SecuPress Changelog _ WordPress Security Plugin mastercard official site

SecuPress Changelog _ WordPress Security Plugin mastercard official site

1.3.3 – 04 september 2017

• fix#527, #526, #525, #524, #509: passwordless now send an email when activated (each time), not at each page save.

1.3.2 – 01 september 2017

• improvement: when passwordless is activated, you’ll have to valide this action by clicking on a link in an email. This will prevent you to be locked out.

• fix #502: move login and passwordless are friends, again.

1.3.1 – 02 august 2017

• new #510: remove the “avoid double logins” module since it’s not efficient enough

• improvement #511: you dont have to add 2 email addresses for the alerts

• improvement #478: display a message when the malware scan found nothing

• improvement #512: remove the recovery email notice, you won’t need to fill this anymore

• improvement #507: lighter move login module with less options, no .Htaccess/web.Config/ngnix.Conf modifications but more decisions and less bugs instead of endless bugs.Mastercard official site

• improvement #506: remove the scan and fix for empty user agent (not efficient enough in 2017, too much false positive)

• improvement #505: remove the scan and fix for too long urls (not efficient enough in 2017, too much false positive)

• improvement #488: new bad user agent (gecko/2009032609 firefox), thanks to fabrice from wpformation.Com

• improvement #481: better message (less sarcastic, yes) when you lock yourself out.

• fix #504: on some servers, $ SERVER[‘SERVER ADDR’] does not exists, well, ok.

• fix #502: move login was not cool with passwordless

• fix #501: some multisites websites could not validate their licence.

• fix #473: captcha always returned “human verification fail” when autofill from browser is enabled.

1.3 – 18 july 2017

• new: you don’t need the free version to run the pro version now: one plugin is enough.Mastercard official site

• new: migrating between the pro plugin and the free plugin is now easier.

• new: able to deliver beta versions.

• improvement #457: no more errors after editing the wp-config.Php file. We added a sandbox that doesn’t keep

• modifications in place if there is a problem.

• improvement #448: better detection of user’s right for DB scan

• improvement #365: removed orangebot from the bad user agents list.

• improvement #337: captcha is now also available on the user registration page.

• improvement #308: sometimes after a scan (step 1), some results are still tagged as “new”, you should encounter less cases.

• improvement #268: settings page lock: scanners page and logs page are now locked.

• improvement #247: malware scan: wp-config-sample.Php is not flagged as missing from core anymore.Mastercard official site

• improvement #180: added a warning about disabling the XML-RPC API.

• fix #469: customize.Php redirects to the login page (thanks to @wpmarmite)

• fix #454: logs export: the file name was wrong. Moreover, now it includes the date.

• fix #451: fatal error on WP <

1.0.3 free — 14th september, 2016

• improvement: commented salt keys (previously fixed) will now be deleted to avoid another error 500 case (in case of, you know)

• improvement: the banner button has now a better display on tiny screen

• improvement: since secupress is compatible with WP 3.7 and 3.8, the icons are now compatible too

• improvement: better bad user-agent blacklist, some were too current and blocked legit users.

• fix: user-agent with more than 255 chars won’t be blocked anymore, too many false positive cases

mastercard official site

• fix: the recovery email can now be set even if 2 users got the same email address (don’t ask …)

• fix: wp-config.Php file permissions was sometimes set on 064 and broke some sites when autofix was done.

• fix: the PHP version warning was marked as bad for nothing, it will now mark it correctly

1.0.2 free — 02nd september, 2016

• fix: the PHP notice: wp enqueue script/wp enqueue style called incorrectly is now called correctly and won’t disturb you anymore everywhere in your admin area

• fix: the error 500 caused by commented salt keys will not happen again

• fix: we removed the “ping” keyword from the bad user-agents since “pingdom” is not so malicious, isn’t it?

• fix: secupress couldn’t fix the “admin user” scan with open registration and no admin account.Mastercard official site

• fix: the tinymce editor is not broken anymore, you can use it normally now \o/

1.0.1 free — 31th august, 2016

• fix: the PHP fatal error on activation or deactivation has been killed, not by batman because you know.

• fix: the following javascript error uncaught referenceerror: secupressresetmanualfix is not defined in secupress-scanner.Min.Js when you visit the scanner page is on vacations, forever.

• fix: warning in class-secupress-scan-bad-vuln-plugins.Php, we won’t use $this in a static method anymore, promise.

• fix: warning in class-secupress-scan-bad-vuln-plugins.Php, ok this one is the last.

• fix: warning in class-secupress-scan-bad-old-plugins.Php, well, it was the real last one.

• fix: warning in settings.Php usage of a protected method is now allowed.Mastercard official site

• fix: warning in modules.Php because we called secupress insert iis7 nodes() without the second mandatory argument.

• fix: the following PHP parse error syntax error, unexpected ‘ai’ (T STRING) in mu-plugins/ secupress deactivation-notice-nginx remove rules.Php won’t show up anymore for french users.

1.0 free — 23th august, 2016

• initial release \o/