Table of Contents
One popular WordPress plugin that is recommended and gets 5 starts is the BulletProof Security plugin. The BulletProof Security plugin secures your .htaccess and other files in your WordPress site. This article will explain how to install, configure, and use the basic options in the BulletProof Security plugin.
Install the BulletProof plugin
- Log into the WordPress Dashboard.
- Navigate to the Plugins.
- Click Add New.
Search for security in the plugin search.
Click Install Now.
When the plugin is done installing, click Activate plugin.
Now you will see the plugin on the left in the navigation.
Configuring the BulletProof Security plugin
When you first go to the BulletProof Security plugin, you will see a yellow warning at the top that states the warning below. You will need to click the activate button to have the BulletProof Security plugin set the .htaccess to security mode.
BPS Alert! Your site does not appear to be protected by BulletProof Security
If you are upgrading BPS – BPS will now automatically update your htaccess files and add any new security filters automatically.
Refresh your Browser to clear this Alert Any custom htaccess code or modifications that you have made will not be altered/changed. Activating BulletProof Modes again after upgrading BPS is no longer necessary. In order for BPS to automatically update htaccess files you will need to stay current with BPS plugin updates and install the latest BPS plugin updates when they are available. If refreshing your Browser does not clear this alert then you will need to create new Master htaccess files with the AutoMagic buttons and Activate All BulletProof Modes. If your site is in Maintenance Mode your site is protected by BPS and this Alert will remain to remind you to put your site back in BulletProof Mode again. If your site is in Default Mode then it is not protected by BulletProof Security. Check the BPS Security Status page to view your BPS Security Status information.
BPS Alert! An htaccess file was NOT found in your wp-admin folder. Check the BPS Security Status page for more specific information.
Once you click the activate button you will get a pop up with the changes that are being made.
Click Ok.
Refresh your browser and you will see the warning go away.
BulletProof Security plugin Options
Security Status
The security status section of the BulletProof Security plugin allows you to monitor the File permissions for core folders and files, Check the security measures that are in place and the status of file checks on your server. The status will show specifics of the .htaccess file security measures.
Security Log
The Security log is an area that allows your to enable Error logging for your WordPress site. Error logging is turned on by Default. When the log is too large you can also delete the log through the Security Log section..
Important! Beware of using the Error loging as the error log will continually fill up making a very large error log file. This can cause the server to crash. Only use this when diagnosing security issues.
Systems Info
The System information area is there for you to check your server specifications like Server, Opcode Cache, Accelerators, IP information, Database, PHP server, and BPS pro server information. This allows statistics to created for analyzing security risks.
Back up and Restore
The Backup and restore section in the BulletProof security plugin allows you to backup the .htaccess files. The backup can be restored in the event the .htaccess file becomes corrupted due to a hack attempt.
Edit/Upload/Download
In the BulletProof security File Editing section, the .htaccess can be locked to prevent any writing to it or unlocked so you can edit the code directly. You can edit the files directly through the plugin edit interface in this section..
Maintenance Mode
A nice feature built into the BulletProof security plugin is the Maintenance mode feature. You can set your site to maintenance mode if you are fixing a security issue. The Maintenance mode section allows you to add your own custom text to the maintenance mode screen.
Power Your Growth with Managed WordPress
Unlock the full potential of your mission-critical WordPress site with scalable, purpose-built servers. Give your website the performance, security, and support it needs to succeed - so you can focus on growing your business.
Scalable Cloud Servers Advanced Security Managed Updates Expert Support
Hello,
Thanks for your question in regards to the comparison of the Jetpack Protect and BulletProof WordPress plugins. I would first highly recommend that you make a full backup of your site. That way you can recover it if you’re attacked or if you want to test it with the two plugins running together. We do not typically test plugins for evaluation purposes since there are so many different configurations that people use. So, it’s best to look on the internet to see if there are good comparisons or reviews of the plugins. Check out this one for performance of the WordPress brute-force attack detection plugins. You can also find a more up-to-date review of the security plugins here.
1. They should be able to co-exist, but the Jetpack protection is redundant since Bulletproof already provides brute force protection.
2. Bulletproof provides the .htaccess file protection
3. You will need to look at the Bulletproof documentation, but it appears to include brute force protection as part of the package.
The first step (and easiest) is to make sure that you are regularly backing up your site yourself (not just depending on the host’s backup option). If you are regularly backing your site, then you can easily recover from an attack if it happens. Using any security solution will provide some measure of security, but applying multiple vendor solutions can also affect your site’s performance. Make sure that you’re not applying redundant solutions as using multiple applications doesn’t guarantee a safer, more secure site.
Many people have different configurations of WordPress sites, and I say this based on the plugins that people use. When you make an addition to your site, make sure to back it up BEFORE you add the plugins and then test your site to make sure that there are no conflicts between the plugins. In some cases, the plugin developer may already list conflict issues on their respective support pages.
If you have any further questions or comments, please let us know.
Regards,
Arnel C.