Kadence Security Pro
Features
- Online Files Comparison now supports WordPress.org plugins.
Tweaks
- Add support for changing position of the Invisible Recaptcha badge.
- Display user lockouts in Lockout Sidebar.
- Use the current site URL instead of the network URL when sending Two Factor Email codes.
Fixes
- Fixed issue that could prevent Sync from loading Malware Scan results if a scan previously failed.
- Fixed method that could be used to discover hidden login slug on some sites.
- Hide Backend notifications not being properly sent when first enabled.
- Load translations on the plugins_loaded hook.
- Log logins with User Logging when logging in with Two Factor.
- Prevent login page being hidden when following the "Confirm Email Address" notification URL.
- Update to the REST API "Restricted Access" feature to protect against methods to work around the restricted access.
Tweaks
- Add 'site_title' as an available tag for the Two Factor email.
Fixes
- Fix scheduling retries for Malware Scans on sites that don't fully support WordPress's cron system.
- Reactivating Away Mode now replaces the active file if you had previously removed it.
- Ensure lockouts take effect immediately, even on systems where changes to server configuration files do not take effect immediately.
- Warning on new installations when activating certain Version Management features.
Fixes
- Make Cron scheduler available in more circumstances.
- Events with the Twice Daily schedule would not be carried over when switching scheduler strategies.
- Backup schedules respect the interval chosen.
- Prevent multiple cron tests from being scheduled at once.
- Cron test being stuck in a loop preventing a site from switching back to the cron scheduler.
- Prevent warnings when a single and recurring event were scheduled at the same time.
Tweaks
- Sort scheduled events in WP CLI command.
Fixes
- Fixed issue where scheduled events could repeat on sites that do not properly support WordPress's cron system.
Features
- Introduces a scheduling framework for handling events. Cron is now used by default, and will switch to using an alternate scheduling system if it detects an error. To disable this detection set ITSEC_DISABLE_CRON_TEST in your wp-config.php file.
Deprecateds
- The ITSEC_FILE_CHECK_CRON and ITSEC_BACKUP_CRON constants have been deprecated. Use ITSEC_USE_CRON instead.
Fixes
- Fix occasional duplicate backups and file scans.
Tweaks
- Preserve notification settings when the responsible module is deactivated.
Fixes
- Process 404 lockouts on the 'wp' hook to prevent a headers have already been sent warning message.
- Ensure Hide Backend emails are properly sent when activating Hide Backend before saving the Notification Center for the first time.
- Prevent warning from being issued on new installs by allowing previous settings to be preserved if they exist.
- Better handle WP_Error objects in mail errors that occurred before updating to first patch release.
- A non static method was being called statically.
Fixes
- Don't display file change admin notifications if the Notify Admin setting is not enabled.
Fixes
- Fixed source of the following warning: "mysql_real_escape_string() expects parameter 1 to be string, object given".
Tweaks
- Updated queries and prepare statements to account for changes to the esc_sql() function in WordPress 4.8.3.
Fixes
- Fixed the File Change module being incorrectly enabled when upgrading.
Fixes
- Only enable the Lockout email notification is the Daily Digest was previously disabled.
- Fix JavaScript error when loading the Notification Center on some systems.
- Don't store WP Error objects for mail errors preventing a fatal error for rare PHPMailer errors.
- Prevent error on upgrade warning the subject line was empty.
- Ensure file change notification is properly enabled/disabled on upgrade.
- Fallback to correct default subject lines.
- Don't enable all administrators as the recipients for emails where all custom email addresses did not have corresponding users.
Tweaks
- Properly enable lockout and file change notifications, uncheck all administrators as recipients when necessary.