Enabling the Transparent proxy mode in the WAf 2.0 module allows you to see the real IP addresses behind the WAF module instead of the server’s own IP address(es) without setting up the X-Forwarded-For header in your web server.
Instructions
Enable the WAF module
You can enable the module from the Dashboard by clicking on the server’s card and then clicking on Setting. You just need to click on the switch icon next to the WAF 2.0 module.
You can enable the module from the Dashboard by clicking on the server’s card and then clicking on Setting. You just need to click on the switch icon next to the WAF 2.0 module.
Do You or your customers use any CDN or proxy?
If yes, then please also enable the Trusted Proxy module from the Dashboard. You can find it by clicking on the server’s card and then clicking on Setting.
If yes, then please also enable the Trusted Proxy module from the Dashboard. You can find it by clicking on the server’s card and then clicking on Setting.
We need to set this up in the WAF module’s config file.
- Open /
etc/bitninja/WAFManager/config.iniwith your preferred text editor.
e.g.:nano /etc/bitninja/WAFManager/config.ini - Find the
[redirect_options]flag in the file- e.g.: in nano use
ctrl+wthen type [redirect
- e.g.: in nano use
- Delete the semicolon (;) from the beginning of the
redirection_mode = 'transparent'line - Save changes and exit the text editor
- e.g.: in nano
ctrl+xand then pressyand then press enter
- e.g.: in nano
- Restart BitNinja with
service bitninja restart
Let’s check if the WAF module is working properly.
The easiest way to test whether the BitNinja WAF 2.0 module is working okay is, to add
The easiest way to test whether the BitNinja WAF 2.0 module is working okay is, to add
/?test=/etc/passwd after one of the domain’s URL in the browser. The WAF module should stop the request as it is a local file inclusion attempt. It didn’t work for me
Don’t give up!