Disable the Transparent mode in the WAF module
As of BitNinja version 2.29.5, the default redirection mode in the WAF module is the transparent mode. So if you wish to use the X-Forwarded-For header in your web server you will need to disable the transparent mode in the WAF module’s config file. You can do that by adding a semicolon in front of the redirection_mode = 'transparent'
line in the /etc/bitninja/WAFManeger/config.ini
file.
Step-by-step guide:
- Open /
etc/bitninja/WAFManager/config.ini
with your preferred text editor.
e.g.:nano /etc/bitninja/WAFManager/config.ini
- Find the
[redirect_options]
flag in the file- e.g.: in nano use
ctrl+w
then type [redirect
- e.g.: in nano use
- Add the semicolon (;) to the beginning of the
redirection_mode = 'transparent'
line - Remove the semicolon (;) from the
;redirection_mode = 'dnat'
line - Save changes and exit the text editor
- e.g.: in nano
ctrl+x
and then pressy
and then press enter
- e.g.: in nano
- Restart BitNinja with
service bitninja restart
Now proceed with setting up the X-Forwarded-For header.
To assist you better please select your control panel below.
If you use any sort of CDN or Proxy in front of the server. Or your users use CDN services then we will need to set up the X-Forwarded-For header to enable the BitNinja agent to see the real IP addresses of the visitors.
Enable Trusted Proxy
You will also need to enable the Trusted Proxy module from the Dashboard and add the proxy’s IP address or the CDN’s IP ranges. You can do that here: https://admin.bitninja.io/trustedProxy
You can add all the IP ranges in one go if you separate them with a comma and space.
You will also need to enable the Trusted Proxy module from the Dashboard and add the proxy’s IP address or the CDN’s IP ranges. You can do that here: https://admin.bitninja.io/trustedProxy
You can add all the IP ranges in one go if you separate them with a comma and space.