BPS HUD – BulletProof Security Heads Up Display
A Heads Up Display (HUD) has been added to BPS as of version .46.1. The first time and every time you access the BulletProof Security Settings page a Heads Up Display (HUD) will check for any issues or problems and display warning or error messages ONLY if an issue or problem has been detected. If there are no issues or problems then you will will not see the Heads Up Display. No news is good news.
Removing HUD Warning and Error Messages Permanently
If you would like to remove the HUD Warning and Error Messages permanently the echoed functions are located in the options.php file at code line 27. They are shown below. You would add 2 forward slashes in front of the warning or error message echo function that you do not want to be displayed in the HUD. Example: //echo bps_check_safemode(); This would prevent the Safe Mode Check error message from being displayed every time you access the BPS Settings page.
// Heads Up Display - Warnings and Error messages echo bps_check_php_version_error(); echo bps_check_permalinks_error(); echo bps_check_iis_supports_permalinks(); echo bps_hud_check_bpsbackup(); echo bps_check_safemode(); echo bps_w3tc_htaccess_check($plugin_var); echo bps_wpsc_htaccess_check($plugin_var);
BPS HUD – Error Messages and Warning Messages
PHP Version Check
WARNING! BPS requires at least PHP5 to function correctly. Your PHP version is: 4.3.2
BPS requires a minimum of PHP5 to be running on your WordPress website in order to function correctly. If you have an older version of PHP then you will need to add an Apache Directive to your root .htaccess file to force PHP5 to run on your WordPress website. To find out what particular PHP5 .htaccess Apache Directive that your web host uses perform this Google search – your web host’s name and PHP5.
WordPress Permalinks Check
WARNING! Permalinks are NOT Enabled. Permalinks MUST be enabled for BPS to function correctly
BPS requires that your are using a WordPress Permalink structure. For more information on WordPress Permalinks view the WordPress Permalinks page.
Windows IIS6 and IIS7 Check
WARNING! BPS has detected that your Server is a Windows IIS Server that does not support .htaccess rewriting. Do NOT activate BulletProof Security Modes unless you are absolutely sure you know what you are doing. Your Server Type is: IIS6
WordPress Codex – Using Permalinks – see IIS section
This link will open in a new browser window. You will not be directed away from your WordPress Dashboard.
BPS Backup Folder Check – mkdir Check – PHP Make Directory Check
WARNING! BPS was unable to automatically create the /wp-content/bps-backup folder.
You will need to create the /wp-content/bps-backup folder manually via FTP. The folder permissions for the bps-backup folder need to be set to 755 in order to successfully perform permanent online backups.
Safe Mode Check
WARNING! BPS has detected that Safe Mode is set to On in your php.ini file.
If you see errors that BPS was unable to automatically create the backup folders this is probably the reason why.
Safe Mode is a thing of the past that never really worked any way. If you have safe mode set to On in your php.ini file you should set it to Off. If your web host has safe mode set to On and does not allow you to change this then just remove the error message by commenting out the Safe Mode function check in the options.php file. Safe Mode will effect the PHP mkdir function that creates directories so you may need to manually create folders is you have Safe Mode set to On.
W3 Total Cache htaccess checks
W3 Total Cache is activated, but W3TC .htaccess code was NOT found in your root .htaccess file.
W3TC needs to be redeployed by clicking either the auto-install or deploy buttons. Click to Redeploy W3TC.
W3 Total Cache is deactivated and W3TC .htaccess code was found in your root .htaccess file.
If this is just temporary then this warning message will go away when you reactivate W3TC. If you are planning on uninstalling W3TC the W3TC .htaccess code will be automatically removed from your root .htaccess file when you uninstall W3TC. If you manually edit your root htaccess file then refresh your browser to perform a new HUD htaccess file check.
WP Super Cache htaccess checks
WP Super Cache is activated, but either you are not using WPSC mod_rewrite to serve cache files or the WPSC .htaccess code was NOT found in your root .htaccess file.
If you are not using WPSC mod_rewrite then just add this commented out line of code in anywhere in your root htaccess file – # WPSuperCache. If you are using WPSC mod_rewrite and the WPSC htaccess code is not in your root htaccess file then click this Update WPSC linkto go to the WPSC Settings page and click the Update Mod_Rewrite Rules button. It appears that the BPS filters are working correctly with the WPSC htaccess code being written to the bottom of the root htaccess file, but I recommend that you manually cut and paste the WPSC htaccess code and the section of WordPress htaccess code that starts with # BEGIN WordPress and ends with # END WordPress to the top area of your root htaccess file right after Options -Indexes in your root htaccess file. Refresh your browser to perform a new HUD htaccess file check.
WP Super Cache is deactivated and WPSC .htaccess code – # BEGIN WPSuperCache # END WPSuperCache – was found in your root .htaccess file.
If this is just temporary then this warning message will go away when you reactivate WPSC. You will need to set up and reconfigure WPSC again when you reactivate WPSC. If you are planning on uninstalling WPSC the WPSC .htaccess code will be automatically removed from your root .htaccess file when you uninstall WPSC. If you added commented out line of code in anywhere in your root htaccess file – # WPSuperCache – then delete it and refresh your browser. It appears that the BPS filters are working correctly with the WPSC htaccess code being written to the bottom of the root htaccess file, but I recommend that you manually cut and paste the WPSC htaccess code and the section of WordPress htaccess code that starts with # BEGIN WordPress and ends with # END WordPress to the top area of your root htaccess file right after Options -Indexes in your root htaccess file.
Plugin Errors, Warnings, Problems, Conflicts and Fixes Information
For problems and issues with plugin conflicts view the BPS Plugin Compatibility, Testing and Fixes page
General Troubleshooting and Common Problem Areas
As of BPS .46.1 additional System Information checks are performed to display important information about your website. One of the areas that tends to confuse people is when they have several websites under one web hosting domain account. These website domains are either addon domains, aliased domains or subdomains. BPS will correctly determine where your WordPress installation is located on your Web Server and display the correct WordPress installation folder for you. When manually editing the RewriteBase and RewriteRule in the BPS .htaccess files you would enter whatever is displayed for your WordPress Installation Folder. The table below is showing a WordPress Subfolder Installation. If you had a root WordPress installation then you would see this:
WordPress Installation Folder: /
WordPress Installation Type: Root Folder Installation
| Website Root Folder: http://www.ait-pro.com/wordpress-testing-website | MySQL Database Version: x.x.x-log | |
| Document Root Path: /var/chroot/home/content/xx/xxxxxxx/html | MySQL Client Version: x.x.xx | |
| WP ABSPATH: /home/content/xx/xxxxx/html/wordpress-testing-website/ | Database Host: aitxxxxx.db.xxxx.somehost.com | |
| Server / Website IP Address: 173.201.92.1 | Database Name: aitxxxxxx | |
| Public IP / Your Computer IP Address: xx.xx.xxx.xxx | Database User: aitxxxxx | |
| Server Type: Apache | SQL Mode: Not Set | |
| Operating System: Linux | ||
| Multisite: Multisite is not enabled | WordPress Installation Folder: /wordpress-testing-website/ | |
| Browser Compression Supported: gzip, deflate | WordPress Installation Type: Subfolder Installation | |
| PHP Version Check: √ Running PHP5 | WP Permalink Structure: /%post_id%/%postname%/ | |
| Permalinks Enabled: √ Permalinks are Enabled |
BPS Status Page Warnings and Errors When Installing BPS for The First Time and Upgrading
When you install and upgrade BPS, BPS will check for the version number in the .htaccess files that you are currently using. If you are using .46 BPS .htaccess files then BPS will generate these warnings because it is looking for version .46.1 .htaccess files. The latest BPS master .htaccess files contain the latest plugin fixes and any other changes to the master .htaccess files including security improvements, additions, etc. You should always be using the latest BPS master files. Before you activate the latest BPS master files be sure to use the built-in BPS File Editor to copy and paste any .htaccess code to the new master .htaccess files before activating them or you can copy any new BPS 46.1 .htaccess code to your current BPS .46 .htaccess files. If you just want the warning messages to go away without activating new BPS master files then use the BPS File Editor and change the version from .46 to .46.1. in your currently active root and wp-admin .htaccess files. Whichever method you choose just make sure that your RewriteBase and RewriteRule are correct for your website and then Activate BulletProof Modes. After you have performed any one of the methods above you should see all green status messages displayed in the Status window.
The .htaccess file that is activated in your root folder is:
string(45) ” BULLETPROOF .46 >>>>>>> SECURE .HTACCESS “
A BPS .htaccess file was NOT found in your root folder or you have not activated BulletProof Mode for your Root folder yet, Default Mode is activated or the version of the BPS htaccess file that you are using is not .46.1. Please read the Read Me hover Tooltip above.
wp-config.php is NOT .htaccess protected by BPS
√ Deny All protection activated for BPS Master /htaccess folder
√ Deny All protection activated for /wp-content/bps-backup folder
The .htaccess file that is activated in your wp-admin folder is:
string(45) ” BULLETPROOF .46 WP-ADMIN SECURE .HTACCESS “
A valid BPS .htaccess file was NOT found in your wp-admin folder. Either you have not activated BulletProof Mode for your wp-admin folder yet or the version of the wp-admin htaccess file that you are using is not .46.1. BulletProof Mode for the wp-admin folder MUST also be activated when you have BulletProof Mode activated for the Root folder. Please read the Read Me hover Tooltip above.
The WP readme.html file is not .htaccess protected
The WP /wp-admin/install.php file is not .htaccess protected
This page will eventually include all the possible BPS error messages and warnings that would ever see.