WAF 2.0 Module

Estimated reading time: 1 min

The WAF 2.0 module blocks web-based attacks before they reach the server. If a well-aimed web-based attack, like a PHP code injection, reaches the server, it will cause serious issues.

The new Nginx processes
The WAF 2.0 module utilizes Nginx as a reverse proxy to filter incoming requests. As a result, you may observe Nginx processes in the terminal. This setup does not interfere with your existing web server operations

Also, the most popular CMSes and their plugins, like WordPress or Drupal, have many vulnerabilities that can be fixed easily with the BitNinja WAF module.

Custom domain patterns

You can now define custom domain pattern rules at both the Server and Server Group levels. This allows consistent rule application across multiple servers within a group.
If you have a domain pattern with a custom ruleset on both levels, the Server level ruleset will apply only on the incoming requests.

A great benefit of domain-based rule management is that you don’t have to specify rulesets for every domain if you want to protect a URI that is available in many domains. 
If you would like to get rules for every WordPress admin page on the server, you don’t have to go through every domain like domain-one.com/wp-admin/ and domain-two.com/wp-admin/ and set the same rules for them one by one.
You can get the job done by setting up the rules on a domain pattern that looks like this: */wp-admin/*

A pattern is a regular expression. The * character is a wildcard, meaning any number or character. It’s essential that before the first /, there is the domain information, and after the first /, you can type the URI.  
Here are some examples of the different kinds of domain patterns:

If you need more information about the module, please check out these links:
https://bitninja.com/blog/waf-guide-patch-wordpress-vulnerabilities-block-web-attacks/

https://doc.bitninja.io/docs/Modules/waf2

Was this article helpful?
It was not helpful
Views: 1055