Changelog

Historical information about previous Wordfence plugin versions.

= 7.11.3 – February 15, 2024 =

* Fix: Fixed an issue with sites containing invalid Wordfence Central site data where they could throw an error when viewing Wordfence pages.

= 7.11.2 – February 14, 2024 =

* Improvement: Enhanced the vulnerability scan to check and alert for WordPress core vulnerabilities and to adjust the severity of the scan result based on findings or available updates.
* Improvement: Updated the bundled GeoIP database.
* Improvement: Increased compatibility of brute force protection with plugins that override the normal login flow and omit traditional hooks.
* Change: Adjusted the behavior of automatic quick scans to schedule themselves further away from full scans.
* Fix: Added detection for a site being linked to a non-matching Wordfence Central record (e.g., when cloning the database to a staging site).
* Fix: Streamlined the license and terms of use installation flow to avoid unnecessary prompting.
* Fix: Fixed an issue where user profiles with a selected locale different from the site itself could end up loading the site’s locale instead.

= 7.11.1 – January 2, 2024 =

* Improvement: Added “.env” to the files checked for “Scan for publicly accessible configuration, backup, or log files”.
* Improvement: Provided better descriptive text for the option “Block IPs who send POST requests with blank User-Agent and Referer”.
* Improvement: The diagnostics page now displays the contents of any ‘auto_prepend_file’ .htaccess/.user.ini block for troubleshooting.
* Fix: Fixed an issue where a login lockout on a WooCommerce login form could fail silently.
* Fix: The scan result for abandoned plugins no longer states it has been removed from wordpress.org if it is still listed.
* Fix: Addressed an exception parsing date information in non-repo plugins that have a bad ‘last_updated’ value.
* Fix: The URL scanner no longer generates a log warning when matching a potential URL fragment that ends up not being a valid URL.

= 7.11.0 – November 28, 2023 =

* Improvement: Added new functionality for trusted proxy presets to support proxies such as Amazon CloudFront, Ezoic, and Quic.cloud
* Improvement: WAF rule and malware signature updates are now signed with SHA-256 as well for hosts that no longer build SHA1 support.
* Improvement: Updated the bundled trusted CA certificates.
* Change: The WAF will no longer attempt to fetch rule or blocklist updates when run via WP-CLI.
* Fix: Removed uses of SQL_CALC_FOUND_ROWS, which is deprecated as of MySQL 8.0.17
* Fix: Fixed an issue where final scan summary counts in some instances were not sent to Central.
* Fix: Fixed a deprecation notice for get_class in PHP 8.3.0
* Fix: Corrected an output error in the connectivity section of Diagnostics in text mode.

= 7.10.7 – November 6, 2023 =

* Fix: Compatibility fix for WordPress 6.4 on the login page styling.

To view a complete changelog, visit this link here