New: Restrict Admin Access module under Features > Login Security to configure authorized country access to your dashboard.
New: Security Headers module under Advanced to enforce essential HTTP security headers.
Tweak: Ensure generated Nginx config rules are valid for customized directory structures.
Tweak: The Solid Security Basic and Solid Security Pro plugins can no longer be active at the same time.
Tweak: Config files now show "Solid Security" instead of "iThemes Security".
Tweak: Improved Database Backups dashboard widget when the feature is disabled.
Tweak: Clarify the 2FA onboarding email confirmation message.
Tweak: Improve Passwordless Login styling.
Tweak: All Gutenberg blocks use API version 3.
Tweak: Show the plugin changelog in the plugin information pop-up.
Security: Update the "tmp" npm package.
Security: Don't include package.json in zip.
Bug Fix: Vulnerable Software dashboard card didn't render properly.
Bug Fix: Firewall rules that depend on HTTP headers didn't work correctly in all cases.
Bug Fix: PHP Warning: Undefined array key 1 core/admin-pages/logs-list-table.php.
Bug Fix: Logs will appear in the correct order regardless of database version.
Bug Fix: PHP Warning: Array offset on value of type null core/modules/security-check-pro/class-itsec-security-check-pro.php.
Update: The lib/updater library has been updated to 1.9.3.
Enhancement: Send notification about new vulnerabilities found during manual scan.
Tweak: Site Scan page: show mitigated vulnerabilities, ensure all unresolved vulnerabilities are visible.
Bug Fix: Notification settings could not be updated.
Tweak: Clarify Site Scan description to reflect the new scheduling frequency.
Update: Increase minimum PHP requirement to 7.4 and update the admin notice accordingly.
Bug Fix: The padding on the WP Admin Dashboard page was incorrect.
Bug Fix: PHP notice about early translations loading on the settings screen.
Bug Fix: Treat Central IPs as trusted to ensure Central isn’t blocked by Trusted Devices restrictions.
Learn more: https://solidwp.com/?p=110379
New: Patchstack Priority tells you how quickly you should address a vulnerability so you can focus on the most critical issues.
New: The Security Digest email includes a complete list of vulnerabilities affecting your site.
Enhancement: The Site Scan email now only includes newly found vulnerabilities to prevent notification fatigue.
Enhancement: Site Scans now run hourly to detect new vulnerabilities.
Tweak: Make frontend JS code compatible with React 18.
Update: The lib/updater library has been updated to 1.9.1
New: Development and staging sites no longer take up a separate license. Learn more: https://solidwp.com/blog/seamless-solidwp-licensing-across-all-your-environments/
Tweak: Reduce number of steps in the onboarding sequence.
Bug Fix: Notification Center settings could not be properly saved.