The WAF module is not working

You are here:
Estimated reading time: < 1 min

In the WAF module’s case, there are pre-requirements that need to be met. Please check if the required settings are done.

You can check these settings in this GUIDE.

If the pre-requirements are met but the WAF module is still not running we will need to check a few things.

Are all IP addresses of the server added to the X-Forwarded-For header?

Issue this command: ifconfig and you will see all IP addresses of your server.

If not all IP addresses are added then please follow the guide here and all IP addresses of your server separated by space.

Have you set up the Transparent Proxy mode in the WAF module instead of the X-Forwarded-For header in your webserver?

This mode of the WAF module is in the beta phase, so we recommend setting up the X-Forwarded-For header in your webserver.In this case please try to set up the X-Forwarded-For header following this guide:

How to set up the WAF module

The network interface facing the internet has only a Private IP address?

Issue the ifconfig command. This will show your server’s IP addresses.

If the IP addresses are within one of the ranges below then please follow this guide HERRE. – – – 

Does your server have multiple network interfaces?

In this case, adding your network interfaces to the WAF module’s config might solve the issue. This is because the WAF module might not detect all the network interfaces of the server.

In this article, you can find a step-by-step guide on how to add the network interfaces of your server. You can find the guide here.

Are the required ports open?

If the ports below are not open then BitNinja will not work correctly.Please make sure these ports are open.
ProtocolPortBitNinja module(s)
TCP60412CaptchaHttp, CaptchaSmtp
TCP60210CaptchaFtp (active)
TCP60211-60250CaptchaFtp (passive)

Is the bitninja-sslt module running?

How to check this

Check if the services are running: ps aux|grep haproxy

Check if the process is present:e netstat -lntp |grep bitninja-ss

Are the SSL certs found by the BitNinja cert miner?

Check these files below if they have the correct data. And if they contain the domain.
/var/lib/bitninja/ConfigParser/getCerts-report.json and

In the /opt/bitninja-ssl-termination/etc/haproxy/cert-list.lst file the first element will be the pem files location. Check if it is the correct pem file.

Recollecting the certs might solve the issue.
Run this command to recollect the certs: /opt/bitninja/modules/Cli/scripts/ 

Still not working?

Send a ticket to our Support Ninjas.

Please include the output of the following commands in the ticket:
netstat -lntp | grep -E '60300|60301' ; iptables -S -t nat | grep -E 'BN_WAF_REDIR'
ps aux|grep haproxy
netstat -lntp |grep bitninja-ss
Views: 179