The latest version of our WordPress security plugin, iThemes Security, includes a few new updates for the Version Management feature. iThemes Security’s Version Management feature works to protect your website when outdated software is not updated quickly enough.
With this update, users can now get a notification email containing details about WordPress updates that were installed automatically. iThemes Security will also alert you if it detects any server or site configuration issues that could prevent automatic WordPress updates from working.
New Version Management/Automatic Update Notification Emails pro
The Version Management feature now includes a setting (off by default) which will send an email with details about updates that were installed automatically.
To turn on notification emails, visit the iThemes Security > Settings page in your WordPress dashboard. Scroll to the WordPress Version Management module near the bottom of the page.
Click Configure Settings (or Enable if you haven’t turned Version Management on yet).
Select the “Automatic Update Emails” setting to turn on emails. You can also review the “Email Contacts” section to select which users should get email notifications of version management updates.
Once you’ve activated this setting, you’ll receive an email after background automatic updates have completed, including details of the update.
Know If Your Server or Site Prevents Automatic Updates pro
The Version Management module now reports if it detects any server or site configuration issues that could prevent automatic updates from working.
You’ll now see a notice in the Version Management settings page that contains details of why automatic updates may not run successfully on your site, specifically for WordPress, plugins or themes.
Why Use WordPress Version Management?
Even with the most recommended security settings, running outdated and vulnerable versions of WordPress, themes or plugins on your website can give an attacker an entry point into your site. These settings help protect your site with options to automatically update to new versions or to increase use security when the sites’s software is outdated.
|Version Management Setting||Description|
|WordPress Updates||Automatically installs the latest WordPress release. This should be enabled unless you actively maintain this site on a daily basis and install the updates manually shortly after they are released.|
|Plugin Updates||Automatically install the latest plugin updates. This should be enabled unless you actively maintain this site on a daily basis and install the updates manually shortly after they are released.|
|Theme Updates||Automatically install the latest theme updates. This should be enabled unless your theme has file customizations.|
|Automatic Update Emails New||Sends an email with automatic update details to the Email Contacts selected.|
|Strengthen Site When Running Outdated Software||Automatically add extra protections to the site when an available update has not been installed for a month. his will harden your website security in a couple of key ways: It will force all users that do not have two-factor enabled to provide a login code sent to their email address before logging back in. Additionally, it will disable the WP File Editor (which blocks people from editing plugin or theme code), XML-RPC ping backs, and block multiple authentication attempts per XML-RPC request (both of which will make XML-RPC stronger against attacks without having to completely turn it off).|
|Scan For Old WordPress Sites||Run a daily scan of the hosting account for old WordPress sites that could allow an attacker to compromise the server. This feature will check for outdated WordPress installs on your hosting account. A single outdated WordPress site with a vulnerability could allow attackers to compromise all the other sites on the same hosting account.|
|Email Contacts||Select which users should get email notifications of version management issues and automatic updates (if enabled above).|
Improvement: Fix for Duplicate Emails
With this update, iThemes Security (both Free and Pro) has improved the lockout feature to reduce issues where users received duplicate notification emails.
Get iThemes Security Pro Now with 30+ Ways to Secure Your WordPress Website
iThemes Security, our WordPress security plugin, includes 30+ ways to protect your WordPress website, including enhanced WordPress password security, WordPress two-factor authentication, WordPress brute force protection and more.