WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] SSL (4 posts)

  1. thinkmedia
    Member
    Posted 1 year ago #

    Hi,

    Does your plugin accomodate SSL for admin or the whole site?

    Thanks
    Mitch

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Can you be more specific? If you are using SSL and have a valid SSL certificate then BPS Pro works fine on websites using SSL.

  3. thinkmedia
    Member
    Posted 1 year ago #

    Hi,

    I'm thinking more like Better WP Secure which has the ability to SSL the Admin area, a single page, or the whole site as part of the plugin.

    This is a security feature lacking in WP.
    Encrypting the admin area is a great addition to any security plan for WP. Encrypting the whole site, whether commerce or not, is a great idea however I understand not all plugins would function well in that environment.

    Thanks,

    Mitch

  4. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Uh yeah i think you better take a look at that plugin's "What others are saying" area before you decide to try that plugin. ;) You are forewarned that you should perform a backup and they are serious - so do not skip that part or you will be sorry if something goes horribly wrong. I have assisted several people in recovering their websites after using that plugin and it is a royal pain to fix everything so do the backup.

    I'm not saying that it is a bad plugin. I would be very apprehensive to use it on a Live Production website unless i had thoroughly tested it first because if you make a mistake it WILL destroy your website. I think what has happened with the development of that plugin is that they have tried to develop the plugin in too many directions at once and it appears they are spread a little too thin. Several versions in a row broke ALL websites, which usually indicates either rushing, carelessness or biting off more then you should be chewing at one time.

    True SSL requires a valid SSL certificate.
    Forced or Pseudo-SSL is not really as secure as true SSL because it is not really valid SSL. I can easily get around / hack Pseudo-SSL, where real SSL is not beatable.

    And i agree that, that is an interesting security approach using encryption, but not a website security direction i would ever choose because of the direction Zend is going with Zend Guard and the Encryption that they use and more importantly what is coming in the future of Zend. This is an inevitable train wreck that has not happened quite yet, but it will eventually.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic