WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] General Questions (7 posts)

  1. Murray644
    Member
    Posted 1 year ago #

    I installed the latest version of BP and am running current WordPress on Genesis/Crystal theme.

    I am trying to do my best to secure my site as much as possible AND am totally new to WordPress so I need some security help. In addition to BP:

    1)Do I need to still add "Options -Indexes" to my htaccess file to not have my upload files public? Or is that taken care of?

    2) Should I still change my wp prefix tables from wp_ to something else?

    3)Does BP back up my theme-blog posts-images or do I need to do those separate?

    4) Does BP continuously monitor my site for intrusions and other suspicious activity or do I need another plug-in to scan files for suspicious activity?

    5) Does BP scan plug-ins?

    Thanks so much!

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    1. The Options -Indexes .htaccess code/directive prevents indexing of your website so that files are not displayed as a directory index.
    Source: http://httpd.apache.org/docs/2.2/mod/core.html#options

    2. I personally do not change my DB Table prefixes, but this is a personal preference choice so that is entirely up to you. ;)

    3. Yep you would need to install a backup plugin to backup your website files and WordPress DB.

    4. BPS is not a scanning plugin. If you would like a scanning plugin then Wordfence does this, but if your web host does not allow you to increase your memory limit to at least 128M then i do not recommend installing Wordfence because it does require a lot of memory to run smoothly.

    5. Nope BPS is not doing any general scanning at this point, but we are working on something new that I don't want to mention publicly...yet. ;)

    And in general BPS is a Firewall plugin at the base level - .htaccess code is processed first before any other code is processed on your website - php, etc.

  3. Murray644
    Member
    Posted 1 year ago #

    Thanks so much!

    I don't want my files displayed as a directory- so just to be clear I should add Options -Index correct? If so would I add it through the.htaccess on the plugin edit screen or through my hosting files?

    Also is it safe to run BPS and Better WP Security together? Do I need both?

  4. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Options -Indexes is already included the BPS .htaccess file. After you have clicked the AutoMagic buttons and activated BulletProof Modes then go to the BPS Edit/Uploads/Downloads page and click on the "Your Current Root htaccess File" tab and you will see your root .htaccess file for your website and if you scroll down in your root .htaccess file you will see Options -Indexes is already included in that file/your root .htaccess file. ;)

    If you are going to use WP Better Security with BPS then DO NOT enable Server Tweaks in WP Better Security. BPS is already doing this stuff and much, much more and enabling Server Tweaks in WP Better Security will actually cause your website to have a lot of problems. ;)

  5. Murray644
    Member
    Posted 1 year ago #

    Maybe I just wont use WP Better Security then! I'm just trying to use maximum security and there is so many choices I don't really know what I need, what is too much and what is not enough! I have been reading articles all day and they all list 15-20 plug-ins that are good for security but they all do different things! Headache!

    So now I am using BPS, changed my security keys, added Limit LogIn Attempts, and thinking about doing a file monitor? But if I am using BPS my files should not be able to be accessed or should I add just to be safe?

    I really appreciate your help!

  6. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Yep i would choose to also install a file monitor. ;) BPS is primarily a Firewall to protect your site against malicious scripts used to attack your website. And usually i stay away from recommending plugins, but this plugin is awesome for Brute Force Password Cracking protection and has other great login/password features and is a diamond in the rough - the Theme My Login plugin.

  7. Murray644
    Member
    Posted 1 year ago #

    Thanks so much!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.