Releases: chesio/bc-security
Releases Β· chesio/bc-security
v.0.25.0
v.0.24.0
WordPress 6.4 or newer is now required!
Added
- Disable autoloading of plugin options when plugin is deactivated #160.
- New built-in rule for bad request banner module that triggers when non-existing
.aspor.aspxfile is accessed #161. - Plugin has been tested with WordPress 6.6 #157.
Changed
- WordPress 6.4 is required #159.
v.0.23.0
Important: either deactivate and reactivate plugin after update or install new cron job manually via WP-CLI: wp cron event schedule bc-security/failed-logins-clean-up now daily.
Added
- New built-in rule for bad request banner module that triggers when non-existing
.tgzor.zipfile is accessed #155. - Plugin has been tested with WordPress 6.5 #152.
Changed
- List of supported PHP versions for PHP version check has been updated to include PHP 8.3 #151.
Fixed
- Fix SQL syntax error when bulk unlocking entries in internal blocklist #154 - thanks to @szepeviktor.
- Table storing failed logins data is now pruned automatically #156.
Contributors
szepeviktor
Assets 2
v.0.22.1
v.0.22.0
PHP 8.1 or newer and WordPress 6.2 or newer are now required!
Added
- New built-in rule to bad request banner module that triggers when non-existing
readme.txtfile is accessed #149. - Plugin has been tested with PHP 8.3 #145.
- Plugin has been tested with WordPress 6.4 #144.
Changed
- PHP 8.1 is required #143. As part of an effort to use modern PHP features whenever useful, access scope values are now passed as backed enum instances instead of plain
int. This is a breaking change for actions and filters that have access scope value as their argument:bc-security/action:external-blocklist-hitbc-security/action:internal-blocklist-hitbc-security/filter:is-ip-address-blocked
- WordPress 6.2 is required #147.
v.0.21.0
PHP 8.0 or newer and WordPress 6.0 or newer are now required!
Added
- WordPress 6.3 is supported #141.
- Block rules with "website" access scope in internal blocklist can now be synced with
.htaccessfile #142. - Remote IP addresses that are scanning your website for weaknesses can be automatically for configured amount of time #132.
Changed
- PHP 8.0 is required and the policy to run on supported PHP versions only has been restored #117.
v.0.20.1
v.0.20.0
This release brings a new feature: external blocklist. This feature has its own module named External Blocklist. To keep the naming consistent, IP Blacklist module has been renamed to Internal Blocklist.
These adjustments led to some breaking changes, therefore during update it is recommended to:
- Deactivate the plugin first.
- Rename the database table
bc_security_ip_blacklisttobc_security_internal_blocklist. - Update and reactivate the plugin.
Added
- PHP 8.2 is supported #130.
- WordPress 6.1 and 6.2 is supported (#129 and #136).
- Improve detection of plugins hosted in Plugins Directory: also include plugins that have
readme.mdinstead ofreadme.txtfile #128. - An option to block request coming from Amazon AWS network: either all requests or login requests only coming from AWS network can be blocked #120.
- Requests blocked by external or internal blocklist are now logged.
v.0.19.0
Added
- PHP 8.1 is supported [#116].
- WordPress versions 5.9 and 6.0 are supported [#121] and [#127].
- An option to restrict login options has been implemented: login via email or login via username can be disabled [#123].
- Changelog.md has been added [#125].
Removed
- "Check auth cookies" setting has been removed - the check is now always applied [#124].