Random General Questions

Home Forums BulletProof Security Pro Random General Questions

Viewing 15 posts - 16 through 30 (of 349 total)
  • Author
    Posts
  • #19983
    AITpro Admin
    Keymaster

    What exactly are you trying to block the bots from doing?  Do you see that these bots are already blocked in your Security Log?  How do you know the bots are using the albacom.net domain name?

    #19984
    Paul
    Participant

    Very true yes i guess already blocked, just that domain is filling my logs up, but i guess that is the idea of the logs. Logs show that domain

    #19986
    AITpro Admin
    Keymaster

    All log files are automatically processed these days so once your Security Log file gets to 500KB or whatever size you have chosen then it will be zipped, emailed and replaced with a new blank log file.  The older ignore options (obsolete) were added long before the automated zip and email options were added.  😉

    #19989
    Paul
    Participant

    In my BPS-backup folder i have htaccess with

    Order Deny,AllowDeny from all

    Does this mean no need to block using a robots txt

    #19990
    AITpro Admin
    Keymaster

    The htaccess file and code blocks all Browser access to the /bps-backup/ folder and all subfolders.  A robots.txt file is not a security measure and is used to tell good bots what you do and do not want crawled and indexed.

    #19991
    Paul
    Participant

    Ok thanks.

    #19992
    Paul
    Participant

    Since installing BPS pro i have had ARQ turned off because i didn’t fully understand it.
    Having read above information several times i think i understand a bit more although there is a lot of information to take in.

    Am i correct in my understanding before i turn it on.

    a)Files sent to quarantine are the ORIGINAL file so restoring is basically restoring the original file and replacing the modified one ( an undelete).
    b)As of BPS Pro 7.7/7.8 it is ok to use the bulk update for themes/plugins rather than from the individual plugin update

    A bit confused on this as reading

    New AutoRestore Automation in BPS Pro 7.7/7.8

    1. Manually upgrading WordPress by clicking the update now link: AutoRestore automatically handles this seamlessly. No further action is required by you.
    2. WordPress Automatic Updates: AutoRestore automatically handles this seamlessly. No further action is required by you.
    3. Manually upgrading a Theme on the WordPress Update page: AutoRestore automatically handles this seamlessly. Requires one click by you to allow ARQ Automation to continue.
    4. Manually upgrading a Plugin on the WordPress Update page: AutoRestore automatically handles this seamlessly. Requires one click by you to allow ARQ Automation to continue.

    i then read

    as of BUsing the WordPress Update Plugins button to update all plugins including BPS Pro at the same time. Causes all plugin files to be sent to Quarantine. May cause you not to be able to log back into your WP Dashboard or website may display blank.

    So when you say manually updating do you mean do it one by one from the actual plugin not from the WP bulk update?

    c) Because i have modified files, removed plugins since installing BPS pro with ARQ turned off, i assume i should use the activate buttons to Backup Files to update my Root Files, wp-admin Files, wp-includes Files, wp-content Files, no need to delete backups first?

    #19996
    AITpro Admin
    Keymaster

    The information in the AutoRestore Guide explains everything in depth.  At some point we will do a condensed / cliff notes version of that help text.

    In a nutshell, unless you are using FTP or using a remote management plugin to update or modify files manually then everything is completely automated in AutoRestore/Quarantine and you do not need to do anything manually or do any manual steps.  In other words, ARQ automation is completely seamless and does not require any manual steps on your part.

    a.  Yes, when you restore a file from Quarantine you would be restoring the original file that was quarantined.

    b.  The ARQ Automation help info is focusing more on the fact that in older versions of BPS Pro you had to do some manual steps for WordPress upgrades (couple of years ago) and since 7.7/7.8 you can now just update WordPress without having to do any manual steps or WordPress automatic updates do not require any manual steps.  ARQ Automation will turn itself off, backup new files automatically, do file integrity checking and turn itself back on automatically without anything required on your part.

    Personally I do not do bulk updates.  I am an old school Microsoft Engineer and would never do a bulk update.  I only install 1 thing at a time in case something goes wrong then you know that the problem is with that 1 thing instead of the possibility of multiple things – ie 10-40 plugins or a combination of WordPress and a plugin or a combination of a theme, plugin and WordPress.  You get the idea – bulk updating is a terrible idea.

    BPS Pro should always be updated alone by itself.  I won’t go into all the technical reasons for why things would fail if you tried to do a bulk update and include a BPS Pro plugin update/upgrade in that bulk update (I believe that is completely prevented/blocked/not allowed these days), but will give you this one piece of logical information.  The BPS Pro plugin is physically on our API Server here:  api.ait-pro.com.  All other WordPress plugins and themes are on the WordPress API Server.  Installing software from 2 different API Servers on the Internet is a terrible idea – there are several safeguards built into BPS Pro that will not allow BPS Pro to be installed during a bulk update.  We cannot block a remote WP plugin from doing a bulk update with BPS Pro included in the bulk update so NEVER include the BPS Pro plugin in a bulk update when using a 3rd party remote WP plugin – things will catastrophically fail if you do that.

    Manually or remotely modifiying files means you either used FTP or your Web host control panel file manager to modify files outside of WordPress or you used a 3rd party application to install, update or modify files remotely – something like ManageWP or InfiniteWP etc. Everything that you do from within your WordPress Dashboard is NOT manual or remote it is instead local or internal so you would not need to do anything / does not require any manual steps by you.

    In general, if you have AutoRestore turned off and you are not sure if you need to backup files before turning AutoRestore back on then just run the Pre-installation Wizard and Setup Wizard again or click the 4 Backup Files button in AutoRestore.

    #20000
    Paul
    Participant

    would never do a bulk update. I only install 1 thing at a time in case something goes wrong

    That is a very good reason i will take note of that! Thank you, i will have a few more reads tonight when the noise level reduces at home and then turn it on. I just like to understand things a little better before diving in.

    #20018
    Paul
    Participant

    Ok this is where my confusion is/was
    in above you say

    a. Yes, when you restore a file from Quarantine you would be restoring the original file that was quarantined.

    in video
    http://forum.ait-pro.com/wp-content/videos/arq-exclude-dynamic-folders-files/arq-exclude-dynamic-folders-files.html

    you show yourself restoring the files you uploaded that went to quarantine, so the new file was quarantined. So if a have fileoriginal.php and upload a file fileoriginalmodified.php going on video fileoriginalmodified.php is the one sent to quarantine.

    #20020
    AITpro Admin
    Keymaster

    Those would be 2 different files.  There are 2 totally different things that are checked – if an existing file is modified/tampered with or if a new file is uploaded to your website.

    Hypothetical Examples:
    You have an existing file named exampleA.php and a hacker has injected code into the exampleA.php file. AutoRestore will restore the exampleA.php file that is in AutoRestore backup and replace the exampleA.php file that has been tampered with. Before that tampered file is overwritten it is sent to Quarantine. The exampleA.php file will contain the hackers code. The exampleA.php file under your website files that was hacked has now been restored/replaced with a good file that is not hacked.

    A hacker uploads a hacker file named exampleB.php to your website. There is no exampleB.php file in AutoRestore backup because this is a new hacker file that has been uploaded to your website. The exampleB.php file will be sent to Quarantine.

    #20021
    Paul
    Participant

    Of course, they were new files not modified thats why i was confused doh!

    #20022
    AITpro Admin
    Keymaster

    To keep it simple and visualize how ARQ works – think of ARQ as a good backup of all your good files.  All of your websites files are checked against the good backup of all your files – if there are any differences when comparing your good backup files with your actual website files then ARQ takes action.  ie one of your actual website files is different then a good backup file.  ie a new file exists under your website files that does not exist in your good backup files.

    #20023
    Paul
    Participant

    Yep understand now, then if it sees a difference, it puts the good backup file live and moves the iffy file to quarantine allowing you to decide if it is good or bad. Good restore, bad delete.
    Out of interest the checks you do with 2 min cron, is that over various accounts, i.e vps, dedicated and shared etc

    Have to say this plugin thinks of it all including the kitchen sink (uk saying)

    #20025
    AITpro Admin
    Keymaster

    Not sure what your question is about the cron interval.  Whatever files are in ARQ backup for each website is what is checked at the Cron check interval setting that you choose.  I think 2 minutes is the optimum Cron check interval to use – not too much and not too little.

Viewing 15 posts - 16 through 30 (of 349 total)
  • You must be logged in to reply to this topic.