WordPress

Download Shieldon library from release page, unload it to the parent directory of your WordPress' location.

The directory shieldon and directory wordpress are in the same directory, the structure will look like this:

shieldon/
│ 
wordpress/
├── index.php
├── wp-content/
│   ├── ...
│   ├── ...
├── wp-admin/
│   ├── ...
│   └── ...
└── wp-includes/
    └── ...

Edit index.php

wordpress/index.php

After define('WP_USE_THEMES', true); line, add the following code.

// BEGIN - Shieldon installation
require( dirname( __FILE__ ) . '/wp-config.php' );
require( dirname( __FILE__ ) . '/../shieldon/src/autoload.php' );

$shieldon = new \Shieldon\Shieldon();

$db = array(
    'host'    => DB_HOST,
    'dbname'  => DB_NAME,
    'user'    => DB_USER,
    'pass'    => DB_PASSWORD,
    'charset' => DB_CHARSET,
);

$pdoInstance = new \PDO(
    'mysql:host=' . $db['host'] . ';dbname=' . $db['dbname'] . ';charset=' . $db['charset'],
    $db['user'],
    $db['pass']
);

$shieldon->setDriver(new \Shieldon\Driver\MysqlDriver($pdoInstance));
$shieldon->setComponent(new \Shieldon\Component\TrustedBot());

// You can ignore this setting if you only use one Shieldon on your web application. This is for multiple instances.
$shieldon->setChannel('web_project');

// Set a Captcha servie. For example: Google recaptcha.
$shieldon->setCaptcha(new \Shieldon\Captcha\Recaptcha([
    'key' => 'your_google_recaptcha_site_key',
    'secret' => 'your_google_recaptcha_secret_key',
]));

// Start protecting your website!
$result = $shieldon->run();

if ($result !== $shieldon::RESPONSE_ALLOW) {
    if ($shieldon->captchaResponse()) {
        // Unban current session.
        $shieldon->unban();
    }
    $shieldon->output(200);
}
// END - Shieldon installation

You have to use your own Google ReCaptcha key and secret.

That's it.