iThemes Security 4.0.23

iThemes Security was updated to version 4.0.23, from version 4.0.18. Changelog:

4.0.23

Fix sorting by count in 404 Logs
Minor code cleanup
Make sure all wp_enqueue_script dependencies are in proper format
Reduce priority of hide backend init for better compatibility with other plugins
SSL now logs users out when activating to prevent cookie conflicts
When activating SSL Log out the user to prevent cookie conflicts
Use LOCK_EX as a second file locking method on wp-config.php and .htaccess
Minor code cleanup
Make sure all wp_enqueue_script dependencies are in proper format

4.0.21

Added ability to “soft” block XMLRPC to prevent pingback vulnerability while still allowing other access
Updated “Suspicious queary strings” to not block plugin updates
Update NGINX comment spam rewrite rules to better work with multi-site domain mapping
Move 404 hook in hide backend from wp to wp_loaded
Make sure super-admin role is maintained on multi-site when changing user id 1 and admin username at the same time
Make sure all redirects for hide backend and ssl are 302, not 301
Better resetting of SSL and disallow file editor on deactivation to account for more states
Make sure hide backend works with registration
Minor copy and other fixes
Update nginx rewrite rule on comment spam when domain mapping is active
Added the ability to disable file locking (old behavior)
Better file lock release (try more than 1 method) before failing
Don’t automatically show file lock error on first attempt
Added Spanish translation by Andrew Kurtis

4.0.19