BulletProof Security Forum

Delete the /bulletproof-security/ plugin folder and install the bulletproof-security.zip file using the WordPress Plugin Upload zip installer.  If you see the same fatal error again then do the steps below.

http://forum.ait-pro.com/forums/topic/error-installing-bp-pro-after-using-bp-free/#post-117

This is a very common problem that occurs when…

[Read more]

Here is a help forum topic for doing migrations/moves/cloning > https://forum.ait-pro.com/forums/topic/migrating-moving-or-cloning-websites/#post-20407. Since you have already migrated your site then try running the Setup Wizards and see if they takes care of some of the errors. Most likely you will need to work through the other errors one by…[Read more]

We added Custom Code Encrypt and Decrypt buttons to bypass/evade ModSecurity in BPS Pro 14.1 on August 26, 2019 > https://www.ait-pro.com/aitpro-blog/5567/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-14-1/. The most current version of BPS Pro is: 14.5. If you are using an older version of BPS Pro then upgrade to BPS Pro 14.5. If…[Read more]

Has there been any update to solve this problem. I am having people that I referred to use BPS Pro contact me as well about this issue. As you stated I added the code manually to the htaccess file but when we do a BPS setup it removes it so do we have to manually add the code to enable compression every time we rerun BPS setup? This isn’t very efficient.

I received your email.  Do these steps to fix the quarantine issues:

Your Divi Theme cache files are being repeatedly quarantined. The solution is to create an AutoRestore wp-content folder exclude rule for the Divi theme cache folder:  et-cache.

AutoRestore|Quarantine steps for creating wp-content folder and single file exclude r…[Read more]

Ok maybe the problem is not related to WordPress files being quarantined then. Go to the BPS Pro > Quarantine page > Quarantine Log tab page > copy your entire Quarantine Log file contents and post it in your forum reply or send it in an email to:  info at ait-pro dot com.

Hello,

I did exactly as you explained but it’s still the same: several emails per hour.
Can you help?

I assume you are saying that after a WordPress update, WordPress files were quarantined?  There was a known problem with the WordPress 5.4 Major update and BPS Pro AutoRestore|Quarantine. To fix the problem do the steps below.

Go to the WordPress > Dashboard menu > Updates page > click the Re-Install Now button.
Go to the BPS Pro > Setup…[Read more]

Ok, thanks.

I will keep this in mind.

The BPS Security Log entries are created using the htaccess ErrorDocument directive code in the root htaccess file.  BPS Pro Plugin Firewall AutoPilot Mode checks the BPS Security Log file contents for any blocked frontloading plugin script errors and automatically creates Plugin Firewall whitelist rules based on those Security Log entries.  S…[Read more]

Well I’m no server export, but given the performance increases we have seen from moving to nginx I think I’ll take both Apache and nginx’s word for it. And as we spend a lot of time going to significant lengths to shave milliseconds off of our sites pagespeed, we would prefer to be reducing potential performance impediments than adding them.

Now,…[Read more]

Possible cause of the problem > https://forum.ait-pro.com/forums/topic/error-wp_remote_get-function-in-system-info/#post-24912. Could be a problem with your SSL Certificate. Could be a problem with some code in your wp-config.php file. See above forum link. If these are not the cause of the problem then you should contact your host support…[Read more]

Oh and the other NGINX link you posted goes to an article that was written in 2015 (5 years ago). I’m pretty sure it is outdated/defunct now. I am pretty sure that all new versions of NGINX automatically include rewriting for .htaccess files. I have 100’s of people using NGINX and the BPS htaccess files/code works perfectly fine on their NGINX servers.

“htaccess is a performance drain” – that belief/information is something that has been spread around the internet for years. I believe the origin of that somewhat false statement comes from the Apache website itself.  See the statement on the apache.org website below. So probably the apache.org statement was taken out of context and spread all…[Read more]

and here’s the nginx page discussing conversion

https://www.nginx.com/blog/converting-apache-to-nginx-rewrite-rules/