Bug Fix: Fixed bug that prevented Away Mode from activating on some sites.
iThemes Security Pro 3.6.2
iThemes Security Pro takes the guesswork out of WordPress security.
- Last Update:Feb 10, 2017
- 4.66667/5, 3 ratings
Bug Fix: Removed warning that could occur when upgrading from pre-3.6.0 versions of iThemes Security Pro.
Bug Fix: Fixed scenario that could cause users to have to provide two-factor authentication during login when the Two-Factor Authentication feature is disabled.
Bug Fix: Fixed link sent to users when using User Security Check to send an email reminder to a user prompting them to configure two-factor.
Bug Fix: Fixed bug that could prevent generation of new two-factor codes on the...
New Feature: Ability to require Two Factor for users with specific roles.
New Feature: Ability to require Two Factor for vulnerable users.
New Feature: Ability to require Two Factor when the site is vulnerable.
Enhancement: Added logging details about which two-factor provider was used when a two-factor authentication failed.
Enhancement: Improved efficiency of the Two Factor feature.
Enhancement: Added check for the ITSEC_DISABLE_INACTIVE_USER_CHECK define which allows...
-Bug Fix: Fixed issue that could notify that WordPress 4.7.1 (the current version) is an outdated version of WordPress.
-Removed Feature: Removed additional authentication method for REST API requests.
Bug Fix: Removed "comodo" from the list of user agents blocked by the HackRepair.com blacklist. This ensures that Comodo's AutoSSL feature of cPanel/WHM is able to function.
Updated Feature: Updated the "REST API" feature in the WordPress Tweaks section. The feature now has proper support for protecting privacy on your site without preventing the REST API from functioning.
Enhancement: Updated Security Check to enforce setting the "REST API" setting to "Restricted Access".
Enhancement: Updated the lockouts notification email to a new design. This new design also cleaned up the translation strings to allow better translations.
New Feature: Added a "Protect Against Tabnapping" feature in the WordPress Tweaks section. Details of what this feature protects against can be found here: Target="_blank" - the most underestimated vulnerability ever
-Bug Fix: Remote IP is now correctly identified if the server is behind a reverse proxy that sends requests with more than one IP listed in a single header.
-Bug Fix: Fixed the link for a user in the logs page so that it properly works on sites that are inside a subdirectory.
-Bug Fix: Improved how Strong Password Enforcement works on password resets to improve compatibility with various plugins.
-Bug Fix: Improved the logic for determining whether a user should have Strong Password...
Bug Fix: Fixed data save issue that could cause multiple notification emails to be sent in a short period of time.
Bug Fix: Fixed issue that could cause the malware scanner to fail on sites that change the arg_separator.output php.ini value from its default value.
Bug Fix: Removed redundant entries in the HackRepair blacklist.
Bug Fix: Enabling Protect System Files in System Tweaks will now only block install.php for the current site. This fixes the issue where the...
Bug Fix: Fixed issue that could prevent saving of File Change settings, resulting in an error messages of "A validation function for file-change received data that did not have the required entry for latest_changes."
Bug Fix: Fixed error "PHP message: PHP Fatal error: 'continue' not in the 'loop' or 'switch' context".