One popular WordPress plugin that is recommended and gets 5 starts is the BulletProof Security plugin. The BulletProof Security plugin secures your .htaccess and other files in your WordPress site. This article will explain how to install, configure, and use the basic options in the BulletProof Security plugin.
Install the BulletProof plugin
- Log into the WordPress Dashboard.
- Navigate to the Plugins.
- Click Add New.
Search for security in the plugin search.
Click Install Now.
When the plugin is done installing, click Activate plugin.
Now you will see the plugin on the left in the navigation.
Configuring the BulletProof Security plugin
When you first go to the BulletProof Security plugin, you will see a yellow warning at the top that states the warning below. You will need to click the activate button to have the BulletProof Security plugin set the .htaccess to security mode.
BPS Alert! Your site does not appear to be protected by BulletProof Security
If you are upgrading BPS – BPS will now automatically update your htaccess files and add any new security filters automatically.
Refresh your Browser to clear this Alert Any custom htaccess code or modifications that you have made will not be altered/changed. Activating BulletProof Modes again after upgrading BPS is no longer necessary. In order for BPS to automatically update htaccess files you will need to stay current with BPS plugin updates and install the latest BPS plugin updates when they are available. If refreshing your Browser does not clear this alert then you will need to create new Master htaccess files with the AutoMagic buttons and Activate All BulletProof Modes. If your site is in Maintenance Mode your site is protected by BPS and this Alert will remain to remind you to put your site back in BulletProof Mode again. If your site is in Default Mode then it is not protected by BulletProof Security. Check the BPS Security Status page to view your BPS Security Status information.
BPS Alert! An htaccess file was NOT found in your wp-admin folder. Check the BPS Security Status page for more specific information.
Once you click the activate button you will get a pop up with the changes that are being made.
Refresh your browser and you will see the warning go away.
BulletProof Security plugin Options
The security status section of the BulletProof Security plugin allows you to monitor the File permissions for core folders and files, Check the security measures that are in place and the status of file checks on your server. The status will show specifics of the .htaccess file security measures.
The Security log is an area that allows your to enable Error logging for your WordPress site. Error logging is turned on by Default. When the log is too large you can also delete the log through the Security Log section..
Important! Beware of using the Error loging as the error log will continually fill up making a very large error log file. This can cause the server to crash. Only use this when diagnosing security issues.
The System information area is there for you to check your server specifications like Server, Opcode Cache, Accelerators, IP information, Database, PHP server, and BPS pro server information. This allows statistics to created for analyzing security risks.
Back up and Restore
The Backup and restore section in the BulletProof security plugin allows you to backup the .htaccess files. The backup can be restored in the event the .htaccess file becomes corrupted due to a hack attempt.
In the BulletProof security File Editing section, the .htaccess can be locked to prevent any writing to it or unlocked so you can edit the code directly. You can edit the files directly through the plugin edit interface in this section..
A nice feature built into the BulletProof security plugin is the Maintenance mode feature. You can set your site to maintenance mode if you are fixing a security issue. The Maintenance mode section allows you to add your own custom text to the maintenance mode screen.