Forums

WordPress › Support » Plugins and Hacks

BulletProof Security
Unsolicited Positive Review for Bullet Proof Security plugin (11 posts)

  1. habooble
    Member
    Posted 2 years ago #

    I've been working exclusively with WordPress for over 5 years and I just wanted to give a thumbs up for the new Bullet Proof Security plugin.

    As someone who builds WP sites for clients and then trains them and turns the management over to them, Bullet Proof Security is extremely user friendly and causes me no headaches with lots of questions and "messages" that don't ever resolve themselves without me having to stop what I'm doing and fool around in FTP moving .htaccess files around and such.

    There are several good security plugins out there, some do more and some do less. This one just about does it all. I'm really looking forward to the Pro version that should be coming out soon.

    If you have clients, especially the ones that call you every time Google puts out a press release, or they get an "update" message -- I would recommend Bullet Proof security.

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. Emilio31
    Member
    Posted 2 years ago #

    @habooble : I agree with you entirely. Very user-friendly security plug-in. Also, the author answers kindly to the users' questions on his site. And the plug-in is updated regularly. Thumbs up !

  3. Wudman
    Member
    Posted 2 years ago #

    If I had known about this 12 hours ago, I might not have had to spend 5 of them repairing some damage from what appears to be a wanna-be hacker!
    Easy to use, engaged it and used it to stuff some .htaccess in places they should have been.
    You should still do work on those default database names!
    Great job, checking on the Pro version...

  4. AITpro
    Member
    Plugin Author
    Posted 2 years ago #

    Got to love it when people are saying nice things about your work. ;) Thanks guys for the positive feedback. Always very much appreciated.

    @Wudman I've debated from day 1 whether or not to add a WP DB Table prefix renaming feature and I always come back to my original rationale for not adding it - If they can't break in then does it matter if they can see the target? I am using the default wp table prefixes and my sites get attacked every day all day and so far so good. ;) Actually one of my sites was hacked not too long ago. I was doing some backend testing work on that site and I accidentally disabled BPS. Within an hour base64 code wss injected throughout that entire site. I was extremely lucky that it was not a hard core attack. Cost me a little bit of time to lock the site down and remove the injected code. Guess what went right to the top of my list of BPS to do things? Add a giant warning message in RED stating something like "WARNING!!! BONEHEAD ERROR!!! You have disabled BPS and all hell is going to break loose soon unless you reactivate BPS Security Mode." LOL

    Thanks again for the postive feedback guys!

    Best Regards,
    Ed

  5. Matt Fraser
    Member
    Posted 2 years ago #

    Ed,

    Thank you so much for creating this plugin.

    I've been wondering how secure my wordpress installation was and was doing some research on creating the rules with ht access files, now I can spend my time doing more marketing as you've done the work for me.

    Thanks a bunch.

    Matt

  6. AITpro
    Member
    Plugin Author
    Posted 2 years ago #

    Yep you hit the nail right on the head. BulletProof did not come from an idea to write a security plugin for WordPress. I needed a website security solution for a client's website that was being hacked on a regular basis. It took me a while to put it together as my background knowledge of Apache website security was very limited at that time. I spent probably 300 hours researching everything i could about .htaccess files and anything else relating to website security. So I educated myself and became fairly knowlegeable in this arena. I have an IT background so it came fairly naturally to me - 14+ years of corporate level Network Administration - MCSE certified. ;)

    I wonder how many other plugin authors did this exact same thing? They created a solution that they needed and then said hey I bet other WP folks could use this too. ;) This is the thing i love most about WordPress - There is a very large amount of honest to goodness sharing going on.

    Glad I could offer something that helps others and does exactly what you said - frees people to focus on their website work not the website itself. ;) Thanks.

    Ed

  7. Matt Fraser
    Member
    Posted 2 years ago #

    Ed,

    Have you ever considered building this functionality/feature into the plugin:

    http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection/12254?qh=YToxOntpOjA7czo3OiJqc2VjdXJlIjt9

    This a joomla plugin that products the login page with a key/password.

    Personally I think this would be great but I'm not expert.

    So in other words, if someone were to go to my site http://www.mysite.com/wp-login.php they would need a password/key to see that page (which is what that joomla plugin does) if they don't know the key they are simply redirected to the home page.

    What do you think?

    Matt

  8. AITpro
    Member
    Plugin Author
    Posted 2 years ago #

    Hi Matt,

    I believe there are a couple of WordPress plugins that already do that. I can't recall the names of those plugins right now, but I know they already exist. If I ever find the time the 2 most needed features for the next version of BPS are .htaccess file editing capability from within the Dashboard and upload and download capability from within the Dashboard. If only I could clone myself. LOL

    Thanks,
    Ed

  9. Matt Fraser
    Member
    Posted 2 years ago #

    Ed,

    I found this one here that does it:

    http://wordpress.org/extend/plugins/stealth-login/

    But it has not been updated for over 2 years and is not compatible with WordPress 3.0.1

    Would love to see this incorporated into bullet proof security.

    Matt

  10. Wudman
    Member
    Posted 2 years ago #

    What can I say, Ed rules. BPS made my first "top 6" WP plugins in a blog. Hope it helps.

  11. AITpro
    Member
    Plugin Author
    Posted 2 years ago #

    You're too kind. SWEET! on being grouped at the top of any list! I'll take whatever I can get. LOL Every bit of help getting exposure for BPS is very much appreciated. :) I wasn't much of a PHP coder a year ago, but BPS .45.7 has got some new coding work that I am actually pretty proud of. I wouldn't call myself a PHP coding expert by a long shot, but I'm really starting to get a solid handle on PHP. Still over coding by not combining code like the PHP pros do it, but I would rather have solid code then make a mistake by trying to get too fancy. So for now taking the long way around. ha ha ha. Thank god I decided to do one more round of testing for BPS .45.7 before releasing it. I am testing on an aliased domain and the new File Uploader and File Downloader are trying to access the true root domain. Not a big deal - just means that I can't use some $_SERVER syntax and will have to work in an ABSPATH function so the real site paths are seen. Otherwise everything else is working perfectly. ;) Should have BPS .45.7 released by mid day tomorrow at the latest. Yeah! Thanks for the Kudos and adding me to the "top 6" list! :)

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags