GD Security Toolbox

Changelog

Version: 2.7.1 / August 17 2020
  • newcompatibility with WordPress 5.5
  • fixantispam addon: comments module broken with WordPress 5.5
Version: 2.7 – Iris / July 27 2020
  • newplugin dashboard: form to ban any IP
  • newregistration: email regular expression validation
  • newregistration: username regular expression validation
  • newregistration: stopforumspam check ip, email, username
  • newregistration: expanded to take IP into account
  • newantispam addon: email regular expression validation
  • newantispam addon: username regular expression validation
  • newantispam addon: stopforumspam check ip, email, username
  • newevents log: proper event meta key labels shown
  • newsupport for checking for spam via stopforumspam.com
  • editplugin dashboard: various improvements to widgets layout
  • editplugin dashboard: showing logs overview for last 30 days
  • editantispam addon: improved settings organization
  • editlive monitor: various improvements and updates
  • editjVectorMap 2.0.5
  • editd4pLib 2.8.12
  • fixevents: logout event only if the user was logged in previously
  • fixevents tools: very slow cleanup of events log in some cases
  • fixantispam: problem with trackback scanner and TLD’s filter
  • fixantispam: some gravityforms content checks were not working
  • fixlive monitor: map point markers not added correctly
  • fixwhen IP geolocation fails, error was not properly handled
Version: 2.6 – Hypnos / April 8 2020
  • newsettings: separate page for allow/deny domains, emails…
  • newregistration: automatic adding of detected disposable domains
  • newregistration: check with internal disposable domains list
  • newregistration: additional settings for better control
  • newantispam addon: check URL for the query string characters
  • newreogranization for some of the plugin list based settings
  • newupdate process to transform some of the updated plugin settings
  • editregistration: improved error return for the multisite signup
  • editimprovements in some of the settings labels and descriptions
  • editd4pLib 2.8.6
  • fixregistration: multisite signup form not showing every error message
  • fixantispam addon: registration domains deny list filter not working
  • fixantispam addon: wrong way the marked spam event was logged
  • fixfew issues with getting GEOIP data when the request fails
Version: 2.5 – Hephaestus / March 18 2020
  • newregistration: deny registration to temporary domains email
  • newregistration: check domain DNS MX and/or A records
  • newregistration: check domain MX record domain on temproary domains list
  • newregistration: domain deny list supports wildcards use
  • newregistration: domain allow list supports wildcards use
  • newregistration: option to refuse emails in the subdomain form
  • newregistration: option to refuse emails with invalid tld
  • newregistration: email dots filter has option to specify dots number
  • newregistration: internal auto-allow domains list to skip some filters
  • newantispam addon: spam when the email has invalid tld
  • newantispam addon: spam when the url has invalid tld
  • newantispam addon: option to use registration domains deny list
  • newantispam addon: deny registration to temporary domains email
  • newevents log: show more relevant logged data for all events
  • newevents log: changes to some of the log columns to show more informaton
  • newscanner: get all the DNS records for the specified domain
  • newdownload disposable domains list for use in the domain analysis
  • newdownload TLD’s list for use in the domain analysis
  • newfunction to analyze domain name against the TLD’s list
  • newlibrary NET DNS2 for making DNS related queries
  • editintegrity scanner: expanded list of dev4press plugins
  • editintegrity scanner: improvements to the preparation code
  • editregistration: various improvements to the logging
  • editregistration: expanded information about various options
  • editantispam addon: expanded information about various options
  • editcsp: more updates to the google adsense support
  • fixregistration: domain deny check doesn’t generate log entry
  • fixantispam addon: minor issues with the trackback module
Version: 2.4.1 / February 23 2020
  • editd4pLib 2.8.5
  • fixregression from previous version breaking the settings export
Version: 2.4 – Notus / February 12 2020
  • newantispam addon: support for GravityForms
  • newantispam addon: enables manual spam handling in GravityForms
  • newantispam addon: regex to detect various forms of URL’s in content
  • newantispam addon: new test to find any HTML tag in the content
  • newantispam addon: GravityForms and Trackback antispam use HTML tags test
  • newantispam addon: more information added for various settings
  • newtested with PHP 7.4
  • editantispam addon: improvements to the way some settings are working
  • editcsp addon: no longer registers the event handler
  • editd4pLib 2.8.4
  • fixantispam addon: links limits value 0 causes for test to be ignored
  • fixminor issue with with the PHP 7.4 deprecations
Version: 2.3 – Hestia / December 05 2019
  • newaddon: feature policy header
  • newcsp addon: predefined rules list for Google YouTube
  • newcsp addon: predefined rules list for Google Tag Manager
  • newcsp addon: predefined rules list for Gravatar
  • newcsp addon: predefined rules list for Gleam
  • newcsp addon: predefined rules list for Vimeo
  • newtranslation: da_DK – Dansk / Danish
  • newtranslation: de_AT – Deutsch Österreich / German Austria
  • newtranslation: de_CH – Deutsch Schweiz / German Switzerland
  • newtranslation: es_AR – Español de Argentina / Spanish Argentina
  • newtranslation: es_MX – Español de México / Spanish Mexico
  • newtranslation: fr_BE – Français de Belgique / French Belgian
  • newtranslation: fr_CA – Français Canadien / French Canadian
  • editcsp addon: expanded some of the google based preset rules
  • editcsp addon: various improvements in the generator
  • editfirewall: expanded list of default query strings
  • editfirewall: expanded list of default request URI’s
  • editd4pLib 2.8.2
  • fixantispam addon: wrong type of spam logged for referer spam
  • fixantispam addon: few issue with bbPress support
Version: 2.2 – Morpheus / October 02 2019
  • newaddon: plugins bridge
  • newplugins bridge: support for GD Rating System plugin
  • newtranslation: de_DE – Deutch / German
  • newtranslation: es_ES – Español / Spanish
  • newtranslation: fr_CA – Français / French Canada
  • newtranslation: fr_FR – Français / French
  • newtranslation: it_IT – Italiano / Italian
  • newtranslation: nl_NL – Nederlands / Dutch
  • newtranslation: pl_PL – Polski / Polish
  • newtranslation: pt_BR – Português / Portuguese – Brazil
  • newtranslation: pt_PT – Português / Portuguese
  • newtranslation: ru_RU – Русский / Russian
  • newtranslation: sr_RS – Српски / Serbia
  • editmalware scanner addon: expanded list of rules
  • editcsp addon: expanded some of the google based preset rules
  • editheaders addons: do not run when WordPress runs CRON
  • editd4pLib 2.7.9
  • fixlogin limit addon: minor issue with one of the filters
  • fixlogin limit addon: temporary ban not working properly
  • fixupdate/install notices not shown on the network admin panels
Version: 2.1 – Demeter / June 26 2018
  • newcsp addon: custom third-party report URL support
  • newcsp addon: auto generated rules for some special data sources
  • newxxp addon: custom third-party report URL support
  • editcsp addon: updated google analytics list of rules
  • editcsp addon: changes to some default settings
  • editcsp addon: improved information displayed for some settings
  • editlog: changes to the way plugin captures 404 based events
  • editd4pLib 2.7.3
  • delcsp addon: removed outdated and unsupported referrer rule
  • delremoved some unused functions and addon object methods
  • fixxxp addon: some small issues with saving reports
Version: 2.0.1 / March 26 2018
  • editinternal logout function replaced with the WordPress one
  • editseveral small changes in the logout related functionality
  • editd4pLib 2.6.1
  • fixsecurity headers addon: problem with settings panel options
Version: 2.0.0.1 / March 20 2018
  • fixwrong function call on the new dashboard panel
Version: 2.0 – Hades / March 18 2018
  • newaddon: malware scanner
  • newaddon: xss protection
  • newaddon: security headers
  • newplugin dashboard with various quick overview widgets
  • newxss protection addon: report handler and event
  • newintegrity scanner addon: wordpress.org plugins endpoint
  • newdatabase: dedicated table for CSP reports
  • newdatabase: dedicated table for XXP reports
  • newevents core: method to log CSP reports
  • newevents core: method to log XXP reports
  • newevents log: filter by network blog ID
  • newtools: improved speed for events log cleanup
  • newtools: all events option for log cleanup
  • newtools: cleanup for CSP and XXP reports tables
  • newcsp addon: predefined rules list for Google Translate
  • newcsp addon: new filters to control the build process
  • newrecaptcha addon: add rules to the CSP if in use
  • newtweaks addon: disable WordPress own security headers
  • editcsp addon: expanded predefined rules list for Google Adsense
  • editcsp addon: expanded list of logged event fields
  • editcsp addon: predefined rules building improved
  • editintegrity scanner addon: better color codes explanations
  • editintegrity scanner addon: improved results display
  • editintegrity scanner addon: various scan process updates
  • editwp toolbar addon: expanded list of menu items displayed
  • editd4pLib 2.6
  • deltweaks addon: security header tweaks, now available as addons
  • delhtaccess addon: security header tweaks, now available as addons
  • fixcsp addon: some predefined rules can fail to apply
  • fixsome issues with including translation for empty string
Version: 1.8 – Aphrodite / January 28 2018
  • newaddon: integrity scanner
  • newintegrity scanner – dev4press.com plugins and addons scanner
  • newintegrity scanner – wordpress.org core scanner
  • newintegrity scanner – wordpress.org plugins and themes
  • newlogin honeypot: support for the bbPress login form
  • editlogin honeypot: loads everywhere to work with different forms
  • editmoment.js library 2.24.0
  • editd4pLib 2.5.3
Version: 1.7 – Dionysus / November 12 2018
  • newgeo location: using GeoJS.io service
  • newantispam: events for manual marking comments/trackbacks as spam
  • newantispam: events for manual marking topics/replies as spam
  • newantispam: register bbPress dynamic role ‘Spammer’
  • newantispam: automatic assignment of ‘Spammer’ role
  • editgeo location: updated method to get geo location information
  • editscanner for VirusTotal uses verified SSL cURL call
  • editscanner for Sucuri switched to HTTPS URL
  • editscanner for Sucuri with improve localhost domain detection
  • editscanner for Sucuri support for JSON scanner results
  • editvarious small improvements to the events log
  • editd4pLib 2.5
  • fixantispam: otpion to stop attempt when detected not working
Version: 1.6 / August 23 2018
  • newcsp addon: support for worker-src directive
  • newcsp addon: support for disown opener directive
  • newcsp addon: automatic rules for google analytics
  • newcsp addon: automatic rules for google adsense
  • newcsp addon: automatic rules for google fonts
  • newcsp addon: automatic rules for google maps
  • newcsp addon: filter for rules by type
  • editvarious improvements to the plugin settings information
  • editno longer using blacklist and whitelist terms
  • editmoment.js library 2.22.2
  • editd4pLib 2.3.6
  • delcsp addon: removed ‘reflected XSS’ directive
  • fixissue with removal of some plugin settings
Version: 1.5.2 / January 19 2018
  • fixwrong function call breaks the panels display
Version: 1.5.1 / January 15 2018
  • editmoment.js library 2.20.1
  • editd4pLib 2.2.4
  • fixxss vulnerability: query string panel was not sanitized
  • fixxss vulnerability: panel variable for some pages was not verified
  • fixmissing proper sanitation for some grid filters variables
Version: 1.5 – Poseidon / january 8 2017
  • newregistration: list of emails to blacklist
  • newevents log: data view options to ban domain, email or username
  • newtools: new tool for reseting firewall and 6G rules
  • newcompletely redesigned and updated about panel
  • edithtaccess: updated 6G rules editor settings
  • edithtaccess: updated 6G request method tweak
  • edithtaccess: various improvements to 6G rules
  • edithtaccess: improved process of building the file
  • editfirewall: updated rules editor settings
  • editfirewall: expanded list of default user agents
  • editfirewall: expanded list of default query strings
  • editfirewall: expanded list of default request URI’s
  • editreorganization of the files for tools and scanners panels
  • editd4pLib 2.2.3
  • fixseveral PHP 7.1 related issues with arrays
  • fixbroken option to ban IP’s from the events log
  • fixproblems with saving some firewall rules
Version: 1.4 – Hera / september 5 2017
  • newhtaccess: header for Referrer-Policy
  • newtweak: header for Referrer-Policy
  • newimproved admin side accessibility for all panels
  • edithtaccess: all header rules on separate panel
  • editd4pLib 2.1
Version: 1.3.1 / april 28 2017
  • editcheck before loading of the Defuse library
  • editd4pLib 1.9.3
Version: 1.3 – Hermes / march 12 2017
  • newantispam: test for spam counting links in the content
  • newantispam: test for spam using set of regular expressions
  • newantispam: test for spam using banned keywords
  • newantispam: settings for list of banned keywords management
  • newantispam: addon now has own panel in main menu
  • newhtaccess: option for cleanup of unneeded empty lines
  • newusername trap: attempt to save password use for login
  • newnow using defuse php encryption library for secure settings
  • editantispam: ban notification email contains user info if available
  • edithtaccess: updates to some of the 6G default rules
  • edithtaccess: removed ‘delete’ from the 6G request methods
  • editd4pLib 1.9.1
  • fixsome of the settings displayed more than once
Version: 1.2 – Ares / september 21 2016
  • newuser profile: security overview panel
  • newhtaccess: build file when IP is banned or unbanned
  • newhtaccess: allow building file from other addons
  • newcsp: store generated header into .htaccess
  • newcsp: force SSL for the report URL
  • newbanned IP’s: filter by the ban status
  • newbanned IP’s: convert temporary to permanent ban
  • newevents log: filter list by user ID
  • newdnsbl: support for Tornevall database
  • newantispam: hidden field comment spam detection
  • newantispam: comments column for spam/approval reason
  • newantispam: DNSBL Tornevall filter
  • newfilters to expand list of htaccess rules on build
  • newactions executed when IP is banned and unbanned
  • newmore indexes for the plugin database tables
  • editevents log: main SQL query optimizations
  • editevents log: various display improvements
  • editlogin honeypot: stop login process on detection
  • editlogin limit: improved logout procedure
  • editantispam: few improvements to the detection process
  • editban log: main SQL query optimizations
  • editsettings panel ProjectHoneypot renamed to DNSBL
  • editmany updates to DNSBL objects organization
  • editseveral small improvements to admin interface
  • editremoved several unused plugin settings
  • editd4pLib 1.8.2
  • fixevents log: slow SQL query with large number of events
  • fixwp toolbar: broken URL to plugin About panel
  • fixmissing URL’s from some email notifications
  • fixseveral typos in the email notifications
  • fixseveral broken URL’s in the email notifications
  • fixevents log filtering by event was not working
Version: 1.1.3 / september 6 2016
  • fixfatal error with loading one of the core files
Version: 1.1.2 / september 5 2016
  • editimprovements to datetime based functions
  • editd4pLib 1.8
Version: 1.1.1 / august 11 2016
  • editsmall update to visitor IP detection behind CloudFlare
  • editd4pLib 1.7.8
  • fixinvalid function call for the events log cleanup
  • fixinvalid URL for main page in the WP toolbar addon
Version: 1.1 – Artemis / august 4 2016
  • newaddon: content security policy header support
  • newaddon: admin menu for WordPress toolbar
  • newhtaccess: auto apply rules during daily maintenance
  • newscanner: display response headers for any URL request
  • newsupport for sending instant notifications
  • newsupport for IP detection when behind CloudFlare
  • editimproved sanitation of plugins settings on save
  • editimproved buttons on all dialogs on the admin side
  • editsome small updates to settings organization
  • editd4pLib 1.7.7.1
  • fixhtaccess: some missing settings for XML-RPC tweak
  • fixbanned ips log bulk unban operation not working
  • fixevents log single operations returning invalid response
  • fixminor issue with some of the header tweaks
Version: 1.0.6.1 / may 25 2016
  • fixextra debug directive remaining in the code
Version: 1.0.6 / may 25 2016
  • editevents log: removal tool can remove specific events only
  • editminor changes to the main JavaScript file and minifications
  • editd4pLib 1.7.1
  • fixevents log grid ordering by different columns was broken
  • fixevents log single event removal not working in some rare cases
  • fixevents log bulk removal not working in some rare cases
  • fixevents log removal tool not removing events in some cases
Version: 1.0.5 / may 12 2016
  • editd4pLib 1.7.0
  • fixproblem with user agent string missing from request
  • fixbroken tool for importing plugin settings from file
  • fixbroken tool for exporting plugin settings
Version: 1.0.4 / april 7 2016
  • newbanned ip’s log: show Project Honeypot status
  • newhtaccess tweak: header for Strict-Transport-Security
  • newtweak: header for Strict-Transport-Security
  • newtweak: header for X-Content-Type-Options: nosniff
  • newtweak: header for X-Frame-Options: SAMEORIGIN
  • newtweak: header for X-XSS-Protection: “1; mode=block”
  • fixlogin honeypot: storing honeypot field value problem
  • fixevents log grid not filtering by banning status
  • fixminor issue with setting ip for permanent ban
  • fixminor issues with sorting banned IP lists
  • fixminor issue project honeypot banning
Version: 1.0.3 / march 30 2016
  • newregistration control: use project honeypot
  • newlogin honeypot: store honeypot field result in events log
  • editimproved check for available apache modules
  • editcore: updated plugin SVG icon to use light default color
  • editscanners: show warnings for missing API keys
  • editd4pLib 1.6.4
  • fixfiltering security log by event was not working
  • fixwrong URL in instant ban notification emails
  • fixevent for 404 script error was not properly defined
  • fixminor issues with the settings panel layout
  • fixbroken links inside the admin help tab
  • fixhtaccess: wrongly marked status for appache modules
  • fixregistration control: broken user agent filter
  • fixtweaks: wrong function call for XMLRPC tweaks
Version: 1.0.2 / march 21 2016
  • editsmall tweaks to the notification digest layout
  • editProject Honeypot result includes link to more information
  • editconsistent results format for IP:BL display
  • fixnotification digest always return empty list
  • fixnotification digest uses invalid URL for security log panel
  • fixconflict loading marker class from shared library
Version: 1.0.1 / march 20 2016
  • newsecurity log: show Project Honeypot status
  • newlive monitor: show Project Honeypot status
  • newoption to always save user agent with each logged event
  • newtool to clear cached IP data from Project Honeypot
  • editonline scanners moved to own panel
  • fixProject Honeypot detection of search engine IP
Version: 1.0 / march 16 2016
  • newfirst official version

Spread the word about this plugin, share on social networks:

bbPress Plugins Club

bbPress Club Membership license gives access to all Dev4Press premium plugins for bbPress. While the license remains active, it will include all future Dev4Press premium plugins for bbPress too.

bbPress Club

Rating Plugin Club

Rating Club Membership license gives you access to the GD Rating System Pro plugin, and all the free and premium addons for this plugin, and all future addons while the license is active.

Rating Club

Dev4Press Plugins Club

Dev4Press Plugins Club Membership license gives access to all Dev4Press premium plugins and addons for bbPress and WordPress, and all future plugins while the license is active.

Dev4Press Club

Information

From The Blog

Press

On Social Networks

Development Websites

Dev4Press Projects

DebugPress Plugin
Millan Dev Blog