BulletProof Security - Version 4.7

Version Description

Release Info

Developer	AITpro
Plugin	BulletProof Security
Version	4.7
Comparing to
See all releases

Code changes from version 4.6 to 4.7

Files changed (5) hide show

admin/htaccess/secure.htaccess +1 -1
admin/htaccess/wpadmin-secure.htaccess +1 -1
bulletproof-security.php +4 -4
includes/functions.php +45 -3
readme.txt +1 -1

admin/htaccess/secure.htaccess CHANGED Viewed

	@@ -1,4 +1,4 @@
1	- # BULLETPROOF 4.6 SECURE .HTACCESS
2
3	# PHP/PHP.INI HANDLER/CACHE CODE
4	# Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.


1	+ # BULLETPROOF 4.7 SECURE .HTACCESS
2
3	# PHP/PHP.INI HANDLER/CACHE CODE
4	# Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.

admin/htaccess/wpadmin-secure.htaccess CHANGED Viewed

	@@ -1,4 +1,4 @@
1	- # BULLETPROOF 4.6 WP-ADMIN SECURE .HTACCESS
2
3	# DO NOT ADD URL REWRITING IN THIS FILE OR WORDPRESS WILL BREAK
4	# RewriteRule ^(.*)$ - [F] works in /wp-admin without breaking WordPress


1	+ # BULLETPROOF 4.7 WP-ADMIN SECURE .HTACCESS
2
3	# DO NOT ADD URL REWRITING IN THIS FILE OR WORDPRESS WILL BREAK
4	# RewriteRule ^(.*)$ - [F] works in /wp-admin without breaking WordPress

bulletproof-security.php CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: https://forum.ait-pro.com/read-me-first/
5	Text Domain: bulletproof-security
6	Domain Path: /languages/
7	Description: <strong>Feature Highlights:</strong> Setup Wizard • MScan Malware Scanner • .htaccess Website Security Protection (Firewalls) • Security Logging\|HTTP Error Logging • DB Backup • DB Table Prefix Changer • Login Security & Monitoring • JTC-Lite Login Form Bot Lockout Protection • Idle Session Logout (ISL) • Auth Cookie Expiration (ACE) • UI Theme Skin Changer • System Info: Extensive System, Server and Security Status Information • FrontEnd\|BackEnd Maintenance Mode • WP Automatic Update Options (BPS MU Tools must-use plugin) • Force Strong Passwords.
8	- Version: 4.6
9	Author: AITpro Website Security
10	Author URI: https://forum.ait-pro.com/read-me-first/
11	*/
	@@ -33,9 +33,9 @@ Author URI: https://forum.ait-pro.com/read-me-first/
33	// and cannot access the global variables within functions in BPS. Luckily this does not break BPS or WordPress in any way and PHP.net states this is technically not an error.
34	global $bps_last_version, $bps_version, $aitpro_bullet, $bps_topDiv, $bps_bottomDiv, $bpsPro_remote_addr, $bpsPro_http_client_ip, $bpsPro_http_forwarded, $bpsPro_http_x_forwarded_for, $bpsPro_http_x_cluster_client_ip, $bps_wpcontent_dir, $bps_plugin_dir;
35
36	- define( 'BULLETPROOF_VERSION', '4.6' );
37	- $bps_last_version = '4.5';
38	- $bps_version = '4.6';
39	$aitpro_bullet = '<img src="'.plugins_url('/bulletproof-security/admin/images/aitpro-bullet.png').'" style="padding:0px 3px 0px 3px;" />';
40	// Top div & bottom div
41	$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';


5	Text Domain: bulletproof-security
6	Domain Path: /languages/
7	Description: <strong>Feature Highlights:</strong> Setup Wizard • MScan Malware Scanner • .htaccess Website Security Protection (Firewalls) • Security Logging\|HTTP Error Logging • DB Backup • DB Table Prefix Changer • Login Security & Monitoring • JTC-Lite Login Form Bot Lockout Protection • Idle Session Logout (ISL) • Auth Cookie Expiration (ACE) • UI Theme Skin Changer • System Info: Extensive System, Server and Security Status Information • FrontEnd\|BackEnd Maintenance Mode • WP Automatic Update Options (BPS MU Tools must-use plugin) • Force Strong Passwords.
8	+ Version: 4.7
9	Author: AITpro Website Security
10	Author URI: https://forum.ait-pro.com/read-me-first/
11	*/

33	// and cannot access the global variables within functions in BPS. Luckily this does not break BPS or WordPress in any way and PHP.net states this is technically not an error.
34	global $bps_last_version, $bps_version, $aitpro_bullet, $bps_topDiv, $bps_bottomDiv, $bpsPro_remote_addr, $bpsPro_http_client_ip, $bpsPro_http_forwarded, $bpsPro_http_x_forwarded_for, $bpsPro_http_x_cluster_client_ip, $bps_wpcontent_dir, $bps_plugin_dir;
35
36	+ define( 'BULLETPROOF_VERSION', '4.7' );
37	+ $bps_last_version = '4.6';
38	+ $bps_version = '4.7';
39	$aitpro_bullet = '<img src="'.plugins_url('/bulletproof-security/admin/images/aitpro-bullet.png').'" style="padding:0px 3px 0px 3px;" />';
40	// Top div & bottom div
41	$bps_topDiv = '<div id="message" class="updated" style="background-color:#dfecf2;border:1px solid #999;-moz-border-radius-topleft:3px;-webkit-border-top-left-radius:3px;-khtml-border-top-left-radius:3px;border-top-left-radius:3px;-moz-border-radius-topright:3px;-webkit-border-top-right-radius:3px;-khtml-border-top-right-radius:3px;border-top-right-radius:3px;-webkit-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);-moz-box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);box-shadow: 3px 3px 5px -1px rgba(153,153,153,0.7);"><p>';

includes/functions.php CHANGED Viewed

	@@ -1165,6 +1165,7 @@ function bpsPro_apache_mod_directive_check() {
1165	// Fubar: Server does not have necessary Modules loaded to use htaccess files
1166	// if $status_code2, 3 and 4 are not 403 errors then neither mod_access_compat or mod_authz_core are loaded.
1167	// if $status_code9 is a 500 error then mod_rewrite is not loaded.

1168	if ( 403 != $status_code2 && 403 != $status_code3 && 403 != $status_code4 \|\| 500 == $status_code9 ) {
1169
1170	$HFiles_options = get_option('bulletproof_security_options_htaccess_files');
	@@ -1179,6 +1180,7 @@ function bpsPro_apache_mod_directive_check() {
1179	echo $text;
1180
1181	} else {

1182
1183	// mod_access_compat loaded, Order, Allow, Deny directives are supported
1184	if ( 403 == $status_code2 ) {
	@@ -1245,7 +1247,7 @@ function bpsPro_apache_mod_directive_check() {
1245	$text = '<font color="#2ea2cc"><strong>'.$status_code9.':</strong></font> '.__('mod_rewrite Inconclusive: Status is not 200, 301, 302, 403 or 404', 'bulletproof-security').'<br>';
1246	echo $text;
1247	}
1248	- } // End: Fubar condition
1249
1250	$apache_modules_Options = array(
1251	'bps_apache_mod_ifmodule' => $apache_ifmodule,
	@@ -1267,6 +1269,18 @@ function bpsPro_apache_mod_directive_check() {
1267	}
1268	}
1269












1270	// mod_security or mod_security2 Module loaded.
1271	if ( 403 == $status_code12 \|\| 403 == $status_code13 ) {
1272
	@@ -1354,6 +1368,7 @@ function bpsPro_apache_mod_directive_check() {
1354	// Fubar: Server does not have necessary Modules loaded to use htaccess files
1355	// if $status_code2, 3 and 4 are not 403 errors then neither mod_access_compat or mod_authz_core are loaded.
1356	// if $status_code9 is a 500 error then mod_rewrite is not loaded.

1357	if ( 403 != $status_code2 && 403 != $status_code3 && 403 != $status_code4 \|\| 500 == $status_code9 ) {
1358
1359	$HFiles_options = get_option('bulletproof_security_options_htaccess_files');
	@@ -1365,6 +1380,7 @@ function bpsPro_apache_mod_directive_check() {
1365	}
1366
1367	} else {

1368
1369	// mod_access_compat loaded, IfModule condition working, Order, Allow, Deny directives are supported
1370	if ( 403 == $status_code2 ) {
	@@ -1375,7 +1391,7 @@ function bpsPro_apache_mod_directive_check() {
1375
1376	$apache_ifmodule = 'Yes';
1377	}
1378	- } // END: Fubar condition
1379
1380	$apache_modules_Options = array(
1381	'bps_apache_mod_ifmodule' => $apache_ifmodule,
	@@ -1397,6 +1413,18 @@ function bpsPro_apache_mod_directive_check() {
1397	}
1398	}
1399












1400	// mod_security or mod_security2 Module loaded.
1401	if ( 403 == $status_code12 \|\| 403 == $status_code13 ) {
1402
	@@ -1463,6 +1491,7 @@ function bpsPro_apache_mod_directive_check() {
1463	// Fubar: Server does not have necessary Modules loaded to use htaccess files
1464	// if $status_code2, 3 and 4 are not 403 errors then neither mod_access_compat or mod_authz_core are loaded.
1465	// if $status_code9 is a 500 error then mod_rewrite is not loaded.

1466	if ( 403 != $status_code2 && 403 != $status_code3 && 403 != $status_code4 \|\| 500 == $status_code9 ) {
1467
1468	$HFiles_options = get_option('bulletproof_security_options_htaccess_files');
	@@ -1474,6 +1503,7 @@ function bpsPro_apache_mod_directive_check() {
1474	}
1475
1476	} else {

1477
1478	// mod_access_compat loaded, IfModule condition working, Order, Allow, Deny directives are supported
1479	if ( 403 == $status_code2 ) {
	@@ -1484,7 +1514,7 @@ function bpsPro_apache_mod_directive_check() {
1484
1485	$apache_ifmodule = 'Yes';
1486	}
1487	- } // END: Fubar condition
1488
1489	$apache_modules_Options = array(
1490	'bps_apache_mod_ifmodule' => $apache_ifmodule,
	@@ -1506,6 +1536,18 @@ function bpsPro_apache_mod_directive_check() {
1506	}
1507	}
1508












1509	// mod_security or mod_security2 Module loaded.
1510	if ( 403 == $status_code12 \|\| 403 == $status_code13 ) {
1511


1165	// Fubar: Server does not have necessary Modules loaded to use htaccess files
1166	// if $status_code2, 3 and 4 are not 403 errors then neither mod_access_compat or mod_authz_core are loaded.
1167	// if $status_code9 is a 500 error then mod_rewrite is not loaded.
1168	+ /*
1169	if ( 403 != $status_code2 && 403 != $status_code3 && 403 != $status_code4 \|\| 500 == $status_code9 ) {
1170
1171	$HFiles_options = get_option('bulletproof_security_options_htaccess_files');

1180	echo $text;
1181
1182	} else {
1183	+ */
1184
1185	// mod_access_compat loaded, Order, Allow, Deny directives are supported
1186	if ( 403 == $status_code2 ) {

1247	$text = '<font color="#2ea2cc"><strong>'.$status_code9.':</strong></font> '.__('mod_rewrite Inconclusive: Status is not 200, 301, 302, 403 or 404', 'bulletproof-security').'<br>';
1248	echo $text;
1249	}
1250	+ //} // End: Fubar condition
1251
1252	$apache_modules_Options = array(
1253	'bps_apache_mod_ifmodule' => $apache_ifmodule,

1269	}
1270	}
1271
1272	+ ## 15.3: BugFix
1273	+ if ( $apache_ifmodule == 'Yes' ) {
1274	+
1275	+ $htaccess_files_Options = array(
1276	+ 'bps_htaccess_files' => 'enabled'
1277	+ );
1278	+
1279	+ foreach( $htaccess_files_Options as $key => $value ) {
1280	+ update_option('bulletproof_security_options_htaccess_files', $htaccess_files_Options);
1281	+ }
1282	+ }
1283	+
1284	// mod_security or mod_security2 Module loaded.
1285	if ( 403 == $status_code12 \|\| 403 == $status_code13 ) {
1286

1368	// Fubar: Server does not have necessary Modules loaded to use htaccess files
1369	// if $status_code2, 3 and 4 are not 403 errors then neither mod_access_compat or mod_authz_core are loaded.
1370	// if $status_code9 is a 500 error then mod_rewrite is not loaded.
1371	+ /*
1372	if ( 403 != $status_code2 && 403 != $status_code3 && 403 != $status_code4 \|\| 500 == $status_code9 ) {
1373
1374	$HFiles_options = get_option('bulletproof_security_options_htaccess_files');

1380	}
1381
1382	} else {
1383	+ */
1384
1385	// mod_access_compat loaded, IfModule condition working, Order, Allow, Deny directives are supported
1386	if ( 403 == $status_code2 ) {

1391
1392	$apache_ifmodule = 'Yes';
1393	}
1394	+ //} // END: Fubar condition
1395
1396	$apache_modules_Options = array(
1397	'bps_apache_mod_ifmodule' => $apache_ifmodule,

1413	}
1414	}
1415
1416	+ ## 15.3: BugFix
1417	+ if ( $apache_ifmodule == 'Yes' ) {
1418	+
1419	+ $htaccess_files_Options = array(
1420	+ 'bps_htaccess_files' => 'enabled'
1421	+ );
1422	+
1423	+ foreach( $htaccess_files_Options as $key => $value ) {
1424	+ update_option('bulletproof_security_options_htaccess_files', $htaccess_files_Options);
1425	+ }
1426	+ }
1427	+
1428	// mod_security or mod_security2 Module loaded.
1429	if ( 403 == $status_code12 \|\| 403 == $status_code13 ) {
1430

1491	// Fubar: Server does not have necessary Modules loaded to use htaccess files
1492	// if $status_code2, 3 and 4 are not 403 errors then neither mod_access_compat or mod_authz_core are loaded.
1493	// if $status_code9 is a 500 error then mod_rewrite is not loaded.
1494	+ /*
1495	if ( 403 != $status_code2 && 403 != $status_code3 && 403 != $status_code4 \|\| 500 == $status_code9 ) {
1496
1497	$HFiles_options = get_option('bulletproof_security_options_htaccess_files');

1503	}
1504
1505	} else {
1506	+ */
1507
1508	// mod_access_compat loaded, IfModule condition working, Order, Allow, Deny directives are supported
1509	if ( 403 == $status_code2 ) {

1514
1515	$apache_ifmodule = 'Yes';
1516	}
1517	+ //} // END: Fubar condition
1518
1519	$apache_modules_Options = array(
1520	'bps_apache_mod_ifmodule' => $apache_ifmodule,

1536	}
1537	}
1538
1539	+ ## 15.3: BugFix
1540	+ if ( $apache_ifmodule == 'Yes' ) {
1541	+
1542	+ $htaccess_files_Options = array(
1543	+ 'bps_htaccess_files' => 'enabled'
1544	+ );
1545	+
1546	+ foreach( $htaccess_files_Options as $key => $value ) {
1547	+ update_option('bulletproof_security_options_htaccess_files', $htaccess_files_Options);
1548	+ }
1549	+ }
1550	+
1551	// mod_security or mod_security2 Module loaded.
1552	if ( 403 == $status_code12 \|\| 403 == $status_code13 ) {
1553

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://wordpress.org/support/view/plugin-reviews/bulletproof-secur
4	Tags: security, secure, malware scanner, login security, firewall, security plugin, wordpress security, login, bruteforce, backup, exploit, infection, protection, virus, anti-virus, logout, spam, anti-spam
5	Requires at least: 3.8
6	Tested up to: 5.7
7	- Stable tag: 4.6
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10


4	Tags: security, secure, malware scanner, login security, firewall, security plugin, wordpress security, login, bruteforce, backup, exploit, infection, protection, virus, anti-virus, logout, spam, anti-spam
5	Requires at least: 3.8
6	Tested up to: 5.7
7	+ Stable tag: 4.7
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10