iThemes Security 4.3.3

iThemes Security was updated to version 4.3.3, from version 4.2.15. Changelog:

4.3.3

  • Fixed an inadvertant disabling of file change scans intrudced in 4.3

4.3.2

  • Added on-demand malware scanning for the homepage
  • Added better URL validation to ITSEC_LIB
  • Added exception for 127.0.0.1 to prevent a local server from being locked out of a site during wp-cron or other calls
  • Added button to quickly add current IP address to permanent whitelist
  • Added appropriate message for logs page when logs are not available due to “file only” logging being selected
  • Fixed Error in 404 scanning if path field was empty
  • Updated hackrepair.com’s default blacklist
  • Modified support reminder to ask users to upgrade rather than donate
  • Use get_home_path() in place of ABSPATH to account for WordPress core in a different directory than wp-content
  • Use PHP comments in index.php file to account for the possibility of a scan including the file in which case the html comment could result in an error
  • Fixed various typos throughout the plugin dashboard
  • Added ability to prevent file change scanning from running on a given page load by defining ITSEC_FILE_CHECK_CRON to true
  • Cleaned up file change logging reports to me more clear when no files have been changed
  • Added feature to immediately ban user “admin” when no user “admin” exists on the site and a host tries to log in with it anyway
  • Added blank line to end of all textarea input to make it easier to input data
  • Added brute force checks to XMLRPC calls to prevent brute force attacks against XMLRPC