Announcing:
LSCache for WordPress v6.5
In this release: enhanced debug log security (update recommended), and more!
RELEASE LOG:
- ā¯—Security: This release includes several debug log improvements for improved security, as listed below. Update strongly recommended.
- Debug: Moved debug log to litespeed individual folder `/wp-content/litespeed/debug/`.
- Debug: Disallowed visits to `/litespeed/debug/` folder log files in .htaccess.
- Debug: Dropped const `LSCWP_DEBUG_PATH` support.
- Debug: Renamed `debug.purge.log` to `purge.log`.
- Debug: Added dummy `index.php` for debug folder.
- Debug: Used random string for log filenames.
- Debug: Removed cookies-related info. (Thanks to Rafie)
- Debug: Dropped `Log Cookies` option.
- Report: Escaped report content to protect it from potential XSS attack. (Islam R alsaid #505746)
- ESI: Added nonce for Advanced Custom Fields + Advanced Forms. (David Lapointe Gilbert #439)
- Purge: Run ACTION_PURGE_EMPTYCACHE even if cache is disabled in network admin. (Philip #453)
- Page Optimize: Disable UCSS exclusion when UCSS is inactive. (#640)
- 3rd: Fixed undefined warning in WooCommerce Widgets. (Lolosan #719)
- 3rd: Correct the integration with User Switching. (John Blackbourn #725)
- 3rd: Fixed Admin Bar Missing issue on DIVI + Elementor frontend. (thyran/robertstaddon PR#727)
https://wordpress.org/plugins/litespeed-cache/
Cheers!
Wednesday, September 4, 2024