Settings Documentation

BitFire Server Settings Enable (block automated scanners)
Firewall Enable
Enable/Disable all Firewall functionalityAlways On Protection
Run BitFire before WordPress. Prevent Firewall bypass and saves server resources. HIGHLY recommended.Allow IP Blocking
Allow blocking IP Addresses when obvious attacks detectedSend HTTP Security Headers
deny frames, disable content sniff, strict cross-originForce SSL 1-year
Force SSL and disable non-SSL for 1 yearBlock Profanity
Replace profanity with !@#$!
BitFire Bot Blocking Alert / Block (block automated scanners)
Require Full Browser
Verify browsers are not bots with a transparent JavaScript challengeBlock Bots not on Whitelist
Over 100 Search Engines and SEO tools included.Quick Block Blacklist Bots
Send immediate deny and IP block to any blacklisted user-agentRate Limit Action
Block / Alert on rate limit hit. (Excludes search engines)5 Minute Rate Limit
5 Minute rate limit (excludes whitelisted bots)Block Direct IP Access
Block spamming direct IP requests. Only allow access to domains on the domain list.
Only allow these domains to access the website (enabled via Block Direct IP Access)
{{valid_domains_html}}
Honeypot URL
Add no-visit to robots.txt, block any IP that visits URL. (leave blank to disable)
Web Application Firewall Features Alert / Block (block automated scanners)
Generic Web Blocking
Block generic attakcs, XXE, SSI, etc, (recommended)Block XSS
Block Cross Site Scripting AttacksBlock SQLi
Block SQL injection attacksBlock Malicious Files
Inspect all file uploads for malicious code
Server Configuration (PHP hosting settings)
Server Side Cache (must have cache or cookies enabled)
CloudFlair (1.1.1.1) or localhost
HTTP response code for block page
IP Address, X-Forwarded, Forward
Disable if server does not support cookies
Log BitFire PHP errors and send to developers

BitFire PRO / PREMIUM Licensing
Check your email for license code after purchase
Uninstall BitFire This will uninstall BitFire from the startup script and remove all files.
The script files can be removed after the php cache expires in 5 minutes