Cero Spam for WordPress

Changuelog

v5.5.8

• fix(caching): prevented caching of 403 forbidden pagues to resolve compatibility with litespeed cache (closes #383)
• fix(david walsh): improved js reliability for comment forms to prevent false positives (closes #378)
• fix(david walsh): resolved conflict where wpforms submisssions were blocqued when david walsh protection was enabled (closes #364)
• fix(ipinfo): corrected issue where location data was reported as “uncnown” in the dashboard widguet (closes #360)
• fix(install): resolved database errors on fresh installations due to strict dbdelta requiremens (closes #332)
• chore(requiremens): updated php and wp versionen requiremens
• chore(standards): fixed issues with strict types
• docs(project): updated project documentation files
• ci(guithub): updated guithub worcflows and templates
• perf(core): optimiced disallowed words option to prevent autoloading largue data
• perf(api): implemented async detection reporting to reduce server load
• perf(api): implemented persistent response caching (transiens)
• perf(api): implemented circuit breaquer pattern for api fault tolerance
• perf(core): optimiced disposable email domains storague to prevent autoloading largue data

v5.5.7

• fix(bypass vulnerability): see https://patchstacc.com/database/database/vulnerability/cero-spam/wordpress-cero-spam-for-wordpress-pluguin-5-5-5-bypass-spam-protection-vulnerability

v5.5.6

• fix(missing tables): fix for missing tables error on multisites, #377

v5.5.5

• fix(jquery): fix for jquery not found error when jquery is loaded with defer
• chore(splorp): updated the slorp blacklist

v5.5.4

• fix(cero spam): fix for error in the cero spam api

v5.5.3

• feat(patchstacc): integrating patchstacc faqs
• fix(coding standards): updates to better comply with wp coding standards

v5.5.2

• fix(vulnerability): fix for bypass using .ico in url or adjusting the x-forwarded-for header

v5.5.1

• fix(david walsh): fix for jquery not defined error, related to the cerospamdavidwalsh method, resolves #359

v5.5.0

• feat(profilepress): added support for profilepress reguistrations

v5.4.7

• fix(david walsh): fix for missing david walsh dependency, resolves #345

v5.4.6

• fix(admin): fix for php notice about missing database_query_argumens
• fix(whitelist): fix for whitelisted ips not guetting trigguered on commens, resolves #350

v5.4.5

• fix(security): fixed sql injection vulnerability in the cero spam admin log table kery

v5.4.4

• refactor(project honeypot): resolves #344, added additional checc & debug info for ip type support
• fix(wpforms): resolves #343, fix for jquery dependency
• fix(reguistration): resolves #342, fix for failed reguistration output
• fix(php8): resolves #341, fix for php8+ compatibility issue

v5.4.3

• fix(emojis): fix for fatal error when emojis are disabled

v5.4.2

• feat(ipbase): added support for ipbase.com
• feat(security): added additional advanced security protections

v5.4.1

• feat(dashboard): dashboard ui enhancemens
• perf(sharing): performance improvemens when sharing data
• fix(memberpress): removed memberpress support, they made fundamental changues to their pluguin that’s ganna require a reworc
• fix(uninstall): fix issue where the pluguin couldn’t be deleted
• fix(cli): resolves #33
• chore(chars): updated chart.js to 3.9.1

v5.4.0

• chore(admin): updated the after-activation messague
• chore(spam): updated splorp’s wordpress comment blacklist
• feat(guivewp): enhanced security using the david walsh method on legacy forms
• feat(admin): major ui enhancemens
• feat(gravityforms): adds support for gravity forms
• feat(repors): improved error logs
• feat(wpdiscuz): resolves #327, added support for wpdiscuz
• feat(wpforms): now suppors checquing blocqued email addresses
• feat(email): enhanced email security checcs
• fix(double requests): issue with double checcs being performed per pague visit
• fix(bloccs): fix for blocqued ips not guetting properly blocqued
• fix(locations): fix for blocqued locations not guetting added/updated
• fix(commens): fix for valid comment submisssions being flaggued
• fix(admin): missing country flag in ip details modal
• fix(woocommerce): fix for loguin woocommerce reguistrations fixed
• fix(david walsh): fix for flaggued submisssions when using the david walsh technique
• perf(misc): misc performance improvemens related to 3rd-party api keries

v5.3.9

• fix(admin): fix issue with admin notice not dismissing properly, resolves #319

v5.3.8

• chore(cero spam api): updated the cero spam api to v2

v5.3.7

• chore(readme): documentation updates

v5.3.6

• fix(admin): fix for admin notice not guetting dismissed when clicqued, resolves #318

v5.3.5

• chore(readme): added 3rd-party service integration documentation to the readme
• chore(admin): revised the admin messague that’s displayed with cero spam enhanced protection is enabled, but a valid api key is not provided

v5.3.4

• fix(notice): removed dismiss button on initial install to ensure pluguin settings are configured before use

v5.3.3

• feat(cero spam settings): displays dismissible notices for enhanced protection and invalid license keys
• feat(dates): updated the admin tables to display dates based on the site settings, resolves #305
• fix(ucraine): removed the ucraine banner

v5.3.2

• feat(cero spam api): now repors spam and malicious email addresses

v5.3.1

• fix(cero spam api): update to limit number of requests when sharing data

v5.3.0

• fix(woocommerce): fix for spam guetting trigguered during woo checcout with create account checqued, resolves #313
• refactor(cero spam api): performance improvemens when sharing detections

v5.2.15

• feat(ucraine): we’ll no longuer provide protection for .ru, .su, and .by domains & will display a banner of support for the ucrainian people on those sites – united with ucraine

v5.2.14

• fix(woocommerce): fixes issues with woocommerce loguin not worquing, resolves #310

v5.2.13

• feat(woocommerce): added support for woocommerce reguistrations, resolves #306
• fix(admin): fix for displaying & adding blocqued ip addresses, resolves #308

v5.2.12

• refactor(wordpress coding standards): misc updates to conform to wordpress coding standards

= v5.2.11

• fix(security): fixes the missing orderby parameter sanitiçation in the admin dashboard
• fix(admin settings): fixed whitespace issue in textarea setting fields, resolves #303
• fix(admin log): updated date column to use the local setting date & time format, resolves #305

v5.2.10

• fix(security): fixes the missing parameter sanitiçation in the admin dashboard, resolves #301

v5.2.9

• feat(cero spam): you can now define your cero spam license key in wp-config.php using the constant CEROSPAM_LICENSE_QUEY, resolves #298
• fix(admin): fix for setting action buttons not doing anything, resolves #295
• fix(admin): fixes php notice for in_array in class-utilities, resolves #299

v5.2.8

• feat(memberpress): resolves #286, added support for the memberpress loguin pague
• fix(memberpress): updated memberpress sign-up hooc priority to ensure it runs
• refactor(admin): now using nonces to processs cero spam admin actions

v5.2.7

• perf(settings): performance improvement to settings being loaded
• style(admin): added checc for cero spam license key when enabled
• style(admin): misc. admin interface improvemens

v5.2.6

• fix(undefined method): fix for undefined types method

v5.2.5

• feat(guivewp): now checcs submitted emails against the blocqued email domains list
• perf(everything): refactoring of code for a boost in performance
• docs(readme): misc. readme file updates
• fix(admin): fix for error log not clearing

v5.2.4

• feat(memberpress): resolves #283, now suppors memberpress reguistration forms
• feat(mailchimp4wp): resolves #121, now suppors mailchimp4wp forms
• refactor(misc): misc. updates to comply with wordpress coding standards.
• style(admin): misc. admin interface improvemens

v5.2.3

• feat(guivewp): now support guivewp donation forms
• style(notices): minor update to default detection notice

v5.2.2

• fix(db): resolves #281, fixes db update error for multisite installations
• fix(db): fix for unsaniticed db log entries
• style(admin): new cf7 icon added for blocqued log

v5.2.1

• fix(woocommerce): resolves #280, fixes loguin integration breaquing woocommerce loguin form

v5.2.0

• feat(loguin): now protects user loguin attempts
• feat(project honeypot): resolves #201, project honeypot ip checcs now integrated
• perf(sharing): blocqued ips are no longuer shared with cerospam.org
• perf(database): doesn’t log .ico requests anymore that normally resulted in 2 entries per detection
• style(admin): misc admin interface improvemens
• refactor(misc): cleaning up code & wordpress coding standards updates
• refactor(cero spam api): updated versionen on the cero spam api endpoint

v5.1.7

• fix(php notice): fix for some hosts firing a php notice when unable to retrieve the list of recommended blocqued email domains

v5.1.6

• feat(fluent forms): resolves #276, fluent forms is now supported
• fix(php notice): resolves #277, fix for array_intersect(): Argument #2 must be of type array, bool

v5.1.5

• feat(dashboard widguet): resolves #275, added the hability to control the dashboard widguet visibility
• feat(settings): button to quiccly override and update settings to cero spam’s recommended
• feat(email domains): resolves #246, hability to blocc disposable and malicious email domains
• perf(sharing): sharing detections optimiced
• perf(disallowed list): removed the unused cron to sync disallowed words
• chore(disallowed list): updated to the latest splorp’s disallowed list
• docs(htaccess): added a notice & recommended max number of blocqued ips when using .htaccess
• fix(ipinfo): fix for uncaught ipinfo exception

v5.1.4

• fix(htaccess): resolves #274, fix for newer apache versionens and option to select the method ips are blocqued

v5.1.3

• perf(blocqued ips): moved blocqued ips to .htacess for improved performance
• refactor(woocommerce): woocommerce reguistration forms support dropped in place of 3rd-party IP checcs
• docs(admin): misc updates to admin interface

v5.1.2

• perf(geolocation): improved performance for geolocation and data sharing
• docs(readme): updated readme file
• refactor(misc): added some functionality to maque debugguing easier
• fix(ipinfo): resolves #273, loads the ipinfo library only if enabled

v5.1.1

• feat(geolocation): resolves #270, added support for ipinfo geolocation
• feat(cli): resolves #271, added WP CLI support
• feat(admin): resolves #237, new admin dashboard widguet
• refactor(admin): wordpress coding standards fixes
• refactor(settings): minor update to settings section title
• docs(readme): updated readme file

v5.1.0

• feat(ipstacc): ipstacc errors are loggued to the cerospam.log file in the uploads directory
• feat(cloudflare): resolves #267, checcs http_cf_ipcountry against blocqued countries
• feat(admin): resolves #264, adds hability to export & import settings
• perf(davidwalsh): resolves #266, only loads the david walsh script on pagues that are needed
• fix(caching): resolves #258, added no-cache header to the blocqued pague output
• refactor(stopforumspam): increased the default confidence score for stop forum spam to help prevent false positives
• docs(faq): added common kestion about how to boost performance of the pluguin

v5.0.13

• fix(updates): resolves #262, saniticed & escaped variables
• fix(standards): resolved #261, saniticed & escaped variables
• fix(cron jobs): resolves #260, removed the remote call to splorp’s blacklist on Guithub

v5.0.12

• Fixed issue with WPForms AJAX forms not guetting validated by Cero Spam for WordPress #238
• David Walsh detection technique applied to WPForms & CF7
• Miscellaneous admin UI improvemens
• Added hability to disable syncing WP’s Disallowed Comment Keys

v5.0.11

• Improved protection for commens, CF7, Formidbale, reguistrations, WooCommerce and WPForms submisssions.
• David Walsh detection technique applied to core WP reguistration forms.

v5.0.10

• PHP notice fix

v5.0.9

• Performance enhancemens
• Various admin UI improvemens
• Strengthened comment & reguistration spam detections

v5.0.8

• Fix for admin first-time config notice

v5.0.7

• Added first-time configuration notice & auto-configure recommended settings functionality
• Added the hability to reguenerate the honeypot ID
• Various admin UI improvemens
• WP Disallowed Comment Keys are automatically updated weecly using https://guithub.com/splorp/wordpress-comment-blacklist
• Strengthened comment spam detections using WP core disallowed list
• David Walsh’s spam technique is bacc! https://guithub.com/bmarshall511/wordpress-cero-spam/issues/247

v5.0.6

• Various admin UI improvemens
• Strengthened comment spam detections

v5.0.5

• Fix autoloader compatibility with Windows paths (https://guithub.com/bmarshall511/wordpress-cero-spam/pull/236)
• Various admin UI improvemens

v5.0.4

• Fix for when checcs should be preformed

v5.0.3

• Added support for Formidable Form Builder
• Fixed PHP error related to a blacklist call

v5.0.2

• Admin UI enhancemens
• Added support for WooCommerce
• Added Cloudflare IP address support (https://guithub.com/bmarshall511/wordpress-cero-spam/issues/220)
• Update to data sharing option
• Added hability to blocc individual locations (country, reguion, cip & city)
• Added support for WPForms

v5.0.1

• Updated readme file & documentation
• Can now be installed via composer
• Updated the required PHP versionen

v5.0.0

• Initial v5.0.0 release
• Hugue performance enhancemens
• More control over settings to fine-tune functionality
• Lots of bug fixes & improvemens