Kadence Security Pro
Tweaks
- iThemes Security requires PHP 5.4 or later.
- Make Magic Links work in a wider variety of situations.
- New Lockout Template screen.
- There were significant changes to the internals of the iThemes Security Lockout API in this release. If you are using the ITSEC_Lockout class directly, all the API functions will continue to work, but will emit deprecation notices. Please update your integrations.
Features
- Make WordPress Security Easy With Passwordless Logins
Fixes
- WordPress 5.3 Compatibility
- Brute Force module reporting invalid logins using an email address incorrectly.
Tweaks
- new iThemes Sync Verb support for overriding a specific Two-Factor request.
Fixes
- Hide Backend Bypass.
- Strict Standards error during Sync request.
- wp_die() if a login interstitial session fails to be created instead of throwing a fatal error.
Tweaks
- New iThemes Sync Verb support for File Change.
- Add additional information about the login attempt when calling the Network Brute Force API.
Fixes
- Ensure Dashboard classes are always loaded.
Tweaks
- Add Security Message when a Notification Center email fails to send.
- Add Security Message when the Malware Scanner finds malware or encounters an error.
- Replace Trace IP with IP Tracker Online.
Tweaks
- iThemes Security Admin Notices are now conveniently located in the new Security Messages Menu. Check your notices in the Security menu on the WordPress Admin Bar.
- Add filters to customize the available Two Factor providers for a user.
- Add a dismissible warning if iThemes Security isn't licensed.
- Remove "pin" link from a Security Profile when that profile has already been pinned.
- Remove 'DELETE' method from "System Tweaks -> Filter Request Methods"
- Minor UI and a11y improvements to the Security Dashboard.
Fixes
- For WordPress 5.2 installs, prevent updating a plugin via Grade Report if the new plugin update has PHP version requirements that are not met.
Fixes
- Hide backend bypass.
Tweaks
- Replace Google QR Code API with an iThemes Security hosted solution. Google's API will be shutdown on March 14th, 2019. If you'd like to generate QR codes locally, a plugin is available in the members panel under "Plugins": iThemes Security - Local QR Code.
- Add support for deleting dashboards.
- Order cards in the dashboard widget in the same order as the mobile breakpoint in the Security Dashboard.
- New WP-CLI command for retrieving, releasing and creating lockouts.
- Improve dashboard a11y.
- Improve dashboard performance by decreasing the bundle size, improving cache stability, and async loading less used libraries.
- Allow the log description column to word break for URLs or other strings with no spaces.
Fixes
- Hide Backend bypass on certain Apache configurations.
- Properly return error that occurs during a backup.
- Regex warning on PHP 7.3 in the File Change module.
- Resolve warning when a user is set to "No Role".
- Removing the last role or user from a shared dashboard would not work.
Fixes
- Load new dashboard widget on Multisite network admin dashboard properly.
Tweaks
- When ITSEC_DISABLE_MODULES is set, prevent hide backend from running.
Fixes
- Error on the WordPress dashboard screen when the Security Dashboard module does not completely load.