{"id":5201,"date":"2015-10-11T17:05:55","date_gmt":"2015-10-12T00:05:55","guid":{"rendered":"http:\/\/www.ait-pro.com\/aitpro-blog\/?p=5201"},"modified":"2015-10-15T16:04:11","modified_gmt":"2015-10-15T23:04:11","slug":"whats-new-in-bulletproof-security-pro-11-2","status":"publish","type":"post","link":"https:\/\/www.ait-pro.com\/aitpro-blog\/5201\/bulletproof-security-pro\/whats-new-in-bulletproof-security-pro-11-2\/","title":{"rendered":"Whats New In BulletProof Security Pro 11.2\/11.3"},"content":{"rendered":"
\n


\nBPS Pro 11.3:<\/strong><\/span><\/h3>\n

BugFix 10-15-2015:<\/span><\/strong> Security Log: Fixed duplicate visual content displayed.<\/p>\n\n\n\n\n\n\n\n\n
\n

BPS Pro 11.2:<\/strong><\/span><\/h3>\n

Core Enhancement|Improvement: Quarantine Directory Structure Mirror<\/h3>\n

Quarantine prior to BPS Pro 11.2 moved or copied all quarantined files to the protected base Quarantine folder and renamed duplicate filenames in Quarantine. Quarantine as of BPS Pro 11.2 creates a mirrored directory structure of the quarantine file source path in the protected Quarantine folder. Example: If a file is quarantined from this source path\/origin folder: \/wp-content\/example-folder\/hacker-file.php then the exact mirrored directory structure will be created in Quarantine: \/quarantine\/wp-content\/example-folder\/hacker-file.php.<\/td>\n<\/tr>\n

\n

New Feature: UAEG Custom Code<\/strong><\/span><\/h3>\n

Custom Code now includes a 3rd accordion tab: UAEG htaccess File Custom Code. Allows you to copy your entire Uploads Anti-Exploit Guard (UAEG) htaccess file from the htaccess File Editor tab page to customize it. You can add additional whitelist rules or other custom htaccess code to your UAEG htaccess code\/file and save your customizations permanently. UAEG Custom Code has also been included\/added in the Custom Code Export|Import tools. When you Export or Import Custom Code, the root, wp-admin and UAEG Custom Code is exported or imported.<\/td>\n<\/tr>\n

\n

New Bonus Custom Code Dismiss Notice: POST Request Attack Protection<\/strong><\/span><\/h3>\n

Long|Extensive Help Info:<\/span>\u00a0POST Request Attack Protection Forum Topic<\/a><\/strong>
\nShort|Simplified Description:<\/strong><\/span>
\nThe BPS POST Request Attack Protection Bonus Custom Code filters all POST Requests made to your website. Each RewriteCond line of code in the POST Request Attack Protection Bonus Custom Code is a whitelist rule that says to allow all POST Requests to that file or URL|URI the contains a POST Form. To whitelist additional files, URL’s, POST Forms on your website you would add a line of code that has the name of the file or the URL|URI to allow\/whitelist all POST Requests to that file, URL, POST Form. If you choose to add this Bonus Custom Code to BPS Custom Code, check your BPS Security Log for a few days for any 403 POST Request Log entries to make sure that you have whitelisted\/allowed all POST Forms on your website that need to be whitelisted\/allowed.<\/td>\n<\/tr>\n

\n

New Option: Security Log Limit POST Request Body Data<\/strong><\/span><\/h3>\n

The default Security Log Request Body Data capture\/log limit is 250000 maximum characters, which is roughly about 250KB in size. The new Limit POST Request Body Data checkbox option limits the maximum number of Request Body Data characters captured\/logged in the Request Body logging field to 500 characters, which is roughly 5KB in size. You can capture\/log entire hacking scripts if you do not check the Limit POST Request Body Data checkbox (See Note below), but that means your log file size could increase dramatically and you could receive more automated Security Log zip file emails. Note: To capture\/log all POST Request Attacks against your website you will need to add the POST Request Attack Protection Bonus Custom Code:\u00a0POST Request Attack Protection Bonus Custom Code<\/a><\/td>\n<\/tr>\n

\n

Enhancement: Security Log 403 Logging Template<\/strong><\/span><\/h3>\n

The Security Log 403 Logging template has a new logging field: REQUEST BODY that captures\/logs POST Request Body data\/content if the POST Request Body is not empty. To maximize POST Request security protection for your website and capture\/log entire hacker scripts use the new POST Request Attack Protection Bonus Custom Code:\u00a0POST Request Attack Protection Bonus Custom Code<\/a><\/td>\n<\/tr>\n

\n

BugFixes|Code Corrections|Enhancements|Misc|CSS|Visual|Other:<\/strong><\/span><\/h3>\n

\u2022 Security Enhancement:<\/strong><\/span> Security Log content is now filtered to display only ASCII printable characters.
\n\u2022 Visual|Functionality Enhancement:<\/strong><\/span> Quarantine CSS max-height: 600px auto-scroll\/scrollable table.
\n\u2022 BugFix:<\/strong><\/span> MMode inpage IP whitelisting conditional check for Plugin Firewall activated fixed.
\n\u2022 Removal:<\/strong><\/span> All instances of the UPLOADBLOGSDIR constant have been removed in all BPS plugin code.
\n\u2022 Removal:<\/strong><\/span> Network|Multisite obsolete blogs.dir tab removed from the htaccess File Editor.
\n\u2022 Removal:<\/strong><\/span> Defunct\/obsolete Block Referer Spammers Bonus Custom Code Dismiss Notice removed.
\n\u2022 Dev Note:<\/strong><\/span> REMOTE_ADDR variable check replaced with “get real IP address” function for inpage IP whitelisting on MMode, Pro-Tools and P-Security pages.
\n\u2022 Dev Note:<\/strong><\/span> PHP error Undefined index: HTTP_USER_AGENT suppressed in the 403 Security Logging template.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

BPS Pro 11.3: BugFix 10-15-2015: Security Log: Fixed duplicate visual content displayed. BPS Pro 11.2: Core Enhancement|Improvement: Quarantine Directory Structure Mirror Quarantine prior to BPS Pro 11.2 moved or copied all quarantined files to the protected base Quarantine folder and renamed duplicate filenames in Quarantine. Quarantine as of BPS Pro 11.2 creates a mirrored directory […]<\/p>\n","protected":false},"author":167,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[393],"tags":[617,618],"class_list":["post-5201","post","type-post","status-publish","format-standard","hentry","category-bulletproof-security-pro","tag-bps-pro-11-2-whats-new","tag-bulletproof-security-pro-11-2-whats-new"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts\/5201","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/users\/167"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/comments?post=5201"}],"version-history":[{"count":0,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts\/5201\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/media?parent=5201"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/categories?post=5201"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/tags?post=5201"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}