For those having problems making version 4 work (especially with whitelists), here are the fixes:
In catalog/personal/index.php, lines 9, 24, and 40:
Change the single quotes surrounding the filename to double quotes
Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT)
Change "../../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../../")
In catalog/includes/secret.php, line 11:
Change the single quotes surrounding the filename to double quotes
Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT)
Change "../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../")
Also, there is a problem if the very last entry in the whitelist doesn't have a trailing newline. That entry is skipped. So when you add IPs to the whitelist, be sure the last line has a newline.
For better security, I recommend creating an .htaccess file in the "catalog/banned" directory with the following line:
Deny from all