Paul Goodchild paulgoodchild

## functions.php
<?php

add_action( 'admin_init', function () {
    remove_action( 'admin_notices', 'update_nag', 3 );
} );

## custom_roles.php
<?php

		add_filter( 'odp-shield-2fa_email_user_roles', function ( $aRoles ) {
			$aRoles[] = 'your_custom_role';
			return $aRoles;
		} );

## shield_custom_offenses.php
<?php

/**
 * Trigger Custom Shield Offense.
 *
 * Use a WP do_action() call to register a custom offense against an IP address.
 * Supported in Shield Security 7.5+
 *
 * Parameters:
 * 1) The action name that we use to register your custom offense. This never changes.

## adjust_2fa.php
<?php

add_filter( 'icwp-wpsf-user_subject_to_login_intent', function ( $bUserSubjectTo2FA, $oWpUser ) {

    /**
     * Insert Your logic here.
     * Parameter $oWpUser is a WP_User object.
     * Always return a boolean true/false from this function.
     * In this example, if User ID is 1, always apply 2FA rules
     */

## functions.php
<?php

		/**
		 * You can force Shield to display in any language (assuming the translation exists)
		 * regardless of which language your site is currently configured to operate in.
		 *
		 * In this example, we are forcing English. Adjust line #10 to change preferred locale.
		 */
		add_filter( 'shield_force_locale', function () {
			return 'en_US';

## restrict_subscribers.php
<?php

add_action( 'init', function () {
	if ( is_admin() && !( defined( 'DOING_AJAX' ) && DOING_AJAX ) && !current_user_can( 'edit_posts' ) ) {
		wp_safe_redirect( home_url() );
	}
} );

## functions.php
<?php

add_action( 'admin_init', function () {
	if ( function_exists( 'shield_security_get_plugin' ) ) {
		$oShield = shield_security_get_plugin();
		if ( !empty( $oShield ) ) {
			add_filter(
				$oShield->getController()->prefix( 'show_dashboard_widget' ),
				function ( $bShow ) {
                    // restrict display to administrators only (i.e. they have capability to "manage_options")

## functions.php
<?php

/**
 * You can whitelist certain directories from the Shield malware scanner using
 * the following WordPress filter.
 *
 * All paths you provide must be relative to your ABSPATH
 * (i.e. from the directory where your wp-settings.php file resides)
 *
 * You must always return the $paths variable at the end.

## functions.php
<?php

/**
 * Add this to your functions.php and then call your site URL with "get_my_server_ip" in your query.
 * e.g.  https://www.example.com/?get_my_server_ip=1
 */
if ( isset( $_GET[ 'get_my_server_ip' ] ) ) {
	add_action( 'init', function () {
		echo 'Server IPs:<br/>'.implode( '<br/>', array_unique( [
				wp_remote_get( 'https://api.ipify.org' )[ 'body' ],

## functions.php
<?php
/**
 * Shield Security's 2FA timeout defaults to 5 minutes. This means that a user must
 * supply their 2FA code(s) within this time or they'll need to start again (re-login).
 *
 * Some email providers can be a bit slow at times with their email delivery, and
 * 5 minutes isn't long enough. To provide a bit more time, you can use a filter to
 * extend the timeout to as many minutes as you need.
 *
 * Reference: https://support.getshieldsecurity.com/support/solutions/articles/3000101220
	<?php

	add_action( 'admin_init', function () {
	remove_action( 'admin_notices', 'update_nag', 3 );
	} );
	<?php

	add_filter( 'odp-shield-2fa_email_user_roles', function ( $aRoles ) {
	$aRoles[] = 'your_custom_role';
	return $aRoles;
	} );
	<?php

	/**
	* Trigger Custom Shield Offense.
	*
	* Use a WP do_action() call to register a custom offense against an IP address.
	* Supported in Shield Security 7.5+
	*
	* Parameters:
	* 1) The action name that we use to register your custom offense. This never changes.
	<?php

	add_filter( 'icwp-wpsf-user_subject_to_login_intent', function ( $bUserSubjectTo2FA, $oWpUser ) {

	/**
	* Insert Your logic here.
	* Parameter $oWpUser is a WP_User object.
	* Always return a boolean true/false from this function.
	* In this example, if User ID is 1, always apply 2FA rules
	*/
	<?php

	/**
	* You can force Shield to display in any language (assuming the translation exists)
	* regardless of which language your site is currently configured to operate in.
	*
	* In this example, we are forcing English. Adjust line #10 to change preferred locale.
	*/
	add_filter( 'shield_force_locale', function () {
	return 'en_US';
	<?php

	add_action( 'init', function () {
	if ( is_admin() && !( defined( 'DOING_AJAX' ) && DOING_AJAX ) && !current_user_can( 'edit_posts' ) ) {
	wp_safe_redirect( home_url() );
	}
	} );
	<?php

	add_action( 'admin_init', function () {
	if ( function_exists( 'shield_security_get_plugin' ) ) {
	$oShield = shield_security_get_plugin();
	if ( !empty( $oShield ) ) {
	add_filter(
	$oShield->getController()->prefix( 'show_dashboard_widget' ),
	function ( $bShow ) {
	// restrict display to administrators only (i.e. they have capability to "manage_options")
	<?php

	/**
	* You can whitelist certain directories from the Shield malware scanner using
	* the following WordPress filter.
	*
	* All paths you provide must be relative to your ABSPATH
	* (i.e. from the directory where your wp-settings.php file resides)
	*
	* You must always return the $paths variable at the end.
	<?php

	/**
	* Add this to your functions.php and then call your site URL with "get_my_server_ip" in your query.
	* e.g. https://www.example.com/?get_my_server_ip=1
	*/
	if ( isset( $_GET[ 'get_my_server_ip' ] ) ) {
	add_action( 'init', function () {
	echo 'Server IPs:<br/>'.implode( '<br/>', array_unique( [
	wp_remote_get( 'https://api.ipify.org' )[ 'body' ],
	<?php
	/**
	* Shield Security's 2FA timeout defaults to 5 minutes. This means that a user must
	* supply their 2FA code(s) within this time or they'll need to start again (re-login).
	*
	* Some email providers can be a bit slow at times with their email delivery, and
	* 5 minutes isn't long enough. To provide a bit more time, you can use a filter to
	* extend the timeout to as many minutes as you need.
	*
	* Reference: https://support.getshieldsecurity.com/support/solutions/articles/3000101220