Plugin Name: WP Defender
Author: Hoang Ngo, Aaron Edwards, Anton Shulga
Tested up to: 5.5

Change Log:

= 2.4.3 ( 2020-11-27 ) =

- Fix: Masked Login Area not working in some cases
- Fix: Hub redirect to 404 page when Masked Login Area enabled

= 2.4.2 ( 2020-11-25 ) =

- Fix: Fatal version on WordPress 5.2 and earlier

= 2.4.0 ( 2020-11-24 ) =

- New: Notifications section - centralized manager for all notifications and reports
- New: Onboarding which will replace the old quick setup and enable everything that is recommended
- New: New: Bulk behavior for Security Recommendations - resolve/ignore almost everything with a single click
- New: Improving Security Recommendations UI/UX
- New: 2FA with Authy and Microsoft Authenticator
- New: Highlight new features in welcome modal
- Enhance: Better UI/UX and performance for Malware Scanning
- Fix: The Audit Logging widget on the dashboard doesn’t show the correct report status
- Fix: The custom message in Login Lockout doesn’t apply when an IP is banned by using a banned username
- Fix: Conflict with WP Fastest Cache makes revert buttons show incorrectly
- Fix: Warning with PHP 7.2.x
- Fix: The username search in Audit Logging doesn’t work

= 2.3.2 ( 2020-09-14 ) =

- New: Add a separate Tutorials sub-menu and X-icon to remove it from the Dashboard
- Enhance: Change mention of blacklist and whitelist to blocklist and allowlist on Defender pages
- Enhance: Change Documentation links for Firewall and Malware Scanning
- Enhance: Config Improvements
- Fix: Display custom login forms if the Defender Masking URL is enabled
- Fix: Receive email from Defender security tweaks daily
- Fix: Activate 'Mask Login Area' through the Defender dashboard
- Fix: Correct display of the Audit log for a new registered user - except for a Subscriber role - in MU
- Fix: Masked login alters ajaxurl in MU in sites table page
- Fix: Remove 'ambient-light-sensor', 'picture-in-picture', 'speaker' and 'vr' directives from Feature-Policy header
- Fix: Compatibility with HUB

= 2.3.1 ( 2020-08-10 ) =

- New: Feature to save presets configurations of the Defender's settings, and make them available to download and apply to your other sites
- New: Add tutorials section in the Defender dashboard
- Enhance: Allow to bulk delete suspicious files
- Enhance: Improve the logic of how "Include sub-domains" option should be shown on the Strict Transport Security header
- Fix: Prevent wp-signup.php to access when Mask Login is enabled
- Fix: 2FA login does not redirect correctly after login via the my-account page of Woocommerce
- Fix: Remove the Security Tweak 'Change default database prefix', as this can be bypass

= 2.3 ( 2020-05-18 ) =

- Enhance: Change the description for X-Content-Type-Options security header
- Fix: The WAF widget and WAF page will be hidden when white label activated
- Fix: Include Subdomain option for Strict Transport security header
- Fix: Cron for Audit logs

= 2.2.9 ( 2020-05-04 ) =

- New: WPMU DEV’s Hosted Web Application Firewall (WAF) is a first layer of protection to block hackers and bot attacks before they ever reach your site. Websites hosted with WPMU DEV can now use this advanced WAF by enabling it via your site’s Security or Hosting tab in The Hub
- Enhance: Moved the security headers out of Security Tweaks and into their own section inside Advanced Tools
- Enhance: Relocated Two-Factor Authentication to it’s own menu item and area
- Enhance: Renamed a couple of modules to more accurately reflect what they do
- Fix: Minor bugs and improvements

= 2.2.8 ( 2020-04-28 ) =

- Enhance: Add plugin configuration import/export option for Hub
- Enhance: HSTS Maximum age of Strict Transport Security header added 30 days, 2 years
- Enhance: Update copy for MaxMind license key
- Fix: Separate email subjects of templates for scan notifications
- Fix: Warning open_basedir restriction in effect
- Fix: 2FA required even if the role is unchecked
- Fix: Preview for Lockout Custom Message doesn't work
- Fix: Sending lockout emails even though they are disabled

= 2.2.7 ( 2020-03-09 ) =

- Fix: Audit Logging sometime triggers a fatal error on some setups


301442-1606527689-au