WordPress.org

.47.1

• Security Patch - This is a patch version of BPS
• An XSS vulnerability was found in BPS by SiNA Rabbani at packetstormsecurity.org
• Sincere thanks to SiNA Rabbani for discovering this XSS vulnerability
• Sincere thanks to Jon and Mark from WordPress.org as well for assistance

.47

• View the Whats New page in BPS for the latest changes to BPS
• No changes have been made to either the Root or wp-admin .htaccess files
• i18n Language Translation Coding Added
• Language Translation Tutorial link added to the Whats New page in BPS
• Coding improvements / enhancements
• Enjoy!

.46.9

• Significant changes to both the Root and wp-admin .htaccess files Create new Master .htaccess files with AutoMagic and activate all BulletProof Modes.
• NEW Custom Code feature added to BPS
• Coding improvements / enhancements
• Enjoy!

.46.8

• New TimThumb .htaccess code allows internal image requests but Forbids RFI hacking attempts
• BPS is no longer Forbidding TimThumb thumbnailer scripts by default
• DNS Name Server check on System Info page
• Coding improvements / enhancements
• WP Rating and Download Stats added to BPS
• CSS nick nacks
• Enjoy!

.46.7

• New jQuery Dialog Read Me Help buttons have been created to replace the old Hover ToolTips
• WP_CONTENT_DIR replaces ABSPATH path for sites that have moved wp-content to another location
• .htaccess Return Carriage filter modified
• .htaccess Slash-Jack filter modified
• Several new pop up confirm messages have been added throughout BPS for forms that perform critical operations
• Several new SAPI types have been added to CGI and DSO checking
• AutoMagic for Network / MU sub domain sites is no longer writing the wp-admin forbid coding
• Link to Sucuri Malware Website Scanner added
• BPS is Forbidding Thumbnailer Scripts by Default
• To enable Thumbnailer Scritps see root .htaccess file
• Enjoy!

.46.6

• Cookie filter removed from BPS QUERY STRING EXPLOITS
• Explicit "exec" and "execute" filter removed from BPS QUERY STRING EXPLOITS
• non-GPL Javascript Countdown Timer removed
• BPS is Forbidding Thumbnailer Scripts by Default
• To enable Thumbnailer Scritps see root .htaccess file
• Enjoy!

.46.5

• Massive amount of new security filters
• Complete restructuring of how .htaccess Rewriting is processed to work with WP
• Network / MU AutoMagic buttons added
• Network / MU code added for Super Admins - display BPS menus to Super Admins only
• New System Info information added
• File permission checking and recommendations for CGI or DSO - SAPI detection
• File Lock / Unlock buttons - Read Only root .htaccess - CGI / DSO SAPI detection
• Help info updated
• Updated Whats New
• Lots of other stuff
• Enjoy!

.46.4

• Network / MU detect with additional help info
• chmod 0644 added to copy function for default, secure and wp-admin htaccess files
• Fixed CSS display issues for WP versions 3.2+
• Replaced PP donate link with BPS Pro Upgrade link
• Replaced BPS Pro Modules page with BPS Pro Features page
• Security Status print output instead of var_dump
• Help info updated
• Other CSS changes
• Updated Whats New

.46.3

• BPS Security Top Level Menu added
• Whats New page was added - Read the new Whats New page for details about the latest changes to BPS
• BPS Master htaccess file changes
• Maintenance Mode page changes - Form settings saved to the WP DB
• HUD, W3TC and WPSC - Heads Up Display checks / messages changes / additions
• wp-admin htaccess file removal added
• My Notes page was added

.46.2

• Additional new .htaccess security coding and modifications added to the BPS master .htaccess files
• New plugin conflict permanent fixes added to the secure.htaccess Master file
• BulletProof Security is now fully AutoMagic and still offers full manual control

.46.1

• Additional new .htaccess coding and modifications added to the BPS master .htaccess files
• New plugin conflict permanent fixes added to the secure.htaccess Master file
• Maintenance Mode is AutoMagic - Completed the Maintenance Mode page ...finally
• Create the Maintenance Mode Under Maintenance page from within the Dashboard
• Preview your Website Under Maintenance page from within the Dashboard
• New System Information Displayed - WordPress Installation Folder, WordPress Installation Type and
• WP Permalink Structure Checks and displayed info
• Heads Up Display (HUD) created
• Improved Error and Warning messages
• Major Core code improvements
• nick nack core code fixes and improvements
• New Help and FAQ links - new help pages created on AIT-pro

.46

• New File Uploader code written - no longer using Uploadify code
• New File Downloader code written - no longer using Zubrag code
• File Uploader is AutoMagic - no setup required
• File Downloader is one-click - no setup required
• Major overhaul of the core BPS coding
• !!! Special Thanks to Jon Cave!!!
• for finding a CSRF security vulnerability in BPS .45.9
• that has now been eliminated in BPS .46 with new coding
• And also excellent coding advice to improve BPS even more
• and making the entire WordPress Community a safer and better place
• New permanent plugin conflict fixes added to master .htaccess files

.45.9

• !!!Critical Update!!!
• Security Patch Release

.45.8

• Permanent Backup and Restore options added - permanent online backup and restore
• Permanent Backup and Restore for all .htaccess files
• Permanent Backup and Restore for File Uploader and File Downloader setup settings
• Additional new .htaccess coding and modifications added to the BPS master .htaccess files
• New plugin conflict permanent fixes added to the secure.htaccess Master file
• WordPress readme.html and /wp-admin/install.php are now protected by BulletProof Security
• Improved Success / Error messaging - more detailed success / error messages displayed
• New Help and FAQ links added - New detailed Help and Info pages created

.45.7

• Additional .htaccess coding filters added to the BPS master .htaccess files
• File Editor added - Edit the BPS .htaccess files from within the WP Dashboard
• File Uploader added - Upload files from within the WP Dashboard
• File Downloader added - Download files from within the WP Dashboard
• Deny All BulletProof Security Modes added for the /htaccess folder and /backup folder
• Nick Nacks, etc.

.45.6

• !!!CRITICAL UPDATE!!!
• New SQL Injection hacking method blocked - New code added to master .htaccess files
• This update protects against this latest new SQL Injection hacking method
• Installing BPS does not activate the new BPS .45.6 .htaccess files
• After installation please activate the BPS .45.6 BulletProof modes
• Please download your current htaccess files first before activating BPS .45.6 Security Modes

.45.5

• The SVN DB problem for BPS was fixed by some awesome person at WP!
• WP ROCKS!!! BPS .45.5 will install successfully now. ;)
• Bug fixes: W3 Total Cache, Simple Facebook Connect, Ozh' Admin Drop Down Menu, ComicPress
• Permanent coding fixes incorporated into master htaccess files to replace workarounds
• Additional mission critical PHP Info checks added
• Php.ini and php5.ini files are now protected by BulletProof Security
• Updated BPS help files - AITpro.com site help files pending
• nick nacks here and there

.45.4

• SVN DB Corruption - unable to use this version - will not download - will not install
• Bug fixes: W3 Total Cache, Simple Facebook Connect, Ozh' Admin Drop Down Menu, ComicPress
• Permanent coding fixes incorporated into master htaccess files to replace workarounds
• Additional mission critical PHP Info checks added
• Php.ini and php5.ini files are now protected by BulletProof Security
• Updated BPS help files - AITpro.com site help files pending
• nick nacks here and there

.45.3

• More Query String Exploit Filters added to BPS Master .htaccess files
• Options -Indexes added to BPS Master .htaccess files at user requests
• Added IP address display to maintenance mode javascript countdown timer display
• No need to click Update Permalinks anymore for Maintenance Mode - RewriteRule override added

.45.2

• New Apache Directives for PHP5 added to the .htaccess master files
• Maintenance mode master .htaccess code modified - RewriteCond to load new background png
• Maintenance Mode log in / log out issue fixed - Log in / out of your Dashboard in Maintenance Mode
• Website Under Maintenance coding modifcations and visual design enhancements
• Background Graphic for Website Under Maintenance page created and added in the installation
• Minor cosmetic nicks nacks fixed here and there
• Help files and hover tool tips help info updated
• Tested on WordPress 3.1-alpha - no issues or problems

.45.1

• Bug fix for version check of BPS .htaccess master file
• Bug fix for wp-config.php check based on BPS .htaccess version
• Fix - BPS plugin uninstall issue fixed
• Fix - BPS Widget configuration issue fixed
• Completely recoded with WordPress 3.0 coding enhancements and improvements
• Completely new sophisticated visual design and look
• jQuery UI Tabbed Menu with CSS Hover Menu Buttons - see screenshot
• New Messaging Display System added
• ,htaccess code added to master files to .htaccess protect wp-config.php
• WordPress DB error on / off checking and verification status display
• WordPress version is not displayed - remove_action('wp_head', 'wp_generator');
• WP generator meta tag removed - remove_action('wp_head', 'wp_generator');
• Administrator username “admin” check
• System information page displays PHP, MySQL, Server Info, etc. - see screenshot
• Security Status page added - see screenshot
• Help & FAQ page added
• BPS Pro Modules page added - BPS Pro Modules are installed separately
• New BPS .45.1 Guide created @ AIT-pro.com

.45

• Completely recoded with WordPress 3.0 coding enhancements and improvements
• Completely new sophisticated visual design and look
• jQuery UI Tabbed Menu with CSS Hover Menu Buttons - see screenshot
• New Messaging Display System added
• ,htaccess code added to master files to .htaccess protect wp-config.php
• WordPress DB error on / off checking and verification status display
• WordPress version is not displayed - remove_action('wp_head', 'wp_generator');
• WP generator meta tag removed - remove_action('wp_head', 'wp_generator');
• Administrator username “admin” check
• System information page displays PHP, MySQL, Server Info, etc. - see screenshot
• Security Status page added - see screenshot
• Help & FAQ page added
• BPS Pro Modules page added - BPS Pro Modules are installed separately
• New BPS .45.1 Guide created @ AIT-pro.com

.44.1

• If you are upgrading from .44 to .44.1 download the /htaccess folder first
• before upgrading and upload it back to the back to the BulletProof plugin folder
• after you have upgraded to .44.1.
• Added Backup form function - backs up users original existing htaccess files
• Added Restore form function - restores users original existing htaccess files
• Backup folder added for backed up original htaccess files
• Removed links from all ToolTips except for the top Read Me! hover ToolTip

.44

• First version release of BulletProof Security
• Extensive Read Me! help hover ToolTips added to the BulletProof plugin page
• Visual and coding Enhancements made to the BulletProof Maintenance page
• Function check_perm redeclare conflict fixed