iThemes Security Pro v3.7.0 – WordPress Security Plugin security that’s more like a to-do list than a terminal. iThemes Security Pro shows you a list of things to do to make your site more secure with a simple way to turn options on or off. We’ve simplified these steps and provided descriptions of each action so you know exactly what’s happening on your site. You shouldn’t have to be a security pro to use a security plugin. And isn’t that the point?
iThemes Security Pro v3.7.0 – WordPress Security Plugin Changelog
v3.7.0 – 2017-03-09 – Chris Jean
New Feature: Added the ability to create Application Passwords that are valid for the REST API, XML-RPC requests, or both.
New Feature: When a user has an Application Password that is valid for use by the REST API, authenticated REST API requests can be made using HTTP Basic Authentication which allows for including the username and and password with the request.
New Feature: Application Passwords that are valid for the REST API can be set to read-only. This allows for creation of services that can have full access to site data without giving permission to modify site data.
Enhancement: Improved efficiency of code, reducing memory and processor usage.
Enhancement: Improved plugin performance by reducing the number of queries made on each page.
Enhancement: Reduced memory and CPU usage due to various code improvements.
Bug Fix: Removed warning that could occur when a plugin provides fake user variables.
Bug Fix: A database backup will no longer be created when first activating the plugin.
Bug Fix: Added compatibility for MySQL strict mode in database creation syntax.
Bug Fix: Removed warning about a “non well formed numeric value encountered” in PHP 7.1.
Bug Fix: Modifications to wp-config.php, .htaccess, and nginx.conf files are now properly re-added upon reactivation.
Bug Fix: Fixed full settings for Hide Backend being displayed after disabling the feature and saving the settings.
Bug Fix: Enabling or disabling the Hide Backend feature will update the “Log Out” link so that it works as expected without having to load a new page.
Bug Fix: Enabling or disabling the Hide Backend feature now properly updates the .htaccess/nginx.conf file on enable and disable rather than at some future point.
Bug Fix: Fixed issue that could cause improper database table creation on multisite sites.