The latest version of the WordPress Security Plugin from UpdraftPlus brings two new features to both the free and Premium versions of AIOS in addition to a series of tweaks and some fixes.
New Security Feature – WordPress Salts Extended
WordPress Salts are a cryptographic tool that makes it difficult for malicious users to crack your WordPress website login password.
In release 5.1.6 of the All-In-One Security plugin, WordPress Salts are extended by 64 characters and changed weekly to make it even harder for malicious users to read your users’ WordPress passwords.
New Security Feature – Audit Log
Another new feature is the addition of an audit log.
The audit log is a table that gives WordPress website administrators a full view of all events happening on their WordPress website.
Release 5.1.6 provides information on plugin and theme events. Admin users can now see if a plugin or theme has been added, removed, updated, activated or deactivated.
Future releases will build on this version, allowing users to see a broader range of events taking place, for example logins, failed logins, user registration events, firewall events and more.
- FEATURE: Added an audit log
- FEATURE: Add salt postfix option to improve your site’s security
- FIX: Rename login slug used like wp-login-RANDOM_SUFFIX showing 404 page issue solved and code clean up for multisite activation
- FIX: Captcha settings tab in multisite installation for subsites not showing
- FIX: Cron reschedule event error for hook aios_15_minutes_cron_event if plugin deactivated or uninstalled
- TWEAK: Stop user enumeration now shows 403 forbidden error code instead of 500 server error
- TWEAK: PHP 8.1 warning rawurldecode passing null instead type string is deprecated for block request string 6g rule
- TWEAK: Code clean up for disable cookie based brute force constant as rule moved to firewall
- TWEAK: Comment spam IP monitoring page UI
- TWEAK: Updated seasonal notices
- TWEAK: Improve internal code structure making way for future improvements
- TWEAK: Remove mention of the 6g firewall rules being .htaccess based as they are now php based
- TWEAK: Added new internal function to check user capability and nonces
- TWEAK: Improve config code with inline saving