ist issue

is this a step i need to take?
https://www.ads-software.com/support/topic/plugin-bulletproof-security-broken-cpanel-hotlink-tool-404-errors-unable-to-edit-htaccess-files?replies=9

EDIT can’t be
Hotlink protection is currently disabled

What type of Server configuration do you have? Sounds like it is DSO and not CGI.
Check the BPS System Info tab page and post this info below:

Server Type:
Operating System:
Server API:

Server Type: WebServerX
Operating System: Linux
Server API: apache2handler – Your Host Server is using DSO or another SAPI type.

Yep, DSO. You will need to do one-time manual setup steps to get everything working.

Do steps: 3, 4, 5 and 7. If things are not working at that point then do step 1.

https://forum.ait-pro.com/forums/topic/dso-setup-steps/

6. Upload the /bulletproof-security/admin/htaccessplugins.htaccess

i don’t see this anywhere?
oh ok skip step 6 LOL read again mrpp!!!!

ok logged in now what should i do?
Pre-installation Wizard and the Setup Wizard?
do i do the following now or have i just bypassed all this manually?
1) create default.htaccess
2) create secure.htaccess
3) Activate Website Root Folder .htaccess Security Mode
4)Activate Website wp-admin Folder .htaccess Security Mode
The htaccess file that is activated in your root folder is:
BULLETPROOF .49 >>>>>>> SECURE .HTACCESS

√ wp-config.php is htaccess protected by BPS
√ php.ini and php5.ini are htaccess protected by BPS

√ Deny All protection activated for BPS Master /htaccess folder
√ Deny All protection activated for /wp-content/bps-backup folder

The htaccess file that is activated in your wp-admin folder is:
BULLETPROOF .49 WP-ADMIN SECURE .HTACCESS

Click the Create secure.htaccess File button and see if you get an error message or a success message.

Success! Your BulletProof Security Root Master htaccess file was created successfully!

Ok you’re good to go. You can now use BPS normally with full automation. ??

so is that it? rockin and rollin?
i use Limit Login Attempts By Johan Eenfeldt so turned that off in BPS?

Yep, your are all set. The one-time manual DSO setup actually sets everything up, but in a way that all future things that you do in BPS can now be done using BPS automation/tools/buttons/etc. so you do not have to do anything with FTP again.

Yep, choose one or the other login security feature since they will conflict with each other if you try to use both at the same time.

ok thank you very much , one last question, adding the speed booster in custom htaccess
before i save it, how do i know if i have need to add a php ini handler before?
not sure what code is to check or whether i have one or not?

If everything is working correctly on your site and you do not currently have php/php.ini handler .htaccess code in your active root .htaccess file then you do not need to add it/your site does not use it. Most folks do not have php/php.ini .htaccess code.

your a star!!
did i say one last question? ok then
activated BulletProof Mode Website Root Folder after saving custom code but get message IMPORTANT! BulletProof Mode for the wp-admin folder MUST also be activated when you have BulletProof Mode activated for the Root folder.

so do i need to do this too?

Not mentioned here
https://forum.ait-pro.com/forums/topic/where-is-the-log/page/2/#post-7436
honestly that is the last question

for tonight lol
p.s PageSpeed Insights looks better

mark as solved thank you so much for the time to help;-)))