iThemes Security Pro 5.5.6

iThemes Security Pro was updated to version 5.5.6, from version 5.5.4. Changelogs:


  • Bug Fix: Don’t try to get users with the selected role if no roles are selected.


  • Enhancement: Add Per-Content SSL toggle to the upcoming Block Editor interface.
  • Enhancement: Add filter to the recipients list for email notifications: “itsec_notification_{$notification}_email_recipients” and “itsec_notification_email_recipients”.
  • Enhancement: Detect Server IPs in Security Check.
  • Enhancement: Update jquery.file-upload plugin to the latest version ( 9.28.0 ).
  • Tweak: Improve File Change locking to help prevent failing scans on sites with inconsistent cron scheduling.
  • Tweak: Improve “System Tweaks – Suspicious Query Strings – SQLI” to reduce false positives.
  • Tweak: Improve “System Tweaks – Disable PHP” to block PHP files in apache configurations that serve files with a trailing dot.
  • Tweak: Add additional safety checks when writing to system config files.
  • Tweak: Remove “Seznam Bot” from HackRepair List as it isn’t present in the latest version.
  • Tweak: Add Recaptcha Opt-in styles wherever the recaptcha is displayed, not just WP Login.
  • Bug Fix: Notification Center – Only send notifications to users with an exact role match of selected roles instead of a fuzzy match based on selected capabilities.
  • Bug Fix: Resolve warnings on PHP 5.2.
  • Bug Fix: Don’t run Trusted Devices checks on authenticated loopback requests. Please re-run “Security Check” to initialize this detection. This should resolve conflicts with plugins that make authenticated loopback requests as a form of async processing.
  • Bug Fix: Persist and reload storage to avoid Imported settings being lost in some circumstances.
  • Bug Fix: Trigger module activation/deactivation routines when using the Importer.
  • Bug Fix: Remove “Nekudo” GeoIP service as it has been sunset.