- [HIGH] .htaccess Maker does not block access to static media files for front-end directories which are not listed under "Frontend directories where file type exceptions are allowed"
- [LOW] Copy doesn't work in Redirect URL
- [LOW] Fixed default values for 404 Shield feature
- [MEDIUM] Critical Files Monitor feature was not enabled due to a SQL error
- [MEDIUM] Fixed blocking non authorized IPs in Emergency Offline Mode
- [MEDIUM] Missing reason for Critical Files Monitor inside WAF Email Templates configuration
- Added feature to check if user password is inside any dictionary of leaked passwords. This feature is disabled by default.
- Added feature to manually unblock a specific IP
- Added option to allow only specific email domains during user registration
- Added option to choose if Admin Tools should write the log file or not (required by GDPR)
- Changed the debug log file type to .php. READ THE DOCUMENTATION. This may have implications on your host.
- Removed the option to log failed passwords. This could be a security risk since the information is stored unencrypted in the security exceptions database table.