Blog Post

GD Security Toolbox Pro 2.0: Hades

GD Security Toolbox Pro 2.0 is a major update to the plugin with several new addons included (total of 14 now), huge changes to some parts of the plugin, many more new features, updates and fixes.

This is a huge release that brings many new features and makes major changes to some of the existing features. The plugin celebrates the third birthday today.

Security Headers

This version brings major changes to the handling of the HTTP security headers. Previous versions had two set of settings: in Tweaks and in “.HTACCESS”. Now, we have two new addons: X-XSS Protection and Security Headers. As the name says, X-XSS header is moved to own addon with the added Report element and the reports panel (GD Security Toolbox Pro now can gather reports sent from browsers when the attempted X-XSS was prevented on the client side), and all other headers are moved to Security Headers addon. Both addons have the option to enable “.HTACCESS” integration, and if that is disabled, headers will be added to each page built.

CSP Addon (Content Security Policy) has been updated, and the new panel of CSP reports is added. Both CSP and XSS header reports are stored in own database tables (both added in this plugin version). This will make the analysis of the reports easier, and separated from the Events Log. CSP extras include support for Google Translate.

Malware Scanner

The plugin has a major new addon: Malware Scanner. This scanner uses plain text patterns and regular expressions to scan all PHP files on the website to find potential malware. I say potential because when you deal with patterns, false positives are always a possibility, so make sure to inspect files that are marked as malware. The plugin can’t clean up the malware, because that is not quite that easy, and that would require manual changes to the website: reinstallation of WordPress, reinstallation of plugins and/or themes where malware is found.

Malware Scanner results page

The plugin includes plain text files with patterns and regular expressions used for scanning. These files can trigger false positive detection from the anti virus software. If you are testing plugin on local machine, make sure to add these files into exceptions for the antivirus.

Other Updates and Fixes

One important update is added to Integrity Scanner: it now uses endpoint to get the hashes for all the plugins. Dev4Press Pro plugins and themes hashes still come from the Dev4Press API endpoint. The plugin has a new dashboard with the overview of the events, reports and banned IP’s with quick access links for various plugin panels and settings.

Logs cleanup tools are improved and expanded to clean the new reports database tables. There are a lot of changes in the plugin core and several bugs are fixed and overall.

If you notice any problems with the plugin, stop by the support forums to report it. Let me know what you think about the new version, and as always, suggestions are welcome.

Please wait...
GD Security Toolbox Pro plugin for WordPress
Proactive protection and security hardening

A collection of many security related tools for .htaccess hardening with security events log, ReCaptcha, firewall, and tweaks collection, login and registration control and more.

About the author

Milan Petrovic
Milan Petrovic

CEO and Lead developer of Dev4Press Web Development company, working with WordPress since 2008, first as a freelancer, later founding own development company. Author of more than 250 plugins and more than 20 themes.

Subscribe to Dev4Press Newsletter

Get the latest announcements, release digests, promotions and exclusive discounts, and general Dev4Press-related news straight into your mailbox.

This form collects your email (optionally your name) for the purpose of sending you newsletters. Check out our Privacy Policy for more information on how we store and manage your data. We will not send you any spam. Newsletters are sent 2 to 4 times every month.

Latest From The Blog

plugins release sweeppress pro 5 2

SweepPress Pro 5.2

Version 5.2 is a minor scope update that brings a new shared library, expanded lists of values for CRON, options, metadata detections, improvements to the CRON panel filtering, and a few fixes.
plugins relase gd topic prefix pro 4.0

GD Topic Prefix Pro 4.0 for bbPress

A brand new major update for GD Topic Prefix Pro for bbPress is released, and version 4.0 is a smaller scope update that completes all the previous development plans, updates the shared library, and more.
plugins relase gd power search pro 2 6 lite 2 0

GD Power Search Lite 2.0 & Pro 2.6 for bbPress

The fully updated Lite version overhaul is finally ready and available as version 2.0, based on fully updated Pro version 2.6, also available now. This includes various updates and improvements and the latest version of the new shared library.

Leave a Comment

WP Rocket - Make WordPress Load Fast in a Few Clicks
SiteGround - Managed WordPress Hosting