Wordfence Login Security

Journal

1.0.10 – June 2, 2022

• Improvement: Added option to toggle display of last login column on WP Users page
• Improvement: Improved autocomplete support for 2FA code on Apple devices
• Fix: Corrected issue that prevented reCAPTCHA scores from being recorded
• Fix: Prevented invalid JSON setting values from triggering fatal errors
• Fix: Made text domains consistent for translation support
• Fix: Clarified that allowlisted IP addresses also bypass reCAPTCHA

1.0.9 – October 12, 2021

• Fix: Prevented login errors with WooCommerce integration when manual username entry is enabled on the WooCommerce registration form
• Fix: Corrected theme incompatibilities with WooCommerce integration

1.0.8 – July 19, 2021

• Fix: WooCommerce integration notice can now be dismissed on any admin page
• Change: Updated messaging around 2FA for WooCommerce roles

1.0.7 – July 8, 2021

• Improvement: Added 2FA and reCAPTCHA support for WooCommerce login and registration forms
• Improvement: Added option to require 2FA for any role
• Improvement: Added logic to automatically disable NTP after repeated failures and option to manually disable NTP
• Change: Updated reCAPTCHA setup note
• Change: Updated plugin headers for compatibility with WordPress 5.8

1.0.6 – January 14, 2021

• Improvement: Made a number of WordPress 5.6 and jQuery 3.x compatibility improvements.
• Improvement: Replaced the terms whitelist and blacklist with allowlist and blocklist.
• Fix: Sync roles to new sites in multisite configurations
• Fix: Corrected 2FA config links in notices for multisite
• Fix: Corrected inactive user count when users with 2FA have been deleted
• Fix: reCAPTCHA will no longer block requests with missing tokens in test mode

1.0.5 – January 13, 2020

• Changed: AJAX endpoints now send the application/json Content-Type header.
• Changed: Added compatibility messaging for reCAPTCHA when WooCommerce is active.
• Fixed: The « Require 2FA for all administrators » notice is now automatically dismissed if an administrator sets up 2FA.

1.0.4 – November 6, 2019

• Fix: Added styling fix to the 2FA code prompt for WordPress 5.3.
• Fix: Added compatibility tags for WP Tide.

1.0.3 – July 16, 2019

• Improvement: Added additional information about reCAPTCHA to its setting control.
• Improvement: Added a constant that may be overridden to customize the expiration time of login verification email links.
• Improvement: reCAPTCHA keys are now tested on saving to prevent accidentally inputting a v2 key.
• Improvement: Added a setting to control the reCAPTCHA human/bot threshold.
• Improvement: Added an option to trigger removal of Login Security tables and data on deactivation.
• Improvement: Reworked the reCAPTCHA implementation to trigger the token check on login/registration form submission to avoid the token expiring.
• Fix: Widened the reCAPTCHA key fields to allow the full keys to be visible.
• Fix: Addressed an issue when outbound UDP connections are blocked where the NTP check could log an error.
• Fix: Added handling for reCAPTCHA’s JavaScript failing to load, which previously blocked logging in.
• Fix: Fixed the functionality of the button to send 2FA grace period notifications.
• Fix: Fixed a missing icon for some help links when running in standalone mode.

1.0.2 – May 30, 2019

• Initial release