Testimonials, Feedback & Ideas

[AITpro Admin]

@ Jarde – You can use the DB Monitor > DB Diff Tool > Large Data|File Comparison tool to do a side by side file/code comparison.  We will look into either adding this Diff Tool directly in Quarantine or linking to it from Quarantine.

[FMorrell]

When BulletProof Security Quarantines something, I just delete it.

I run over 20 some websites so it is easier and quicker to just delete the quarantined file/

Frank

[Jarde]

@AITpro_admin Thanks for information.

@fmorrell  There have been only .htacess files in quarantine. I think that WP Rocket writes some additions or some another plugin.  When I changed  heart beat settings in wp rocket then .htaccess was quarantined (Could be coincidence). Any other file I could delete but  .htaccess I would like to look for changes.

[Jarde]

Another feature request that came to mind. Login Security & Monitoring (LSM) could show log out time; either forced or when user clicked log out.

This would be useful for know how long particular user was logged and also if plugin support is still doing something in system (In case of support staff are finding bug in their software).

In later case you don`t edit files or update/modify anything same time when support is there doing their work.

Sometimes that support activity can last few days (depending on amount of issues and difficulty to find bug) and they aren`t on system for few days of course 😀

BTW,  Bps have 5 star rating on wordpress.org with user venomz3  🙂

[AITpro Admin]

@ Jarde – Thanks for the 5 star rating on WordPress. Very much appreciated!  I think we have maxed out how much data can be displayed in the LSM table per row without making the data unreadable.  Maybe an additional tool to display additional data about a particular username/user account would work.  Something like when you click on any particular username in any particular row that would display additional information about that particular user account.  I have submitted a ticket in the Task Queue for your idea. Thanks.

[Michael]

[Topic has been merged into this relevant Topic]

Our webhost gives us shared hosting with DDOS / WAF / ModSecurity as a basic feature and because of this we get alot of Quarantine false alarms.  So weekly I have to review files a few times in order to restore them.

How awesome it would be to see a highlight of changes since the quarantine occurred!

(PS also need tips for dealing with alot of ModSecurity false alarms quarantines)

[AITpro Admin]

@ Michael – This feature request has already been requested.  For now you can use the DB Monitor > DB Diff Tool > Large Data|File Comparison tool to do a side by side file/code comparison if you want. We will look into either adding this Diff Tool directly in Quarantine or linking to it from Quarantine.

Yep, ModSecurity CRS is a nightmare for us.  We spent a few months ModSecurity Proofing BPS and BPS Pro and there are still things left to change that ModSecurity CRS breaks in BPS and BPS Pro >>> https://forum.ait-pro.com/forums/topic/xampp-mod-security-setup-owasp-modsecurity-core-rule-set-setup/#post-37778

I may be able to generally help you with whatever problems ModSecurity is causing, but usually ModSecurity problems need to be fixed by web hosts that use ModSecurity since it is a server-side installation thing and not a WordPress plugin thing.  What types of problems is ModSecurity causing for your website?

[Terri Zx]

Feature Request

I manage a number of sites. I love BPS Pro and it gives me complete peace of mind to know they are always secure!

My only frustration is in how long it takes to customize the settings. 95% of my settings are the same across all sites. WordFence and Sucuri (free versions) have the capability to copy settings from other sites – I’d sure love it if I could do the same and save an hour of setup work!

Or, at a minimum, if the S-Monitor page settings could be checkboxes instead of pull-downs, with a “check all”/”uncheck all” option, that’d save at least 5 minutes (and my wrists from all that mousing!)

Thank you!

[AITpro Admin]

A few other people have asked for this capability over the years.  It should be pretty simple to add, but keep in mind that even though each site may seem to have the same settings there are going to be a lot of different settings between sites.  Running the Pre-Installation Wizard and Setup Wizard after importing site settings will correct/customize most of the settings for each individual site, but some settings may need to be manually changed. Not really sure about that yet until testing is performed.

[Terri Zx]

Understood on the custom settings per site – but it’d sure cut down the setup time if I could start with my basic tweaks 🙂

Thanks for considering it!

[Terri Zx]

Hi!

Any more consideration of implementing a feature to copy/export-import settings from one site to another? Understanding there will still be some different settings to customize, as you noted above – it’d still be a huge time-saver!

[AITpro Admin]

@ Terri Zx – That new feature was created in BPS Pro 14.9 > 3+ months ago > Setup Wizard Export|Import > https://www.ait-pro.com/aitpro-blog/5662/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-14-9/

I also keep a Whats New changelog in the BPS Pro plugin itself here > BPS Pro > Logs & Info menu > Whats New. I list several BPS Pro version’s Whats New info on the BPS Pro internal Whats New plugin page.

[Terri Zx]

Aww, jeez I can’t believe I missed that! Fabutastic, thank you!

[Terri Zx]

The BPS Pro plugin absolutely ROCKS and I highly recommend it! Rock-solid security, fabulous support and documentation, and ongoing addition of new features makes this a must-have!

[Encore]

I like weird stuff… So like Krzysztof said few pages before – different login page url – not important because it is already secured – still lovely option for me 😀

Second thing – just wrongly using captcha… Idea of this thing is to stop bots from login. So if you are human – read, type, login. But I want to use it in a bit different way… So I think its also not really important but maybe possible to do… Just different captcha word for Register, login, lost password and comments, contact or anything else…

[Author]

Posts