Kadence Security Pro
Fixes
- Load new dashboard widget on Multisite network admin dashboard properly.
Tweaks
- When ITSEC_DISABLE_MODULES is set, prevent hide backend from running.
Fixes
- Error on the WordPress dashboard screen when the Security Dashboard module does not completely load.
Features
- A new dashboard widget powered by the iThemes Security Dashboard.
Fixes
- Prevent "headers already sent" warning when logging in with the Two-Factor email method on certain systems.
- Tabnapping: Apply noopener to links instead of using blankshield script when available to prevent new pop-up blocker behavior from killing the links.
Features
- Add "Click to Continue" button to email Two-Factor method to simplify usage.
Tweaks
- Don't require logging in again after overriding Two-Factor in Sync in mid-login.
- Improve redirecting after processing a login interstitial from a front-end login form.
- Add display description for log when safe guarding against an empty config file write.
Fixes
- Include Hide Backend token when emailing a password reset URL.
- Duplicate key error when consolidating Dashboard Events.
- Fix Recaptcha opt-in CSS not always loading.
Features
- reCAPTCHA v3 support. Can toggle between loading the api on all pages ( recommended ) or only the required pages. Adjust the Block Threshold from the recommended default of "0.5" based on the data in the Google reCAPTCHA console.
- On page reCAPTCHA opt-in to allow users to agree to Google's ToS without refreshing the page.
Fixes
- Prevent dashboard error when the "Show Avatars" setting is disabled.
- Styling issue that made "Identified Loopback IP" look like an error message instead of a success.
Features
- Introducing the iThemes Security Dashboard. See a real-time overview of the security activity on your website with this dynamic dashboard. Turn it on by activating the Security Dashboard module.
Tweaks
- Add loopback IP detection to Security Check.
- Add define "ITSEC_DISABLE_TEMP_WHITELIST" to disable the Temporary IP Whitelisting for logged-in administrators.
- Only run Remote Messages API on Pro versions.
Fixes
- Only re-add Trusted Devices restricted capabilities filter if it was registered in the first place.
- Error when trying to edit reusable blocks with per-post SSL enabled.
Tweaks
- Use new "determine_locale()" function for loading the plugin textdomain.
Fixes
- Update Grade Report Software version fallback data.
Fixes
- Don't try to get users with the selected role if no roles are selected.
