Mark Maunder
November 19, 2014

Wordfence 5.3.3 Released

Wordfence 5.3.3 has been released. It contains an important security fix along with improved recognition of private IP address ranges and a fix for a warning which appeared in the previous release.

Previous versions of Wordfence would recognize all reserved IP address ranges as “private” address ranges and would auto-whitelist anyone arriving from an IP in those ranges. We did that based on the assumption that anyone arriving from an address that is non-routable on the public Internet was probably from your internal network, and we obviously don’t want to block anyone from your internal network.

However after reviewing this code we felt the ranges were a little too liberal, and so we’ve tightened them up to the traditional ranges of IP’s used on internal (private) networks.

The IP ranges we’re now whitelisting are documented on our official documentation website along with some further explanation.

Please update ASAP if you haven’t already updated.

 

Did you enjoy this post? Share it!

LinkedIn 

Comments

No Comments

Breaking WordPress Security Research in your inbox as it happens.

Example of a news story

This site uses cookies in accordance with our Privacy Policy.