BPS Pro 8.3 Primary Focus:
|
|
Security Logging major changes/improvements to logging template files/code & start of Phase 1 Security Log Solution Targeting: Phase 1 Security Log Solution Targeting The Security Logging code has been significantly improved in BPS Pro 8.3. Logging is more streamlined, performance optimized & faster than in previous BPS versions, even with the new general conditional pattern checking code added. As of BPS Pro 8.3 two new Security Log Fields have been added to Security Logging: Event Code and Solution. In Phase 1 of Security Log Solution Targeting the primary focus is on detecting possible Plugin Skip/Bypass rules, Plugin Firewall Whitelist Rules (BPS Pro only) and UAEG Whitelist Rules (BPS Pro only) issues that need/require a one-time solution. Since 99.99% of the Security Log entries are blocked/forbidden hackers, spammers, scrapers, harvesters, miners, bad bots, etc. then the Security Log checking conditions can and should be streamlined/performance optimized by only looking at pattern matches in a broad scope. |
Quarantine New Option: Sort/Search Feature Additions: Total number of files in Quarantine counter added. Total difference of sorted files to total files in Quarantine. Enhanced Form processing to reduce load on Server and increase speed of file restores when restoring large numbers of files. Additional error detection/checking added. The primary use for the Quarantine Sort/Search feature would be if all plugin or theme files have been sent to Quarantine due to a problem or error. You can Sort/Search by plugin or theme folder name and all files for ONLY that plugin or theme will be displayed and you can then restore all of that plugin’s or theme’s files by selecting the Restore Files CheckAll checkbox. Additional use could be to isolate a problematic restore of particular files. |
Maintenance Mode Accordion: Maintenance Mode Accordion created for better functionality/usability. |
AutoRestore/Quarantine Email Alerts: Only 1 email alert is now sent when ARQ quarantines files. The total number of files sent to quarantine is displayed in the automated email alert. Example: Total Number of Files Quarantined: 5. |
BPS Pro Upgrade Notification Emails: Only 1 email is sent in a 24 hour period. The Upgrade Notification Cron emails now include a 24 hour time restriction. |
New Bonus Custom Code/Dismiss Notice: WordPress XML-RPC DDoS Protection: Special Thanks goes to Gary Gordon for reporting the recent WordPress XML-RPC exploits/attacks. The XML-RPC DDoS PROTECTION Bonus Custom Code .htaccess code completely turns off/disables IXR-RPC Client/Server capabilities on a website by protecting the WordPress xmlrpc.php file from being publicly accessible, which prevents the IXR XML-RPC Client/Server connection. Using this Bonus Custom Code will turn off/disable remote posting capability from Weblog Clients (A Weblog Client is software you run on your local machine (desktop) that lets you post to your blog via XML-RPC), unless you add (whitelist) your IP address in the XML-RPC DDoS PROTECTION Bonus Code. |
New Pro-Tool: XML-RPC Exploit Checker: Check your WordPress xmlrpc.php file / XML-RPC Server to see if is protected or exploitable. The XML-RPC Exploit Checker Pro-Tool uses the IXR XML-RPC Client script to connect to the WordPress IXR Server & also displays Headers for extra confirmation that the xmlrpc.php file is protected. |
New Dismiss Notice Added: WordPress Firewall 2 plugin check The WordPress Firewall 2 plugin contains a coding mistake and has not been updated in over 3 years. The wp-admin area is supposed to be whitelisted by default, but that code is not working correctly, which breaks several things in the BPS plugin. The Dismiss Notice will alert users to this existing problem. |
UAEG Blue Read Me Help Text Updates: UAEG Blue Read Me help text updated with new help info and link. New UAEG Sticky Forum Topic created. |
New/Updated Help & FAQ Help Links: All BPS Pro Help & FAQ tab pages have updated links, old/outdated links removed, etc. |
BPS Pro Activation Page Changes: BPS Pro Activation page naming convention changes for buttons, visual display and other help text changes. The BPS Pro Download Key naming convention has been officially changed to Download-Request Key from just Download Key as of BPS Pro 8.3. |
JTC Anti-Spam / Anti-Hacker new Option: Comment Form CAPTCHA Error message Special Thanks go to Gary Gordon for this good idea/feature request. The Default JTC Anti-Spam Comment Form CAPTCHA error message is: ERROR: Incorrect JTC CAPTCHA Entered. Click your Browser’s back button and re-enter the JTC CAPTCHA. You can change or add to the default error message. This error message only applies to the Comment Form CAPTCHA error message and does not affect or change any of the other Form CAPTCHA error messages. |
Code Corrections/BugFixes |
Error checking correction: File check for bp-maintenance.php removed. Error checking correction: Plugin Firewall error check for invalid code correction when the Plugin Firewall is turned Off. Code correction: deny all .htaccess file function created for /htaccess folder. Writes current IP if the Plugin Firewall is deactivated otherwise Maintenance Mode Preview Mode is blocked in the /htaccess folder. Code correction: CSS z-index property added for Custom Code Blue Read me help button. Dialog window now displays on top layer. Code correction: Maintenance Mode website name is not displayed in the reminder email. Visual correction: Additional space added after Save ARQ Cron Options button. Code correction: Maintenance Mode Apostrophes/single quote code character displayed with a escape backslash. Code correction/Prep work: Square brackets removed from all php.ini master files. P-Security is pending a major overhaul in coming versions of BPS Pro. |
Tags: BPS Pro 8.3 Whats New, BulletProof Security Pro 8.3 Whats New
Categories: BulletProof Security Pro