If you are not seeing the lock and unlock buttons then your Server API type is DSO and not CGI. And that would also explain the copy and write errors.
If your Server API type is DSO then you will need to do some manual file and folder permission changes. You can check your Server API on the System Info tab in BPS and BPS Pro. If you see that your Server API is DSO then you will need to perform these installation steps for DSO. We are currently working on adding additional coding in BPS and BPS Pro for DSO configured Servers and will eventually release a BulletProof Security version that has full automation for DSO configured Servers.
AutoMagic is not working / not creating Master .htaccess files or you are unable to use the built in .htaccess file editor
Most likely the cause of this is your Server API is DSO and not CGI. You can check your Server API on the System Info tab page. If your Server API is DSO then some of the automated features in BPS will not work correctly because of the way ownerships permissions are handled on DSO configured Servers. You will unfortunately need to manually perform these steps below using FTP. At some point a future version of BPS will have coding that will compensate for this and the automation will also work for DSO configured Servers.
To Create the secure.htaccess file with AutoMagic – Change permissions of the secure.htaccess file to 777 – /wp-content/plugins/bulletproof-security/admin/htaccess/secure.htaccess.
To Activate BulletProof Mode for your Root folder – Change permissions of your Root htaccess file to 777 – /your-website-root-folder/.htaccess.
To Activate BulletProof Mode for you wp-admin folder – Change permissions of the wp-admin htaccess file to 777 – /your-website-root-folder/wp-admin/.htaccess.
Activate Deny All htaccess Folder Protection For The BPS Master htaccess Folder – Change permissions of /wp-content/plugins/bulletproof-security/admin/htaccess folder to 777.
Activate Deny All htaccess Folder Protection For The BPS Backup Folder – Change permissions of the /wp-content/bps-backup/htaccess file to 777.
Backup Your Currently Active .htaccess Files – Change /bps-backup folder permissions to 777 - /wp-content/bps-backup.
Backup Your BPS Master .htaccess Files – Change /master-backups folder permissions to 777 - /wp-content/bps-backup/master-backups.
Once you have completed these installation steps above then change the permissions of both htaccess files to 644 and change all of your folder permissions back to 755 or whatever you previously had for those folder permissions. Another option is just to manually download the secure.htaccess file, wpadmin-secure.htaccess file and the deny-all.htaccess file and then just manually use FTP to upload the files to where they should be.