Most Recent Changes

Portal - August 21st 2019

  • Added: Support for 3DS payment authentication for when our payment provider publishes support for it live.
  • Fixed: Renamed reCAPTCHA v3 to v2 on the hardening tab to avoid confusion.
  • Fixed: True/false values on the hardening tab not being properly parsed from the site which in turn showed inaccurate data.
  • Fixed: Error when team members couldn't add sites when the team leader created an account during the AppSumo promotion.

Plugin - August 8th 2019

  • Version 1.4.3
  • Fixed: IP proxy issue on certain hosts.

Past Changes


August 5th 2019

  • Added: Link to go directly to a firewall rule on the firewall rules overview page.
  • Fixed: Issue related to the hardening tab on the portal.
  • Removed: Text that is no longer relevant on the addons tab on the billing page.

July 16th 2019

  • Added: Ability to change your billing information.
  • Added: Ability to subscribe to our new annual plan.
  • Changed: Review billing page has been redesigned and restructured.
  • Changed: Signup page.
  • Fixed: Issue where whitelisting did not work under certain scenarios.

June 12th 2019

  • Added: Error when the plugin is deactivated on a site on which it was previously activated.
  • Added: Text that describes the avatar allowed extensions and dimensions.
  • Changed: Width and height of certain elements.
  • Changed: Firewall rules management page interface has been slightly modified.
  • Changed: Firewall rules management menu item no longer has a sub-menu.
  • Changed: License expiration in the header has been removed.
  • Changed: Icon of the billing sub-menu item.
  • Changed: The DataTables error popup text has been adjusted to be more user friendly and show a better message.
  • Fixed: Show better error when a payment failed to process.

May 28th 2019

  • Added: User management (team) feature has been added which allows you to add sub-users to your account and assign them sites that they can control.
  • Added: You can now upload an avatar to your account.
  • Added: Your company name (if set) is now displayed under your name in the header.
  • Fixed: Under certain conditions an alert that informs you that your site is down would not be sent.

April 5th 2019

  • Fixed: Chart on site view not displaying properly when a different week is selected.

March 12th 2019

  • Added: Ability to whitelist blocked firewall requests with one click on the firewall logs page.
  • Added: A pen icon has been added next to the website title when you view a site to quickly jump to the section that allows you to edit the website settings.
  • Added: Ability to instantly re-synchronize the firewall rules and whitelist of a site.
  • Changed: The site searching textfield now requires you to press enter to perform the search. Additionally, the searching textfield will be hidden until the current listing has been loaded.
  • Changed: Design for the login, register and password recovery page has been adjusted.
  • Changed: Some text and font sizes on the billing page.

February 19th 2019

  • Added: Advanced page where you can manage the firewall rules and add your own.
  • Added: Icons to the dashboard blocks.
  • Fixed: Bug with uptime chart.
  • Fixed: Weekly uptime chart.
  • Fixed: Bug regarding severity, type and showing POST data of blocked requests on the firewall logs page.
  • Fixed: Bug regarding PHP firewall and scanner firewall detection feature.
  • Changed: Last 9 days of the firewall chart on the dashboard will now always be shown, even if 0 attacks blocked.
  • Changed: "Security Risk" column state will be updated more often.
  • Changed: Several paragraphs and texts were changed.
  • Changed: Alert messages on the site view page were moved to the top of the page.
  • Changed: Firewall and uptime chart will no longer be shown if the plugin or firewall is not installed.
  • Changed: The display order of the tabs on the site view page has been adjusted.
  • Changed: Button focus color has been adjusted to match the rest of the color scheme.
  • Changed: "Up-to-date" element is no longer a button on the software tab.
  • Changed: "Plugin Settings" button has been moved to its own tab instead.
  • Changed: Removed middle-step of the payment page.
  • Changed: Text in the "Security Risk" column on site overview table has been adjusted.

January 31st 2019

  • Added: Plan cancellation feedback form.
  • Added: Checkbox to mark a site to not be monitored by the uptime monitor and scanner.
  • Changed: Add year to security report generation filename.
  • Changed: Adjust hack cleanup addon pricing.
  • Changed: Claim that prices are excl. taxes.
  • Changed: Change trial to be the PRO package.
  • Changed: Make the security check mark on the site overview update more often.
  • Fixed: Added proper year support to security reports

January 18th 2019

  • Added: Button to view the change log of a plugin on the "Software" tab when viewing a site.
  • Added: Hack cleanup and whitelabel purchasable add-ons to the billing page.
  • Changed: All URL's that contained /invoice have been removed and renamed to /billing.
  • Changed: Removed some misleading text from the monitoring and uptime notification emails.
  • Fixed: Text overlapping issue when a security report spans over multiple pages.

January 15th 2019

  • Added: security reports feature to generate reports for your customers (available to AppSumo users, pro plan and enterprise plan.) Whitelabel support coming soon as purchasable add-on.
  • Added: button to site view page (top right corner) that when clicked on, will show a page where you can manage the WebARX plugin settings. (Plugin version >= 1.3.3 required)
  • Removed: (AppSumo) code redemption form on billing page.

December 21st 2018

  • Changed: The uptime monitor has been adjusted to start monitoring every hour instead of every fifth minute. This will allow us to focus more on the security aspect of our product and less on the uptime monitoring feature. However note that we may change this in the near future.
  • Changed: Uptime monitor chart when viewing a site has been adjusted graphically, we also no longer keep track of the response time of the site. If there's a lot of interest for response time averages then we can consider re-adding this.
  • Fixed: Many performance improvements have been made to the portal in order to handle more traffic and to handle more load.

December 10th 2018

  • Added: Daily statistics emails for trial users. (Will be available to all users soon)
  • Fixed: WebARXSecurity > WebARX in certain emails.
  • Fixed: Show better error messages when payment cannot be completed successfully.

December 6th 2018

  • Changed: Pricing has been adjusted (lowered).
  • Changed: "Upgrade your account" button will now only show up to trial accounts..
  • Fixed: "Processing" bar when loading a table would overlap the notification box.
  • Fixed: Bug where notifications were being sent too often.

December 3rd 2018

  • Added: PayPal support for payments.
  • Changed: The address form when making a payment will now show more user friendly errors in case you did not fill in a field with a valid value.
  • Changed: "Free Stuff" (referral) has been changed to an (upgrade) button to review our subscription package. The referral page will be reworked soon.
  • Changed: "WebARXSecurity" has been modified to "WebARX" in emails.
  • Fixed: Slack and email notifications not being sent properly in some scenarios when a site goes down.

November 15th 2018

  • Added: 2 new monitoring additions; SSL certificate expiration check and .git folder detection.
  • Added: A more obvious download WordPress plugin button, which can be found at the bottom of the site view page.
  • Changed: Few more improvements have been made to speed up initial load.
  • Fixed: Few console errors and informative messages.

November 9th 2018

  • Changed: Performance improvements have been made to the portal. More specifically: the up-time chart, firewall chart and site listing table on the dashboard.

November 2nd 2018

  • Added: Timezone support. You can find this option by clicking on your name in the top right corner > Settings > Timezone section.
  • Changed: If you are a new user with no sites, you will be forced to add sites before you can do anything else.
  • Changed: Trial expiration message will not show until halfway of the trial period.
  • Fixed: Some themes would show up as vulnerable (false positive).
  • Fixed: Show error if the configuration file of the native PHP firewall cannot be downloaded.

October 29th 2018

  • Added: Two-factor authentication. You can find the option by clicking on your name in the top right corner > Settings > Two-Factor Authentication.
  • Added: Subtitles to menu items.
  • Added: Support button that links you to the knowledge-base and chat option.
  • Fixed: Show better error messages when attempting to perform an action on the plugin management tab.

October 18th 2018

  • Fixed: Many speed improvements have been made to the portal to prevent the occasional timeouts and slowness of the site.

September 18th 2018

  • Added: Ability to specify the number of times in a row a website should be down to the uptime server before we send an uptime alert. The option has been added to the notification settings of a site and the settings page of your account.
  • Fixed: Previously, the uptime monitor would only check the root domain instead of the entire URL that you provide to us in the portal.

August 29th 2018

  • Added: Remote software management to update plugins/themes/WordPress and delete, deactivate, activate plugins. Requires plugin version 1.3.0 installed.
  • Added: Remote user management to delete users, reset password and create new admin account. Requires plugin version 1.3.0 installed.
  • Added: Activity logs tab that will display all activity logs. Requires plugin version 1.3.0 installed.
  • Added: Tab to see the API ID / Secret Key.
  • Added: Menu item that will link you to the change log of the portal and plugin.
  • Changed: A couple of error messages so it now provides more in-depth information.
  • Removed: Old user login logs tab.
  • Fixed: Show proper error when payment cannot be processed.
  • Fixed: Plugin false positive vulnerability when the plugin version is not known.
  • Fixed: Uptime and firewall charts not showing when an old WebARX plugin version is installed.

August 13th 2018

  • Fixed: When you had multiple tags added to a site, then searching for that site would make it show up the number of tags you had added to the site.
  • Fixed: Error when pulling up firewall logs data when the blocked URL contained certain unicodes.
  • Fixed: Slack alerts will now also respect the notification settings.

August 9th 2018

  • Added: Ability to tag your sites which can also be searched for using the search textbox.
  • Fixed: A small bug regarding the security risk icon; sometimes it would still show as vulnerable even though there was no vulnerability.
  • Fixed: When clicking directly on the X of a tag to remove it, it wouldn't actually remove it.

August 3rd 2018

  • Changed: Adjusted some plugin related error messages.
  • Fixed: In some scenarios, certain plugins would still show as vulnerable even though they were not.
  • Fixed: When a payment is attempted to be made, it would sometimes fail on accounts that were made under certain conditions.

August 2nd 2018

  • Added: uptime logs tab on site view page to view detailed information on uptime errors of your site.
  • Added: After integrating Slack, it will now send a test message to let you know it's properly implemented.
  • Added: Option to update the notification settings of all your sites at once. (Under Settings > Notification tab)
  • Added: Ability to receive email notification when your site goes down.
  • Changed: Settings page has been changed to tabbed navigation to make it more user friendly.
  • Changed: Previously a site could go down with status code 0, this no longer happens and instead it provides you with a more detailed error message.
  • Fixed: When updating a site's URL, it will no longer check if it's already in use.
  • Fixed: Date formatting in domain expiration email.
  • Fixed: Remove proxy IP in firewall logs tab so the country flag can be displayed.
  • Fixed: Issue where certain plugins were displayed as vulnerable, even though they were not.
  • Fixed: Issue where uptime monitoring chart on dashboard would sometimes not display the lines correctly.
  • Fixed: Domain name expiration not showing the proper date in the email you receive.

July 28th 2018

  • Added: The sites overview table on the dashboard will now remember the page you were on when you click on a site and go back to the dashboard.
  • Added: A button has been added to the site view page to rescan your site.
  • Added: If a website cannot be added due to an error, additionally display a detailed error message that can be given to us or to your host to further investigate the issue.
  • Fixed: After changing domain notification settings, the "Domain Expiring" checkbox will now properly change to reflect the current setting.
  • Fixed: The text field of the Slack channel has been adjusted so it does not look like it's already filled in.
  • Fixed: If your domain expires, the date format will now be the same as the rest of the site on the site view page.
  • Fixed: If a new day started in the UTC timezone and there is no uptime data to display yet, display a better message.
  • Fixed: In certain scenarios some firewall logs pages did not load properly, this has been fixed.


August 5th 2019

  • Version 1.4.2
  • Added: Multisite network functionality.
  • Added: Strict-Transport-Security security security header.
  • Fixed: Issue related to the hardening tab on the portal.
  • Fixed: Several issues related to backups.
  • Fixed: Several PHP errors.
  • Removed: License expiring message.

May 27th 2019

  • Version 1.4.1
  • Added: Button to disable the backup feature.
  • Added: Textbox to specify maximum number of backup copies to keep in Google Drive.
  • Added: Better errors when a file cannot be written to.
  • Fixed: reCAPTCHA undefined variable error under certain conditions.
  • Fixed: Several backup related issues.
  • Fixed: Software synchronization between the WordPress site and our API has been optimized.
  • Fixed: The way the security headers are set in order to avoid certain PHP header errors.

April 29th 2019

  • Version 1.4.0
  • Added: Backup feature to backup your files and database to Google Drive. You can find this feature under the "Backup" tab on the WebARX plugin settings on your site.

April 10th 2019

  • Version 1.3.9
  • Added: XML-RPC block option has been added and is enabled by default. If you would like to turn it back on, you can find the option on the "Hardening" tab.
  • Fixed: Bluehost IP address issue where the proxy IP address would get logged instead of the actual visitors IP address. This caused conflicts with the firewall banning feature.

April 5th 2019

  • Version 1.3.8
  • Fixed: Several PHP errors that would show up under certain conditions.

March 12th 2019

  • Version 1.3.7
  • Added: Functionality for old whitelisting structure has been re-added.
  • Fixed: Invisible reCAPTCHA error on login.
  • Fixed: Several errors related to the firewall regarding parsing the firewall rules.
  • Fixed: Issue where the session would be killed if you moderated or posted comments.
  • Removed: Referral input fields since it's no longer used.

February 19th 2019

  • Version 1.3.6
  • Added: Ability to match firewall rules against IP addresses.
  • Version 1.3.5
  • Added: Implementation of new enhanced firewall logic (which can be managed in the portal)
  • Changed: WebARX is no longer shown as a menu option but now shown under the "Settings" menu as "Security".
  • Fixed: Bug that killed your session if you managed comments through wp-admin.
  • Fixed: Cookie notice would show briefly on the site with certain caching plugins.
  • Fixed: build_log_db PHP error.
  • Fixed: Undefined variable error.
  • Fixed: Security headers issue with the X-XSS-Protection header.

January 16th 2019

  • Version 1.3.4
  • Added: Functionality so the plugin settings can be remotely adjusted through the portal.
  • Fixed: Version 1.3.3 skipped due to minor bug that had to be fixed.

October 18th 2018

  • Version 1.3.2
  • Changed: Frequency of some scheduled tasks to reduce server load on both your site and our API.
  • Changed: Refactoring of some code.
  • Fixed: Force synchronization with the portal when the plugin is activated under certain conditions.

September 26th 2018

  • Version 1.3.1
  • Fixed: DISALLOW_FILE_EDIT PHP notice error.
  • Fixed: Blocked requests will now properly return a 403 forbidden error.
  • Fixed: Unauthenticated user doing actions on posts will not be logged.
  • Fixed: Cookie notice will no longer be affected by caching plugins.
  • Fixed: Show error on wp-login.php if login rename feature is enabled.
  • Fixed: If IP address header contains multiple IP addresses, use the first IP in the list.
  • Fixed: Fatal PHP error: nesting level too deep.
  • Fixed: Removed policy word from the cookie notice.
  • Fixed: Load reCAPTCHA script only if it is actually enabled.
  • Fixed: Fatal error when plugin is activated on multisite environment.

August 29th 2018

  • Version 1.3.0
  • Added: Activity logs.
  • Added: Ability to specify logon hours. For example 09:00-19:00 or 18:00-06:00 (uses server time).
  • Added: User based 2FA (works with Authy and Google Authenticator)
  • Added: Option to make use of invisible reCAPTCHA.
  • Added: Ability to see which IP addresses are currently blocked from logging in.
  • Added: Ability to unblock blocked IP addresses from logging in and whitelist ability.
  • Added: Finetune when to block an IP addresses when firewall blocks a request.
  • Added: Finetune when to block an IP address when a login request failed.
  • Added: Comment form reCAPTCHA option.
  • Added: Ability to select which user roles are excluded from the firewall.
  • Changed: Re-designed the plugin to match the portal design
  • Changed: Ability to block IP addresses by range, CIDR notation, wildcard and single IP.
  • Changed: Refactored a bunch of code.
  • Removed: Old user login logs.
  • Removed: Old code that was no longer used.
  • Fixed: Several issues regarding plugin/license activation.
  • Fixed: Login brute force blocking not working properly.
  • Fixed: Permission error message.
  • Fixed: WebARX styling overrides styling of other plugins.
  • Fixed: When you request a rescan of the site, it will block WebARX and log it.

 August 3rd 2018

  • Version 1.2.1
  • Added: The ability to control when to block an IP address depending on the number of failed login attempts and time span.
  • Fixed: Security headers checkbox not working properly.
  • Fixed: Prefixed cookie notice CSS class/id attributes so it doesn't collide with the theme or other plugins.

August 2nd 2018

  • Version: 1.2
  • Added: Added section separators to the settings page.
  • Added: Ability to tell WebARX where to inject custom .htaccess code.
  • Added: Ability to tell WebARX to never modify the .htaccess file again.
  • Fixed: Rewrote .htaccess related code to fix issues on certain environments.
  • Fixed: Removed and adjusted some CSS so it doesn't override CSS of other plugins.
  • Fixed: WP_Error on some environments when trying to login.
  • Fixed: Small adjustment made to reCAPTCHA processor to fix issue on some environments.
  • Fixed: WebARX icon on vertical menu's.
  • Fixed: Rename login page not working on certain environments.

July 28th 2018

  • Added: The WebARX logo and text in the cookie notice can now contain your referral link.
  • Fixed: The firewall / user logs pagination styling has been improved.
  • Fixed: Firewall will not execute if the whitelist is non-existent to prevent false positives.
  • Fixed: In rare scenarios the plugin activation process would cause an infinite redirect loop, this has been fixed.
Did this answer your question?