Nexcess.comServers.comLiquidWeb.com

7.2.2

2022-11-15 Security2 Tweak3 Fix3

Security

  • Add support for encrypting Two-Factor Mobile App secrets. Enable via Tools -> Set Encryption Key.
  • Deprecate Automatic Proxy Detection. Instead, manually configure Proxy Detection or use Security Check. Fix IP spoofing attacks.

Tweaks

  • Add "Ban Lockout" button to the Active Lockouts card.
  • Delete passkeys that have been in the "trash" for seven days.
  • Thanks to Calvin Alkan for reporting the security issues fixed in this release.

Fixes

  • File Logs not rotating.
  • MaxMind DB Lite not being automatically refreshed.
  • PHP warning when loading Icon Fonts in certain configurations.