Let’s enable the Full transparent proxy mode in the WAF module.
From version 2.29.5 if the BitNinja agent was installed via the one-liner installation command then the transparent proxy mode is enabled in the WAF module by default. In which case you just need to enable the WAF module.
Please follow this guide on how you can test if the WAF module is working properly.
In the 2.17.0 and above BitNinja agent versions the WAF module can now work in a fully transparent mode. With the fully transparent mode enabled you don’t need to set up the X-Forwarded-For header even if you use a CDN or proxy.
Using the fully transparent mode might not work in some instances. In these cases, you need to set up the good old X-Forwarded-for header in your web server.
The WAF module is a great tool to protect your server from botnets and from web-based attacks.
After you set up this module you will be protected against:
- CMS vulnerability exploits
- CMS plugin exploits
- Cross-site scripting
- SQL injections
- PHP injections
- Botnet attacks
- And much more.