BPS Pro with WP Multisite – firewalls, login security and scanners

Home Forums BulletProof Security Pro BPS Pro with WP Multisite – firewalls, login security and scanners

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • July 23, 2014 at 5:30 am #16374
    kssszp
    Participant

    Hi AIT,

    I’m in the process of developing a WP Multisite platform. I have been looking at WP security solutions for the last two weeks and I’ve decided on BPS Pro. However I still have a few questions regarding the security setup. I would be most grateful if you could help me with them.

    1. I know that BPS Pro has a firewall but I’ve also read a lot on http://wordpress.org/plugins/ninjafirewall/ that works as a web aplication firewall. This firewall is said to work before WordPress and be very easy on server resources. Do you think it’s OK / it won’t hurt to have it installed as well?

    2. I would like to have the site backed up to amazon s3 however I’ve read that your plugin uses some kind of file comparison tool to look for changes in files. I assume that it uses some kind of backup feature?

    3. Since I want to have backups on Amazon S3 and the file comparison is (I assume) done locally based on the copies of original files, will my serwer have to make two copies of the same file – one to amazon and one to a different folder on the server? Will it not drain resources too much?

    4. I’m thinking on using these security solutions as well:
    http://wordpress.org/plugins/block-bad-queries/
    http://perishablepress.com/5g-blacklist-2013/

    Do you have any experience with them? Do you think it’s a good idea to implement them or will they simply double the features of what the BPS Pro does?

    6. And finally, I’ve read a ton of blog posts on WP security and they mention many things I can do manually to prevent attacks, e.g. moving wp-config.php file, creating an empty index.php in plugins and wp-includes, etc. Are they necessary? Do I need to do them or will BPS do it for me?

    I know my questions are pretty lengthy but I really care about the security of my site. After all it will BE my business. Can you please answer these questions?

    Thank you and have a nice day:)

    July 23, 2014 at 8:19 am #16376
    AITpro Admin
    Keymaster

    1.  Actually .htaccess files are processed first before anything else on a website/server since they are distributed server configuration files so they would be processed before anything in the ninja plugin.

    2 & 3.  The DB Diff tool is designed to work with BPS DB Backup out of the box since BEGIN and END placeholders are added to DB Backup files so that the DB Diff tool can find where to start and end the data comparison.  It is possible to compare raw data without placeholders using the additional Large Data/File Comparison tool.  You would need to manually copy matching raw data into the 2 comparison windows.  So you can either choose to make 2 backups or if you want to compare raw data you would use the Large Data/File Comparison tool.

    4.  We don’t use any other security plugins besides BPS Pro, but if you want to install additional things then you can of course.  Whether or not that helps or hurts things or is just redundant I am not really sure about that. We only use BPS Pro.

    6. We only use BPS Pro and have not changed anything about the default WordPress setup so I would have to say that all those additional measures are probably not necessary to do.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.