Author: AITpro Admin
Published: September 7, 2015
Updated: September 7, 2015
Compatibility Enhancement: Plugin Firewall|Plugin Firewall AutoPilot Mode
The Plugin Firewall now works out of the box for sites that are behind a Network Firewall, Server Firewall, on an Internal Private Network or using a 10.xxx.xxx.xxx Proxy/Load Balancer Private IP address, X-Forwarded-For: client, proxy1, proxy2 scenarios where client and proxy IP addresses are not in the expected standard array order and LiteSpeed Servers. Plugin Firewall whitelisting (both manual and automated in Plugin Firewall AutoPilot Mode) is now literal vs conditional. Basically the Plugin Firewall should work out of the box without any additional configuration in every possible scenario, condition, configuration, etc. Dev Note: The Plugin Firewall now uses only mod_rewrite htaccess code and is no longer using mod_access_compat or mod_authz_core htaccess directives|code. |
Core Enhancement: Apache Module Forward|Backward Compatibility:
BPS automatically checks which Apache Modules are loaded on your server: mod_access_compat, mod_authz_core and mod_authz_host and checks availability|forward|backward compatibility and also IfModule conditions support to automatically create the correct htaccess code and files for your website|server. All BPS htaccess writing|updating|upgrading|new installations|creation|ip whitelisting, etc. htaccess code is automatically created based on Live BPS Apache Module and IfModule tests that are performed in BPS during BPS plugin upgrades and new installations to determine and create the correct htaccess code for each individual server|website. A new System Info feature has been added that performs Live tests with results and also includes a Visual Test – see New Feature: System Info page: for details. Dev Note: Live Apache Module check and automation performed in-page on B-Core page. |
Apache Module Compatibility List of Features|Files|htaccess Code Affected:
B-Core: Root, wp-admin, UAEG, Plugin Firewall htaccess files.
Core: BPS plugin directory self-protection htaccess files.
P-Security: in-page automated IP whitelisting.
DB Backup: in-page automated IP whitelisting.
Maintenance Mode: in-page automated IP whitelisting, BackEnd MMode IP whitelisting.
Pro-Tools: in-page automated IP whitelisting.
Xternal Tools: in-page automated IP whitelisting.
Pre-Installation and Setup Wizard: automated htaccess code|files creation. |
New Feature: System Info page: Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No): View Visual Test
The System Info Apache Modules|Directives check checks mod_access_compat, mod_authz_core and mod_authz_host availability|forward|backward compatibility and also IfModule conditions support. A visual test page (Click the View Visual Test link) has also been created to see the Apache Module|htaccess code and checks visually for troubleshooting purposes. BPS automatically detects which Apache Modules are loaded|available on your host server and creates the correct htaccess code for you particular website|server throughout all BPS htaccess files.
Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No): View Visual Test
mod_access_compat is Loaded|Order, Allow, Deny directives are supported|IfModule: Yes
mod_authz_core is Loaded|Order, Allow, Deny directives are supported|BC: Yes|IfModule: Yes
mod_authz_host is Loaded|Order, Allow, Deny directives are supported|BC: Yes|IfModule: Yes |
New Feature: Pro-Tools Scheduled Crons: Reset|Clear All BPS Cron Jobs and Reset|Clear All Cron Jobs
Resetting|Clearing Cron Jobs means unscheduling a Cron Job and not deleting Cron Jobs. When you Reset|Clear a Cron Job it will be automatically rescheduled with a new run time. You can either Reset|Clear all BPS Pro Cron jobs or Reset|Clear all Cron Jobs that are scheduled (WordPress, other plugins, themes, etc.). Dev Note: Reset|Clear All Cron Jobs performs an UPDATE Query which deletes the cron option_value value. |
BugFixes|Code Corrections|Enhancements|Misc|CSS|Visual|Other:
• Enhancement: JTC Anti-Spam|Anti-Hacker: Conditionally display the JTC ToolTip below form buttons for Mobile devices.
• Enhancement: XTF Turn Off|Deactivate Root BulletProof Mode (RBM) now also deleted the auto_.htaccess file in ARQ Backup.
• Enhancement: XTF: The BPS Pro Xternal Tools Form can now also be used as a stand-alone form by copying it to your website root folder.
• Enhancement: Additional FailSafe added to ARQ Cron when installations are significantly delayed or a server hiccup occurs, which causes the file containing the ARQ wp-content folder exclude filters not to be loaded before an ARQ Cron check is run. Conditional check added directly within the wp-content ARQ Cron function based on the DB option value of wp-content excluded folders.
• Compatibility Enhancement: HUD LiteSpeed Server Dismiss Notice displays: The BPS Pro Plugin Firewall can now be used/activated on LiteSpeed servers.
• Correction|Enhancement: DB Table Prefix Changer: Only allow entering numbers, lowercase letters and underscores in the Randomly Generated DB Table Prefix Form text box. Special thanks to Sathish from Cyber Security Works Pvt Ltd for reporting this issue in the DB Table Prefix Changer tool Form.
• Correction|Enhancement: Setup Wizard: CSS in-page background color to container div for cases when excessive messages from other plugins/themes causes the Activation Key error message to be incorrectly displayed on the Setup Wizard page.
• Dev Note: Structural|Performance Enhancement: All ARQ Cron code|functions have been moved out of functions.php to arq-cron.php.
• Dev Note: New condition added for Apache Module /mod-test/ folder in 403.php logging template to prevent 403 errors from being logged when Live Apache Module tests are performed|processed.
• Dev Note: admin.php obsolete code removal for deny all htaccess file creation for BPS Backup and Master Backups folders. |
Tags: BPS Pro 11 Whats New, BulletProof Security Pro 11 Whats New
BulletProof Security Pro | Comments Off