Plugin Name: WP Defender
Author: WPMU DEV
Tested up to: 6.9

Change Log:

= 5.7.1 ( 2025-11-24 ) =

- Fix: Improve 404 detection flow

= 5.7.0 ( 2025-11-18 ) =

- New: Cloudflare Turnstile integration
- Enhance: Compatibility with WordPress 6.9
- Enhance: Redesigned CAPTCHA menu
- Enhance: Optimize database performance on multisite
- Enhance: Add additional widget IDs on Defender’s Dashboard page
- Enhance: Add new hooks to simplify Audit testing and Firewall logs deletion
- Enhance: Update minimum supported PHP version to 8.0
- Enhance: Disable New Scan button until the background scan is complete
- Enhance: Migrate Security Recommendations multisite events to the centralized Cron Manager system
- Enhance: Migrate Malware Scanning multisite events to the centralized Cron Manager system
- Enhance: Tracking improvements
- Fix: Masking URL displays a notice when using a slug already assigned to another page
- Fix: Defender not detecting some outdated plugins
- Fix: Recommended PHP version appears as NULL on WP Engine hosting
- Fix: Default Security Config name and description not saving properly
- Fix: UI improvements

= 5.6.2 ( 2025-11-20 ) =

- Enhance: Miscellaneousness improvements

= 5.6.1 ( 2025-10-21 ) =

- Fix: Malicious Bot Detector blocking Facebook Sharing Debugger bot

= 5.6.0 ( 2025-10-07 ) =

- New: Malicious Bot Detector
- New: WooCommerce integration with Defender > Strong Password
- Enhance: Migrate Audit multisite events to the centralized Cron Manager system
- Enhance: Migrate Firewall multisite events to the centralized Cron Manager system
- Enhance: Improve plugin detection logic to exclude plugins not from wp.org
- Enhance: Remove AntiBot IP list after site disconnection
- Enhance: Add rel="nofollow" to Bot Trap URL
- Enhance: Hide Blocklist Checker and AntiBot Stats button when Whitelabel is enabled
- Enhance: Sync with the Custom IP Block/Allow list across different hosting memberships
- Enhance: Add parameter to WP-CLI Scan command for outdated and closed plugins
- Enhance: Add audit logging event to detect Hub SSO login
- Enhance: Improve plugin code style using PHPStan and ESLint rules
- Fix: Web Authentication improvements
- Fix: Security Recommendations > Security key value not saved
- Fix: Defender not adding noindex tag to secret link of Bot Trap
- Fix: Notification hints not displaying properly
- Fix: Issue on Firewall Logs page when logging in with an expired session using the default WordPress login modal
- Fix: Defender country blocklist not working for EU region and UK

= 5.5.1 ( 2025-09-04 ) =

- Enhance: Change Outdated Plugin threshold to 2 Years
- Enhance: Create hook to customize Outdated Plugin threshold

= 5.5.0 ( 2025-09-02 ) =

- New: Detection of outdated and removed plugins in scans
- New: Scan process runs in the background
- Enhance: Display User Agent name in Bot Trap logs
- Enhance: Improve Blocklist Lockout with updates for the move_uploaded_file function
- Enhance: Update YARA rules for better Malware detection
- Enhance: Tab improvements in Security Headers
- Enhance: Improve WooCommerce compatibility with Force Strong and Pwned Password features
- Enhance: Enable "Unlock Me" option by default on AntiBot activation
- Enhance: Migrate "audit_clean_up_logs" multisite event to the centralized Cron Manager system
- Enhance: Rename "File Change Detection" to "Issue Type" on the Malware Scanning page
- Enhance: Remove "In progress" upsell during onboarding
- Enhance: Improve flow for expired members
- Enhance: Improve code style in Defender core
- Fix: Defender Bot Trap causing invalid robots.txt
- Fix: Blank Defender > Get Started page when WPMU DEV branding is enabled
- Fix: Error on WooCommerce > Login page when logging in using a weak password and Strong Passwords option is enabled
- Fix: Improve Vulnerability Scan for free and premium plugins using the same slug
- Fix: Default login pages return error 500 instead of 403 when Mask Login area is active and configured

= 5.4.1 ( 2025-08-05 ) =

- Enhance: Add a button to direct the users to the AntiBot Statistics page
- Enhance: Improve Bot Trap flow
- Fix: UI Improvements

= 5.4.0 ( 2025-07-22 ) =

- New: User Agent Blocklist Presets
- New: Bot Trap to block spam User Agent IPs
- Enhance: Update Vue.js and Axios versions and related packages
- Enhance: Remove Tutorials menu and widget
- Enhance: Remove widget on Dashboard page to discover other free plugins by WPMU DEV
- Enhance: Remove recommended-plugins-notice submodule for Free version
- Enhance: Update Malware Signatures to detect suspicious code
- Enhance: Remove "Add Spam User Agents" button
- Enhance: Create new wd_404_attempt hook to extend 404 Detection flow
- Enhance: Add Session key to config structure
- Enhance: Add Force Strong Password key to config structure
- Fix: Defender forcibly logs out users for inactivity
- Fix: Unable to save secure password when Strong Passwords and Password Reset are both enabled
- Fix: Documentation buttons are missing aria-hidden tag
- Fix: Error when creating multisite and running Malware Scan


877503-1764566583-au