All-In-One Security Free Release: Version 5.3.1

In this release, we’ve introduced a new feature that enhances security for your WordPress site: CAPTCHA for pages and posts.

With our new CAPTCHA integration, you can add an additional layer of security to pages and posts that are already password-protected. While CAPTCHA was already available for login and registration pages, this new release allows you to add CAPTCHA to pages and posts as well. Users will need to solve a CAPTCHA challenge before gaining access, ensuring that only genuine human visitors can view the content.

In addition to the CAPTCHA feature, we’ve made several other enhancements and fixes. We’ve resolved an issue where the CAPTCHA wasn’t displaying correctly on the BuddyPress registration page.

Previously, if you’d renamed the login page and enabled the login whitelist features in WooCommerce, you may have encountered a logout issue. Rest assured, we’ve fixed it.

For the full list of changes, please review the changelog below.

• Feature: Added CAPTCHA to password protected pages/posts
• Fix: Captcha not showing on the BuddyPress registration page
• Fix: WooCommerce logout issue when the renamed login page and login whitelist features are both enabled
• Fix: Missing CAPTCHAs when multiple WooCommerce login and register forms are on the same page
• Fix: Fixed an issue with the 404 detection actions
• Fix: A UI issue with the 2FA QR code image
• Tweak: Added the attribute data-cfasync=”false” to the default captcha url to allow loading on Cloudflare Rocket Loader
• Tweak: Purge login lockdown table records after 90 days to restrict size. The AIOS_PURGE_LOGIN_LOCKOUT_RECORDS_AFTER_DAYS constant has been added to change the default.
• Tweak: Updated the malware scanner frequency text from daily to weekly
• Tweak: Updated the password strength meter UI for the password tool
• Tweak: Add a ‘Lock IP’ and ‘Blacklist IP’ link to the IP column of the audit log.
• Tweak: Enhance fake Googlebot detection. In the case where gethostbyaddr fails, the firewall will fallback to checking against known Googlebot IP ranges
• Tweak: Updated the column header for the  ‘Permanent Blocked IP Addresses’ table to be consistent with other tables
• Tweak: Prevent warning when DISALLOW_FILE_EDIT has already been defined
• Tweak: Fix instances of one translation function being used for multiple sentences
• Tweak: Improved the UX during AJAX calls
• Tweak: Removed Trash spam comments duplicated description