Paul Goodchild paulgoodchild

## functions.php
<?php

/**
 * Both of these functions return a boolean (true|false) on whether the current visitor
 * IP address is whitelisted.
 *
 * Be sure to use the most appropriate, depending on your Shield version.
 */

if ( class_exists( '\FernleafSystems\Wordpress\Plugin\Shield\Controller\Controller' ) ) {

## functions.php
<?php

/**
 * Adding custom roles is a case of using the filter provided, adding your
 * roles to the array of roles that has 2FA by email forced upon them.
 *
 * The role you add will be the 'slug' of the role, not the name of the role.
 * For example, WordPress comes with built-in roles such as Administrator.
 * The slug for this role is 'administrator', not 'Administrator'.
 */

## functions.php
<?php

/**
 * Use this filter to change the precise location where Shield's Antibot features will be
 * output within the Woocommerce checkout form.
 */
add_filter( 'icwp-wpsf-woocommerce_checkout_hook_location', function ( $hook ) {

	/**
	 * This is the default hook location used by Shield.

## functions.php
<?php

/**
 * The plugin badge array has 5 attributes represented by the following keys:
 * name, url, logo, protected_by, custom_css
 *
 * This filter is only available is the plugin is activated for ShieldPRO.
 *
 * You may also use your Whitelabel settings to overwrite many of the defaults:
 * See: https://icontrolwp.freshdesk.com/support/solutions/articles/3000078466

## functions.php
<?php
/**
 * WordPress (5.6+) allows the use of Application Passwords when authenticating logins.
 * However, only certain requests are considered to be requests from an "Application". Officially, these are
 * XML-RPC and REST API requests.
 *
 * However, you may customize this to ensure that authenticated requests from your service
 * (if they don't use XML-PRC/RESTAPI) are put through the appropriate authentication process.
 *
 * To achieve this, you make use of the filter: application_password_is_api_request

## functions.php
<?php
/**
 * You may automatically add any WordPress site to your iControlWP account by using the "code run"
 * or "code snippets" feature in ManageWP.
 *
 * Please follow these steps:
 *
 * 1) Install and activate the iControlWP plugin on your WordPress site.
 * 2) Grab your "AUTHENTICATION_KEY" from your iControlWP account:
 *      - https://app.icontrolwp.com/profile/preferences

## functions.php
<?php
/**
 * The Scanner cron job run by the Shield plugin is responsible for executing the scans.
 * If you're running ShieldFREE, the scans runs automatically once per day. On ShieldPRO, it can repeat up to every hour.
 *
 * The Cron is configured to have a start time - i.e. the first time that the cron will execute. Then it repeats based on your settings.
 *
 * If the hour at which the cron is set to run is 3 a.m. (the default), it will first run the next day at 3am, and then
 * every day thereafter at 3 a.m.  If this default hour doesn't suit, you can change it using a WordPress filter.
 *

## functions.php
<?php

/**
 * Use this filter to tell Shield to NOT automatically whitelist certain providers.
 *
 * By default Shield will never block official service providers and web crawlers. You can turn off this behaviour on
 * a per-service basis using this filter.
 *
 * Understand that Shield doesn't then "block" the provider, it simply no longer gives it a free pass. If it abuses your
 * resources or performs requests that cause offenses, it may be then blocked by Shield.

## functions.php
<?php

/**
 * Note: Only available from Shield v11.2+
 *
 * Use this filter to tell Shield whether or not the Plugin Security Badge should be displayed or not.
 *
 * More Info on badge here: https://getshieldsecurity.com/blog/feature-plugin-badge/
 *
 * For example, you may only want to show the badge if the visitor is not on a mobile (see below).

## functions.php
<?php declare( strict_types=1 );

/**
 * Use this filter to tell Shield to NOT run the NotBot JS system.
 *
 * If you disable the NotBot JS system then you will likely lock-out visitors.
 *
 * Use of this filter is at your own risk.
 */
add_filter( 'shield/can_run_antibot', function ( $canRun ) {
	<?php

	/**
	* Both of these functions return a boolean (true\|false) on whether the current visitor
	* IP address is whitelisted.
	*
	* Be sure to use the most appropriate, depending on your Shield version.
	*/

	if ( class_exists( '\FernleafSystems\Wordpress\Plugin\Shield\Controller\Controller' ) ) {
	<?php

	/**
	* Adding custom roles is a case of using the filter provided, adding your
	* roles to the array of roles that has 2FA by email forced upon them.
	*
	* The role you add will be the 'slug' of the role, not the name of the role.
	* For example, WordPress comes with built-in roles such as Administrator.
	* The slug for this role is 'administrator', not 'Administrator'.
	*/
	<?php

	/**
	* Use this filter to change the precise location where Shield's Antibot features will be
	* output within the Woocommerce checkout form.
	*/
	add_filter( 'icwp-wpsf-woocommerce_checkout_hook_location', function ( $hook ) {

	/**
	* This is the default hook location used by Shield.
	<?php

	/**
	* The plugin badge array has 5 attributes represented by the following keys:
	* name, url, logo, protected_by, custom_css
	*
	* This filter is only available is the plugin is activated for ShieldPRO.
	*
	* You may also use your Whitelabel settings to overwrite many of the defaults:
	* See: https://icontrolwp.freshdesk.com/support/solutions/articles/3000078466
	<?php
	/**
	* WordPress (5.6+) allows the use of Application Passwords when authenticating logins.
	* However, only certain requests are considered to be requests from an "Application". Officially, these are
	* XML-RPC and REST API requests.
	*
	* However, you may customize this to ensure that authenticated requests from your service
	* (if they don't use XML-PRC/RESTAPI) are put through the appropriate authentication process.
	*
	* To achieve this, you make use of the filter: application_password_is_api_request
	<?php
	/**
	* You may automatically add any WordPress site to your iControlWP account by using the "code run"
	* or "code snippets" feature in ManageWP.
	*
	* Please follow these steps:
	*
	* 1) Install and activate the iControlWP plugin on your WordPress site.
	* 2) Grab your "AUTHENTICATION_KEY" from your iControlWP account:
	* - https://app.icontrolwp.com/profile/preferences
	<?php
	/**
	* The Scanner cron job run by the Shield plugin is responsible for executing the scans.
	* If you're running ShieldFREE, the scans runs automatically once per day. On ShieldPRO, it can repeat up to every hour.
	*
	* The Cron is configured to have a start time - i.e. the first time that the cron will execute. Then it repeats based on your settings.
	*
	* If the hour at which the cron is set to run is 3 a.m. (the default), it will first run the next day at 3am, and then
	* every day thereafter at 3 a.m. If this default hour doesn't suit, you can change it using a WordPress filter.
	*
	<?php

	/**
	* Use this filter to tell Shield to NOT automatically whitelist certain providers.
	*
	* By default Shield will never block official service providers and web crawlers. You can turn off this behaviour on
	* a per-service basis using this filter.
	*
	* Understand that Shield doesn't then "block" the provider, it simply no longer gives it a free pass. If it abuses your
	* resources or performs requests that cause offenses, it may be then blocked by Shield.
	<?php

	/**
	* Note: Only available from Shield v11.2+
	*
	* Use this filter to tell Shield whether or not the Plugin Security Badge should be displayed or not.
	*
	* More Info on badge here: https://getshieldsecurity.com/blog/feature-plugin-badge/
	*
	* For example, you may only want to show the badge if the visitor is not on a mobile (see below).
	<?php declare( strict_types=1 );

	/**
	* Use this filter to tell Shield to NOT run the NotBot JS system.
	*
	* If you disable the NotBot JS system then you will likely lock-out visitors.
	*
	* Use of this filter is at your own risk.
	*/
	add_filter( 'shield/can_run_antibot', function ( $canRun ) {