Version: 2.7.1 / August 17 2020
- new compatibility with WordPress 5.5
- fix antispam addon: comments module broken with WordPress 5.5
Version: 2.7 – Iris / July 27 2020
- new plugin dashboard: form to ban any IP
- new registration: email regular expression validation
- new registration: username regular expression validation
- new registration: stopforumspam check ip, email, username
- new registration: expanded to take IP into account
- new antispam addon: email regular expression validation
- new antispam addon: username regular expression validation
- new antispam addon: stopforumspam check ip, email, username
- new events log: proper event meta key labels shown
- new support for checking for spam via stopforumspam.com
- edit plugin dashboard: various improvements to widgets layout
- edit plugin dashboard: showing logs overview for last 30 days
- edit antispam addon: improved settings organization
- edit live monitor: various improvements and updates
- edit jVectorMap 2.0.5
- edit d4pLib 2.8.12
- fix events: logout event only if the user was logged in previously
- fix events tools: very slow cleanup of events log in some cases
- fix antispam: problem with trackback scanner and TLD’s filter
- fix antispam: some gravityforms content checks were not working
- fix live monitor: map point markers not added correctly
- fix when IP geolocation fails, error was not properly handled
Version: 2.6 – Hypnos / April 8 2020
- new settings: separate page for allow/deny domains, emails…
- new registration: automatic adding of detected disposable domains
- new registration: check with internal disposable domains list
- new registration: additional settings for better control
- new antispam addon: check URL for the query string characters
- new reogranization for some of the plugin list based settings
- new update process to transform some of the updated plugin settings
- edit registration: improved error return for the multisite signup
- edit improvements in some of the settings labels and descriptions
- edit d4pLib 2.8.6
- fix registration: multisite signup form not showing every error message
- fix antispam addon: registration domains deny list filter not working
- fix antispam addon: wrong way the marked spam event was logged
- fix few issues with getting GEOIP data when the request fails
Version: 2.5 – Hephaestus / March 18 2020
- new registration: deny registration to temporary domains email
- new registration: check domain DNS MX and/or A records
- new registration: check domain MX record domain on temproary domains list
- new registration: domain deny list supports wildcards use
- new registration: domain allow list supports wildcards use
- new registration: option to refuse emails in the subdomain form
- new registration: option to refuse emails with invalid tld
- new registration: email dots filter has option to specify dots number
- new registration: internal auto-allow domains list to skip some filters
- new antispam addon: spam when the email has invalid tld
- new antispam addon: spam when the url has invalid tld
- new antispam addon: option to use registration domains deny list
- new antispam addon: deny registration to temporary domains email
- new events log: show more relevant logged data for all events
- new events log: changes to some of the log columns to show more informaton
- new scanner: get all the DNS records for the specified domain
- new download disposable domains list for use in the domain analysis
- new download TLD’s list for use in the domain analysis
- new function to analyze domain name against the TLD’s list
- new library NET DNS2 for making DNS related queries
- edit integrity scanner: expanded list of dev4press plugins
- edit integrity scanner: improvements to the preparation code
- edit registration: various improvements to the logging
- edit registration: expanded information about various options
- edit antispam addon: expanded information about various options
- edit csp: more updates to the google adsense support
- fix registration: domain deny check doesn’t generate log entry
- fix antispam addon: minor issues with the trackback module
Version: 2.4.1 / February 23 2020
- edit d4pLib 2.8.5
- fix regression from previous version breaking the settings export
Version: 2.4 – Notus / February 12 2020
- new antispam addon: support for GravityForms
- new antispam addon: enables manual spam handling in GravityForms
- new antispam addon: regex to detect various forms of URL’s in content
- new antispam addon: new test to find any HTML tag in the content
- new antispam addon: GravityForms and Trackback antispam use HTML tags test
- new antispam addon: more information added for various settings
- new tested with PHP 7.4
- edit antispam addon: improvements to the way some settings are working
- edit csp addon: no longer registers the event handler
- edit d4pLib 2.8.4
- fix antispam addon: links limits value 0 causes for test to be ignored
- fix minor issue with with the PHP 7.4 deprecations
Version: 2.3 – Hestia / December 05 2019
- new addon: feature policy header
- new csp addon: predefined rules list for Google YouTube
- new csp addon: predefined rules list for Google Tag Manager
- new csp addon: predefined rules list for Gravatar
- new csp addon: predefined rules list for Gleam
- new csp addon: predefined rules list for Vimeo
- new translation: da_DK – Dansk / Danish
- new translation: de_AT – Deutsch Österreich / German Austria
- new translation: de_CH – Deutsch Schweiz / German Switzerland
- new translation: es_AR – Español de Argentina / Spanish Argentina
- new translation: es_MX – Español de México / Spanish Mexico
- new translation: fr_BE – Français de Belgique / French Belgian
- new translation: fr_CA – Français Canadien / French Canadian
- edit csp addon: expanded some of the google based preset rules
- edit csp addon: various improvements in the generator
- edit firewall: expanded list of default query strings
- edit firewall: expanded list of default request URI’s
- edit d4pLib 2.8.2
- fix antispam addon: wrong type of spam logged for referer spam
- fix antispam addon: few issue with bbPress support
Version: 2.2 – Morpheus / October 02 2019
- new addon: plugins bridge
- new plugins bridge: support for GD Rating System plugin
- new translation: de_DE – Deutch / German
- new translation: es_ES – Español / Spanish
- new translation: fr_CA – Français / French Canada
- new translation: fr_FR – Français / French
- new translation: it_IT – Italiano / Italian
- new translation: nl_NL – Nederlands / Dutch
- new translation: pl_PL – Polski / Polish
- new translation: pt_BR – Português / Portuguese – Brazil
- new translation: pt_PT – Português / Portuguese
- new translation: ru_RU – Русский / Russian
- new translation: sr_RS – Српски / Serbia
- edit malware scanner addon: expanded list of rules
- edit csp addon: expanded some of the google based preset rules
- edit headers addons: do not run when WordPress runs CRON
- edit d4pLib 2.7.9
- fix login limit addon: minor issue with one of the filters
- fix login limit addon: temporary ban not working properly
- fix update/install notices not shown on the network admin panels
Version: 2.1 – Demeter / June 26 2018
- new csp addon: custom third-party report URL support
- new csp addon: auto generated rules for some special data sources
- new xxp addon: custom third-party report URL support
- edit csp addon: updated google analytics list of rules
- edit csp addon: changes to some default settings
- edit csp addon: improved information displayed for some settings
- edit log: changes to the way plugin captures 404 based events
- edit d4pLib 2.7.3
- del csp addon: removed outdated and unsupported referrer rule
- del removed some unused functions and addon object methods
- fix xxp addon: some small issues with saving reports
Version: 2.0.1 / March 26 2018
- edit internal logout function replaced with the WordPress one
- edit several small changes in the logout related functionality
- edit d4pLib 2.6.1
- fix security headers addon: problem with settings panel options
Version: 2.0.0.1 / March 20 2018
- fix wrong function call on the new dashboard panel
Version: 2.0 – Hades / March 18 2018
- new addon: malware scanner
- new addon: xss protection
- new addon: security headers
- new plugin dashboard with various quick overview widgets
- new xss protection addon: report handler and event
- new integrity scanner addon: wordpress.org plugins endpoint
- new database: dedicated table for CSP reports
- new database: dedicated table for XXP reports
- new events core: method to log CSP reports
- new events core: method to log XXP reports
- new events log: filter by network blog ID
- new tools: improved speed for events log cleanup
- new tools: all events option for log cleanup
- new tools: cleanup for CSP and XXP reports tables
- new csp addon: predefined rules list for Google Translate
- new csp addon: new filters to control the build process
- new recaptcha addon: add rules to the CSP if in use
- new tweaks addon: disable WordPress own security headers
- edit csp addon: expanded predefined rules list for Google Adsense
- edit csp addon: expanded list of logged event fields
- edit csp addon: predefined rules building improved
- edit integrity scanner addon: better color codes explanations
- edit integrity scanner addon: improved results display
- edit integrity scanner addon: various scan process updates
- edit wp toolbar addon: expanded list of menu items displayed
- edit d4pLib 2.6
- del tweaks addon: security header tweaks, now available as addons
- del htaccess addon: security header tweaks, now available as addons
- fix csp addon: some predefined rules can fail to apply
- fix some issues with including translation for empty string
Version: 1.8 – Aphrodite / January 28 2018
- new addon: integrity scanner
- new integrity scanner – dev4press.com plugins and addons scanner
- new integrity scanner – wordpress.org core scanner
- new integrity scanner – wordpress.org plugins and themes
- new login honeypot: support for the bbPress login form
- edit login honeypot: loads everywhere to work with different forms
- edit moment.js library 2.24.0
- edit d4pLib 2.5.3
Version: 1.7 – Dionysus / November 12 2018
- new geo location: using GeoJS.io service
- new antispam: events for manual marking comments/trackbacks as spam
- new antispam: events for manual marking topics/replies as spam
- new antispam: register bbPress dynamic role ‘Spammer’
- new antispam: automatic assignment of ‘Spammer’ role
- edit geo location: updated method to get geo location information
- edit scanner for VirusTotal uses verified SSL cURL call
- edit scanner for Sucuri switched to HTTPS URL
- edit scanner for Sucuri with improve localhost domain detection
- edit scanner for Sucuri support for JSON scanner results
- edit various small improvements to the events log
- edit d4pLib 2.5
- fix antispam: otpion to stop attempt when detected not working
Version: 1.6 / August 23 2018
- new csp addon: support for worker-src directive
- new csp addon: support for disown opener directive
- new csp addon: automatic rules for google analytics
- new csp addon: automatic rules for google adsense
- new csp addon: automatic rules for google fonts
- new csp addon: automatic rules for google maps
- new csp addon: filter for rules by type
- edit various improvements to the plugin settings information
- edit no longer using blacklist and whitelist terms
- edit moment.js library 2.22.2
- edit d4pLib 2.3.6
- del csp addon: removed ‘reflected XSS’ directive
- fix issue with removal of some plugin settings
Version: 1.5.2 / January 19 2018
- fix wrong function call breaks the panels display
Version: 1.5.1 / January 15 2018
- edit moment.js library 2.20.1
- edit d4pLib 2.2.4
- fix xss vulnerability: query string panel was not sanitized
- fix xss vulnerability: panel variable for some pages was not verified
- fix missing proper sanitation for some grid filters variables
Version: 1.5 – Poseidon / january 8 2017
- new registration: list of emails to blacklist
- new events log: data view options to ban domain, email or username
- new tools: new tool for reseting firewall and 6G rules
- new completely redesigned and updated about panel
- edit htaccess: updated 6G rules editor settings
- edit htaccess: updated 6G request method tweak
- edit htaccess: various improvements to 6G rules
- edit htaccess: improved process of building the file
- edit firewall: updated rules editor settings
- edit firewall: expanded list of default user agents
- edit firewall: expanded list of default query strings
- edit firewall: expanded list of default request URI’s
- edit reorganization of the files for tools and scanners panels
- edit d4pLib 2.2.3
- fix several PHP 7.1 related issues with arrays
- fix broken option to ban IP’s from the events log
- fix problems with saving some firewall rules
Version: 1.4 – Hera / september 5 2017
- new htaccess: header for Referrer-Policy
- new tweak: header for Referrer-Policy
- new improved admin side accessibility for all panels
- edit htaccess: all header rules on separate panel
- edit d4pLib 2.1
Version: 1.3.1 / april 28 2017
- edit check before loading of the Defuse library
- edit d4pLib 1.9.3
Version: 1.3 – Hermes / march 12 2017
- new antispam: test for spam counting links in the content
- new antispam: test for spam using set of regular expressions
- new antispam: test for spam using banned keywords
- new antispam: settings for list of banned keywords management
- new antispam: addon now has own panel in main menu
- new htaccess: option for cleanup of unneeded empty lines
- new username trap: attempt to save password use for login
- new now using defuse php encryption library for secure settings
- edit antispam: ban notification email contains user info if available
- edit htaccess: updates to some of the 6G default rules
- edit htaccess: removed ‘delete’ from the 6G request methods
- edit d4pLib 1.9.1
- fix some of the settings displayed more than once
Version: 1.2 – Ares / september 21 2016
- new user profile: security overview panel
- new htaccess: build file when IP is banned or unbanned
- new htaccess: allow building file from other addons
- new csp: store generated header into .htaccess
- new csp: force SSL for the report URL
- new banned IP’s: filter by the ban status
- new banned IP’s: convert temporary to permanent ban
- new events log: filter list by user ID
- new dnsbl: support for Tornevall database
- new antispam: hidden field comment spam detection
- new antispam: comments column for spam/approval reason
- new antispam: DNSBL Tornevall filter
- new filters to expand list of htaccess rules on build
- new actions executed when IP is banned and unbanned
- new more indexes for the plugin database tables
- edit events log: main SQL query optimizations
- edit events log: various display improvements
- edit login honeypot: stop login process on detection
- edit login limit: improved logout procedure
- edit antispam: few improvements to the detection process
- edit ban log: main SQL query optimizations
- edit settings panel ProjectHoneypot renamed to DNSBL
- edit many updates to DNSBL objects organization
- edit several small improvements to admin interface
- edit removed several unused plugin settings
- edit d4pLib 1.8.2
- fix events log: slow SQL query with large number of events
- fix wp toolbar: broken URL to plugin About panel
- fix missing URL’s from some email notifications
- fix several typos in the email notifications
- fix several broken URL’s in the email notifications
- fix events log filtering by event was not working
Version: 1.1.3 / september 6 2016
- fix fatal error with loading one of the core files
Version: 1.1.2 / september 5 2016
- edit improvements to datetime based functions
- edit d4pLib 1.8
Version: 1.1.1 / august 11 2016
- edit small update to visitor IP detection behind CloudFlare
- edit d4pLib 1.7.8
- fix invalid function call for the events log cleanup
- fix invalid URL for main page in the WP toolbar addon
Version: 1.1 – Artemis / august 4 2016
- new addon: content security policy header support
- new addon: admin menu for WordPress toolbar
- new htaccess: auto apply rules during daily maintenance
- new scanner: display response headers for any URL request
- new support for sending instant notifications
- new support for IP detection when behind CloudFlare
- edit improved sanitation of plugins settings on save
- edit improved buttons on all dialogs on the admin side
- edit some small updates to settings organization
- edit d4pLib 1.7.7.1
- fix htaccess: some missing settings for XML-RPC tweak
- fix banned ips log bulk unban operation not working
- fix events log single operations returning invalid response
- fix minor issue with some of the header tweaks
Version: 1.0.6.1 / may 25 2016
- fix extra debug directive remaining in the code
Version: 1.0.6 / may 25 2016
- edit events log: removal tool can remove specific events only
- edit minor changes to the main JavaScript file and minifications
- edit d4pLib 1.7.1
- fix events log grid ordering by different columns was broken
- fix events log single event removal not working in some rare cases
- fix events log bulk removal not working in some rare cases
- fix events log removal tool not removing events in some cases
Version: 1.0.5 / may 12 2016
- edit d4pLib 1.7.0
- fix problem with user agent string missing from request
- fix broken tool for importing plugin settings from file
- fix broken tool for exporting plugin settings
Version: 1.0.4 / april 7 2016
- new banned ip’s log: show Project Honeypot status
- new htaccess tweak: header for Strict-Transport-Security
- new tweak: header for Strict-Transport-Security
- new tweak: header for X-Content-Type-Options: nosniff
- new tweak: header for X-Frame-Options: SAMEORIGIN
- new tweak: header for X-XSS-Protection: “1; mode=block”
- fix login honeypot: storing honeypot field value problem
- fix events log grid not filtering by banning status
- fix minor issue with setting ip for permanent ban
- fix minor issues with sorting banned IP lists
- fix minor issue project honeypot banning
Version: 1.0.3 / march 30 2016
- new registration control: use project honeypot
- new login honeypot: store honeypot field result in events log
- edit improved check for available apache modules
- edit core: updated plugin SVG icon to use light default color
- edit scanners: show warnings for missing API keys
- edit d4pLib 1.6.4
- fix filtering security log by event was not working
- fix wrong URL in instant ban notification emails
- fix event for 404 script error was not properly defined
- fix minor issues with the settings panel layout
- fix broken links inside the admin help tab
- fix htaccess: wrongly marked status for appache modules
- fix registration control: broken user agent filter
- fix tweaks: wrong function call for XMLRPC tweaks
Version: 1.0.2 / march 21 2016
- edit small tweaks to the notification digest layout
- edit Project Honeypot result includes link to more information
- edit consistent results format for IP:BL display
- fix notification digest always return empty list
- fix notification digest uses invalid URL for security log panel
- fix conflict loading marker class from shared library
Version: 1.0.1 / march 20 2016
- new security log: show Project Honeypot status
- new live monitor: show Project Honeypot status
- new option to always save user agent with each logged event
- new tool to clear cached IP data from Project Honeypot
- edit online scanners moved to own panel
- fix Project Honeypot detection of search engine IP
Version: 1.0 / march 16 2016
- new first official version