Requires Magento 2.3+, PHP 7.2+ and an eComscan account (Advanced or up).
composer require sansec/magento2-module-shield
bin/magento setup:upgrade
bin/magento config:set sansec_shield/general/license_key <your license key>
bin/magento sansec:shield:sync-rulesYou can configure your license key and other settings via System → Configuration → Security → Sansec Shield.
Test it by visiting your store and add ?SANSEC-SHIELD-TEST to your URL, it should give you "permission denied". You'll see your first blocked attack appear instantly on your Shield Dashboard. If you do not want reports, you can disable it with:
bin/magento config:set sansec_shield/general/report_enabled 0You can always view detailed logs in var/log/sansec_shield.log.
See for FAQs our Shield guide.
Shield rules update automatically through the standard Magento cron mechanism. If you are running a standard cron setup (bin/magento cron:run), no further action is required.
If you only run specific cron groups (bin/magento cron:run --group <group name>), make sure to include a cron for the sansec group as well.
You can verify Shield rules sync every 5 minutes in var/log/sansec_shield.log.
The Sansec Shield module is deliberately kept stable and there is no need to monitor for updates. If an essential new version is released, we will notify you via email.
To check your current version:
composer show sansec/magento2-module-shieldTo upgrade to the latest version:
composer require sansec/magento2-module-shield:^1.0
bin/magento setup:upgradeIf you get this error when running bin/magento sansec:shield:sync-rules, even though the license key is already configured, flush the Magento cache:
bin/magento cache:flushThen retry the sync command.
Run the Magento dependency injection compiler:
bin/magento setup:di:compileShield's only dependency is magento/framework, so it will not pull in or force any additional upgrades. If you see many packages being upgraded, your vendor/ directory was out of sync with composer.lock. Running composer require synced your vendor directory to match.
To avoid this, revert composer.lock to a version that matches your current vendor directory before installing Shield:
git checkout composer.lock
composer require sansec/magento2-module-shieldIf installing via Composer is not an option, you can copy the source files directly into app/code/Sansec/Shield, though you will need to handle updates manually from that point on.
Magento's cron:install resolves symlinks to their real path, so after a new deployment the crontab still points to the old release directory. Ensure that the crontab uses your stable symlink (e.g. /data/web/current/bin/magento) instead.
Sansec Shield is published under the liberal MIT license.