Version Description
Download this release
Release Info
| Developer | AITpro |
| Plugin |  BulletProof Security |
| Version | 3.4 |
| Comparing to | |
| See all releases | |
Code changes from version 3.3 to 3.4
- admin/htaccess/secure.htaccess +1 -1
- admin/htaccess/wpadmin-secure.htaccess +1 -1
- bulletproof-security.php +12 -5
- includes/mscan-ajax-functions.php +8 -4
- readme.txt +2 -2
admin/htaccess/secure.htaccess
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
# BULLETPROOF 3.
|
| 2 |
|
| 3 |
# PHP/PHP.INI HANDLER/CACHE CODE
|
| 4 |
# Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.
|
| 1 |
+
# BULLETPROOF 3.4 SECURE .HTACCESS
|
| 2 |
|
| 3 |
# PHP/PHP.INI HANDLER/CACHE CODE
|
| 4 |
# Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.
|
admin/htaccess/wpadmin-secure.htaccess
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
# BULLETPROOF 3.
|
| 2 |
|
| 3 |
# DO NOT ADD URL REWRITING IN THIS FILE OR WORDPRESS WILL BREAK
|
| 4 |
# RewriteRule ^(.*)$ - [F] works in /wp-admin without breaking WordPress
|
| 1 |
+
# BULLETPROOF 3.4 WP-ADMIN SECURE .HTACCESS
|
| 2 |
|
| 3 |
# DO NOT ADD URL REWRITING IN THIS FILE OR WORDPRESS WILL BREAK
|
| 4 |
# RewriteRule ^(.*)$ - [F] works in /wp-admin without breaking WordPress
|
bulletproof-security.php
CHANGED
|
@@ -5,7 +5,7 @@ Plugin URI: https://forum.ait-pro.com/read-me-first/
|
|
| 5 |
Text Domain: bulletproof-security
|
| 6 |
Domain Path: /languages/
|
| 7 |
Description: <strong>Feature Highlights:</strong> Setup Wizard • MScan Malware Scanner • .htaccess Website Security Protection (Firewalls) • Security Logging|HTTP Error Logging • DB Backup • DB Table Prefix Changer • Login Security & Monitoring • JTC-Lite Login Form Bot Lockout Protection • Idle Session Logout (ISL) • Auth Cookie Expiration (ACE) • UI Theme Skin Changer • System Info: Extensive System, Server and Security Status Information • FrontEnd|BackEnd Maintenance Mode
|
| 8 |
-
Version: 3.
|
| 9 |
Author: AITpro Website Security
|
| 10 |
Author URI: https://forum.ait-pro.com/read-me-first/
|
| 11 |
*/
|
|
@@ -27,14 +27,21 @@ Author URI: https://forum.ait-pro.com/read-me-first/
|
|
| 27 |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
| 28 |
*/
|
| 29 |
|
| 30 |
-
// BPS variables
|
| 31 |
-
|
| 32 |
-
|
| 33 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 34 |
$aitpro_bullet = '<img src="'.plugins_url('/bulletproof-security/admin/images/aitpro-bullet.png').'" style="padding:0px 3px 0px 3px;" />';
|
| 35 |
// Top div & bottom div
|
| 36 |
$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 37 |
$bps_bottomDiv = '</p></div>';
|
|
|
|
|
|
|
| 38 |
|
| 39 |
// Setup Wizard Options: GDPR Compliance Global Variables
|
| 40 |
$GDPR_Options = get_option('bulletproof_security_options_gdpr');
|
| 5 |
Text Domain: bulletproof-security
|
| 6 |
Domain Path: /languages/
|
| 7 |
Description: <strong>Feature Highlights:</strong> Setup Wizard • MScan Malware Scanner • .htaccess Website Security Protection (Firewalls) • Security Logging|HTTP Error Logging • DB Backup • DB Table Prefix Changer • Login Security & Monitoring • JTC-Lite Login Form Bot Lockout Protection • Idle Session Logout (ISL) • Auth Cookie Expiration (ACE) • UI Theme Skin Changer • System Info: Extensive System, Server and Security Status Information • FrontEnd|BackEnd Maintenance Mode
|
| 8 |
+
Version: 3.4
|
| 9 |
Author: AITpro Website Security
|
| 10 |
Author URI: https://forum.ait-pro.com/read-me-first/
|
| 11 |
*/
|
| 27 |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
| 28 |
*/
|
| 29 |
|
| 30 |
+
// BPS Global variables
|
| 31 |
+
// 3.4: It is not a mistake or retarded to add the global keyword to global variables outside of functions per PHP.net, but yeah it does appear to be retarded.
|
| 32 |
+
// WP_CLI requires that all global variables outside of functions MUST explicitly use the global keyword since WP_CLI loads WP within a function
|
| 33 |
+
// and cannot access the global variables within functions in BPS. Luckily this does not break BPS or WordPress in any way and PHP.net states this is technically not an error.
|
| 34 |
+
global $bps_last_version, $bps_version, $aitpro_bullet, $bps_topDiv, $bps_bottomDiv, $bpsPro_remote_addr, $bpsPro_http_client_ip, $bpsPro_http_forwarded, $bpsPro_http_x_forwarded_for, $bpsPro_http_x_cluster_client_ip, $bps_wpcontent_dir, $bps_plugin_dir;
|
| 35 |
+
|
| 36 |
+
define( 'BULLETPROOF_VERSION', '3.4' );
|
| 37 |
+
$bps_last_version = '3.3';
|
| 38 |
+
$bps_version = '3.4';
|
| 39 |
$aitpro_bullet = '<img src="'.plugins_url('/bulletproof-security/admin/images/aitpro-bullet.png').'" style="padding:0px 3px 0px 3px;" />';
|
| 40 |
// Top div & bottom div
|
| 41 |
$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';
|
| 42 |
$bps_bottomDiv = '</p></div>';
|
| 43 |
+
$bps_wpcontent_dir = str_replace( ABSPATH, '', WP_CONTENT_DIR );
|
| 44 |
+
$bps_plugin_dir = str_replace( ABSPATH, '', WP_PLUGIN_DIR );
|
| 45 |
|
| 46 |
// Setup Wizard Options: GDPR Compliance Global Variables
|
| 47 |
$GDPR_Options = get_option('bulletproof_security_options_gdpr');
|
includes/mscan-ajax-functions.php
CHANGED
|
@@ -480,6 +480,7 @@ global $wp_version, $wpdb;
|
|
| 480 |
// Download the WordPress zip file version based on the current WP version installed.
|
| 481 |
// Ensure that the WP zip file is not downloaded repeatedly due to an error, issue or problem.
|
| 482 |
## 3.3: Removed cURL GET code and replaced with simple fopen code. It is unnecessary to use the WP HTTP API for something as simple as a zip file download.
|
|
|
|
| 483 |
function bpsPro_wp_zip_download($mstime) {
|
| 484 |
global $wp_version;
|
| 485 |
|
|
@@ -526,13 +527,16 @@ global $wp_version;
|
|
| 526 |
|
| 527 |
fwrite( $handle, "WP Zip File Download: Start $wp_zip_file zip file download.\r\n" );
|
| 528 |
|
| 529 |
-
$
|
| 530 |
-
|
| 531 |
-
|
| 532 |
-
|
|
|
|
| 533 |
fwrite( $handle, "Manual Solution: You will need to manually download the WordPress zip file to your computer, unzip it and then use FTP and upload the unzipped /wordpress/ folder to this BPS folder: $wp_hashes_dir\r\n" );
|
| 534 |
}
|
| 535 |
|
|
|
|
|
|
|
| 536 |
$time_end = microtime( true );
|
| 537 |
$download_time = $time_end - $time_start;
|
| 538 |
|
| 480 |
// Download the WordPress zip file version based on the current WP version installed.
|
| 481 |
// Ensure that the WP zip file is not downloaded repeatedly due to an error, issue or problem.
|
| 482 |
## 3.3: Removed cURL GET code and replaced with simple fopen code. It is unnecessary to use the WP HTTP API for something as simple as a zip file download.
|
| 483 |
+
## 3.4: changed fopen code to download_url() function due to problems with allow_url_fopen being turned off.
|
| 484 |
function bpsPro_wp_zip_download($mstime) {
|
| 485 |
global $wp_version;
|
| 486 |
|
| 527 |
|
| 528 |
fwrite( $handle, "WP Zip File Download: Start $wp_zip_file zip file download.\r\n" );
|
| 529 |
|
| 530 |
+
$url = 'https://wordpress.org/latest.zip';
|
| 531 |
+
$tmp_file = download_url( $url, $timeout = 300 );
|
| 532 |
+
|
| 533 |
+
if ( ! copy( $tmp_file, $local_zip_file ) ) {
|
| 534 |
+
fwrite( $handle, "WP Zip File Download Error: Unable to download the WordPress zip file from $url\r\n" );
|
| 535 |
fwrite( $handle, "Manual Solution: You will need to manually download the WordPress zip file to your computer, unzip it and then use FTP and upload the unzipped /wordpress/ folder to this BPS folder: $wp_hashes_dir\r\n" );
|
| 536 |
}
|
| 537 |
|
| 538 |
+
unlink( $tmp_file );
|
| 539 |
+
|
| 540 |
$time_end = microtime( true );
|
| 541 |
$download_time = $time_end - $time_start;
|
| 542 |
|
readme.txt
CHANGED
|
@@ -3,8 +3,8 @@ Contributors: AITpro
|
|
| 3 |
Donate link: https://wordpress.org/support/view/plugin-reviews/bulletproof-security?rate=5#postform
|
| 4 |
Tags: security, secure, malware scanner, login security, firewall, security plugin, wordpress security, login, bruteforce, backup, exploit, infection, protection, virus, anti-virus, logout, spam, anti-spam
|
| 5 |
Requires at least: 3.8
|
| 6 |
-
Tested up to: 5.
|
| 7 |
-
Stable tag: 3.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 3 |
Donate link: https://wordpress.org/support/view/plugin-reviews/bulletproof-security?rate=5#postform
|
| 4 |
Tags: security, secure, malware scanner, login security, firewall, security plugin, wordpress security, login, bruteforce, backup, exploit, infection, protection, virus, anti-virus, logout, spam, anti-spam
|
| 5 |
Requires at least: 3.8
|
| 6 |
+
Tested up to: 5.2
|
| 7 |
+
Stable tag: 3.4
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
