Wordfence 5.2.5 released – Please update
-
Greetings Wiordfence community!
Our crack dev team has been hard at work and has rolled out an update that addresses some security fixes and added a few things to help you better understand your option choices. Below are some of the highlights:
5.2.5
- Security release. Update immediately. Thanks to Julio Potier.
- Code hardening including improved sanitization and an additional nonce for unlock email form. Special thanks to Ryan Satterfield for the hard work.
- Stability of auto-update improved for LiteSpeed customers. We auto-detect if you don’t have E=noabort:1 in your .htaccess and give you instructions.
- Auto-update also disabled now for LiteSpeed customers who don’t have E=noabort:1 and you will get an email alert with an explanation.
- Fixed a bug that may cause you to have advanced blocking patterns disabled with falcon engine enabled that should not be disabled.
- Removed a benign warning in wfCache.php.
- Added clarity to the banned URL option on the options page. All URL’s must be relative.
- Added a primary key to the wp_wfStatus table which is required for certain incremental backup plugins and utilities.
- Fixed advanced country blocking which was not correctly displaying advanced options.
- Migrated to using wp_kses() for sanitization.
- Prevent IP spoofing in default Wordfence IP configuration.
- Change explanations of how Wordfence gets IP’s to make it clear which to use to prevent spoofing.
- Make it clear that the option to have IP’s immediately blocked when they access a URL requires relative URL’s starting with a forward slash.
- Whitelist Sucuri’s scanning IP addresses which were getting blocked because they triggered Wordfence blocking during a scan.
- Improved Wordfence’s code that acquires the visitor IP to block certain spoofing attacks, be more platform agnostic and deal with visits from private IP’s more elegantly.
As always, thanks for being the best plugin community in WordPress. You guys (and gals) rock!
tim
Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
- The topic ‘Wordfence 5.2.5 released – Please update’ is closed to new replies.