Testimonials, Feedback & Ideas

[James]

Oh well, that seems a bit of a flaw with BuddyPress/bbPress, but not the end of the world. At least we are back at the right thread now 🙂

[James]

So after 2 days getting to know the PRO version, I have a couple of small feature requests please: Many of the things we do with BPS currently need two button clicks. For example, you click ‘save’ after entering new custom code then have to go back to the first tab to activate the new custom code secure htaccess. Could this be simplified by adding a combined “save and activate” button next to the existing “save” button at the bottom of the custom code page so we can do the same operation with one click? I understand that sometimes you only need to do one operation, or manually do several operations step-by-step, but for a large part of the time you just want to do them all as quickly as possible, for which additional combined one-click action buttons for the most common tasks would be great!

Similarly, clearing the security or quarantine dashboard messages requires clicking “delete” the logs and then on another button to reset the last modified date. So could we have a combined “delete and reset” button to do both? (Or actually, should the delete logs button not automatically “reset the last modified time in the DB”, or is there a reason why you might want to delete the log without resetting the last modified date?).

An “activate everything” button on the “Activate|Deactivate Security Modes” would also be useful, rather than going through each step by step, to save time and ensure nothing is missed. Or maybe a set of checkboxes for each of the security features with a single “activate” button so you have the option of activating one, several or all security modes at once.

The BPS plugin is fantastic, but very time consuming, especially when needing to click several buttons one after the other on the same page, waiting for page loads each time.

Keep up the great work guys 🙂 Thanks, James

[AITpro Admin]

@ James – “Could this be simplified by adding a combined “save and activate” button next to the existing “save” button at the bottom of the custom code page so we can do the same operation with one click?”

The Custom Code and htaccess file activation step (adding custom code to the htaccess files) need to be 2 separate steps for this reason.  If someone creates invalid/bad htaccess code in a Custom Code text box and saves it the site will not crash at this point.  As soon as someone activates an htaccess file (adds the invalid/bad htaccess code to the htaccess file) the site will crash.  To recover from the invalid/bad htaccess code added to Custom Code someone would use FTP and delete the root or wp-admin htaccess file(s) and then login and go to Custom Code and fix or delete the bad htaccess code in Custom Code and activate an htaccess file again. There are other practical reasons for not making this a 1 step thing.  The general idea is that Custom Code acts like a “template” or “master” of sorts and to have the most flexibility/versatility the best approach is to make Custom Code a unique and separate feature.

You would never need to delete any log files unless there is a size problem with a log file.  Ie a log file was not automatically zipped, emailed and replaced with a new blank log file when the file size reached X size.  The AutoRestore|Quarantine “a file has been quarantined” message, clearing/resetting the error, the Refresh button is redundant and the link is also confusing.  So yeah that is on the Task List of things to fix.  The issue is the older messaging methods have not been removed yet.  So there are redundant displayed messages from the old and new methods.

An activate everything button would not be good idea for the same logic as the reason for not combining Custom Code and Activation into 1 step.  Another factor is troubleshooting.  Ie if you only did 1 thing that does X, then you know that the problem is isolated to the 1 thing – X.  If you do bulk activations then the problem could A, B, C, D, E, F, X………….. etc.  You would now have a scenario where troubleshooting would become very complex vs very simple/isolated.

[James]

Good morning. Just to be clear, I am suggesting that the combined action buttons should be additions to the existing single action buttons, not replace them.

To me, the logic regarding why “save” and “activate” need to be separate functions does not make sense. What difference does it make whether the site breaks (because of dodgy custom code) when you click “activate” or when you click a combined “save and activate” button at the bottom of the custom code page? The result is the same, the solution to fix it the same and in both cases you know that the cause is the same. Just that the combined button would allow you to break it with less clicks, but more importantly, would allow you to make and activate tweaks much more efficiently.

“You would never need to delete any log files unless there is a size problem with a log file.”

Really? I delete a log file all the time when troubleshooting. Clear the log, do the thing that seems broken, look back at the log and see what has appeared. That way I know what log entries correspond to whatever it is that I am working on, rather than having to wade through a long list of errors. Then when I post a question on the forum, I can be 100% sure that the error log entry I post is related to the problem I am having. I guess you guys have the experience to glance through the log and pick out the entries of interest, but for me, deleting the log and seeing what appears is the simplest troubleshooting approach.

Just my thoughts though! The BPS plugins are the best around, the free one too good to be free really! Its the first plugin I install on a new site, but it is quite hard work and time consuming. The menus are a bit cryptic – where did B-Core, P-Security and S-Monitor come from for instance?!? Ok it fits with the plugin name, but its not at all intuitive or clear. Similarly “JTC Anti_spam Anti-Hacker” and “Uploads Anti-Exploit Guard”. Still trying to figure out all the terminology but sure these menu labels could be better worded in plain English. Sure it all makes sense for you and other experts, but for the lay-user, the biggest improvements that could be made are (IMO) making it more user friendly, intuitive and efficient (less clicks) to use.

Hope this is useful feedback. Cheers guys, James

[AITpro Admin]

@ James – Yep, good point.  I was about to create a new Scheduled Task for this feature request and see that there is already a feature request for this.  😉  It is 1.2 years old at this point with very little signs of moving up in the Scheduled Task list.  The reason for that is that priorities are constantly shifting.  So if something is considered non-critical then it will get bumped down in the list in order of priority.  Currently there are 280 Scheduled Tasks ahead of that Task and like I said the Task list is an ever changing kind of thing.  So anyway the feature request has been approved and is waiting to be created.  No ETA at this time and I’m not even going to try and guess.  😉

Ok well whatever works best for you regarding the logs/log entries, etc.  Typically I just look at the timestamps, but yeah if the log file has thousands of log entries then it can be harder to find the time frame you are looking for.

Yep, you are looking at years of development and yes there is not 100% uniformity.  P-Security was 1 of the orginal features around 6 years ago and is pending an overhaul.  That has been on the Scheduled Task list for 2+ years now. 😉

So in summary, we do have lots of Scheduled Tasks that probably do everything you are requesting, but the problem is time and priorities.  Just when you think you are caught up something changes.  For example:  When WordPress 4.6 was released we had to spend 2 months of new coding work time in preparation for BPS Pro 12+ versions to work with WP 4.6+ versions.  So all Scheduled Tasks were pushed back 2 more months because the WP 4.6 release took priority over all other Tasks.  Things change all the time with other plugins and themes and we have to adapt quickly – that takes to priority.  We are currently developing new code for things like remote installation plugins and services – that is considered a high priority task.  I could go on an on, but I think you get the general idea. 😉

[James]

I can only imagine the workload, but please keep up the good work! 🙂

[AITpro Admin]

@ James – Yeah some days we feel like we will never get where we want to be.  If we look at the overall Schedule compared to time spent and time to completion it can drag you down since we are so far behind our projected schedule.  If we had a 100+ people working on BPS Pro like WP has for WP then we would probably somewhere on track with our goals.  Since we are only a handful of guys and gals and coding takes significant amounts of time then oh well you can’t think about the overall schedule and can only think about today, tomorrow and the upcoming changes that will need to be made when something else changes again.  And of course try to complete new coding work for new things while still keeping up with everything that is constantly changing. 😉

[James]

Hooray for adding the numbering to the custom code boxes as per this request guys  🙂

Thanks, James

[cnyc]

I installed your plugin. after years of keeping track of troublesome IPs attempting brute force logins to admin area, your installation just wiped out my wp-admin/.htaccess. ironically the root htaccess file is backed up, which no efforts are made to save the wp-admin/htaccess which I was already using to allow only specific IP to access while blocking persistent logins and known problem areas.

I’m checking to see if my html editor made last backup but since file wasn’t edited recently, I doubt it

[AITpro Admin]

@ cnyc – Sorry to hear that.  Most web hosts do regular frequent automatic file backups.  We will add an additional automated backup in the BPS Setup Wizard for the wp-admin htaccess file.

[FMorrell]

I run over 20 websites. Since I have had bullet proof security, I have never been hacked. I had one site, when I bought the domain name I knew it was going to be a target.

The site was hit heavy and Bullet Proof Security kept it safe.

Works

Frank

[AITpro Admin]

@ FMorrell – Thanks for the great testimonial.  Yeah, you know BPS Pro works so well (better than we ever expected) we kind of lost the excitement factor with BPS Pro.  ie yeah of course no one’s websites are getting hacked – now just another biz as usual kind of thing.  😉  BPS Pro is a “completed” project as far as we do not think adding any additional security features is necessary.  There are a lot of nick nacks and cleanup/finishing stuff needed.  So we will focus on “polishing” BPS Pro in the next version releases.

[FMorrell]

I just left a review on WordPress you might like.

Frank

[AITpro Admin]

@ FMorrell – Just checked out out your 5 star rating/review on WordPress.  Thanks man.  Very much appreciated!

[Jarde]

Hi,

I have a Feature request: Ability to see changes that are made to quarantined file. In quarantine page there are: View File, Restore File and Delete File. So addition to that there could be “Show changes” or  “Compare changes”. That Show changes would should left and right view; new content (quarantined file) and old content (protected  file).

Also If there  are changes in multiple locations in file (for eg.  one modification on start of .htaccess file and 2 modifications in middle of that file ) there could be multiple inactive text fields in left and right that show before and after changes.

OR just modify functionality of view file in that way that it underlines or bold text that is different than in protected file.  And if no underlines or bold texts are not there it implicates that file has only opened and not modified.

This would made it much easier to determine what to do for quarantined file. Current implementation of view file is slow and time consuming when looking for what have changed. Especially when some plugins seem to write/open that file often.

Feel free to implement if you found value in this feature request. Thanks 🙂

[Author]

Posts