iThemes Security Pro v3.1.1 – WordPress Security Plugin security that’s more like a to-do list than a terminal. iThemes Security Pro shows you a list of things to do to make your site more secure with a simple way to turn options on or off. We’ve simplified these steps and provided descriptions of each action so you know exactly what’s happening on your site. You shouldn’t have to be a security pro to use a security plugin. And isn’t that the point?
iThemes Security Pro v3.1.1 – WordPress Security Plugin Changelog
v3.1.1 – 2016-11-15 – Chris Jean
Bug Fix: Remote IP is now correctly identified if the server is behind a reverse proxy that sends requests with more than one IP listed in a single header.
Bug Fix: Fixed the link for a user in the logs page so that it properly works on sites that are inside a subdirectory.
Bug Fix: Improved how Strong Password Enforcement works on password resets to improve compatibility with various plugins.
Bug Fix: Improved the logic for determining whether a user should have Strong Password Enforcement applied. This covers situations where the user may have a custom role, a customized default role, or added capabilities beyond their role.
Bug Fix: Removed warning that could happen when updating a user without changing their password.
Enhancement: Improved the logic for determing the requesting IP address to better handle situations where the site is behind a reverse proxy.
Enhancement: Strong Password Enforcement now uses a PHP port of zxcvbn to ensure that a strong password was selected.
Enhancement: All links in Security that have target=”_blank” now have added rel attributes to protect against tabnapping.
Misc: Updated remaining ip-lookup.net links to instead link to traceip.net in keeping with other links that were previously updated to traceip.net.