iThemes Security was updated to version 4.4.16, from version 4.4.13. Changelog:
- Enhancement: File change summary emails are more concise and will avoid extra information.
- Fixed: Hide backend will now work with Jetpack’s JSON API authorization.
- Fixed: Option to change user ID 1 will correctly disappear when not present.
- Fixed: Removed empty user agent from default blacklist to avoid issues with external services.
- Fixed: File change folder check will no longer scan directories outside of ABSPATH for any reason.
- Fixed: Adding define( ‘ITSEC_FILE_CHANGE_CRON’, true ); to wp-config.php will cause the file change scanner to only run once daily via wp-cron.
- Fixed: Compatibility issue where strong password enforcement could cause an error if passwords are changed outside of the core of WordPress.
- Fixed: Lost password url should now be correct on multisite.
- Fixed: fixed duplicate ID issue from user_id_exists calls.
- Fixed: Fixed an error in the lockout module that results in an error for users of multisite.
- Fixed: Notification emails will no longer send if not turned on.
- Fixed: Duplicate messages will not be allowed in digest emails.
- Fixed: Duplicate digest emails will have a far lesser chance of sending.
- Fixed: User lockout count in email notifications will now be correct.