iThemes Security Pro was updated to version 4.0.0, from version 3.9.0. Changelog:
- Bug Fix: Fixed an infinite loop that could occur when expiring a cookie and Hide Backend is enabled.
- Bug Fix: Fixed compatibility issue with the Jetpack plugin when Hide Backend is enabled which could prevent Jetpack from redirecting users to the wordpress.com login page.
- Bug Fix: Fixed issue where access to wp-admin/admin-post.php when Hide Backend is enabled.
- Enhancement: Centralized shared code used by Password Expiration, Two-Factor Authentication, and User Security Check.
- Enhancement: Improved efficiency of Hide Backend code, increasing site performance when the feature is enabled.
- Enhancement: Enforce strong passwords during log-in. Can be disabled via the ITSEC_DISABLE_PASSWORD_REQUIREMENTS constant.
- Enhancement: Use canonical roles library to determine if a new user or an updated role requires a strong password.
- Enhancement: Introduce password requirements module to centralize handling of password updates.
- Misc: Updated Disable File Locking description.