We added a PCI compliance mode to BitNinja.
PCI (Payment Card Industry) scanning usually refers to quarterly external vulnerability scans that must be performed by a PCI approved vendor. BitNinja might block these screenings as they are similar to malicious scans.
You just need to enable the PCI compliance mode in the IP filter module’s config.
You can copy texts from the video recording below.
- Find the
[PCI]flag, it is at the beginning of the file
- Delete the semicolon from the beginning of the
- Save the changes and exit the text editor
e.g.: in nano
ctrl+xand then press
yand then press enter
- Restart BitNinja with
service bitninja restartcommand
When the pci_compliance value is not 0, direct access to BitNinja services disallowed. The Port honeypot module will not start if PCI compliance enabled to make sure it does not block the PCI scanning.
The CaptchaSmtp service will not work either, because visitors won’t be allowed to access the CaptchaHttp ports as it runs a BitNinja service.