Let’s fix your install issue.

Install Guides

Install Quick Start - For non-WordPress websites or repairing non accessible WordPress site

WordPress Issues

Issues related to installing and running BitFire on WordPress

6 answers

BitFire is compatible with other security plugins and can run in always on mode with other WordPress security plugins. This is NOT a recommended operating mode but is supported. To run both plugins in always-on mode (Optimized mode for WordFence) you must add the additional plugin startup script to BitFire config.ini "auto_prepend_file". For WordFence this would be adding the line auto_prepend_file = '/wordfence-waf.php' to your wp-content/plugins/bitfire/config.ini file.

Did this help solve your issue?

Some hosting providers implement restrictions on that prevent enabling Always-On

Some hosting providers (WPEngine as an example) will not allow normal admin pages to edit the bootstrap process. To bypass this restriction, BitFire will enable "always-on" protection if the plugin is disabled and then re-enabled within 60 seconds. The plugin deactivate and reactive process will tell BitFire to enable Always-On functionality during the activation step which these hosting providers do allow.

Did this help solve your issue?

BitFire standalone is an excellent choice if you are unable to access your WordPress admin panel or if you are Installing outside of a WordPress environment. For normal WordPress users, installing from the WordPress Plugin Repo is best.

Did this help solve your issue?

If you are unable to login the standalone BitFire dashboard, you can reset the admin password by editing the config.ini file in your bitfire directory and setting the password="" entry to the cleartext password you would like to use. BitFire will encrypt this password for you on first use and save it back to the config.ini file.

Did this help solve your issue?

The config.ini is not readable by default to prevent the file from being downloaded. Y ou can update the file permissions in your favorite file editor to read-write for config.ini to edit the file. If you are unable to manually update permissions, you can use the bottom of the settings page to make config.ini readable.

Did this help solve your issue?

If you are still unable to edit the config.ini file and unable to login, you can force a password reset. Create a new file with a single line of your new password in your root web server directory (WordPress root directory) named "bitfire.recovery." (replace with a unique non-guessable random number). If BitFire is unable to authenticate a password, it will look for any file in the root directory with this name format and set the password to whatever is in the file.

Did this help solve your issue?

Bot Blocking

Issues related to bot blocking.

1 answer

There are 2 cases where a bot you want to allow may be blocked. The first is when the bot is claiming to be a real web browser (chrome, firefox, etc). Any request claiming to be a browser will be sent a JavaScript challenge to validate. You can follow the same procedure below for adding whitelisted bots.

To allow a bot, navigate to your BitFire dashboard and go to "Bot Controls" Bots are listed in most recently seen order. If you can't find the bot you are looking for, try switching to "known bots" toggle. Once you have found the bot, use the red dots icon on the right to select how you would like to handle the bot (authenticated ip, any ip, no ip)

Did this help solve your issue?

Related Help Center Categories

If you didn’t find what you needed, these could help!


Connecting with 3rd party apps to exchange data.

0 entries

Security Issues

Solutions for specific security problems.

1 entry


Improving your website speed and reliability.

0 entries