Follow @BPSPro

Whats New In BulletProof Security Pro 12.5

Comments Off RSS Site Feed Author: AITpro Admin
Published: December 13, 2016
Updated: July 28, 2019

• New Options:
 Custom User Roles: All BPS Form User Roles options now include custom user roles. If no custom user roles exist the standard WP User Roles will be displayed: Administrator, Editor, Author, Contributor & Subscriber. If Custom User Roles exist the User Roles will be displayed in a scrollable box.
• Features affected: WordPress Authentication Cookie Expiration (ACE), Idle Session Logout (ISL), JTC Anti-Spam|Anti-Hacker Comment Form CAPTCHA and Plugin Firewall Additional Roles IP Whitelist option.

• New Option: Auth Cookie Expiration (ACE): Enable|Disable Remember Me Checkbox:  Checking the Disable & do not display the Remember Me checkbox option will disable and not display the Remember Me checkbox for everyone including you. If you want to set and control the WordPress Remember Me setting then use the Remember Me Auth Cookie Expiration Time in Minutes option setting instead and choose an amount of time you would like to use for the Cookie expiration time.

• Procedural Enhancement: Plugin Firewall AutoPilot Mode plugin folder path naming convention (WP reserved namespace: “plugins”) issues/problems in other plugins. Plugin Firewall whitelist rules will be created when “plugins” is used in the path naming convention in other plugins. RegEx Plugin Firewall Whitelist rules will be automatically created for double slash // coding mistakes when detected in other plugins.
• Features affected: Pre-Installation Wizard and Multi Page|Post cURL Scanner Pro-Tool.

• Correction|Addition: Pre-Installation Wizard cURL scan additional prep condition added to prepare URI’s prior to filtering potential new Plugin Firewall whitelist rules.
• Additional Correction: Moved filter conditions outside of the curl_multi_exec() “for” loop.
• Dev Note: RegEx pattern5: removed /plugins/ from RegEx whitelist rule error checks in bpsPFWWhitelistRulesCheck().

• Improvement: ARQ Automation FailSafe: Additional failsafe added to ARQ Automation code that will not allow AutoRestore|Quarantine to be turned back On if all WP Core files are not backed up during a Manual WordPress upgrade. If ARQ Automation fails a message will be displayed to run the Setup Wizards again to complete WP Core file backup and to turn AutoRestore back On. ARQ Automation for WP Automatic Updates and Shiny Updates uses other existing ARQ Automation FailSafes.

• Enhancement: Security Log Event Code: HPR: Hacker Probe/Recon changed to: HPRA: Hacker Probe/Recon/Attack. Security Log 403 and 405 logging template files change.

• Enhancement: BPS Pro version number is now added in all Security logging code/text to aid in troubleshooting possible version issues/problems.

• BugFix: Additional conditional checks added for folks using open_basedir. Resolves Setup Wizard hanging/not completing BPS Pro setup. Resolves various php errors related to open_basedir and F-Lock > File Lock and Folder Lock.
• Dev Note: open_basedir causes a significant performance hit with PHP Iterators in general and specifically the PHP RecursiveFilterIterator class, which is filtered with PHP accept() implemented in the subclass in the BPS Pro ARQ Cron wp-content file check.


Tags: ,

Categories: BulletProof Security Pro

Skip to toolbar