WordPress Website Security Protection: Firewall Security, Login Security, Database Security... Effective, Reliable, Easy to use...
The answer is very simple - .htaccess files (distributed Server configuration files) are processed by your server first before any other code on your website. In other words, hackers malicious scripts are stopped by BulletProof Security .htaccess files/Firewalls before those scripts even have a chance to reach the php code in WordPress.
WordPress is already very secure, but every website, no matter what type of platform it is built on should have additional website security measures in place as a standard.
Website performance is just as important as website security. BulletProof Security is website performance optimized with website owners best interests at heart. BulletProof Security does NOT abuse the WordPress Database by making excessive MySQL Queries. BulletProof Security does NOT store excessive & non-essential data in your WordPress Database. BulletProof Security does NOT use excessive Server Memory & Resources. BulletProof Security does NOT use any gimmicks or bells & whistles that will cost website owners their website performance. The benefits of having website security protection are negated if your website is performing poorly/slowly, continually experiencing out of memory errors/running out of memory, database size growing exponentially with non-essential stored data, etc. BulletProof Security can actually speed up & improve your website performance by using the Speed Boost Cache Bonus Code. See the BulletProof Security Bonus Custom Code help section below.
WordPress Website Security Protection: BulletProof Security protects your website against 100,000's of different hacking attempts/attacks. The .htaccess security filters in BulletProof Security are designed to match malicious and nuisance attack patterns. The most important benefits of using a finite pattern matching method vs infinite banning/blocking individual IP's, Host's, Referer's, etc. is that your website performance and Server resources are not negatively impacted. In general, BulletProof Security takes an "Action Approach" to website security. Hacker X, Spammer X, Bad Bot X does bad Action Y = Forbidden/Blocked. An "Action Approach" is a much more effective and performance optimized approach to website security since the bad action itself is being blocked/forbidden instead of attempting to block an individual hacker/spammer that performed a bad action. Example: BulletProof Security blocks all SQL Injection hacking attempts/attacks no matter who performed that SQL Injection hacking attempt/attack. See the BulletProof Security Login Security & Monitoring Features section for additional features and options. See the BulletProof Security htaccess Core (Firewalls, etc.) Features section for additional features and options.
The HPF Cron checks the WordPress /plugins/ folder for hidden or empty plugin folders and any non-standard WP files or altered files in the /plugins/ folder. If a hidden or empty plugin folder or non-standard WP file is found in the WordPress /plugins/ folder, BPS displays a Dashboard Alert and sends an Email Alert. A hidden or empty plugin folder is a plugin the exists in your /plugins/ folder, but is not displayed on the WordPress Plugins page. A hidden plugin can be used as a hacker backdoor to gain access to your WP Dashboard, hosting account, create user accounts, completely control your website and hosting account, etc. A non-standard WP file or modified/altered file in your /plugins/ folder can also do all of the things a hidden plugin can do.
Login Security & Login Monitoring: Log All User Account Logins or Log Only User Account Lockouts (see Screenshot). Brute Force Login Security Protection. Email alerting options allow you to choose 5 different email alerting options: Choose to have email alerts sent when a User Account is locked out, An Administrator Logs in, An Administrator Logs in and when a User Account is locked out, Any User logs in and when a User Account is locked out or Do Not Send Email Alerts. Choose Standard WP Error Messages or Generic Error Messages for Login Security Stealth Mode. Choose to Enable or Disable Login Password Reset capability for Login Security Stealth Mode. See the BulletProof Security Login Security & Monitoring Features section for additional features and options.
Change the WordPress Authentication Cookie Expiration time. The default WordPress Authentication Cookie Expiration time is 2880 Minutes/2 Days and 20160 Minutes/14 Days if a User checks the Remember Me checkbox when they login. You can change the WordPress Authentication Cookie Expiration time to whatever expiration time setting that you choose. Option Settings: Turn On|Off, Auth Cookie Expiration Time in Minutes, Remember Me Auth Cookie Expiration Time in Minutes, User Account Exceptions, Enable|Disable Auth Cookie Expiration Time For These User Roles: Administrator, Editor, Author, Contributor, Subscriber. See the BulletProof Security Auth Cookie Expiration (ACE) Features section for additional features and options info.
DB Backup: Create manual and scheduled Backup Jobs. Selective database table backup and full database backup. Scheduled backup job options: Hourly, Daily, Weekly and Monthly. Send scheduled backup zip file via email or just send email only, automatically delete old backup files after a certain period of time, etc., etc., etc. All DB Backup options/settings and default setup is done automatically during upgrades and new installations. See the BulletProof Security DB Backup|Database Backup Features section for additional features and options.
Display a website under maintenance page with Countdown Timer to website visitors while the website displays and functions normally for you. When the Countdown Timer has completed (reached 0) an email reminder is sent to you to remind you that the Countdown Timer has completed. The new BPS Maintenance Mode design includes 20 background images, 15 center images (text box image), allows you to embed image files and YouTube videos, FrontEnd Maintenance Mode, BackEnd Maintenance Mode or both FrontEnd & BackEnd Maintenance Modes and most importantly is fast and simple to use so that you can switch in and out of Maintenance mode quickly and easily. FrontEnd Maintenance mode is primarily designed for development/maintenance purposes and BackEnd Maintenance Mode is technically a security feature since enabling BackEnd Maintenance Mode allows you to deny access to the /wp-admin folder/WP Dashboard by IP address. See the BulletProof Security FrontEnd|BackEnd Maintenance Mode Features section for additional features and options.
Requires: 3.7 or higher
Compatible up to: 4.6.1
Last Updated: 2 months ago
Active Installs: 100,000+
11 of 13 support threads in the last two months have been marked resolved.
Got something to say? Need help?