You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
* Improvement: Added support for managing the login security settings to Wordfence Central.
* Improvement: Updated the bundled root CA certificate store.
* Improvement: Added a check and update flow for mod_php hosts with only the PHP5 directive set for the WAF’s extended protection mode.
* Improvement: Added additional values to Diagnostics for debugging time-related issues, the new fatal error handler settings, and updated the PHP version check to reflect the new 5.6.20 requirement of WordPress.
* Change: Changed the autoloader for our copy of sodium_compat to always load after WordPress core does.
* Fix: Fixed the “removed from wordpress.org” detection for plugin, which was broken due to an API change.
* Fix: Fixed the bulk repair function in the scan results when it included core files.
* Improvement: Updated sodium_compat to address an incompatibility that may occur with the pending WordPress 5.2.1 update.
* Improvement: Clarified text around the reCAPTCHA setting to indicate v3 keys must be used.
* Improvement: Added detection for Jetpack and a notice when XML-RPC authentication is disabled.
* Fix: Suppressed error messages on the NTP time check to compensate for hosts with UDP connections disabled.
* Improvement: Two-factor authentication is new and improved, now available on all Premium and Free installations.
* Improvement: Added Google reCAPTCHA v3 support to the login and registration forms.
* Improvement: XML-RPC authentication may now be disabled or forced to require 2FA.
* Improvement: Reduced size of SVG assets.
* Improvement: Clarified text on “Maximum execution time for each scan stage” option.
* Improvement: Added detection for an additional config file that may be created and publicly visible on some hosts.
* Improvement: Improved detection for malformed malware scanning signatures.
* Change: Long-deprecated database tables will be removed.
* Change: Removed old performance logging code that’s no longer used.
* Fix: Addressed a log notice when using the See Recent Traffic feature in Live Traffic.
* Fix: WAF attack data now correctly includes JSON payloads when appropriate.
* Fix: Fixed the text for Live Traffic entries that include a redirection message.
* Fix: Fixed an issue with synchronizing scan issues to Wordfence Central that prevented stale issues from being cleared.