Changelog

Historical information about previous Wordfence Releases.

= 7.3.5 – July 16, 2019 =

* Improvement: Improved tagging of the login endpoint for brute force protection.
* Improvement: Added additional information about reCAPTCHA to its setting control.
* Improvement: Added a constant that may be overridden to customize the expiration time of login verification email links.
* Improvement: reCAPTCHA keys are now tested on saving to prevent accidentally inputting a v2 key.
* Improvement: Added a setting to control the reCAPTCHA human/bot threshold.
* Improvement: Added a separate option to trigger removal of Login Security tables and data on deactivation.
* Improvement: Reworked the reCAPTCHA implementation to trigger the token check on login/registration form submission to avoid the token expiring.
* Fix: Widened the reCAPTCHA key fields to allow the full keys to be visible.
* Fix: Fixed encoding of the ellipsis character when reporting malware finds.
* Fix: Disabling the IP blacklist once again correctly clears the block cache.
* Fix: Addressed an issue when outbound UDP connections are blocked where the NTP check could log an error.
* Fix: Added handling for reCAPTCHA’s JavaScript failing to load, which previously blocked logging in.
* Fix: Fixed the functionality of the button to send 2FA grace period notifications.
* Fix: Fixed a missing icon for some help links when running in standalone mode.

= 7.3.4 – June 17, 2019 =

* Improvement: Added security events and alerting features built into Wordfence Central.

= 7.3.3 – June 11, 2019 =

* Improvement: Added support for managing the login security settings to Wordfence Central.
* Improvement: Updated the bundled root CA certificate store.
* Improvement: Added a check and update flow for mod_php hosts with only the PHP5 directive set for the WAF’s extended protection mode.
* Improvement: Added additional values to Diagnostics for debugging time-related issues, the new fatal error handler settings, and updated the PHP version check to reflect the new 5.6.20 requirement of WordPress.
* Change: Changed the autoloader for our copy of sodium_compat to always load after WordPress core does.
* Fix: Fixed the “removed from wordpress.org” detection for plugin, which was broken due to an API change.
* Fix: Fixed the bulk repair function in the scan results when it included core files.

= 7.3.2 – May 16, 2019 =

* Improvement: Updated sodium_compat to address an incompatibility that may occur with the pending WordPress 5.2.1 update.
* Improvement: Clarified text around the reCAPTCHA setting to indicate v3 keys must be used.
* Improvement: Added detection for Jetpack and a notice when XML-RPC authentication is disabled.
* Fix: Suppressed error messages on the NTP time check to compensate for hosts with UDP connections disabled.

= 7.3.1 – May 14, 2019 =

* Improvement: Two-factor authentication is new and improved, now available on all Premium and Free installations.
* Improvement: Added Google reCAPTCHA v3 support to the login and registration forms.
* Improvement: XML-RPC authentication may now be disabled or forced to require 2FA.
* Improvement: Reduced size of SVG assets.
* Improvement: Clarified text on “Maximum execution time for each scan stage” option.
* Improvement: Added detection for an additional config file that may be created and publicly visible on some hosts.
* Improvement: Improved detection for malformed malware scanning signatures.
* Change: Long-deprecated database tables will be removed.
* Change: Removed old performance logging code that’s no longer used.
* Fix: Addressed a log notice when using the See Recent Traffic feature in Live Traffic.
* Fix: WAF attack data now correctly includes JSON payloads when appropriate.
* Fix: Fixed the text for Live Traffic entries that include a redirection message.
* Fix: Fixed an issue with synchronizing scan issues to Wordfence Central that prevented stale issues from being cleared.

To view a complete changelog please visit this link here