Topics Archives:

You are here:

Whitelist based on domain

We have whitelisted the most trusted and popular services based on domains a long time ago, to make sure our customers have the most secure yet smoothest experience while using BitNinja. However there were a few services that could not be whitelisted based on IP addresses, as their list of IP addre...

Useful BitNinja commands

In this article, you can see some of the most useful BitNinja CLI commands and their short descriptions. IP management To manage the BitNinja whitelist, greylist, blacklist just use the bitninjacli command, then pass the name of the BitNinja list you would like to manage (--greylist /-...

Start BitNinja Debug mode

By default, the debug mode is disabled in BitNinja. If you wish to enable it you might need to make some modifications in /opt/bitninja/etc/config.php . However, this is a temporary solution as this will be overwritten with every update. If you wish to set up the debug mode in BitNinja: E...

Port honeypot

The Port honeypot module opens fake services on 100 random ports that have no active service running. So the Port honeypot module won’t stop an active service.These fake services mimic open ports so if someone is trying to find an open port to exploit it the IP address will be greylisted. ...

PCI scanning issue

We added a PCI compliance mode to BitNinja.PCI (Payment Card Industry) scanning usually refers to quarterly external vulnerability scans that must be performed by a PCI approved vendor. BitNinja might block these screenings as they are similar to malicious scans. You just need to enable t...

No catches on the Dashboard.

We need to check what causes the issue. Check if BitNinja is running on the server with service bitninja statusIf it says: inactive (dead) then please issue service bitninja startIf Bitninja is running on the server make sure the ports below are open on the server also on the firewalls if yo...

Location header issue

Some applications miss behave behind a proxy. This is why we need to force a redirection to remain https most of the time. Solution This behavior can be changed:You just need to change this line highlighted in the picture: Run these commands as a root user in your server’s terminal t...

How to regenerate SSL certifications

If there is an issue with the SSL termination module like it does not find the right certification, All you need is to regenerate the certs. Just simply run the following commands one by one :  rm -f /opt/bitninja-ssl-termination/etc/haproxy/certs/*rm -f /opt/bitninja-ssl-termina...

How to make a custom SSL certificate miner

Why do we need an SSL certificate miner? The WAF module can only listen on HTTP but it needs the SSL Terminating module to be able to listen on HTTPS as well. This module can do this only if it has the SSL certificates of the domains at its disposal. BitNinja has such a cert miner by default ...

How to download the BitNinja Log

If you would like to store the BitNinja logs you need to compress the logs and move it to another location so the log rotation won’t delete the log files. Also, you might need to share logfiles with your sysadmin or with our support ninjas. You can download WinSCP that lets you exchange files ...