Wordfence 5.0.4 Beta1 now available. Targeting tomorrow for release.
This entry was posted in Wordfence on April 16, 2014 by Mark Maunder 2 Replies
Hi Beta Testers!
Wordfence 5.0.4 Beta1 is now available for your downloading pleasure at:
What we’ve changed:
- Feature: We now scan for the infamous heartbleed openssl vulnerability using a non-intrusive scan method safe for production servers.
- Improvement: We now check if .htaccess is writable and if not we give you rules to manually enable Falcon.
- Improvement: Once Falcon is enabled, if we can’t write to .htaccess, we fall back to PHP based IP blocking.
- Feature: You can now clear pages and posts from the cache on the list-posts page under each item or on their edit pages next to the Update button.
- Fix: We now support sites who use a root URI but store their files and .htaccess in a subdirectory of the web root.
What I’d like tested:
- Enabling and disabling Falcon Engine, specifically on sites that have a read-only .htaccess. And also on sites that have a http://example.com/ URL but where their files are stored in a subdirectory under the web root.
- If you run an openSSL site, test our HeartBleed scanning. Hopefully you’re not vulnerable. We’ve tested this on vulnerable sites and it shows a high degree of accuracy.
- Test page/post clearing from the cache on the admin page where you see all your pages/posts and on the edit page next to the publish button.
Because we need to launch this ASAP (WP 3.9 went out today and we need to get the compatible readme.txt in this plugin out asap) we’re going to try to push this release into production tomorrow around noon. So you unfortunately have less than 24 hours to test this. Future releases will give you 48 to 72 hours for minor releases and more for major releases.
Mark Maunder – Wordfence creator.