WP Fail2Ban Redux

變更記錄

0.8.2

• Release date: 2021-08-08
• Bumps “Tested up to” version to 5.8
• No changes to jail or filters in the release.

0.8.1

• Release date: 2021-06-01
• Actually bumps “Tested up to” version to 5.7

0.8.0

• Release date: 2021-05-31
• Bumps “Tested up to” version to 5.7
• Fix issue where logging out of WordPress could cause a blocked user log to be recorded

0.7.0

• Release date: 2021-01-05
• Bumps “Tested up to” version to 5.6
• Move Composer dependencies to require-dev to reduce the number of packages installed when WP Fail2Ban Redux is installed via composer. See https://github.com/thebrandonallen/wp-fail2ban-redux/pull/17

0.6.0

• Release date: 2020-06-07
• Bumps the minimum required version to WordPress 4.9.
• Bumps “Tested up to” version to 5.4.1

0.5.1

• Release date: 2019-09-05
• This release requires and update to the wordpress-hard.conf file, in order to fix an issue with matches failing for XML-RPC multicall authentication failures. See https://github.com/thebrandonallen/wp-fail2ban-redux/pull/13/commits/2e3a3867749be7839edfae5707b62921c36ecd85
• Fix issue where XML-RPC multicall authentication failures weren’t correctly matched by Fail2Ban with the wordpress-hard.conf filter.

0.5.0

• Release date: 2018-10-27
• Add better support for use as a must-use plugin in the mu-plugins directory.

0.4.0

• Release date: 2018-01-15
• Bumped the minimum required WordPress version to 4.5.
• Bumped the minimum required PHP version to 5.3. This is a soft bump, meaning, nothing changed that will break PHP 5.2 compatability. However, this could easily change in the future, and PHP 5.2 is no longer actively tested.
• Renamed the wp_fail2ban_redux_openlog_indent filter to wp_fail2ban_redux_openlog_ident, because… it was misspelled.

0.3.1

• Release date: 2017-05-18
• Bump minimum required WordPress version to 4.4.
• Performance improvements when not blocking user enumeration.
• Use wp_die to exit, to allow for greater customization of exit messages.
• Exit messages are now escaped using esc_html.
• Refactored plugin loading.
• You can now create your own, custom, logging class, in case you don’t want to use the standard syslog() output.

0.3.0

• Superseded by 0.3.1

0.2.1

• Release date: 2017-02-15
• Fix a stupid syntax error in the comment spam filter 🙁 Thanks to @ichtarzan for reporting!

0.2.0

• Release date: 2016-09-27
• Fixed PHP notices where WP_Fail2Ban_Redux::comment_spam expects two parameters. Decided it was probably a good idea to oblige.
• User enumeration blocking now checks for both the author and author_name parameters. The author_name parameter could be used to validate the existence of a particular username, so blocking on this parameter as well will further reduce the attack surface.
• Fixes an issue where user enumeration blocking was overzealous and would prevent actions in the admin area. Props pjv. #2
• WP_Fail2Ban_Redux::redirect_canonical is now deprecated. If you were doing anything with this function, or the hook that initialized it, you should look at WP_Fail2Ban_Redux::user_enumeration instead.
• Added a note to wordpress.conf about the logpath parameter, and common auth log locations. There is no need to changed existing configurations. This is merely to aid setup for future users.

0.1.1

• Release date: 2016-07-23
• In PHP < 7.0, exit isn’t allowed as a method name. WP_Fail2Ban_Redux_Log::exit is now WP_Fail2Ban_Redux_Log::_exit.

0.1.0

• Release date: 2016-07-13
• Initial release.