Cory Marsh

hi! Sorry for the late reply, I have been working with the team to fully open source the software. We will be providing a PRO setup and maintenance package for enterprise clients and improving the documentation for smaller clients.

#1 Since you are using this free version of the software, not all blocking functionality is supported. However we have realized over the last 2 years, that only 0.04% of users are willing to pay the $128 for web security. This isn’t enough revenue to justify development of the software. As I said all functionality will be opensourced and we will be providing documentation for free clients and the development will be supported by our professional services for our enterprise clients. Expect these changes to occur over the next month as we release more features and documentation.

#2 The CPU usage spikes to 100% because of the spinning OpenGL globe. Your system likely does not have hardware OpenGL support and is struggling to keep up with the 60fps animation. Clicking on any row in the dashboard list will freeze the animation and should drop your CPU usage back to normal levels. Let me know if you are seeing something else.

Thank you for providing feedback and posting this issue. Please do not hesitate to reach out again!

kind regards,

Cory

Closing as fixed in 4.0. All core search engine (Google, Bing, automattic, duck duck, etc ..) IPS also hard coded to skip DNS lookups for these bots.

Closing as fixed in 4.0.7

my mistake, still haven’t switched email domains yet. use: [email protected]

First, thank you so much for the feedback I really appreciate it.

This is a little bit misleading, and you are correct that those are legit googlebots. I’m not entirely sure why they are listed as “unknown” here. Possibly a connectivity issue to the main BitFire bot database when the requests came in.

Look at the “hit” count; that is the number of times the bot was passed through the firewall. The “miss” count is the number of times the bot was blocked. You can see that it is passing the traffic.

Version 4.0 should be released in the next few days and is about 3 months of work rewriting the browser identification. We have added over 180 browsers, 3,000 bots, and agent fingerprinting from over 2,000 devices to identify the library used to make the request uniquely. In addition, we have city-level IP geo-tracking, a new binary log that can show every request to the website, extended the logging to over 32,000 requests, and completely overhauled the bot identification system.

The pricing model is also changing. See: https://bitfire.co/pricing2. I’d like to send you a free gift for providing this feedback. Send an email to [email protected]

If there is anything you would like me to take a look at I would be happy to discuss with you!

Kind regards, Cory

fixed in version 3.4

I am marking this as resolved in release 2.3.4.

Please reach out to me at the email I posted for that license copy.

Best regards,
Cory

Hi Bryan. Sorry, you ran into this issue and for getting back to you late. I’d like to offer you a free 6-month premium license key since you ran into this issue.

There was a problem with the 2.3.1 release, which was not corrected for about a day and has been resolved on the latest release (2.3.4).

Please send me an email to “cory @ bitslip6.com” and I can send you a license key. I can also offer install help and a free security checkup if you are interested.

Best regards!

hi @soferod

Looks like you need to restore your .htaccess file. the rewrite rule to redirect your pages to /index.php is missing.

https://www.apsenoticias.cr/index.php is up and running right now.

it should look something like this:

# BEGIN WordPress

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

The security plugin bitfire can force your site to SSL only if you wish. It also has some other really nice security features for protecting your website. Let me know if I can help you at all with your site.

Best regards,
Cory

Hi @tazling, Sorry to hear you are dealing with this issue. I have a few suggestions.

1: you mentioned you are using wordfence? First make sure you have a strong password on the account(s) in question. Next disable the login rate limiter in wordfence. This should allow you to login. Then, enable multi factor authentication (2FA) for your admin accounts. 2FA should keep your accounts secure without the need to rate limit login attempts.

2: There is a new security plugin (bitfirebitfire) which will show you any installed plugins that have known security issues. It takes just a second to check and you can find out if you have any known security issues on your site. It is available in the wordpress plugin directory.

3: Run a malware scan. BitFire includes an extremely fast malware scanner. Or if you have the time, you can use the WordFence malware scanner to check your site for any file modifications.

4: If you use BitFire you can enable the automated bot blocking (toggle the “full browser required” option in the settings page) to send JavaScript challenge that will prevent bots from accessing your site at all. BitFire also includes SMS based multi factor authentication to secure your admin accounts.

Let me know if you have any questions or I can help you in any way. If you currently have a paid security plugin (like WordFence premium) I can offer you a discount code for a BitFire PRO license pro-rated for your current licence term. BitFire has file locking which prevents php file modifications by hackers and has a full money back guarantee if your site is ever compromised. Email me at cory at bitslip6 .com

Kind regards,
Cory

• This reply was modified 2 years, 4 months ago by Cory Marsh.

Hi @rcosmos

There is a security plugin called bitfire which will notify you of any installed plugins which have known security vulnerabilities. It compares all of your installed themes and plugins against over 3,500 known vulnerabilities and will notify you on the plugin list of your site if you have any known vulnerabilities.

BitFire also includes the best malware scanner available and a host of other features including file locking which prevents any file modifications to your core files, themes or plugins.

All the best. Let me know if I can assist you in your malware recovery effort.