Version 1.4 is a huge update for coreSecurity Pro, with four new features, improvements to the banning IPs process, a new method for handling security headers, new log events, and various improvements and fixes.
This new update is the biggest update for the coreSecurity Pro so far, and it adds some very important new features and tools to protect your website better, cover more plugins with Antispam measures, and allow you to connect your websites to improve security. Before getting to every new feature, the plugin has many improvements to the process of IP banning, new events for the log, an improved and centralized method for adding security headers, many other tweaks and improvements, and several bug fixes.
coreSecurity Pro has a new antispam feature, aiming to handle WPForms Pro and Lite plugin forms. WPForms Antispam can use most of the 20+ antispam measures available in coreSecurity Pro, and it is easy to integrate into both plugin versions. It allows you to select which forms you want protected from spam.
A new security feature is Blackhole – a method for capturing bad bots in the blackhole linked through the robots.txt file. This capture method relies on good bots obeying the robots.txt file (with an additional way to allow selected user agents even if they fall for Blackhole) and bad bots not obeying the robots.txt file. If a bad bot attempts to access a fake URL added by the plugin, it will be caught and banned.
The plugin has a new security header support for Network Error Logging, and it is implemented as a new feature, with several options you can use to tweak the feature. It will add a new NEL Reports panel where the logged errors will be listed. NEL reports are sent by browsers that support this header (Chrome and Chromium-based browsers for now), and they can show you issues with your website’s connectivity, problems with DNS and TLS/SSL, and more.
Finally, feature number 4 for this version is a game-changer feature called Bridge. Bridge allows you to share all the IPs banned on your website with your other websites. So, if you have multiple websites running coreSecurity, they can effectively share all IPs they banned individually across all these websites with the use of REST API and secret endpoint keys. As a bonus, you can get a huge list of IPs to ban from Dev4Press API, and this list is generated over many websites maintained by Dev4Press and related websites.
By the end of February, version 1.5 should be completed, with improvements to the dashboard, tools, and inspection tools, and two more features being developed (but not yet confirmed for that release).
Plugin documentation has been updated with new articles. Please let me know if you have more suggestions for plugin features and improvements. Leave a comment here or in the forum.