As we continue making improvements and adding additional functionalities to WordPress Toolkit, we wanted to take a moment to share some of what has changed with our recent 5.8 and 5.9 updates.
Many of our most recent updates are targeted towards security, because keeping the internet safe (and your websites secure) will always be a priority of ours. With that said, we’d like to highlight a couple of these features:
Site Vulnerability Scan
Introduced in WordPress Toolkit version 5.8, the automated vulnerability scan checks the vulnerability database provided by Patchstack each hour to see if any new vulnerability has been reported, then checks every WordPress site under management, including all themes and plugins, for a known vulnerability. If any known vulnerability is discovered, WordPress Toolkit marks the website in the interface letting site admins know that they should now take action.
Site Vulnerability Policies
Introduced in WordPress Toolkit version 5.9, and in conjunction with The Site Vulnerability Scan mentioned above, is advanced autoupdate policies. These policies (which must be manually enabled) ensure that any detected vulnerabilities, that are capable of being fixed by installing updates, are addressed automatically. In other words, if an update currently exists that will fix a known vulnerability, WordPress Toolkit will then handle this entire process by itself. In the case of vulnerable plugins, site admins can also simply opt to have the plugin disabled rather than updated.
Security updates for vulnerabilities are installed immediately after these vulnerabilities are found. Also note that there is no special autoupdate policy for WordPress core, since minor WordPress autoupdates already handle this case.
Site Vulnerability Email Notifications
The final new security-related feature we want to highlight within WordPress Toolkit is email notifications associated with the results of the Site Vulnerability scan. Site admins will no longer need to log into WordPress Toolkit for these time-sensitive security issues.
These notifications differ from our usual email notifications as they are sent immediately after a vulnerability is discovered.
It is important to note that only one email notification will be sent per event, to avoid any appearance of spam.
With these new version releases come some additional features and functionalities that we also want to touch on, including:
- Blocklist now works with CLI operations and doesn’t check updates for blocked plugins.
- Scan procedure no longer rescans sites already added to WordPress Toolkit, so it works much faster.
- Smart Updates procedure is now more eco-friendly, it no longer leaves empty folders behind itself.
- Performance of installing and removing WordPress sites on servers with a lot of connected databases has been significantly improved.
- Performance of Action Log was also improved when working with very large log files.
- Twice as many customer bugs were fixed in these releases compared to the previous one.
We hope you are finding WordPress Toolkit to be an indispensable tool for your WordPress website management, and we look forward to providing you with even more great features moving forward!