BulletProof Security Forum

You can ignore the error message since it is only displayed one time and then goes away after you click on anything in your WordPress Dashboard.

See this forum topic for more information > https://forum.ait-pro.com/forums/topic/wpml-activation-key-not-valid/#post-37558

In BPS Pro 14 we added additional help text specifically for WPML in the…[Read more]

Thanks for confirming the admin-ajax.php whitelist rule worked.

Okay. I had tested this code, but I must have made a mistake because it actually works.

thank you;)

1. Copy the wp-admin htaccess code below into this BPS wp-admin Custom Code text box: 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
2. Click the save wp-admin Custom Code button.
3. Go to the Security Modes page and click the wp-admin folder BulletProof Mode Activate button.

Note: If you already have some existing htaccess code in Custom Code…[Read more]

Thanks @AITpro  for clarification and pointing correct link for that information.

BPS Pro Activation Keys are the website domain URL encrypted.  If anything changes with the website domain URL then you MUST request a new BPS Pro Activation Key on the BPS Pro Activation page.

Migrating, moving, cloning websites > https://forum.ait-pro.com/forums/topic/migrating-moving-or-cloning-websites/#post-20407

The advanced-cache.php file is used by W3TC, WP Super Cache and other caching plugins.  BPS does not use the advanced-cache.php file.  I assume at one point someone installed a caching plugin and the advanced-cache.php file is left over from that installation.  You should be able to delete it safely if you are not using any caching plugins.

Oops! One more question regarding this.  Is the file advanced-cache.php in the drop-ins section also associated with BPS?  There were no and are no additional caching plugins installed on the site?  I know BPS was involved in caching the site.  Can this file also be deleted?

Brute Force Login security protection is essential and effective.

BPS and BPS Pro do not have a password policy enforcement feature.  I believe there are some other WordPress plugins that offer that.  We assume that anyone who uses BPS or BPS Pro cares about website security and creates strong passwords.  Over the past 8+ years no one has me…[Read more]

#1.  You can remove the WP version number using the action and filter you posted above without causing any problems, but it is still very easy to get your WP version number even if you also remove scripts and styles version Query Strings.  Removing the scripts and styles version Query Strings could cause minor to major problems.  Query Strings ar…[Read more]

thanks. it works.

http://forum.ait-pro.com/forums/topic/error-installing-bp-pro-after-using-bp-free/#post-117

This is a very common problem that occurs when using the WordPress Upload Zip installer (PclZip) for first time installations of BPS Pro (or other plugins as well).

Issue/Problem: Fatal Errors when upgrading from BPS free to BPS Pro using the WordPress…[Read more]

Nope the WP AUTHOR ENUMERATION BOT PROBE PROTECTION bonus custom code is stand alone code that does need to be inside the WordPress Rewrite Loop.  The POST Attack Protection bonus code on the other hand definitely needs be inside the WP Rewrite Loop because a lot of plugins and themes ping the root site URI. So in order to create a whitelist rule…[Read more]

Right, that also makes sense to me and I will be responding back to ManageWP about why this issue doesn’t occur on all of our sites—at least consistently on all sites on either server we own.