Atlant Security

1.1.2

• Added: About page with 5-Layer Defense Architecture, competitive features list, attack vector coverage, and plugin information
• Improved: Dashboard decluttered — informational panels moved to About page for a cleaner operational view
• Improved: About page lists 15 unique competitive features with descriptions
• Fixed: Setup wizard no longer auto-redirects on plugin activation or reactivation
• Fixed: Setup wizard accessible from sidebar navigation at any time

1.1.1

• Improved: Visitor log table uses percentage-based column widths for fluid layout across screen sizes
• Improved: Filter bar and results info bar spacing tightened
• Fixed: Setup wizard admin notice removed — no longer floats above page layout

1.1.0

• Improved: Stat cards compacted — smaller icons, tighter padding, reduced font sizes
• Improved: Page header, grid column, and IP list padding reduced for denser layout
• Fixed: Session timeout now correctly respects “Exempt Administrators” setting for idle timeout and session fingerprint binding (was only checked for concurrent session limits)
• Fixed: Session security settings description updated to reflect full admin bypass scope

1.0.9

• Improved: Inner sidebar width reduced from 240px to 200px with tighter item padding
• Improved: Table headers shortened (IP Address > IP, Country > flag only, etc.)
• Improved: Top IPs widget uses compact 24x24px icon buttons instead of full-width buttons
• Improved: Dashboard grid right column uses responsive minmax sizing
• Improved: Page content padding and table cell padding reduced globally

1.0.8

• Fixed: Visitor log column widths — JS table-resize no longer overrides CSS-defined column classes
• Fixed: Added CSS column width classes to all table headers (visitor log + dashboard live visitors)
• Fixed: Dashboard live visitors table shows flag only (removed redundant country code text)

1.0.7

• Added: Inner sidebar navigation (Nexus SEO style) — all plugin pages accessible from a persistent left panel
• Added: WordPress sidebar shows single “Atlant Security” entry instead of 23 submenu items
• Added: Sidebar brand header with logo, active page highlighting, version footer
• Added: Responsive sidebar — collapses to horizontal nav on screens below 1024px
• Fixed: Plugin footer now renders inside page layout instead of WP’s admin footer area
• Fixed: “Sorry, you are not allowed to access this page” error caused by removing WordPress $submenu entries — now uses CSS-based hiding to preserve permission checks

1.0.6

• Improved: All plugin admin pages now send no-cache headers to prevent stale data from caching plugins
• Fixed: Top Pages widget CSS class mismatch causing broken styling
• Fixed: Top IPs widget now excludes whitelisted IPs from the list

1.0.5

• Fixed: decodeEntities function scoping bug in admin.js causing HTML entity rendering issues

1.0.4

• Added: GeoIP country resolution — MaxMind GeoLite2-Country integration with pure-PHP MMDB reader, auto-download, weekly auto-update, and dedicated admin page with test lookup
• Added: Custom Login URL module — move wp-login.php to a custom slug with automatic redirect of the default login page
• Added: Password Policy module — configurable minimum length, character requirements, common password blocking, and passphrase generator
• Added: Force SSL Admin as a plugin-managed setting (defines FORCE_SSL_ADMIN constant at runtime)
• Added: Auto-Update Plugins and Auto-Update Themes toggles in Settings and Hardening checklist
• Improved: Admin sidebar pages reordered alphabetically for easier navigation
• Improved: Post-Breach Command Center layout — lockdown status widget moved into Critical Actions grid
• Improved: Hardening checklist — Force SSL Admin now toggleable from the checklist (was “Manual fix required”)
• Fixed: Post-Breach page SQL queries referenced nonexistent table name (aswp_ip_blocks > aswp_blocked_ips)
• Fixed: Post-Breach blocked IP count query used wrong column names (expires_at > permanent/blocked_until)
• Fixed: Database migration duplicate-key error that broke all AJAX endpoints (visitor log, dashboard widgets)
• Fixed: Settings loss on plugin reactivation — WAF mode, auto-blocks, and setup wizard no longer reset
• Fixed: Timezone mismatch between stat cards and live visitors (gmdate/NOW vs current_time)
• Fixed: Text domain loaded too early warning on WordPress 6.7+ (moved to init hook)
• Fixed: Plugin deletion wiped all data — uninstall now requires explicit opt-in via deactivation dialog or Settings toggle
• Fixed: ALTER TABLE ADD INDEX SQL errors corrupting AJAX JSON responses when WP_DEBUG_DISPLAY is on
• Fixed: Consistent timezone handling across all 12 modules
• Fixed: Correlated subquery in update_blocked_counts cron job — replaced with single JOIN
• Fixed: Daily digest cron hook not cleared on plugin deactivation
• Fixed: GeoIP database directory cleanup in uninstall.php
• Internal: Complete codebase prefix migration from fwwp_ to aswp_ with automatic database migration on upgrade

1.0.3

• Added: Honeypot module with hidden link trap, fake login page, comment honeypot, CF7 integration
• Added: 3-layer safe bot protection for honeypots (robots.txt, nofollow, UA detection)
• Added: Security Headers admin page with letter-grade scoring
• Added: Two-Factor Authentication admin page with TOTP and Email OTP
• Added: Notifications admin page (Email, Slack, Webhook, Daily Digest)
• Fixed: Top IPs widget now shows VirusTotal link, Block button, and Details button
• Fixed: IP Detail Modal — added max-height, scroll, wider layout
• Fixed: Blocked IPs now correctly log 403 status code instead of 200
• Fixed: TwoFA role handling for comma-separated role strings

1.0.2

• Added: 5 new security modules — AI Crawlers, REST API Policies, Session Security, Outbound Monitor, Cron Guard
• Added: 5 new admin pages with full settings UI for each module
• Improved: Dashboard with live visitors auto-refresh, traffic chart, top IPs/pages widgets

1.0.1

• Added: Setup Wizard with 7-step guided configuration
• Added: IP Detail Modal on Dashboard
• Improved: Dashboard stat cards, browser distribution chart
• Fixed: Setup wizard pagination and button responsiveness

1.0.0

• Initial release with 17 security modules
• Web Application Firewall with 28+ attack pattern rules
• Brute force protection with progressive lockout
• Malware scanner (file and database)
• Post-breach recovery toolkit (12 actions)
• IP blocking and whitelisting
• Visitor log with filtering and pagination
• Admin audit log
• WordPress hardening (6 toggles)
• Rate limiter (11 endpoint categories)
• Real-time security dashboard