Changelog for Security Ninja
= 5.73.1 =
* Fix bug with “ghost plugin” when the Whitelabel is enabled. Thank you Cuong.
* Updated Firewall bad query list.
* Firewall – Fixed responsiveness in “Latest Firewall Events”.
* Fix malware results list – missing whitelist and delete buttons. Thank you Chris
= 5.72 =
* WordPress 5.3 compatibility
* Security Tests – Added more checks for unwanted files.
* Responsive view on mobile devices look much better. Thank you Cuong.
* Fixed up Debug page – removed never-ending spinner and tweaked output to remove directory sizes. Thank you Cuong.
* Reworked security tests overview to look better and more WordPress-like.
* Fix: Malware Scanner – Error in JS code prevented tests to be completed on some systems. Thank you Cuong and everyone else reporting this bug.
= 5.71 =
* FIX: Removed extra styling some plugin authors just load on all pages, which then messed up this plugin styling.
* FIX: Scheduled Scans failed with Core Scanning enabled, due to recent structure change. Thank you Cuong.
* FIX: The security test for incompatible plugins was not working properly. Thank you Cuong.
* FIX: Debug page not working correctly with Whitelabel enabled – Thank you Cuong.
* Fixed small visual issues – CSS styling.
* Multiple email recipients for reports/alerts – Suggestion by Jose.
* Minor language changes + internationalization work for translators.
= 5.70 =
* NEW: Security test: Check for files often found in root of website. Such as SQL database dump files, phpinfo.php, *.bak files etc.
* FIX: Malware Scanner download latest definitions.
* 99,638 downloads
= 5.69 =
* New: Added Debug page.
* Security Tests: Removed Wordfence warning – No longer needed.
* Core Scanner: Fixed problem with local WP versions not being found – Thank you Yodana 🙂
* Updated language files.
* Fix: “Your IP address is” in admin showed wrong IP.
* 98,226 downloads
= 5.68 =
* Fix: Visual bug on some tabs.
* Fix: The Firewall and Cloudflare did not play well together. Thanks Chandra, Atley and Yasaf 🙂
* New: Firewall – Automatically whitelists any new IP from where an admin is logged in.
* Fix: Events IP were sometimes not logged properly, now uses same code as Firewall module.
* 97,382 downloads
= 5.67 =
* Rearranged interface, made more space for new features coming up 😉
* NEW: Firewall – Turn cloud firewall on/off
* Fix: Core Scanner – Fixed unknown error popup and improved error messages for easier debugging.
* Fix: Core Scanner – Fix error where checksums for a particular locale was not available by WordPress.
* Fix: Firewall – Fixed too agressive blocking – IP blocking routines.
* Fix: Firewall – Better visitor logging. Some visits were not registered in the log.
* Cleaned up JS code.
* 96,366 downloads
= 5.66 =
* Fix: Minor language and CSS styling changes.
* Fix: Pro – Malware scan sometimes got stuck.
* 94,923 downloads
= 5.65 =
* New: Check for Content Security Policy header. It can be tricky to configure this one, read instructions carefully.
* Improved suggestions for some of the security headers.
* Minor adjustment to interface, preparing for upcoming WordPress 5.3 admin style changes.
* New: Firewall – You can now manually blacklist IPs!
* New: Firewall – Country name alt tag when hovering over a flag.
* New: Firewall – Added Latest visitors log.
* New: Firewall – Blocked requests and whitelisted visitors are easily visible in the visitor log.
* New: Firewall – Made all stat sections collapsible on firewall page = less crowded interface.
* New: Whitelabel – Change Plugin name, description, the author name and URL as well as the the menu icon.
* Fix: Hides Whitelabel tab when Whitelabel enabled.
* Minor improvements to whitelabel options.
* Minor improvements to API integration.
* 93,450 downloads
= 5.64 =
* Fix: Not automatically updating all databases and files when updating.
* Fix: PHP notices – Undefined index – Thank you Ivar 🙂
* Fix: Removed debug error_log() notices in code.
* Fix: Suspicious request details were not added to the log.
* Whitelabel tab added.
* 91,578 downloads
= 5.63 =
* WordPress Multisite compatible.
* Tested WP 5.2.4 compatible.
* NEW: Checks for Strict Transport Security (HSTS) security header.
* NEW: Checks for security header “X-XSS-Protection”.
* NEW: Checks for security header “X-Frame-Options”.
* NEW: Checks for security header “X-Content-Type-Options”.
* Fix problem with .htaccess code for blocking username enumeration. Thank you David 🙂
* Fix problem clicking arrow in results list opened and then closed the result details. Thank you Thomas 🙂
* Added more inline help on Core Scanner page.
* Updated 3rd party library – Freemius SDK to 2.3.1
* More details shown for blocked suspicious requests.
* 89,418 downloads
= 5.62 =
* Security Tests – Added check for if license.txt exists.
* Auto Fix – Remove license.txt if exists.
* Firewall – Added direct link to VirusTotal details lookup for IPs. Thank you Jose.
* Event Log – Rotating syslog can now be set to 7 or 30 days. Thank you Jose.
* 86,242 downloads
= 5.61 =
* Security Tests – Reworked the way the scan works – See which tests are being made.
* Security Tests – Added timer showing the progress.
* Security Tests – Added error notices in case a test causes problems with the scans.
* Event Logger – Improved syslog integration, get detailed event logging for use with Splunk or other Security information and event management (SIEM) systems.
* Whitelabel still in beta – Improvements – hiding plugin from list – Thanks Jay.
* Scheduled Scanner – Fixes “Unknown Error” and e-mails now include details about what changed – Thank you Thomas 🙂
* 84,143 downloads
= 5.60 =
* BUGFIX: Getting country ISO code could end up in PHP Error “Call to undefined function” – Thank you Thomas 🙂
* Beta: Event logging to rotating 7-day syslog files in wp-content/uploads/security-ninja/logs/ – Thank you Jose 🙂
* 81,876 downloads
= 5.59 =
* This update introduces a couple of improvements to the security tests and a couple of minor fixes.
* Thank you all for bug reports and suggestions! Check out the public roadmap here: https://trello.com/b/6qxtAlzY/wp-security-ninja-public-roadmap
* FIX: Security Testing – Fixed bug in detecting EditURI XML-RPC is disabled. Thank you Thomas 🙂
* FIX: Security Testing – Autofixer now properly blocks EditURI and also access to
* FIX: Core Scanner: Fix false positive with renamed install.php and upgrade.php
* Security Testing – Changed suggestion for readme.html, install.php and upgrade.php
* Improvement: Security Testing – Auto Fixer – Delete install.php and upgrade.php instead of renaming.
* Updated browser detection routines – Thanks Jay 🙂
* Malware Scanner – Improved the core WP checksum scanning.
* Whitelabel feature now in beta testing 🙂
* 80,553 downloads
= 5.58 =
* Warning if running Security Scans with less than PHP 7
* Fixed some options not getting deleted when deleting plugin.
* 78,396 downloads
v. 5.57 – 2019/09/12
* Added warning for potential conflict with Anti-Spam by CleanTalk. Thank you, Courtney, for the report.
* Bugfix – Tests not always loading properly with different user capacities.
* Readme update – added video and more tests.
* 76,958 downloads
v. 5.56 – 2019/09/10
* Bugfix – Security tests not working properly in some environments.
* Added instructions for fixing “Check if the REST API links are shown in code”.
* 75,392 downloads
v. 5.55 – 2019/09/08
* Cleaned up plugin code.
* Added more strings for translators.
* 73,947 downloads
v. 5.54 – 2019/09/06
* Fix – Security tests popups with details not working.
* NEW: Added test if REST API links are visible in the header.
* 72,766 downloads
v. 5.53 – 2019/09/05
* Tested with WP 5.2.3.
* Attempted a fix for loading JS code when other plugins have faulty code. Thank you, Vanessa.
* Removed noticed regarding Security Ninja Pro, not on official wordpress.org repository. Thank you, Ivar.
* Removed script, jQuery.ScrollTo – not used anymore.
* Cleaned up JS code.
* 71,672 downloads
v. 5.52 – 2019/08/29
* Fix – Admin notices could sometimes break internal admin pages from showing correctly.
* Removed language files from the plugin.
* 69,202 downloads
v. 5.51 – 2019/08/27
* Minor language updates and small bugfixes.
* 67,868 downloads
v 5.50 – 2019/08/23
* Major rewrite and a lot of new features added.
* Started making plugin translatable.
* Malware Scanner – Plugin integrity checker is more accurate and reports fewer false positives.
* Bumped version from 2.x to 5.50 – Aligning free and pro version numbers.
* More userfriendly for new users with tips in the admin interface.
* More inline help on relevant pages.
* New: Getting started tips – Notices that inform you of next steps.
* Malware: Updated whitelists
* Fixes problem with databases not created properly.
* New cached JSON folders are removed on deactivation
* NEW: Plugin Integrity check – validate installed plugins against wordpress.org API.
* Moved WordFence warning to “Security Tests” tab only.
* Nicer emails in “Your secret access link”
* Improved: Emails sent by Scheduled Scanner is much nicer looking and more informative.
* Better logging blocked login attempts.
* Firewall – New: Top countries. See which countries are bringing the most traffic.
* Fix for database tables not always being created when updating from Free to Pro.
* Firewall – fixed empty results showing up.
* More details on why a visitor is blocked in the log.
* New: Malware Scanner – View whitelisted files.
* New: Core Scanner – Detects unknown files in core folders.
* New: Core Scanner – Find leftover files from older WordPress installations.
* New: Core Scanner – Delete unwanted files individually or all unknown files.
* New: Firewall – Country blocking, useful if you get a lot of bad traffic from specific countries.
* New: Firewall – Top visitors log kept for the last 30 days. Discover top visitors and use to decide on which IPs or countries to block.
* New: Firewall – Logging individual visits per IP
* New: Firewall – Suspicious requests are blocked – based on the great <a href=”https://wordpress.org/plugins/block-bad-queries/” target=”_blank”>BBQ: Block Bad Queries</a> by Jeff Starr.
* New: Firewall – Redirect blocked visitors – You can show a message or redirect blocked visitors to another website.
* Design overhaul to get closer to WP look and feel.
* Updated 3rd party libraries, Select2
* 66,070 downloads
v5.42 – 2019-02-22
- Fixed inactive themes count includes child theme
v5.41 – 2019-01-22
- Improved schedule scans email notifications
v5.40 – 2019-01-22
- Minor bug fixes
v5.39 – 2018-10-15
- fixed issue interpreting MariaDB version
v5.38 – 2018-07-18
- bugfix in Cloud Firewall
v5.37 – 2018-07-06
- bugfix in Events Logger
v5.36 – 2018-06-17
- bugfix in Events Logger
v5.35 – 2018-06-17
- IP ban test in Cloud Firewall
- new test and fix: usernames enumeration
v5.30 – 2018-04-06
- new module – Cloud Firewall
v5.20 – 2017-12-07
- new module – Database Optimizer
v5.15 – 2017-04-09
- new module – Auto Fixer
- added new tests
- bug fixes
v5.0 – 2016-10-12
- the first release of PRO version
- all modules updated and optimised
- basic and PRO versions now have separate codebases