1.0.0.3rc3

Showstoppers for release 1.0.0:

• Better formatting?
• Review rules by someone else.
• More production testing and input from users.

Prerelease 1.0.0rc3

• modified regressiontests
• no more fp's due to simplyfied rules
• more OWASP formatting/compliance

Prerelease 1.0.0rc2

• Fixed some rules
• Squashed some rules
• Added workflows and integrations.
• All PL1 rules are now subject to the regression tests

Prerelease 1.0.0rc1

• Block xmlrpc.php access (configurable, default: block) (PL1)
• Block user enumeration (configurable, default: block) (PL1)
• Block user "admin" logins (configurable, default: block) (PL1)
• Block the wp-json restapi (configurable, default: non-block) (PL1)
• Block wp-cron.php (configurable, default: non-block) (PL1)
• Block direct php access in /wp-content/* and /wp-includes/* (PL1)
• Block direct file access to some files in / and other files/directories (PL1)
• Block other interpreters like .pl/.lua/.py/.sh (PL2)
• Block nasty files in uploads/* (PL1)
• Block access to sensitive files like .db/.orig/.sql/.log/.git (PL1)
• Block access to "/wp-json" (exact match, the api still works) (PL1)