Enhancement: Reintroduce Feature Flags management UI.

Tweak: Reposition "Advanced" and "Tools" menu items to be more readable on lengthy screens.

Bug Fix: Sites that did not support HTTPS, but had the SSL module active, but not configured, on upgrade would get redirected to the HTTPS version of the site.

Bug Fix: When the Change Admin User tool is run, update any User Groups referencing the old user id.

Bug Fix: Unregister the iThemes Security Two-Factor module when the Two-Factor Feature Plugin is enabled.

Bug Fix: Add missing and correct erroneous textdomains.

Bug Fix: WordPress footer would appear in the middle of the logs page.

Tweak: Move "Have I Been Pwned" integration to the Core plugin.

Tweak: Reduce filename length and complexity for built CSS and JS files.

Bug Fix: Disable XML-RPC rules in server config files. Previously, XML-RPC was being disabled using the XML-RPC enabled filter.

Bug Fix: Fatal error on logs page when User Logging and Two-Factor are enabled and a user logs in using Two-Factor.

Bug Fix: Add missing constants to the debug page.

Bug Fix: Fatal error when sending the "Inactive Users" notification.

Bug Fix: Remove deleted recipients when saving notifications.

Bug Fix: Allow using reserved words as prefixes for the Hide Backend Login Slug.

Bug Fix: Enforce SSL would not redirect users from HTTP to HTTPS on the front-end of the website.

Bug Fix: Correct Site Scan statuses for scans with no issues.

• Prevent Password Requirements being re-enabled if they were disabled before upgrading to iThemes Security 7.0, but had a group selected for them.
• Arguments to the implode function were reversed, causing a Fatal Error on PHP 8.
• Allow installing on WordPress 5.7.0, not just 5.7.1+.
• Ensure values passed to the TextareaListControl is an array.
• Don't run the dashboard migration if unneeded.
• Labels for Disable PHP Execution in Plugins and Themes were reversed.
• Activate the Geolocation module if Trusted Devices provided Geolocation API keys.