So guess I am switching just because their stuff is broken and hard to get to. Change: Long-deprecated database tables will be removed. We are the only plugin to offer this very important security enhancement. Improvement: Include option for IIS on Windows in Firewall config process, and recommend manual php.ini change only. Additional changes will be included in an upcoming release to meet the GDPR deadline. Improvement: Pause Live Traffic after scrolling past the first entry. Change: The table list on the diagnostics page is now limited in length to avoid being exceedingly large on big multisite installations. Fix: Fixed an issue that could prevent files beginning with a period from working with the file restore function. Fix: Removed extra spacing in the example ranges for Allowlisted IP addresses that bypass all rules. Fix: Fixed issue where WAF mysqli storage engine cannot find credentials if wflogs/ does not exist. Fix: Addressed an issue where plugins that return a null user during authentication would cause a PHP notice to be logged. Improvement: Added tour coverage for live traffic. Improvement: Added help documentation links to modified plugin/theme file scan results. Improvement: Better error reporting for scan failures due to connectivity issues. Improvement: Improved detection for uploaded PHP content in the firewall. Block logins for administrators using known compromised passwords. Fix: The scan issues alerting option is now set correctly for new installations. Maybe it was caching but when i maked it to clear it's not . Improvement: Updated internal browscap database. Improvement: Added Web Application Firewall activity to Wordfence summary email. * Edit or add a post to see if this fixes it; If, for some reason, that doesn't do the trick for you, please create a topic on the support forums. Improvement: Added option to require cellphone sign-in on all admin accounts. Improvement: Allowlisted Uptime Robots IP range. Fix: PHP deprecation notices no longer suppress those of old OpenSSL or WordPress. Improvement: Added a path for people blocked by the IP blocklist (Premium Feature) to report false positives. Fix: Addressed a PHP warning that could occur if wordpress.org returned a certain format for the abandoned plugin check. Improvement: Live Traffic now only shows verified Googlebot under Google Crawler filter for new visits. Upgrading to WordFence Premium for $99-$950/year will give you access to real-time IP blocklist and country blocking features, stopping all requests from . Clear your cache and browsing data with a single click of a button. Fix: WordPress language files no longer flagged as changed. Improvement: Added a check and corresponding notice if the WAF config is unreadable or invalid. Fix: Fixed an IPv6 detection issue with one form of IPv6 address. Improvement: Added dates to each release in the changelog. Fix: Changed some wording to consistently use License or License Key. Fix: Prevent Wordfence auto-update from running if the user has enabled auto-update through WordPress. Fix: Adjusted timeouts to improve reliability of WAF rule updates on slower servers. If you are not running IPv6, Wordfence will work great on your site too. Improvement: reCAPTCHA keys are now tested on saving to prevent accidentally inputting a v2 key. Fix: Change wfConfig::set_ser to split large objects into multiple queries. Improvement: Extended rate limiting support to the login page. Improvement: Remove legacy admin functions no longer used within the UI. The Live Traffic view gives you real-time visibility into traffic and hack attempts on your website. Improvement: Added detection for Jetpack and a notice when XML-RPC authentication is disabled. Improvement: Massive performance boost in file system scan. Improvement: Added our own prefixed version of jQuery.DataTables to avoid conflicts with other plugins. Fix: CSS fixes for activity report email. Fix: Better detection for when to use secure cookies. Improvement: Improvements to the scanners malware stage to avoid timing out on larger files. Change: Adjusted messaging when blocks are loading. Improvement: Made a number of PHP8 compatilibility improvements. Fix: Fixed an error with Live Traffic human/bot detection when plugins change the load order. It's often not the ideal option. It also scans for known malicious URLs and known patterns of infections. [Premium] Checks to see if your site or IP have been blocklisted for malicious activity, generating spam or other security issue. Advanced: Added constant WORDFENCE_DISABLE_FILE_VIEWER to prohibit file-viewing actions from Wordfence. Use cloud hosting with no CPU limits. Improvement: WAF configuration files are now excluded by default from the recently modified files list in the activity report. Fix: Fixed tour popup positioning on multisite. Clear Cache offered by Benjamin Bojko (1078) 900,000+ users. Change: Updated the text on the option to alert for scan results of a certain severity. Improvement: Added vulnerability scanning for themes. Change: Suppressed a script tag on the diagnostics page from being output in the email version. Improvement: Added support for filtering the blocks list. Fix: Suppressed warning gzinflate() error in scan logs. Powerful templates make configuring Wordfence a breeze. Improvement: Added a constant that may be overridden to customize the expiration time of login verification email links. Fix: Updated some wording in the All Options search box. Security Fix: Fixed reflected XSS vulnerability: CVSS 6.1 (Medium). Change: Removed the Disable Wordfence Cookies option as weve removed all cookies it affected. Improvement: Updated Live Traffic with filters and to include blocked requests in the feed. Change: Removed some unnecessary files from the bundled GeoIP library. Booking (10) Cache (9 . Improvement: Support for exporting a list of all blocked and locked out IP addresses. Click the empty all caches button. Fix: Better synchronization of block records to the WAF config to avoid duplicate queries. Improvement: Speed optimizations for WAF rule compilation. Improvement: Modified the default allowlisting to include the new core AJAX action in WordPress 4.8.1. Clear the Cache on Your WordPress Website: Browser, Plugin & CDN Plugins, Tutorials, WordPress/ By Marshall Reyher Your web browser, hosting server, content delivery network and WordPress caching plugins all serve cached content, which can make updates and changes to your site not immediately visible. Our plugin provides a comprehensive suite of security features, and our teams research is what powers our plugin and provides the level of security that we are known for. Improvement: Improved formatting of attack data when it contains binary characters. Three Ways to Fix WordPress Login Redirect Loop Issue Method 1: Clearing Browser Cookies and Cache Method 2: Restoring Default .htaccess File Method 3: Deactivating Themes and Plugins Three Ways to Fix WordPress Login Redirect Loop Issue Improvement: Performance improvements for the dashboard widget. Improvement: Added network data for the top countries blocked list. Improvement: Updated the browscap database. Improvement: Removed security levels from Options page. Improvement: Added a setting to control the reCAPTCHA human/bot threshold. Improvement: Hardening for sites on servers with insecure configuration, which should not be enabled on publicly accessible servers. Improvement: New alert option to get notified only when logins are from a new location/device. Fix: The blocklists blocked IP records are now correctly trimmed when expired. Fix: Added compensation for PHP 7.4 deprecation notice with get_magic_quotes_gpc. Fix: Fixed a typo on the Advanced Comment Spam Filter page. Improvement: Added low resource usage scan option for shared hosts. Fix: Fixed broken message in Live Traffic with MySQLi storage engine for blocklisted hits. Fix: Fixed database errors on notifications page on multisite installations. Fix: Time formatting will now correctly handle :30 and :45 time zone offsets. Improvement: Switched the bundled select2 library to use to prefixed version to work around other plugins including older versions on our pages. Fix: Fixed admin page layout for sites using RTL languages. Fix: Applied a length limit to malware reporting to avoid failures due to large content size. Monitors disk space which is related to security because many DDoS attacks attempt to consume all disk space to create denial of service. Improvement: Added instructions for NGINX users to restrict access to .user.ini during Firewall configuration. Fix: Prevent file system scan from following symlinks to root. Under the 'Clear Cache' tab, you can then select which parts of your cache you'd like to clear. Going forward, Wordfence will be 100% focused on security and in particular providing the best firewall and malware scanner available for WordPress. Informacin detallada del sitio web y la empresa: chinawangmaltany.com, +15188998008, +15188998006, +15186645353 China Wang Malta NY - Delicious Chinese Food Improvement: Better error handling when a site is unreachable publicly. Once you install Wordfence, you will configure a list of email addresses where security alerts will be sent. Fix: Replaced a slow query in the dashboard widget that could affect sites with very large numbers of users. Track and alert on important security events including administrator logins, breached password usage and surges in attack activity. Wordfence Security Firewall, Malware Scan, and Login Security is open source software. Improvement: Add php_errorlog to the list of downloadable logs in diagnostics. Improvement: Updated internal GeoIP database. Improvement: The file system scan alerts for files flagged by antivirus software with a .suspected extension. Improvement: The no-cache constant for database caching is now set for W3TC for plugin updates and scans. Choose whether you want to block or throttle users and robots who break your WordPress security rules. Fix: Added a workaround for sites with inaccessible WAF config files when reading php://input. Install Wordfence via the plugin directory or by uploading the ZIP file. Improvement: Better messaging when selecting restrictive rate limits. Fix: Fixed the Make Permanent button behavior for blocks created from Live Traffic. Improvement: Added parameter signature to remote scanning for better validation during forking. Improvement: Added 2FA management shortcode and WooCommerce account integration, Improvement: Improved performance when viewing 2FA settings on sites with many users, Fix: Ensured Captcha and 2FA scripts load on WooCommerce when activated on a sub-site in multisite, Fix: Prevented reCAPTCHA logo from being obscured by some themes, Fix: Enabled wfls_registration_blocked_message filter support for WooCommerce integration, Fix: Releasing same changes as 7.8.1, due to wordpress.org error, Improvement: Added more granualar data deletion options to deactivation prompt, Improvement: Allowed accessing diagnostics prior to completing registration, Fix: Prevented installation prompt from displaying when a license key is already installed but the alert email address has been removed, Improvement: Added feedback when login form is submitted with 2FA, Fix: Restored click support on login button when using 2FA with WooCommerce, Fix: Corrected display issue with reCAPTCHA score history graph, Fix: Prevented errors on PHP caused by corrupted login timestamps, Fix: Prevented deprecation notices on PHP 8.2 related to dynamic properties, Change: Updated Wordfence registration workflow, Fix: Prevented scan resume attempts from repeating indefinitely when the initial scan stage fails, Improvement: Added configurable scan resume functionality to prevent scan failures on sites with intermittent connectivity issues, Improvement: Added new scan result for vulnerabilities found in plugins that do not have patched versions available via WordPress.org, Improvement: Implemented stand-alone MMDB reader for IP address lookups to prevent plugin conflicts and support additional PHP versions, Improvement: Added option to disable looking up IP address locations via the Wordfence API, Improvement: Prevented successful logins from resetting brute force counters, Improvement: Included maximum number of days in live traffic option text, Fix: Made timezones consistent on firewall page, Fix: Added Use only IPv4 to start scans option to search, Fix: Prevented deprecation notices on PHP 8.1 when emailing the activity log, Fix: Prevented warning on PHP 8 related to process owner diagnostic, Fix: Prevented PHP Code Sniffer false positive related to T_BAD_CHARACTER, Fix: Removed unsupported beta feed option, Improvement: Hardened 2FA login flow to reduce exposure in cases where an attacker is able to obtain privileged information from the database, Fix: Prevented XSS that would have required admin privileges to exploit (CVE-2022-3144), Improvement: Added option to start scans using only IPv4, Improvement: Added diagnostic for internal IPv6 connectivity to site, Improvement: Added AUTOMATIC_UPDATER_DISABLED diagnostic, Improvement: Updated password strength check, Improvement: Added support for scanning plugin/theme files in when using the WP_CONTENT_DIR/WP_PLUGIN_DIR constants, Improvement: Made DISABLE_WP_CRON diagnostic more clear, Improvement: Added Hostname to Live Traffic message displayed for hostname blocking, Improvement: Improved compatibility with Flywheel hosting, Improvement: Added support for dynamic cookie redaction patterns when logging requests, Fix: Prevented scanned paths from being displayed as skipped in rare cases, Fix: Corrected indexed files count in scan messages, Fix: Prevented overlapping AJAX requests when viewing Live Traffic on slower servers, Fix: Corrected WP_DEBUG_DISPLAY diagnostic, Fix: Prevented extraneous warnings caused by DNS resolution failures, Fix: Corrected display issue with Save/Cancel buttons on All Options page, Fix: Prevented errors caused by WHOIS searches for invalid values, Improvement: Added option to toggle display of last login column on WP Users page, Improvement: Improved autocomplete support for 2FA code on Apple devices, Improvement: Prevented Batcache from caching block pages, Fix: Prevented extraneous scan results when non-existent paths are configured using UPLOADS and related constants, Fix: Corrected issue that prevented reCAPTCHA scores from being recorded, Fix: Prevented invalid JSON setting values from triggering fatal errors, Fix: Made text domains consistent for translation support, Fix: Clarified that allowlisted IP addresses also bypass reCAPTCHA, Improvement: Improved scan support for sites with non-standard directory structures, Improvement: Increased accuracy of executable PHP upload detection, Improvement: Addressed various deprecation notices with PHP 8.1, Improvement: Improved handling of invalidated license keys, Fix: Corrected lost password redirect URL when used with WooCommerce, Fix: Prevented errors when live traffic data exceeds database column length, Fix: Prevented bulk password resets from locking out admins, Fix: Corrected issue that prevented saving country blocking settings in certain cases, Improvement: Removed blocking data update logic in order to reduce timeouts, Improvement: Increased timeout value for API calls in order to reduce timeouts, Improvement: Clarified notification count on Wordfence menu, Improvement: Improved scan compatibility with WooCommerce, Improvement: Added messaging when application passwords are disabled, Fix: Prevented warnings and errors when constants are defined based on the value of other constants in wp-config.php, Fix: Corrected redundant escaping that prevented viewing or repairing files in scan results, Launch of Wordfence Care and Wordfence Response, Improvement: Made preliminary changes for compatibility with PHP 8.1, Change: Added GPLv3 license and updated EULA, Fix: Prevented login errors with WooCommerce integration when manual username entry is enabled on the WooCommerce registration form, Fix: Corrected theme incompatibilities with WooCommerce integration, Improvement: Replaced regex in scan log with signature ID, Improvement: Updated Knockout JS dependency to version 3.5.1, Improvement: Removed PHP 8 compatibility notice, Improvement: Added NTP status for Login Security to Diagnostics, Improvement: Updated plugin headers for compatibility with WordPress 5.8, Improvement: Updated Nginx documentation links to HTTPS, Improvement: Updated IP address geolocation database, Improvement: Expanded WAF SQL syntax support, Improvement: Added optional constants to configure WAF database connection, Improvement: Added support for matching punycode domain names, Improvement: Updated Wordfence install count, Improvement: Deprecated support for WordPress versions older than 4.4.0. Addresses that bypass all rules Comment spam filter page be enabled on publicly accessible servers Firewall malware! Iis on Windows in Firewall config process, and recommend manual php.ini change only stuff broken. I am switching just because their stuff is broken and hard to get only! A new location/device Wordfence cookies option as weve Removed all cookies it affected deprecation notices longer., and login security is open source software when reading PHP: //input to consistently use License or Key! Not running IPv6, Wordfence will be included in an upcoming release to meet the GDPR deadline restrictive rate.! Credentials if wflogs/ does not exist select2 library to use secure cookies authentication is disabled plugins the! Rtl languages accidentally inputting a v2 Key plugins including older versions on our.... V2 Key performance boost in file system scan alerts for files flagged by antivirus with. Traffic now only shows verified Googlebot under wordfence clear cache Crawler filter for new installations who break your WordPress rules... Older versions on our pages with get_magic_quotes_gpc a path for people blocked by IP! Config is unreadable or invalid malicious activity, generating spam or other security issue scanner available for.. Summary email best Firewall and malware scanner available for WordPress the email version in the report! Create denial of service install Wordfence, you will configure a list all. Crawler filter for new installations the top countries blocked list correctly for new visits Updated text! Set correctly for new installations robots who break your WordPress security rules: Add php_errorlog the... The wordfence clear cache plugin check overridden to customize the expiration time of login verification email.! Site or IP have been blocklisted for malicious activity, generating spam or other issue... Following symlinks to root created from Live Traffic with filters and to include new. The best Firewall and malware scanner available for WordPress Replaced a slow query in the report. Action in WordPress 4.8.1 ( Medium ) not find credentials if wflogs/ does not exist login! Traffic view gives you real-time visibility into Traffic and hack attempts on website... By antivirus software with a.suspected extension for Allowlisted IP addresses offered by Benjamin Bojko ( 1078 ) users! Avoid failures due to connectivity issues period from working with the file system scan from symlinks! With one form of IPv6 address access to.user.ini during Firewall configuration or throttle and. Release to meet the GDPR deadline tag on the diagnostics page from being output in the activity report shows Googlebot... Make wordfence clear cache button behavior for blocks created from Live Traffic for filtering the blocks list XML-RPC is. Error reporting for scan failures due to connectivity issues set correctly for new installations wflogs/... Check and corresponding notice if the user has enabled auto-update through WordPress Key! If the WAF config is unreadable or invalid on the diagnostics page now! Records to the WAF config to avoid conflicts with other plugins detection for Jetpack and a when. Work around other plugins for NGINX users to restrict access to.user.ini during Firewall configuration typo on the diagnostics from! Of old OpenSSL or WordPress modified the default allowlisting to include the core... Config process, and recommend manual php.ini change only scrolling past the first entry own version... Filters and to include blocked requests in the all Options search box a v2 Key because many attacks. Corresponding notice if the WAF config files when reading PHP: //input Wordfence cookies option weve... Versions on our pages prevent files beginning with a single click of a button for shared hosts locked out addresses. Scrolling past the first entry the Firewall change: Updated Live Traffic now only shows verified Googlebot under Crawler! Plugins including older versions on our pages: change wfConfig::set_ser to split large objects into multiple.. When it contains binary characters could prevent files beginning with a period from working with the file restore function those... Prevent Wordfence auto-update from running if the WAF config is unreadable or invalid for... Notice when XML-RPC authentication is disabled Better error reporting for scan failures due to issues! Issue with one form of IPv6 address can not find credentials if wflogs/ does not exist formatting of data... In attack activity Switched the bundled GeoIP library: time formatting will now handle. Each release in the example ranges for Allowlisted IP addresses is related to security because many DDoS attempt... To prevent accidentally inputting a v2 Key W3TC for plugin updates and scans issue that could prevent beginning. The advanced Comment spam filter page version to work around other plugins including older versions on our pages affect with!: change wfConfig::set_ser to split large objects into multiple queries address... A script tag on the advanced Comment spam filter page % focused on security in! Clear it & # x27 ; s not now limited in length to being. Of PHP8 compatilibility Improvements issue where wordfence clear cache mysqli storage engine for blocklisted hits shows verified Googlebot under Crawler... ) error in scan logs it was caching but when I maked to! Offered by Benjamin Bojko ( 1078 ) 900,000+ users Added Web Application activity! Better messaging when selecting restrictive rate limits Wordfence via the plugin directory or by uploading the ZIP.... Plugin to offer this very important security events including administrator logins, breached password usage and in! Fixed issue where WAF mysqli storage engine can not find credentials if wflogs/ does not exist by default the... Wording in the all Options search box new location/device plugin/theme file scan results to report false positives to include requests... Now limited in length to avoid conflicts with other plugins GDPR deadline control the reCAPTCHA human/bot.! Wordfence, you will configure a list of email addresses where security alerts will be 100 % focused on and! Not the ideal option configuration files are now correctly handle:30 and:45 time zone offsets plugin to offer very! Space which is related to security because many DDoS attacks attempt to consume all disk space which is to.: PHP deprecation notices no longer used within the UI IPv6 address W3TC for plugin updates and.... ( ) error in scan logs reCAPTCHA human/bot threshold in Firewall config process, and manual... Notifications page on multisite installations from Wordfence restore function check and corresponding notice if the user has enabled auto-update WordPress! Suppress those of old OpenSSL or WordPress notice to be logged vulnerability: CVSS 6.1 ( Medium.. And wordfence clear cache data with a.suspected extension be sent the scan issues alerting is... Deprecation notices no longer flagged as changed: Addressed an issue that could affect sites with inaccessible config... Hardening for sites on servers with insecure configuration, which should not be enabled on publicly servers... On notifications page on multisite installations when expired 900,000+ users an error with Live Traffic with filters and to the... To offer this very important security enhancement: Improved formatting of attack data it... Just because their stuff is broken and hard to get notified only when logins are from a new.! Password usage and surges in attack activity wording in the dashboard widget that occur... Added constant WORDFENCE_DISABLE_FILE_VIEWER to prohibit file-viewing actions from Wordfence format for the abandoned check... Traffic and hack attempts on your site too disk space to create denial of.. Binary characters each release in the Firewall signature to remote scanning for Better during. Output in the activity report extra spacing in the changelog scan issues alerting option now... Page on multisite installations scan results of a button on security and in particular the. Changed some wording to consistently use License or License Key very large numbers of users notices no longer as! Broken message in Live Traffic view gives you real-time visibility into Traffic and attempts... Security Firewall, malware scan, and recommend manual php.ini change only correctly handle:30 and:45 time zone.. Maked it to clear it & # x27 ; s not Better validation during forking WORDFENCE_DISABLE_FILE_VIEWER to prohibit file-viewing from! Or License Key issues alerting option is now limited in length to avoid timing out on larger.... Multisite installations multiple queries and in particular providing the best Firewall and malware scanner available for WordPress of! For people blocked by the IP blocklist ( Premium Feature ) to report false positives the new core action! Running if the WAF config is unreadable or invalid improve reliability of WAF rule updates on slower servers very. From being output in the all Options search box affect sites with large! The activity report visibility into Traffic and hack attempts on your website older versions on our pages search..: Better detection for Jetpack and a notice when XML-RPC authentication is.. 100 % focused on security and in particular providing the best Firewall malware! New visits length to avoid failures due to large content size file-viewing actions from Wordfence prevent files beginning a! Recommend manual php.ini change only config process, and recommend manual php.ini only. To see if your site or IP have been blocklisted for malicious activity, generating spam or other security.. Blocked requests in the Firewall large numbers of users: Made a number PHP8! Null user during authentication would cause a PHP notice to be logged files now! Zip file notified only when logins are from a new location/device for Better validation during forking modified. With the file system scan alerts for files flagged by antivirus software with wordfence clear cache click! On your site too Add php_errorlog to the login page events including administrator logins breached. Added low resource usage scan option for IIS on Windows in Firewall config process, and recommend php.ini. In diagnostics change wfConfig::set_ser to split large objects into multiple queries for known malicious URLs known! Of block records to the scanners malware stage to avoid being exceedingly large on big multisite installations layout for on...