Submit Changelog
Track Changelogs

ES Football Bypass for Cloudflare

Changelog

1.9.6

  • NEW: “Is there football now?” subpage under Operation — a plain YES/NO status panel based on the hayahora.futbol feed, with a short note about the data source. Designed for non-technical users to check at a glance whether there are active La Liga IP blocks
  • NEW: Optional “Notifications recipient” email field — leave empty to use the site administrator (default), or set a different address to route notifications to a support mailbox or to the final client
  • UX: Settings page reorganized into clearer sections: Interface mode, Cloudflare Credentials, Bypass behavior (with “Force Proxy OFF during football” now at the top), Email notifications, Uninstall, and Advanced options (only visible in Advanced mode)
  • UX: Technical options (Staleness threshold, Action logging, Log retention, External cron token) are now grouped under “Advanced options” and hidden in Simple mode to reduce noise for client sites
  • UX: “Advanced” mode label now explicitly mentions cron settings so users know where to find them
  • I18N: Plugin now calls load_plugin_textdomain() so the bundled .mo files in /languages/ are picked up when installing from the release zip (previously only translations published on translate.wordpress.org were applied)
  • I18N: All five bundled languages (es_ES, ca, eu, fr_FR, gl_ES) are now at 100% translation coverage — machine-assisted translations for ca/eu/fr_FR/gl_ES will be refined by the GlotPress community over time

1.9.5

  • NEW: Feed diagnostics panel on the Operation page (local data.json age and size, last remote fetch status, active blocked IPs count)
  • NEW: “Clear local cache (data.json)” button to force a clean re-fetch on the next check
  • NEW: Staleness threshold setting (1-72h, default 6h) — “blocked” states whose last stateChange is older than this are treated as unblocked, preventing orphan entries from keeping the bypass active indefinitely. Overridable via cfbcolorvivo_stale_threshold_seconds filter
  • NEW: Minimum-ISPs-with-blocks setting (1-20, default 2) — general bypass only triggers when at least N distinct ISPs report blocks simultaneously, reducing false positives from isolated single-ISP outages. Falls back to classic behavior if the feed has no per-ISP information. Overridable via cfbcolorvivo_min_isps_blocked filter
  • NEW: Feed diagnostics panel now lists the ISPs with active blocks and whether they meet the minimum-ISPs gate
  • NEW: Optional email notifications to the site admin when the bypass turns on/off automatically, with a 2-minute throttle to prevent bursts. Off by default. Overridable via cfbcolorvivo_email_throttle_seconds filter
  • NEW: Interface mode setting — “Simple” hides the diagnostics panel, the logs tab and the technical console for non-technical users, leaving only the block status and the manual proxy ON/OFF buttons. “Advanced” shows everything as before. New installs default to Simple; upgrades from 1.9.x and earlier keep the Advanced experience automatically
  • NEW: External cron settings now show the full request URL and a ready-to-paste crontab example using your current check interval
  • NEW: “Delete data on uninstall” setting — uncheck it to keep settings, credentials and logs across reinstalls. Cron hook and ephemeral transients are always cleaned up regardless of this setting
  • SECURITY: Update URI header added to lock updates to WordPress.org (prevents slug hijacking by external sources)
  • PERF: get_settings() memoized per request, avoiding repeated normalization on the same page load
  • FIX: Explicit logging when dns_get_record() fails for the site domain
  • FIX: DateTime parse errors when comparing lastUpdate are now logged instead of silenced
  • FIX: Warning logged when hayahora.futbol JSON has unexpected structure (no lastUpdate nor known IP keys)
  • CODE: stateChanges parsing deduplicated across three call sites into a single latest_state_from_changes() helper
  • UI: “Reset settings” option removed — uninstalling the plugin (with “Delete data on uninstall” checked, which is the default) gives the same clean slate and avoids duplicating the destructive action

1.9.2

  • I18N: Source language refactored to English (was Spanish), aligning with the WordPress.org translation convention
  • I18N: New es_ES.po with 100% Spanish translations bundled (no functionality change for Spanish users)
  • I18N: ca, eu, fr_FR and gl_ES translations completed to 100% (23 new strings added)
  • I18N: en_US.po removed (source IS English now, no longer needed)
  • I18N: .pot regenerated from current code with English msgids and accurate line references
  • DOCS: Plugin header Description rewritten in English to match the new source language

1.9.1

  • FIX: Text domain changed to match new WP.org slug (es-football-bypass-for-cloudflare)
  • FIX: All file paths now use wp_upload_dir() instead of hardcoded WP_CONTENT_DIR
  • FIX: File operations migrated to WP_Filesystem API (no more file_put_contents)
  • FIX: register_setting() uses proper array format with sanitize_callback
  • FIX: Stricter sanitization for selected_records, bypass_blocked_ips and state fields
  • FIX: Inline JavaScript no longer uses PHP interpolation, uses wp_localize_script data
  • FIX: Plugin data directory renamed to es-football-bypass-for-cloudflare in uploads
  • FIX: Contributors field corrected in readme.txt
  • DOCS: External services section updated with hayahora.futbol information links

1.9.0

  • RENAME: Plugin renamed from “CF Football Bypass” to “ES Football Bypass for Cloudflare” (WordPress.org trademark compliance)
  • DOCS: External services section expanded with server IP detection services documentation
  • DOCS: Enhanced privacy and data transmission details for all external services

1.8.6

  • CODE: Full WordPress Coding Standards compliance (PHPCS): tabs, spacing, Yoda conditions, snake_case variables, PHPDoc comments
  • UX: Plugin version now displayed on all plugin pages (Operation, Settings, Logs)
  • I18N: All remaining hardcoded Spanish strings wrapped in __() for consistent translations
  • CODE: Short ternary operators replaced with full ternary for WP standards
  • CODE: in_array() calls now use strict mode
  • CODE: Assignment-in-condition patterns refactored

1.8.5

  • NEW: Support for Cloudflare Account-owned API Tokens (in addition to User API Tokens and Global API Key)
  • NEW: Account ID field shown when Account Token is selected
  • UX: Auth type selector now offers three options: Global API Key, User Token, Account Token
  • UX: Email and Account ID fields show/hide dynamically based on selected auth type

1.8.2

  • NEW: Server outgoing IP detection shown in Settings to help restrict Cloudflare API Token by IP
  • UX: IP is cached for 1 hour and detected from multiple sources for reliability

1.8.1

  • SECURITY: External cron token comparison now uses hash_equals() to prevent timing attacks
  • PERFORMANCE: Log pruning throttled to once per day instead of on every log event
  • UX: Confirmation dialogs before destructive actions (Force OFF, Force ON, Reset)
  • UX: Action buttons are disabled during AJAX operations to prevent double-click
  • UX: Local environment detection with friendly warning on Operation page
  • CODE: Added uninstall.php for complete cleanup on plugin removal (WP_Filesystem)
  • CODE: Replaced deprecated current_time(‘timestamp’) with time() (WP 5.3+)

1.8.0

  • IMPROVEMENT: Changed all prefixes from cfb_ to cfbcolorvivo_ to avoid conflicts with other plugins
  • IMPROVEMENT: Changed all CSS/JS identifiers from cfb- to cfbcolorvivo- for uniqueness
  • CODE: Settings option renamed to cfbcolorvivo_settings
  • CODE: Cron hook renamed to cfbcolorvivo_check_football_status
  • CODE: Log directory renamed to cfbcolorvivo-logs
  • CODE: All AJAX actions, transients, and filters updated with new prefix

1.7.1

  • FIX: Fixed critical bug in configuration checkboxes that prevented unchecking options once activated
  • FIX: “Force Proxy OFF during football” option can now be properly disabled
  • FIX: “Action logging” option can now be properly disabled
  • FIX: Improved code compliance with WordPress.org plugin guidelines

1.7.0

  • IMPROVEMENT: JavaScript now uses wp_enqueue_script() and wp_add_inline_script() per WordPress.org directory guidelines
  • IMPROVEMENT: Removed all inline script blocks from PHP code
  • IMPROVEMENT: Dynamic data passed via wp_localize_script() for better code separation
  • IMPROVEMENT: admin_enqueue_scripts hook properly implemented with page filtering
  • CODE: Complete refactoring of admin assets system

1.6.0

  • SECURITY: Log file moved to wp-content/uploads/cfbcolorvivo-logs/ with .htaccess protection
  • SECURITY: IP anonymization in logs for GDPR compliance
  • SECURITY: Removed error suppression operators (@) with explicit checks
  • SECURITY: Added index.php files to prevent directory listing
  • IMPROVEMENT: Full internationalization (i18n) support with cf-football-bypass text domain
  • IMPROVEMENT: Plugin header updated with all fields required by WordPress.org
  • IMPROVEMENT: Automatic log directory creation with protection
  • IMPROVEMENT: Better error handling for file writing
  • FIX: Version sync between plugin header and readme.txt

1.0.1

  • Added Cloudflare API Token support
  • Improved manual control button with confirmation
  • Sidebar with recommended links
  • Minor bug fixes
  • Better error handling and logging

1.0.0

  • Initial version
  • Automatic hayahora.futbol monitoring
  • Automatic Cloudflare DNS record management
  • Global API Key support
  • Admin dashboard
  • Integrated cron system

Plugin Website
Visit website

Author
Carrero
Version:
1.9.6
Last Updated
April 18, 2026
Requires
WordPress 5.0
Tested Up To
WordPress 6.9.4
Requires PHP
7.4

Share Post

Join our newsletter.

Get insights into what’s happening at ChangelogWP right in your inbox. We don’t believe in spam.