WP Security / Changelog / Version 2.4 Released

Version 2.4 Released

Here’s a summary of version 2.4’s features, improvements, and fixes.

What’s new?

Automatically blocks IP addresses

Now you can automatically block IP addresses temporarily after numerous failed logins. This only blocks login attempts and does not block the IP from viewing the site in general.

Block IP Addresses Quicker

With WP Security Safe Pro, you can block IP addresses quick by identifying them as a threat sooner. Keep threats blocked even longer with extended expiration limits on the third lockout.

Buy Pro: Block Treats Sooner

Import / Export Feature

Now you can import and export your WP Security Safe settings from one site to another with ease.


File Permission Issues Sorted At The Top of The Screen

Now, when you are fixing file permissions, all of the bad file permissions will automatically be sorted to the top of the list of files. This will save you from having to scroll down the massive list of files to find issues.

If you find yourself dealing with massive file permission issues, then purchase WP Security Safe Pro and fix them in bulk.

Get Pro: Bulk Fix Permissions

More Clarity With Permission Status

The file permissions status “ok” and “good” are confusing. I have updated these permission statuses to make more sense as seen in the screenshot above. “Bad” is now labeled as “error”, “ok” as “warning”, and “good” as “notice.” The logic is still the same, but it makes more sense now.
Other Improvements

Compatibility With Pantheon Hosting

The team at Pantheon Hosting pointed out that WP Security Safe was conflicting with their custom directory permissions in the uploads folder. With some adjustments and testing on Pantheon’s free WordPress sandbox environment, version 2.4 is now fully compatible to ensure that everything continues to work as intended on their servers.

Who is Pantheon? Pantheon provides high performance hosting (even for WordPress sites) for those who need some real horsepower and understand the value of hosting. You won’t get this kind of performance from budget hosting. Full disclosure: I am not affiliated with this company in any form or fashion (I’m not getting paid), but they are worth checking out at https://pantheon.io

Other Improvements

  • Improvement: Fixed some PHP warnings displayed when XML-RPC requests use poorly formatted XML. Thank you Charles Suggs for reporting this.
  • Improvement: Adjusted cleanup script to leave allow/deny table for 3 days past expiration for more advanced threat detection.
  • Improvement: Whitelisted IPs now get exempt from nonce checks.
  • Improvement: Adjusted upgrade script to be more efficient with load.
  • Improvement: Minor code improvements.
  • Improvement: Updated PHPDoc notes
  • Improvement: Updated PHP version checks
  • Improvement: Adjusted Login Error handling so that the user is sent back to the login screen when the login attempt is blocked and the error is displayed.
  • Improvement: Fixed various PHP Warnings: Thanks John Dorner for reporting them.
  • Improvement: Updated Freemius SDK to version 2.4.2

See the full changelog