Wordfence 5.3.6 Released!

  • Plugin Author Wordfence Security

    (@mmaunder)


    9 years, 10 months ago

    Wordfence 5.3.6 has just been released! It includes a few important fixes and a few awesome new features including the ability to block anyone (or anything) from submitting a form to your site if they have a blank referrer header and user-agent header. This is a common pattern among bots and will help you block a few more hack attempts. This is included in the free and Premium versions of Wordfence.

    The changes are below and the full changelog is here: https://www.ads-software.com/plugins/wordfence/changelog/

    * Feature: You can now block POST requests to your WordPress site that have an empty User-Agent and Referer header. This is a common pattern among badly written brute force bots.
    * Feature: Added cron viewer at bottom of Wordfence options page. The plugin we were using to help diagnose customer issues is broken. Use this instead.
    * Feature: Added DB table viewer at bottom of Wordfence options page. This is a read-only utility to view table names and detailed status. Also for customer diagnostic purposes.
    * Improvement: Code cleanup after in-depth code analysis. Removed unused functions and variables and re-indented selected code.
    * Fix: Fixed issue that appeared after last release where raw HTML tags were appearing in email alerts.
    * Fix: Tour behaved inconsistently under some conditions. Fixed.
    * Fix: Mismatched HTML tags in some presentation code. Fixed.
    * Fix: When fetching theme list the interator had the same name as the array. Fixed.
    * Fix: Detection for malware URLs in comments had a partial description in the issue. Was being overwritten when it should have been appended. Fixed.
    * Fix: Check if dns_get_record() exists before using it to avoid warnings.
    * Fix: If you have the wordfence security network disabled, the _wfVulnScanners table may have grown indefinitely. Fixed so it’s regularly truncated.
    * Fix: wordfence::getLog() was private and should be public. Fixed.
    * Fix: Removed warning about _wfsf not being an element of GET params. Usually hidden, but in case something checks error_get_last()

    https://www.ads-software.com/plugins/wordfence/

Viewing 7 replies - 1 through 7 (of 7 total)

  • Great stuff!

    Thanks for the update.

    After updating I went to delete some spam registrations and got the following error:

    Warning: fnmatch(): Filename exceeds the maximum allowed length of 4096 characters in /home/grencoll/public_html/wp-content/plugins/wordfence/lib/wfUtils.php on line 586

    Hoping this is helpful.

    Wordfence only makes my website load about 3 seconds slower, even with the falcon feature.

    Any ideas?

    Kind regards,
    Fabian

    Caching works on homepage only

    Support questions are not answered in stickies. Please post your own topic. Thanks

    tim

    After update began receiving error messages from Google it could not access my site– stating a problem accessing the Robot.txt file. After a lot of troubleshooting with my host, the problem was ultimately narrowed down to the Wordfence plugin. When it’s active, Google can’t access (checked with Google webmaster tools). As soon as I deactivate the plugin, all is well.

    Please Open your own post. No support will be given in this post

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Wordfence 5.3.6 Released!’ is closed to new replies.