Enhancement: Add super admins as a selectable role for User Groups.
Enhancement: Add reCAPTCHA to the Reset Password form.
Enhancement: Add support for resending a Two-Factor Email code.
Enhancement: Add support for resending a Passwordless Login email.
Enhancement: Allow selecting users across all sites in a network for User Groups, Security Profile cards, and User Security Check.
Enhancement: Include all super admins by default in the Security Profile card, even if they are not a member of the network's main site.
Enhancement: Display all of a user's roles in the Security Profile card.
Enhancement: When logging in with Passwordless Login, skip Two-Factor if the primary Two-Factor method is Email.
Enhancement: Force a space after each Two-Factor Backup Code to assist with copying and pasting.
Enhancement: Include the website URL in the download file for Two-Factor Backup Codes.
Enhancement: Add a warning if a WordPress Salt is set to an invalid value.
Enhancement: Allow re-entering the Two-Factor Onboard flow even after Two-Factor is setup by visiting /wp-login.php?itsec_after_interstitial=2fa-on-board directly.
Enhancement: Add a new WP CLI command for managing user Two-Factor enrollment.
Enhancement: Add a new WP CLI command for retrieving logs.
Enhancement: Include child log items in the logs list table. These are helpful for debugging issues.
Enhancement: Improve performance of the logs page on sites with large number of log items.
Tweak: Only show Lockout Bypass Magic Link for valid users.
Tweak: When logging $_SERVER, only log a snapshot of available properties.
Bug Fix: New Password Requirements for already created accounts were not enforced until the second login.
Bug Fix: User Security Check would not display in Multisite.
Bug Fix: Prevent fatal error if invalid user IDs are encountered by User Groups.
Bug Fix: Infinite loop when trying to use Application Passwords on Multisite.
Bug Fix: User Logging did not correctly capture the user id of the logged-out user on WordPress 5.3.
Bug Fix: Warnings when doing a settings import.
Deprecated: The "getlockouts", "releaselockout", and "getrecent" WP CLI commands. Use the "lockout" and "log" commands instead. They will be removed in a future release.
Bug Fix: A fatal error could occur when upgrading to User Groups if a custom role had been selected for Two-Factor or Passwordless Login that has since been deleted but the module's settings had not been updated.
Important: iThemes Security requires PHP 5.6 or greater and WordPress 5.2 or greater.
New Feature: Save Time Securing WordPress With User Groups!
New Feature: Simplified connection flow when setting up iThemes Sync.
Bug Fix: Warning when loading the settings page on PHP 7.4.
Bug Fix: Warning when loading the debug page on PHP 7.4.
Our iThemes Security Pro users will also notice a couple of enhancements to the Security Check Pro after updating to version 6.3.0. You can customize the Proxy Detection settings in the iThemes Security Pro Global Settings. Or, if you don’t know or don’t care if your site is behind a Proxy, you can let iThemes Security check your server configurations and choose the best option to protect your site. The Security Check Pro will perform a daily scan to check for any server configuration adjustments. If any adjustments are found, iThemes Security will make automatically update the security settings if necessary.
However, for those who prefer to take a more hands-on approach to security, the Proxy Detection settings now give you several options that will help iThemes Security best protect your site.
Security Check Scan – (Recommended) Security Check will connect to the iThemes.com servers to accurately identify your server configuration. Security Check will correctly identify remote IP addresses and ensure your site is using the recommended features.
Automatic – (Not Recommended) iThemes Security will try to find the correct proxy header to use automatically.
Manual – Manually select the header your proxy uses.
Disabled – Do not use Proxy Detection if your website isn’t behind a proxy.
WordPress security shouldn’t be hard, and the Security Check Pro simplifies and increases the security for the free and Pro users of iThemes Security.
New Feature: Integrate Passwordless Login with WooCommerce, Easy Digital Downloads, and Lifter LMS.
Enhancement: Add filter to "Lookup IP" link.
Bug Fix: PHP warning when inserting lockouts.
Bug Fix: WooCommerce Shop Managers were unable to verify their Two-Factor Mobile App code via their WP-Admin profile.
Bug Fix: WordPress 5.3 compatibility with Passwordless Login.
Enhancement: Add confirmation button to Passwordless Login or One-Click Two-Factor when on a different device than you started with. When Trusted Devices is active, include information about the device the login will be processed on.
Bug Fix: Fix Passwordless Login release notice not being dismissed due to a REST API route that was more narrowly defined than necessary.
Enhancement: New iThemes Sync Verb support for File Change.
Tweak: Add additional information about the login attempt when calling the Network Brute Force API.
Bug Fix: Ensure Dashboard classes are always loaded.
Hello Guest ! If you are trying to download premium add-ons/styles can't be, it's access for vip member only! You need to upgrade VIP Member! Please check this click here