Wordfence 7.7.0 has just been released and, as usual, includes a number of impressive improvements and updates to our security-aware WordPress editors and e-commerce sites. The company doesn’t usually give out that many details, but it seems things have changed since this release.
The information posted here is based on the official Wordfence 7.7.0 changelog. But now you can find out what’s new about Wordfens without having to spend hours reading the huge documentation.
What’s new in Wordfence 7.7.0 released today
Let’s highlight all the news. Note that the text will refer to “improvements” or “corrections”. Whenever there are improvements, we will approach the item as something that already existed in Wordfence and has been improved. And as stated before, whenever a bug is being fixed, it will be addressed as “fix.
Improvement: Improved Wordfence scan resume
Improvement: Added configurable resuming scan function to prevent scan failure on sites with intermittent connection issues
Wordfence 7.7.0 adds “scan resume” which is configurable and will prevent security checks from failing on sites that may have intermittent connectivity issues. As you know, Wordfence works on more than 4 million websites on more than 12,000 unique networks. The new feature is part of the QA team’s plans, and this is another way to make Wordfence even more robust in version 7.7.0.
Improvement: Vulnerability scanning in plugins in Wordfence 7.7.0
Improvement: Added new scan result for vulnerabilities found in plugins that do not have patched versions available through WordPress.org
This adds a check result for plugins that have a vulnerability and are still present in the official WordPress plugin repository and for which no fix is available. The usual course of action is that the plugin team will disable a plugin in a repository that has a known vulnerability, where the vulnerability has not yet been patched.
In some cases this does not happen, and this scan result is designed to address this unusual case. This change will also allow plugins not offered by wordpress.org to be marked as vulnerable if no update is available.
Improvement: own MMDB reader
Improvement: Implemented standalone MMDB reader to lookup IP addresses to avoid plugin conflicts and support additional PHP versions
Wordfence 7.7.0 internally uses the Maxmind database for location lookups. They previously used the Maxmind PHP library to perform these searches. Maxmind stopped supporting old versions of PHP some time ago, but many clients still use those old versions. It has also been discovered that other WordPress plugins may use a different version of the Maxmind library, which may lead to conflicts.
That’s why the Wordfence team released their own standalone MMDB reader to solve these two problems. The new Wordfence now supports older PHP versions than the official Maxmind library and you won’t see any conflicts if another plugin uses the Maxmind library.
Improvement: It is now possible to disable IP address lookup
Improvement: Added option to disable IP lookup via Wordfence 7.7.0 API.
By default, Wordfence contacts its own servers to perform an IP address lookup. This is just the way the plugin was originally designed to try to make the most of the processing power for the Wordfence servers themselves and reduce resource usage on the client pages.
Some users prefer this survey to be done locally, so now there is this new option. The default is still to search the Wordfence server, but you have the option to enable local searches. The only downside to turning this feature on is that you will only get searches by country.
Improvement: Reset brute force counter
Improvement: successful logins are prevented from resetting the brute force counter
Another design decision made would be whether a successful login to a WordPress site resets the rough login counters to zero. This made sense because if a real user does multiple failed logins and then succeeds then it is clear that he is a real user and it would be relevant to reset the counters so that his next failed login ie those users are not blocked again.
One observed and reported side effect is that a threat actor could register an account on WordPress sites with open registration and login, and this would reset the brute force counters to zero so they could continue trying to guess the password. this administrator account. This has been fixed by removing the reset that occurs after a successful login.
Improvement: IPv6 diagnostics
Found a message on the diagnostic page that makes users think they need to fix something related to IPv6. So the team explains that they’ve adjusted the message to prevent customers from going in search of something that doesn’t need fixing.
Improvement: Maximum number of days included in live traffic option text
This is also a clarification. The maximum amount of live traffic data that is stored is 30 days. This was unclear and some users entered more days, expecting to see more than 30 days of data. So this fixed this UI issue to make it clearer.
Fix: Consistent timezones on firewall page
If the page showing the firewall activity were to load more results, they would be in UTC time instead of the correct time zone. Now this is fixed.
Fix: Added “Use only IPv4 to run scan” option to search
Wordfence has the ability to search your Wordfence page with options which is super useful. This option was not included in the search, now this has been fixed with the release of Wordfence 7.7.0.
Fix: Deprecation warnings were prevented in PHP 8.1 when emailing activity logs
PHP 8.1 provides warnings that a function is deprecated if the developer uses an older function call. And this happened in the previous version of Wordfenc. And so, PHP 8.1 rightfully complained about it. Therefore, a more modern version of the same code was implemented.
Fix: Prevented warning in PHP 8 related to process owner diagnostics
On the diagnostics page, if the hosting provider restricts the display of the username for the account, users will see a warning that you cannot access a string offset to a Boolean. This has also been fixed.
Fix: False positive blocked PHP code sniffer associated with T_BAD_CHARACTER
Wordfence uses a PHP code sniffer to look for things that are incompatible between versions. However, the team was getting a false positive when using this built-in tool, so that has been fixed. This change is really for the benefit of the Wordfence engineering team.
Fix: Unsupported beta feed option removed
The team says that they wanted to test the new rules, and some of the users were brave enough to try the new ones, so they included this option. The focus was on beta testing firewall rules and malware signatures, and as we know the testing community would test them first by enabling this option.
The development team has also done a lot of internal testing and the firewall and rule syntax can now be considered extremely robust. But the team warns that they will no longer do this kind of pre-release for testers and therefore will remove this configuration option.
Finally, if you have any questions about the Wordfence 7.7.0 release, please contact the official channels.