{{release}}

Filesystem is not locked


Upgrade BitFire to enable File-Lock and prevent malware infections, add Redirect protection and Multi Factor Authentication Upgrade to BitFire PRO.

System Features Learn about web blocking

Enable

Firewall Enable

Enable/Disable all Firewall functionality

Always On Protection

Run BitFire before WordPress. Prevent Firewall bypass and saves server resources. HIGHLY recommended.

Allow IP Blocking

Allow blocking IP Addresses when obvious attacks detected

Send HTTP Security Headers

deny frames, disable content sniff, strict cross-origin

Force SSL 1-year

Force SSL and disable non-SSL for 1 year

Block Profanity

Replace profanity with !@#$!

Bot Handling Learn about bot blocking

Alert / Block

Require Full Browser

Verify browsers are not bots with a transparent JavaScript challenge

Block Bots not on Whitelist

Over 100 Search Engines and SEO tools included.

Quick Block Blacklist Bots

Send immediate deny and IP block to any blacklisted user-agent

Rate Limit Action

Block / Alert on rate limit hit. (Excludes search engines)

5 Minute Rate Limit

5 Minute rate limit (excludes whitelisted bots)

Block Direct IP Access

Block spamming direct IP requests. Only allow access to domains on the domain list.
Only allow these domains to access the website (enabled via Block Direct IP Access) {{valid_domains_html}}

Honeypot URL

Add no-visit to robots.txt, block any IP that visits URL. (leave blank to disable)

Generic Blocking Learn about web blocking

Alert / Block

Generic Web Blocking

Block generic attakcs, XXE, SSI, etc, (recommended)

Block XSS

Block Cross Site Scripting Attacks

Block SQLi

Block SQL injection attacks

Block Malicious Files

Inspect all file uploads for malicious code

System Settings Learn about BitFire System Settings

Server Side Cache (must have cache or cookies enabled)
  • SHMOP
  • APCU
  • none
CloudFlair (1.1.1.1) or localhost
  • 1.1.1.1
  • localhost
HTTP response code for block page
  • 200 OK
  • 203 NON AUTHORITATIVE
  • 204 NO CONTENT
  • 400 BAD REQUEST
  • 401 NOT AUTHORIZED
  • 403 FORBIDDEN
  • 406 NOT ACCEPTABLE
  • 500 SERVER ERROR
  • 503 UNAVAILABLE
IP Address, X-Forwarded, Forward
  • REMOTE_ADDR
  • X-FORWARDED
  • FORWARD
Disable if server does not support cookies
Log BitFire PHP errors and send to developers

Optional Settings Learn about BitFire System Settings

Cookie name for browser meta-data, unique random name
Path to serve BitFire dashboard from
Leave blank if not WordPress
BitFire cookie encryption key, > 32bytes random
BitFire secret key, > 32bytes random

PRO / PREMIUM licensing Register for PRO / PREMIUM license

Check your email for license code after purchase

Allow editing config.ini This will unlock config.ini for manual editing for a short while

Only unlock if you need to manually edit the config.ini file

Uninstall BitFire This will uninstall BitFire from the startup script and remove all files.

The script files can be removed after the php cache expires in 5 minutes