AIOS WordPress Security Plugin – Release 5.1.6

The latest version of the WordPress Security Plugin from UpdraftPlus brings two new features to both the free and Premium versions of AIOS in addition to a series of tweaks and some fixes.


New Security Feature – WordPress Salts Extended

WordPress Salts are a cryptographic tool that makes it difficult for malicious users to crack your WordPress website login password. 

In release 5.1.6 of the All-In-One Security plugin, WordPress Salts are extended by 64 characters and changed weekly to make it even harder for malicious users to read your users’ WordPress passwords. 


New Security Feature – Audit Log

Another new feature is the addition of an audit log. 

The audit log is a table that gives WordPress website administrators a full view of all events happening on their WordPress website. 

Release 5.1.6 provides information on plugin and theme events. Admin users can now see if a plugin or theme has been added, removed, updated, activated or deactivated. 

Future releases will build on this version, allowing users to see a broader range of events taking place, for example logins, failed logins, user registration events, firewall events and more. 




  • FEATURE: Added an audit log
  • FEATURE: Add salt postfix option to improve your site’s security
  • FIX: Rename login slug used like wp-login-RANDOM_SUFFIX showing 404 page issue solved and code clean up for multisite activation
  • FIX: Captcha settings tab in multisite installation for subsites not showing
  • FIX: Cron reschedule event error for hook aios_15_minutes_cron_event if plugin deactivated or uninstalled
  • TWEAK: Stop user enumeration now shows 403 forbidden error code instead of 500 server error
  • TWEAK: PHP 8.1 warning rawurldecode passing null instead type string is deprecated for block request string 6g rule
  • TWEAK: Code clean up for disable cookie based brute force constant as rule moved to firewall
  • TWEAK: Comment spam IP monitoring page UI
  • TWEAK: Updated seasonal notices
  • TWEAK: Improve internal code structure making way for future improvements
  • TWEAK: Remove mention of the 6g firewall rules being .htaccess based as they are now php based
  • TWEAK: Added new internal function to check user capability and nonces
  • TWEAK: Improve config code with inline saving


Share This Post

More To Explore...


WordPress security audit checklist

Ensuring your WordPress website’s security is vital for protecting sensitive data, keeping customer trust, and safeguarding your online business. A