Plugin Firewall, whitelist plugin scripts, whitelist plugin file names

Home Forums BulletProof Security Pro Plugin Firewall, whitelist plugin scripts, whitelist plugin file names

This topic contains 3 replies, has 2 voices, and was last updated by  AITpro Admin 5 years, 5 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #815

    John
    Member

    Hi, I’ve just updated to 5.4 Pro and successfully set up the great new plugin firewall facility. Looking forward, I would just like to be sure of the correct procedure when adding further plugins. In other words, after the initial firewall scan and set up of this area of BPS Pro, do I have to re-scan, click Pay Pal (as I need it), and re-activate when adding new plugins, and if so, should these steps take place with ARQ off? I’m sure this might seem obvious but just need to be sure. Many thanks in advance. John

    #817

    AITpro Admin
    Keymaster

    AutoRestore does not need to be turned Off when doing any of the Plugin Firewall steps or using the Plugin Firewall Whitelist tools.  The Read Me help button for the Plugin Firewall has extensive help information so take a quick look at it.

    When you save your current settings by clicking the Save Whitelist Options button you are saving your website’s current plugin whitelist settings to your database.  If things change on your website – ie you add another payment provider or you install a new plugin then you should run another scan to ensure that all plugin scripts that should be whitelisted are whitelisted.  You can check your BPS Pro Security Log file to see if any 403 errors are occuring for any plugin scripts and then you would copy that plugin script’s file path into the Whitelist Text Area, save your options again and activate Plugin Firewall BulletProof Mode.

    We have decided to add an additional scanning step that will allow folks to add their paths to pages that they want to check for any plugin scripts that need to whitelisted.  Example:  folks will enter the path to wherever their Contact form/page is, click scan and if any plugin scripts need to be whitelisted those plugin scripts will be displayed and can be saved permanently to the Plugin Firewall Whitelist area.

    We have decided that this is the smartest approach instead of having the Whitelist scanner “walk through” /scan the entire site is really not a practical thing due to the millions of different possible site types, setups, locations of custom pages, etc etc etc.

    We should have BPS Pro 5.4.1 completed either today or tomorrow with this new manual scanning feature.

    #818

    John
    Member

    Thanks very much, that’s very helpful. This is a great addition to the already excellent features.

    #1220

    AITpro Admin
    Keymaster

    A new Plugin Firewall Read Me First Troubleshooting post has been created here >>> http://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.