All-In-One Security release v5.3.4: New feature – HTTP auth protection and improved Cloudflare cache compatibility (free version)

Version 5.3.4 brings you a new layer of protection for your WordPress dashboard.  With this feature you can quickly set up HTTP authentication without having to edit your .htaccess file.  This safeguards your site from brute-force attacks, unauthorised access and password theft. 

HTTP Auth Protection

To enable HTTP authentication on your site:

1. Navigate to WP Security >> User Security >> HTTP authentication.
2. To protect your WordPress dashboard click the Enable for WordPress dashboard button.
3. To protect your website frontend click the Enable for frontend button.
4. Enter strong combinations of letters, numbers and symbols for the Username and Password field values.

Click the Save settings button.

Other improvements 

• We’ve added a fix to the reset feature located in WP Security >> General settings >> Reset settings to ensure firewall settings are included in the resetting process.
• We’ve added a new option to WP Security >> Comment spam. You can now disable the use of cookies for detecting comment spam. This fixes a compatibility issue with Cloudflare, which previously prevented pages from being cached.

For a full list of changes please review our changelog below.

Changelog:

* FEATURE: Added a HTTP authentication feature that allows protecting the site with a username/password login.

* FIX: Added a new method to reset the firewall rules under general settings.

* FIX: Resolved the issue with post cache which caused an issue with comment spam prevention.

* TWEAK: Added a helper class for API requests.

* TWEAK: Removed whitespaces at end of sentences.