WP Defender Pro WPMU Dev Free Download v4.2.5 – wpmudev | WP Defender Pro WPMU Dev Nulled v4.2.5 helps to get vulnerability reports, regular security scans, safety recommendations and easily customized hardening for your site in just a few clicks. Defender WP Plugin Nulled is the analyst and enforcer that never sleeps.
wp-defender-pro-nulled.zip (LATEST)
Heading Contents
show
Scheduled Security Scans
Conduct regular security scans, notify suspicious activity administrators and resolve bulk issues.
2-Factor Authentication
Join millions who secure two-factor authentication in their accounts. Enable 2FA to protect your password and phone account.
Audit Logging
Fatigued with mysterious breaks or slowness on your site? With the Audit Log feature, keep detailed logs for each user action.
Instant Email Alerts
With personalized reports and automatic email alerts about your safe, you’ll never be in the dark.
IP Lockout
Defender’s IP Lockout system defeats brute force attacks. Allow list control, manual and automatic IP bans, and manual and automatic IP bans are all available to secure your web.
Login Masking
Make your default login URL more stable. With a special slug, bots would have a harder time locating your login page.
Brute Force Protection
Brute force attacks are no challenge for Defender Nulled. Permanently ban IP’s or cause a timed lockout after a given number of failed login attempts.
Vulnerability Reports
Be notified when theres a security issue or concern. Defender Nulled runs monitoring and sends updates with the knowledge that matters.
White Label Security
Rebrand Defender’s security forces and replace with your own logo with the WPMU DEV dashboard plugin Nulled.
Demo
Download links for WP Defender Pro WordPress Plugin Free Download
wp-defender-pro-nulled.zip (LATEST)
Download links for WP Defender Pro v2.4.6.1 Old Version- Security plugin WordPress
Download links for WP Defender Pro v1.9 – WordPress Plugin
Changelog WP Defender Pro Nulled
October 19, 2023 - version 4.2.1
Fix: Deprecation error in the log
Fix: Data opt-in modal visibility conditions
October 16, 2023 - version 4.2
Enhance: Compatibility with WordPress 6.4
Enhance: Improve Mask Login hooks to avoid bypassing
Enhance: Add relevant icons to suspicious file accordion
Enhance: 'Save Changes' button in security headers is not disabled when clicked
Enhance: UI Enhancements
Fix: Secure log data handling
Fix: Global IP data sync error on new sites
Fix: Mask login fails to recognize Subdirectory/Subdomain and Post/Page slugs
September 11, 2023 - version 4.1
New: Safe Repair for Suspicious files
Enhance: Require PHP 7.4 as the minimum supported version
Enhance: Allow to quarantine readme.txt files
Enhance: Enable "Move to quarantine" by default when deleting or repairing a file
Enhance: Improve the Quarantine directory accessibility logic
Enhance: Update Quarantine page copy
Enhance: Add new toggle state "Push permanently blocklisted IPs" to config structure
Enhance: Add banned IP to the Global IP blocklist on the firewall logs page
Enhance: Remove Beta info about 2FA
Enhance: GeoLite2 DB URL is not working
Enhance: PHP v8.1 warnings for the "PHP QR Code" package
Enhance: Update the primary color in the email notifications
Enhance: Change the "Settings" link to "Dashboard" on plugins page
Enhance: UI Enhancements
Fix: False positives on Windows server
Fix: Bypass masked URL and view the masked URL slug using Gravity Forms gf_page-argument
Fix: Compatibility issues with the Polylang plugin
Fix: Fix scrolling on Global IP section
Fix: Quarantined file time sent to HUB is not in GMT/UTC-based timestamp
Fix: Replace the deprecated FILTER_SANITIZE_STRING in PHP v8.1+
Fix: Forminator shortcode not rendered in Gutenberg block when Defender is activated
Fix: Cannot recheck Prevent PHP Execution
Fix: IP Allowlist/Blocklist do not accept more than one IP on Windows server
Fix: Mismatch in the "Free Membership text" on the Defender dashboard page
Fix: Geo-blocking does not work on a multisite subsite
Fix: Hide WPMU DEV URLs when Whitelabel is enabled and not listed users
Fix: Compatibility issues with the Amelia Pro plugin
August 24, 2023 - version 4.0.2
Fix: Adjust table creation based on storage engines
August 9, 2023 - version 4.0.1
Fix: Quarantine table creation on upgrade from free to pro
July 25, 2023 - version 4
New: Safe Repair
Enhance: Compatibility with WordPress 6.3
Enhance: Replaced hero image with new product logo
June 19, 2023 - version 3.12
Enhance: Update global IP cron schedule to hourly
Enhance: Improve malware scan core
Enhance: Extend conditions for crawler request validation
Enhance: Replace trial prompts in Defender free
Fix: User agent is blocked when the blocklist is empty
Fix: Issues when deleting vulnerable plugins or themes
Fix: Released temporary IP addresses are shown in the Active Lockouts list
Fix: Detect malware in core-builder and core-engine plugins
Fix: Defender Reset option does not clean the malware results items
Fix: New hook to avoid the connection block for Manage WP when 2FA is enabled
Fix: Defender mask URL breaking the default language switch on the login page
Fix: Issues activating the mask login feature when a post/page and mask login slug are the same
Fix: Having login and registration forms on the same page causes a conflict with Google reCAPTCHA
Fix: Delete action shows up even after the deletion of the default security config
Fix: Issues in deleting the default security config
Fix: Google reCAPTCHA is not deactivated if Woocommerce is enabled without forms selection
Fix: User search for recipient does not work in notifications bulk configure
Fix: An error message is shown by default in the notification modal
Fix: Grammar and spelling errors
Fix: Typo on result lines on the Audit Logging page
Fix: Add comments for all translation strings with placeholders
Fix: Typo in "Change default admin user account" security recommendation
Fix: Typo in "Update PHP to latest version" security recommendation
June 12, 2023 - version 3.11.1
Enhance: Performance improvements
May 15, 2023 - version 3.11
New: Autosync Local Blocklists with the Hub Global IP
Enhance: Compatibility with PHP 8.2
Enhance: Improve 'Hide error reporting' recommendation
Enhance: Improve 'Prevent PHP Execution' and 'Prevent Information Disclosure' recommendations on Windows server
Enhance: WP-CLI commands for Google reCAPTCHA
Enhance: Remove unused plugin core methods
Fix: Error when adding a '<' tag in Invite by email Recipients name in all notifications
Fix: Not possible to create config with Defender free version if it is not connected to the Hub
Fix: Display Undefined message when session expired on Malware Scanning page
Fix: Audit Logging > Events logs results are not consistent with different WordPress time settings
Fix: Username filters display incorrect results on Audit Logging page
Fix: Incorrect message is displayed to user when we enter a '<' tag in banned username and other textarea lockout fields
Fix: Button status (color and text) are not changed when Ban Bulk applies on the Firewall Logs page
Fix: When session expired and try to login with 2FA TOTP then email and password are empty
April 10, 2023 - version 3.10.1
Fix: Unparsed HTML in email notification templates
April 3, 2023 - version 3.10
Enhance: Improve Maxmind country selection flow
Enhance: Security improvements in plugin email templates
Enhance: Remove declare( strict_types = 1 ); directive to reduce error cases
Enhance: Replace old Grunt packages
Enhance: Improve Defender admin menu icon
Enhance: Rephrase the Fallback email description
Enhance: Create hash by reading the file in chunks to save memory
Enhance: Update SUI to the latest version
Fix: Security Key regeneration cron doesn't take the wp-config.php file's modification date into account
Fix: Google reCAPTCHA prevents creating a new member-user with WC Memberships plugin
Fix: Google reCAPTCHA error when using the Ultimate Member reCAPTCHA extension with Login enabled
Fix: Defender conflicts with Eventlist plugin at checkout step
March 14, 2023 - version 3.9.1
Enhance: Compatibility with WordPress 6.2
Enhance: Security improvements
February 20, 2023 - version 3.9
Enhance: Remove Hummingbird log from Audit Logging
Enhance: Add YARA rule to detect malware
Enhance: Improve IP columns
Enhance: Minify DateRangePicker JS and CSS files
Enhance: Display additional vulnerability data on Malware Scanning page
Fix: Defender continuously reports WP core vulnerability even after ignore
Fix: File change detection for plugins and WP core not working on Windows
Fix: Google reCAPTCHA error when using ProfilePress plugin with Lost Password enabled
Fix: Google reCAPTCHA is preventing the submission of the WooCommerce review form
Fix: Country flag broken on Defender's Dashboard page if Emojis Remove option selected in Hummingbird
February 9, 2023 - version 3.8.2
Fix: Issue with saved configurations from the Hub
January 19, 2023 - version 3.8.1
Fix: Issue with "Prevent user enumeration" recommendation and WP_Sitemaps_Provider and Stop oEmbed calls
January 16, 2023 - version 3.8
New: Display vulnerabilities in WP Core on Malware Scanning
Enhance: New filter to allow specific URLs in Mask Login
Enhance: Display theme vulnerabilities on Malware Scanning
Enhance: New cron to remove old lockout records
Enhance: Improved Firewall Log Buttons on Mobile View
Fix: Issues with Reset Password link on new user creation
Fix: Translations are not named properly on wp.org
Fix: Defender Audit Logging not catching Core updates from HUB
Fix: Issues with Country detection API
Fix: Incorrect information on Defender's config profile
Fix: Defender can't find the infected file in WPMU DEV Dashboard
Fix: Update YARA rules for different malware in plugins and themes
Fix: Defender adding IP on both Permanent and Temporary banning lists
Fix: Files being reported as modified even when identical
Fix: Regex issue when "Prevent user enumeration" is active
Fix: Minor grammar and UX Improvements
Fix: Shared component SUI select vue directive throws JS error
Fix: Update text in "Prevent Information Disclosure" recommendation
December 14, 2022 - version 3.7
New: Firewall widget displaying a list of the countries with the highest number of blocked IPs
Enhance: Block IP when UA is banned
Enhance: Display IP value in the Firewall log header
Enhance: Save TOTP secret key to DB only after code verification
Enhance: Add max number of lockout records
Enhance: Add timestamp for all lockout records
Enhance: Firewall Log improvements
Enhance: User role check
Fix: Settings saved notice not dismissed automatically
Fix: Two files from Avada builder 3.8 are reported as suspicious
Fix: Broken CVSS score details of previously ignored issue
December 5, 2022 - version 3.6
New: Global IP Allowlist/Blocklist
November 21, 2022 - version 3.5
Enhance: Two-Factor conflict between Defender and WordFence
Enhance: Notification configuration settings
Enhance: Notice for viewing two-factor user information on multisite
Enhance: Code color for PHP Execution and Information Disclosure
Enhance: Update SUI to the latest version
Fix: Banned usernames for WP version older than 5.4
Fix: Date range calendar on Audit and Firewall logs
Fix: Remove 'Name & Description' option for the Default Security config
Fix: NaN showing on Recommendations screen
Fix: Audit date filter not working for predefined data ranges
Fix: Redirect URL for the Mask Login feature throwing an error
November 1, 2022 - version 3.4
New: Disable Google reCAPTCHA for logged-in users
Enhance: Check HTML Entity for Audit Logs
Enhance: Web Authentication notice on 2FA page
Enhance: Show CVSS score in plugin vulnerability details
Enhance: Compatibility with WordPress 6.1
Enhance: IP detection
Fix: Web Authentication during plugin upgrade
Fix: Banned usernames for existing users
Fix: Outdated manual rules for Prevent Information Disclosure
Fix: User detail doesn't match the login/logout audit logs
Fix: Defender 2FA conflicts with other plugins on Users page
Fix: Displaying users when bulk updating notifications
Fix: Masked Login not updating on My sites menu
Fix: Conflict with OptimizePress
October 20, 2022 - version 3.3.3
Enhance: 2FA flow for secret keys
September 29, 2022 - version 3.3.2
Fix: Encrypt 2FA secret keys
September 21, 2022 - version 3.3.1
Enhance: 2FA security improvements
Enhance: IP detection
Enhance: Replace Google fonts with Bunny fonts for GDPR compliance
Enhance: Membership detection
Fix: Defender User Agent banning
September 5, 2022 - version 3.3
New: Google reCAPTCHA integration with BuddyPress plugin
New: Google reCAPTCHA for WooCommerce Checkout
Enhance: Add new Delete Lockouts button
Enhance: Prevent brute force attack though 2fa
Enhance: Wildcard for User Agent
Enhance: Add new checkbox for User Agent Lockout to Firewall notification
Enhance: Disable Delete button for active theme
Enhance: Vulnerability when scanned using OWASP tools
Fix: WebAuthn not working automatically on Subsites when it is enabled in Network for Multisite
Fix: WebAuthn devices unregistered from user profile if salt keys are updated
Fix: Audit log not capturing event on few themes during login or logout
Fix: Google reCAPTCHA triggers on Rest API and prevents adding new user for WooCommerce
August 4, 2022 - version 3.2
New: WooCommerce integration with 2FA
New: Disable 2FA for a specific user
New: Use URL for image in 2FA > Custom Graphic
Enhance: Unsubscribe links in email notifications
Enhance: White label email notifications
Enhance: White label 2FA backup codes file
Enhance: 2FA summary section
Enhance: Configure 2FA for Super Admin users on multisite
Enhance: Check HTML Entity for 2FA > App Title
Enhance: Description for 2FA > User Roles option
Enhance: Hide Cancel-tooltip while scanning
Enhance: Include string comments for translators
Fix: 2FA throwing a blank page
Fix: Password Reset Link for user fails when Google reCAPTCHA location is set for Lost Password
Fix: Wrong Malware scan reports when there are identical plugin slugs at wp.org
Fix: Google reCAPTCHA verification fails if the form is submitted after 2 minutes - token expiration issue
July 20, 2022 - version 3.1.2
Fix: WAF status not showing correctly
Fix: Notification scheduler error
Fix: Plugin support link error
July 5, 2022 - version 3.1.1
Fix: Notifications module error
July 4, 2022 - version 3.1
New: YubiKey Authentication
Enhance: Distinguish Pro and Free plugins with the same slug
Enhance: Mobile styling for 2FA form
Enhance: Replace the Support link with a variable
Enhance: Update the default allowlist of IP addresses
Enhance: Upgrade vendor packages
Fix: Wrong confirmation message on Firewall logs screen
Fix: Defender notification recipients aren't associated with users
Fix: Configs not applied from the Hub
Fix: Scan HUB synchronization
Fix: Notification bulk action is not working
Fix: Pwned Password updated with simple password on Profile page
Fix: Storing the MaxMind DB file path relatively instead of a full path
June 14, 2022 - version 3.0.1
Fix: Beehive Pro plugin flagged issues
June 6, 2022 - version 3
New: Biometric Authentication
New: Giveaway Opt-in for Free version
Enhance: PHP version upgrade
Enhance: Compatibility with WordPress 6.0
Enhance: WP-CLI command to show Scan details
Enhance: Update SUI to the latest version
Fix: Audit events logged not showing after applying some date range
May 11, 2022 - version 2.8.3
Enhance: PHP upgrade notice
Fix: Defender country_iso_code column missing from Lockout table
Fix: Defender sets all country iso codes as NULL
April 8, 2022 - version 2.8.2
Fix: All site visitors are blocked
April 7, 2022 - version 2.8.1
Enhance: Hide write permissions error notices for Tweaks while applying config
Enhance: Update the default Auth method on the Users page
Enhance: Singular or plural translation in email templates
Enhance: Login Protection and 404 Detection Section Update
Enhance: Show country flags for country-based lockouts
Fix: Update Firewall's 404 Detection blocklist and allowlist information notice
Fix: Firewall not working when Country is added to whitelist
Fix: Updating plugins with known vulnerabilities
Fix: No passcode when Fallback Email is not the default method
Fix: 404 Exclusions Inconsistent Logging
Fix: 2FA token issue
Fix: Undefined array key "HTTP_HOST"
Fix: Duplicate key name 'country_iso_code'
Fix: Welcome modal when white-label enabled
Fix: Jquery issue on Def's 2FA TOTP page
March 7, 2022 - version 2.8
New: Backup codes
Enhance: Text version of 2FA code
Enhance: Add Update Old Security Keys settings to config
Enhance: Automatically check for MaxMind database updates
Enhance: WP-CLI command to delete Defender logs
Enhance: Delete security tweak settings during uninstallation
Fix: IP Lockout issue
Fix: Malware Scanning PHP 8.1 error
Fix: Native domain mapping doesn't work with login masking
Fix: Firewall log export doesn't include all entries
Fix: Duplicate configs
Fix: Geo DB downloaded to WP-Admin directory
Fix: Branda conflict – Update User listed twice in logs
Fix: Notifications user search missing some users
Fix: When Defender login masking is active, SmartCrawl report URL are broken
Fix: User filter dropdown count not updating dynamically
Fix: SSO not working with login masking on multisite
February 2, 2022 - version 2.7.1
New: Create new endpoints to toggle reCAPTCHA, 2FA modules from Hub
Enhance: Update SUI to latest version
Enhance: Refactor Firewall logs
Enhance: Update admin menu icon
Enhance: Remove deprecated hooks
Enhance: Unsubscribe link doesn't work for not logged in users
Fix: Fatal error on plugin activation with PHP 8.1
Fix: Display error on Dashboard and Tools pages for huge post data
Fix: Configure reCAPTCHA without WooCommerce options
Fix: Invite By Email doesn't check if recipient already added
Fix: Email text overflows on Notification page
Fix: Defender downgrade fails
January 18, 2022 - version 2.7
New: Redesigned emails
New: Highlight new features in Welcome modal
Enhance: Malware Scheduling redesign
Enhance: Optimize MySQL queries for Firewall module
Enhance: WP-CLI command for User Agent Banning
Enhance: Improve Audit Logging with user login status
Enhance: Log rotation proof of concept
Enhance: Tab styles on Notifications > Recipients
Enhance: Geoblocking notifications
Enhance: False positive in Advanced Ads plugin code
Enhance: Defender Tutorials
Enhance: WordPress 5.9 compatibility
Enhance: Include plugin/theme name and version in Audit log
Enhance: Improve Audit Logging for Hub requested plugin/theme updates
Enhance: Prevent user enumeration requests
Enhance: Get WP version when core update is dismissed
Fix: Cloudflare IPs locked out
Fix: Multisite Defender logs not cleared after 30 days
Fix: Pwned Passwords bypassed with incorrect 2FA code
Fix: Night theme not applied to Suspicious File preview
Fix: PHP warnings after update
Fix: Invisible reCAPTCHA UI Issue
November 29, 2021 - version 2.6.5
Enhance: Add User Agent Banning to Configs
Enhance: Add User Agent ban status to Log filters
Enhance: Prevent PHP Execution exceptions
Enhance: Modify API logic to work with The Hub
Enhance: Proper validation message for Firewall IP list
Enhance: Remove outdated scheduled actions
Enhance: New WP-CLI commands for scheduled actions
Enhance: PHP 8.1 compatibility
Enhance: Hide vulnerability warnings after plugin update
Enhance: Log improvements
Enhance: False positive improvements
Fix: Blank dialogue modal shown after login
Fix: Staff user role blocked when accessing via WPMU DEV Dashboard
Fix: Malware Scanning progress 'undefined' when session expires
Fix: Login without completing reCAPTCHA conditions
Fix: Unable to upload CSV file on MU site
Fix: Error during malware scanning
Fix: Typo in Security Recommendations
November 15, 2021 - version 2.6.4
Fix: Allow admin-post.php on Mask Login Area
November 3, 2021 - version 2.6.3
Enhance: White labeling support
November 1, 2021 - version 2.6.2
New: Plugin vulnerability warnings
New: Import & export User Agent list
New: Highlight new features in Welcome modal
Enhance: Update SUI to latest version
Enhance: Update Upsell buttons
Enhance: Dashboard widget changes
Enhance: Update IP Banning Import-Export icon and note
Enhance: Replace Login Protection 'Deactivate' icon
Fix: Some malicious files not flagged
Fix: Malicious plugin not detected
Fix: Defender continually creating scheduled actions
Fix: Audit Logging creating duplicate post entries
Fix: Audit Logging creating user record on multisite
Fix: Mask URL not working correctly on WordPress installed in subdirectory
Fix: reCAPTCHA error thrown on theme login modal
October 18, 2021 - version 2.6.1
New: Google reCAPTCHA integration with WooCommerce plugin
New: "What's New" modal hidden on fresh installs
Enhance: Upgrade required minimum PHP version
Enhance: Unlock active lockouts using WP CLI
Enhance: Show more detailed log with Audit Logging
Enhance: Audit Logging on subsites
Enhance: Rename Feature Policy header to Permission Policy header
Enhance: "Send notifications when Defender couldn't scan the files" not working
Enhance: Set a time limit to cancel malware scanning
Enhance: Mobile view improvements
Enhance: Add log entry when signing in with 2FA
Enhance: Change "Basic config" to "Basic Config"
Enhance: Save a post as Draft and see 3 entries created in Audit log on multisite
Enhance: Add "Activate" button instead of "Continue" when activating the Notification
Enhance: Hide malware scan filter when there is no issue
Enhance: Remove Academy link
Fix: Audit log duplicates when updating menu items
Fix: Max countdown showing 24 hours instead of 72 hours
Fix: Conflict with WooCommerce Payments
Fix: Typo in User Agent Banning Allowlist UI
Fix: Issue with 2FA flow
Fix: Getting PHP Notice / warming on malware scanning
Fix: Google reCAPTCHA for comments doesn't work with HB Lazy Load
Fix: Redirect to optimal URL on 2FA OTP success in custom login page
Fix: Incorrect Google reCAPTCHA error Code for multisite user registration
Fix: PHP version shows null inside the recommendation
Fix: Aren't able to explore Recommendations on our hosting
September 20, 2021 - version 2.6
New: User Agent banning
New: "What's New" modal hidden on fresh installs
Enhance: Update Firewall filters and widgets to include User Agent lockouts
Enhance: Add Countdown timer on the lockout screen
Enhance Update IP Banning Blocklist/Allowlist UI
Enhance: Update misaligned pagination on Firewall Logs page
Fix: GEOIP.PHP issue in Defender Pro
Fix: Update Malware Scanning loopback request params to same as WP core
Fix: Can't login using WooCommerce's login/registration forms when Defender reCAPTCHA is enabled
Fix: PHP version recommendation
Fix: Integrate Defender password features with activated 2FA feature
Fix: Issue with activated Mask Login Area and 2FA features
Fix: Malware Scanning reports not sent on MU sites
August 25, 2021 - version 2.5.7
Fix: Firewall Locations ban issue
August 23, 2021 - version 2.5.6
New: reCAPTCHA for comments
Enhance: 404 lockout – CSS, JS and MAP files excluded
Enhance: Hide "Powered by Defender" line when Whitelabel is enabled
Enhance: Hide "What's New Modal" when Whitelabel is enabled
Enhance: Integrated Force Password Reset feature with Forminator
Enhance: Option to automatically regenerate security keys
Enhance: Recipient user list can be sorted and filtered by user role
Fix: Login Protection and 404 Detection deactivated by itself
Fix: Google reCAPTCHA v3 Locations issue
Fix: Problem while navigating malware issues in Defender Pro
Fix: Defender Pro sends the same reports twice
Fix: Security Header Referrer description
Fix: Updating from 2.3.2 to 2.4.4 resets security key recommendation to 60 days
Fix: Updating from 2.3.2 to 2.4.4 removes previous malware scanning data
Fix: Notification recipients – 'load more' interaction not visible when adding users
July 26, 2021 - version 2.5.5
New: Pwned Passwords settings added to Configs
New: "What's New" modal hidden on fresh installs
Enhance: "Clear Temporary IP Block List" option added to Configs
Enhance: Asset Optimization to increase loading speed in the backend
Enhance: Malware scanning rules improvements
Enhance: File scan not detecting code inside wp-config.php
Enhance: Updated white label method from the WPMU DEV Dashboard
Enhance: Updated footer text on Preset Configs page
Fix: Forced Password Reset not applied if user of one subsite tries to login to another subsite
Fix: Displayed number of actioned recommendations in incorrect
Fix: Free Defender version sending Pro version notifications
Fix: Callbacks to avoid slow log
Fix: Browser console error when changing default admin username
Fix: Fix list of auxiliary WP-CLI commands
Fix: Language translation not updating on multisite
Fix: 2FA can be forced for user roles when inactive for that role
Fix: Password reset doesn't work for Flywheel sites if Defender Pro is active
Fix: Pwned Passwords security flaw
Fix: Plugin updates via WPMU DEV Dashboard missing from Event Logs
Fix: File scan reporting empty non-WP directories
Fix: File scan missing files that start with a dot
Fix: Defender sending mail reports to [email protected] instead of [email protected]
Fix: 2FA > Active Users > View users link should open in new tab
Fix: Issues viewing Dashboard and Notifications pages on Mobile
Fix: Console error on Mask Login page
Fix: Change reCaptcha to reCAPTCHA
June 28, 2021 - version 2.5.4
New: Google reCAPTCHA for WordPress login/register/password reset pages
New: Highlight new features in welcome modal
Enhance: Compatibility with WordPress 5.8
Enhance: Update WP-CLI scan options
Enhance: Tools dashboard widget
Fix: Locations feature not working on Flywheel hosting
Fix: Warnings with PHP version 7.4
Fix: Password reset page showing if users from any subsite try to save pwned password
Fix: Guest User under Malware Scanning Notification
Fix: Various issues with notifications in Defender
Fix: Can't update email when mask login enabled
Fix: Minor typo in Dashboard modal
Fix: Issue Details section not showing code
Fix: Hide notice on Configs page
June 7, 2021 - version 2.5.3
Fix: Check password's hash before forwarding to Pwned Password API
June 1, 2021 - version 2.5.2
New: Force password reset for all registered users
New: Highlight new features in welcome modal
New: WP CLI support for Force Bulk Password reset
Enhance: Integration with Smush - exclude Smush-optimized images from Malware Scanning reports
Enhance: Add Pwned Passwords and Password Reset widgets to Defender Dashboard page
Enhance: Change Doc link from advanced-tools to tools
Enhance: Fix success notification inconsistencies
Enhance: Add License at the footer of Pwned Passwords
Enhance: Change 'Please try again!' error message for known vulnerabilities
Fix: Clean Lockouts option
Fix: Blank vulnerability report with some plugins
Fix: Masked login are bypassed with double slash
Fix: Search details are not showing on IP Banning modal page
Fix: Defender translations
Fix: Unable to schedule Posts
Fix: Issues with Mask Login Area and user creation
Fix: Typo in Prevent Information Disclosure and Prevent PHP Execution
Fix: 2FA active state notification should change only after saving settings
May 19, 2021 - version 2.5.1
Fix: Fatal error after an update from older versions
May 6, 2021 - version 2.5
New: Check passwords against Pwned database
New: Highlight new features in welcome modal
Enhance: Automatically remove old logs after 30 days
Enhance: Malware scanning security enhancements
Enhance: Detect suspicious code with 'WPTemplatesOptions'
Enhance: Detect suspicious code in themes
Enhance: Some suspicious code threats missed by Defender
Enhance: Better descriptions for Malware scanning reports
Enhance: Set 'Scan plugin files' option unchecked by default
Enhance: Remove 'Scan theme files' option from File change detection
Enhance: Remove 'Allow From' option from X-Frame-Options header
Enhance: Platform compatibility with Defender
Enhance: Rename Advanced Tools to Tools
Enhance: Documentation links tracking
Fix: Malware scanning stuck on analyzing theme
Fix: Translation files not applied
Fix: Reset not removing all data
Fix: Send data in persistent date format to Hub
Fix: Resetting or Uninstalling does not completely remove Defender settings
Fix: Check all files from scan Issues and Ignored tabs for bulk actions
Fix: Scrolling Up issue in Active lockouts
Fix: Update SUI to the latest version
Fix: Revert button in Prevent User Enumeration recommendation
April 5, 2021 - version 2.4.10
New: Add WP CLI commands to reset mask login settings
Enhance: Update links to wpmudev.com
Enhance: Prevent PHP Execution/Prevent Information Disclosure (show manual instructions on Apache tab)
Enhance: Bulk Unblock/Undo actions on Active Lockouts
Enhance: Adjust Malware scanning logic to reduce false-positive reports
Enhance: Malware Scanning - Disable delete button for a report, when a third-party plugin is active
Enhance: Change count-logic for total value of issues shown on a main widget and Defender's menu
Enhance: Improve the behavior of the Active tag on configs feature
Enhance: Custom notification email for 'When Failed to scan' is not imported to Config
Enhance: Compatibility with WordPress 5.7
Enhance: Update minimum supported WordPress version
Enhance: New Manage Notifications button on notification widget
Enhance: In Notifications and Dashboard pages, replace "-" with text under Schedule
Fix: No error when restore core file fails
Fix: Cron issues for Audit and Firewall modules
Fix: Defender sending 404 Detection notifications when that type is turned off
Fix: Remove old deprecated code of recommendations in DB
Fix: Duplicate IP addresses on Active Lockouts
Fix: Display different frequency for different timezones
Fix: 404 Detection timeframe is not imported to Config
Fix: Showing banner without content on profile page
Fix: Active Lockouts pagination seems broken
Fix: Link Defender Settings redirects to Defender Dashboard page on WP plugin page
March 17, 2021 - version 2.4.9
Fix: Stability fixes
March 12, 2021 - version 2.4.8
Fix: Unescaped DB parameters
March 1, 2021 - version 2.4.7
New: Sync Config from Defender with The Hub
Enhance: Making "Enable Tag" clickable in the notification widget
Enhance: Allow capital letters in Masked Login
Enhance: New WP CLI commands for file scanning, reset settings, and clear firewall data
Enhance: Reducing false-positive reports in malware scanning
Enhance: Check plugins and themes against the WP.org repository
Enhance: Adding pagination in Malware Scanning grid
Enhance: Update text for Suspicious Code scan type options
Enhance: Bulk configure - Add to reports/Remove from reports options
Enhance: Improve table performance
Enhance: Remove hero image when Branding is set to custom for activated Whitelabel
Fix: Storage logs not deleted
Fix: Update code preview in Malware Scanning
Fix: MaxMind DB Reader API version update
Fix: Keep empty IP for internal or private IPs
Fix: Failed login attempt with an empty banned username
Fix: Audit Log Export
Fix: Loopback request could not be completed
Fix: Subsites login area is blocked for network users
Fix: Mask login can be bypassed with wp-signup.php for single sites
Fix: Ability to use dash symbol at the start/end of New Login URL slug
February 12, 2021 - version 2.4.6.1
Fix: Security vulnerability for Two Factor Authentication
January 27, 2021 - version 2.4.6
Security: Malware scan doesn't detect Backdoor:PHP/WP-VCD
Security: Malware scanning issues with Avada theme
Enhance: PHP 8 compatibility
Enhance: Mobile UI improvement for IP lockout logs
Enhance: Remove menu icon with issue indicator when there are no Scan and Tweak issues
Enhance: Suspicious Code scan type is deactivated by default
Fix: Defender security headers not applied when Hummingbird caching is active
Fix: Revert button not working for certain recommendations
Fix: Remember Light mode/Dark mode selection for Malware Scanning code preview
Fix: Resend Invite option is not showing for added users (Add users/Invite by Email)
Fix: Read More link showing in blue color when High Contrast Mode is ON
Fix: Fix footer link URL
Fix: 127.0.0.1 showing multiples times on the firewall logs page
Fix: Unsubscribe icon is not showing correctly on the notifications page
Fix: Console errors on various pages when WooCommerce is activated
Fix: Display error for enabled Mask Login and Site Health request
Fix: Mask Login Area restricted slugs
Fix: Showing all files in WP core as modified
Fix: Defender locking out users and detecting wrong user IP
Fix: 2FA can't be forced with WooCommerce
Fix: Disable File Editor tweak reset
Fix: Issues on Flywheel hosting stability improvements
Fix: Admin email duplicates in Bulk notification modal
Fix: Multiple notifications still being sent after update to 2.4.4
Fix: Error when requesting API on the Audit logs page
Fix: Audit log does not log all plugins when activated/deactivated in batches
December 21, 2020 - version 2.4.5
New: Add pagination option for IP lockout logs
Enhance: Display Blocklist Monitor in the config structure
Fix: Malware Scanning marks own files as suspicious
Fix: The IP 127.0.0.1 shows as blocked
Fix: Display Notifications in the Hub
Fix: File Scan display issue in MS Edge
Fix: Hero Image overlaps in Preset Configs
Fix: Redirect Url UI needs improvement on Choose redirect page
Fix: Display MaxMind link
December 7, 2020 - version 2.4.4
Enhance: Change text to 'Security Issue(s)' in the dashboard widget
Enhance: Compatibility with WordPress 5.6
Fix: Hub synchronization with Defender
Fix: Suspicious code found in WPMU DEV plugins
Fix: PHP warnings and notices for Firewall and Scan modules
Fix: wp_login_form() not working with Masked Login
Fix: Chinese URL shows two-digit hexadecimal numbers
Fix: IP's text goes outside the box in Firewall Logs after bulk action
Fix: Deactivate button not working first time if there is nothing in Choose redirect page URL in Mask Login Area
Fix: Update text in Security Recommendations Report
Fix: Typo in Security Recommendations 'Prevent user enumeration', 'Update old security keys', 'Manage Login Duration'
Fix: While Activating/Deactivating Firewall module, it shows the same message notification
Fix: Enabling of Prevent Information Disclosure for Apache server
November 27, 2020 - version 2.4.3
Fix: Masked Login Area not working in some cases
Fix: Hub redirect to 404 page when Masked Login Area enabled
November 25, 2020 - version 2.4.2
Fix: Fatal version on WordPress 5.2 and earlier
November 24, 2020 - version 2.4
New: Notifications section - centralized manager for all notifications and reports
New: Onboarding which will replace the old quick setup and enable everything that is recommended
New: New: Bulk behavior for Security Recommendations - resolve/ignore almost everything with a single click
New: Improving Security Recommendations UI/UX
New: 2FA with Authy and Microsoft Authenticator
New: Highlight new features in welcome modal
Enhance: Better UI/UX and performance for Malware Scanning
Fix: The Audit Logging widget on the dashboard doesn’t show the correct report status
Fix: The custom message in Login Lockout doesn’t apply when an IP is banned by using a banned username
Fix: Conflict with WP Fastest Cache makes revert buttons show incorrectly
Fix: Warning with PHP 7.2.x
Fix: The username search in Audit Logging doesn’t work
September 14, 2020 - version 2.3.2
New: Add a separate Tutorials sub-menu and X-icon to remove it from the Dashboard
Improvement: Change mention of blacklist and whitelist to blocklist and allowlist on Defender pages
Improvement: Change Documentation links for Firewall and Malware Scanning
Improvement: Config Improvements
Fix: Display custom login forms if the Defender Masking URL is enabled
Fix: Receive email from Defender security tweaks daily
Fix: Activate 'Mask Login Area' through the Defender dashboard
Fix: Correct display of the Audit log for a new registered user with other than Subscriber role in MU
Fix: Masked login alters ajaxurl in MU in sites table page
Fix: Remove 'ambient-light-sensor', 'picture-in-picture', 'speaker' and 'vr' directives from Feature-Policy header
Other minor enhancements and fixes
August 10, 2020 - version 2.3.1
New: Feature to save presets configurations of the Defender's settings, and make them available to download and apply to your other sites.
New: Add tutorials section in the Defender dashboard.
Improvement: Allow to bulk delete suspicious files
Improvement: Improve the logic of how "Include sub-domains" option should be shown on the Strict Transport Security header
Fix: Prevent wp-signup.php to access when Mask Login is enabled.
Fix: 2FA login does not redirect correctly after login via the my-account page of Woocommerce
Remove: Change default database prefix, as this can be bypass.
Other minor enhancements and fixes
May 18, 2020 - version 2.3
Improvement: Change the description for X-Content-Type-Options security header
Fix: The WAF widget and WAF page will be hidden when white label activated
Fix: Include Subdomain option for Strict Transport security header
Fix: Cron for Audit logs
Other minor enhancements and fixes
May 4, 2020 - version 2.2.9
New: WPMU DEV’s Hosted Web Application Firewall (WAF) is a first layer of protection to block hackers and bot attacks before they ever reach your site. Websites hosted with WPMU DEV can now use this advanced WAF by enabling it via your site’s Security or Hosting tab in The Hub.
Improvement: Moved the security headers out of Security Tweaks and into their own section inside Advanced Tools.
Improvement: Relocated Two-Factor Authentication to it’s own menu item and area.
Improvement: Renamed a couple of modules to more accurately reflect what they do.
Fix - Minor bugs and improvements
April 28, 2020 - version 2.2.8
Improvement: Add plugin configuration import/export option for Hub
Improvement: HSTS Maximum age of Strict Transport Security header added 30 days, 2 years
Improvement: Update copy for MaxMind license key
Fix: Separate email subjects of templates for scan notifications
Fix: Warning open_basedir restriction in effect
Fix: 2FA required even if the role is unchecked
Fix: Preview for Lockout Custom Message doesn't work
Fix: Sending lockout emails even though they are disabled
Other minor enhancements and fixes
March 9, 2020 - version 2.2.7
Fix: Audit Logging sometime triggers a fatal error on some setups.
February 17, 2020 - version 2.2.6
Improvement: Frequency of Security Tweak notifications reduced to 7 days
Fix: GeoIP now compatible with new MaxMind policy
Fix: Mask login URL now allow URL with an extension
Fix: Lockout notification email now displays correct time unit
Fix: Get started screen appears only where required
Fix: Manage your email preferences & unsubscribe email link now works
Fix: Strict Transport Security Header now shows subdomain option on the root domain
Fix: On login lockout, Defender doesn't block IP permanently
Fix: Mask login won't block admin links from email
Other minor enhancements and fixes
January 27, 2020 - version 2.2.5
Fix: Displaying Defender pages after activating the plugin.
January 16, 2020 - version 2.2.4
Fix: Security tweaks self ping cause performance issues.
November 28, 2019 - version 2.2.3
Improvement: Increased the frequency of Security Tweak notifications from daily to weekly.
Fix: Two-Factor activate/deactivate not working as expected.
Fix: Defender IP Lockouts was blocking Hub services.
Fix: Error when bulk deletes lockout logs, without selecting any.
Fix: Active Translation in General Settings was not using the language that had been set.
Fix: The first time you setup the Blacklist location, it doesn't save.
Fix: Security Keys tweaks showing decimals in status.
Fix: Enforcing Security Header tweaks revert when you refresh the page.
Fix: Lockout duration in email notification now reflects the right setting instead of always in seconds.
Fix: Missing logs from the Audit logging screen.
Remove: WordPress REST API security tweak. This feature was causing many sites to break basic functionality so we've decided to remove it.
Other minor enhancements and fixes
October 14, 2019 - version 2.2.2
Feature: New security tweaks: Security headers.
Feature: New security tweak: Block WordPress Rest API.
Feature: New security tweak: Prevent user enumeration.
Feature: Ability to talk with HUB for syncing Defender settings.
Improvement: Add ability to ban by filename/extension.
Improvement: Allow user to change the retention period of Audit Logs in Defender.
Improvement: Add the ability for an admin to unblock a temporarily blocked IP.
Improvement: Add 'Your current time' to Reporting tabs.
Fix: Email link still goes to wp-admin instead of masked one, if use Defender Mask Login.
Fix: Css z-index issue with Quick setup modal.
Fix: Use hostname instead of wp-defender in authenticator app.
?Fix: Minor grammar and UX improvements.
Fix: Upgrading from the older version disables the settings in the mask-login.
July 2, 2019 - version 2.1.4
Fix: Mask Login cause issue when visiting /wp-admin/network/sites.php
June 18, 2019 - version 2.1.3
Feature: Security tweaks will send reminder when no tweaks were actioned after activation
Improvement: Scanning will be more catchy, especially with code using eval function, however that can lead to more false positive, please consider to check with our support before delete the file.
Fix: Bring back the tooltips system
Fix: Audit filter links doesn't reflect the right results if open in new tab
Fix: Filtering issue type in scanning now show correct results.
Fix: Scanning notification keep sending when the setting turn to "off"
Fix: User IP in IP Lockout->Blacklist now show the correct IP.
Fix: Bring back the subject customization field in Scanning email config.
Fix: Manage Login Duration wont make user to login twice anymore.
Fix: Audit filtering by user now working properly
Fix: We change the Audit logging items' color from red to more neutral.
Fix: Ad Widget won't be show in vulnerability list by accident anymore
Fix: Bottom bulk selector in Scanning page now work properly
Fix: Deprecate warning from the function strpos() in php 7.3
Fix: Sync issues with HUB will be more consistent.
Fix: Mask login doesn't work properly if WordPress get installed in a sub-folder
Fix: Conflict with Avada theme which making scanning stuck
Fix: Gracefully handle error when php dom extension does not install
Fix: Prevent factory reset revert database prefix into wp_ even though it was not set by Defender.
Fix: Prevent slashes added in email template
?Fix: Minor grammar and UX improvements.
April 10, 2019 - version 2.1.2
Feature: Defender Pro now supports the WPMU DEV Dashboard’s white label feature.
Feature: You can now perform a factory reset of Defender’s settings via the Settings screen, as well as control what happens to data when the plugin is uninstalled.
Improvement: Defender File Scanning no longer identifies robots.txt as a potentially harmful file.
Improvement: We’ve turned off autocomplete on the two-factor authentication field so that previous codes don’t show up.
Fix: Fixed a conflict with Defender where the 404 lockout feature would lock out users who tried to access old Hummingbird cache files.
Fix: You can now view date ranges greater than 7 days for IP Lockout logs
?Fix: Minor grammar and UX improvements.
March 20, 2019 - version 2.1.1.1
Fix: Two-Factor Authentication QR code not being displayed on new device registration.
February 18, 2019 - version 2.1.1
Fix: Prevent Information Disclosure corrupts htaccess code
February 18, 2019 - version 2.1
New: Geo-based IP blocking. Completely block incoming traffic from specific countries to gain full control over who can and can’t access your site.
New: Upgraded design components and improved user experience across the board.
Fix: Corrupt .htaccess rules generated by Defender weren’t able to be re-applied when adding them a second time.
Fix: Users can no longer get past login masking when using double slashes.
Fix: Javascript errors prevented adding recipients to notifications and editing templates.
Fix: Blacklist monitoring could not be enabled on some sites.
Fix: Parse error on installations running PHP 5.3.
Improvement: Removed activation redirection and tooltips on first activation.
Other minor enhancements and fixes
October 18, 2018 - version 2.0.1
Fix: permanent ban on 404 lockouts now sends correct email.
Fix: IP lockout logs not showing correct results/order on different pages.
Fix: IP lockout logs showing wrong badge for 404 lockouts.
Fix: 2FA not working properly when using Sensei plugin.
Other minor enhancements and fixes.
September 4, 2018 - version 2
New: added tweak “Disable XML-RPC”
Improvement: Two factor authentication can now be force enabled by role.
Improvement: Masking URL description.
Fix: Compatibility with Appointments+ login when Mask Login is enabled.
Fix: /login/ will be blocked instead of redirecting to right login URL
Fix: new site registration email login URL will now show right Login URL instead of the original one when Mask URL is enabled.
Fix: Accessibility issue when activating 2FA.
Changes: Show Admin Pointer on initial Defender activation, and removing the redirect behavior.
Other minor enhancements and fixes
July 9, 2018 - version 1.9.1
Fix: Mask Login Area description text is misleading
Fix: wp-admin link of sub-sites in networks link to wrong admin URL
Fix: Prevent Information Disclosure & Prevent PHP Execution show false error message when first applied
Fix: Dashboard reporting section mis-alignment
Other minor enhancements and fixes
May 24, 2018 - version 1.9
New: Ability to edit default two-factor authentication email notifications
New: Added Privacy Policy in privacy guideline page
Improvements for lockout logs interface
Improvement: Smarter report default time.
Fix: Defender auto redirect issue when bulk activating plugins
Fix: saving 404 redirect URL issue
Fix: Some layouts are shifted on mobile devices
Other minor enhancements and fixes
April 10, 2018 - version 1.8
New: Hide the default WordPress login URLs with the new Mask Login Area feature, giving you enhanced protection from hackers and bots.
New: Ability to force two-factor authentication for all users.
Fix: Fixed a bug where file scanning would detect wp-config.php as suspicious.
Fix: Fixed an issue where the lockout pages could be cached by external cache engines.
March 19, 2018 - version 1.7.6
Fix: Defender now can recognize and verify Bing Bot for whitelisting
Fix: Lockout page now will use site title instead of the text 'WP Defender'
Other minor enhancements and fixes
February 7, 2018 - version 1.7.5
Fix: Report status missing in Hub Security tab
Fix: Some themes/plugins shown as a vulnerability but no info available
Other minor enhancements and fixes
January 16, 2018 - version 1.7.4.2
Fix: Remove debug data
Fix: Issue with Hub
December 4, 2017 - version 1.7.4.1
Added: Endpoint API so HUB can work with Defender natively through WPMU DEV Dashboard plugin
November 21, 2017 - version 1.7.4
Fix: Conflict with Jetpack where Defender 2FA module would not detect if Jetpack 2FA was disabled.
Fix: Visitor would get a 404 lockout if landing on a page with many dead links.
Improvement: When an user is deleted, audit logging now display the user's login instead of only UID.
Other minor enhancements/fixes
October 14, 2017 - version 1.7.3
Fix: Two-factor authentication can be bypassed by user with no role.
Improvement: Enhanced two-factor authentication protection across multisites.
October 9, 2017 - version 1.7.2
Improvement: Improvement: IPv6 support for both whitelisting and blacklisting, requires IPv6 support on the server.
Improvement: Better UI/UX for Two-factor authentication.
Fix: Security tweak "Prevent PHP Execution" and "Protect Information" now support Apache 2.4 htaccess rules.
Other minor enhancements/fixes
September 27, 2017 - version 1.7.1
Improvement: Audit logging logs will be stored up to 1 year, query range can be set up to 3 months
Improvement: Option to set a cooldown period for lockout notifications.
Added: widget for 2 factors authentication
Fix: Defender does not detect the right IP when CloudFlare is being used
Fix: Conflict with TM Photo Gallery Plugin
Other minor enhancements/fixes
August 15, 2017 - version 1.7
New: Now you can enable 2 factors authentication with Defender and Google Authenticator app, support for iOS and Android
New: We can define how long the "Remember me" can take affect, via a new Security Tweak, called "Manage Login Duration"
Improvement: IP Lockout logs now have separate tables, better for performance.
Fix: Ignore a file in Scanning section sometimes coming back after couple of scans.
Other minor enhancements/fixes
July 6, 2017 - version 1.6.2
New: CSV export for Audit Logging.
Improvement: Email reports now have unsubscribe link, and link to Reports where email reports can be turned off.
Fix: Typo in Audit email.
Other minor enhancements/fixes
June 21, 2017 - version 1.6.1
Improvement: Improved IP Lockout performance.
Fix: Audit logging detects wrong WordPress version when upgrade
Fix: "Update old security keys" doesn't move to resolved list after processed
Fix: When emptying IP Lockout logs cause timeout error.
Fix: Typos in some places
Other minor enhancements/fixes
June 5, 2017 - version 1.6
Improvement: Allow users to select and apply rules to other server type in Prevent PHP Execution and Prevent Information Disclosure.
Fix: Sometimes HUB status doesn't sync with WordPress site.
Other minor enhancements/fixes
May 17, 2017 - version 1.5
New: You can now add exceptions for specific PHP files in the PHP Execution Security Tweak.
Improvement: Filtering all log types now uses URLs instead of ajax only, meaning you can link to a filtered log easily.
Improvement: Various user experience updates across the plugin interface to make using Defender even easier.
Fix: Lockout Logs now display from newest to oldest.
Fix: Lockout Logs pagination now works correctly.
Fix: Inconsistencies in the IP Lockouts stats across the plugin.
Fix: Sending Audit Logging reports to multiple recipients would address all recipients as the first user's name.
Fix: Grammar and typos in some modals and error messages.
Fix: If Defender finds a vulnerability in WordPress's core, the text would indicate running an update would fix the issue though no update was actually available yet.
May 3, 2017 - version 1.4.2
Improvement: The plugin interface will now stretch to utilize extra screen space on larger screens.
Fix: Audit Logging was getting its days mixed up in the summary area. You’ll now see the correct day of the week.
Fix: We squashed a bug that was causing files scans to sometimes report false positive files after WordPress core upgrades.
Fix: A conflict with Jetpack was causing scans to stall, which we have now fixed up.
Fix: In some cases File Scanning reports wouldn't actually stop sending if you disabled them. It now obeys commands.
Fix: Google's bot was being blocked by IP Lockouts but now it's free to crawl and index as it pleases.
Fix: We removed redundant “cancel” buttons on settings pages. You probably won’t even notice!
Fix: We’ve added live stats so now there’s no need to wait around in anticipation while running files scan actions.
Fix: Stats weren’t displaying the right numbers after actioning security tweaks, but it’s all good now.
Fix: Pagination on the Audit Logging logs page now works like you would expect it to.
Fix: Files detected in File Scanning now have metrics with their file sizes.
Fix: We’ve fixed styling issues with toggles.
Fix: We removed the” Resolve bulk update” option from File Scanning. It wasn’t really a valid action.
Fix: Incomplete icons in the Dashboard reports area have been updated.
Fix: We’ve removed redirection from the dashboard to the File Scanning page are after preforming a file scan so now you shouldn’t feel lost.
Fix: Lots of other small stuff, like minor cosmetic and grammar fixes.
April 21, 2017 - version 1.4.1
Fix: Compatibility issue with Getting Started Wizard
Fix: Scanning was sometimes slow or getting stuck
April 18, 2017 - version 1.4
New: Meet the brand new Defender! This release focuses on making security for WordPress a better place. We’ve given the UI a refresh and updated the UX, so configuring your security settings is a walk in the park.
Fix: A ton of bug fixes & improvements. Yep, vague description! But why bore you with the small stuff when you could be spending time bolstering your site’s security?
March 13, 2017 - version 1.3
Added: Endpoint API so HUB can work with Defender natively through WPMU DEV Dashboard plugin
Other minor enhancements/fixes
February 27, 2017 - version 1.2
Added: New Hardening Rule (PHP version)
Improvement: Audit Logging now allows date range selection.
Improvement: IP Lockouts now allow IP ranges in whitelist/blacklist.
Improvement: IP Lockouts now can import/export whitelist/backlist.
Fixed: IP Lockouts email notification text on permanent IP ban.
February 21, 2017 - version 1.1.6.1
Fixed: Cache issue causing multiple requests to API endpoint when scanning suspicious files.
February 14, 2017 - version 1.1.6
Fixed: Collapse Menu button shows bigger font and in all caps
Fixed: Missing strings in translation (.pot) file
Fixed: Audit logging reports not using correct timezone.
Fixed: DB prefix replacing all instances of “wp” if it's used multiple times (ie wp_mytable_wp_subtext)
Fixed: Auto ban users who log in with the “admin" username not working.
Some other minor enhancements/fixes
January 11, 2017 - version 1.1.5
Added: IP Lockouts. Defender can now protect your login area from brute force attacks, monitor 404 errors and automatically lockout any unwanted behavior. It can also permanently ban specific IP addresses and receive email notifications when lockouts occur.
Fixed: Minor bug fixes and improvements.
October 31, 2016 - version 1.1.4.1
Fixed: Fatal error when PHP extension sockets is not enabled
October 31, 2016 - version 1.1.4
Improvement: Audit logging now detects file changes in WordPress core.
Fixed: Updating via WordPress core now syncs better with the Hub.
Fixed: Some compatibility fixes for PHP 5.2.
September 20, 2016 - version 1.1.3
Improvement: Audit Logging now ajax based.
Fixed: minor bug fixes & some UI/UX improvements
August 24, 2016 - version 1.1.2
Improvement: Switched the User dropdown in Audit Logging to load results via AJAX to increase initial load performance.
Improvement: Scan results now pre-load information so that you can action fixes faster.
Fixed: Removed cronjob events from being tracked in Audit Logging.
Fixed: The Audit Logging filter box now stays visible if no results are returned.
Fixed: Other small bug fixes and improvements.
August 8, 2016 - version 1.1.1
Added: A warning indicator in WP Admin sidebar to let you know how many security issues are outstanding.
Added: The ability to choose to only receive email reports when there are issues with your website.
Fixed: Minor bug fixes & improvements
July 25, 2016 - version 1.1
New feature: Audit logging
New plugin icon
Vulnerability plugins/theme scan result can be ignored
Some other minor enhancements/fixes
May 21, 2016 - version 1.0.8
Improve Core Integrity Scan.
Improve caching method
May 17, 2016 - version 1.0.7
Improved: Scan schedule.
Fix: issue with W3 Total Cache Object Cache
May 13, 2016 - version 1.0.6
Fix: Defender data doesn't sync with HUB correctly
Fix: Email report doesn't send properly
Some other minor enhancements/fixes
April 28, 2016 - version 1.0.5
Added: Option to choose reminder period for Hardener rule "Update old security keys"
Improved: Compatibility with Windows server
Improved: Optimized resource usage when scanning
Fix: issue with memcached
Other minor enhancements/fixes
April 6, 2016 - version 1.0.4
Improve scan engine, reduce false positives
Improve uninstallation method
Add the ability to ignore hardener rules.
Improve the performance impact on the site.
Fix scans sticking at 100% in some cases
Fix compatibility issues with IIS
Some other minor enhancements/fixes
March 22, 2016 - version 1.0.3
Optimize scanning
Preventing performance issue with some hosts
Fix false blacklist detection in local environment
Some other minor enhancements/fixes
March 15, 2016 - version 1.0.2
Applied ajax inline updates for plugins/themes
One click Prevent PHP execution
One click Prevent Information Disclosure
Add detail page for core integrity issue, and automate resolution
Fix scan stability with limited memory
Some other minor enhancements/fixes
March 4, 2016 - version 1.0.1
Scanning can auto detect if user is active on scanning page to work based on ajax, or leave to enable background scan
Improve condition checking for Prevent Information Disclosure module
Improve condition checking for Prevent PHP execution module
March 1, 2016 - version 1
Initial release!