ShieldUp – Bad Bots, Scrapers, Attackers


Tired of bad bots, scrapers, attackers and sluggish website performance?

By providing real-time monitoring of accessing IPs, HTTP codes, URLs, and user agents, organized analytics, customizable timeline and visualizations, ShieldUp will help you indentify and combat threats like bad bots, scrapers, malicous attackers.

Which will improve website security and performance by reducing the load on your server resources for a snappy website and great user experience.

Key Features

🛡️ Advanced Security: ShieldUp protects your site from malicious bots, scrapers, attackers and hackers, shielding your website from potential threats.

🚀 Optimized Performance: Improve website speed and user experience by eliminating unnecessary requests from scrapers, bad bots and brute force attackers

🗃️ Comprehensive Data Collection: ShieldUp logs and archive accessing IPs, HTTP response codes, URLs, user agents, timestamps, etc.

📊 Detailed Data Insights: ShieldUp will analyze, organize and displays IP data based on IP ranges, request counts, details, offering a comprehensive view of your traffic within user-friendly tables.

📅 Custom Time Period: Select specific time ranges through an intuitive calendar feature for in-depth data analysis.

📈 Visualize Data: Easily visualize traffic trends and patterns with our user-friendly graphs.

🛠️ IP Tools: Helps you with actions like retrieving detailed IP information from DB or third-party tools.

🌐 Cloudflare Integration (Pro): Seamlessly connect your website to Cloudflare, enhancing security and performance even further by leverage Cloudflare’s powerful features.

⚙️ Advanced IP Management (Pro): Take control with a click. Manage IPs and IP ranges effortlessly, with actions like blocking, JavaScript challenges, whitelisting, or remove rules using Cloudflare’s firewall through the plugin.

💼 Centralized IP Database (Pro): Keep all IPs controlled by your WP plugin and Cloudflare in a centralized database for efficient management and tracking.

📝 User Activity Logging (Pro): Maintain detailed logs of all IP controls by users, ensuring accountability and providing a historical record of security actions.

🏆 Priority Support (Pro): Pro members get priority support, so you can expect quick help with any questions or issues.

Please Note: Yes, the Pro version is undeniably impressive. However, the free version is really what you need and will get the job done.

How it works

1. Installation and Activation

Start by downloading and installing the ShieldUp plugin. Once activated, it seamlessly integrates with your WordPress, ready to work its magic.

2. Data Collection

ShieldUp starts by collecting crucial data about the traffic to your website. It keeps a record of accessing IPs, including HTTP response codes, URLs, user agents, and timestamps. This data is organized into user-friendly tables and presented through interactive graphs, allowing you to gain valuable insights into your website’s traffic patterns.

3. Select, Organize and Display Data

You can choose a specific time frame, making it easy to identify which IPs are accessing your site the most. It also groups IPs into /16 and /24 ranges and along with graphical representation helps you visualize trends, spot unusual activity and potential security threats.

4. Cloudflare Integration (Pro)

ShieldUp seamlessly integrates with Cloudflare in PRO version, enhancing your website’s security even further. Using the Cloudflare API, you can manage IPs and IP ranges right from your WordPress dashboard. Implement blocks, JavaScript challenges, whitelist entries, or remove rules with just a few clicks.

5. IP Tools & IP Management

Each IP listed in the user-friendly interface comes with action buttons, enabling you to ban IPs in your website’s firewall or CloudFlare, retrieve detailed IP information from third-party tools, and perform other custom actions.

6. Enhanced Security

ShieldUp employs advanced security measures to protect your website from a wide range of threats. It identifies and blocks malicious bots, scrapers, attackers, and hackers, ensuring that your website remains secure.

7. Optimized Website Performance

In addition to security, ShieldUp optimizes your website’s performance. It achieves this by filtering out unnecessary requests from bad bots, scrapers and other unwanted traffic. This optimization reduces the load on your server resources, resulting in a snappy and responsive website and great user experience.

Firewalls, What we recommend?

One of the best options would be a hardware-type firewall, but we wouldn’t be in this situation if we had one.

The next best option for managing HTTP and HTTPS traffic is a cloud-based firewall, such as CloudFlare, especially when it is available for free and offers a wide range of excellent features. In addition to that, we also use CSF for other security solutions and to manage traffic and ports related to services like mail and SSH.

So, why do we think CloudFlare is a better solution for HTTP and HTTPS trafic, than “Traditional” Server/Software-Based Firewall (CSF) especially Plugin-Like Firewalls (WordPress Plugins)?

Traditional firewalls, while valuable, have limitations when compared to Cloudflare’s robust security and performance capabilities. These firewalls primarily protect your server or website by consuming server resources, leaving them vulnerable to large-scale attacks, among other things. In contrast, Cloudflare operates a global network that defends against threats at the network edge, providing superior DDoS protection and accelerated content delivery. By choosing Cloudflare, you gain a comprehensive, cloud-based solution that strengthens your website’s resilience and speed, effectively surpassing the capabilities of traditional local firewalls when it comes to HTTP and HTTPS trafic.

Here are some of the main features of CloudFlare:

  1. Global Network Security: Cloudflare operates a vast global network that acts as a protective shield for your website, filtering out malicious traffic and threats before they even reach your server. This distributed approach ensures that attacks are mitigated at the network edge, preserving your server resources.

  2. Content Caching: Cloudflare’s caching infrastructure stores copies of your website’s content at data centers around the world. This means visitors experience faster load times as they access cached content from a server nearest to them, reducing server load and improving website responsiveness.

  3. Web Application Firewall (WAF): Cloudflare offers a comprehensive Web Application Firewall that can be finely tuned to your specific needs. It provides a robust defense against common web application attacks, such as SQL injection and cross-site scripting (XSS), without the need for additional on-site firewall plugins.

  4. IP Control and Access Management: Cloudflare’s firewall allows you to control and manage IP access with precision. You can easily set rules to block or allow specific IPs, IP ranges, or countries, giving you granular control over who can access your website.

  5. DDoS Protection: Cloudflare’s network is designed to withstand large-scale DDoS attacks, providing a shield against volumetric threats that would overwhelm on-site firewalls. This ensures uninterrupted website availability.

  6. Performance Optimization: Cloudflare’s content delivery network (CDN) optimizes the delivery of your website’s assets, including images, scripts, and stylesheets, resulting in reduced latency and faster load times for your visitors.

  7. Scalability and Reliability: Cloudflare’s infrastructure is highly scalable and redundant, ensuring that your website remains available even during traffic spikes or server failures.

By integrating Cloudflare with your WordPress site, you not only enhance security but also optimize performance, reduce server load, and simplify IP access control, all while benefiting from Cloudflare’s global network and advanced security features. It’s a comprehensive solution that takes your website’s protection and performance to the next level.

This is why we use it on all our websites, including the Pro version of this plugin as well. Therefore, we strongly recommend that you use it for your website if you haven’t already, whether you intend to use this plugin or not.

Please note that we still use and recommend that you use a ‘Traditional’ server/software-based firewall like CSF, in conjunction with CloudFlare, to cover various security aspects such as traffic/ports for mail, FTP, SSH, etc.


  • Main Dashboard – Access stats of individual IPs for selected time frame
  • Main Dashboard – Graphical representation of all requests for selected time frame
  • Main Dashboard – Calendar for time frame selection
  • Main Dashboard – Access stats of IP Ranges for selected time frame
  • Main Dashboard – More details for selected IP or IP Range
  • Plugin Settings Page


Just activate it and wait until it collects some data for you so you can see what is going on with your website traffic.


Is this plugin easy to use?

Yes, fairly easy. Just leave it installed for a couple of hours to collect data if you think you are under attack of some sort or for a few days to get an idea of what is going on.

Is this plugin hard on server resources?

No, it is really lightweight and self-cleaning. It is coded that way to be optimized and fast.

Do we need to run this plugin all the time?

Yes, even if you don’t see any attacks or bad bots right away, it doesn’t mean they will not come in a day or a month, for example. So, it is better to have it ON and collecting valuable data so you know what is going on and what was happening in the past.

Is this plugin a Firewall-like solution? Will it block bad traffic?

No, this is basically IP-based HTTP/HTTPS request/access statistics, heavily organized and sorted in a way that will easily help you identify potential BAD BOTS, attackers, malicious intents, etc. You can then take action on each of these IPs using your favorite firewall. We strongly recommend CloudFlare.

Do we need to have CloudFlare?

No, this is our recommendation to use CloudFlare for HTTP/HTTPS traffic and CSF for other security on the server. But you can use only CSF if you wish, or even better, some hardware firewall if you have that in place.

Do you recommend that we use plugin-like firewalls?

No, we explained in detail in this description why we think they are not the best solution for this purpose. One of the main concerns is using server resources to protect your website.

How to upgrade free ShieldUp plugin from WordPress directory to Pro version?

To upgrade the free ShieldUp plugin from the WordPress plugin directory to the Pro version, follow these simple steps:

  1. Log in to your WordPress admin dashboard.
  2. In ShieldUp “Settings”, set “Delete all data/tables when uninstalling plugin” to No.
  3. Navigate to the “Plugins” section and deactivate and DELETE the free ShieldUp plugin.
  4. Download the Pro version plugin file from this website to your computer.
  5. Click on “Add New” and then “Upload Plugin”.
  6. Choose the downloaded ShieldUp Pro plugin file and click “Install Now”.
  7. Once installed, activate the ShieldUp Pro plugin.
  8. Then you can proceed to setup ShieldUp license key and CloudFlare credentials.

That’s it! You’ve successfully upgraded your ShieldUp plugin to the Pro version. Enjoy the enhanced features and benefits for improved website security.


February 1, 2024
I had performance issues for years with my WP sites. Countless useless robots constantly scanned them. The server was overloaded all the time. All sites were slow. Attackers were trying to find a way to break in. I tried many plugins, but none of them helped. This plugin solved my problem. I was able to identify and block IPs that attacked my sites constantly. Since I blocked attackers, everything is working flawlessly. I wish I had it earlier. Thumbs up for simplicity, too.
January 24, 2024
I was looking for something like this for quite some time, because nowhere you can find such well organized access logs by IPs and dates etc.This way you can easily identify bad IPs or IP ranges and ban them in your firewall.I’ve had many IPs and IP ranges that have attacked and scraped my website every day, that caused high CPU usage on my server,now CPU usage is reducing significantly , although I’m still fighting with these bots, but now I can see what is going on and act fast. Also I can monitor what and when agents like Google or Bing are crawling my pages. Thanks for the plugin and I hope you will make more interesting features in the future, I have some ideas that I can share.
Read all 2 reviews

Contributors & Developers

“ShieldUp – Bad Bots, Scrapers, Attackers” is open source software. The following people have contributed to this plugin.



1.0.1 – 2024/01/22

  • Initial release