Tools
Pricing
Solutions
Partners
Apps
Blog
FOR DEVELOPERS New
Read FAQ
NEW
Bitrix24 Support
Registration and Login
Bitrix24 Security
Plans and Payments
Getting Started
Employee Widget
Feed
Messenger
Collabs
Calendar
Bitrix24 Drive
Bitrix24 Mail
Workgroups
CoPilot - AI in Bitrix24
Tasks and Projects
CRM
Booking
Contact Center
Sales Center
Analytics
BI Builder
Inventory Management
Marketing
Sites
Online Store
CRM + Online Store
CRM Payment
e-Signature
e-Signature for HR
Employees
Knowledge base
Automation
Workflows
Telephony
Market
Settings
Bitrix24 Messenger
General questions
Bitrix24 On-Premise
Start for free
Log In

Bitrix24 Helpdesk

Bitrix24 Helpdesk
Bitrix24 Security

FAQ: Security

Emily Walker
Author: Emily Walker
Last update: April 23, 2026.

Bitrix24 includes multiple layers of protection to keep your data secure. These include encrypted connections, two-step authentication, IP restrictions, and more. This article answers common questions about security in Bitrix24.

Find more helpful answers in the article: FAQ: Bitrix24 tools.

In this article:


Data protection

Bitrix24 uses multiple layers of security to protect your data and maintain stable performance.

Connection encryption. All data transfers use SSL encryption. This keeps your information secure, even on public Wi-Fi networks.

Two-step authentication. Use one-time codes from the Bitrix24 OTP or Google Authenticator apps. Even if someone gets your password, they won’t be able to access your account.
Enable two-step authentication for Bitrix24 login

File protection. Bitrix24 automatically backs up your files in the cloud. You can restore them if there is hardware failure or a virus.

Proactive protection. Bitrix24 uses a built-in web application firewall (WAF). It blocks most common web attacks and is based on years of security experience.

Security in Bitrix24


Data hosting

Bitrix24 stores data on Amazon Web Services (AWS) servers in:

  • United States (Virginia)
  • European Union (Frankfurt, Germany)

You can also use an on-premise version to host data on your own server.

AWS meets major compliance standards, including HIPAA, GDPR, ISO 27001, SOC 1/2/3, and PCI DSS Level 1.


Login history

You can track login activity in Employees > Time and Reports > Login History.

  • Administrators can view all employee logins.
  • Employees can view only their own activity

Employee login history in Bitrix24

This feature is available on the Enterprise plans.
Bitrix24 plans and pricing

Restrict access by IP address

Admins can allow access to Bitrix24 only from specific IP addresses. This helps prevent access from unknown devices or public networks.
Restrict access to Bitrix24 by IP address

To set up IP restrictions:

  1. Go to Settings (⚙️) > Security.
  2. Select IP address access restrictions.
  3. Add allowed IP addresses.
  4. Choose which employees the rule applies to.
  5. Save the settings.

After that, users can only log in from the listed IP addresses.


Forget login or password

If you can’t access your account, you can restore it.

If you forgot your login:
There are two ways to recover access:

If you forgot your password:

  1. Open the Bitrix24 login page.
  2. Click Forgot password.
  3. Enter your login.
  4. Follow the link sent to your email.
    Recover Bitrix24 password

If you still can’t sign in, contact Bitrix24 support.
Contact Bitrix24 Support


Protection against DDoS attacks

Bitrix24 uses a web application firewall (WAF) to monitor and filter traffic.

It applies protection across all OSI layers, up to Layer 7. This helps stop DDoS attacks quickly without slowing down the system. False positives are rare and stay minimal even during attacks.
Security in Bitrix24

Go to Bitrix24
Don't have an account? Create for free
Bitrix24
Bitrix24
Pricing
Media kit
Contact us
In the press
Support
Helpdesk
Webinars
How-to videos
Contact support
Schedule a demo
Bitrix24 Status page
Resources
Blog
Articles
Solutions
Сustomer reviews
Alternatives
Uses
Research
On-premise
On-premise edition
Free Trial
Download
Installation
Documentation
Apps
Market
Mobile app
Desktop app
API/developers
Google API Services
Partners
Find a partner
Become a partner
Partner login
You can find the Bitrix24 Cloud and Self-Hosted Service Level Agreement here.
© 2026 Alaio
Privacy Overview

Cookies: This website uses cookies for analytical and technical reasons. ‘Analytical Cookies’ are inserted by Google Analytics to help us understand which countries our visitors come from, which pages they visit and what actions they take on this site. ‘Strictly Necessary Cookies’, as the name implies, are a type of cookies that are required for proper functioning of certain features of this website, such as the ability to use live chat. Disabling these cookies will disable access to those features and degrade your website experience.

Cookies of both types can be enabled or disabled within this plugin.

Cookie Settings
Cookie Policy

More information about our Cookie Policy

We use cookies to enhance your browsing experience - Find out more. By continuing to browse this site you are agreeing to our use of cookies. Change your cookie settings.
Got it