We added a PCI compliance mode to BitNinja.
PCI (Payment Card Industry) scanning usually refers to quarterly external vulnerability scans that must be performed by a PCI approved vendor. BitNinja might block these screenings as they are similar to malicious scans.
You just need to enable the PCI compliance mode in the IP filter module’s config.
You can copy texts from the video recording below.
- Open the Configuration menu on your BitNinja dashboard.
- Select the setting level on the left side. (server-level, server group-level, account-level)
- Click on the Advanced Modules menu and select the IP Reputation module
- Enable the PCI Compliance mode with the switch icon next to it
- Click on the Apply button at the top of the page
When the pci_compliance value is not 0, direct access to BitNinja services is disallowed. The Port honeypot module will not start if PCI compliance is enabled to make sure it does not block the PCI scanning.
The CaptchaSmtp service will not work either, because visitors won’t be allowed to access the CaptchaHttp ports as it runs a BitNinja service.