BulletProof Security – WordPress Web Security Protection

Saturday 25th, March 2017 / 07:44 Written by
BulletProof Security – WordPress Web Security Protection
456 Flares Twitter 0 Facebook 0 Google+ 0 LinkedIn 0 StumbleUpon 456 Filament.io 456 Flares ×

WordPress is an open source CMS and its code is maintained by a vast community. Bug fixes and security loopholes are continuously fixed by developers to protect users from possible hacker attacks. Nevertheless, this does not mean that WordPress users can take web security for granted. Hackers will always find a way to crack open websites and take advantage of other peoples online properties. Luckily, there are plugins to help you strengthen your security, aside from the default security measures implemented by WordPress.

One of the best ways to implement website security for WordPress website is to make use of the .htaccess file. .htaccess files are important for securing PHP websites because they are executed before PHP and therefore able to prevent malicious code fire up and do damage. BulletProof Security Plugin works with .htaccess master files that contain code to prevent well-known security attacks. The plugin provides a simple one-click solution that set up the provided BulletProof Security .htaccess master files for you.

The plugin protects both your root website folder and wp-admin folder.  The plugin can prevent a long list of known attacks such as XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts.

In addition, BulletProof Security offers login and website monitoring security. You can set an email alert option for the following actions: user account lock out, administrator log in, administrator login + user lockout and any user login when an account is locked out. You can also turn off the email alerts if you wish.

The free version of the plugin is available at the WordPress Codex. Just download and upload the .zip file into your wp-content/plugins folder an activate inside the WordPress dashboard. Here is how the plugin Admin looks like:

bulletproof-security

Security Modes

BulletProof Security Plugin allows you to instantly create and activate .htaccess website security with just a few clicks without having to know anything about .htaccess files. The Master .htaccess files are pre-made and BPS writes .htaccess code that is customized for your website. Click the AutoMagic buttons (creates customized Master .htaccess files) and Activate BulletProof Modes (copies the customized Master .htaccess files to your root and wp-admin folders). The plugin has built-in Backup and Restore and an .htaccess File Editor for full manual editing control as well.

htaccess-secure

You can activate security modes in the root folder and wp-admin folder. Clicking the AutoMagic buttons would automatically create separate .htaccess files for the root and wp-admin folder.

security-modes

The Deny All htaccess BulletProof Modes/files are activated/created automatically. If your Server does not allow, you can deny all access .htaccess in the configuration.

deny-access

Security Log

BulletProof Security Login Security & Monitoring allows you to choose whether you want to Log All User Account Logins or Log Only User Account Lockouts.

security-log

Custom Code

Advanced users can implement their own custom code to control .htaccess. file. There’s an available video tutorial to guide you in the process.

custom-code[3]

Maintenance Mode

One good feature of BulletProof Security is to put the website in maintenance mode and still protect the .htaccess file at the same time. It also allows you to create a custom Maintenance page.

maintenance-mode

WordPress is a very secure and well maintained open source platform. However, it is still worth considering added protection as new exploits are being released from time to time that could compromise all the hard work you have invested. You can see the full features of this awesome plugin here.

456 Flares Twitter 0 Facebook 0 Google+ 0 LinkedIn 0 StumbleUpon 456 Filament.io 456 Flares ×

About the author

Hi I am Pete! I love to work with web design and sometimes dive into some coding. My main focus is WordPress websites.

View all articles by Pete