BulletProof Security compatibility with other WordPress Security plugins

Home Forums BulletProof Security Pro BulletProof Security compatibility with other WordPress Security plugins

Viewing 10 posts - 16 through 25 (of 25 total)
  • Author
    Posts
  • #31368
    Hannah
    Participant

    Hi,

    I have recently encountered trouble with a certain sequence of security plugin history. In 2-3 instances, I have developed a website with Wordfence installed temporarily, with the intention of switching over to BPS (free or Pro) when the site is ready to launch. I’ve never had trouble with Wordfence and BPS running together, but after seeing the amount of memory/resources WF uses and when they discontinued the caching feature recently I decided it isn’t as useful as it once was, so I checked the “remove all settings from database on deactivation” box and deleted it rather than keep it on the site. I did verify that no Wordfence code remains in the .htaccess file, yet now I can’t make any changes to the BPS settings without taking the site down with a 500 ISE error. Can you offer any advice as to how to get these sites working properly with BPS again? The one I worked on yesterday, http://www.lorigarfield.com, went down repeatedly every time I attempted to add a redirect via BPS free custom code. Though I was being careful, in the confusion of working with htaccess on the server (since I couldn’t access admin) I lost the version of htaccess that had been working, but in the end I figured it wasn’t the loss it seemed to be since obviously there was something wrong. that’s when I felt I should consult you on this, since I have more than one site where Wordfence was installed but has been removed, BPS free is installed, and the htaccess file is so fragile that the site goes down any time it’s updated. Of course losing the redirects is costly for the site’s SEO, and every time I have to delete htaccess after the site goes down, the php handler code goes with it…and that seems to change every time I go back to the CPanel PHP Config settings to upgrade it to version 5.6. It’s just all become so confusing on these sites that I need some advice from you as to how to make these sites happy again. Thanks so much for all you do!

    #31369
    AITpro Admin
    Keymaster

    @ Hannah – It sounds like you are not using BPS Custom Code to save htaccess code permanently.  When you save htaccess code such as php/php.ini handler htaccess code and htaccess redirect code to BPS Custom Code it is saved permanently and will always be created/recreated in your BPS htaccess files when you activate them.  You can also save custom htaccess code to the BPS default.htaccess file.  You never want to uninstall BPS or BPS Pro and instead want to use the BPS troubleshooting steps or BPS Pro troubleshooting steps.  All BPS and BPS Pro features have On|Off capability for troubleshooting purposes so that you do not have to do things like deactivate/activate BPS or BPS Pro or uninstall/install BPS or BPS Pro.

    Important Notes:
    You can edit all of your htaccess files directly using the htaccess File Editor, but to save your edits permanently for the “Your Current Root htaccess File” tab, which is your Root htaccess file and the “Your Current wp-admin htaccess File” tab, which is your wp-admin folder htaccess file and the “Your Current Uploads htaccess File” tab, which is your uploads folder/Uploads Anti-Exploit Guard (UAEG) htaccess file, use BPS Custom Code to save your editing changes permanently.

    default.htaccess File Exception: You can create a Custom default.htaccess file that will be saved permanently by editing the default.htaccess file using the htaccess File Editor. Your Custom default.htaccess file will be saved permanently to this folder: /bps-backup/master-backups/default.htaccess. If you have created a Custom default.htaccess file then it will be automatically copied from the /bps-backup/master-backups/ folder during a BPS plugin upgrade and will replace the default BPS default.htaccess Master file.

    #31370
    Hannah
    Participant

    Oh no, I love the Custom Code page, and never want to uninstall BPS!! It’s just that when the site goes down with a 500 error I can’t do anything until I delete the htaccess file via FTP. In these cases where Wordfence once existed on the site but has now been removed, any changes to the custom code, such as adding a new redirect, takes the site down upon activation of the revised Custom Code/htaccess file. When I delete htaccess, regain access to Admin and then try to do anything in BPS, down she goes again. This is what I’m trying to get straightened out.

    #31371
    AITpro Admin
    Keymaster

    @ Hannah – Ok that means that the htaccess code that you are adding to Custom Code is not valid htaccess code or there is a typo or blank space or something else that is not valid about the htaccess code you are adding, which will cause the site to crash when you activate BulletProof Mode.  So what you want to do is after you manually delete the BPS root htaccess file, you want to login to your site, go to Custom Code and correct/fix any invalid htaccess code before activating BulletProof Mode.  If you are not sure which htaccess code is invalid/bad then use the Custom Code Export feature and send me your exported Custom Code zip file so I can check it for mistakes/invalid htaccess code.

    #31372
    Hannah
    Participant

    I have exported my Custom Code for your review but I’m not sure how to get it to you. sorry, but I don’t see a way to upload it here and the emails I have from you are all no-reply. On the off chance that it will get to you, I have attached it to an email in reply to one of yours. Please let me know if you don’t receive it and I will get this to you as soon as possible. Thank you so much!

    #31373
    AITpro Admin
    Keymaster

    @ Hannah – Our main Group email mailbox is:  info at ait-pro dot com.

    #31374
    Hannah
    Participant

    Thank you so much! Learning more and more about htaccess all the time thanks to you. Your corrections worked, of course, so I’m a happy girl now.

    #31375
    AITpro Admin
    Keymaster

    @ Hannah – Great!  Yeah it takes a while to get familiar with htaccess code.  It took me personally about 1 year working with htaccess code almost daily to get to a place where I understood it completely. Ed has been messing around with htaccess code for about 10 years now.  So for the stuff none of us can figure out we pass that on to Ed.  😉

    #39352
    zubair khan
    Participant

    Actually, I am very conscious about my website security because it is my bread and butter. However, i am already using wordfence for security, but yes, I am thinking of maximizing my website security; I have followed all the points that are mentioned in this WordPress security guide. Please suggest to me if I had missed anything.

    #39353
    AITpro Admin
    Keymaster

    @ zubair khan – I took a look at your article and several manual security implementations you mentioned are standard features in BPS and BPS Pro.  Overall your article is good, but I would have to disagree with your final summation/conclusion.  When I created BPS Pro I never expected BPS Pro to be 100% effective/secure.  I was hoping for high 90’s. BPS Pro has far exceeded my expectations with this amazing track record..

    BulletProof Security Pro has an amazing track record. BPS Pro has been publicly available for 9+ years and is installed on over 50,000 websites worldwide. Not a single one of those 50,000+ websites in 9+ years has been hacked (This track record does not include: control panel, FTP or server cracks/hacks or installing Nulled plugins or themes that contain hacker code). Sound too good to be true? Click to see what people are saying in WordPress.org Reviews.

Viewing 10 posts - 16 through 25 (of 25 total)
  • You must be logged in to reply to this topic.