# Changelog — JPKCom Hide Login

> Versionsverlauf des WordPress-Plugins JPKCom Hide Login.

Source: https://www.jpkc.com/db/changelog/jpkcom-hide-login/

Versionsverlauf von [`jpkcom-hide-login`](https://github.com/JPKCom/jpkcom-hide-login). Die Einträge stammen unverändert aus der README des Projekts. Eine ausführliche Anleitung mit Tipps findest du im [Projekt-Guide](https://www.jpkc.com/db/guides/jpkcom-hide-login/).

## 1.2.3 (2026-06-16)
* Raised the minimum WordPress version to 6.9 and "Tested up to" to WordPress 7.0
* Switched license metadata to the SPDX identifier `GPL-2.0-or-later` with the HTTPS license URI

## 1.2.2 (2026-06-16)
* Security: updater prefers an exact match against the manifest `download_url` over the slug heuristic, so a tampered manifest can no longer bypass the checksum gate
* Security: timing-safe checksum comparison (`hash_equals()`) with an `is_string()` guard against `hash_file()` failures
* Security: manifest fetch via `wp_safe_remote_get()` (SSRF defense-in-depth)
* Fixed PHP warning and missing contributor names in the plugin detail popup (`display_name` now provided)
* Fixed PHP warning/deprecation on `wp plugin list` by completing the `no_update` transient entry (`new_version`, `package`, `tested`, `requires_php`)

## 1.2.1 (2026-03-13)

### Fixed
- **ZIP-Upload Fix** - Manual ZIP uploads via WP-Admin no longer fail with "invalid URL" error during checksum verification
- **Release ZIP Structure** - GitHub Actions release now creates ZIP with top-level plugin folder, ensuring WordPress correctly recognizes updates

## 1.2.0 (2025-11-12)

### Added
- **IP Whitelist Management** - Add trusted IPs that will never be blocked
- **CIDR Range Support** - Whitelist entire IP ranges (e.g., `192.168.1.0/24`)
- **Enhanced Admin Interface** - Professional settings page with all features
- **Blocked IP Viewer** - See currently blocked IPs with expiration times
- **Brute Force Protection** - Automatic IP blocking after failed login attempts
- **Customizable Protection Thresholds** - Configure max attempts, attempt window, and block duration
- **Login Attempt Counter** - Shows remaining attempts on failed logins
- **Current IP Display** - See your current IP in admin settings
- **One-Click Block Clearing** - Clear all blocked IPs with a button
- **Automatic Database Cleanup** - Daily WordPress Cron job removes expired login attempt data
- **WP-CLI Cleanup Command** - Manual database cleanup via `wp jpkcom-hide-login cleanup`
- **Full WP-CLI Support** - Complete command-line management for all plugin features

…

## 1.0.0 (2024-11-30)

- Initial Release
- Basic login URL masking
- Simple IP blocking
- Multisite support
- Basic admin settings

---