For WP there is many plug-in's that do (or claim to do) the same thing. Over the past couple of month I developed some kind of a strategy to select candidates for testing. This sounds off-topick, but I am mentioning it, because one key element of this strategy is the developer's support. And from what I can see in this forum, Ed's support is really exceptional and that's why I feel confident to try BPS - although some of the comments are rather scary.
But before to go ahead, I'd appreciate if you could confirm my understanding:
1) Once the proper .htaccess files are created BPS does actually nothing, right? That's hypothetic, but I could uninstall the plug-in itself and my blog would still be functional AND protected.
2) If anything goes wrong, all I have to do is to replace the .htaccess files that BPS created with the ones I am using now and everything would be back to what it was before. BPS does not change any other files or settings, right?
3) The secure.htaccess file contains the directive "Deny from all" and "Allow from XX.XX.XX.XX", the latter one being my IP address. If XX.XX.XX.XX does not match my IP address, I'll be logged out. If so, how can I determine 'my range'? I don't have a static address...