Wordfence 5.0.7 Beta1 is now available
Hi Beta team!
Wordfence 5.0.7 Beta1 is now available at:
http://wordfence.com/betas/wordfence-5.0.7-beta1.zip
As always to install this beta, disable and uninstall your current
Wordfence plugin. Your settings will not be deleted. Then use the
plugin upload function in WordPress. If you’re unsure how this
works, we recommend waiting until the production release is out.
This release is for testing only.
As always please report any bugs to beta@wordfence.com. We’re
hoping to release this within the next 48 hours. Thanks for
being part of the Wordfence team!
Here are the changes:
* Feature: Immediately block IP if hacker tries any of the
following usernames. (Comma separated list that you can specify on
the Wordfence options page)
* Feature: Exclude exact URL’s from caching. Specifically, this
allows you to exclude the home page which was not possible before.
* Feature: Exclude browsers or partial browser matches and specific
cookies from caching.
* Fix: Fixed issue where /.. dirs would be included in certain
scandir operations.
* Fix: logHuman function was not analyzing user-agent strings
correctly which would allow some crawlers that execute JS to be
logged as humans.
* Fix: Removed ob_end_clean warnings about empty buffers when a
human is being logged.
* Fix: Removed warning in lib/wfCache.php caused by unset
$_SERVER[‘QUERY_STRING’] when we check it.
* Fix: Fixed “logged out as ”” blank username
logout messages.
* Fix: Improved security of config cache by adding a PHP header to
file that we strip. Already secure because we have a .htaccess
denying access, but more is better.
* Fix: Falcon Engine option to clear Falcon cache when a post
scheduled to be published in future is published.
Comments