Plugin Author
AITpro
(@aitpro)
Just installing BPS does not change anything on your website or change anything with how WordPress functions. When you activate BulletProof Modes that is when a change is made to how your site functions. When you activate BulletProof Mode for your Root folder a secure .htaccess file is copied to the root folder for your website. When you activate BulletProof Mode for your wp-admin folder an .htaccess file is copied to your /wp-admin folder. You should always choose the AutoMagic buttons to create your Master .htaccess files first if you are not sure what your correct RewriteBase and RewriteRule are for your website. BPS will figure this out for you.
So if something goes wrong that you cannot correct by activating Default Mode and deleting the wp-admin .htaccess file from within BPS Security Modes then you will have to manually delete or edit these files /.htaccess and /wp-admin/.htaccess.
Another person has mentioned to me that a Simplescripts installation did not work correctly on their site. I am not 100% sure if BPS was to blame. What that person did to fix the problem was to put BPS in Default Mode and delete the /wp-admin/.htaccess file and reinstall WordPress and everything was fine. So it may have been that BPS was trying to protect the site from a detected threat or maybe SimpleScripts just failed on its own on the first installation? You can’t rely 100% on error messages. Unfortunately, sometimes a coding issue or problem is not actually detected and you will see a thumbs up or all good message when things are really not ok. ;(
Also additional things to check:
Do you have a custom permalink structure?
Are your site settings correct under WordPress Settings > General Settings?
Double check that your WordPress Address and Site Address are correct.
When i get a chance i will look at how SimpleScripts performs installations to see what possible conflicts there may be. Thanks.
Thread Starter
Leiif
(@leiif)
I got it all cleaned up. It was the .htaccess files. There were 3 of them. One was in the folder of the installation. This site is in a subdirectory of my main site. I am using fatcow for hosting. The second .htaccess file was in the root folder of the filemanager and the 3rd and sneakiest file was in the wordpress folder of the site that is installed in the root. I am a little afraid to reinstall because of the problems I had. Will this security plugin allow a second Author to post on the site with his regular login?
Plugin Author
AITpro
(@aitpro)
Cool! π
Yep BPS does not affect WordPress Roles so there will not be any issues there. Sorry you had a rough start. I will figure out what the heck is going on with SimpleScripts and since this is becoming more popular I will probably have to add some kind of coding check / warning about SimpleScripts to BPS. I have no idea what is needed yet since i have not looked at what SimpleScripts is doing exactly. Never had any issues with automated installers before so SS is doing something a little differently obviously.
Before you decide to use BPS take a look around at what other peeps are saying about BPS. BPS has a pretty solid track record overall. The bonus is that i am on top of support and when a new issue or problem occurs i will find the solution ASAP. I don’t leave peeps hanging. π
Thanks,
Ed
I am having a similar issue, and I am not using SimpleScripts. I am able to log into the dashboard but cannot access the plugins. Now through FTP I deleted the BPS Plugin folder, and the backup. I have tried replacing the .htaccess files but that hasn’t helped. I still have in the menu the BPS tab too. How do I get rid of it?
Nevermind, I noticed that the plugin folder showed up again, tried to delete it again and it seems to work.
Plugin Author
AITpro
(@aitpro)
It sounds like you have another plugin installed that is blocking things like deleting other plugins. Also when setting up BPS you need to use AutoMagic before activating all BulletProof Modes. ALL BulletProof Modes MUST be activated – you cannot just activate Root BulletProof Mode or just wp-admin BulletProof Mode by themselves. You MUST activate BOTH Root and wp-admin BulletProof Modes TOGETHER.
Hi AIT
i just installed your plugin however im unhappy about the feedback i have been reading about the plugin being vulnerable to attacks in brute force injections. Ive been reading alot of users experiences and it seems that hackers are targeting your plugin, which is why im concerned.
i quickly uninstalled and saved the htaccess files then restored my old ones. question is there any other code lingering else where? i need to get rid of it. What i will do though is choose the snippets thats most important. another question i have is why will the plugin not let me access admin and delete a plugin? how could i fix this? If you could help me understand your plugin better and some lines of code i would like to use it based on the outcome. i would also like to know the right permissions to set for each file.
regards
Plugin Author
AITpro
(@aitpro)
BPS is not targeted in general that i am aware of. BPS is not vulnerable to brute force injection attacks. A few people have mentioned this possibility or suspicion over the years, but i believe they were mistaken in diagnosing their suspicions. BPS has built-in self protection so a direct attack on BPS would be pointless to do – the hacker would be blocked instantly.
Please provide links to any information you found stating that BPS is vulnerable to direct attacks and i will try and explain why those folks suspicions are incorrect.
Now the AITpro website on the other hand is directly and specifically targeted by hackers. To date we have logged over 1,000,000+ unsuccessful hacking attempts directed at the AITpro website. Hackers do not directly target BPS Pro because as i stated above it has its own built-in protection that would stop a hacker instantly. Besides that there is nothing / no code in BPS that is exploitable and BPS and BPS Pro have built-in self protection so it would be pointless for a hacker to target BPS or BPS Pro.
BPS Support page to answer basic questions and troubleshooting steps >>> http://www.ait-pro.com/aitpro-blog/297/bulletproof-security-plugin-support/bulletproof-security-wordpress-plugin-support/
@wp Moderators. Please close this old thread that has been resolved many months ago and continues to have new comments added to it. Thank you
