Follow @BPSPro

BulletProof Security – BulletProof Security WordPress Plugin, BulletProof Security Plugin

2 Comments Atom Site Feed Author: AITpro Admin
Published: April 28, 2010
Updated: December 3, 2016

Whats New In BulletProof Security Pro 13.4.1

Comments Off Atom Site Feed Author: AITpro Admin
Published: January 26, 2018
Updated: January 26, 2018

• Enhancement:
 New System Info check: Mod Security Module Loaded|Enabled check. Displays whether or not the mod_security or mod_security2 Modules are loaded or displays that Mod Security is not Loaded|Enabled.

• Improvement: The BPS bpsPro_apache_mod_directive_check() function now includes new BPS Mod Security DB options that are updated on BPS upgrades and new installations of BPS when running the Setup Wizard. The new BPS Mod Security DB options are used in the new Mod Security Module Loaded|Enabled Dismiss Notice.

• New Dismiss Notice: Mod Security Module Loaded|Enabled: This new Dismiss Notice checks if Mod Security is Loaded|Enabled and provides a link to this forum topic: Mod Security Common Known Problems that explains the Mod Security SecRules and SecFilters issue/problem in detail and has information on how to fix problems caused by Mod Security SecRules and SecFilters. Mod Security SecRules and/or SecFilters are known to break some features in the BPS and BPS Pro plugins as well as some features in WordPress, other plugins and themes.

• Procedural Change: MScan: The MScan pattern matching code has been removed from the mscan-ajax-functions.php file and a new file: mscan-pattern-match.php has been created that will automatically be copied to the /bps-backup/mscan/ folder on BPS upgrades and new installations. Some web hosts see the MScan pattern matching code as malicious and will either delete or make the mscan-pattern-match.php file unreadable or the /mscan/ folder unreadable. In previous BPS versions deleting or making the mscan-ajax-functions.php file unreadable caused BPS not to function normally or other various problems. In BPS 2.9+ and BPS Pro 13.4.1+ versions, if a web host does delete the /bps-backup/mscan/mscan-pattern-match.php file or make the file or folder unreadable then BPS and BPS Pro will still function normally, but MScan will of course not be usable on your particular website/server/web host. An MScan error message is displayed on the MScan page if the /bps-backup/mscan/mscan-pattern-match.php file does not exist or is unreadable or if the /bps-backup/mscan/ folder does not exist or is unreadable.

• Procedural Change: The MScan Automatically Delete /tmp Files option setting is known to cause website/server crashes on SiteGround and Cyon Hosting. The MScan Automatically Delete /tmp Files default option setting has been changed to Off. A new warning message is displayed when the MScan Automatically Delete /tmp Files option setting is set to On.

• New Option Setting Functionality: JTC Anti-Spam|Anti-Hacker: The JTC ToolTip can now be hidden/not displayed by entering a blank space in the JTC ToolTip text box.

• New Option: JTC Anti-Spam|Anti-Hacker: New text box option created for custom CAPTCHA error messages for Login, Register, Lost Password, BuddyPress and WooCommerce forms. Allows someone to create a customized JTC CAPTCHA error message instead of displaying the default JTC CAPTCHA error message.

• Improvement: DB Backup accordion tabs now display relevant Active accordion Tab when processing all DB Backup Forms. DB Backup Form processing code has been moved hierarchically in the db-backup-security.php file so that “Refresh” buttons are no longer needed.

• Improvement: Login Security & Monitoring Form processing code has been moved hierarchically in the login.php file so that “Refresh” buttons are no longer needed. Memory usage and Completion time checks have also been removed.

• Improvement: Quarantine Form processing code has been moved hierarchically in the quarantine.php file so that “Refresh” buttons are no longer needed. Memory usage and Completion time checks have also been removed.

• Improvement: AutoRestore “Refresh” buttons, Memory usage and Completion time checks are no longer needed and have been removed.

• Improvement: F-Lock Folder Lock Form processing code has been moved hierarchically in the flock.php file so that “Refresh” buttons are no longer needed.

• Improvement: DB Monitor Form processing code has been moved hierarchically in the db-monitor.php file so that “Refresh” buttons are no longer needed.

• Improvement: bps-ui-accordion.js file: New accordion options added.

• BugFix: DB Backup: Closing “strong” code tag missing forward slash in the Download|Delete Backup Files Form processing causing the Create Backup Jobs accordion tab to display broken when deleting a DB Backup Zip file.

• BugFix: Login Security: Attempts Remaining countdown fix after user account is locked, the lockout time has expired and the user attempts to login again. The Attempts Remaining countdown now displays attempts remaining countdown correctly.

• Change: S-Monitor Simple Email Tests form no longer sends Headers info in the test success emails.

• Procedural Change: ARQ wp-content folder exclude rule created for the WP languages folder by default on new installations. BPS Setup Wizard AutoFix message displayed for BPS Pro upgrades.

• PHP error fix: Suppress PHP Notice: unserialize(): Error in bulletproof-security.php line 198 caused by Wordfence scan.

• New Dismiss Notice: Plugin review/rating request. This Dismiss Notice is displayed 30 days after someone upgrades BPS Pro or on new installations of BPS Pro.

Skip to toolbar