BulletProof Security Pro ~ The Complete Website Security Solution for Hacker and Spammer Protection
BulletProof Security Pro has an amazing track record. BPS Pro has been publicly available for 6+ years and is installed on over 40,000 websites worldwide. Not a single one of those 40,000+ websites in 6+ years have been hacked.
View All BPS Pro Features
- One-Click Setup Wizard: Fast, simple and complete BPS Pro installation and setup.
- Setup Wizard AutoFix: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) checks which plugins and themes you currently have installed and will display a BPS Setup Wizard AutoFix Notice to run the BPS Setup Wizard if any currently installed plugins or themes require Custom Code whitelist rules or AutoSetup. The BPS Setup Wizard automatically creates BPS Custom Code whitelist rules for known issues with any plugins and themes that need Custom Code whitelist rules. Setup Wizard AutoFix also automatically sets up and cleans up caching plugin's htaccess code for these WordPress caching plugins: WP Super Cache, W3 Total Cache, Comet Cache Plugin (free & Pro), WP Fastest Cache Plugin (free & Premium), Endurance Page Cache and WP Rocket.
- AutoRestore|Quarantine (ARQ IDPS): File scanner that automatically quarantines malicious hacker files and autorestores legitimate website files if they have been altered or tampered with. Quarantined files can be viewed, restored or deleted. ARQ IPDS uses a much more effective and reliable method of scanning files vs any/all malware scanners including BPS Pro MScan. ARQ IDPS can monitor and protect any/all website files under your entire Hosting Account.
- MScan Malware Scanner: File & database scanner that scans files & your WP Database for hacker files or code. On first time installations of BPS Pro it is recommended that your scan your website/hosting account with MScan to check for any pre-existing hacker files or code. MScan scans can be scheduled to run automatically (BPS Pro Only) or MScan scans can be run manually.
- Plugin Firewall|AutoPilot Mode: IP based Firewall that protects the WordPress Plugins Folder/all plugin files from being publicly accessible and exploited. Your IP address is whitelisted and updated in real-time. AutoPilot Mode automatically creates Plugin Firewall Whitelist rules in real-time.
- JTC Anti-Spam|Anti-Hacker: JTC is designed to stop all Form processing if an invalid CAPTCHA is entered or the JTC SpamBot Trap is triggered. This means that auto-posting HackerBots and SpamBots cannot auto-register, auto-post, auto-login, auto-comment or overload your website with Brute Force Login attacks, DoS/DDoS attacks or other auto-posting Form Request attacks. JTC Anti-Spam|Anti-Hacker protects these website pages/Forms: Login page/Form, Registration page/Form, Lost Password page/Form, Comment page/Form, BuddyPress Register page/Form and the BuddyPress Sidebar Login Form.
- Login Security & Monitoring: Protects your WordPress Login page from Brute Force Login attacks. You can choose to Log All User Account Logins or Log Only User Account Lockouts. Some of the available Option Settings are: Max Login Attempts, Automatic Lockout Time, Manual Lockout Time, Attempts Remaining, Enable/Disable Password Reset, Export|Download Login Security Table, Lock, Unlock or Delete User Accounts and more.
- Uploads Anti-Exploit Guard (UAEG): Protects the WordPress Uploads folder. ONLY safe image files with valid image file extensions such as jpg, gif, png, etc. can be accessed, opened or viewed from the uploads folder. UAEG blocks files by file extension names in the uploads folder from being accessed, opened, viewed, processed or executed. Malicious files cannot be accessed, opened, viewed, processed or executed in the WordPress Uploads folder.
- DB Monitor (IDS): The DB Monitor is an automated Intrusion Detection System (IDS) that alerts you via email anytime a change/modification occurs in your WordPress database or a new database table is created in your WordPress database. The DB Monitor email alert contains information about what database change/modification occurred and other relevant help info. Your DB Monitor Log also logs any changes/modifications to your WordPress database and other relevant help info.
- DB Backup: Full|Partial DB Backups, Manual|Scheduled DB Backups, Email Zip Backups, Download Zip Backup files, Automatically Delete Old Backup files. Scheduled backup job options: Hourly, Daily, Weekly and Monthly. Send scheduled backup zip file via email or just send email only, automatically delete old backup files after a certain period of time, Override Scheduled Backup Jobs (turn off all Scheduled Backup Jobs) and more.
- DB Diff Tool: The DB Diff Tool compares old database tables from DB backups to current database tables and displays any differences in the data/content of those 2 database tables. The DB Diff Tool can also be used to compare any data and not only just DB data.
- DB Table Prefix Changer: Change your WordPress Database Table Prefix name to a unique Database Table Prefix name. Note: The default WordPress Database Table Prefix name is: wp_.
- DB Status & Info: General DB Info shows commonly checked DB status and info about your WordPress database at a glance. Extensive DB Info shows extensive DB status information using: SHOW PRIVILEGES, SHOW TABLE STATUS|SIZE, SHOW STORAGE ENGINES, SHOW FULL PROCESSLIST, SHOW GLOBAL STATUS, SHOW SESSION STATUS, SHOW GLOBAL VARIABLES and SHOW SESSION VARIABLES
- Idle Session Logout: Automatically logout idle/inactive Users. ISL uses javascript Event Listeners to monitor Users activity for these ISL events: keyboard key is pressed, mouse button is pressed, mouse is moved, mouse wheel is rolled up or down, finger is placed on the touch surface/screen and finger already placed on the screen is moved across the screen. Enable|Disable Idle Session Logouts For These User Roles: Administrator, Editor, Author, Contributor and Subscriber
- Auth Cookie Expiration: Change the WordPress Authentication Cookie Expiration time. The default WordPress Authentication Cookie Expiration time is 2880 Minutes/2 Days and 20160 Minutes/14 Days if a User checks the Remember Me checkbox when they login. You can change the WordPress Authentication Cookie Expiration time to whatever expiration time setting that you choose. Enable|Disable Auth Cookie Expiration Time For These User Roles: Administrator, Editor, Author, Contributor and Subscriber.
- S-Monitor: S-Monitor is the centralized Security Monitoring and Alerting Core where you can manage and choose BPS Pro settings for Dashboard Alerts, Dashboard Status Display|Inpage Status Display, Email Alerts, Automated Log file handling, Error checking, etc. Having BPS Pro monitoring, alerting and log file handling options all in one centralized location makes it simple and easy to change all/any BPS Pro settings to your particular preferences.
- Hidden Plugin Folders|Files Cron (HPF): The HPF Cron checks the WordPress /plugins/ folder for hidden or empty plugin folders and any non-standard WP files or altered files in the /plugins/ folder. A hidden or empty plugin folder is a plugin the exists in your /plugins/ folder, but is not displayed on the WordPress Plugins page. A hidden plugin can be used as a hacker backdoor to gain access to your WP Dashboard, hosting account, create user accounts, completely control your website and hosting account, etc. A non-standard WP file or modified/altered file in your /plugins/ folder can also do all of the things a hidden plugin can do.
- Maintenance Mode: Create a custom unique Website Under Maintenance or Coming Soon page or use the pre-made images that come with BPS Pro Maintenance Mode. Allows you to continue to Login|Logout and work on your website while visitors see a Website Under Maintenance page. Enable FrontEnd Maintenance Mode, BackEnd Maintenance Mode or both FrontEnd & BackEnd Maintenance Modes. Display a Countdown Timer to visitors, Display Visitor IP Address, Enable Visitor Logging, Send Email Reminder when Maintenance Mode Countdown Timer has completed and more.
- Pro Tools: 16 mini-plugins: Online Base64 Decoder, Offline Base64 Decode|Encode, Mcrypt ~ Decrypt|Encrypt, Crypt Encryption, Scheduled Crons (display and reschedule/reset Cron Jobs), String|Function Finder (find any string - name of a function, code, text, etc. - in any files anywhere under your hosting account), String Replacer|Remover (search and replace any string/text/code in any files anywhere under your hosting account), DB String Finder (search your entire database for strings/text/code), DB Table Cleaner|Remover (empty/drop DB Tables), DNS Finder (find all DNS Records for websites by Domain Name), Ping Website|Server (check if a website domain is Up/Down/connection/blocking), cURL Scan (scan website Source Code for strings/text/code), Website Headers (check and display Headers using GET or HEAD Requests), WP Automatic Update (Turn WP Automatic Updates On or Off and other settings), Plugin Update Check (force new Plugin update check), XML-RPC Exploit Checker (check your website or a remote website to see if the website is protected against or vulnerable to an XML-RPC exploit).
- Logging|Log Files: Security Log, PHP Error Log, Quarantine Log, DB Backup Log & DB Monitor Log.
- .htaccess Website Security (Firewalls)
- Custom php.ini Website Security
- F-Lock: File & Folder Locking.
- Upload Zip Install