We added a PCI compliance mode to BitNinja.
PCI (Payment Card Industry) scanning usually refers to quarterly external vulnerability scans that must be performed by a PCI approved vendor. BitNinja might block these screenings as they are similar to malicious scans.
You just need to enable the PCI compliance mode in the IP filter module’s config.
You can copy texts from the video recording below.
- Open
/etc/bitninja/IpFilter/config.ini
nano /etc/bitninja/IpFilter/config.ini
- Find the
[PCI]
flag, it is at the beginning of the file - Delete the semicolon from the beginning of the
pci_compliance=1
line - Save the changes and exit the text editor
e.g.: in nanoctrl+x
and then pressy
and then press enter - Restart BitNinja with
service bitninja restart
command
When the pci_compliance value is not 0, direct access to BitNinja services disallowed. The Port honeypot module will not start if PCI compliance enabled to make sure it does not block the PCI scanning.
The CaptchaSmtp service will not work either, because visitors won’t be allowed to access the CaptchaHttp ports as it runs a BitNinja service.