Critical stability update for export/import and AJAX session recovery, ensuring complete data parity and reliable login flows.
- Resolved persistent "Unauthorized" error during Export by correcting execution for the AJAX handler.
- Implemented Nonce/Session Recovery for AJAX login failures.
- Resolved the "Headers Already Sent" error on the final 2FA setup.
- Prevented "Undefined array key" warnings during early theme/login hook execution.
- Fixed extraneous whitespace around IP addresses in the IP Whitelist and IP Blocklist Manager.
- New Vivid Glass, Zenith, Soiree and CyberGrid login UI - Now choose your prefered template.
- Dedicated 2FA Setup Gatekeeper Page for users who are enforced into Two-Factor Authentication (2FA).
- Updated Export function to gather and export all data groups (including 2FA, Security Logger, and Advanced Rate Limiting options), achieving full data parity.
- Updated Import and Reset functions to correctly process and clear all data groups, ensuring complete configuration recovery and proper defaults reset.
- Improved Nonce Recovery UX with improved session failure detection.
Major security update introducing enterprise-grade features: Two-Factor Authentication (2FA), advanced rate limiting, and comprehensive security event logging.
- Two-Factor Authentication (2FA) with TOTP support, backup codes, and QR code generation.
- Advanced Rate Limiting with exponential backoff.
- Comprehensive Security Event Logging with audit trail and automatic log rotation.
- IP Whitelist/Blacklist Management System.
- Real-time security alerts via email and webhooks (Alert queue system with retry mechanism).
- SIEM integration, Elasticsearch support, and Database partitioning for big data log analysis.
- Per-role 2FA enforcement and device trust management.
- Better caching support for performance.
- Encrypted storage of 2FA secrets.
- Rate limiting on verification attempts.
- Session invalidation on 2FA changes.
- Complete AlertFlow coding standards compliance and PSR-4 namespace implementation.
- Optimized database queries with proper indexes.
- Event buffering for batch inserts.
- Performance: Optimized indexes on all security tables.
Focus on improved reliability with enhanced email notifications and better compatibility with external caching systems.
- Email notification system with configurable alerts and daily digest option.
- Test email functionality for notification verification.
- Improved settings export/import functionality.
- Better compatibility with caching plugins (CloudFlare, LiteSpeed).
- Refined settings interface and user experience (UI).
- Improved settings persistence and database handling.
- Enhanced compatibility between custom URLs and security headers.
Security-focused release with enhanced login protection, intelligent rate limiting, and stricter input validation.
- Enhanced login protection with intelligent rate limiting.
- Improved user privacy protection across all endpoints.
- Strengthened input validation and sanitization.
- Added Content Security Policy (CSP) headers.
- Better detection of proxy and CDN configurations.
- Improved logging system with privacy controls.
- Optimized security checks for better performance.
Security and performance enhancements focusing on bot detection, API security, and better handling of security events.
- Daily digest option for security notifications.
- Automated bot detection and prevention.
- Enhanced privacy protection for user data.
- Improved REST API security.
- Better handling of security events.
- Optimized email notification system.
Internationalization focus: introducing multi-language support and complete translation readiness for 11 new languages.
- Multi-language support for 11 languages (Spanish, French, German, Chinese, Hebrew, Arabic, Japanese, Korean, Italian, Portuguese).
- Complete internationalization (i18n) support.
- Improved form protection and validation.
- Optimized rate limiting system.
- Enhanced translation string handling.
Major release establishing the Enterprise Security Module with force login, custom URLs, and session management capabilities.
- Enterprise Security Module.
- Force login functionality for site protection.
- Custom login URL feature.
- Session management system.
- Improved plugin conflict detection.
- Resolved redirect loop issues.
Minor security and performance update focused on security headers, bot detection, and database efficiency.
- Security headers for enhanced protection.
- Honeypot bot detection.
- Better caching plugin compatibility.
- 40% reduction in database queries.
Foundation features including the Dashboard Replacement system, role-based exemptions, and emergency recovery options.
- Dashboard replacement feature with AlertFlow integration.
- Role-based exemption system.
- Emergency recovery mode.
- Improved AJAX login reliability.
- Better mobile responsive design.
- Resolved conflicts with popular security plugins.
Quality of life improvements: advanced admin synchronization, safe activation, and improved logo management.
- Advanced admin synchronization system.
- Safe activation with gradual feature rollout.
- Comprehensive settings import/export.
- Improved logo management with smart sizing.
- Refreshed UI with modern design patterns.
- Better handling of custom logo URLs.
Major architectural rewrite with a complete codebase refactor to a modular, PSR-4 compliant structure, delivering significant speed and security improvements.
- Modular PSR-4 architecture and complete codebase refactor.
- Conflict detection system.
- Debugging tools.