[Resolved] [Plugin: BulletProof Security] Using Bullet-proof security on Zeus server
my WP website is hosted on Zeus server, not Apache, can I still use Bullet Proof Security plugin? I believe Zeus server does not use htaccess file.
And/or what feature would still work?
Never been tested on Zeus, but i would like to get your feedback after you give it a whirl. This Wiki page on Zeus Web Server indicates that .htaccess files will work >>> http://en.wikipedia.org/wiki/Zeus_Web_Server
It appears that the Zeus Server must have mod_rewrite support enabled / configured otherwise you have to convert .htaccess rules into a Zeus rewrite script.
When Googling i came across some .htaccess limitations found by a Drupal user.
There are a few things to note. Zeus does not support [QSA] or REQUEST_FILENAME or allow reading of server environment variables (you can write to them though..). So much of the script is involved in breaking it down into the QUERY_STRING and REQUEST_FILENAME and then mapping that into the local filesystem path. After that, its really pretty easy. This also assumes your Drupal installation is in your documentroot (ie, / on your website). You can change line 24 (the /index.php? line) to include the directory your Drupal is in, if necessary. Anyway this has worked fine for me for many months, but I’d be curious to know if anyone out there has problems with it.
And from the ZWS site:
The htaccess module is responsible for the implementation of Dynamic Control Files. Dynamic Control Files are plain text files which are used to store additional server configuration details in the document tree.
Local Dynamic Configuration Files
Local dynamic configuration files can be placed in any directory within the document root. The server will apply the modifications defined in the file to all requests made to the directory and to any sub directory. This allows the behaviour of the server to be changed for whole segments of the document tree by editing a single file. On a request for the document /products/toys/index.html from a site with a docroot of /pages the server will search:
Let me know the end result. Thanks.
Ed, exactly, when we installed WordPress, we had to replace htaccess with the rewrite.script as per suggestion of the Drupal blog post, which I believe is this one?
Unfortunately, I am not technical enough to understand any of the other stuff you mention – so in short. will the plugin work, considering it seems to reference mostly htaccess file?
I am happy to be a guinea-pig for testing, but I have no idea what Dynamic Control Files are etc…
Are you willing to help?
hmm well if you have to use a rewrite.script then i guess you don’t have the option to just plop an .htaccess file into a directory. I have never converted an .htaccess file into a Zeus rewrite.script. I would take this on, but the info on this is really weak and sparse. The script itself looks like a hybrid cross between php and .htaccess and kind of makes sense to me, but not something i would be happy to tackle because the help info on this really sucks. If i come across some better info on doing this i will take it on, but so far what i am finding is only scraps of info here and there. I’ll let you know if i decide to take this on.
I appreciate you being straight-forward… so I guess my question is:
1- is there any features of this plugin that works in my case?
2- is the fact that an htaccess file is not used but it is a rewrite.script being used, does this make the site less vulnerable to attacks?
well i know very little about Zeus. The last version release was in 2010 so I wonder if this is something that is going to fade away completely? 2 years is a long time not to have some kind of ugrade.
Have you asked your Host what their plans are for the future?
I know very little about Zeus so i can’t really give you any kind of comparsion info at all. sorry.
I’ll look around and see what i can find out.
hmm well this looks more promising. Zeus was acquired by Riverbed not too long ago and RB’s product line is called StingRay so maybe Zeus will be revamped soon. This is a fairly new acquisition so new development would probably happen anytime soon, but it does hint at the possibility that Zeus or maybe a new StingRay Server would be developed at some point. still having a heck of a time finding a manual on the Zeus proprietary scripting language. argh.
End of Availability for Zeus products is Nov. 30, 2011
End of support for Zeus products is Nov. 30, 2014
but maybe they will do some sort of integration thing or maybe fork it.
names.co.uk is indeed my host…
ok no worries you see what you can find and then let me know if you need help / want to test…
Good luck and thanks !
Well if you can find a manual for the Zeus proprietary scripting language then that would give me a starting point. i am unable to find enough of the scripting language to be able to write it.
OMG too funny – i found a site that has more of the Zeus scripting language than i have found any place else. Unfortunately the website is hacked – even funnier it is using a Zeus Server. ha ha ha.
Any way i am throwing in the towel for several reasons.
The original company is gone.
The new company is stating end of life / end of support for Zeus
A Zeus manual containg the scripting language is not readily available.
etc etc etc.
Bottom line. I would be rebuilding a betamax script when everyone is looking towards blueray. LOL
I only got your original version of the email not the one where you say you throw the towel. Here is the documentation I found in the meantime:
Is this the same site you found?
Yep that was the old support site for Zeus and they are no longer supporting Zeus. The big picture is since Zeus was bought up by Riverbed then maybe some new development will occur, but RB is indicating and stating that at this point they are planning on ending Zeus development and support.
I was unable to find enough of the Zeus proprietary scripting language and since Zeus is being phased out there really isn’t any point in spending any time on this. 😉
My question then is, can I still use the plugin?
Specifically, is there anything I should be aware of that could actually screw everything up / make my site unavailable?
Are you able to point me to those parts of the plugin that are still applicable to my situation? Thanks 🙂
Yes you can still use BPS, but obviously you cannot activate BulletProof Modes since .htaccess files won’t work for your hosting. The plugin installation and activation itself does not apply any security for your site so you would only be able to view System Info and do a few other things. So you are not going to be getting any website security protection for your Zeus hosted site. Maybe someone has already created a secure rewrite.script that you can find and use. I looked for about 2 hours and found nothing. Sorry.
- The topic ‘[Resolved] [Plugin: BulletProof Security] Using Bullet-proof security on Zeus server’ is closed to new replies.