Stop User Enumeration

• remove redundant CSS and fonts

• Move query arg to init hook to avoid unneccessary warnings
• Update donation lib

• Fix edge case where reiew / donate become undismissible

• Tidy donation library for build to remove dev dependencies

• Remove freemius library and optional registration
• Add donation and contribution notices

• be case insensitive when checking REST API

= 1.3.30 = Upgrade to version 1.3.30 to disable author site maps - you will need to enable in settings (closes issue #6)

Upgrade to version 1.3.30 to disable author site maps - you will need to enable in settings (closes issue #6)

=

• Minor javascript fix
• better IP detection for proxies

• Removed console issue when no comments turned on

• Updated library

• Removed link

• Changed settings page

• Removed donate link

• Moved support link to settings page to reduce menu clutter
• Updated Freemius library to 2.3.0

• minor improvement

• minor improvement

• minor tweak to work better with 5.0

• changed settings page to stop random metaboxes

• Reworked settings page

• fix to ensure scripts not enqueued unless required

• fix double plugin header

• ability to link to shared host firewall ( fullworks-firewall )

• Resolve some missing files

• Added language localisation for translations
• Added Spanish translation

Fixed unused javascript & css in settings page

Added language settings to allow translation.

Sanitized text being written to syslog

Closed potential REST API bypass

Security fix to stop XSS exploit

Also coded so should work with PHP 5.3 - although PHP 5.3. has been end of life for over two years it seems some hosts still use this. This is a security risk in its own right and sites using PHP 5.3 should try to upgrade to a supported version of PHP, but this change is for backward compatibility.

Fix to allow deprecated PHP Version 5.4 to work, as 5.4 seems to still be in common use despite end of life

Note this code wont work on PHP 5.3

Fix PHP error

• full rewrite
• Changed detection rules to stop a reported bypass
• Added detection and suppression of REST API calls to user data
• Added settings page to allow REST API calls or stop system logging as required
• Added code to remove numbers from comment authors, and setting to turn that off

• Simplify code and deal with undefined request and other argument issues

• Correct issue of undefined index in certain conditions

• Added donate link to plugin listing

• code improvement from Thomas van der Westen

• allow comments to use author in url

• bug fix to POST protection

• Added protection against bypass using null bytes (thanks to vunerbality identification and solution by cvcrcky )
• Added protection angainst POST bypass (thanks to vunerbaility identification by urbanadventurer and solution ideas from Ov3rfly and Malivuk )

• Added code to check whether not admin (to stop admin features failing) and changed trailing slash code to trap situation where not posts are found and user is displayed in title

Fixed bug that stopped export

Added code to stop bypassing the check when a trailing slash is added

• minor change to handle a specific php issue with a certain version

• minor change to handle a specific php issue with a certain version

• added close log
• corrected call to wp die

• first release

=