BitFire Security – Firewall, Malware Scanner, Bot Blocker, Login Protection
BitFire protects WordPress sites from malicious bots, login attacks, malware, and unauthorized changes to files and database records. Free Protection Malware Scanner Scan WordPress core, plugin, and theme files for malware, unexpected changes, and suspicious code. Real-Time Traffic Monitoring Review every request to your site, including who visited, what they accessed, and whether the request was blocked. 30 Days of Traffic History Look back through a full month of traffic data to investigate issues, identify patterns, or better understand how your site is being used. Login Protection Browser verification stops automated login attempts, brute-force attacks, password stuffing, and other suspicious authentication activity. A+ Rated Web Application Firewall Independent third-party testing by Cloudbric rated BitFire’s WAF at 94% (A+). See how it compares: BitFire: 94% (A+) Ninja Firewall [PRO]: 67% (D) Wordfence [PRO]: 41% (D) MalCare [PRO]: 34% (F) iThemes Security: 2% (F) Shield Security [PRO]: 2% (F) SiteGround Security: 2% (F) View the full independent test results at Cloudbric Labs WP-CLI Use BitFire’s WP-CLI integration to start malware scans, review scan results, inspect blocking data, and review web requests to your site. CSV, JSON, and table output formats are supported. BitFire Pro Built for Faster AI-Driven Attacks AI-assisted exploit generation is reducing the time between vulnerability discovery and active attacks. Traditional defenses must wait for patches, signatures, or firewall rules. Runtime Application Self-Protection BitFire’s patented RASP technology monitors sensitive file, database, and network operations during every request. It can prevent: Unauthorized PHP file changes. Unexpected administrator creation. Malicious database modifications. Outbound connections to malicious servers. Redirect and JavaScript injection. Automated Malware Scans Run malware scans up to twice per day, with results emailed to you when a threat is confirmed. Threat Hunter Search traffic, files, database content, processes, and scheduled jobs for signs of compromise or reinfection. 360-Degree Coverage Load BitFire before the WordPress boot process to stop attacks that target plugin and theme files directly. Human Support This is what makes BitFire different from the big-name security plugins: when you need help, you talk to a real person. Our US-based support team is available 12 hours a day. No ticket queues that take days. No chatbots. No copy-and-paste answers. Just experienced people who will help make sure your site is secure. Whether you need help with setup, have a question about a blocked request, or want someone to examine a suspicious file, we are here. Pricing Free $0 forever. Bot blocking, malware scanning, login protection, and real-time traffic monitoring. Everything you need to stop the vast majority of automated attacks. Pro – Single Site $60/year. Full RASP protection, an A+ rated WAF, AI malware analysis, 30-day traffic logs, and priority human support. Pro – Multi-Site Volume Pricing Managing multiple sites? The more you protect, the less you pay: 2-4 sites: $50/site per year 5-9 sites: $45/site per year 10-24 sites: $35/site per year 25-49 sites: $25/site per year Volume pricing is ideal for freelancers, agencies, and anyone managing WordPress sites for clients. Contact us for volume licensing. How BitFire Compares BitFire vs Wordfence Wordfence is a solid product with a large team writing custom rules for known vulnerabilities. One important difference is how BitFire handles automated traffic: Bot blocking – WordPress cannot reliably distinguish human traffic from automated traffic on its own. BitFire is designed to identify and block malicious bots before they can exploit or infect your site. If you use Wordfence, we strongly recommend using the paid version. Read the detailed BitFire vs Wordfence comparison Why Do Other Plugins Focus So Much on Cleaning Up Malware? Good question. Have you noticed how much other security plugins charge for malware removal and how much of their marketing focuses on finding infections? BitFire focuses on keeping malware off your site so you do not need to pay someone to remove it. Privacy / Monitoring / Data Collection We take your privacy seriously. Here is exactly what BitFire does with your data: Traffic inspection. BitFire inspects web traffic to your site to identify threats. Sensitive data, such as passwords and credit card numbers, is automatically replaced with redacted in logs. You can add additional fields to filter in the settings. Error reporting. If BitFire encounters a software error, it can send a report to our development team so we can fix it in a future release. No visitor data is included in these reports. Malware hash checking. BitFire sends small numeric fingerprints, known as 64-bit hashes, of your files to our hash server to compare them against our database of known-good files. For example, a file might hash to the number 812612388126487. We never receive your actual file contents, and file hashes are not stored on our servers. Local data storage. All log data and configuration files are stored locally on your server in a hidden, randomly named directory under wp-content/uploads/. This directory is protected by an .htaccess file and is not accessible from the web.
Top keywords
- bitfire18×2.20%
- malware12×1.46%
- site12×1.46%
- traffic11×1.34%
- data8×0.98%
- file7×0.85%
- files7×0.85%
- pro7×0.85%
- sites7×0.85%
- attacks6×0.73%
- automated5×0.61%
- database5×0.61%
NinjaScanner – Virus & Malware scan
A lightweight, fast and powerful virus scanner for WordPress. NinjaScanner is a lightweight, fast and powerful virus scanner for WordPress which includes many features to help you scan your blog for malware and virus. Features File integrity checker. File comparison viewer. Exclusion filters. File snapshot. Database snapshot. Anti-malware/Antivirus. Sandbox for quarantined files. Ignored files list. Google’s Safe Browsing Lookup API. Background scans. Scheduled scans (Premium). WP-CLI integration (Premium). Debugging log. Email report. Integration with NinjaFirewall (WP and WP+ Edition). Multi-site support. Contextual help. And many more… File Integrity Checker The File Integrity Checker will compare your WordPress core files as well as your plugin and theme files to their original package. Its File Comparison Viewer will show you the differences between any modified file and the original. You can also add your Premium themes and plugins to the File Integrity Checker. Infected or corrupted files can be easily restored with one click. File Snapshot The File Snapshot will show you which files were changed, added or deleted since the previous scan. Database Snapshot NinjaScanner will compare all published posts and pages in the database with the previous scan and will report if any of them were changed, added or deleted. Anti-Malware Signatures You can scan your blog for potential malware and virus using the built-in signatures. The scanning engine is compatible with Linux Malware Detect LMD (whose anti-malware signatures are included) and with some ClamAV signatures as well. You can even write your own anti-malware signatures. NinjaFirewall Integration If you are running our NinjaFirewall (WP or WP+ Edition) web application firewall plugin, you can use this option to integrate NinjaScanner into its menu. Fast and Lightweight Scanner NinjaScanner has strictly no impact on your database. It only uses it to store its configuration (less than 1Kb). It saves the scan data, report, logs etc on disk only, makes use of caching to save bandwidth and server resources. It also includes a Garbage Collector that will clean up its cache on a regular basis. Background Scans Another great NinjaScanner feature is that it runs in the background: start a scan, let it run and keep working on your blog as usual. You can even log out of the WordPress dashboard while a scanning process is running! You don’t have to wait patiently until the scan has finished. Additionally, a scan report can be sent to one or more email addresses. Sandbox for quarantined files When moving a file to the quarantine folder, NinjaScanner can use a testing environment (a.k.a. sandbox) to make sure that this action does not crash your blog with a fatal error. If it does, it will warn you and will not quarantine the file. It is possible (but not recommended) to disable the sandbox. Advanced Settings NinjaScanner offers many advanced settings to finely tune it, such as exclusion filters, selection of the algorithm to use, a debugging log etc. Privacy Policy Your website can run NinjaScanner and be 100% compliant with the General Data Protection Regulation (GDPR): We, the authors, do not collect, share or sell personal information. We don’t track or profile you. Our software does not collect any private data from you or your visitors. Premium Features Check out our NinjaScanner Premium Edition Scheduled Scans: Don’t leave your blog at risk. With the scheduled scan option, NinjaScanner will run automatically hourly, twice daily or daily. WP-CLI Integration: Do you own several blogs and prefer to manage them from the command line? NinjaScanner can nicely integrate with WP-CLI, using the ninjascanner command. You can use it to start or stop a scanning process, view its status, its report or log from your favourite terminal, without having to log in to the WordPress Admin Dashboard. Dedicated Help Desk with Priority Support