Plugin Features

Easy Integration

Simple installation and configuration, no coding required.

Fast Loading

Optimized performance and loading speed.

Secure & Reliable

Following best security practices to protect your website.

Easy to Customize

Flexible options to easily customize the plugin.

Regular Updates

Regular updates with new features and security fixes.

Professional Support

Detailed documentation and professional technical support.

Plugin Description

Version: 1.0.0
Author: Smart Security Team
Requires WordPress: 5.0+
Requires PHP: 7.4+
License: GPL-2.0+

Description

Zhangsir1724 Smart Shield is a comprehensive WordPress security plugin that provides essential protection against common web threats. It features a Web Application Firewall (WAF), login protection, file protection, and dangerous function monitoring – all in one lightweight package.

Key Features

  • Web Application Firewall (WAF) – Real-time protection against SQL injection, XSS, and other common attacks
  • Login Protection – Brute force prevention with IP blocking and CAPTCHA support
  • File Protection – Monitor and protect critical WordPress files from unauthorized modifications
  • Dangerous Function Monitoring – Track and alert on potentially dangerous PHP function usage
  • Security Dashboard – Centralized view of all security events and statistics

Installation

From WordPress.org (Recommended)

  1. Go to Plugins β†’ Add New in your WordPress admin
  2. Search for “Zhangsir1724 Smart Shield”
  3. Click Install Now and then Activate

Manual Installation

  1. Download the plugin zip file
  2. Go to Plugins β†’ Add New β†’ Upload Plugin
  3. Select the zip file and click Install Now
  4. Activate the plugin through the ‘Plugins’ menu

After Activation

  1. Navigate to Smart Security in your WordPress admin menu
  2. Review the Dashboard for your current security status
  3. Configure settings in each protection module

Features

1. Web Application Firewall (WAF)

The WAF monitors all incoming requests and blocks malicious traffic before it reaches your WordPress installation.

Protection Types:

TypeDescription
SQL InjectionBlocks attempts to inject malicious SQL queries
XSS AttacksPrevents cross-site scripting attempts
Directory TraversalBlocks attempts to access files outside web root
File InclusionPrevents local and remote file inclusion attacks
Command InjectionBlocks system command execution attempts

Configuration Options:

  • Enable/disable WAF protection
  • Custom blocked message
  • Whitelist specific IP addresses
  • View recent blocked requests

2. Login Protection

Protect your login page from brute force attacks and unauthorized access attempts.

Features:

  • Failed Login Tracking – Monitor and record failed login attempts
  • IP Blocking – Automatically block IPs after multiple failed attempts
  • CAPTCHA Support – Add an extra layer of verification
  • Login URL Protection – Option to change the default login URL

Settings:

SettingDescriptionDefault
Max AttemptsMaximum failed attempts before blocking5
Block DurationHow long to block an IP (minutes)60
Email NotificationNotify admin on repeated failuresYes

3. File Protection

Monitor critical WordPress files for unauthorized changes.

Monitored Files:

  • wp-config.php – WordPress configuration
  • .htaccess – Apache configuration
  • Core WordPress files
  • Theme files (optional)
  • Plugin files (optional)

Alert Types:

  • File modification detected
  • File permissions changed
  • New files added to sensitive directories
  • Files deleted unexpectedly

4. Dangerous Function Monitoring

Track usage of potentially dangerous PHP functions that could indicate malicious activity.

Monitored Functions:

FunctionRisk LevelDescription
eval()HighExecute arbitrary PHP code
base64_decode()MediumDecode encoded strings
shell_exec()HighExecute system commands
passthru()HighExecute external programs
system()HighExecute system commands
exec()HighExecute external programs
file_get_contents()LowRead file contents
file_put_contents()MediumWrite file contents

Features:

  • Real-time monitoring
  • Detailed logging of function calls
  • Source file tracking
  • Alert notifications

Dashboard

The Security Dashboard provides a comprehensive overview of your site’s security status.

Dashboard Widgets:

  1. Security Overview – Quick status of all protection modules
  2. Recent Blocks – Latest blocked requests from WAF
  3. Login Statistics – Failed/successful login attempts
  4. File Status – Current status of protected files
  5. Dangerous Functions – Recent function usage alerts

Settings

General Settings

  • Enable Debug Mode – Log additional information for troubleshooting
  • Security Level – Choose between Basic, Standard, and Strict modes
  • Admin Email – Email address for security notifications

WAF Settings

  • Enable WAF – Turn the firewall on/off
  • Block Message – Custom message shown to blocked visitors
  • Log Retention – How long to keep block logs

Login Protection Settings

  • Enable Protection – Turn login protection on/off
  • Max Attempts – Maximum failed logins before block
  • Block Duration – Duration of IP blocks
  • Enable CAPTCHA – Add CAPTCHA to login form

File Protection Settings

  • Enable Monitoring – Turn file monitoring on/off
  • Check Interval – How often to check files
  • Email Alerts – Send email on file changes

Frequently Asked Questions

Is this plugin compatible with caching plugins?

Yes, Zhangsir1724 Smart Shield is compatible with most caching plugins. The WAF runs before caching, ensuring all requests are checked.

Will this slow down my site?

No, the plugin is designed to be lightweight. The WAF uses optimized patterns and caching to minimize performance impact.

Can I whitelist my own IP?

Yes, go to Smart Security β†’ Settings β†’ WAF and add your IP to the whitelist.

What happens if I get locked out?

If you’re locked out, you can:

  1. Wait for the block duration to expire
  2. Access via FTP and disable the plugin temporarily
  3. Add your IP to the whitelist in the database

Is there a Pro version?

Yes! Zhangsir1724 Smart Shield Pro offers advanced features including:

  • Advanced WAF with threat intelligence
  • IP blacklist/whitelist management
  • File integrity monitoring
  • Activity logging and auditing
  • Geographic IP blocking
  • Rate limiting

Visit our website for more information about Pro features.

Changelog

1.0.0

  • Initial release
  • Web Application Firewall (WAF)
  • Login Protection
  • File Protection
  • Dangerous Function Monitoring
  • Security Dashboard

Upgrade Notice

1.0.0

Initial release. Welcome to Zhangsir1724 Smart Shield!

Credits

Developed by Zhangsir

License

This plugin is licensed under the GPL-2.0+ license. See LICENSE for more information.

User Reviews

Leave a Reply

Your email address will not be published. Required fields are marked *