Плагин Wordfence Security Premium – тотальная защита для WordPress v7.11.5

7.11.5 — April 3, 2024​

• Fix: Revised the behavior of the reCAPTCHA verification to use the documented expiration period of the token and response to avoid sending verification requests too frequently, which could artificially lower scores in some circumstances
• Fix: Addressed PHP 8 deprecation notices in the file differ used by file changed scan results
• Fix: Reduced the frequency of Wordfence Central status update callbacks in sections of the scan that occur quickly in sequence

7.11.4 – March 11, 2024​

• Change: CAPTCHA verification when enabled now additionally applies to 2FA logins (may send an email verification on low scores) and no longer reveals whether a user exists for the submitted account credentials (credit: Raxis)
• Fix: Addressed a potential PHP 8 notice in the human/bot detection AJAX call
• Fix: Addressed a potential PHP 8 notice when requesting a lockout unlock verification email
• Fix: Fixed the emailed diagnostics view not showing the missing table information when applicable
• Fix: Improved quick scan logic to base timing on regular scans so they’re more evenly distributed

7.11.3 – FEBRUARY 15, 2024​

• Fix: Fixed an issue with sites containing invalid Wordfence Central site data where they could throw an error when viewing Wordfence pages

7.10.7 – NOVEMBER 6, 2023​

• Fix: Compatibility fix for WordPress 6.4 on the login page styling

7.10.6 – OCTOBER 30, 2023​

• Fix: Addressed an issue with multisite installations when the wp_options tables had different encodings/collations

7.10.5 – OCTOBER 23, 2023​

• Improvement: Updated the bundled GeoIP database
• Improvement: Added detection for Cloudflare reverse proxies blocking callbacks to the site
• Change: Files are no longer excluded from future scans if a previous scan stopped during their processing
• Fix: Added handling for the pending WordPress 6.4 change that removes $wpdb->use_mysqli
• Fix: The WAF MySQLi storage engine will now work correctly when either DB_COLLATE or DB_CHARSET are not defined
• Fix: Added additional error handling to Central calls to better handle request failures or conflicts
• Fix: Addressed a warning that would occur if a non-repo plugin update hook did not provide a last updated date
• Fix: Fixed an error in PHP 8 that could occur if the time correction offset was not numeric
• Fix: 2FA AJAX calls now use an absolute path rather than a full URL to avoid CORS issues on sites that do not canonicalize www and non-www requests
• Fix: Addressed a race condition where multiple concurrent hits on multisite could trigger overlapping role sync tasks
• Fix: Improved performance when viewing the user list on large multisites
• Fix: Fixed a UI bug where an invalid code on 2FA activation would leave the activate button disabled
• Fix: Reverted a change on error modals to bring back the additional close button for better accessibility

7.10.4 – SEPTEMBER 25, 2023​

• Improvement: “Admin created outside of WordPress” scan results may now be reviewed and approved
• Improvement: The WAF storage engine may now be specified by setting the environmental variable “WFWAF_STORAGE_ENGINE”
• Improvement: Detect when a plugin or theme with a custom update handler is broken and blocking update version checks
• Change: Deprecated support for WordPress versions lower than 4.7.0
• Change: Exclude parse errors of a damaged compiled rules file from reporting
• Fix: Suppress PHP notices related to rule loading when running WP-CLI
• Fix: Fixed an issue with the scan monitor cron that could leave it running unnecessarily

7.10.3 – JULY 31, 2023​

• Improvement: Updated GeoIP database
• Fix: Added missing text domain to translation function call
• Fix: Corrected inconsistent styling of switch controls
• Change: Made MySQLi storage engine the default for Flywheel hosted sites

7.10.0 – JUNE 21, 2023​

• Improvement: Added translation support for strings from login security plugin
• Improvement: Added translator notes regarding word order and hidden text
• Improvement: Added translation support for additional strings
• Improvement: Prevented scans from failing if unreadable directories are encountered
• Improvement: Added help link to IPv4 scan option
• Improvement: Updated scan result text to clarify meaning of plugins removed from wordpress.org
• Improvement: Made “Increased Attack Rate” emails actionable
• Improvement: Updated GeoIP database
• Improvement: Updated JavaScript libraries
• Fix: Corrected IPv6 address expansion
• Fix: Ensured long request payloads for malicious requests are recorded in live traffic
• Fix: Prevented “commands out of sync” database error messages when the database connection has failed
• Fix: Prevented rare JSON encoding issues from breaking free license registration
• Fix: Prevented PHP notice from being logged when request parameter is missing
• Fix: Prevented deprecation warning in PHP 8.1
• Change: Moved detection for old TimThumb files to malware signature
• Change: Moved translation file from .po to .pot
• Change: Renamed “Macedonia” to “North Macedonia, Republic of”

7.9.3 – MAY 31, 2023​

• Improvement: Added exception handling to prevent WAF errors from being fatal
• Fix: Corrected error caused by method call on null in WAF
• Change: Deprecated support for PHP 5.5 and 5.6, ended support for PHP 5.3 and 5.4
• Change: Specified WAF version parameter when requesting firewall rules