Changelog
Historical information about previous Wordfence plugin versions.
= 7.11.0 – November 28, 2023 =
* Improvement: Added new functionality for trusted proxy presets to support proxies such as Amazon CloudFront, Ezoic, and Quic.cloud
* Improvement: WAF rule and malware signature updates are now signed with SHA-256 as well for hosts that no longer build SHA1 support.
* Improvement: Updated the bundled trusted CA certificates.
* Change: The WAF will no longer attempt to fetch rule or blocklist updates when run via WP-CLI.
* Fix: Removed uses of SQL_CALC_FOUND_ROWS, which is deprecated as of MySQL 8.0.17
* Fix: Fixed an issue where final scan summary counts in some instances were not sent to Central.
* Fix: Fixed a deprecation notice for get_class in PHP 8.3.0
* Fix: Corrected an output error in the connectivity section of Diagnostics in text mode.
= 7.10.7 – November 6, 2023 =
* Fix: Compatibility fix for WordPress 6.4 on the login page styling.
= 7.10.6 – October 30, 2023 =
* Fix: Addressed an issue with multisite installations when the wp_options tables had different encodings/collations
= 7.10.5 – October 23, 2023 =
* Improvement: Updated the bundled GeoIP database.
* Improvement: Added detection for Cloudflare reverse proxies blocking callbacks to the site.
* Change: Files are no longer excluded from future scans if a previous scan stopped during their processing.
* Fix: Added handling for the pending WordPress 6.4 change that removes $wpdb->use_mysqli.
* Fix: The WAF MySQLi storage engine will now work correctly when either DB_COLLATE or DB_CHARSET are not defined.
* Fix: Added additional error handling to Central calls to better handle request failures or conflicts.
* Fix: Addressed a warning that would occur if a non-repo plugin update hook did not provide a last updated date.
* Fix: Fixed an error in PHP 8 that could occur if the time correction offset was not numeric.
* Fix: 2FA AJAX calls now use an absolute path rather than a full URL to avoid CORS issues on sites that do not canonicalize www and non-www requests.
* Fix: Addressed a race condition where multiple concurrent hits on multisite could trigger overlapping role sync tasks.
* Fix: Improved performance when viewing the user list on large multisites.
* Fix: Fixed a UI bug where an invalid code on 2FA activation would leave the activate button disabled.
* Fix: Reverted a change on error modals to bring back the additional close button for better accessibility.
= 7.10.4 – September 25, 2023 =
* Improvement: “Admin created outside of WordPress” scan results may now be reviewed and approved.
* Improvement: The WAF storage engine may now be specified by setting the environmental variable “WFWAF_STORAGE_ENGINE”.
* Improvement: Detect when a plugin or theme with a custom update handler is broken and blocking update version checks.
* Change: Deprecated support for WordPress versions lower than 4.7.0.
* Change: Exclude parse errors of a damaged compiled rules file from reporting.
* Fix: Suppress PHP notices related to rule loading when running WP-CLI.
* Fix: Fixed an issue with the scan monitor cron that could leave it running unnecessarily.
To view a complete changelog, visit this link here