{"id":5457,"date":"2017-06-25T19:37:13","date_gmt":"2017-06-26T02:37:13","guid":{"rendered":"https:\/\/www.ait-pro.com\/aitpro-blog\/?p=5457"},"modified":"2017-07-02T20:35:03","modified_gmt":"2017-07-03T03:35:03","slug":"whats-new-in-bulletproof-security-pro-13","status":"publish","type":"post","link":"https:\/\/www.ait-pro.com\/aitpro-blog\/5457\/bulletproof-security-pro\/whats-new-in-bulletproof-security-pro-13\/","title":{"rendered":"Whats New In BulletProof Security Pro 13\/13.1"},"content":{"rendered":"
\n\n\n\n

\n13.1:<\/strong><\/span>
\n\u2022 BugFix:<\/strong><\/span>\u00a0Renamed the $woocommerce variable in login-security.php to something unique to avoid collisions\/conflicts with this common variable name being declared a Global.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n\n\n

\n13:<\/strong><\/span>
\n\u2022 New Option & Feature:<\/span><\/strong>\u00a0Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup): This option is turned On by default and can be turned Off on the BPS Setup Wizard Options page. Setup Wizard AutoFix checks which plugins and themes you currently have installed and will display a BPS Setup Wizard AutoFix Notice to run the BPS Setup Wizard if any currently installed plugins or themes require Custom Code whitelist rules or AutoSetup. The BPS Setup Wizard automatically creates BPS Custom Code whitelist rules for known issues with any plugins and themes that need Custom Code whitelist rules. Setup Wizard AutoFix also automatically sets up and cleans up caching plugin\u2019s htaccess code for these WordPress caching plugins: WP Super Cache, W3 Total Cache, Comet Cache Plugin (free & Pro), WP Fastest Cache Plugin (free & Premium), Endurance Page Cache and WP Rocket. Notes: These caching plugins were also tested, but do not require AutoSetup by the BPS Setup Wizard: Cache Enabler plugin and the Hyper Cache plugin. The Cachify plugin was tested, but could not be added to BPS Setup Wizard AutoFix due to a problem with the Cachify plugin creating invalid htaccess code. The Cachify plugin will be added at a later time once the problem is fixed in the Cachify plugin.<\/p>\n

Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) Automation:<\/strong><\/span>
\nList of plugins and themes that have AutoFixes:<\/strong><\/span>\u00a0Setup Wizard AutoFix<\/a><\/p>\n

AutoWhitelist:<\/strong><\/span>\u00a0The Setup Wizard AutoFix feature automatically creates Custom Code whitelist rules for 100+ known issues with plugins and themes. Previous versions of BPS and BPS Pro required doing a manual copy and paste solution to manually add Custom Code whitelist rules to BPS Custom Code.<\/p>\n

AutoSetup:<\/strong><\/span> The Setup Wizard AutoFix feature automatically gets htaccess caching code from caching plugins (WP Super Cache, W3 Total Cache, Comet Cache Plugin (free & Pro), WP Fastest Cache Plugin (free & Premium), Endurance Page Cache and WP Rocket) and saves caching plugin\u2019s htaccess code in BPS Custom Code. Previous versions of BPS and BPS Pro required doing a manual copy and paste solution to manually add caching plugin\u2019s htaccess code to BPS Custom Code.<\/p>\n

AutoCleanup:<\/strong><\/span>\u00a0The Setup Wizard AutoFix feature automatically removes any existing caching plugin\u2019s htaccess code in BPS Custom Code and the Root htaccess file if the caching plugin is no longer activated or installed. Example scenario: You have Plugin X Caching plugin installed and decide to try Plugin Y Caching plugin. Setup Wizard AutoFix (AutoCleanup) will automatically remove any existing htaccess code from BPS Custom Code and the Root htaccess file for Plugin X Caching plugin. At the same time Setup Wizard AutoFix (AutoSetup) will automatically create Plugin Y\u2019s Caching code in BPS Custom Code and the Root htaccess file. So instead of having to manually add or remove any caching plugin\u2019s htaccess code in BPS Custom Code, the Setup Wizard AutoFix feature will automatically do that when you run the BPS Setup Wizard.<\/p>\n

AutoFix Debugging:<\/strong><\/span>\u00a0BPS UI|UX Settings page > BPS UI|UX|AutoFix Debug: Turning On the BPS UI|UX|AutoFix Debug option will display: plugin or theme names and the BPS Custom Code text box where plugins or themes should be creating Custom Code whitelist rules. Usage: If the BPS Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) Notice is still being displayed after running the Pre-Installation Wizard and Setup Wizard then the BPS UI|UX|AutoFix Debug option should be turned On to find the exact plugin or theme and the Custom Code text box where the problem is occurring. Example Debug Displayed message: CC Root Text Box 10: WooCommerce Plugin. This option could also be used generally to see which plugins and themes BPS AutoFix is creating Custom Code whitelist rules for and which Custom Code text boxes the AutoFix whitelist rules will be created in.<\/p>\n

Dev Note:<\/strong><\/span>\u00a0Existing HUD error checks & message changes: WP Super Cache, W3 Total Cache, WooCommerce, Jetpack changed. New help text\/links for the new Setup Wizard AutoFix feature. New HUD BPS AutoFix checking function created for 100+ plugins and themes (combined into one function).<\/p>\n

Dev Note:<\/strong><\/span>\u00a0New conditions added to the EPC plugin dismiss notice: check if EPC version .9 is enabled and Cache level is 1,2,3,4.<\/p>\n

Removal:<\/strong><\/span>\u00a0HUD Dismiss Notices: Jetpack, WooCommerce & Broken Link Checker plugins. Now handled by Setup Wizard AutoFix.<\/p>\n

\u2022 Change|Addition|Improvement:<\/strong><\/span>\u00a0New AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) section has been added to the Pre-Installation Wizard Checks|Scans|Settings results. Additional section dividers added for Compatibility & Basic Checks, AutoRestore|Quarantine Exclude Rules, Plugin Firewall cURL Scanner and Plugin Firewall Whitelist Rules to make the Pre-Installation Wizard results visually easier to read. Hover ToolTip icons added for results that contain “extra” result data.<\/p>\n

\u2022 Option Name & Functionality Change:<\/strong><\/span>\u00a0BPS UI|UX Debug option name change to BPS UI|UX|AutoFix Debug. Turning On the BPS UI|UX|AutoFix Debug option will display: plugin or theme names and the BPS Custom Code text box where plugins or themes should be creating Custom Code whitelist rules. Usage: If the BPS Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) Notice is still being displayed after running the Pre-Installation Wizard and Setup Wizard then the BPS UI|UX|AutoFix Debug option should be turned On to find the exact plugin or theme and the Custom Code text box where the problem is occurring. Example Debug Displayed message: CC Root Text Box 10: WooCommerce Plugin. This option could also be used generally to see which plugins and themes BPS AutoFix is creating Custom Code whitelist rules for and which Custom Code text boxes the AutoFix whitelist rules will be created in.<\/p>\n

\u2022 Improvement:<\/strong><\/span>\u00a0BPS Speed Boost Cache Dismiss Notice: Additional conditional checks added to check if BPS Speed Boost Browser Cache code exists in BPS Custom Code as well as other caching plugins Browser caching code. The check can be overridden by using a Marker: BPS NOCHECK. Using duplicate or redundant Browser caching code will not improve website performance and may actually cause your website to perform\/load slower.<\/p>\n

\u2022 Change:<\/strong><\/span>\u00a0wp-admin master htaccess file: Request Methods Filtered block of htaccess code has been removed from the wp-admin htaccess file.<\/p>\n

\u2022 BugFix:<\/strong>\u00a0<\/span>BPS Pro MU Tools must-use plugin: Prevent BPS Pro Plugin Deactivated Security Log entries logged for Network|Multisite subsites when BPS Pro is activated individually per site vs Network activating the BPS Pro plugin.<\/p>\n

\u2022 New Security Log Options:<\/strong>\u00a0<\/span>Security Log: POST Request Body Data option: 2 new checkbox options: Do Not Log POST Request Body Data (0KB) and Log Maximum POST Request Body Data (250KB). POST Request Body Data option name change from: Limit POST Request Body Data to: Log Minimum POST Request Body Data (5KB). The new default POST Request Body Data option setting is: Do Not Log POST Request Body Data (0KB), which will be automatically set on this BPS plugin upgrade only and new first run Setup Wizard installations. Some web hosts falsely interpret the BPS Security Log text file as malicious since hacker code used to attack your website can be captured\/logged in the Security Log text file depending on your POST Request Body Data option settings. This change only affects logging or not logging data in the REQUEST BODY Security Log field and does not affect anything else about Security Log entries. Security Logging template files affected: 403.php, 404.php and 405.php.<\/p>\n

\u2022 Procedural:<\/strong><\/span>\u00a0Root and wp-admin htaccess file security rule modifications. On BPS upgrade automatically add additional https scheme conditions to 3 htaccess security rules and combine 2 rules into 1 rule for the currently active Root and wp-admin htaccess files. On BPS upgrade automatically update any existing BPS htaccess code to the new BPS htaccess code that is saved in Root and wp-admin Custom Code.<\/p>\n

\u2022 Procedural:<\/strong>\u00a0<\/span>New error check for the Oxygen plugin. The Oxygen plugin interferes with BPS MMode. An inpage check and error message is displayed on the BPS MMode page.<\/p>\n

\u2022 Dev Note:<\/strong><\/span>\u00a0ARQ OBDF current to WP 4.8.<\/p>\n

\u2022 Procedural:<\/strong><\/span>\u00a0MMode: Add additional condition to check if wp_mail() function exists. Prevents PHP Fatal error: Call to undefined function wp_mail() error.<\/p>\n

\u2022 BugFix:<\/strong><\/span>\u00a0Root htaccess file|Custom Code: Add R to 405 RewriteRule to REQUEST METHODS FILTERED code block. Automatically fixed on BPS upgrade in Root htaccess file and Root Custom Code.<\/p>\n

\u2022 Procedural:<\/strong>\u00a0<\/span>Fix nuisance php error in BPS Pro MU Tools must-use plugin. PHP Warning: in_array() expects parameter 2 to be array, boolean given in bps-pro-mu-tools.php on line 123.<\/p>\n

\u2022 Procedural:<\/strong><\/span>\u00a0All-in-One Event Calendar triggering BPS Pro Dashboard alerts on the All-in-One Event Calendar Add New Event page. Added Query String condition in BPS Pro Dashboard alerts to prevent BPS Pro Dashboard alerts from being displayed on the All-in-One Event Calendar Add New Event page.<\/p>\n

\u2022 Procedural:<\/strong><\/span>\u00a0BPS Pro MU Tools: Email alert help info updated with the new steps to disable BPS Pro MU Tools.<\/p>\n

\u2022 Improvement:<\/strong><\/span>\u00a0AutoRestore Automation: Prevent BPS Pro plugin deactivation email alerts from being sent when the BPS Pro plugin is being upgraded. On BPS Pro plugin upgrade update the MU Tools timestamp +5 minutes in the BPS Pro plugin upgrade function.<\/p>\n

\u2022 Procedural:<\/strong><\/span>\u00a0Pre-Installation Wizard: Delete old BPS free MU plugin files if they exist.<\/p>\n

\u2022 Procedural:<\/strong><\/span>\u00a0file exists check for all BPS log files. Fixes: PHP Warning: filesize(): stat failed for \/xxxxx\/public_html\/wp-content\/bps-backup\/logs\/http_error_log.txt, etc.<\/p>\n

\u2022 Improvement:<\/strong><\/span>\u00a0Do not display ARQ Off critical warning message on WP Updates page if ARQ Status is currently set to On (ARQ: Pending status).<\/p>\n

\u2022 Improvement:<\/strong><\/span>\u00a0Setup Wizard success message includes link to the AutoRestore Guide on Setup Wizard completion.<\/p>\n

\u2022 BugFix:<\/strong>\u00a0<\/span>BPS built-in Upload Zip install: ARQ Status condition incorrectly turning ARQ Off on BPS Pro upload zip installation.<\/p>\n

\u2022 ARQ FailSafe Improvement:<\/strong><\/span>\u00a0class.php master file copy and touch function created for BPS Pro Shiny Updates in the upgrader_post_install Filter during AJAX execution. Note: BPS Pro upload zip installations using the BPS Pro built-in Upload Zip installer and manual BPS Pro FTP upload installations still use the existing class.php master file copy and touch code.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

13.1: \u2022 BugFix:\u00a0Renamed the $woocommerce variable in login-security.php to something unique to avoid collisions\/conflicts with this common variable name being declared a Global. 13: \u2022 New Option & Feature:\u00a0Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup): This option is turned On by default and can be turned Off on the BPS Setup Wizard Options page. Setup Wizard AutoFix checks […]<\/p>\n","protected":false},"author":167,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[393],"tags":[647,648],"class_list":["post-5457","post","type-post","status-publish","format-standard","hentry","category-bulletproof-security-pro","tag-bps-pro-13","tag-bulletproof-security-pro-13"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts\/5457","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/users\/167"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/comments?post=5457"}],"version-history":[{"count":0,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts\/5457\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/media?parent=5457"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/categories?post=5457"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/tags?post=5457"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}