BPS Pro with WP Multisite – firewalls, login security and scanners

Home Forums BulletProof Security Pro BPS Pro with WP Multisite – firewalls, login security and scanners

This topic contains 1 reply, has 2 voices, and was last updated by  AITpro Admin 3 years, 11 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #16374

    kssszp
    Participant

    Hi AIT,

    I’m in the process of developing a WP Multisite platform. I have been looking at WP security solutions for the last two weeks and I’ve decided on BPS Pro. However I still have a few questions regarding the security setup. I would be most grateful if you could help me with them.

    1. I know that BPS Pro has a firewall but I’ve also read a lot on http://wordpress.org/plugins/ninjafirewall/ that works as a web aplication firewall. This firewall is said to work before WordPress and be very easy on server resources. Do you think it’s OK / it won’t hurt to have it installed as well?

    2. I would like to have the site backed up to amazon s3 however I’ve read that your plugin uses some kind of file comparison tool to look for changes in files. I assume that it uses some kind of backup feature?

    3. Since I want to have backups on Amazon S3 and the file comparison is (I assume) done locally based on the copies of original files, will my serwer have to make two copies of the same file – one to amazon and one to a different folder on the server? Will it not drain resources too much?

    4. I’m thinking on using these security solutions as well:
    http://wordpress.org/plugins/block-bad-queries/
    http://perishablepress.com/5g-blacklist-2013/

    Do you have any experience with them? Do you think it’s a good idea to implement them or will they simply double the features of what the BPS Pro does?

    6. And finally, I’ve read a ton of blog posts on WP security and they mention many things I can do manually to prevent attacks, e.g. moving wp-config.php file, creating an empty index.php in plugins and wp-includes, etc. Are they necessary? Do I need to do them or will BPS do it for me?

    I know my questions are pretty lengthy but I really care about the security of my site. After all it will BE my business. Can you please answer these questions?

    Thank you and have a nice day:)

    #16376

    AITpro Admin
    Keymaster

    1.  Actually .htaccess files are processed first before anything else on a website/server since they are distributed server configuration files so they would be processed before anything in the ninja plugin.

    2 & 3.  The DB Diff tool is designed to work with BPS DB Backup out of the box since BEGIN and END placeholders are added to DB Backup files so that the DB Diff tool can find where to start and end the data comparison.  It is possible to compare raw data without placeholders using the additional Large Data/File Comparison tool.  You would need to manually copy matching raw data into the 2 comparison windows.  So you can either choose to make 2 backups or if you want to compare raw data you would use the Large Data/File Comparison tool.

    4.  We don’t use any other security plugins besides BPS Pro, but if you want to install additional things then you can of course.  Whether or not that helps or hurts things or is just redundant I am not really sure about that. We only use BPS Pro.

    6. We only use BPS Pro and have not changed anything about the default WordPress setup so I would have to say that all those additional measures are probably not necessary to do.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.