BulletProof Security Blog

BPS Pro 7.5 Primary Focus: 
New Anti-Spam / Security Feature: JTC Anti-Spam / Anti-Hacker

JTC Anti-Spam / Anti-Hacker:

JTC Anti-Spam provides website security protection as well as website Anti-Spam protection. JTC Anti-Spam is user friendly Anti-Spam / Anti-Hacker Protection. You can customize and personalize your JTC ToolTip message and CAPTCHA to match your website concept. For complete details about all of the features and options in JTC Anti-Spam click the Blue Read Me help button on the JTC Anti-Spam page.

JTC Anti-Spam Security/Spammer Protection:

Hacker Protection
Spammer Protection
DoS/DDoS Attack Protection
Brute Force Login Attack Protection
SpamBot Trap

Structural/Menu Changes:

The Security Log & System Info tab pages have been moved out of B-Core and now have their separate pages. The Security Log logs blocked Hackers, Spammers, Scrapers, Bots, etc. as well as JTC Anti-Spam / Anti-Hacker Form Logging and HTTP Error Logging so it makes more sense now to have the Security Log be centralized with its own page instead of being located under the B-Core page.

The System Info page requires a high resource usage due to the high number of System Information checks that are performed by System Info. The System Info page was moved to its own separate page to reduce system resource usage in B-Core while performing standard procedural tasks in B-Core.

New standard root .htaccess code added:

Server Protocol HTTP/1.0 and blank User Agent htaccess BRUTE FORCE LOGIN PAGE PROTECTION code is now standard .htaccess code in the BPS root .htaccess file. During the BPS Pro 7.5 upgrade this new code will automatically be added to your root .htaccess file. If are already using this exact Brute Force Login page protection code then you can remove it from Custom Code or your root .htaccess file. If you leave the code then it will not hurt anything and will just be redundant code. If you have customized the Brute Force Login page protection code that you are using then it is recommended that you cut and paste it into this new Custom Code text box: CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION, click the Save Root Custom Code button, go to the B-Core Security Modes page click the Create secure.htaccess File AutoMagic button and activate Root folder BulletProof Mode again. This will replace the standard BPS BRUTE FORCE LOGIN PAGE PROTECTION code with your customized BRUTE FORCE LOGIN PAGE PROTECTION code.

New BPS Pro Custom Code Text box added:

A new Custom Code Text box has been added: CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION.

New BPS Pro Pro-Tool added – Website Headers:

This Pro-Tool Allows you to check your website Headers or another website’s Headers remotely.

Check Headers Tool added to the System Info page:

This tool Allows you to check your website Headers or another website’s Headers remotely. This is also a Pro-Tool: Website Headers Pro-Tool, but it was logical to also add this Header checking tool on the System Info page as well.

New System Info page check – Public IP/X-Forwarded-For check:

If you are using CloudFlare on your website then you will see Proxy X-Forwarded-For IP Address: instead of Public ISP IP / Your Computer IP Address: displayed to you. This additional check is for troubleshooting issues with CloudFlare, CDN, Proxy or VPN.

Additional Oversized Log Files checking condition added:

In some cases the hourly Cron check for log file sizes to be automatically zipped, emailed and deleted was failing due to log file sizes exceeding the 2MB size limitation in less than 1 hour. The new oversized log file check will now automatically handle this particular scenario as long as S-Monitor Email options have been set to either email log files and delete them or just delete them based on file size. Either the oversized log file will be automatically zipped and emailed or it will be automatically deleted and replaced with a new blank Log file.

PHP 5.5.x deprecated function replacement:

The PHP mysql_get_client_info function has been replaced with mysqli_get_client_info function. Additional function checking code has been added in cases where the mysqli_get_client_info function is not available. BPS Pro Pages affected: options.php, arqdelete.php and bpsunlock.php.

New Dashboard Dismiss Notice:

Feature Setup Notice: JTC Anti-Spam. The JTC Anti-Spam new feature notice is designed to check and alert you about this new BPS Pro feature. You can choose to use JTC Anti-Spam by choosing the JTC Anti-Spam options you want to use or just click the Dismiss Notice link to Dismiss the feature notice and not use BPS Pro JTC Anti-Spam.

New S-Monitor option – JTC Anti-Spam: JTC Anti-Spam Status:

This S-Monitor DB Option is automatically saved and set to Display Status in WP Dashboard during the BPS Pro 7.5 upgrade. If you would like to change this option setting then go to the S-Monitor page and select the option you would like to use instead.

New BPS Pro WP Dashboard Status Display: JTC Anti-Spam Status:

JTC Anti-Spam Status: On or JTC Anti-Spam Status: Off or choose to display JTC Anti-Spam in BPS Pro pages only or turn the JTC Anti-Spam Status display off.

BULLETPROOF PRO 7.5 SECURE .HTACCESS || AutoRestore/Quarantine Status: On – Check Files Every 15 Minutes || Firewall Status: On || UAEG Status: On || Login Security Status: On || JTC Anti-Spam Status: On