Version: 2.1 – Demeter / June 26 2018

  • new csp addon: custom third-party report URL support
  • new csp addon: auto generated rules for some special data sources
  • new xxp addon: custom third-party report URL support
  • edit csp addon: updated google analytics list of rules
  • edit csp addon: changes to some default settings
  • edit csp addon: improved information displayed for some settings
  • edit log: changes to the way plugin captures 404 based events
  • edit d4pLib 2.7.3
  • del csp addon: removed outdated and unsupported referrer rule
  • del removed some unused functions and addon object methods
  • fix xxp addon: some small issues with saving reports

Version: 2.0.1 / March 26 2018

  • edit internal logout function replaced with the WordPress one
  • edit several small changes in the logout related functionality
  • edit d4pLib 2.6.1
  • fix security headers addon: problem with settings panel options

Version: / March 20 2018

  • fix wrong function call on the new dashboard panel

Version: 2.0 – Hades / March 18 2018

  • new addon: malware scanner
  • new addon: xss protection
  • new addon: security headers
  • new plugin dashboard with various quick overview widgets
  • new xss protection addon: report handler and event
  • new integrity scanner addon: plugins endpoint
  • new database: dedicated table for CSP reports
  • new database: dedicated table for XXP reports
  • new events core: method to log CSP reports
  • new events core: method to log XXP reports
  • new events log: filter by network blog ID
  • new tools: improved speed for events log cleanup
  • new tools: all events option for log cleanup
  • new tools: cleanup for CSP and XXP reports tables
  • new csp addon: predefined rules list for Google Translate
  • new csp addon: new filters to control the build process
  • new recaptcha addon: add rules to the CSP if in use
  • new tweaks addon: disable WordPress own security headers
  • edit csp addon: expanded predefined rules list for Google Adsense
  • edit csp addon: expanded list of logged event fields
  • edit csp addon: predefined rules building improved
  • edit integrity scanner addon: better color codes explanations
  • edit integrity scanner addon: improved results display
  • edit integrity scanner addon: various scan process updates
  • edit wp toolbar addon: expanded list of menu items displayed
  • edit d4pLib 2.6
  • del tweaks addon: security header tweaks, now available as addons
  • del htaccess addon: security header tweaks, now available as addons
  • fix csp addon: some predefined rules can fail to apply
  • fix some issues with including translation for empty string

Version: 1.8 – Aphrodite / January 28 2018

  • new addon: integrity scanner
  • new integrity scanner – plugins and addons scanner
  • new integrity scanner – core scanner
  • new integrity scanner – plugins and themes
  • new login honeypot: support for the bbPress login form
  • edit login honeypot: loads everywhere to work with different forms
  • edit moment.js library 2.24.0
  • edit d4pLib 2.5.3

Version: 1.7 – Dionysus / November 12 2018

  • new geo location: using service
  • new antispam: events for manual marking comments/trackbacks as spam
  • new antispam: events for manual marking topics/replies as spam
  • new antispam: register bbPress dynamic role ‘Spammer’
  • new antispam: automatic assignment of ‘Spammer’ role
  • edit geo location: updated method to get geo location information
  • edit scanner for VirusTotal uses verified SSL cURL call
  • edit scanner for Sucuri switched to HTTPS URL
  • edit scanner for Sucuri with improve localhost domain detection
  • edit scanner for Sucuri support for JSON scanner results
  • edit various small improvements to the events log
  • edit d4pLib 2.5
  • fix antispam: otpion to stop attempt when detected not working

Version: 1.6 / August 23 2018

  • new csp addon: support for worker-src directive
  • new csp addon: support for disown opener directive
  • new csp addon: automatic rules for google analytics
  • new csp addon: automatic rules for google adsense
  • new csp addon: automatic rules for google fonts
  • new csp addon: automatic rules for google maps
  • new csp addon: filter for rules by type
  • edit various improvements to the plugin settings information
  • edit no longer using blacklist and whitelist terms
  • edit moment.js library 2.22.2
  • edit d4pLib 2.3.6
  • del csp addon: removed ‘reflected XSS’ directive
  • fix issue with removal of some plugin settings

Version: 1.5.2 / January 19 2018

  • fix wrong function call breaks the panels display

Version: 1.5.1 / January 15 2018

  • edit moment.js library 2.20.1
  • edit d4pLib 2.2.4
  • fix xss vulnerability: query string panel was not sanitized
  • fix xss vulnerability: panel variable for some pages was not verified
  • fix missing proper sanitation for some grid filters variables

Version: 1.5 – Poseidon / january 8 2017

  • new registration: list of emails to blacklist
  • new events log: data view options to ban domain, email or username
  • new tools: new tool for reseting firewall and 6G rules
  • new completely redesigned and updated about panel
  • edit htaccess: updated 6G rules editor settings
  • edit htaccess: updated 6G request method tweak
  • edit htaccess: various improvements to 6G rules
  • edit htaccess: improved process of building the file
  • edit firewall: updated rules editor settings
  • edit firewall: expanded list of default user agents
  • edit firewall: expanded list of default query strings
  • edit firewall: expanded list of default request URI’s
  • edit reorganization of the files for tools and scanners panels
  • edit d4pLib 2.2.3
  • fix several PHP 7.1 related issues with arrays
  • fix broken option to ban IP’s from the events log
  • fix problems with saving some firewall rules

Version: 1.4 – Hera / september 5 2017

  • new htaccess: header for Referrer-Policy
  • new tweak: header for Referrer-Policy
  • new improved admin side accessibility for all panels
  • edit htaccess: all header rules on separate panel
  • edit d4pLib 2.1

Version: 1.3.1 / april 28 2017

  • edit check before loading of the Defuse library
  • edit d4pLib 1.9.3

Version: 1.3 – Hermes / march 12 2017

  • new antispam: test for spam counting links in the content
  • new antispam: test for spam using set of regular expressions
  • new antispam: test for spam using banned keywords
  • new antispam: settings for list of banned keywords management
  • new antispam: addon now has own panel in main menu
  • new htaccess: option for cleanup of unneeded empty lines
  • new username trap: attempt to save password use for login
  • new now using defuse php encryption library for secure settings
  • edit antispam: ban notification email contains user info if available
  • edit htaccess: updates to some of the 6G default rules
  • edit htaccess: removed ‘delete’ from the 6G request methods
  • edit d4pLib 1.9.1
  • fix some of the settings displayed more than once

Version: 1.2 – Ares / september 21 2016

  • new user profile: security overview panel
  • new htaccess: build file when IP is banned or unbanned
  • new htaccess: allow building file from other addons
  • new csp: store generated header into .htaccess
  • new csp: force SSL for the report URL
  • new banned IP’s: filter by the ban status
  • new banned IP’s: convert temporary to permanent ban
  • new events log: filter list by user ID
  • new dnsbl: support for Tornevall database
  • new antispam: hidden field comment spam detection
  • new antispam: comments column for spam/approval reason
  • new antispam: DNSBL Tornevall filter
  • new filters to expand list of htaccess rules on build
  • new actions executed when IP is banned and unbanned
  • new more indexes for the plugin database tables
  • edit events log: main SQL query optimizations
  • edit events log: various display improvements
  • edit login honeypot: stop login process on detection
  • edit login limit: improved logout procedure
  • edit antispam: few improvements to the detection process
  • edit ban log: main SQL query optimizations
  • edit settings panel ProjectHoneypot renamed to DNSBL
  • edit many updates to DNSBL objects organization
  • edit several small improvements to admin interface
  • edit removed several unused plugin settings
  • edit d4pLib 1.8.2
  • fix events log: slow SQL query with large number of events
  • fix wp toolbar: broken URL to plugin About panel
  • fix missing URL’s from some email notifications
  • fix several typos in the email notifications
  • fix several broken URL’s in the email notifications
  • fix events log filtering by event was not working

Version: 1.1.3 / september 6 2016

  • fix fatal error with loading one of the core files

Version: 1.1.2 / september 5 2016

  • edit improvements to datetime based functions
  • edit d4pLib 1.8

Version: 1.1.1 / august 11 2016

  • edit small update to visitor IP detection behind CloudFlare
  • edit d4pLib 1.7.8
  • fix invalid function call for the events log cleanup
  • fix invalid URL for main page in the WP toolbar addon

Version: 1.1 – Artemis / august 4 2016

  • new addon: content security policy header support
  • new addon: admin menu for WordPress toolbar
  • new htaccess: auto apply rules during daily maintenance
  • new scanner: display response headers for any URL request
  • new support for sending instant notifications
  • new support for IP detection when behind CloudFlare
  • edit improved sanitation of plugins settings on save
  • edit improved buttons on all dialogs on the admin side
  • edit some small updates to settings organization
  • edit d4pLib
  • fix htaccess: some missing settings for XML-RPC tweak
  • fix banned ips log bulk unban operation not working
  • fix events log single operations returning invalid response
  • fix minor issue with some of the header tweaks

Version: / may 25 2016

  • fix extra debug directive remaining in the code

Version: 1.0.6 / may 25 2016

  • edit events log: removal tool can remove specific events only
  • edit minor changes to the main JavaScript file and minifications
  • edit d4pLib 1.7.1
  • fix events log grid ordering by different columns was broken
  • fix events log single event removal not working in some rare cases
  • fix events log bulk removal not working in some rare cases
  • fix events log removal tool not removing events in some cases

Version: 1.0.5 / may 12 2016

  • edit d4pLib 1.7.0
  • fix problem with user agent string missing from request
  • fix broken tool for importing plugin settings from file
  • fix broken tool for exporting plugin settings

Version: 1.0.4 / april 7 2016

  • new banned ip’s log: show Project Honeypot status
  • new htaccess tweak: header for Strict-Transport-Security
  • new tweak: header for Strict-Transport-Security
  • new tweak: header for X-Content-Type-Options: nosniff
  • new tweak: header for X-Frame-Options: SAMEORIGIN
  • new tweak: header for X-XSS-Protection: “1; mode=block”
  • fix login honeypot: storing honeypot field value problem
  • fix events log grid not filtering by banning status
  • fix minor issue with setting ip for permanent ban
  • fix minor issues with sorting banned IP lists
  • fix minor issue project honeypot banning

Version: 1.0.3 / march 30 2016

  • new registration control: use project honeypot
  • new login honeypot: store honeypot field result in events log
  • edit improved check for available apache modules
  • edit core: updated plugin SVG icon to use light default color
  • edit scanners: show warnings for missing API keys
  • edit d4pLib 1.6.4
  • fix filtering security log by event was not working
  • fix wrong URL in instant ban notification emails
  • fix event for 404 script error was not properly defined
  • fix minor issues with the settings panel layout
  • fix broken links inside the admin help tab
  • fix htaccess: wrongly marked status for appache modules
  • fix registration control: broken user agent filter
  • fix tweaks: wrong function call for XMLRPC tweaks

Version: 1.0.2 / march 21 2016

  • edit small tweaks to the notification digest layout
  • edit Project Honeypot result includes link to more information
  • edit consistent results format for IP:BL display
  • fix notification digest always return empty list
  • fix notification digest uses invalid URL for security log panel
  • fix conflict loading marker class from shared library

Version: 1.0.1 / march 20 2016

  • new security log: show Project Honeypot status
  • new live monitor: show Project Honeypot status
  • new option to always save user agent with each logged event
  • new tool to clear cached IP data from Project Honeypot
  • edit online scanners moved to own panel
  • fix Project Honeypot detection of search engine IP

Version: 1.0 / march 16 2016

  • new first official version