"I have not yet begun to fight!"

Copyright Disclaimer Under Section 107 of the Copyright Act 1976?Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use. Unless you are in this field of investigative journalism, especially covering extremely sensitive subjects and potentially dangerous subjects as well, you simply cannot understand the complexities and difficulties involved with this work that I face every day.

Tuesday, September 17, 2013

BulletProof Security

WordPress Website Security Protection. Website security protection against: XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking...

Download Version .49.1

htaccess Core Website Security (Firewalls)

WordPress Website Security Protection: BulletProof Security protects your WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection... hacking attempts. One-click .htaccess WordPress security protection. Protects wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. Security Logging. HTTP Error Logging. Login Security/Login Monitoring: Log All Account Logins or Log Only Account Lockouts. Website Maintenance Mode (HTTP 503). Additional website security checks: DB errors off, file and folder permissions check... System Info: PHP, MySQL, OS, Server, Memory Usage, IP, SAPI, DNS, Max Upload... Built-in .htaccess file Editor.

Login Security & Monitoring Website Security

Login Security & Login Monitoring: Log All User Account Logins or Log Only User Account Lockouts (see Screenshot). Brute Force Login Security Protection. Email alerting options allow you to choose 5 different email alerting options: Choose to have email alerts sent when a User Account is locked out, An Administrator Logs in, An Administrator Logs in and when a User Account is locked out, Any User logs in and when a User Account is locked out or Do Not Send Email Alerts. Choose Standard WP Error Messages or Generic Error Messages for Login Security Stealth Mode. Choose to Enable or Disable Login Password Reset capability for Login Security Stealth Mode. See BulletProof Security Login Security & Monitoring Features for additional features and options.

Why is .htaccess Website Security So Much Better Than Any Other Type of Website Security?

The answer is very simple - .htaccess files (distributed configuration files) are processed first before any other code on your website. In other words, hackers malicious scripts are stopped by BulletProof Security .htaccess files/Firewalls before those scripts even have a chance to reach the php coding in WordPress. BulletProof Security uses .htaccess website security files, which are specific to Apache Linux Servers. Please read the FAQ page for Server compatibility questions.

BulletProof Security Fast and Simple with No Manual Configuration Required

The BulletProof Security WordPress Security plugin is designed to be a fast, simple and one click security plugin to add .htaccess website security protection for your WordPress website. Activate .htaccess website security and .htaccess website under maintenance modes from within your WordPress Dashboard - no FTP required. The BulletProof Security WordPress plugin is a one click security solution that creates, copies, renames, moves or writes to the provided BulletProof Security .htaccess master files. BulletProof Security protects both your Root website folder and wp-admin folder with .htaccess website security protection, as well as providing additional website security protection.
BulletProof Security allows you to add .htaccess website security protection from within the WordPress Dashboard so that you do not have to access your website via FTP or your Web Host Control Panel in order to add website security protection for your WordPress site. BulletProof Security Modes: Root .htaccess security protection, wp-admin .htaccess security protection, Deny All .htaccess self protection, WordPress default .htaccess mode and .htaccess Maintenance Mode (503 Website Under Maintenance). In BulletProof Security Mode your WordPress website is protected from XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts.

BulletProof Security Maintenance Mode

BulletProof Security Maintenance Mode allows you to create your custom website under maintenance page within BulletProof Security and activate Maintenance Mode to put your website in maintenance mode. Maintenance Mode allows website developers or website owners to access and work on a website while a 503 Website Under Maintenance page is displayed to all other visitors to the website. Allow access to your WordPress Dashboard for only yourself or add additional IP addresses to allow mulitple IP addresses access to your WP Dashboard while in maintenance mode.

BulletProof Security Additional Website Security Protection

WordPress is already very secure, but every website, no matter what type of platform it is built on should have additional website security measures in place as a standard. BulletProof Security provides that additional website security protection that every website should have.

Translations

Lithuanian by Vincent G from Host1Free.com
Filipino/Tagalog by pointen.dk
Russian by EyeFinity
If you would like to translate the BPS plugin to your language see this BPS Plugin Language Translation Tutorial. Please include a link to your website so that we can add it here. Thank you.
Tip: If you use the Google Chrome Browser you can right mouse click in plugin pages and then click on Translate to... To translate plugin text into your Language.

BulletProof Security Bonus Custom Code

BulletProof Security htaccess Core (Firewalls, etc.) Features

Root Folder BulletProof Mode/Firewall
wp-admin Folder BulletProof Mode/Firewall
Built-in .htaccess File Editor & File Manager
Built-in .htaccess Backup and Restore
One-click .htaccess website security protection from within the WP Dashboard
.htaccess security protection against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection.......... hacking attempts
TimThumb Vulnerability/Exploit .htaccess security protection (Firewall)
.htaccess Lock / Unlock (404 Read-Only)
.htaccess AutoLock On or Off
Security / HTTP Error Logging - Log 400, 403 and 404 Errors
Security Log: Add / Remove User Agents/Bots to Ignore/Not Log or Allow/Log
Security Log: Turn On / Turn Off / Delete Log
Automatic .htaccess file updating on BPS upgrade installation
New .htaccess security filters automatically added during upgrade
WP Dashboard Alerts / WP Dashboard Dismiss Notices
Anti Comment Spam .htaccess code - works together with Akismet or other Spam plugins to keep Comment Spam at a minimum
Anti Comment Spambot .htaccess code - Forbid Empty Referrer Spambots
Custom Code feature: Add, Edit, Modify, Save additional Bonus or personal custom .htaccess code
WordPress readme.html and /wp-admin/install.php protected with .htaccess security protection
wp-config.php and bb-config.php files protected with .htaccess security protection
php.ini and php5.ini files protected with .htaccess security protection
WordPress database errors turned off - Verification and function insurance
WordPress version is not displayed / not shown - WordPress version is removed
WP Generator Meta Tag filtered - not displayed / not shown
WP DB default admin username / account check
System Info: PHP, MySQL, OS, Server, Memory Usage, IP, SAPI, WP Filesystem API Method, DNS, Max Upload, Zend Engine Version, Zend Guard/Optimizer, ionCube Loader, Suhosin, APC, eAccelerator, XCache, Varnish, cURL, Memcache and Memcached
Security Status Page - Displays website security status information
File and Folder Permission Checking - CGI / DSO - SAPI check / display
Help & FAQ page - links to BPS Guide and other detailed Help & Info pages
Extensive Read Me! jQuery Dialog Help buttons throughout the BulletProof Security plugin pages
Website Developer Maintenance Mode (503 website open to Developer / Site Owner ONLY)
Log in / out of your website while in Maintenance Mode
Customizable 503 Website Under Maintenance page
HUD Success / Error message display
i18n Language Translation coding

BulletProof Security Login Security & Monitoring Features

Brute Force Login Security Protection
Log All User Account Logins or Log Only User Account Lockouts
Logged DB Fields: User ID, Username, Display Name, Email, Role, Login Time, Lockout Expires, IP Address, Hostname, Request URI
Email Alerting Options: User Account is locked out, An Administrator Logs in, An Administrator Logs in and when a User Account is locked out, Any User logs in when a User Account is locked out, Do Not Send Email Alerts
Login Security Additional Options: Max Login Attempts, Automatic Lockout Time, Manual Lockout Time, Max DB Rows To Show, Turn On/Turn Off
Login Security Stealth Mode: Standard WP Error Messages or Generic Error Messages.
Login Security Stealth Mode: Enable or Disable Login Password Reset capability and links.
Dynamic DB Form: Lock, Unlock, Delete
Enhanced Search: Allows you to search all of the Login Security database rows/Fields
Stand-alone Unlock Form bpsunlock.php: Unlock User Accounts without having to be logged into the WP Dashboard
Please click the Login Security Blue Read Me help button for full descriptions of all features and options.

Tags: 503, attack, authenticate, authentication, base64, block, blocked, brute force, bulletproof, chmod, code, CRLF, CSRF, encode, error log, firewall, hack, hackers, htaccess, HTTP log, injection, lock, log, logging, login, login alerts, login security, maintenance, permissions, plugin, prevent, prevention, privacy, private, protection, rfi, script, secure, security, security log, SQL Injection, users, vulnerability, website security, wordpress security, xss