BulletProof Security Forum

You cannot use the double quote code character for the JTC ToolTip. The reason for that is if I allow that then some amateur bug hunter will submit a Security Vulnerability CVE for BPS and BPS Pro. Lots of experience with amateur bug hunters submitting ridiculous “security vulnerabilities” in BPS and BPS Pro over the years. 😉  And before you m…[Read more]

http://forum.ait-pro.com/forums/topic/error-installing-bp-pro-after-using-bp-free/#post-117

This is a very common problem that occurs when using the WordPress Upload Zip installer (PclZip) for first time installations of BPS Pro (or other plugins as well).

Issue/Problem: Fatal Errors when upgrading from BPS free to BPS Pro using the WordPress…[Read more]

Hi updated to the new version 7.1 but I get the following error: To me it looks almost the same as the other error before.

Warning: require_once(/home/oexdizeq/public_html/wp-content/plugins/bulletproof-security/includes/class.php): failed to open stream: No such file or directory in…[Read more]

Deactivating BPS Pro does not turn off most features.  Use the built in BPS Pro Troubleshooting steps here > https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting.  If one of the BPS Pro features is blocking Usercentrics then let me know which feature it is and send your Security Log file contents to: i…[Read more]

Correct > File Hash scanning is 100% accurate vs pattern matching, which is around 75% accurate.  In some cases plugins or themes will automatically modify a plugin or theme file after installation or upgrade, which will trigger a false-positive since the original unmodified file will have a different File Hash. The Scan Report tells you if the…[Read more]

Sorry. I thought I had a followup question related to htaccess code, but it turned out to be a code snippet that caused the problem that surfaced today. You can delete this if you like. And thanks again for your always effective assistance!

Awesome, it worked. I’m so happy to learn that the hosts who had hung on to it are dropping the PHP handler in htaccess. It has caused so many problems for me! Thank you so much.

@ Hannah – Most web hosts have figured out that using php.ini handler htaccess code on the frontend of a website causes lots of problems.  So they are handling that at the server level now.

Awesome. Because I need to upgrade the PHP version on the server anyway and I’ve had so many sites go down because of those PHP handlers in htaccess that I was very nervous about it. I’ll remove that from the secure htaccess and let you know how it went.

@ Hannah – we were posting at the same time.  So yep Bluehost is no longer using php.ini handler htaccess code. Delete it from BPS Root Custom Code.

@ Hannah – What I am pretty sure is happening is that Bluehost is no longer using php.ini handler htaccess code by the description of the problem.  If that is what Bluehost is doing now then you would delete any php.ini handler htaccess code in BPS Root Custom Code, save your changes and activate Root folder BulletProof Mode again.

this is the one that’s working right now:

# BEGIN WordPress
# The directives (lines) between “BEGIN WordPress” and “END WordPress” are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
Options -Indexes
<IfModule mod_headers.c>
Header set…[Read more]

@ Hannah – Post your root htaccess code (default htaccess file). So I can take a look at it.

Today I experienced the same things that James (above) did a while back. I contacted Bluehost support for help and the site came back up when they deleted htaccess and then replaced it with the WordPress htaccess code. I asked them to stay with me while I generated a secure htaccess with BPS (free version) and the site went right back down. The…[Read more]

As always.. Thanks for your prompt help.