Along this same line, my question is:
I did a fresh install of wordpress and added your plugin last after I configured my .htaccess file with several customizations. Apparently this was a bad idea because all my customizations disappeared. If this is the case, then this should be stated in the upfront language for this plugin installation: Warning, installing Bulletproof Security will remove any custom .htaccess changes you have made...
Why does your plugin (overwrite,strip out, or delete these)...I assume this is what is happening because I had three security related codes in mine that are no longer in the file. And on your screen the following statement is made about my .htaccess file:
# If you edit the line of code above you will see error messages on the BPS Security Status page
# WARNING!!! THE default.htaccess FILE DOES NOT PROTECT YOUR WEBSITE AGAINST HACKERS
# This is a standard generic htaccess file that does NOT provide any website security
# The DEFAULT .HTACCESS file should be used for testing and troubleshooting purposes only
First of all, if this is true, then why is it every security blog out there makes security recommendations that one should add to this file?
And if I am not to add code to this file, which of the .htaccess files should I add it to(admin, secure, or root?)...such as compression rewrite rules, etc.,
Here are the choices:
File Open and Write test successful! The secure.htaccess file is writable.
File Open and Write test successful! The default.htaccess file is writable.
File Open and Write test successful! The maintenance.htaccess file is writable.
File Open and Write test successful! The wpadmin-secure.htaccess file is writable.
File Open and Write test successful! Your currently active root .htaccess file is writable.
File Open and Write test successful! Your currently active wp-admin .htaccess file is writable.
Do I unlock the file prior to adding and then relock? It seems that I can write from your admin screen without doing unlocking.
Now, I added compression code the secure .htaccess file after being advised on the google pagespeed insights website that it is an urgent problem. After adding this code I go back and it tells me it is still a problem. If something in your plugin preventing this file from being read?
I would appreciate your help with this.