11.9.1:
New Feature: Save Customized default.htaccess file permanently for use in RBM Deactivation
If the default.htaccess file is edited and customized using the B-Core > htaccess File Editor, the customized default.htaccess file will be saved to the /bps-backup/master-backups/ folder permanently. When Root Folder BulletProof Mode is deactivated the Custom default.htaccess file will be used instead of the default BPS generic WordPress htaccess file. If you have created a Custom default.htaccess file then it will be automatically copied from the /bps-backup/master-backups/ folder during a BPS plugin upgrade and will replace the default BPS default.htaccess Master file. |
Other|Misc:
• BugFix|Correction: MMode Network|Multisite replace subsite site name variable name with dash/hyphen to underscore.
• BugFix|Correction: Incorrect option name used in Cron Schedule conditions 15, 30 and 60. Fixes Notice: Undefined index php error.
• Improvement: MMode additional conditional check if Countdown Timer checkbox is checked for Maintenance Mode Time Text Box error check.
• Correction: UAEG Read Me help text correction for UAEG Custom Code steps.
• Dev Note: Moved UAEG-Menu-Link anchor div link higher up in core.php code. UAEG and HPF are now visually displayed fully in the Browser viewport. |
11.9:
B-Core UI|UX Redesign:
The B-Core UI|UX design has been simplified visually and functionally. Forms have been combined to reduce total overall number of clicks required to perform tasks. Features and Options have been moved to locations that make the most logical sense for ease of use, visual flow and functionality.
• Removal: B-Core > Security Status page.
• Removal: B-Core > Backup & Restore page.
• Removal: Security Status: Various Additional Website Security Measures checks deleted. Redundant and obsolete.
• Change|Move: Backup & Restore htaccess Files Form moved to Security Modes page.
• Change|Move: Enable|Disable wp-admin BulletProof Mode option moved from WBM to Setup Wizard Options page.
• Change|Move: DB Show Errors check moved from Security Status to System Info page.
• Change|Enhancement: Master htaccess Folder BulletProof Mode (MBM) new section created. Deactivate Form created.
• Change|Enhancement: BPS Backup Folder BulletProof Mode (BBM) new section created. Deactivate Form created.
Dev Note B-Core UI|UX:
Core Error checking/messaging uses POST value true real-time value checking. Success|Error messages have been simplified. Form “confirm” messaging has been simplified. All Form code moved to includes as this provides an additional level of security protection against the Remote POST attack vector. Future Planned|Scheduled pending UI|UX Redesign for all BPS Pro pages, features, etc. in stages (TL’s see Task List UI|UX Redesign Schedule). B-Core UI|UX Redesign Cu Score: 98% positive|2% negative. |
New Feature: Hidden Plugin Folders|Files (HPF) Cron
Special Thanks to Alex Stamatellos at Webcentrix LLC: http://webcentrex.us/ for this new feature idea in BPS.
A hidden or empty plugin folder is a plugin the exists in your /plugins/ folder, but is not displayed on the WordPress Plugins page. A hidden plugin can be used as a hacker backdoor to gain access to your WP Dashboard, hosting account, create user accounts, completely control your website and hosting account, etc. A non-standard WP file or modified/altered file in your /plugins/ folder can also do all of the things a hidden plugin can do. The HPF Cron is setup automatically when upgrading BPS and by running the Setup Wizard. The HPF Cron checks the WordPress /plugins/ folder for hidden or empty plugin folders and any non-standard WP files or altered files in the /plugins/ folder. This is a lightweight Cron check that uses an insignificant amount of resources/memory. So 4 checks per hour (check every 15 minutes) will not cause any significant resource/memory issues whatsoever. Even choosing Run Check Every 1 Minute would not cause any significant resource/memory issues whatsoever.
HPF Dashboard Alerts & Email Alerts:
If a hidden or empty plugin folder is detected or a non-standard WP file is detected then a BPS Dashboard Alert will be displayed and Email Alert will be sent to you. BPS Pro Only: The HPF Email Alert setting is in S-Monitor: HPF: Hidden Plugin Folders|Files (HPF) Cron and the option settings are: Send Email Alerts or Do Not Send Email Alerts. |
New Feature: System Info > Get Plugins List
Clicking the System Info Get Plugins List button displays a list of all plugins installed, the version number of the plugin, activated or deactivated status and the URI path to the plugin in a jQuery Dialog popup window. |
New Feature|Option: BPS UI|UX Debug
BPS UI|UX Debug is set to Off by default. Turning On the BPS UI|UX Debug option will display: plugin or theme Scripts that were Dequeued (prevented) from loading in BPS plugin pages, plugin or theme Scripts that were Nulled (prevented) from loading in BPS plugin pages by the Script|Style Loader Filter (SLF) In BPS Plugin Pages option and WP Toolbar nodes|menu items that were Removed in BPS plugin pages by the WP Toolbar Functionality In BPS Plugin Pages option. The Debugger will also display any SLF js or css Scripts that were Not Nulled|Allowed to load in BPS plugin pages. |
New S-Monitor Email Alert Option: HPF: Hidden Plugin Folders|Files (HPF) Cron
HPF: Hidden Plugin Folders|Files (HPF) Cron is set to send emails by default. Choose whether or not to have email alerts sent if a hidden or empty plugin folder is detected or a non-standard WP file is detected in the WordPress /plugins/ folder. |
New Dismiss Notice: New Improved BPS Speed Boost Cache Code HUD Dismiss Notice
Checks this BPS Custom Code text box: CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE for older BPS Speed Boost Cache Code and if older BPS Speed Boost Cache Code is found displays a link to get the newer BPS Speed Boost Cache Code, which should improve website load speed performance even more. |
New System Info Page Check: OpenSSL Extension/Version
Checks if the OpenSSL extension is loaded and displays the OpenSSL version. |
New Idle Session Logout (ISL) Options: Idle Session Logout Page URL, Idle Session Logout Page Custom Message & Idle Session Logout Page Custom CSS Style
• Idle Session Logout Page URL: Option to choose to redirect idle/inactive logged out users to any URL that you want to redirect them to by entering the URL in this text box. Example: If you enter the URL path to your WP Login page then users will be redirected to your WP Login page instead of the default BPS Idle Session Logout Page.
• Idle Session Logout Page Custom Message: Option to choose to either use the default BPS ISL message/text by leaving the textarea box blank or you can enter your own custom ISL message/text in this textarea box that you want displayed to logged out users.
• Idle Session Logout Page Custom CSS Style: Option to choose to either use the default BPS CSS Style code or enter your own custom CSS Style customizations.
• Enhancement: Idle Session Logout > Idle Session Logout Page Login URL: Choose to display or not display a Login URL on the ISL Logout page. |
Other|Misc:
• BugFix: Remove “default” from TEXT Type Create Table SQL code. Special Thanks to Max Fein: https://wp-networks.com for finding and reporting a bug in the BPS Create Table SQL code.
• BugFix|Change: Apache Modules|Directives: mod-test index.php file HTML image name correction. mod_rewrite Module htaccess Status checking code changed to check both http and https internal image rewriting vs image redirection to Google. Additional 404 Status condition added.
• BugFix|Correction: Network|Multisite: network_admin_notices Action Hook added to display Login Security password reset disabled notification on Network Edit Users page.
• BugFix|Correction: wp_register_script|wp_enqueue_script and wp_register_style|wp_enqueue_style handles & dependencies code correction.
• Enhancement: Register scripts and styles: Added: ver Query Strings & load scripts in footer.
• Enhancement: Network|Multisite: Added Setup Wizard Action Link on Network Admin Dashboard Plugins page.
• Enhancement: jQuery icon circle triangle CSS added to accordions.
• Enhancement: AutoRestore Folder & File Search Tool > Search a Specific Folder > echo real path instead of example path.
• Correction|Addition: Login Security Login by email address capability added. Technically this is a correction since this feature should have already been available in Login Security.
• Nav Removal: Logs & Info Menu > Security Status Menu link.
• Nav Change: UI|UX menu name change to UI|UX Settings.
• Removal: System Info page: Custom Permalinks and PHP Version Check – redundant.
• Security: Static HUD check/message for BPS Backup Folder BulletProof Mode (BBM) deactivated. |