How to set up the Transparent proxy mode

You are here:
Estimated reading time: < 1 min

Enabling the Transparent proxy mode in the WAf 2.0 module allows you to see the real IP addresses behind the WAF module instead of the server’s own IP address(es) without setting up the X-Forwarded-For header in your web server.

Instructions

Enable the WAF module

You can enable the module from the Dashboard by clicking on the server’s card and then clicking on Setting. You just need to click on the switch icon next to the WAF 2.0 module.
Do You or your customers use any CDN or proxy?

If yes, then please also enable the Trusted Proxy module from the Dashboard. You can find it by clicking on the server’s card and then clicking on Setting.

We need to set this up in the WAF module’s config file.

  1. Open /etc/bitninja/WAFManager/config.ini with your preferred text editor.
    e.g.: nano /etc/bitninja/WAFManager/config.ini
  2. Find the [redirect_options] flag in the file
    1. e.g.: in nano use ctrl+w then type [redirect
  3. Delete the semicolon (;) from the beginning of the redirection_mode = 'transparent' line
  4. Save changes and exit the text editor
    1. e.g.: in nano ctrl+x and then press y and then press enter
  5. Restart BitNinja with service bitninja restart
Let’s check if the WAF module is working properly.

The easiest way to test whether the BitNinja WAF 2.0 module is working okay is, to add /?test=/etc/passwd after one of the domain’s URL in the browser. The WAF module should stop the request as it is a local file inclusion attempt.

It didn’t work for me

Don’t give up!

Settings
You can reach the WAF module’s settings by clicking on the Firewall menu point ta the top then select the Web Application Firewall menu point.
Views: 1101