1.0.0 - 2014-03-25 - Chris Wiegman
	Initial Release
1.0.1 - 2014-03-25 - Packaging Bot (modules/free)
	Initial Release
1.0.2 - 2014-03-25 - Chris Wiegman
	update iThemes packager slugs so licensing will function
1.0.3 - 2014-03-25 - Packaging Bot (core)
	Initial Release
1.0.4 - 2014-03-26 - Packaging Bot (lib/icon-fonts)
	Fixed issue with admin menu icons not functioning properly on sites that have an ABSPATH or WP_CONTENT_DIR of "/".
1.0.5 - 2014-03-27 - Packaging Bot (core)
	Initial Release
1.0.6 - 2014-03-27 - Packaging Bot (modules/free)
	Initial Release
1.0.7 - 2014-04-01 - Packaging Bot (core)
	Fixed history.txt (for iThemes customers)
	Moved upgrade to separate function for more seamless update
	Upgrade system rewritten for better functionality
	Make sure 404 doesn't fail if there is not a 404.php in the theme
	Make sure WordPress root URLs render correctly
	Filewrite now only builds rules on demand.
	Fixed dismiss button on intro modal for small screens
	General cleanup and typo fixing
1.0.8 - 2014-04-01 - Packaging Bot (modules/free)
	Updated modules/free to version 1.0.3
1.0.9 - 2014-04-01 - Packaging Bot (modules/pro)
	Existing pro modules use new upgrade system when upgrading between versions
1.0.10 - 2014-04-01 - Packaging Bot (modules/free)
	Updated modules/free to version 1.0.4
1.0.11 - 2014-04-02 - Packaging Bot (modules/free)
	only save post meta for ssl when the value is true
	fixed missing admin user settings if only one part had been changed
	SSL Redirection working properly on front end. No more redirect errors
	hide backend will warn of the new url when saving
	hide backend will now email the notification email(s) when the login area has been moved
	Added BackupBuddy coupon
1.0.12 - 2014-04-02 - Packaging Bot (core)
	Added ability to manually purge log table
1.0.13 - 2014-04-03 - Packaging Bot (core)
	Added "Show intro" button next to screen options to bring the intro modal back
	Added ability to use HTML in error messages
	Minor copy and other tweaks
1.0.14 - 2014-04-03 - Packaging Bot (modules/free)
	Private posts will now work with hide backend
	Added an option for custom login action that can bypass hide login
	Allow admin-ajax.php to bypass hide backend
	Added filters for external backup plugins to register with the dashboard
	Enable theme compatibility mode by default
	Miscellaneous copy and function doc fixes
1.0.15 - 2014-04-05 - Packaging Bot (core)
	Execute permanent ban on the correct lockout count, not the next one
	Updated quick ban rules to match standard ban rules (will work with proxy)
1.0.16 - 2014-04-05 - Packaging Bot (modules/free)
	Fixed an NGINX rule that didn't actually block XMLRPC.php
	Updated rule order on ban users
	Fixed a bug that could prevent away from from turning off in certain time configurations (this resulted in the return to homepage on login)
	Updated some function doc
1.0.17 - 2014-04-05 - Packaging Bot (core)
	Update plugin build
1.0.18 - 2014-04-05 - Packaging Bot (modules/free)
	Fixed bug preventing file change scanning from advancing when chunked
	Don't autoload file list on non-multisite installations
	Make sure away mode settings transfer from 3.x or disable away mode
1.0.19 - 2014-04-08 - Packaging Bot (modules/free)
	Make sure unset admin user field remains if the other setting has been fixed
	Removed admin user from settings table of contents
	Make sure array input is trimmed in file change module
	Correct input type on file change settings sanitization
	Use full URL on file change warning redirect to prevent invalid target
	Reduce erroneous hide backend change warnings
	When accessing htaccess or wpconfig make sure opening settings changes are 664 instead of 644 to reduce issues
	Update hackrepair.com's Agents blacklist
1.0.20 - 2014-04-08 - Packaging Bot (core)
	Make sure global settings save button matches others
	Fixed link in locout email
	Email address settings retain end of line
	Sanitize email addresses on save and not just use
	Make sure whitelist is actually an array before trying to process
	Make sure rewrite rules show on dashboard when file writing isnt allowed
	Added extra information to dashboard server information to help troubleshooting
1.0.21 - 2014-04-08 - Packaging Bot (modules/free)
	Clean up away mode to prevent lockouts on update or other points
1.0.22 - 2014-04-10 - Packaging Bot (core)
	Updated core to version 1.0.9
1.0.23 - 2014-04-10 - Packaging Bot (modules/free)
	Updated modules/free to version 1.0.11
1.0.24 - 2014-04-14 - Packaging Bot (core)
	Updated core to version 1.0.10
1.0.25 - 2014-04-14 - Packaging Bot (modules/free)
	Updated modules/free to version 1.0.12
1.0.26 - 2014-04-17 - Packaging Bot (core)
	Make sure logs directory is present before trying to use it
	Log a message when witelisted host triggers a lockout
	Don't create log files if they're not going to be used
	Miscellaneous typos and orther bugfixes
	Add pro tab if pro modules need it
	Upgrade module loader to only load what is needed
1.0.27 - 2014-04-17 - Packaging Bot (modules/free)
	Make sure backup directory is present before trying to use it
	Make sure backup file method is respected on all backup operations
	Added ability to limit number of backups saved to disk
	Minor typo and other fixes
	Only load front-end classes as needed
	Add link to free support at .org forums
	Remove select(?ed) from suspicious query strings for 3.9 compatibility
	Fixed domain mapping issue (requires http://wordpress.org/plugins/wordpress-mu-domain-mapping/ domain mapping plugin)
	Remove array type errors on 404 pages
	Remove remaining create function calls
1.0.28 - 2014-04-17 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.0.2
1.0.29 - 2014-04-18 - Packaging Bot (core)
	Make sure uploads directory is only working in blog 1 in multisite
	Better checks for run method in module loader
1.0.30 - 2014-04-18 - Packaging Bot (modules/free)
	XMLRPC soft block should now work with WordPress mobile app
1.1.1 - 2014-04-21 - Packaging Bot (core)
	Make sure "remove write permissions" works
	Better descriptions on white list
	Add pro table of contents if needed
	Make sure security admin bar item works
	Make sure lockout message only happens when needed
	Suppress errors on readlink calls
	Make sure class is present for permanent ban
	Make sure white list is an array
	Fix white listed IPs not working
1.1.2 - 2014-04-21 - Packaging Bot (modules/free)
	Log when Away-mode is triggered
	Make sure away mode file isn't accidently deleted
	Make sure away mode doesn't even allow access to the login form (as it didn't in 3.x)
	Enhance warnings on "Change content directory" settings
	Better descriptions on white lists
	Fixed XMLRPC label
	Better XMLRPC Dashboard status
	Don't allow logout action on wp-login.php with hide backend
1.1.3 - 2014-04-21 - Packaging Bot (modules/free)
	Better check for variable in SSL admin
1.1.4 - 2014-04-24 - Packaging Bot (core)
	Miscelaneous typos and other fixes
	Remove extra file lock on saving .htaccess, nginx.conf and wp-config.php. Only flock will be used in these operations
1.1.5 - 2014-04-24 - Packaging Bot (modules/free)
	Fixed a function not found error in the brute force module
	Improved content filtering in SSL so that more images and other content will link with appropriate protocol.
	Fixed hide backend in cases where a lockout has expired
	Miscelaneous typos and other fixes.
1.2.1 - 2014-05-07 - Packaging Bot (core)
	Updated core to version 1.2.0
1.2.2 - 2014-05-07 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.0
1.2.3 - 2014-05-07 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.0.3
1.3.1 - 2014-05-19 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.1.0
1.3.2 - 2014-05-19 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.1
1.3.3 - 2014-05-19 - Packaging Bot (core)
	Updated core to version 1.2.1
1.4.1 - 2014-05-28 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.2.0
1.4.2 - 2014-05-28 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.2
1.4.3 - 2014-05-28 - Packaging Bot (core)
	Updated core to version 1.3.0
1.5.1 - 2014-06-11 - Packaging Bot (core)
	Updated core to version 1.4.0
1.5.2 - 2014-06-11 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.3
1.5.3 - 2014-06-11 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.3.0
1.5.4 - 2014-06-12 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.4
1.5.5 - 2014-06-12 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.3.1
1.5.6 - 2014-06-12 - Packaging Bot (core)
	Updated core to version 1.4.1
1.5.7 - 2014-06-12 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.5
1.5.8 - 2014-06-12 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.6
1.5.9 - 2014-06-12 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.7
1.5.10 - 2014-07-02 - Packaging Bot (core)
	Updated core to version 1.4.2
1.5.11 - 2014-07-02 - Packaging Bot (modules/free)
	Updated modules/free to version 1.2.8
1.5.12 - 2014-07-02 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.3.2
1.6.1 - 2014-07-28 - Packaging Bot (modules/pro)
	Added malware scheduler
	Fixed missing user on all logs for User Logging feature
	Fixed various typos throughout the dashboard
	Enhanced dashboard code for better performance
1.6.2 - 2014-07-28 - Packaging Bot (modules/free)
	Added on-demand malware scanning for the homepage
	Fixed Error in 404 scanning if path field was empty
	Updated hackrepair.com's default blacklist
	Modified support reminder to ask users to upgrade rather than donate
	Use get_home_path() in place of ABSPATH to account for WordPress core in a different directory than wp-content
	Use PHP comments in index.php file to account for the possibility of a scan including the file in which case the html comment could result in an error
	Fixed various typos throughout the plugin dashboard
	Added ability to prevent file change scanning from running on a given page load by defining ITSEC_FILE_CHECK_CRON to true
	Cleaned up file change logging reports to me more clear when no files have been changed
	Added feature to immediately ban user "admin" when no user "admin" exists on the site and a host tries to log in with it anyway
	Added blank line to end of all textarea input to make it easier to input data
	Added brute force checks to XMLRPC calls to prevent brute force attacks against XMLRPC
1.6.3 - 2014-07-28 - Packaging Bot (core)
	Added malware and malware scheduling modules
	Added better URL validation to ITSEC_LIB
	Added exception for 127.0.0.1 to prevent a local server from being locked out of a site during wp-cron or other calls
	Added button to quickly add current IP address to permanent whitelist
	Added appropriate message for logs page when logs are not available due to "file only" logging being selected
1.6.4 - 2014-07-28 - Packaging Bot (modules/free)
	Fixed an inadvertant disabling of file change scans intrudced in 4.3
1.6.5 - 2014-07-29 - Packaging Bot (modules/pro)
	Updated descriptions an instructions in malware scheduling to make the feature easier to use
	Numerous typo corrections throughout dashboard
1.6.6 - 2014-07-29 - Packaging Bot (modules/free)
	Updated modules/free to version 1.3.2
1.6.7 - 2014-07-29 - Packaging Bot (core)
	Make sure pro core module loads to remove upsell when pro has already been purchased.
1.6.8 - 2014-07-30 - Packaging Bot (modules/free)
	Clean up notifications for file change detection and malware scanning
1.6.9 - 2014-07-30 - Packaging Bot (core)
	Clean up notifications for file change detection and malware scanning
1.6.10 - 2014-08-11 - Packaging Bot (core)
	Ensure that individual module updates fire when updating the plugin
	Added function to retrieve current URL from the front-end
1.6.11 - 2014-08-11 - Packaging Bot (modules/free)
	Remove error message if WP_Error is returned with wp_remote_post in malware scan
	Fixed bug where away-mode was still enabled after one-time period has passed which could result in away mode activating when it should not
	Fixed error in brute force protection that counts valid logins with XML-RPC as bad logins towards a brute force lockout.
1.6.12 - 2014-08-11 - Packaging Bot (modules/pro)
	Modified malware scheduling for simpler interface and less resource usage
	Add file lock during scheduled malware scans to prevent multiple concurrent scans
1.6.13 - 2014-08-20 - Packaging Bot (core)
	Updated core to version 1.5.4
1.6.14 - 2014-08-20 - Packaging Bot (modules/free)
	Low Severity Security Fix - Lack of access control patched - Sucuri (reported 19Aug2014)
	Fixed an error in XMLRPC blocking when $username variable cannot be found
1.6.15 - 2014-08-20 - Packaging Bot (modules/pro)
	Fixed Notice: Undefined index: type in ...modules/pro/settings/class-itsec-settings-admin.php on line 171
1.7.1 - 2014-09-09 - Packaging Bot (core)
	New Feature: Add IPCheck Brute Force API integration
	New Feature: Add ability to receive a daily digest email instead of individual emails per event.
	Enhancement: Added "Go Pro" menu item to admin menus.
	Enhancement: Added button to release IP address from temporary whitelist.
	Fixed: introduction screen should now display completely on computers with low-resolution screens.
	Fixed: multisite bug that still showed BackupBuddy (if present) even though BackupBuddy is not multisite compatible.
	Fixed: Scrolling table of contents should not cover side-bar items on pro.
	Fixed: When changing admin user login form will no show the correct path when WordPress is not installed in the same directory as the website address.
	Fixed: File locking will try to create the iThemes Directory if it isn't already present rather than just saying a lock could not be attained.
1.7.2 - 2014-09-09 - Packaging Bot (modules/free)
	New Feature: Add IPCheck Brute Force API integration
	Enhancement: Reordered sidebar items to make it easier for the user to get to the information they need from iThemes
	Fixed: The plugins_loaded hook which fires on logout will now fire later to improve compatibility with iThemes Exchange
	Fixed: multisite bug that still showed BackupBuddy (if present) even though BackupBuddy is not multisite compatible.
	Fixed: Added an extra flag in an attempt to reduce duplicate file-change detection executions.
	Fixed: Added missing index.php files to directories that were missing them to ensure no information could be attained if directory is turned on.
	Fixed: Make sure hide backend rewrite rules are consistent with the correct location of the WordPress login page when WordPress is not installed in the main website folder.
	Fixed: Fixed an error whereas an empty filter could display an error when building the log tables.
1.7.3 - 2014-09-09 - Packaging Bot (modules/pro)
	Fixed: Added missing index.php files to directories that were missing them to ensure no information could be attained if directory is turned on.
1.7.4 - 2014-09-09 - Packaging Bot (modules/free)
	Fixed: Fixed an error that could occur on multisite due to a missing "core" object
1.7.5 - 2014-09-09 - Packaging Bot (modules/free)
	Fixed: Force stylesheet reload for new nags and other items by pushing plugin build number to stylesheet registrations
1.7.6 - 2014-09-09 - Packaging Bot (modules/pro)
	Fixed: Force stylesheet reload for new nags and other items by pushing plugin build number to stylesheet registrations
1.7.7 - 2014-09-09 - Packaging Bot (core)
	Fixed: Fixed typos in digest email.
	Fixed: Fixed typos in default network lockout message.
	Fixed: Force stylesheet reload for new nags and other items by pushing plugin build number to stylesheet registrations
1.7.8 - 2014-09-10 - Packaging Bot (modules/pro)
	Fixed: Fixed a bug that could prevent multi-site users from scheduling malware scans
1.7.9 - 2014-09-10 - Packaging Bot (modules/free)
	Fixed: fixed possible undefined api_error variable on line 316 if WordPress believes the email address is invalid.
	Fixed: failed calls to various apis will no longer throw a php error on failure.
1.7.10 - 2014-09-11 - Packaging Bot (lib/icon-fonts)
	Add support for ContactBuddy
1.8.1 - 2014-09-15 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.6.0
1.8.2 - 2014-09-15 - Packaging Bot (modules/free)
	Enhancement: Added a link to the actual timezone settings in the general settings page (instead of the top of the page)
	Fixed: Fixed missing "no changes" text in file change emails.
	Fixed: Formatting of individual file change emails will now work.
	Fixed: Fixed a bug in ban users user agents that would cause a crash on Apache if the user agent contained a space
	Fixed: When an invalid backup directory is detected it will not fail but will instead reset it to the original.
1.8.3 - 2014-09-15 - Packaging Bot (core)
	New Feature: Automatically generate strong passwords
	New Feature: Password expiration
	Fixed: When an invalid log directory is detected it will not fail but will instead reset it to the original.
	Fixed: No more duplicate digest emails
	Fixed: No more "Array" message appearing in digest emails from user lockouts
	Fixed: HTML in traditional file log emails will display correctly.
	Fixed: From address in notification emails will now display correctly.
	Fixed: MySQL errors will no longer appear for missing iThemes Security tables. Instead it will attempt to recreate them.
1.8.4 - 2014-09-15 - Packaging Bot (modules/pro)
	Fixed: Updated malware-scheduling to reduce errors when last scans is saved as something other than an array.
1.8.5 - 2014-09-16 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.6.2
1.8.6 - 2014-09-16 - Packaging Bot (modules/free)
	Enhancement: Updated copy on Virustotal API key to indicate that a private key is not needed.
	Fixed: More complete check for user id when resettings password will prevent undefined index login on line 62 error.
	Fixed: Fixed a bug that prevented the api key from saving after resetting the key.
	Fixed: Removed errors that could occur due to the use of custom capabilities and roles.
1.8.7 - 2014-09-16 - Packaging Bot (core)
	Updated core to version 1.7.1
1.8.8 - 2014-09-17 - Packaging Bot (core)
	Updated core to version 1.7.2
1.8.9 - 2014-09-17 - Packaging Bot (modules/free)
	Updated modules/free to version 1.4.6
1.8.10 - 2014-09-17 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.6.3
1.8.11 - 2014-10-09 - Packaging Bot (core)
	Fixed: fixed duplicate ID issue from user_id_exists calls.
	Fixed: Fixed an error in the lockout module that results in an error for users of multisite
	Fixed: Notification emails will no longer send if not turned on
	Fixed: Duplicate messages will not be allowed in digest emails
	Fixed: Duplicate digest emails will have a far lesser chance of sending
	Fixed: User lockout count in email notifications will now be correct
1.8.12 - 2014-10-09 - Packaging Bot (modules/free)
	Updated modules/free to version 1.4.7
1.8.13 - 2014-10-09 - Packaging Bot (core)
	Fixed: Error on line 1312 when iThemes API is actived with version 4.4.15
1.9.1 - 2014-10-13 - Packaging Bot (modules/pro)
	New Feature: Dashboard widget. Get important information and handle user blocking right from the WordPress Dashboard.
1.9.2 - 2014-10-13 - Packaging Bot (modules/free)
	New Pro Feature: Dashboard widget. Get important information and handle user blocking right from the WordPress Dashboard.
	Fixed: When using wp-cron for file checking cron check will run daily instead of hourly.
1.9.3 - 2014-10-13 - Packaging Bot (core)
	New Pro Feature: Dashboard widget. Get important information and handle user blocking right from the WordPress Dashboard.
1.10.1 - 2014-10-21 - Packaging Bot (core)
	New Pro Feature: File change scanning will now compare WordPress core files to the WordPress.org repository.
	Fixed: Make sure php_gid is always defined to prevent error message if the function is not usable.
	Fixed: Link to BackupBuddy in admin bar will now work correctly.
1.10.2 - 2014-10-21 - Packaging Bot (modules/free)
	New Pro Feature: File change scanning will now compare WordPress core files to the WordPress.org repository.
1.10.3 - 2014-10-21 - Packaging Bot (modules/pro)
	New Feature: File change scanning will now compare WordPress core files to the WordPress.org repository.
1.10.4 - 2014-10-28 - Packaging Bot (modules/free)
	Enhancement: More time/date information is now shown in the logs for file change scanning
	Fixed: Filechange will no longer show false positives with every change in DST (although this will cause run round of such notifications on update).
	Fixed: Link to malware scanning logs will work.
1.11.1 - 2014-11-04 - Packaging Bot (modules/pro)
	New Feature: Temporary privilege escalation
	Fixed: App passwords in two-factor authentication will now correctly authenticate themselves.
1.11.2 - 2014-11-04 - Packaging Bot (core)
	New Pro Feature: Temporary privilege escalation
1.11.3 - 2014-11-05 - Packaging Bot (modules/pro)
	Fixed: App passwords in two-factor authentication will now correctly authenticate themselves.
1.11.4 - 2014-11-05 - Packaging Bot (core)
	Security Fix: Fixed possible XSS vulnerability in ITSEC_Lib. - Low priority - Thanks to http://planetzuda.com
1.11.5 - 2014-11-14 - Packaging Bot (lib/updater)
	Enhancement: Reduced caching to allow updates to appear more quickly.
	Enhancement: Authenticating users now uses the new authentication system.
1.12.1 - 2014-12-04 - Packaging Bot (modules/pro)
	New Feature: wp-cli integration
	New Feature: Override two-factor authentication temporarily with iTheme Sync
	Fixed: Online files will be handled correctly if there is no path
	Fixed: Malware scheduling will be disabled if Malware detection is disabled
	Fixed: Online files will no longer show an error if file hash hadn't been correctly saved
1.12.2 - 2014-12-04 - Packaging Bot (modules/free)
	New Feature: Perform file scan via iThemes Sync
	New Feature: Perform malware scan via iThemes Sync
	Fixed: Make sure to esc urls on SSL redirects (unreported minor security fix)
	Fixed: Added filters to SSL to try to catch more assets
	Fixed: Suspicious query strings feature should no longer conflict with many plugins
	Fixed: File change detection should no longer throw an error if opendir failed
1.12.3 - 2014-12-04 - Packaging Bot (core)
	New Pro Feature: wp-cli integration
	New Feature: Temporarily whitelist your IP address via iThemes Sync
	New Feature: Override proxy IP detection
	New feature: Hide admin bar (if desired)
	Enhancement: Added filter to allow for custom log pages
	Enhancement: Added debug constant to help troubleshoot multiple emails
	Enhancement: Added constant to force digest emails via wp-cron instead of custom timing
	Fixed: Various missing variable fixes were added
	Fixed: MySQL errors on MySQL 5.6 during activation were fixed.
	Fixed: HTML emails now contain HTML tag
	Fixed: Lockout count in emails should now be more accurate
1.12.4 - 2014-12-11 - Packaging Bot (modules/pro)
	New Feature: wp-cli integration
	New Feature: Override two-factor authentication temporarily with iTheme Sync
	Fixed: Online files will be handled correctly if there is no path
	Fixed: Malware scheduling will be disabled if Malware detection is disabled
	Fixed: Online files will no longer show an error if file hash hadn't been correctly saved
1.12.5 - 2014-12-16 - Packaging Bot (modules/free)
	New Feature: Perform file scan via iThemes Sync
	New Feature: Perform malware scan via iThemes Sync
	Fixed: Make sure to esc urls on SSL redirects (unreported minor security fix)
	Fixed: Added filters to SSL to try to catch more assets
	Fixed: Suspicious query strings feature should no longer conflict with many plugins
	Fixed: File change detection should no longer throw an error if opendir failed
1.12.6 - 2014-12-16 - Packaging Bot (core)
	New Pro Feature: wp-cli integration
	New Feature: Temporarily whitelist your IP address via iThemes Sync
	New Feature: Override proxy IP detection
	New feature: Hide admin bar (if desired)
	Enhancement: Added filter to allow for custom log pages
	Enhancement: Added debug constant to help troubleshoot multiple emails
	Enhancement: Added constant to force digest emails via wp-cron instead of custom timing
	Fixed: Various missing variable fixes were added
	Fixed: MySQL errors on MySQL 5.6 during activation were fixed.
	Fixed: HTML emails now contain HTML tag
	Fixed: Lockout count in emails should now be more accurate
1.13.1 - 2014-12-16 - Packaging Bot (modules/pro)
	New Feature: Google reCAPTCHA
	Enhancement: update storage methods for malware scanning engine for more efficient use of the database
	Fixed: Settings import will now take .json files without error
1.13.2 - 2014-12-16 - Packaging Bot (modules/free)
	Fixed: Removed unneeded fields in malware
1.13.3 - 2014-12-16 - Packaging Bot (core)
	New Pro Feature: Google reCAPTCHA
1.13.4 - 2015-01-05 - Packaging Bot (modules/pro)
	Enhancement: Two-factor allows for multiple app passwords
	Fixed: Two-factor now works with Exchange's login widgets
	Fix/Enhancement: Refactoring of numerous pro modules for better efficiency
	Fix: Error wwith invalid index in reCAPTCHA
1.13.5 - 2015-01-05 - Packaging Bot (modules/free)
	Fix/Enhancement: Code refactoring of numerous modules
	Fix: Hiding available updates in multi-site will no longer block wp-cli from detecting updates.
	Fix: Removed leftover JavaScript debugging statements.
1.13.6 - 2015-01-05 - Packaging Bot (core)
	New Feature: Add file/folder permissions check to Dashboard
	Fix/Enhancement: Minor refactoring of various core components
1.13.7 - 2015-01-12 - Packaging Bot (modules/pro)
	Fix: Fixed CSS error on Dashboard caused when other plugins override the .clear style rules.
1.13.8 - 2015-01-12 - Packaging Bot (modules/free)
	Updated modules/free to version 1.5.3
1.13.9 - 2015-01-12 - Packaging Bot (core)
	Fix: Fixed duplicate module listsing on log page dropdown
	Fix: Fixed missing lockouts on iThemes Sync dashboard
1.14.1 - 2015-01-21 - Packaging Bot (modules/pro)
	Enhancement: Online file change scanning will now count in iThemes products
	Fix: Recaptcha will not show up on pages without recpatha code or while logged in
	Fix: Dashboard widget CSS will be less prone to hijacking by other plugins
1.14.2 - 2015-01-21 - Packaging Bot (modules/free)
	Updated modules/free to version 1.6.0
1.14.3 - 2015-01-21 - Packaging Bot (core)
	New Feature: Change WordPress Salts
	Enhancement: Refactored ITSEC_Lib and ITSEC_Files for better usability and new functions to make changing salts possible
1.14.4 - 2015-01-23 - Packaging Bot (modules/pro)
	Bug Fix: Rolled-back Recaptcha modifications in order to fix login bug when Recaptcha user login is enabled.
1.14.5 - 2015-01-27 - Packaging Bot (modules/pro)
	Bug Fix: Fixed issue in the Online Files feature that could cause high server load on some sites.
1.14.6 - 2015-01-27 - Packaging Bot (core)
	Bug Fix: Generating wp-config.php file updates no longer produces warnings.
1.14.7 - 2015-01-27 - Packaging Bot (core)
	Bug Fix: Fixed .htaccess file modifications failing.
1.14.8 - 2015-02-05 - Packaging Bot (modules/pro)
	Fix: More efficient checks for online file scanning
	Fix: Recaptcha script will not enqueue on pages where it isn't needed
	Fix: General typo and minor bug fixes.
1.14.9 - 2015-02-05 - Packaging Bot (core)
	Fix: Quick banning IPs will now work correctly if existing htaccess rules are in place
	Fix: minor bug fixes and typo corrections.
1.14.10 - 2015-02-20 - Packaging Bot (modules/pro)
	Updated modules/pro to version 1.11.8
1.14.11 - 2015-02-20 - Packaging Bot (modules/free)
	Updated modules/free to version 1.6.1
1.14.12 - 2015-02-20 - Packaging Bot (core)
	Enhancement: Limit the number of lockouts that can be displayed at any given time in the dashboard.
	Fix: Make sure header error messages are suppressed when performing a lockout.
	Fix: Fix error message from missing login information when displaying lockouts.
1.14.13 - 2015-02-26 - Packaging Bot (modules/free)
	Bug Fix: When a file scan is run from iThemes Sync, a warning will no longer be added to the site's error log.
1.14.14 - 2015-02-26 - Packaging Bot (core)
	Bug Fix: Fixed regression that prevented adding wildcard IP's in the form of 'XXX.XXX.XXX.*' to Ban Hosts.
1.14.15 - 2015-03-20 - Packaging Bot (core)
	Enhancement: Translation files can now be stored in WP_LANG_DIR/plugins/ithemes-security-pro for
		iThemes Security Pro and WP_LANG_DIR/plugins/better-wp-security for iThemes Security free version.
	Bug Fix: The file permissions check will no longer list a warning if the plugins directory has permissions of 755.
1.14.16 - 2015-03-20 - Packaging Bot (modules/free)
	Bug Fix: Fixed incorrect text describing the "Backups to Retain" database backup setting.
1.14.17 - 2015-03-20 - Packaging Bot (modules/pro)
	Enhancement: Settings import now allows for renamed export files.
	Enhancement: Settings import now provides better error messages.
	Bug Fix: Settings import no longer respects MIME types sent by the browser. This avoids issues with some
		browsers/operating systems reporting the MIME type of the uploaded file incorrectly.
1.14.18 - 2015-04-14 - Chris Jean (modules/free)
	Bug Fix: Security fix for XSS vulnerability. Thanks to Ole Aass (@oleaass) for finding and disclosing this vulnerability to the iThemes Security team.
1.14.19 - 2015-04-15 - Chris Jean
	Bug Fix: Fixed issue that may prevent some sites from seeing the available update.
1.14.20 - 2015-04-23 - Packaging Bot (lib/updater)
	Compatibility Fix: Updated plugin and theme update data format to match changes in WordPress 4.2.
1.15.0 - 2015-06-04 - Chris Jean
	Bug Fix: Added support for Apache 2.4 without the access_compat module.
	Bug Fix: Fixed condition where forcing SSL on front-end pages could cause infinite redirection loops with specific setups of nginx to Apache reverse proxy servers.
	Bug Fix: Fixed scenarios where the site would be forced to load via https but scripts, stylesheets, and images would load via http.
	Bug Fix: Fixed invalid nginx.conf rule generation for the Reduce Comment Spam feature.
	Bug Fix: Corrected invalid parsing of some IP formats in Ban Hosts list.
	Bug Fix: Improved error handling when reading or updating config files.
	Bug Fix: Fixed various warnings that would display when changing settings.
	Enhancement: Updated to use new file modification API.
	Enhancement: Added HackRepair.com blacklist for Nginx.
	Enhancement: Improved Nginx support for System Tweak features.
	Enhancement: Updates to wp-config.php, .htaccess, and nginx.conf files now support more systems.
	Enhancement: Combined the "Force SSL for Dashboard" and "Force SSL for Login" settings to a unified "Force SSL for Dashboard" setting. This is due to how the FORCE_SSL_LOGIN define was deprecated in WP 4.0.0.
	Enhancement: Added comments to wp-config.php, .htaccess, and nginx.conf updates that indicate which settings affect the specific entries.
	Enhancement: Added translation support for previously static strings, including strings used for comments in wp-config.php, .htaccess, and nginx.conf files.
	Enhancement: Improved generation of valid referers for use by the Reduce Comment Spam feature.
	Enhancement: Broadened the server support in the import settings code.
	Enhancement: Added new library classes for managing files, directories, and config files.
1.15.1 - 2015-06-04 - Chris Jean
	Bug Fix: Fixed bad release that had some outdated files.
1.15.2 - 2015-06-08 - Packaging Bot (core)
	Bug Fix: Fixed "Fatal error: Call to undefined method ITSEC_Lib_File::get_full_file_permissions()" which could occur when saving settings.
1.15.3 - 2015-06-09 - Chris Jean
	Bug Fix: Warnings when file writes fail are now hidden.
	Bug Fix: Fixed a situation where creation of a zipped export file would fail, but an email would still be sent as if the zip was created successfully.
	Enhancement: Improved error messages for when file writes fail.
	Enhancement: Improved error messages for when export file creation fails.
	Enhancement: Improved error messages for situations when the .htaccess, nginx.conf, or wp-config.php files may need to be manually updated.
	Enhancement: Fixed tabbing for "Ban User Agents" section in .htaccess files to match tabbing used by other sections.
1.15.4 - 2015-06-16 - Chris Jean
	Bug Fix: Fixed handling of wp-config.php files that are one directory up from the ABSPATH directory.
1.16.0 - 2015-07-06 - Chris Jean
	Feature Removal: Removed the malware scanning and malware wp-cli integration features as VirusTotal no longer supports scanning from WordPress sites. A replacement is in the works.
	Bug Fix: The close button on the "Thank you for activating iThemes Security" message now appears in the correct location.
	Bug Fix: Removed the site's URL being displayed in the "Replace jQuery With a Safe Version" setting details.
	Bug Fix: Updated .htaccess rules to be compatible with Apache 2.4 without the auth compat module.
	Bug Fix: Enabling and disabling the "Remove File Writing Permissions" setting now updates the file permissions properly.
	Bug Fix: Web servers that cannot be recognized now default to Apache.
	Enhancement: Updated the hackrepair lists.
1.16.1 - 2015-07-14 - Chris Jean
	Enhancement: Updated link to iThemes support.
1.17.0 - 2015-08-03 - Chris Jean
	Feature Removal: Removed the "Remove WordPress Generator Meta Tag" and "Display Random Version" features as they are not recommended due to limited security benefit and creating compatibility issues.
	Enhancement: Improved the reCaptcha feature's integration into comments. It now supports more themes than ever before and bypasses captcha validation for logged in users.
	Enhancement: Added support for WordPress 4.3's updated password user interface and password generator.
	Enhancement: Added the ability to undo the Content Directory change.
	Bug Fix: No longer tries to load a non-existent JavaScript file for the salts module.
	Bug Fix: Fixed an issue with one-time database backups on multisite installs.
	Bug Fix: Fixed issues related to locating .htaccess or nginx.conf files on sites with WordPress installed in a separate directory.
	Bug Fix: Fixed issues with PHP blocking in uploads directory not working with certain non-standard setups.
	Bug Fix: Minor change to fix a warning that can appear after changing the Content Directory.
	Bug Fix: Fixed a PHP fatal error that could occur on some servers when adding a ban to the site's .htaccess or nginx.conf file.
	Bug Fix: Fixed some issues with profile pages on multisite setups that affected both two factor authentication and the password generator.
1.17.1 - 2015-08-17 - Chris Jean
	Bug Fix: Fixed "Call to undefined function get_home_path()" error.
1.18.0 - 2015-09-14 - Chris Jean
	New Feature: Added malware scanning provided by Sucuri SiteCheck.
	New Feature: Added malware scanning scheduling with email reporting if issues are found.
	Enhancement: Two Factor now supports authentication codes provided via email.
	Enhancement: Two Factor now supports backup verification codes.
	Enhancement: Two Factor login prompts are now shown after providing valid username and password details and only for users that have Two Factor enabled.
1.18.1 - 2015-09-14 - Chris Jean
	Bug Fix: Fixed potential fatal error and warning when upgrading old malware scheduling settings.
	Bug Fix: Fixed issue that could prevent two-factor apps on iOS devices from properly adding sites that have spaces in their names.
	Enhancement: Improved the UI for setting up the TOTP provider for two-factor authentication.
1.18.2 - 2015-09-15 - Chris Jean
	Compatibility Fix: Added support for ITSEC_TEST_MALWARE_SCAN_DISABLE_SSLVERIFY. Setting it to true can bypass "SSL peer certificate or SSH remote key was not OK" errors on servers with bad SSL configurations.
	Bug Fix: Fixed "Call to undefined function wp_roles()" error that can occur in older versions of WordPress.
	Bug Fix: Fixed an issue with Sync Two-Factor override.
1.18.3 - 2015-09-21 - Chris Jean
	Bug Fix: Removed warnings that could appear when saving two-factor settings in a user's profile page.
	Compatibility Fix: Fixed time-based one-time password authentication code generation on 64-bit servers running 32-bit PHP 5.6.3+.
	Compatibility Fix: Updated code triggered by the ITSEC_TEST_MALWARE_SCAN_DISABLE_SSLVERIFY define. This avoids plugin compatibility issues that prevent disabling the SSL peer verification.
1.18.4 - 2015-09-22 - Chris Jean
	Compatibility Fix: Additional fixes for time-based one-time password authentication code generation on 64-bit servers running 32-bit PHP.
1.18.5 - 2015-09-29 - Chris Jean
	Enhancement: Increased number of bits in time-based one-time password authentication code secret from 80 bits to the current recommendation of 160 bits.
	Bug Fix: Fixed issue that caused some iOS devices to fail to scan the time-based one-time password authentication QR code properly.
2.0.0 - 2015-10-15 - Chris Jean
	New Feature: Added "Multiple Authentication Attempts per XML-RPC Request" setting to the WordPress Tweaks section. When this setting is set to "Block", iThemes Security will block brute force login attacks against XML-RPC as described by Sucuri in this blog post: https://blog.sucuri.net/2015/10/brute-force-amplification-attacks-against-wordpress-xmlrpc.html
	Enhancement: Updated text describing the XML-RPC setting in the WordPress Tweaks section to better explain what the setting is for and which setting is recommended.
	Enhancement: Improved IP detection when proxy detection is active by processing the header set by CloudFlare.
	Enhancement: Added a filter named itsec_filter_remote_addr_headers which can be used to change which headers are searched for the client IP. This allows for tailoring the IP detection for specific reverse proxies and load balancers.
	Bug Fix: Updated the Banned Users settings to no longer add a newline to the Ban Hosts input each time the settings page is saved.
2.0.1 - 2015-10-27 - Chris Jean
	Bug Fix: Enforce use of application passwords for all API uses when two factor is enabled and configured.
2.0.2 - 2015-11-10 - Chris Jean
	Enhancement: Removed Yandex and Sogou from the HackRepair blacklist as they are legitimate search engine bots.
	Enhancement: Added detailed information about Sucuri malware scan errors to Malware Scan log details.
	Bug Fix: No longer enables display of database errors when an event is logged.
2.1.0 - 2016-01-11 - Chris Jean & Aaron D. Campbell
	Security Fix: Fixed PHP code that could allow AJAX requests to list directories and files outside the directory structure of the WordPress installation. Note that these AJAX requests required a logged in user with admin-level privileges. This vulnerability was unable to be exploited by non-privileged or anonymous requests.
	Bug Fix: Updated the SSL feature to use 301 redirects rather than 302 redirects.
	Bug Fix: Fixed situations where security nonces would incorrectly trigger "security check" errors when enabling specific combinations of features on the settings page.
	Bug Fix: Enabling scheduled database backups and setting a backup interval of 0 days no longer results in a backup being created on every page load.
	Feature Removal: Removed the "Security Status" portion of the Security > Dashboard page. This is in preparation for a new tool that provides suggestions tailored to the site and server that Security is running on.
	Enhancement: Updated the way the feature modules function in order to allow them to be redesigned in a more efficient and flexible way for future releases.
	Enhancement: Updated the File Change Detection feature to attempt a max memory limit of 256M rather than 128M as some users experience out of memory issues which could be fixed with the higher memory limit.
	Enhancement: Updated the Database Backup feature to attempt a max memory limit of 256M rather than 128M as some users experience out of memory issues which could be fixed with the higher memory limit.
	Enhancement: Added localization support for some non-localized strings.
