "description": "For Use With AnitBot JS (above)." }, { "key": "enable_passkeys", "section": "section_2fa_passkeys", "premium": true, "cap": "2fa_webauthn", "default": "N", "type": "checkbox", "beacon_id": 763, "link_info": "", "link_blog": "https://shsec.io/i9", "name": "Enable Passkeys", "summary": "Allow Registration Of Passkeys", "description": "Allow Registration Of Passkeys." }, { "key": "text_imahuman", "section": "section_deprecated", "sensitive": true, "premium": true, "default": "default", "type": "text", "link_info": "https://shsec.io/dz", "link_blog": "", "name": "GASP Checkbox Text", "summary": "The Message Displayed Next To The GASP Checkbox", "description": "You can change the text displayed to the user beside the checkbox if you need a customized message." }, { "key": "text_pleasecheckbox", "section": "section_deprecated", "sensitive": true, "premium": true, "default": "default", "type": "text", "link_info": "https://shsec.io/dz", "link_blog": "", "name": "GASP Alert Text", "summary": "The Message Displayed If The User Doesn't Check The Box", "description": "You can change the text displayed to the user in the alert message if they don't check the box." }, { "key": "email_can_send_verified_at", "section": "section_hidden", "type": "integer", "default": 0, "min": 0 }, { "key": "gasp_key", "section": "section_hidden", "type": "text", "default": "", "sensitive": true }, { "key": "global_enable_plugin_features", "section": "section_global_security_options", "default": "Y", "type": "checkbox", "link_info": "", "link_blog": "", "beacon_id": 389, "name": "Enable/Disable All Plugin Modules", "summary": "Global Plugin On/Off Switch", "description": "Uncheck this option to disable all Shield features" }, { "key": "visitor_address_source", "section": "section_defaults", "advanced": true, "sensitive": false, "type": "select", "default": "AUTO_DETECT_IP", "value_options": [ { "value_key": "AUTO_DETECT_IP", "text": "Automatically Detect Visitor IP" }, { "value_key": "REMOTE_ADDR", "text": "REMOTE_ADDR" }, { "value_key": "HTTP_CF_CONNECTING_IP", "text": "HTTP_CF_CONNECTING_IP" }, { "value_key": "HTTP_X_FORWARDED_FOR", "text": "HTTP_X_FORWARDED_FOR" }, { "value_key": "HTTP_X_FORWARDED", "text": "HTTP_X_FORWARDED" }, { "value_key": "HTTP_X_REAL_IP", "text": "HTTP_X_REAL_IP" }, { "value_key": "HTTP_X_SUCURI_CLIENTIP", "text": "HTTP_X_SUCURI_CLIENTIP" }, { "value_key": "HTTP_INCAP_CLIENT_IP", "text": "HTTP_INCAP_CLIENT_IP" }, { "value_key": "HTTP_X_SP_FORWARDED_IP", "text": "HTTP_X_SP_FORWARDED_IP" }, { "value_key": "HTTP_FORWARDED", "text": "HTTP_FORWARDED" }, { "value_key": "HTTP_CLIENT_IP", "text": "HTTP_CLIENT_IP" } ], "link_info": "https://shsec.io/dn", "link_blog": "", "beacon_id": 391, "name": "Visitor IP Address", "summary": "Which Address Is Yours", "description": "There are many way to detect visitor IP addresses. Please select yours from the list." }, { "key": "block_send_email_address", "section": "section_reporting", "sensitive": true, "default": "", "type": "email", "link_info": "", "link_blog": "", "name": "Report Email", "summary": "Where to send all email reports and admin notifications for the plugin", "description": "If this is empty, it will default to the blog admin email address." }, { "key": "enable_tracking", "section": "section_defaults", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/7i", "link_blog": "", "name": "Enable Information Gathering", "summary": "Permit Anonymous Usage Information Gathering", "description": "Allows us to gather information on statistics and features in-use across our client installations. This information is strictly anonymous and contains no personally, or otherwise, identifiable data." }, { "key": "enable_shieldnet", "section": "section_defaults", "premium": true, "default": "Y", "type": "checkbox", "beacon_id": 437, "link_info": "https://shsec.io/kb", "link_blog": "https://shsec.io/kc", "name": "Enable ShieldNET", "summary": "Enhanced Website Security Through Network Intelligence", "description": "Enhanced Website Security Through Network Intelligence." }, { "key": "enable_upgrade_admin_notice", "section": "section_defaults", "default": "Y", "type": "checkbox", "link_info": "", "link_blog": "", "name": "In-Plugin Notices", "summary": "Display Plugin Specific Notices", "description": "Disable this option to hide certain plugin admin notices about available updates and post-update notices." }, { "key": "enable_wpcli", "section": "section_defaults", "advanced": true, "premium": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/i1", "link_blog": "https://shsec.io/i2", "beacon_id": 308, "name": "Allow WP-CLI", "summary": "Allow Access And Control Of This Plugin Via WP-CLI", "description": "Turn off this option to disable this plugin's WP-CLI integration." }, { "key": "display_plugin_badge", "section": "section_defaults", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/5v", "link_blog": "https://shsec.io/wpsf20", "beacon_id": 130, "vimeo_id": "", "name": "Show Plugin Badge", "summary": "Display Plugin Security Badge On Your Site", "description": "Enabling this option helps support the plugin by spreading the word about it on your website. The plugin badge also demonstrates to visitors that you take your website security seriously." }, { "key": "delete_on_deactivate", "section": "section_defaults", "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Delete Plugin Settings", "summary": "Delete All Plugin Settings Upon Plugin Deactivation", "description": "Careful: Removes all plugin options when you deactivate the plugin." }, { "key": "preferred_temp_dir", "section": "section_defaults", "beacon_id": 787, "advanced": true, "default": "", "type": "text", "link_info": "", "link_blog": "", "name": "Temp Dir", "summary": "Preferred Temporary Directory", "description": "Preferred temporary directory override." }, { "key": "locale_override", "section": "section_hidden", "beacon_id": 393, "advanced": true, "default": "", "type": "text", "link_info": "https://icwp.io/il", "link_blog": "", "name": "Locale Override", "summary": "Delete All Plugin Settings Upon Plugin Deactivation", "description": "Careful: Removes all plugin options when you deactivate the plugin." }, { "key": "enable_beta", "section": "section_defaults", "premium": true, "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "beacon_id": 472, "name": "Beta Access", "summary": "Enable Access To Beta Versions", "description": "Enable This Option To Allow Shield To Upgrade To Beta and Pre-Release Versions" }, { "key": "importexport_enable", "section": "section_importexport", "advanced": true, "premium": true, "cap": "import_export_level_2", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/do", "link_blog": "https://shsec.io/dp", "beacon_id": 129, "name": "Allow Import/Export", "summary": "Allow Import Of Options To, And Export Of Options From, This Site", "description": "Uncheck this box to completely disable import and export of options." }, { "key": "importexport_masterurl", "section": "section_importexport", "advanced": true, "default": "", "type": "text", "link_info": "", "link_blog": "", "name": "Auto-Import URL", "summary": "Automatically Import Options From This Site", "description": "Supplying a valid site URL here will make this site an 'Options Slave' and will automatically import options daily." }, { "key": "importexport_whitelist", "section": "section_importexport", "advanced": true, "transferable": false, "sensitive": true, "default": [], "type": "array", "link_info": "", "link_blog": "", "name": "Export Whitelist", "summary": "Whitelisted Sites Which Do Not Need The Secret Key To Export Options", "description": "Each site on this list will be able to export options from this site without providing the secret key. Take a new line for each URL." }, { "key": "importexport_whitelist_notify", "section": "section_importexport", "advanced": true, "sensitive": true, "default": "N", "type": "checkbox", "link_info": "", "link_blog": "", "name": "Notify Whitelist", "summary": "Notify Sites On The Whitelist To Update Options From Master", "description": "When enabled, manual options saving will notify sites on the whitelist to export options from the Master site." }, { "key": "importexport_secretkey", "section": "section_importexport", "advanced": true, "transferable": false, "sensitive": true, "default": "", "type": "noneditable_text", "link_info": "", "link_blog": "", "name": "Secret Key", "summary": "Import/Export Secret Key", "description": "Keep this Secret Key private as it will allow the import and export of options." }, { "key": "frequency_alert", "section": "section_reporting", "type": "select", "default": "daily", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "hourly", "text": "Hourly" }, { "value_key": "daily", "text": "Daily" }, { "value_key": "weekly", "text": "Weekly" } ], "link_info": "https://shsec.io/h9", "link_blog": "", "beacon_id": 233, "name": "Alert Frequency", "summary": "How Often Should You Be Sent Important Alerts", "description": "Decide when you should be sent important and critical alerts about your site security." }, { "key": "frequency_info", "section": "section_reporting", "type": "select", "default": "weekly", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "hourly", "text": "Hourly" }, { "value_key": "daily", "text": "Daily" }, { "value_key": "weekly", "text": "Weekly" }, { "value_key": "biweekly", "text": "Bi-Weekly" }, { "value_key": "monthly", "text": "Monthly" } ], "link_info": "https://shsec.io/ha", "link_blog": "", "beacon_id": 232, "name": "Info Frequency", "summary": "How Often Should You Be Sent Information Reports", "description": "Decide when you should be sent non-critical information and reports about your site security." }, { "key": "instant_alerts", "section": "section_reporting", "premium": true, "cap": "instant_alerts", "type": "multiple_select", "advanced": true, "default": [], "value_options": [ { "value_key": "vulnerabilities", "text": "Vulnerabilities" } ], "link_info": "https://shsec.io/eb", "link_blog": "", "beacon_id": 788, "name": "Instant Alerts", "summary": "Instant Alerts", "description": "Select which events you'd like to receive instant alerts for." }, { "key": "transient_tracking", "section": "section_hidden", "type": "array", "default": [] }, { "key": "tracking_last_sent_at", "section": "section_hidden", "type": "integer", "default": 0, "min": 0 }, { "key": "tracking_permission_set_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "installation_time", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "activated_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "importexport_secretkey_expires_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "importexport_handshake_expires_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "snapi_data", "section": "section_hidden", "type": "array", "default": [], "sensitive": true }, { "key": "last_known_cache_basedirs", "section": "section_hidden", "type": "array", "default": [] }, { "key": "ipdetect_at", "section": "section_hidden", "type": "integer", "default": 0 }, { "key": "import_id", "section": "section_hidden", "type": "text", "default": "" }, { "key": "import_url_ids", "section": "section_hidden", "type": "array", "default": [] }, { "key": "sec_overview_prefs", "section": "section_hidden", "type": "array", "default": [] }, { "key": "test_rest_data", "section": "section_hidden", "type": "array", "default": [] }, { "key": "blockdown_cfg", "section": "section_hidden", "type": "array", "default": [] }, { "key": "xfer_excluded", "section": "section_hidden", "type": "array", "default": [] }, { "key": "dismissed_notices", "section": "section_hidden", "type": "array", "default": [], "tracking_exclude": true }, { "key": "enable_traffic", "section": "section_enable_plugin_feature_traffic", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/ed", "link_blog": "https://shsec.io/ee", "beacon_id": 153, "name": "Enable Traffic Log", "summary": "Enable (or Disable) The Traffic Log Module", "description": "Un-Checking this option will completely disable the Traffic Log module." }, { "key": "enable_logger", "section": "section_traffic_options", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/hf", "link_blog": "", "beacon_id": 153, "name": "Enable Traffic Logger", "summary": "Turn On The Traffic Logging Feature", "description": "Enable or disable the ability to log and monitor requests to your site." }, { "key": "enable_live_log", "section": "section_traffic_options", "cap": "traffic_live_log", "advanced": true, "premium": true, "default": "N", "type": "checkbox", "beacon_id": 759, "link_info": "", "link_blog": "", "name": "Live Logging", "summary": "Enable Live Logging Of All Traffic", "description": "Switch-on logging of all site traffic." }, { "key": "type_exclusions", "section": "section_traffic_options", "type": "multiple_select", "advanced": true, "default": [ "logged_in", "server", "cron", "search", "uptime" ], "value_options": [ { "value_key": "logged_in", "text": "Logged-In Users" }, { "value_key": "cron", "text": "WP CRON" }, { "value_key": "server", "text": "This Server" }, { "value_key": "search", "text": "Search Engines" }, { "value_key": "uptime", "text": "Uptime Monitoring Services" } ], "link_info": "https://shsec.io/eb", "link_blog": "", "beacon_id": 154, "name": "Traffic Log Exclusions", "summary": "Select Which Types Of Requests To Exclude", "description": "Deselect any requests that you don't want to appear in the traffic viewer." }, { "key": "custom_exclusions", "section": "section_traffic_options", "advanced": true, "premium": true, "default": [], "type": "array", "link_info": "https://shsec.io/ec", "link_blog": "", "beacon_id": 154, "name": "Custom Exclusions", "summary": "Provide Custom Traffic Exclusions", "description": "For each entry, if the text is present in either the User Agent or Page/Path, it will be excluded." }, { "key": "auto_clean", "section": "section_traffic_options", "advanced": true, "type": "integer", "default": 7, "min": 1, "link_info": "", "link_blog": "", "name": "Log Retention", "summary": "Enable Traffic Log Auto Expiry", "description": "Automated DB cleanup will delete logs older than this maximum value (in days)." }, { "key": "enable_limiter", "section": "section_traffic_limiter", "premium": true, "cap": "traffic_rate_limiting", "default": "N", "type": "checkbox", "link_info": "https://shsec.io/gw", "link_blog": "https://shsec.io/gx", "beacon_id": 420, "name": "Enable Rate Limiting", "summary": "Turn On The Rate Limiting Feature", "description": "Enable or disable the rate limiting feature according to your rate limiting parameters." }, { "key": "limit_requests", "section": "section_traffic_limiter", "type": "integer", "default": 60, "min": 0, "link_info": "", "link_blog": "", "name": "Max Request Limit", "summary": "Maximum Number Of Requests Allowed In Time Limit", "description": "The maximum number of requests that are allowed in the given time limit." }, { "key": "limit_time_span", "section": "section_traffic_limiter", "type": "integer", "default": 60, "min": 0, "link_info": "", "link_blog": "", "name": "Request Limit Time Interval", "summary": "The Time Interval To Test For Excessive Requests", "description": "The time limit within which to monitor for excessive requests that exceed the limit." }, { "key": "live_log_started_at", "section": "section_hidden", "tracking_exclude": true, "type": "integer", "default": 0 }, { "key": "enable_user_management", "section": "section_enable_plugin_feature_user_accounts_management", "advanced": true, "default": "Y", "type": "checkbox", "link_info": "https://shsec.io/e3", "link_blog": "https://shsec.io/hi", "beacon_id": 273, "name": "Enable User Management", "summary": "Enable (or Disable) The User Management module", "description": "Un-Checking this option will completely disable the User Management module" }, { "key": "enable_user_login_email_notification", "section": "section_admin_login_notification", "sensitive": false, "default": "N", "type": "checkbox", "link_info": "https://shsec.io/e2", "link_blog": "", "beacon_id": 147, "name": "User Login Notification Email", "summary": "Send Email Notification To Each User Upon Successful Login", "description": "A notification is sent to each user when a successful login occurs for their account." }, { "key": "enable_admin_login_email_notification", "section": "section_admin_login_notification", "sensitive": true, "default": "", "type": "text", "link_info": "", "link_blog": "", "name": "Admin Login Notification Email", "summary": "Send An Notification Email When Administrator Logs In", "description": "If you would like to be notified every time an administrator user logs into this WordPress site, enter a notification email address. No email address - No Notification." }, { "key": "session_timeout_interval", "section": "section_user_session_management", "type": "integer", "default": 2, "min": 0, "link_info": "", "link_blog": "", "name": "Session Timeout", "summary": "Specify How Many Days After Login To Automatically Force Re-Login", "description": "WordPress default is 2 days, or 14 days if you check the 'Remember Me' box." }, { "key": "session_idle_timeout_interval", "section": "section_user_session_management", "type": "integer", "default": 48, "min": 0, "link_info": "https://support.getshieldsecurity.com/support/solutions/articles/3000070590", "link_blog": "", "beacon_id": 397, "name": "Idle Timeout", "summary": "Specify How Many Hours After Inactivity To Automatically Logout User", "description": "If the user is inactive for the number of hours specified, they will be forcefully logged out next time they return. Set this to '0' to turn off this option." }, { "key": "session_lock", "section": "section_user_session_management", "premium": true, "type": "multiple_select", "default": [], "value_options": [ { "value_key": "ip", "text": "IP Address" }, { "value_key": "useragent", "text": "Browser" }, { "value_key": "host", "text": "Hostname" } ], "beacon_id": 778, "link_info": "", "link_blog": "https://shsec.io/hh", "name": "Session Lock", "summary": "Lock User Sessions To ", "description": "." }, { "key": "reg_email_validate", "section": "section_user_reg", "premium": true, "cap": "user_block_spam_registration", "type": "select", "default": "disabled", "value_options": [ { "value_key": "disabled", "text": "Disabled" }, { "value_key": "log", "text": "Log Only", "premium": true }, { "value_key": "offense", "text": "Increment Offense Counter", "premium": true }, { "value_key": "block", "text": "Immediate Block and Kill", "premium": true } ], "beacon_id": 145, "link_info": "", "link_blog": "https://shsec.io/hh", "name": "Validate Email Addresses", "summary": "Validate Email Addresses When User Attempts To Register", "description": "Validate Email Addresses When User Attempts To Register." }, { "key": "email_checks", "section": "section_user_reg", "premium": true, "cap": "user_block_spam_registration", "type": "multiple_select", "default": [], "value_options": [ { "value_key": "syntax", "text": "Email Address Syntax" }, { "value_key": "domain_registered", "text": "Domain Is Registered" }, { "value_key": "domain_resolves", "text": "Domain Resolve To IP" }, { "value_key": "mx", "text": "Domain MX" }, { "value_key": "nondisposable", "text": "Disposable Email Service" } ], "beacon_id": 145, "link_info": "", "link_blog": "https://shsec.io/hh", "name": "Email Checks", "summary": "The Email Address Properties That Will Be Tested", "description": "." }, { "key": "enable_password_policies", "section": "section_passwords", "type": "checkbox", "default": "N", "beacon_id": 146, "link_info": "https://shsec.io/e1", "link_blog": "https://shsec.io/c4", "name": "Enable Password Policies", "summary": "Enable The Password Policies Below", "description": "Turn on/off all password policies." }, { "key": "pass_prevent_pwned", "section": "section_passwords", "type": "checkbox", "default": "Y", "beacon_id": 758, "link_info": "", "link_blog": "https://shsec.io/by", "name": "Prevent Pwned Passwords", "summary": "Prevent Use Of Pwned Passwords", "description": "Prevents users from using any passwords found on the public available list of pwned passwords." }, { "key": "pass_min_strength", "section": "section_passwords", "premium": true, "cap": "user_password_policies", "type": "select", "default": "3", "value_options": [ { "value_key": "0", "text": "Very Weak", "premium": true }, { "value_key": "1", "text": "Weak", "premium": true }, { "value_key": "2", "text": "Medium", "premium": true }, { "value_key": "3", "text": "Strong", "premium": true }, { "value_key": "4", "text": "Very Strong", "premium": true } ], "link_info": "", "link_blog": "", "name": "Minimum Strength", "summary": "Minimum Password Strength", "description": "All passwords that a user sets must meet this minimum strength." }, { "key": "pass_expire", "section": "section_passwords", "premium": true, "cap": "user_password_policies", "type": "integer", "default": 0, "min": 0, "link_info": "", "link_blog": "", "name": "Password Expiration", "summary": "Passwords Expire After This Many Days", "description": "Users will be forced to reset their passwords after the number of days specified." }, { "key": "pass_force_existing", "section": "section_passwords", "premium": true, "cap": "user_password_policies", "type": "checkbox", "default": "N", "link_info": "", "link_blog": "", "name": "Apply To Existing Users", "summary": "Apply Password Policies To Existing Users and Their Passwords", "description": "Forces existing users to update their passwords if they don't meet requirements, after they next login ." }, { "key": "manual_suspend", "section": "section_suspend", "premium": true, "cap": "user_suspension", "type": "checkbox", "default": "N", "link_info": "https://shsec.io/fq", "link_blog": "https://shsec.io/fr", "beacon_id": 399, "name": "Allow Manual User Suspension", "summary": "Manually Suspend User Accounts To Prevent Login", "description": "Users may be suspended by administrators to prevent login." }, { "key": "auto_password", "section": "section_suspend", "premium": true, "cap": "user_suspension", "type": "checkbox", "default": "Y", "link_info": "https://shsec.io/fs", "link_blog": "https://shsec.io/fr", "beacon_id": 400, "name": "Auto-Suspend Expired Passwords", "summary": "Automatically Suspend Users With Expired Passwords", "description": "Suspend login by users and require password reset to unsuspend." }, { "key": "auto_idle_days", "section": "section_suspend", "premium": true, "cap": "user_suspension", "type": "integer", "default": 0, "min": 0, "link_info": "https://shsec.io/ft", "link_blog": "https://shsec.io/fr", "beacon_id": 400, "name": "Auto-Suspend Idle Users", "summary": "Automatically Suspend Idle User Accounts", "description": "Prevent login by idle users and require password reset to unsuspend." }, { "key": "auto_idle_roles", "section": "section_suspend", "premium": true, "cap": "user_suspension", "type": "array", "default": [ "administrator", "editor", "author" ], "link_info": "https://shsec.io/ft", "link_blog": "", "beacon_id": 400, "name": "Auto-Suspend Idle Users", "summary": "Automatically Suspend Idle User Accounts", "description": "Prevent login by idle users and require password reset to unsuspend." } ], "defs": { "restricted_pages_users": [ "user-edit.php", "users.php" ], "options_to_restrict": { "wpms_options": [ "admin_email", "site_name", "registration" ], "wpms_pages": [ "settings.php" ], "wp_options": [ "blogname", "blogdescription", "siteurl", "home", "admin_email", "new_admin_email", "users_can_register", "permalink_structure", "comments_notify", "comment_moderation", "blog_public", "default_role" ], "wp_pages": [ "options-general.php", "options-discussion.php", "options-reading.php", "options.php" ] }, "max_free_days": 7, "action_hook_priority": 1000, "url_spam_blacklist_terms": "https://raw.githubusercontent.com/splorp/wordpress-comment-blacklist/master/blacklist.txt", "human_spam_check_items": [ "author_name", "author_email", "comment_content", "url", "ip_address", "user_agent" ], "whitelisted_paths": [ "/wp-admin/options-general.php", "/wp-admin/post-new.php", "/wp-admin/page-new", "/wp-admin/link-add.php", "/wp-admin/media-upload.php", "/wp-admin/page.php", "/wp-admin/admin-ajax.php" ], "default_whitelist": { "*": [ "#^wordpress_logged_in_[0-9a-f]+$#", "#^et_.*#", "#^affwp_action$#i", "#^ajaxurl$#i", "#^g-recaptcha-response$#i", "#^verify_sign$#i", "#^txn_id$#i", "#^wp_http_referer$#i", "#^_wp_http_referer$#i", "#^_wp_original_http_referer$#i", "#^JCS_INENREF$#i", "#^pass1$#i", "#^pass1-text$#i", "#^pwd$#i", "#^url$#i", "#^referredby$#i", "#^return$#i", "#^redirect_to$#i", "#^jetpack_sso_original_request$#i", "#^jetpack_sso_redirect_to$#i", "#^edd_action$#i", "#^edd_redirect$#i", "#^wpcf7-form$#i", "#^yoast_wpseo_metadesc$#i", "#^icwp_wpsf_passkey_otp$#i", "#^_rest_url$#i", "#^shield_action$#i", "#^appId$#i", "#^ping_sites$#i", "#^aioseo-post-settings$#i", "#^joe-chnlcustid$#i", "#^spd-custhash$#i", "#^joe-custinfo$#i", "#^_wpcf7cf_hidden_group_fields$#i", "#^wl_homeurl$#i", "#^_gform_setting_routing$#i", "#^where$#i", "#^customized$#i" ], "/wp-admin/options.php": [ "#^home#i", "#^siteurl#i" ], "/wp-admin/plugins.php": [ "#^plugin#i" ], "/wp-admin/admin.php": [ "#^page#i" ], "/wp-admin/post.php": [ "#^content#i" ], "/wp-admin/plugin-editor.php": [ "#^newcontent#i" ], "/wp-comments-post.php": [ "#^url#i", "#^comment$#i" ] }, "firewall_patterns": { "dir_traversal": [ "#etc/passwd#i", "#proc/self/environ#i", "#etc/passwd#i", "#makefile#i", "#wwwroot#i", "#pingserver#i", "#\\.\\./#i", "#loopback#i" ], "wordpress_terms": [ "#/\\*\\*/#i", "#wp-config.php#i", "#^user_login#", "#^user_pass#" ], "field_truncation": [ "#\\s{49,}#", "#\\x00#" ], "sql_queries": [ "#concat\\s*\\(#i", "#group_concat#i", "#union.*select#i" ], "exe_file_uploads": [ "#\\.(dll|rb|py|exe|php[3-9]?|pl|perl|ph[34]|phl|phtml|phtm|sql|ini|jsp|asp|git|svn|tar)$#i" ], "php_code": [ "#(include|include_once|require|require_once)\\s*\\(.*\\)#" ], "aggressive": [ "#eval\\(#i", "#\\(null\\)#i", "#base64\\_#i", "#localhost#i", "#\\(function\\(#i", "#\\{x\\.html\\(#i", "#\\)\\.html\\(#i", "#\\.\\.\\.#i", "#/httpdocs/#i", "#/tmp/#i", "#boot\\.ini#i", "#GLOBALS(=|\\[|%%)#", "#REQUEST(=|\\[|%%)#", "#(`|\\<|\\>|\\[|\\]|\\{|\\}|\\?)#", "#drop\\s+table\\s+(`|'?)[a-z0-9]+\\1#i", "#'\\s+OR\\s+'([a-z0-9]+)'\\s*=\\s*'\\1'\\s+(--|\\(\\{|\\/\\*)\\s+#" ] }, "all_scan_slugs": [ "apc", "wpv", "afs" ], "file_scan_extensions": [ "php", "php5", "php7", "ico", "js", "json", "css", "htm", "html", "svg", "twig", "hbs", "mo" ], "url_mal_sigs_simple": "https://raw.githubusercontent.com/scr34m/php-malware-scanner/master/definitions/patterns_raw.txt", "url_mal_sigs_regex": "https://raw.githubusercontent.com/scr34m/php-malware-scanner/master/definitions/patterns_re.txt", "default_whitelist_paths": [ "wp-content/cache/*", "wp-content/shield/*", "wp-content/icwp/rollback/*", "wp-content/plugins-before-restore/*", "wp-content/themes-before-restore/*", "wp-content/uploads/bb-plugin/cache/*", "wp-content/uploads/cache/wpml/twig/*", "*/rosell-dk/image-mime-type-guesser/tests/images/*", "*/rosell-dk/image-mime-type-sniffer/tests/images/*", "wp-content/cache/*", "*/src/lib/src/Rules/rules.json", "*/error_log", "*/php_error_log", "*/mail.log", "*/php_mail.log" ], "wcf_exclusions": [ "readme.html", "license.txt", "licens-sv_SE.txt", "wp-content/" ], "wcf_exclusions_missing_only": [ "wp-admin/install.php", "wp-config-sample.php", "xmlrpc.php" ], "crowdsec": { "scenarios": { "free": [ "crowdsecurity/http-bf-wordpress_bf", "crowdsecurity/http-wordpress_wpconfig", "crowdsecurity/http-wordpress_user-enum" ] } }, "bot_signals": { "allowable_ext_404s": [ "js", "css", "gif", "jpg", "jpeg", "png", "map", "ttf", "woff", "woff2" ], "allowable_invalid_scripts": [ "index.php", "admin-ajax.php", "wp-activate.php", "wp-links-opml.php", "wp-cron.php", "wp-login.php", "wp-mail.php", "wp-comments-post.php", "wp-signup.php", "wp-trackback.php", "xmlrpc.php", "admin.php", "matomo.php", "umbrella-application.php" ] }, "keyless_cp": "https://shsec.io/c5", "license_item_name": "Shield Security Pro", "license_item_id": "6047", "license_item_name_sc": "Shield Security Pro (via Shield Central)", "lic_verify_expire_days": 14, "lic_verify_expire_grace_days": 3, "keyless": true, "keyless_handshake_expire": 90, "login_intent_timeout": 5, "login_intent_max_attempts": 5, "href_privacy_policy": "https://shsec.io/wpshieldprivacypolicy", "pwned_api_url_password_range": "https://api.pwnedpasswords.com/range" }, "admin_notices": { "blockdown-active": { "id": "blockdown-active", "schedule": "conditions", "valid_admin": false, "plugin_page_only": false, "can_dismiss": false, "type": "error" }, "override-forceoff": { "id": "override-forceoff", "schedule": "conditions", "valid_admin": false, "plugin_page_only": false, "can_dismiss": false, "type": "error" }, "allow-tracking": { "id": "allow-tracking", "plugin_admin": true, "min_install_days": 3, "type": "promo" }, "rate-plugin": { "id": "rate-plugin", "min_install_days": 30, "type": "promo" }, "certain-options-restricted": { "id": "certain-options-restricted", "schedule": "conditions", "plugin_admin": "no", "per_user": true, "type": "warning" }, "admin-users-restricted": { "id": "admin-users-restricted", "schedule": "conditions", "plugin_admin": "no", "type": "warning", "per_user": true }, "email-verification-sent": { "id": "email-verification-sent", "schedule": "conditions", "plugin_page_only": true, "can_dismiss": false, "type": "warning", "plugin_admin": "yes", "valid_admin": true } }, "databases": { "tables": { "activity_logs": { "name": "Activity Logs", "slug": "at_logs", "is_core": true, "has_updated_at": true, "has_created_at": true, "has_deleted_at": false, "cols_custom": { "req_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_req_logs" } }, "site_id": { "macro_type": "unsigned_int", "default": 1, "comment": "Site ID" }, "event_slug": { "macro_type": "varchar", "comment": "Event Slug" } } }, "activity_logs_meta": { "name": "Activity Log Meta Data", "slug": "at_meta", "is_core": true, "has_updated_at": false, "has_created_at": false, "has_deleted_at": false, "cols_custom": { "log_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_at_logs" }, "comment": "Reference to primary log entry" }, "meta_key": { "macro_type": "varchar", "length": 32, "comment": "Meta Key" }, "meta_value": { "macro_type": "text", "comment": "Meta Data" } } }, "activity_snapshots": { "name": "Site Snapshots", "slug": "snapshots", "is_core": true, "autoexpire": 0, "has_updated_at": false, "has_deleted_at": false, "col_older_than": "created_at", "cols_custom": { "slug": { "macro_type": "varchar", "length": 10, "comment": "Snapshot Slug" }, "data": { "macro_type": "mediumtext", "comment": "Snapshot" } } }, "bot_signals": { "name": "Bot Signals Tracking", "slug": "botsignal", "is_core": true, "autoexpire": 0, "has_updated_at": true, "col_older_than": "updated_at", "cols_custom": { "ip_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_ips" } }, "notbot_at": { "macro_type": "timestamp", "comment": "NotBot" }, "frontpage_at": { "macro_type": "timestamp", "comment": "Any Frontend Page Loaded" }, "loginpage_at": { "macro_type": "timestamp", "comment": "Login Page Loaded" }, "bt404_at": { "macro_type": "timestamp", "comment": "BotTrack 404" }, "btfake_at": { "macro_type": "timestamp", "comment": "BotTrack FakeWebCrawler" }, "btcheese_at": { "macro_type": "timestamp", "comment": "BotTrack LinkCheese" }, "btloginfail_at": { "macro_type": "timestamp", "comment": "BotTrack LoginFailed" }, "btua_at": { "macro_type": "timestamp", "comment": "BotTrack Useragent Fail" }, "btxml_at": { "macro_type": "timestamp", "comment": "BotTrack XMLRPC Access" }, "btlogininvalid_at": { "macro_type": "timestamp", "comment": "BotTrack LoginInvalid" }, "btinvalidscript_at": { "macro_type": "timestamp", "comment": "BotTrack InvalidScript" }, "btauthorfishing_at": { "macro_type": "timestamp", "comment": "BotTrack Author Username Fishing" }, "cooldown_at": { "macro_type": "timestamp", "comment": "Cooldown Triggered" }, "humanspam_at": { "macro_type": "timestamp", "comment": "Comment Marked As Human SPAM" }, "markspam_at": { "macro_type": "timestamp", "comment": "Mark Comment As SPAM" }, "unmarkspam_at": { "macro_type": "timestamp", "comment": "Unmark Comment As SPAM" }, "captchapass_at": { "macro_type": "timestamp", "comment": "Captcha Passed" }, "captchafail_at": { "macro_type": "timestamp", "comment": "Captcha Failed" }, "auth_at": { "macro_type": "timestamp", "comment": "Successful Login" }, "firewall_at": { "macro_type": "timestamp", "comment": "Triggered Firewall" }, "ratelimit_at": { "macro_type": "timestamp", "comment": "Rate Limit Exceeded" }, "offense_at": { "macro_type": "timestamp", "comment": "Last Offense" }, "blocked_at": { "macro_type": "timestamp", "comment": "Last Block" }, "unblocked_at": { "macro_type": "timestamp", "comment": "Unblocked" }, "bypass_at": { "macro_type": "timestamp", "comment": "Bypass" }, "snsent_at": { "macro_type": "timestamp", "comment": "Sent To ShieldNET" } } }, "crowdsec_signals": { "name": "CrowdSec Signals", "slug": "crowdsec_signals", "is_core": false, "autoexpire": 0, "has_updated_at": false, "has_created_at": true, "has_deleted_at": false, "col_older_than": "created_at", "cols_custom": { "scenario": { "macro_type": "varchar", "length": 32, "attr": [] }, "scope": { "macro_type": "varchar", "length": 16, "attr": [] }, "value": { "macro_type": "varchar", "length": 256, "attr": [] } }, "cols_timestamps": { "milli_at": { "comment": "Milliseconds" } } }, "events": { "name": "Shield Events & Stats", "slug": "event", "is_core": true, "autoexpire": 0, "has_updated_at": false, "has_deleted_at": false, "col_older_than": "created_at", "cols_custom": { "event": { "macro_type": "varchar", "length": 50 }, "count": { "macro_type": "unsigned_int", "length": 11, "default": 0, "comment": "Total" } } }, "file_locker": { "name": "File Locker Data", "slug": "file_locker", "is_core": false, "autoexpire": 0, "col_older_than": "created_at", "has_updated_at": true, "cols_custom": { "type": { "macro_type": "varchar", "length": 20, "comment": "The type of file being locked" }, "path": { "macro_type": "varchar", "length": 256, "comment": "Full Path to file" }, "hash_original": { "macro_type": "varchar", "length": 40, "comment": "SHA1 File Hash Original" }, "hash_current": { "macro_type": "varchar", "length": 40, "comment": "SHA1 File Hash Current" }, "public_key_id": { "type": "tinyint", "length": 2, "comment": "Public Key ID" }, "cipher": { "macro_type": "varchar", "length": 32, "default": "''", "comment": "OpenSSL Cipher" }, "content": { "type": "mediumblob", "comment": "Encrypted Content" } }, "cols_timestamps": { "detected_at": { "comment": "Change Last Detected" }, "reverted_at": { "comment": "Reverted To Backup" }, "notified_at": { "comment": "Notification Sent" } } }, "ips": { "name": "IP Addresses", "slug": "ips", "is_core": true, "autoexpire": 0, "has_updated_at": false, "has_deleted_at": false, "col_older_than": "created_at", "cols_custom": { "ip": { "macro_type": "ip", "attr": [ "UNIQUE" ] } } }, "ip_meta": { "name": "IP Meta", "slug": "ip_meta", "is_core": false, "autoexpire": 0, "has_updated_at": true, "col_older_than": "updated_at", "cols_custom": { "ip_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_ips" } }, "asn": { "macro_type": "unsigned_int", "length": 10, "comment": "ASN" }, "country_iso2": { "macro_type": "char", "length": 2, "comment": "Country Code ISO 3166-1 alpha-2" }, "pc_is_proxy": { "macro_type": "bool", "default": 0, "comment": "ProxyCheck: Is Proxy?" } }, "cols_timestamps": { "geo_updated_at": { "comment": "Geolocation data updated at" }, "pc_last_check_at": { "comment": "ProxyCheck last lookup at" } } }, "ip_rules": { "name": "IP Rules", "slug": "ip_rules", "is_core": true, "autoexpire": 0, "has_updated_at": true, "col_older_than": "updated_at", "cols_custom": { "ip_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_ips" } }, "cidr": { "macro_type": "unsigned_int", "length": 3, "comment": "CIDR" }, "is_range": { "macro_type": "bool", "default": 0, "comment": "Is IP Range" }, "offenses": { "macro_type": "unsigned_int", "length": 3, "comment": "Offenses Count" }, "type": { "macro_type": "char", "length": 2, "comment": "List" }, "label": { "macro_type": "varchar", "length": 255, "comment": "IP Description" }, "can_export": { "macro_type": "bool", "default": 0, "comment": "Can This IP Be Exported" } }, "cols_timestamps": { "last_access_at": { "comment": "Last Access" }, "blocked_at": { "comment": "IP Blocked" }, "unblocked_at": { "comment": "Visitor Requested Unblock" }, "last_unblock_attempt_at": { "comment": "Last Time An Auto-Unblock Attempt Was Made" }, "expires_at": { "comment": "The IP Rule on this lists expires at this time." }, "imported_at": { "comment": "This IP rule was imported from a master site." } }, "indices": [ { "name": "Last_Access_Index", "columns": [ "last_access_at" ] } ] }, "malware": { "name": "Malware File Tracking", "slug": "malware", "is_core": false, "autoexpire": 0, "has_updated_at": true, "has_deleted_at": false, "col_older_than": "updated_at", "cols_custom": { "hash_sha256": { "macro_type": "sha256", "comment": "Item hash SHA256" }, "file_path": { "macro_type": "varchar", "length": 256, "comment": "The relative path of the malware-containing file." }, "code_type": { "macro_type": "char", "length": 5, "default": "php", "comment": "The language" }, "sig": { "macro_type": "varchar", "length": 128, "comment": "The malware signature pattern that triggered the discovery" }, "is_valid_file": { "macro_type": "bool", "comment": "Is the file validated locally" }, "malai_status": { "macro_type": "varchar", "length": 20, "default": "''", "comment": "The status of the file from malai" }, "file_content": { "macro_type": "text", "type": "mediumtext", "comment": "The actual file content" } }, "cols_timestamps": { "last_seen_at": { "comment": "Last Seen In Scan" }, "last_malai_status_at": { "comment": "Last Check With Malai For Status" }, "reported_at": { "comment": "Last Reported" } } }, "mfa": { "name": "MFA", "slug": "mfa", "is_core": false, "autoexpire": 0, "has_updated_at": true, "has_deleted_at": true, "col_older_than": "created_at", "cols_custom": { "user_id": { "macro_type": "unsigned_int", "type": "bigint", "length": 11 }, "slug": { "macro_type": "varchar", "length": 10, "comment": "Factor Slug" }, "unique_id": { "macro_type": "varchar", "length": 256, "comment": "Unique Identifier" }, "label": { "macro_type": "varchar", "length": 64, "comment": "Label" }, "data": { "macro_type": "meta", "comment": "Data" }, "passwordless": { "macro_type": "bool", "default": 0, "comment": "Can be used passwordless" } }, "cols_timestamps": { "used_at": { "comment": "Used At" }, "created_at": { "comment": "Registered At" } } }, "reports": { "name": "Security Reports", "slug": "reports", "is_core": false, "autoexpire": 30, "has_updated_at": false, "has_deleted_at": false, "col_older_than": "created_at", "cols_custom": { "type": { "macro_type": "char", "length": 3, "comment": "Report Type" }, "interval_length": { "macro_type": "varchar", "length": 10, "comment": "Report Interval" }, "unique_id": { "type": "char", "length": 36, "attr": [ "UNIQUE", "NOT NULL" ], "comment": "Unique ID" }, "title": { "macro_type": "varchar", "length": 64, "comment": "Report Title" }, "content": { "type": "mediumblob", "comment": "Report Content" }, "protected": { "macro_type": "bool", "default": 0, "comment": "Protected against deletion" } }, "cols_timestamps": { "interval_start_at": { "comment": "Interval Start" }, "interval_end_at": { "comment": "Interval End" }, "created_at": { "comment": "Report Sent At" } } }, "req_logs": { "name": "Request Logs", "slug": "req_logs", "is_core": true, "autoexpire": 0, "has_updated_at": false, "has_deleted_at": false, "cols_custom": { "req_id": { "macro_type": "varchar", "length": 10, "attr": [ "UNIQUE" ] }, "ip_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_ips" } }, "type": { "macro_type": "char", "length": 1, "comment": "Type of requests" }, "verb": { "macro_type": "varchar", "length": 8, "comment": "Request Verb" }, "path": { "macro_type": "varchar", "length": 512, "comment": "Request Path" }, "code": { "macro_type": "unsigned_int", "type": "smallint", "length": 3, "default": 0, "comment": "Response Code" }, "uid": { "macro_type": "bigint", "comment": "User ID", "no_length": true }, "offense": { "macro_type": "bool", "default": 0, "comment": "Was Offense" }, "transient": { "macro_type": "bool", "default": 0, "comment": "Temporary Log" }, "meta": { "macro_type": "meta" } } }, "scan_result_items": { "name": "Scan Result Items", "slug": "resultitems", "is_core": true, "autoexpire": 0, "has_updated_at": true, "col_older_than": "updated_at", "cols_custom": { "item_type": { "macro_type": "char", "length": 1, "comment": "Result Item Type" }, "item_id": { "macro_type": "varchar", "length": 256, "comment": "Result Item ID" }, "ignored_at": { "macro_type": "timestamp", "comment": "Result Ignored" }, "notified_at": { "macro_type": "timestamp", "comment": "Result Notification Sent" }, "auto_filtered_at": { "macro_type": "timestamp", "comment": "Result Auto Filtered" }, "attempt_repair_at": { "macro_type": "timestamp", "comment": "Attempted Repair At" }, "item_repaired_at": { "macro_type": "timestamp", "comment": "Item Repaired At" }, "item_deleted_at": { "macro_type": "timestamp", "comment": "Item Deleted At" } } }, "scan_result_item_meta": { "name": "Scan Result Items Metadata", "slug": "resultitem_meta", "is_core": true, "has_updated_at": false, "has_created_at": false, "has_deleted_at": false, "cols_custom": { "ri_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_resultitems" }, "comment": "Reference to primary Result Item record" }, "meta_key": { "macro_type": "varchar", "length": 32, "comment": "Meta Key" }, "meta_value": { "macro_type": "text", "comment": "Meta Data" } } }, "rules": { "name": "Rules", "slug": "rules", "is_core": true, "autoexpire": 0, "has_updated_at": true, "has_deleted_at": false, "col_older_than": "updated_at", "cols_custom": { "uuid": { "macro_type": "uuid4" }, "slug": { "macro_type": "varchar", "length": 128 }, "name": { "macro_type": "varchar", "length": 128 }, "description": { "macro_type": "varchar", "length": 256 }, "type": { "macro_type": "char", "length": 1 }, "exec_order": { "macro_type": "unsigned_int", "type": "smallint", "length": 5, "default": 0, "comment": "Execution Order" }, "is_active": { "macro_type": "bool", "default": 0, "comment": "Is rule active?" }, "is_apply_default": { "macro_type": "bool", "default": 1, "comment": "Automatically apply default conditions" }, "can_export": { "macro_type": "bool", "default": 0, "comment": "Can rule be included in site-to-site export" }, "user_id": { "macro_type": "unsigned_int", "type": "bigint", "length": 11, "default": 0, "comment": "Author (User) ID for custom rules" }, "builder_version": { "macro_type": "varchar", "length": 10 }, "rule_as_json": { "macro_type": "meta", "comment": "Rule as JSON" }, "form": { "macro_type": "meta", "comment": "Form Data" }, "form_draft": { "macro_type": "meta", "comment": "Draft Form Data" } } }, "scans": { "name": "Scans", "slug": "scans", "is_core": true, "autoexpire": 0, "col_older_than": "created_at", "has_updated_at": false, "cols_custom": { "scan": { "macro_type": "char", "length": 3, "comment": "Scan Slug" }, "ready_at": { "macro_type": "timestamp", "comment": "Scan Ready At" }, "finished_at": { "macro_type": "timestamp", "comment": "Scan Completed At" }, "meta": { "macro_type": "meta", "comment": "Scan Meta Info" } } }, "scan_items": { "name": "Scan Items", "slug": "scanitems", "is_core": true, "autoexpire": 0, "has_updated_at": false, "has_created_at": false, "has_deleted_at": false, "col_older_than": "started_at", "cols_custom": { "scan_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_scans" } }, "items": { "macro_type": "text", "comment": "Array of scan items" }, "started_at": { "macro_type": "timestamp", "comment": "Started Scanning Items At" }, "finished_at": { "macro_type": "timestamp", "comment": "Finished Scanning Items At" } } }, "scan_results": { "name": "Scan Result Sets", "slug": "scanresults", "is_core": true, "autoexpire": 0, "has_updated_at": false, "has_created_at": true, "has_deleted_at": false, "cols_custom": { "scan_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_scans" } }, "resultitem_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_resultitems" } } } }, "user_meta": { "name": "User Meta", "slug": "user_meta", "is_core": true, "autoexpire": 0, "has_updated_at": true, "has_deleted_at": false, "cols_custom": { "user_id": { "macro_type": "unsigned_int", "type": "bigint", "length": 11, "attr": [ "UNIQUE" ] }, "ip_ref": { "macro_type": "foreign_key_id", "foreign_key": { "ref_table": "icwp_wpsf_ips" } } }, "cols_timestamps": { "backupcode_ready_at": { "comment": "Backup Code Ready" }, "email_ready_at": { "comment": "Email Ready" }, "ga_ready_at": { "comment": "Google Auth Ready" }, "u2f_ready_at": { "comment": "U2F Ready" }, "yubi_ready_at": { "comment": "Yubikey Ready" }, "first_seen_at": { "comment": "User First Seen" }, "last_login_at": { "comment": "Last Login At" }, "last_2fa_verified_at": { "comment": "Last 2FA Verified" }, "hard_suspended_at": { "comment": "Hard Suspend" }, "pass_started_at": { "comment": "Password First Seen or Set" } } } } }, "events": { "2fa_nonce_verify_fail": { "audit_params": [ "user_login" ], "level": "alert", "offense": true }, "2fa_success": { "level": "info", "recent": true }, "2fa_verify_fail": { "audit_params": [ "user_login", "method" ], "level": "warning", "offense": true }, "2fa_verify_success": { "audit_params": [ "user_login", "method" ], "level": "notice" }, "ade_check_option_disabled": { "level": "notice", "audit": true, "offense": false }, "antibot_fail": { "audit_params": [ "score", "minimum" ], "level": "warning", "stat": true }, "antibot_pass": { "audit_params": [ "score", "minimum" ], "level": "info", "stat": true }, "app_incorrect_password": { "level": "warning", "offense": true }, "app_invalid_email": { "level": "warning", "offense": true }, "app_invalid_username": { "level": "warning", "offense": true }, "app_pass_created": { "audit_params": [ "user_login", "app_pass_name" ], "level": "notice" }, "app_passwords_disabled": { "level": "warning", "offense": true }, "app_passwords_disabled_user": { "level": "warning", "offense": true }, "attempt_deactivation": { "level": "warning", "offense": true }, "block_anonymous_restapi": { "audit_params": [ "namespace" ], "level": "warning", "recent": true }, "block_author_fishing": { "level": "notice", "offense": true }, "block_checkout": { "level": "warning" }, "block_lostpassword": { "level": "warning" }, "block_register": { "level": "warning" }, "block_xml": { "level": "notice", "recent": true, "offense": true }, "botbox_fail": { "audit_params": [ "user_login", "action" ], "level": "warning", "offense": true }, "bottrack_404": { "audit_params": [ "path" ], "offense": true }, "bottrack_fakewebcrawler": { "audit_params": [ "path", "crawler" ], "offense": true }, "bottrack_invalidscript": { "audit_params": [ "script" ], "offense": true }, "bottrack_linkcheese": { "audit_params": [ "path" ], "offense": true }, "bottrack_loginfailed": { "audit_params": [ "user_login" ], "level": "alert", "offense": true }, "bottrack_logininvalid": { "audit_params": [ "user_login" ], "level": "alert", "offense": true }, "bottrack_notbot": { "offense": false, "stat": false, "level": "debug" }, "bottrack_xmlrpc": { "audit_params": [ "path" ], "offense": true }, "comment_created": { "level": "info", "audit_params": [ "comment_id", "post_id", "status" ] }, "comment_deleted": { "level": "notice", "audit_params": [ "comment_id", "post_id", "status" ] }, "comment_markspam": { "level": "notice", "offense": true }, "comment_spam_block": { "level": "notice", "stat": false, "offense": true }, "comment_status_updated": { "level": "info", "audit_params": [ "comment_id", "post_id", "status_old", "status_new" ] }, "comment_unmarkspam": { "level": "info", "offense": false, "stat": false }, "conn_kill": { "level": "warning", "audit_countable": true }, "conn_kill_crowdsec": { "level": "warning", "audit_countable": true }, "conn_not_kill_high_rep": { "level": "debug" }, "cooldown_fail": { "level": "warning", "offense": true }, "core_reinstalled": { "audit_params": [ "version" ], "level": "notice" }, "core_updated": { "audit_params": [ "from", "to" ], "level": "notice" }, "crowdsec_auth_acquire": { "level": "notice", "audit_params": [ "expiration" ] }, "crowdsec_decisions_acquired": { "level": "info", "audit_params": [ "count_new", "count_deleted", "scope", "time_taken" ] }, "crowdsec_mach_enroll": { "level": "notice", "audit_params": [ "id", "name" ] }, "crowdsec_mach_register": { "level": "notice", "audit_params": [ "machine_id", "url" ] }, "crowdsec_signals_pushed": { "level": "info", "audit_params": [ "count" ] }, "db_tables_added": { "audit_params": [ "tables" ], "level": "notice", "snapshot_discovery": 1 }, "db_tables_removed": { "audit_params": [ "tables" ], "level": "notice", "snapshot_discovery": 1 }, "debug_log": { "audit_params": [ "message" ], "level": "debug", "stat": false }, "email_attempt_send": { "audit_params": [ "to", "subject", "cc", "bcc", "bt_file", "bt_line" ], "level": "info", "audit_multiple": true }, "firewall_block": { "audit_params": [ "name", "term", "param", "value", "scan", "type" ], "level": "warning", "recent": true, "offense": true }, "frontpage_load": { "level": "debug", "offense": false, "stat": false }, "fw_email_fail": { "audit_params": [ "to" ], "level": "warning", "stat": false }, "fw_email_success": { "audit_params": [ "to" ], "level": "debug", "stat": false }, "hide_login_url": { "level": "notice" }, "honeypot_fail": { "audit_params": [ "user_login", "action" ], "level": "warning" }, "import_notify_received": { "audit_params": [ "master_site" ], "level": "notice", "stat": false }, "import_notify_sent": { "level": "info", "stat": false }, "ip_block_auto": { "audit_params": [ "ip" ], "level": "alert", "offense": false, "stat": false }, "ip_block_manual": { "audit_params": [ "ip" ], "level": "alert", "offense": false, "stat": false }, "ip_blocked": { "audit_params": [ "from", "to" ], "level": "alert" }, "ip_bypass_add": { "audit_params": [ "ip" ], "level": "alert", "offense": false, "stat": false }, "ip_bypass_remove": { "audit_params": [ "ip" ], "level": "alert", "offense": false, "stat": false }, "ip_offense": { "level": "warning", "audit_params": [ "from", "to" ] }, "ip_unblock": { "audit_params": [ "ip", "type" ], "level": "notice", "offense": false, "stat": false }, "ip_unblock_auto": { "audit_params": [ "ip", "method" ], "level": "alert" }, "ip_unblock_flag": { "audit_params": [ "ip" ], "level": "alert" }, "key_fail": { "level": "warning", "recent": true, "offense": true }, "key_success": { "level": "debug", "recent": true }, "lic_check_fail": { "level": "warning", "stat": false, "audit_params": [ "type" ] }, "lic_check_success": { "level": "notice", "stat": false }, "lic_fail_deactivate": { "level": "warning", "stat": false }, "lic_fail_email": { "level": "warning", "stat": false }, "login_block": { "level": "warning" }, "login_success": { "level": "info", "offense": false, "stat": false }, "loginpage_load": { "level": "debug", "offense": false, "stat": false }, "master_url_set": { "audit_params": [ "site" ], "level": "warning", "stat": false }, "options_exported": { "audit_params": [ "site" ], "level": "notice", "stat": true, "recent": true }, "options_imported": { "audit_params": [ "site" ], "level": "notice", "stat": true, "recent": true }, "password_expired": { "audit_params": [ "user_login" ], "level": "notice" }, "password_policy_block": { "level": "notice" }, "password_policy_force_change": { "audit_params": [ "user_login" ], "level": "notice" }, "permalinks_structure": { "audit_params": [ "from", "to" ], "level": "warning" }, "plugin_activated": { "audit_params": [ "plugin", "version", "name" ], "level": "notice", "audit_multiple": true }, "plugin_deactivated": { "audit_params": [ "plugin", "version", "name" ], "level": "notice", "audit_multiple": true }, "plugin_downgraded": { "audit_params": [ "plugin", "from", "to" ], "level": "notice" }, "plugin_file_edited": { "audit_params": [ "file" ], "level": "warning" }, "plugin_installed": { "audit_params": [ "plugin", "version", "name" ], "level": "warning", "audit_multiple": true }, "plugin_option_changed": { "level": "info", "audit_params": [ "name", "key", "value" ], "audit_multiple": true, "stat": false }, "plugin_uninstalled": { "audit_params": [ "plugin", "version", "name" ], "level": "warning", "audit_multiple": true }, "plugin_upgraded": { "audit_params": [ "plugin", "from", "to" ], "level": "notice", "audit_multiple": true }, "post_created": { "audit_params": [ "post_id", "title", "type" ], "level": "notice", "audit_multiple": true }, "post_deleted": { "audit_params": [ "post_id", "title" ], "level": "warning", "audit_multiple": true }, "post_published": { "audit_params": [ "post_id", "title", "type" ], "level": "notice", "audit_multiple": true }, "post_recovered": { "audit_params": [ "post_id", "title", "type" ], "level": "info", "audit_multiple": true }, "post_trashed": { "audit_params": [ "post_id", "title", "type" ], "level": "warning", "audit_multiple": true }, "post_unpublished": { "audit_params": [ "post_id", "title", "type" ], "level": "warning", "audit_multiple": true }, "post_updated": { "audit_params": [ "post_id", "title", "type" ], "level": "notice", "audit_multiple": true }, "post_updated_content": { "audit_params": [ "post_id", "type" ], "level": "notice" }, "post_updated_slug": { "audit_params": [ "post_id", "type", "slug_old", "slug_new" ], "level": "notice" }, "post_updated_title": { "audit_params": [ "post_id", "type", "title_old", "title_new" ], "level": "notice" }, "reg_email_invalid": { "audit_params": [ "email", "reason" ], "level": "warning", "offense": true }, "report_generated": { "audit_params": [ "type", "interval" ], "level": "info" }, "report_sent": { "audit_params": [ "medium" ], "level": "notice" }, "request_limit_exceeded": { "audit_params": [ "requests", "count", "span" ], "level": "alert", "offense": true }, "scan_item_delete_success": { "audit_params": [ "path_full" ], "audit_multiple": true }, "scan_item_repair_fail": { "audit_params": [ "path_full" ], "audit_multiple": true }, "scan_item_repair_success": { "audit_params": [ "path_full" ], "audit_multiple": true, "recent": true }, "scan_items_found": { "audit_params": [ "scan", "items" ], "level": "alert", "audit_multiple": true, "recent": true }, "scan_run": { "audit_params": [ "scan" ], "level": "debug", "audit_multiple": true }, "session_expired": { "audit_params": [ "user_login" ] }, "session_idle": { "audit_params": [ "user_login" ] }, "session_lock": { "audit_params": [ "user_login" ] }, "session_notfound": { "audit_params": [ "user_login" ] }, "session_start": { "audit_params": [ "user_login", "session_id" ], "level": "info" }, "session_terminate": { "level": "info" }, "session_terminate_current": { "audit_params": [ "user_login", "session_id" ], "level": "info", "recent": true }, "site_blockdown_ended": { "level": "alert", "audit_params": [ "user_login" ] }, "site_blockdown_started": { "level": "alert", "audit_params": [ "user_login" ] }, "spam_block_antibot": [], "spam_block_bot": [], "spam_block_cooldown": [], "spam_block_human": { "audit_params": [ "word", "key" ] }, "spam_block_humanrepeated": [], "spam_form_fail": { "audit_params": [ "form_provider" ], "level": "warning", "stat": true, "audit": true, "offense": false }, "spam_form_pass": { "audit_params": [ "form_provider" ], "level": "info", "stat": true, "audit": true, "offense": false }, "suresend_fail": { "audit_params": [ "email", "slug" ], "level": "warning" }, "suresend_success": { "audit_params": [ "email", "slug" ], "level": "info" }, "test_cron_run": { "level": "debug", "recent": true }, "theme_activated": { "audit_params": [ "theme", "version", "name" ], "level": "notice" }, "theme_downgraded": { "audit_params": [ "theme", "from", "to" ], "level": "notice" }, "theme_file_edited": { "audit_params": [ "file" ], "level": "warning" }, "theme_installed": { "audit_params": [ "theme", "version", "name" ], "level": "warning", "audit_multiple": true }, "theme_uninstalled": { "audit_params": [ "theme", "version", "name" ], "level": "warning", "audit_multiple": true }, "theme_upgraded": { "audit_params": [ "theme", "from", "to" ], "level": "notice", "audit_multiple": true }, "user_deleted": { "audit_params": [ "user_login", "email" ], "level": "warning", "audit_multiple": true }, "user_deleted_reassigned": { "audit_params": [ "user_login" ], "level": "notice" }, "user_demoted": { "audit_params": [ "user_login" ], "level": "alert" }, "user_email_updated": { "audit_params": [ "user_login" ], "level": "notice" }, "user_form_bot_fail": { "audit_params": [ "form_provider", "action", "username" ], "level": "warning", "stat": true, "audit": true, "offense": true }, "user_form_bot_pass": { "audit_params": [ "form_provider", "action", "username" ], "level": "info", "stat": true, "audit": true, "offense": false }, "user_hard_suspended": { "audit_params": [ "user_login", "admin" ], "level": "warning" }, "user_hard_unsuspended": { "audit_params": [ "user_login", "admin" ], "level": "warning" }, "user_login": { "audit_params": [ "user_login" ], "level": "warning" }, "user_login_app": { "audit_params": [ "user_login" ], "level": "warning" }, "user_password_updated": { "audit_params": [ "user_login" ], "level": "notice" }, "user_promoted": { "audit_params": [ "user_login" ], "level": "alert" }, "user_registered": { "audit_params": [ "user_login", "email" ], "level": "alert" }, "whitelist_site_added": { "audit_params": [ "site" ], "level": "warning", "stat": false }, "whitelist_site_removed": { "audit_params": [ "site" ], "level": "notice", "stat": false }, "wp_option_admin_email": { "audit_params": [ "from", "to" ], "level": "warning" }, "wp_option_blogdescription": { "audit_params": [ "from", "to" ], "level": "warning" }, "wp_option_blogname": { "audit_params": [ "from", "to" ], "level": "warning" }, "wp_option_default_role": { "audit_params": [ "from", "to" ], "level": "warning" }, "wp_option_home": { "audit_params": [ "from", "to" ], "level": "warning" }, "wp_option_siteurl": { "audit_params": [ "from", "to" ], "level": "warning" }, "wp_option_users_can_register": { "audit_params": [ "from", "to" ], "level": "warning" } } } }