View attachment 659
The Best WordPress Security Plugin to
Secure & Protect WordPress
Built by the WordPress security experts
iThemes Security Pro takes the guesswork out of WordPress security. You shouldn’t have to be a security professional to use a security plugin, so iThemes Security Pro makes it easy to secure & protect your WordPress website.
QR CODE
7.1.0 - 2022-01-31 - Timothy Jacobs
Important: iThemes Security now requires WordPress 5.8 or later.
New Feature: Introduce a new Import Export feature that allows for greater customization and flexibility.
Bug Fix: Scroll to top of window when navigating.
Bug Fix: Allow searching for Password Requirements.
Bug Fix: Login page would be blank when Passwordless Login was configured to use the "Username First" flow.
Bug Fix: Don't load WordPress and System Tweaks modules...
Download IThemes Security Pro v7.1.1 - Take the Guesswork Out of WordPress Security Nulled Free
v7.1.1 - 2022-04-13 - Timothy Jacobs, Lisa Canini
Tweak: Schedule the Automatic Updater to run 5 minutes after a Site Scan finds Vulnerable Software.
Bug Fix: Help styling on WordPress 5.9.
Bug Fix: Compatibility with plugins that expected a logged-in user during lockouts.
Bug Fix: Error when visiting the Notifications page after activating a module with notifications for the first time...
Download IThemes Security Pro v7.1.3 - Take the Guesswork Out of WordPress Security Nulled Free
v7.1.3 - 2022-06-23 - Timothy Jacobs, Lisa Canini
Tweak: Add Security Alert when running a PHP version older than 7.3.0. Future versions of iThemes Security will require PHP 7.3.0.
Bug Fix: Don't attempt to Hide Backend when a Cron request is being processed.
Bug Fix: Prevent entering invalid date values when selecting a custom date range in the Security Dashboard.
Important: iThemes Security now requires PHP 7.3 and WordPress 5.9 or later.
New: Introducing passkeys for Passwordless Login! Users can log into their site using biometrics like Face ID, Touch ID, or Windows Hello. Enable the new "Passkeys" module to add it as a Passwordless Login method.
Bug Fix: Preliminary PHP 8.1 compatibility.
Bug Fix: Fatal error when running on a site with an unprefixed version of Pimple or Psr/Container that was loaded before iThemes Security.
- Security: Add support for encrypting Two-Factor Mobile App secrets. Enable via Tools -> Set Encryption Key.
- Security: Deprecate Automatic Proxy Detection. Instead, manually configure Proxy Detection or use Security Check. Fix IP spoofing attacks.
- Enhancement: Add "Ban Lockout" button to the Active Lockouts card.
- Tweak: Delete passkeys that have been in the "trash" for seven days.
- Bug Fix: File Logs not rotating.
- Bug Fix: MaxMind DB Lite not being automatically...
New: Passwordless Login can now be setup from the frontend of your website. Use the new iThemes Security block in the Block Editor or the [itsec_passwordless_login_settings] shortcode.
Tweak: Don't show "Ban" buttons in Security Dashboard if the user won't be able to create a ban.
Bug Fix: Prevent Headers Already Sent warning when a lockout occurs during a WP Cron request on some server setups.
Bug Fix: Manually load Sodium Polyfill for servers that have an older version of libsodium...
Tweak: Add "All" tab to the Features page.
Tweak: Don't show Passkeys onboarding flow during front-end Passwordless Login attempts.
Bug Fix: Properly render the Passwordless Login block when not using a Full Site Editing theme.
Bug Fix: Prevent a redirect loop when logging in on sites that take more than 5 seconds to load the Dashboard.
New Feature: Add support for CloudFlare Turnstile and hCaptcha. Learn More: https://ithemes.com/?p=82867
Enhancement: Add support for logging in with Discoverable Passkeys.
Bug Fix: Update Password Strength library to the latest version. This fixes discrepancies between the realtime password strength estimation and the enforced password strength.
Bug Fix: Upgrade the iThemes Updater to 1.7.2 to fix PHP 8 issues.
Note: Remove Grade Report.
Security Hardening: Prevent open redirects attacks against the Enforce SSL module. This attack requires spoofing the Host header which requires additional conditions to exploit. Thanks to nlpro for reporting the issue.
Tweak: Start enabling encryption for existing iThemes Security sites. Read more: https://ithemes.com/?p=84653
Bug Fix: Fallback to the homepage when Enforce SSL encounters a non-safelisted redirect destination.
Bug Fix: IP Detection on sites behind Load Balancers that appended their IP address to X-Forwarded-For and did not provide a Real IP header.
Bug Fix: Passwordless Login compatibility with WordPress 6.3.
News: iThemes Security is becoming Solid Security soon. Learn More: https://go.solidwp.com/security-wpadmin-ithemes-becoming-solidwp
Bug Fix: Username First login compatibility with WordPress 6.3.
Bug Fix: Ensure new database tables are created.
Enhancement: Add pagination to the Firewall logs table.
Tweak: Various UI improvements.
Bug Fix: On sites with no logo, a broken image appeared in some emails.
Bug Fix: In some email clients, the Solid Security logo would stretch too wide.
Security: Don't disclose the login URL when using Hide Backend on a site with comments enabled and comment registration required. Thanks to Naveen Muthusamy for disclosing this issue.
Hardening: Check for the promote_user capability when using Privilege Escalation in addition to edit_user.
Tweak: Remove the iThemes Security is now Solid Security banner from admin-facing email notifications.
Bug Fix: Prevent the User Security page from crashing when "Show Avatars" is disabled in...
Security: Harden SolidWP Updater against XSS attacks. Thanks to Robin Wood (digi.ninja) for disclosing this issue.
New: Add support for creating custom firewall rules.
Enhancement: Add support for configuring firewall settings from the Firewall page.
Bug Fix: The firewall page would appear empty when geolocation could not retrieve a country code.