Thursday, 20 February 2014

Bullet Proof Security Installation

This is a free tutorial for installing "Bullet Proof Security" into your WordPress.

The developer website - Effective Business Website Design

1. Login to your WP-Dashboard, on your left, click “Installed Plugins”, place keywords – bullet proof security and click on “Search Plugins”.


2. On the left menu – click on BPS Security.Next,

  • -Select “Security Modes” 
  • -Click on “Created default.htaccess File


Master htaccess created successfully.

3. Activate both Root Folder BulletProof Mode plus wp-admin Folder BulletProof Mode


Next, activate Deny All htaccess:
  • Master htaccess BulletProof Mode
  • BPS Backup BulletProof Mode


4. For website that installed “Broken Link Checker”.  Visit here to learn more!


Before create secure.htaccess File, please add the code in Step 5 and 6.

5. Protect Login Page from Brute Force Login Attacks - Learn more!

Add the below code to block an automated comment spambots.

Start here---

# Protect wp-login.php from Brute Force Login Attacks based on Server Protocol
# Block automated comment spambots using Server Protocol HTTP/1.0
# All legitimate humans and bots should be using Server Protocol HTTP/1.1
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|/wp-comments-post\.php)$
RewriteCond %{THE_REQUEST} HTTP/1\.0
RewriteRule ^(.*)$ – [F,L]

End here---



Click on " Custom Code"

  • Select “Root htaccess File Custom Code”
  • Paste into “Custom Code Brute Force Login Page Protection”.
  • Scroll down and “Save Root Custom Code”

Now, check on "Security Status", if same like below, follow the next instructions.


Upload 2 htaccess files into “master-backups” directory.

1. root,htaccess File.



Start copy below this line ----
# BULLETPROOF .46.D >>>>>>> DEFAULT .HTACCESS# If you edit the line of code above you will see error messages on the BPS status page
# WARNING!!! THE default.htaccess FILE DOES NOT PROTECT YOUR WEBSITE AGAINST HACKERS
# This is a standard generic htaccess file that does NOT provide any website security
# The DEFAULT .HTACCESS file should be used for testing and troubleshooting purposes only# BEGIN WordPress
RewriteEngine On
RewriteBase /wordpress/
RewriteRule ^index\.php$ – [L]# uploaded files
RewriteRule ^([_0-9a-zA-Z-]+/)?files/(.+) wp-includes/ms-files.php?file=$2 [L]# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ – [L]
RewriteRule ^[_0-9a-zA-Z-]+/(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^[_0-9a-zA-Z-]+/(.*\.php)$ $1 [L]
RewriteRule . index.php [L]
# END WordPress
End copy----

2.wpadmin.htaccess File.

Start copy below this line----
# BULLETPROOF .46.4 WP-ADMIN SECURE .HTACCESS# If you edit the line of code above you will see error messages on the BPS status page
# BPS is reading the version number in the htaccess file to validate checks
# If you would like to change what is displayed above you
# will need to edit the BPS functions.php file to match your changes
# For more info see the BPS Guide at AIT-pro.com# FILTER REQUEST METHODS
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ – [F,L]# QUERY STRING EXPLOITS 
RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR] 
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR] 
RewriteCond %{QUERY_STRING} tag\= [NC,OR] 
RewriteCond %{QUERY_STRING} ftp\: [NC,OR] 
RewriteCond %{QUERY_STRING} http\: [NC,OR] 
RewriteCond %{QUERY_STRING} https\: [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] 
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR] 
RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>).* [NC,OR] 
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR] 
RewriteCond %{QUERY_STRING} ^.*(execute|exec|sp_executesql|request|select|insert|union|declare|drop|delete|create|alter|update|order|char|set|cast|convert|meta|script|truncate).* [NC] 
RewriteRule ^(.*)$ – [F,L]

End copy----


Once you have completed upload the 2 files as shown above, select ” Security Modes”, click on “Create secure.htaccess File”. As usual, same as step 3 & 4, activate both once again;

  1. Root Folder .htaccess Security Mode
  2. wp-admin Folder .htaccess Security Mode


The installation process is completed.


To play safe, suggest to make a backup.


For your convenience, you can download both .htaccess files 
https://www.virustotal.com/en/file/76809f3f98da8410fdf02e2014820f49c673bbbbbf423247d6faec1ec474f21b/analysis/1392946924/

SHA256: 76809f3f98da8410fdf02e2014820f49c673bbbbbf423247d6faec1ec474f21b
File name: masterbackupshtaccessfiles.zip
Detection ratio: 0 / 50


Thursday, 23 January 2014

Get The Most From Your SEO

As you know, SEO is Search Engine Optimization. A web developer used it to optimize their website, which included web design, themes suitability, images, site engagement like social share, description, related keywords in addition to relevant content as well web page loading speed. The result is attracting Search Engines bringing in the online searches to your website to get a solution from their searching.

If you're not satisfied with your current ranking in the search engine pages, you may want to tweak your site and make an effort to obtain the most from your SEO. SEO is essential. If you don't have a clue concerning how to start this, hire somebody to do it for you.

There are many paid SEO solutions available, which can be the perfect option for you personally. The people or companies that offer these solutions can implement techniques so you can obtain the most from your SEO effort and boost your rankings.

Whether making sure your site is formatted properly, or in case you have an interesting, relevant content material on your website, to the keywords that you are now using, the business or person you employ should take time to examine and tweak most of these things to take your site to another level.

It may be something as easy as utilizing an outdated keyword that nobody is doing looks for any longer. Updating your keyword listing periodically is essential to staying along with the search engine pages.

They'll give you guidance, assistance, and suggestions about ways to make sure that you are doing whatever you can help keep the rating you have accomplished. Be sure that you follow their guidance closely and learn to sustain your website if they are done.

Before you set out to find the help, you need to do some research of your own to make sure you won't get scammed.

How can you determine to recognize the business will likely be the very best match for you personally? One way would be to ask previous clients or go through their testimonials. Testimonials are likely to provide you with a better notion of what things to expect also to figure out if the support is likely right for you personally.

Visit the company website and read several, if they don't have a testimonial area, you might like to think twice concerning this company and move ahead. An excellent company should desire to "brag" about their success stories and post customer reactions to their work.

Additionally, ensure they practice what they preach. Check them from the various search engines and observe where they position. If they don't have a higher ranking, once again, rethink the company and move ahead.

To obtain the most from the SEO, have a look at several businesses and narrow down your research to few that you are feeling suit you perfectly. Then, contact each one of these and find one that will take the time to listen to your preferences.

The very best company for you personally is the one which listens to what you need and take time to work with you for boosting your website rating. The objectives and strategies they set up should help you to get the results that you will be searching for.