Free/Premium WordPress security - 100% refund guarantee. Lock files from attack, recover from malware, IP/Country…
Free/Premium WordPress security – 100% refund guarantee. Lock files from attack, recover from malware, IP/Country ban, 100% bot protection – SEO compatible.
Website security that works. Don’t just scan for malware. Stop it from ever infecting your site.
BitFire integrates your website and server operating system to make website hacks, redirect attacks and account takeover impossible.
Don’t just scan for attacks after they happen; actively prevent them.
There are many Web Firewalls available. Only BitFire has 100% Free bot Blocking, Site Restore, File Locking, Redirect Protection, and a money-back guarantee for PRO customers.
BitFire brings new security capabilities to your website you won’t find anywhere else.
In addition to the standard Protection offered by similar solutions, BitFire has 4 unique features that, when activated, make your site impervious to attack.
Multi-Factor Authentication – Prevent account takeover with multi-factor authentication. Receive notification of all login attempts.
Up to 50x faster than the competition
Protect yourself from 0-day threats with security processes, not just known signatures.
Privacy. We take privacy very seriously. BitFire inspects all traffic going to the webserver and takes care to filter out any potentially sensative information by replacing it with *****. This can include information like passwords, credit card numbers, etc. The config.ini file includes a list of common sensative field names under the “filtered_logging” section. These fields are immediately filtered and can not be included in any logging or error reporting. You can add additional fields to filter in the config file by adding a line “filtered_logging[field_name] = true” and replacing “field_name” with the name of the desired parameter to filter.
BitFire includes error monitoring. While we strive to make BitFire as robust as possible, sometimes unforeseen things happen. BitFire includes error handler which monitors it’s operation. In the event an error is detected only in the BitFire software; including during install, an alert can be sent to BitFire’s developer team. The development team monitors these errors in real time and includes fixes for any detected errors in each new release. This feature includes sending basic server info in the error report to help diagnose the problem. You may opt in/out on the setting page.
Plugin usage. You can help the development team improve the functionaly by opting in to use the usage monitioring. This adds an embed for google analytics to send some very basic usage information to help the development team understand which features are used by customers and how often. Default off.
Updates. Four times a day BitFire will request the latest signatures from the BitFire signature API. These signatures are sent over SSL(TLS) and encrypted specifically for each client site.
Malware scanning. When bitfire scans your website for malware it creates signatures for every file on your site. It then compares these signatures against a database of over 10 million WordPress signatures to ensure your file integrity. To do this, BitFire will send the signature values (hashes) of every file to the bitfire malware api. In addition to this, any found differences are compared with the official WordPress code hosted at wordpress.org. When malware is detected it’s signature added to BitFire’s growing malware database for improved detection.
PRO / PREMIUM. The PRO version of BitFire is limited to 10,000 page views per day. If you are using the PRO version and you regularly exceed this usage, a notice will be sent to you and BitFire requesting a license upgrade. This data includes aproximate daily usage per domain.
BitFire includes a complete standard firewall, malware scanning, and unbreakable bot blocking for free. Additional features, including File Write Locking, Redirect Protection, Automated Malware Recovery, and Multi-Factor Authentication, require paid PRO or PREMIUM versions. https://bitfire.co/pricing
BitFire includes outstanding XSS protection, including HTTP headers and content filtering for persistent, reflected, and DOM-based XSS attacks.
Yes. BitFire has advanced SQL parsing similar to MySQL syntax parsing and can understand SQL queries regardless of encoding, injected comments, and other evasion techniques.
If you use WordFence, you should only use the paid version. WordFence has a team monitoring emerging WordPress vulnerabilities and writing custom rules to block specific exploits. They are very good at it and run a great blog on their work. Paying customers receive these virtual patches as soon as they are available. Free customers receive the patches 30 days later. If your website is vulnerable, it is almost guaranteed to be hacked before the patch is available to free customers. Don’t leave your site at risk.
“Better” can be subjective. Our generic attack detection is on-par, if not better. WordFence does not have browser or bot network authentication and can not block many automated attacks. BitFire is the only WordPress plugin offing operating system integrated file-locking and browser enforced redirect protection.
We are also definitely FASTER. WordFence typically doubles page load time, adding 100-200ms to every request on typical dedicated T3 small/medium AWS servers, more for shared environments. BitFire runs under 5ms on similar AWS hardware and near 10ms on shared environments.
We believe BitFire is the only plugin that can effectively protect WordPress sites – and is the only one with a 100% money-back guarantee for paid customers (up to 12 months effective).