Nexcess.comServers.comLiquidWeb.com

5.6.2

Security2 Fix5 Tweak2

Security

  • Fixed issue where a locked out but not yet blacklisted IP/user could receive different HTTP headers when testing a valid username/password combination. Thanks Leon Atkinson of 18INT for contacting us about this issue.
  • Updated log output to prevent specific kinds of logged requests from displaying without sanitization. Thanks to Slavco Mihajloski for contacting us about this issue.

Fixes

  • The Security > Security Check link now works as expected in multisite.
  • Fixed bug that could prevent the "Filter Long URL Strings" feature from working properly.
  • Removed restrictions in the "Filter Long URL Strings" feature that were unrelated to request length.
  • Corrected a settings description typo in Global Settings.
  • Fixed bug that could result in issues authenticating over XML-RPC when the WordPress Tweaks > Multiple Authentication Attempts per XML-RPC Request setting is set to "Block".

Tweaks

  • Added placeholder for the Version Management module of iThemes Security Pro.
  • Updated build number to trigger some updates.