All In One WP Security Pro - All In One WP Security & Firewall Team v5.0.5

[nuncanemvi]

nuncanemvi submitted a new resource:

All-In-One Security WordPress Premium Plugin - Download Dree All-In-One Security WordPress Premium Plugin Nulled

THE TOP RATED WORDPRESS SECURITY AND FIREWALL PLUGIN​

All-in-One Security (AIOS) is a security plugin designed especially for WordPress, now brought to you from the team at UpdraftPlus.
Customers love All-In-One Security because it’s easy to use, and it does a whole lot for free.

All-In-One Security gives you Login Security Tools, to keep bots at bay and protect your website from brute force attacks.

Our Web Application Firewall gives you automatic...

Read more about this resource...

 

[CanThi]

Thank you very much

 

[CanThi]

@nuncanemvi is this nulled plugin or not, brother?

 

[AndreyP]

nuncanemvi submitted a new resource:

All-In-One Security WordPress Premium Plugin - Download Dree All-In-One Security WordPress Premium Plugin Nulled



Read more about this resource...

This is not Premium version 5.0.5. The malware scanner also asks for upgrades to Premium. Two-factor authorization still does not give one-time emergency keys and asks for upgrades to Premium.

 

[Ledzepy]

@Babak check this file. It is literally the version that can be downloaded for free by wordpress itself.

 

[Danchik]

@Babak
please update the file)

 

[ad777]

Please update!

Changelog​

5.1.9 – 09/MAY/2023​

• FEATURE: IP addresses – Blacklist manager functionality based on PHP instead of .htaccess rules. Added AIOS_DISABLE_BLACKLIST_IP_MANAGER constant, Define it in your wp-config.php to disable IP Blacklist manager.
• FEATURE: Detect spambots posting comments and discard it completely or mark as spam.
• FEATURE: Encrypt TFA secret keys that are stored in the database (extra protection in case of your database being hacked)
• FEATURE: Added a “Delete all” and “Delete filtered” bulk action to the audit log table
• FIX: Prevent Cloudflare Turnstile being added to login forms when no credentials where set
• FIX: Change where the audit log event handler is loaded to prevent an error on plugin deletion
• FIX: Fix context class checks to support cli
• TWEAK: Multisite super admin can access the subsite dashboard without login again if salt postfix enabled
• TWEAK: Captcha JavaScript file is unnecessarily loaded on some site pages if comment captcha or custom login captcha enabled
• TWEAK: Change some nonce checks to use our internal function to check user capability and nonces
• TWEAK: User registrations and successful logins are now recorded in the audit log
• TWEAK: Added a commands class and refactored AJAX handlers
• TWEAK: Captcha verification to prevent conflicts with some plugins that recall the WordPress authentication code
• TWEAK: Improve database table prefix feature UI.
• TWEAK: WordPress core updates are now recorded in the audit log
• TWEAK: Translation updates are now recorded in the audit log
• TWEAK: Add an entity changed event to the audit log when upgrader information is not available
• TWEAK: Automated emails sent by AIOS that failed to send due to from address

5.1.8 – 11/APRIL/2023​

• FIX: 404 detection – Individual record blacklisting, delete, temp block actions stopped working in 5.1.7
• FIX: Uncaught fatal error on null ‘set_value’
• FIX: Remove audit log event handler actions on plugin deletion to prevent an error
• FIX: Remove some audit log event handler on plugin deletion to prevent an error
• FIX: Get correct wp-config path when installed in a subdirectory
• TWEAK: AIOS_Helper::request_remote timed out exception ignored.
• TWEAK: Requests_IPv6 class name deprecated in WordPress 6.2.
• TWEAK: Failed login attempts are now recorded in the audit log

5.1.7 – 24/MARCH/2023​

• FIX: Prevent fatal error when calling get_server_detected_user_ip_address() when the firewall is not setup
• TWEAK: Clarify dashboard notice title and change image.

5.1.6 – 21/MARCH/2023​

• FEATURE: Added an audit log
• FEATURE: Add salt postfix option to improve your site’s security
• FEATURE: Shared library that can be used from the firewall.
• FIX: Rename login slug used like wp-login-RANDOM_SUFFIX showing 404 page issue solved and code clean up for multisite activation.
• FIX: Divi child theme conflict – Call to undefined function et_builder_get_fonts() in functions.php on line 208 solved.
• FIX: Captcha settings tab in multisite installation for subsites not showing
• FIX: Cron reschedule event error for hook aios_15_minutes_cron_event if plugin deactivated or uninstalled
• TWEAK: Stop user enumeration now shows 403 forbidden error code instead of 500 server error
• TWEAK: PHP 8.1 warning rawurldecode passing null instead type string is deprecated for block request string 6g rule
• TWEAK: Code clean up for disable cookie based brute force constant as rule moved to firewall
• TWEAK: Comment spam IP monitoring page UI
• TWEAK: Updated seasonal notices
• TWEAK: Improve internal code structure making way for future improvements
• TWEAK: Remove mention of the 6g firewall rules being .htaccess based as they are now php based
• TWEAK: Added new internal function to check user capability and nonces
• TWEAK: Improve config code with inline saving.
• TWEAK: Allow audit log to be filtered and exported to CSV

5.1.5 – 13/FEBRUARY/2023​

• FEATURE: Added Cloudflare Turnstile CAPTCHA support
• FIX: Notices about undefined array key HTTP_USER_AGENT solved.
• FIX: New v5 features not saved in export file and not properly reset after uninstallation.
• FIX: File permission change being applied to the last record not selected one. Also, no longer change permissions when they are already tighter than the suggested.
• FIX: Fatal error ‘Call to a member function contains_contents() on null’
• TWEAK: Removed wrong information about login whitelist being implemented via htaccess.
• TWEAK: Refactoring settings tasks for WP CLI AIOS premium commands.
• TWEAK: Page load performance issue due to incompatible tfa premium plugin active check improved.
• TWEAK: Make sure translation domain is registered before attempting to use it
• TWEAK: Replaced click with press in text because users could be on mobile etc and not using a mouse.
• TWEAK: Registration, comment, Buddypress and bbPress admin pages to show notice enable the captcha settings.
• TWEAK: Improve the UI/UX for the 404 detection tab
• TWEAK: Improve internal code structure making way for future improvements
• TWEAK: PHP 8.2 deprecation warning for dynamic properties
• TWEAK: Remove the unintended ability for directory traversal and lack of escaping when outputting files with the “view system log” feature. This facility is only available to an administrator (who can of course already do anything on the site, so this has no security implications) and allow them to view (the last 50 lines) from any file or list any directory on the system where the web server has read access.
• FIX: Fatal error ‘Call to a member function contains_contents() on null’
• TWEAK: Firewall gets constants from a single source.

5.1.4 – 14/DECEMBER/2022​

• FEATURE: Add option to disable RSS and ATOM feeds.
• FIX: The IP address blacklist manager wasn’t working.

5.1.3 – 09/DECEMBER/2022​

• SECURITY: No longer save settings import files in a publicly accessible folder where they can be potentially indexed by search engines if the administrator does not actually import the settings (which deletes the import file)
• FEATURE: Implement firewall events system
• FIX: Protect subsites when firewall is loaded via plugins_hook
• TWEAK: Improve the UX for uploading import files
• TWEAK: Add a default CAPTCHA option making way for new CAPTCHAs in the future

5.1.2 – 07/DECEMBER/2022​

• FEATURE: User Agent – Blacklist manager functionality should be based on PHP instead .htaccess rules.
• FIX: Sorting by ‘status’ on the comment spam table
• FIX: Copy protection feature not working on iPhone
• FIX: Cookie based brute force prevention locks out if plugin deactivated and activated again.
• FIX: The notice to reapply .htaccess rules after reactivating the plugin is displayed on subsites.
• FIX: Various WordPress command line notices about undefined $_SERVER indexes
• FIX: Deativate and reactivate plugin firewall settings file sync issue solved.
• TWEAK: 2FA setting page to show premium options for AIOS premium.
• TWEAK: Remove characters that should not have been on the scanner page
• TWEAK: Organise firewall rules into subdirectories
• TWEAK: Added GDPR question answer to the AIOS WP org plugin’s FAQ section.
• TWEAK: Allow AIOS management permission to be filtered via aios_management_permission filter
• TWEAK: Make use of is_main_site() function.
• TWEAK: Copy IP to clipboard when clicking on it at WP Security -> Brute Force -> Login whitelist.
• TWEAK: Better context detection for the firewall

5.1.1 – 16/NOVEMBER/2022​

• SECURITY: Fixed a failure to check bulk action nonces, leading to a CSRF vulnerability. Exploitation would require an attacker to craft a link specifically for your site, and persuade you to click it whilst logged in; if you did so, this could result in bulk actions being carried out on AIOS list tables (e.g. delete entries from blocked IP address lists), with the attacker being restricted to deleting entries by database ID numbers that he cannot know directly (e.g. 15, 16, 17) and not IP address (e.g. 100.101.102.103).
• FEATURE: Cookie-based brute force prevention implemented with the new PHP based firewall system.
• FIX: AIOWPSecurity_WP_Loaded_Tasks::site_lockout_tasks() method visibility
• FIX: Prevent the dismiss notice button removing all notices from page including notices that contained important information
• FIX: Brute Force > Login Whitelist issue access password protected pages by user solved.
• FIX: Force logout link not working in the currently logged-in users list.
• FIX: Google reCAPTCHA site key and secret key are not verified immediately.
• TWEAK: Code style changes for scanner related pages and future item manager class.
• TWEAK: Capitalisation style reapply for firewall menu tabs.
• TWEAK: Instead login lockdown used login lockout word in UI and mail content. Changed constant AIOWPS_DISABLE_LOGIN_LOCKDOWN to AIOWPS_DISABLE_LOGIN_LOCKOUT.
• TWEAK: Update tabs, links to match capitalisation style of other UpdraftPlus plugins.
• TWEAK: Added the filter aios_server_type to override the AIOWPSecurity_Utility::get_server_type() method’s return value.
• TWEAK: Notice – Account activity logs, 404 event logs older than 90 days cleared automatically to show.
• TWEAK: Premium upgrade page FAQs linked to correct URL.
• TWEAK: IP address lookup called only once in same page request. Visitor blocking called when user is not logged in. User online information updated on login only.
• TWEAK: User login lockout – minimum lockout time length should be less than maximum lockout time length validated.
• TWEAK: Take a backup of wp-config before inserting firewall contents.
• TWEAK: Ability to downgrade the firewall’s protection which allows users to reverse the changes from setting up the firewall.
• TWEAK: Set a global context for $wp_file_descriptions context so that it gets assigned to correctly, preventing a subtle visual change in the theme editor
• TWEAK: Black Friday notice
• TWEAK: Update readme.txt file

5.1.0 – 12/OCTOBER/2022​

• FIX: The login loader is visible infinitely on the login screen and administrators can’t log in if the user has enabled maintenance mode and 2FA authentication simultaneously.
• FIX: Pressing the “Disable Firewall” button didn’t clear new 6G firewall rules.
• FIX: The application password was disabled by default on the activation of the AIOS plugin.
• FIX: The error occurred with the error message: Uncaught TypeError: fclose(): Argument #1 ($stream) must be of type resource, bool given in all-in-one-wp-security-and-firewall/classes/wp-security-utility-htaccess.php:164 in the server where the root folder is not writable.
• TWEAK: IP address lookup service whatismyipaddress removed, API for bot.whatismyipaddress.com is no longer available.
• TWEAK: The simple math captcha box was shown when the user was filling in the 2FA code at login time.
• TWEAK: Firewall max upload limit default value increased instead 10MB to 100MB.
• TWEAK: Google reCaptcha multilingual implemented to show in local language messages instead of English only.
• TWEAK: Update headings, labels and buttons to match capitalisation style of other plugins.
• TWEAK: Add premium upgrade tab.

 

[danthecanadian]

Update?

 

[Mordec4i]

any update?

 

[danthecanadian]

Bump

 

[iramireze]

Hi -

Can you please update to latest version?

Thanks in advance...!!

 

[zajaczkowski2002]

pls nulled update

 

[Danchik]

up

 

[AndreyP]

update please

 

[SENNA_BR]

@Babak check this file. It is literally the version that can be downloaded for free by wordpress itself.

@Babak and others, is this a fake?

 

[kirk44]

fully functional to me, this version, I didn't update, but will try just to see what happens