Shield Security for WordPress

• Current Release = Released: 16th March, 2020 - Release Notes

• (v.0) NEW: [PRO] Traffic Rate Limiting Feature.

• (v.0) ADDED: Support for registration forms in plugins: Profile Builder and Paid Member Subscriptions

• (v.0) IMPROVED: Tweaks and changes to UI.

• (v.0) FIXED: Minor issues with the MFA page.

Full Shield Security Changelog

• Current Release = Released: 25th February, 2020 - Release Notes

• (v.3) IMPROVED: AJAX handling and general plugin requests have been refined to be less prone to errors.

• (v.3) IMPROVED: The Traffic Log Viewer will now be displayed even if it's disabled.

• (v.3) REMOVED: 2 options from the Automatic Updates module have been removed, that influenced translations and version control.

• (v.3) IMPROVED: Some minor improvements and optimisations.

• (v.3) IMPROVED: Adjusted how Shield stores temporary WP options to prevent duplicates.

• (v.3) FIXED: Login backup-code wasn't always reset after it was used.

• (v.3) FIXED: IP address wasn't blocked even after committing an offense in 1 particular scenario.

• Current Release = Released: 10th February, 2020 - Release Notes

• (v.7) ADDED: New admin notice to indicate that the plugin is currently disabled.

• (v.7) IMPROVED: Malware scanning for premium assets always uses hashes where possible to verify contents.

• (v.7) IMPROVED: Optimised loading of libraries that run for certain features, if they aren't enabled.

• (v.7) IMPROVED: Prevent a rare fatal error on activation.

• Current Release = Released: 6th December, 2019 - Release Notes

• (v.4) IMPROVED: Discovered serious conflict with SiteGround Optimizer plugin. Provided admin notice and automatic fixing.

• (v.4) FIXED: Protected against spurious error log notices when comparing hashes with "nothing".

• Current Release = Released: 18th November, 2019 - Release Notes

• (v.0) IMPROVED: Improvements to Malware scanner to now track malware results by specific lines, not just by file.

• (v.0) IMPROVED: Support colons (:) in IP addresses during visitor IP address detection.

• (v.0) IMPROVED: Ensure license lookups use the correct site URL.

• (v.0) IMPROVED: Attempt to ensure that if there is an interruption in the API, malware patterns are available for scanning.

• (v.0) IMPROVED: Added default firewall whitelist parameter for AffiliateWP requests.

• (v.0) IMPROVED: Spanish, French, Japanese translations.

• Current Release = Released: 25th October, 2019 - Release Notes

• (v.3) FIXED: Fix for reported RXSS vulnerability - more info.

• (v.3) FIXED: Fix for Rest API detection.

• (v.3) FIXED: Fix for translation of some strings.

• Current Release = Released: 14th October, 2019 - Release Notes

• (v.2) FIXED: Fixes for scans running under Windows/IIS.

• (v.2) IMPROVED: Adds a check that a site can send an HTTP request to itself before allowing scans to run.

• (v.2) IMPROVED: Scans clean up after themselves better, if they fail to run.

• (v.2) IMPROVED: Server's own IP address detection when site migrated to a new host.

• (v.2) UPDATED: International translations.

• (v.2) FIXED: PHP notices when data wasn't as expected.

• Current Release = Released: 7th October, 2019 - Release Notes

• (v.1) IMPROVED: Further reduce Malware false positives by also using SVN trunk data when verifying files for plugins and themes.

• (v.1) ADDED: Initial support for repairing Themes that have been installed from WordPress.org.

• (v.1) ADDED: Support for using WP Hashes.com for WordPress.org themes (already done for plugins).

• (v.1) FIXED: PHP notices in the logs.

• Current Release = Released: 1st October, 2019 - Release Notes

• (v.0) IMPROVED: [PRO] Malware scanner now uses network intelligence to the gather information on malware results.

• (v.0) NEW: Traffic Watcher feature is now free for all users (no longer Pro-only).

• (v.0) IMPROVED: Scanning cron is improved and more efficient.

• (v.0) ADDED: Bulk Delete/Repair/Ignore actions now available for Malware scan results.

• (v.0) IMPROVED: Malware scan results now provide details of affected line numbers and patterns discovered.

• (v.0) IMPROVED: Malware scanner only scans wp-admin, wp-includes, wp-content folders, and files in top-level directory.

• (v.0) IMPROVED: Malware scanner now excludes wp-content/cache/ directory.

• (v.0) IMPROVED: Malware scanner performance improved with caching.

• (v.0) IMPROVED: Malware auto-repair now works more consistently.

• (v.0) IMPROVED: Updated default firewall whitelist rules.

• (v.0) IMPROVED: If the PWNED Passwords API request fails entirely, the password check is skipped.

• (v.0) ADDED: Japanese translations are at 100%.

• (v.0) IMPROVED: Dutch translations are greatly improved (a huge thank you to Fred!).

• (v.0) FIXED: Audit Trail correctly logs multiple occurrences for the same type of event on the same page request.

• (v.0) FIXED: Audit Trail now correctly logs Google reCAPTCHA failure events.

• (v.0) FIXED: PHP error when firewall was set to kill response without a user message.

• Current Release = Released: 18th September, 2019 - Release Notes

• (v.1) FIXED: Error for sites pre-5.0 that don't have function determine_locale()

• (v.0) IMPROVED: Massive improvements to asynchronous scans in performance and reliability.

• (v.0) ADDED: [PRO] Possible to supply multiple email addresses for Administrator login notifications.

• (v.0) ADDED: New firewall whitelist rule to prevent firewall blocks when activating certain plugins.

• (v.0) IMPROVED: Prevent errors caused by other plugins not passing correctly-formatted data through WP filters.

• (v.0) ADDED: Japanese translations (14%).

• (v.0) IMPROVED: Plugin locale now respects user profile locale setting.

• (v.0) IMPROVED: Audit Trail filter for specific events.

• (v.0) IMPROVED: Lots of cleanup of deprecated PHP code following the the v7-v8 upgrade.

• Current Release = Released: 18th September, 2019 - Release Notes

• (v.0) IMPROVED: Massive improvements to asynchronous scans in performance and reliability.

• (v.0) ADDED: [PRO] Possible to supply multiple email addresses for Administrator login notifications.

• (v.0) ADDED: New firewall whitelist rule to prevent firewall blocks when activating certain plugins.

• (v.0) IMPROVED: Prevent errors caused by other plugins not passing correctly-formatted data through WP filters.

• (v.0) ADDED: Japanese translations (14%).

• (v.0) IMPROVED: Plugin locale now respects user profile locale setting.

• (v.0) IMPROVED: Audit Trail filter for specific events.

• (v.0) IMPROVED: Lots of cleanup of deprecated PHP code following the the v7-v8 upgrade.

• Current Release = Released: 5th October, 2019 - Release Notes

• (v.2) IMPROVED: Password strength metering now better aligns with WordPress library (PHP 5.6+)

• (v.2) IMPROVED: Dutch translations have been adjusted.

• (v.2) FIXED: Setting 'Month' for IP block duration wasn't being applied.

• (v.2) FIXED: Certain admin notices not displayed when they should be.

• Current Release = Released: 29th September, 2019 - Release Notes

• (v.1) FIXED: Comment SPAM blocking wasn't working if set to "Detect and Reject".

• (v.1) FIXED: Shield Widget/Badge broken in some cases.

• (v.1) ADDED: You can force Shield to operate in any locale, regardless of site locale.

• (v.1) ADDED: Russian translations are now at 100% and some Dutch translations have been adjusted.

• Current Release = Released: 30th May, 2019 - Release Notes

• (v.2) NEW: Options finder/jumper menu lets you find and jump to any option in the plugin instantly.

• (v.2) NEW: Help/explainer videos for a few sections - more to come.

• (v.2) FIXES: Fixes for a few problems introduced with the recent UI changes.

• (v.2) FIXED: Welcome wizard launching was broken.

• Current Release = Released: 20th May, 2019 - Release Notes

• (v.1) NEW: Adjustments and redesign of Shield options pages.

• (v.1) IMPROVED: Further prep for better internationalization.

• Current Release = Released: 13th May, 2019 - Release Notes

• (v.0) NEW: [PRO] Manual/Automatic User Suspension

• (v.0) NEW: Comment SPAM - Increase minimum number of approved comments before scanning is skipped

• (v.0) NEW: [PRO] Comment SPAM - Trusted user roles where comments scanning is skipped

• (v.0) IMPROVED: AntiBot JS was improperly included when not required.

• (v.0) IMPROVED: Added a GeoIP caching table and removed bundled GeoIP database - greatly reduces download size.

• (v.0) FIXED: Inconsistent behaviour when PWA plugin is active and it infinitely reloads pages.

• (v.0) FIXED: Inconsistent behaviour with Anonymous API blocking.

• (v.0) IMPROVED: Code improvements and refactoring.

• (v.0) ADDED: Prep for upcoming malware scanner.

• Current Release = Released: 18th April, 2019 - Release Notes

• (v.2) IMPROVED: Provided inline links for new Bot Signals options.

• (v.2) CHANGED: Added a workaround for WPML plugin using old, buggy version of TWIG library.

• (v.1) FIX: Protection against 404 tracking blocking visitors in some cases.

• (v.0) NEW: [PRO] 7x New Bot Signals - rules to catch and block bad bots.

• (v.0) ADDED: Date picker for filtering Audit Log entries.

• (v.0) IMPROVED: Audit Log viewer now combines entries from the same request into 1 for better readability.

• (v.0) CHANGED: Use a more refined clearing of WP Fastest Cache.

• (v.0) FIX: Error displayed when deleting plugins in some cases.

• (v.0) UPDATED: Translations for Chinese, Finnish, Turkish, Dutch, Italian, and German.

• Current Release = Released: 25th March, 2019 - Release Notes

• (v.3) FIX: Unable to turn off the Abandoned Plugin scanner.

• (v.3) FIX: Fix bug with some DNS lookup failures for some ISPs.

• (v.3) FIX: Fix display notice for 'disallow file editing' setting when IP is whitelisted.

• Current Release = Released: 27th February, 2019 - Release Notes

• (v.2) IMPROVED: Firewall email notification content now better reflect the information in the audit trail.

• (v.2) FIX: Firewall email notification was breaking in some instances.

• Current Release = Released: 21st February, 2018 - Release Notes

• Current Release = Released: 21st February, 2018 - Release Notes

• Current Release = Released: 12th February, 2018 - Release Notes

• (v.4) IMPROVED: Refactored IP address blocking with improved audit trail messages.

• (v.4) CHANGED: Expanded anonymous REST API whitelist to include 'wpstatistics' namespace.

• (v.4) IMPROVED: Access protection for shield temp/caching dir.

• (v.4) IMPROVED: Clarification on reCAPTCHA - v3 is not supported.

• (v.4) IMPROVED: Clarification on user sessions timeout - Shield sets an absolutely session maximum.

• (v.4) IMPROVED: Options form submission is adjusted to work around poorly restrictive webhosts.

• (v.4) FIX: Various tweaks and fixes across the plugin.

• (v.4) FIX: Error with ClassicPress.

• Current Release = Released: 7th February, 2018 - Release Notes

• (v.3) NEW: Automatically whitelist anonymous REST API Access for 3 plugins: Contact Form 7, WooCommerce, JetPack.

• (v.3) IMPROVED: Security admin login failure messages are clearer.

• (v.3) IMPROVED: Admin notification for email sending 2FA verification easily lets you resend email.

• (v.3) IMPROVED: File download code for WordPress Core file scanner repairs.

• (v.3) IMPROVED: Attempt to also capture B/CC email addresses included in outgoing emails in Audit logs.

• (v.3) FIX: Allow use of IPv4 ranges in whitelist again.

• (v.3) CHANGED: Numerous code refactoring and improvements building upon the major v7 release and prepping for v7.1.

• Current Release = Released: 28th January, 2018 - Release Notes

• Current Release = Released: 28th January, 2018 - Release Notes

• Current Release = Released: 28th January, 2018 - Release Notes

• Current Release = Released: 7th December, 2018 - Release Notes

• (v.9) FIXED: Admin notices displaying to non-admins.

• (v.7) ADDED: [PRO] New option to specify usernames for Security Admin role.

• (v.7) IMPROVED: Idle user detection.

• (v.7) IMPROVED: Support for redirect/cancel URLs in 2FA login page.

• (v.7) CHANGED: Final release before Shield v7. Small warning shown on plugins page if PHP < 5.4

• Current Release = Released: 5th November, 2018 - Release Notes

• (v.4) FIXED: Couldn't deactivate plugin.

• (v.3) ADDED: Support for Ultimate Member forms

• (v.3) ADDED: Support for LearnPress login/registration forms

• (v.3) FIXED: Security Admin now correctly honours the WordPress Options zone setting.

• (v.3) IMPROVED: Distinguish which sub-site (sub-domain) for WPMS installations on Traffic Watcher.

• (v.3) IMPROVED: Server's own IP lookup is only attempted once.

• (v.3) ADDED: Experimental feature to help with some custom 3rd party login/registration forms

• Current Release = Released: 5th November, 2018 - Release Notes

• (v.3) ADDED: Support for Ultimate Member forms

• (v.3) ADDED: Support for LearnPress login/registration forms

• (v.3) FIXED: Security Admin now correctly honours the WordPress Options zone setting.

• (v.3) IMPROVED: Distinguish which sub-site (sub-domain) for WPMS installations on Traffic Watcher.

• (v.3) IMPROVED: Server's own IP lookup is only attempted once.

• (v.3) ADDED: Experimental feature to help with some custom 3rd party login/registration forms

• Current Release = Released: 23rd October, 2018 - Release Notes

• (v.2) IMPROVED: Visitor IP address detection

• (v.2) IMPROVED: Automatic whitelisting of Manage WP IP addresses

• (v.2) IMPROVED: SPAM Comments code enhanced and optimised

• (v.2) IMPROVED: IP Whitelisting code enhanced and optimised

• (v.2) IMPROVED: Code cleaning and refactoring.

• Current Release = Released: 15th October, 2018 - Release Notes

• Current Release = Released: 15th October, 2018 - Release Notes

• Current Release = Released: 13th September, 2018

• (v.4) FIXED: Bug where 2FA by email user roles get reset in some cases.

• (v.3) ADDED: Support for AppleBot in the Traffic Watcher.

• (v.3) FIXED: Plugin/Theme Guard bug not capturing updates correctly.

• (v.3) FIXED: Google Authenticator could not be removed from profile.

• Current Release = Released: 11th September, 2018

• (v.3) ADDED: Support for AppleBot in the Traffic Watcher.

• (v.3) FIXED: Plugin/Theme Guard bug not capturing updates correctly.

• (v.3) FIXED: Google Authenticator could not be removed from profile.

• Current Release = Released: 10th September, 2018

• (v.2) FIXED: Prevent crashing on sites with PHP < v5.4

• (v.1) ADDED: Support for Yandex search engine in the Traffic Watcher.

• (v.1) IMPROVED: WooCommerce checkout handling with reCAPTCHA.

• Current Release = Released: 9th September, 2018

• (v.1) ADDED: Support for Yandex search engine in the Traffic Watcher.

• (v.1) IMPROVED: WooCommerce checkout handling with reCAPTCHA.

• Series = Released: 6th September, 2018 - Release Notes

• (v.0) NEW: [PRO] Traffic Watcher - live tracking of all requests to your site.

• (v.0) NEW: [PRO] Yubikey - Allows for multiple Yubikeys on the same user profile.

• (v.0) ADDED: [PRO] Option to include listing of affected files within Hack Guard notification emails.

• (v.0) ADDED: Option to delete the Security Admin Access Key

• (v.0) ADDED: Option to add WooCommerce roles to 2FA-Email setting.

• (v.0) CHANGED: Basic Stats system now requires minimum PHP v5.4.

• (v.0) CHANGED: Password Policies now requires minimum WordPress v4.4.

• (v.0) IMPROVED: Password expiration now redirects to the 'set password' screen, instead of the user profile.

• (v.0) IMPROVED: Password capture for purposes of password policies is improved.

• (v.0) IMPROVED: You can now delete the 'forceoff' file from inside the WP Admin.

• (v.0) IMPROVED: Audit Trail entries for emails will identify the file that's calling the wp_mail function.

• (v.0) IMPROVED: Audit Trail entries for post editing will identify the post type wherever possible.

• (v.0) IMPROVED: Audit Trail entries will try to display all message text correctly.

• (v.0) IMPROVED: Login/Register/Password forms are only checked when visitor is not logged-in.

• (v.0) IMPROVED: Major database code refactoring and other code improvements.

• (v.0) IMPROVED: User sessions handling.

• (v.0) IMPROVED: Security Admin UX - ajax session checking, with admin notifications and auto-page reload.

• (v.0) IMPROVED: Security Admin password setting now requires a confirmation password entry.

• (v.0) IMPROVED: Refined Cooldown timing system.

• (v.0) IMPROVED: Refined Bot checkbox Javascript.

• (v.0) IMPROVED: Cron entry cleanup after deactivation.

• (v.0) UPDATED: Bootstrap libraries to latest release v4.1.3.

• (v.0) FIXED: Potential bug with Plugin/Themes guard scanning.

• (v.0) FIXED: PHP Warning(s).

Full Changelog

• Current Release = Released: 22nd June, 2018 - Release Notes

• (v.2) FIXED: Bug with multi-factor authentication verification.

• (v.2) FIXED: Bug with chosen reCAPTCHA style not being honoured on login pages

• (v.2) FIXED: Bug with Invisible reCAPTCHA + WooCommerce

• (v.2) FIXED: Bug with Pwned passwords always being checked even if setting turned off.

• Current Release = Released: 14th June, 2018 - Release Notes

• (v.1) FIXED: A couple of bugs with WooCommerce reCAPTCHA processing.

• (v.1) FIXED: A bug with user sessions cleaning

• Current Release = Released: 11th June, 2018 - Release Notes

• (v.0) ADDED: [PRO] White Label - ability to re-brand the entire Shield Security plugin to your company brand.

• (v.0) ADDED: [PRO] Option for all users to receive notification email upon login to their accounts.

• (v.0) IMPROVED: Completely rebuilt the bot and reCAPTCHA login protection system.

• (v.0) IMPROVED: Import/Export system hugely improved with respect to automated push of options from Master sites.

• (v.0) IMPROVED: A different approach to sessions management that should handle sessions a bit better.

• (v.0) IMPROVED: Expired user sessions are cleaned from the DB using a cron, and on Insights Dashboard load.

• Current Release = Released: 30th May, 2018 - Release Notes

• (v.2) ADDED: [PRO] Admin Notes feature - Notes can now be easily deleted (editing will not be possible).

• (v.0) UPDATED: Some translations.

• (v.2) FIXED: A few bugs with the Insights Dashboard.

• (v.2) FIXED: Removed the dependency on jQuery with Invisible reCAPTCHA.

Note: The Insights Dashboard is only available on sites with PHP v5.4.0 and above.

• Current Release = Released: 22nd May, 2018 - Release Notes

• (v.1) ADDED: [PRO] Admin Notes feature - you can add notes to the Shield plugin in the Insights Dashboard.

• (v.1) FIXED: A few bugs with the Insights Dashboard.

• (v.0) ADDED: A simple test cron to demonstrate whether your site crons are running.

• (v.0) ADDED: [PRO] Full support for new WordPress GDPR Privacy Policy controls for exporting and erasing data.

• (v.0) ADDED: [PRO] New GDPR guided wizard for exporting/erasing particular data based on custom search results.

• (v.0) CHANGED: Guided Wizards now load through WP admin to fix ajax problems for poorly configured SSL on some sites

• (v.0) IMPROVED: Upgraded Bootstrap library to 4.1.1.

• (v.0) IMPROVED: Compatibility with AIO Events Cal - they like to force their old Twig libraries on everyone else.

Note: The Insights Dashboard is only available on sites with PHP v5.4.0 and above.

• Current Release = Released: 21st May, 2018 - Release Notes

• (v.0) ADDED: All-New Insights Dashboard providing a high-level overview of your site security, with recommendations.

• (v.0) ADDED: Helpful, explanatory videos directly into the Guided Welcome Wizard.

• (v.0) ADDED: A simple test cron to demonstrate whether your site crons are running.

• (v.0) ADDED: [PRO] Full support for new WordPress GDPR Privacy Policy controls for exporting and erasing data.

• (v.0) ADDED: [PRO] New GDPR guided wizard for exporting/erasing particular data based on custom search results.

• (v.0) CHANGED: Guided Wizards now load through WP admin to fix ajax problems for poorly configured SSL on some sites

• (v.0) IMPROVED: Upgraded Bootstrap library to 4.1.1.

• (v.0) IMPROVED: Compatibility with AIO Events Cal - they like to force their old Twig libraries on everyone else.

Note: The Insights Dashboard is only available on sites with PHP v5.4.0 and above.

• Current Release = Released: 4th May, 2018

• (v.8) IMPROVED: Add GDPR-compliant Privacy Policy checkboxes to mailing list sign-up forms.

• (v.8) ADDED: Introduction video to the Guided Setup Wizard.

• Current Release = Released: 2nd May, 2018

• (v.7) IMPROVED: reCAPTCHA JS is only included on pages where it's actually used by Shield.

• (v.7) IMPROVED: Upgrade Bootstrap library to 4.1.0.

• (v.7) IMPROVED: Include jQuery for the plugin badge as required

• Current Release = Released: 19th April, 2018 - Release Notes

• (v.6) ADDED: Small exclusion in the firewall for a jetpack parameter.

• (v.6) ADDED: SVGs to the default list of files scanned by the plugin guard.

• (v.6) ADDED: Workaround for a ridiculous NGG bug.

• Current Release = Released: 6th April, 2018 - Release Notes

• (v.1-4) FIXED: Various small fixes and improvements

• (v.4) FIXED: PHP Fatal Error on wp object cache.

• (v.0) NEW: [PRO] Keyless Activation of Pro licenses.

• (v.0) ADDED: WordPress Password Policies.

• (v.0) ADDED: Pwned Passwords Detection.

• (v.0) IMPROVED: Major rewrite of plugin AJAX handling.

• (v.0) IMPROVED: Notices to indicate the time of the last scans.

• (v.0) FIXED: A few bugs

• Current Release = Released: 30th March, 2018 - Release Notes

• (v.1-3) FIXED: Various small fixes and improvements

• (v.0) NEW: [PRO] Keyless Activation of Pro licenses.

• (v.0) ADDED: WordPress Password Policies.

• (v.0) ADDED: Pwned Passwords Detection.

• (v.0) IMPROVED: Major rewrite of plugin AJAX handling.

• (v.0) IMPROVED: Notices to indicate the time of the last scans.

• (v.0) FIXED: A few bugs

• Current Release = Released: 22nd March, 2018 - Release Notes

• (v.1-2) FIXED: Various small fixes and improvements

• (v.0) NEW: [PRO] Keyless Activation of Pro licenses.

• (v.0) ADDED: WordPress Password Policies.

• (v.0) ADDED: Pwned Passwords Detection.

• (v.0) IMPROVED: Major rewrite of plugin AJAX handling.

• (v.0) IMPROVED: Notices to indicate the time of the last scans.

• (v.0) FIXED: A few bugs

• Current Release = Released: 19th March, 2018 - Release Notes

• (v.0) NEW: [PRO] Keyless Activation of Pro licenses.

• (v.0) ADDED: WordPress Password Policies.

• (v.0) ADDED: Pwned Passwords Detection.

• (v.0) IMPROVED: Major rewrite of plugin AJAX handling.

• (v.0) IMPROVED: Notices to indicate the time of the last scans.

• (v.0) FIXED: A few bugs

• Current Release = Released: 5th March, 2018 - Release Notes

• (v.0) IMPROVED: Plugin Guard better handles the case where a plugin/theme has been entirely renamed/removed.

• (v.0) IMPROVED: Attempts to access the XML-RPC system when it's disabled will now trigger the blacklist transgressions counter.

• (v.0) IMPROVED: Try to prevent black listing the server's own public IP address where visitor IP address detection is not correctly configured.

• (v.0) ADDED: [PRO] Provisional support for not processing 2FA logins for Woocommerce Social Login plugin.

• (v.0) FIXED: Plugin Guard better handles ignoring non-WordPress.org Plugins/Themes

• (v.0) FIXED: A few small bugs

• Current Release = Released: 26th February, 2018 - Release Notes

• (v.1-4) FIXED: Various Fixes

• (v.0) ADDED: [PRO] New Scanner to detect file changes for active plugins and themes

• (v.0) IMPROVED: Automatic updates for vulnerable plugins ignores automatic updates delay setting

• (v.0) CHANGED: Email notifications for scanners will now link to the Wizard where possible, instead of listing files.

• Current Release = Released: 26th February, 2018 - Release Notes

• (v.3) FIXED: Various Fixes

• (v.0) ADDED: [PRO] New Scanner to detect file changes for active plugins and themes

• (v.0) IMPROVED: Automatic updates for vulnerable plugins ignores automatic updates delay setting

• (v.0) CHANGED: Email notifications for scanners will now link to the Wizard where possible, instead of listing files.

• Current Release = Released: 26th February, 2018 - Release Notes

• (v.1) ADDED: [PRO] New Scanner to detect file changes for active plugins and themes

• (v.1) IMPROVED: Automatic updates for vulnerable plugins ignores automatic updates delay setting

• (v.1) CHANGED: Email notifications for scanners will now link to the Wizard where possible, instead of listing files.

• Current Release = Released: 26th February, 2018 - Release Notes

• (v.0) ADDED: [PRO] New Scanner to detect file changes for active plugins and themes

• (v.0) IMPROVED: Automatic updates for vulnerable plugins ignores automatic updates delay setting

• (v.0) CHANGED: Email notifications for scanners will now link to the Wizard where possible, instead of listing files.

• Current Release = Released: 21st February, 2018 - Release Notes

• (v.3) FIXED: Bug with automatic updates delay processing

• Current Release = Released: 19th February, 2018 - Release Notes

• (v.2) CHANGED: Changed text that seems to cause servers to swallow-up emails. See here for more reliable email

• Current Release = Released: 12th February, 2018 - Release Notes

• (v.0) ADDED: [PRO] Automatic updates stability delay

• (v.0) IMPROVED: Complete plugin UI rebuild, using the new Bootstrap 4.

• (v.0) FIXED: A few bugs with Google Authenticator.

• (v.1) FIXED: Options page javascript to work around conflicts.

• Current Release = Released: 12th February, 2018 - Release Notes

• (v.0) ADDED: [PRO] Automatic updates stability delay

• (v.0) IMPROVED: Complete plugin UI rebuild, using the new Bootstrap 4.

• (v.0) FIXED: A few bugs with Google Authenticator.

• Current Release = Released: 2nd February January, 2018 - Release Notes

• (v.2) FIXED: Fix for IP Manager PHP error.

• (v.2) IMPROVED: Two-factor verification email.

• Current Release = Released: 1st February January, 2018 - Release Notes

• (v.1) FIXED: Bug where administrator login email notification setting is not being honoured.

• (v.1) IMPROVED: If a site is having trouble with database creation, User Sessions wont lock you out.

• (v.0) IMPROVED: Major overhaul of the Shield User Sessions system.

• (v.0) IMPROVED: Link the Security Admin authentication with the new Sessions system.

• (v.0) IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.

• (v.0) ADDED: [PRO] Ability to increase frequency of file system scans up to once every hour.

• (v.0) ADDED: [PRO] Add a remember me option, allowing users to skip Multi-factor authentication for a set number of days.

• Current Release = Released: 31st January, 2018 - Release Notes

• (v.0) IMPROVED: Major overhaul of the Shield User Sessions system.

• (v.0) IMPROVED: Link the Security Admin authentication with the new Sessions system.

• (v.0) IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.

• (v.0) ADDED: [PRO] Ability to increase frequency of file system scans up to once every hour.

• (v.0) ADDED: [PRO] Add a remember me option, allowing users to skip Multi-factor authentication for a set number of days.

Latest Release = Released: 17th January, 2018

• (v.1) FIXED: Verify link missing from the two-factor authentication verification email.

Latest Release = Released: 15th January, 2018 Release Notes

• (v.0) ADDED: 3x more Shield Wizards: Multi-factor Authentication, Core File Scanning, Unrecognised File Scanning.
• (v.0) ADDED: You can now use regular expressions for file exclusions in the 'Unrecognised File Scanner'.
• (v.0) CHANGED: File Scanner email notifications now link to the appropriate scanner wizard directly.
• (v.0) IMPROVED: Plugin options pages restyling.
• (v.0) IMPROVED: Plugin refactoring and improvements.

Latest Point Release = Released: 18th December, 2017

• (v.0) ADDED: All-new Shield Welcome and Setup Wizard - more helpful guided wizards to come.
• (v.0) ADDED: [PRO] Shield options import and export
• (v.0) ADDED: [PRO] In conjunction with import/export - Shield Security Network: automated options syncing.
• (v.0) CHANGED: Going forward, new features and options will support only PHP 5.4+. Existing features will remain unaffected.

Latest Point Release = Released: 11th December, 2017

• (v.1) FIXED: File include error.
• (v.0) IMPROVED: [PRO] Audit Trail length is configurable. Length for free is 50 entries (the original unpaginated limit)
• (v.0) IMPROVED: Large redesign of options sections to be more intuitive and cleaner
• (v.0) IMPROVED: Added dedicated help section for each module.
• (v.0) IMPROVED: Certain modules have an new Actions centre, such a Audit Trail viewer and User Sessions manager
• (v.0) IMPROVED: Audit Trails are now ajax-paginated. You can browse through all your audit trail entries
• (v.0) IMPROVED: User session tables are also ajax-paginated.

Latest Point Release = Released: 1st March, 2016

• (v.0) NEW: WordPress Simple Firewall plugin has been re-branded and is called Shield
• (v.0) ADDED: Support for this plugin is now Premium. Added Premium Support page that links to Helpdesk.
• (v.0) ADDED: NEW feature - Google ReCaptcha for Comment SPAM and Login protection.
• (v.0) CHANGED: Refactor of comment spam code.
• (v.0) CHANGED: Core File Scanner now handles the odd Hungarian distribution.

Latest Point Release = Released: 1st February, 2016

• (v.0) ADDED: NEW feature - Google Authenticator Login option.
• (v.0) ADDED: Core File Scanner now includes an automatic link to repair files (you must be logged in as admin for this link to work!).
• (v.0) ADDED: NEW - if you already have a logged-in session and you open the login screen, you'll be provided with a link to go straight to the admin area.
• (v.0) CHANGED: Email-based Two-Factor Authentication is now stateless/session-less - it will not check validity per-page load.
• (v.0) CHANGED: Changes to the email-based authentication system - now only 1 option and it no longer locks to IP or browser.
• (v.0) CHANGED: Various efficiency improvements including reduced SQL updates.
• (v.0) CHANGED: Email system is improved and now send emails from the default WordPress sender. This may be changed with filter.

• ADDED: New Feature - Audit Trail
• ADDED: Audit Trail options include: Plugins, Themes, Email, WordPress Core, Posts/Pages, WordPress Simple Firewall
• FIXED: Full and proper cleanup of plugin options, crons, and databases upon deactivation.
• REMOVED: Firewall Log. This is no longer an option and is instead integrated into the "WordPress Simple Firewall" Audit Trail.

• ADDED: Better admin notifications for events such as options saving etc.
• CHANGE: Some plugin styling to highlight features and options better.
• FIXED: Small bug with options default values.

• FEATURE: User Management. Phase 1 - create user sessions to track current and attempted logged in users.
• CHANGED: MASSIVE plugin refactoring for better performance and faster, more reliable future development of features
• ADDED: Obscurity Feature - ability to remove the WP Generator meta tag.
• ADDED: ability to change user login session length in days
• ADDED: ability to set session idle timeout in hours
• ADDED: ability to lock session to a particular IP address (2-factor auth by IP is separate)
• ADDED: ability to view active user sessions
• ADDED: ability to view last page visited for active sessions
• ADDED: ability to view last active time for active sessions
• ADDED: ability to view failed or attempted logins in the past 48hrs
• ADDED: Support for GASP login using WooCommerce
• CHANGED: Admin Access Restriction now has a separate options/feature page
• CHANGED: Admin styling to better see some selected options
• ADDED: Support for WP Wall shoutbox plugin (does no GASP comment checks)
• CHANGED: Removed support for upgrading from versions prior to 2.0
• CHANGED: Removed support for importing from Firewall 2 plugin - to import, manually install plugin v2.6.6, import settings, then upgrade.

• FIX: Improved compatibility with bbPress.

• ADDED: Localization capabilities. All we need now are translators! Go here to get started.
• ADDED: Option to mask the WordPress version so the real version is never publicly visible.

• CHANGED: Simplified the automatic WordPress Plugin updates into 1 filter for consistency

• First Release

=