iThemes Security 4.1.3

iThemes Security was updated to version 4.1.3, from version 4.0.23. Changelog:

4.1.3

  • Make sure “remove write permissions” works
  • Better descriptions on white list
  • Add pro table of contents if needed
  • Make sure security admin bar item works
  • Make sure lockout message only happens when needed
  • Suppress errors on readlink calls
  • Make sure class is present for permanent ban
  • Make sure white list is an array
  • Fix white listed IPs not working
  • Log when Away-mode is triggered
  • Make sure away mode file isn’t accidently deleted
  • Make sure away mode doesn’t even allow access to the login form (as it didn’t in 3.x)
  • Enhance warnings on “Change content directory” settings
  • Better descriptions on white lists
  • Fixed XMLRPC label
  • Better XMLRPC Dashboard status
  • Don’t allow logout action on wp-login.php with hide backend
  • Better check for variable in SSL admin

4.0.27

  • XMLRPC soft block should now work with WordPress mobile app
  • Make sure uploads directory is only working in blog 1 in multisite
  • Better checks for run method in module loader

4.0.25

  • Make sure backup directory is present before trying to use it
  • Make sure backup file method is respected on all backup operations
  • Added ability to limit number of backups saved to disk
  • Minor typo and other fixes
  • Only load front-end classes as needed
  • Add link to free support at .org forums
  • Remove select(?ed) from suspicious query strings for 3.9 compatibility
  • Fixed domain mapping issue (requires http://wordpress.org/plugins/wordpress-mu-domain-mapping/ domain mapping plugin)
  • Remove array type errors on 404 pages
  • Remove remaining create function calls
  • Make sure logs directory is present before trying to use it
  • Log a message when witelisted host triggers a lockout
  • Don’t create log files if they’re not going to be used
  • Add pro tab if pro modules need it
  • Upgrade module loader to only load what is needed