If you see an error on your screen with a 5xx error the issue might be solved differently based on your configuration or set up.
First, we need to check what kind of error code do you see.
Error 502
If you see this screen when you try to access a domain that is behind CloudFlare while BitNinja is running with the WAF module enabled and the Trusted proxy module enabled.
- Issue
bitninjacli --module=SslTerminating --regenerate - Wait for a minute to make sure the command went trough
- Run
bitninjacli --module=SslTerminating --reload
Then all domains that are behind Cloudflare should be reachable from now.
504 Gateway Time-out
If you see a time-out error 504 from Nginx like on this screenshot we need to increase the timeout threshold in the Nginx config of the WAF 2.0 module.
- Make this directory
mkdir /opt/bitninja-waf/etc/local_configs - Create a
global_proxy.conffile and write the time period required after theproxy_read_timeoutvariable in seconds.
e.g.:echo "proxy_read_timeout 180s;" > /opt/bitninja-waf/etc/local_configs/global_proxy.conf - Reload the WAF 2.0 modules configuration with
bitninjacli --module=WAFManager --reloadcommand - Open the /etc/bitninja/SslTerminating/config.ini file with your preferred text editor. e.g.:
nano /etc/bitninja/SslTerminating/config.ini - Remove the semicolon from the lines below the
[haproxyDefaultSettings]section. The values in the file are increased compared to the default actual values.;timeout[] = 'connect 5000'
;timeout[] = 'client 50000'
;timeout[] = 'server 50000' - Change the values according to your needs. The variables are in milliseconds. (50000ms = 50s)
- Regenerate and reload the SSL terminating module with these two commands:
bitninjacli --module=SSLTerminating --regenerate
bitninjacli --module=SSLTerminating --reload
If You experience any other errors please don’t hesitate to contact us via Chat from the Dashboard or by sending an email to info@bitninja.io.
You can also send us a ticket here.
You can also send us a ticket here.