Topics Archives:

Why do we need an SSL certificate miner? The WAF module can only listen on HTTP but it needs the SSL Terminating module to be able to listen on HTTPS as well. This module can do this only if it has the SSL certificates of the domains at its disposal. BitNinja has such a cert miner by default ...

If you would like to store the BitNinja logs you need to compress the logs and move it to another location so the log rotation won’t delete the log files. Also, you might need to share logfiles with your sysadmin or with our support ninjas. You can download WinSCP that lets you exchange files ...

Description Suppose an IP-based access control solution is implemented in your web server (back-end server). In that case, the Haproxy used by BitNinja's SslTerminating module can be exploited to push an arbitrary IP address to the backend webserver behind our WAF module, thus bypassing the afor...

You can make the BitNinja captcha page more user-friendly by customizing it. For example, you can include your company logo. This way, users will be more familiar with it The captcha page can be customized on a per-server basis. The default captcha page is stored in the /opt/bitninja/modules/Ca...

Solution Just echo an empty string to the file. echo "" > /var/lib/bitninja/blue.pid.Try to start the BitNinja agent with service bitninja start command If that does not work for some reason: Delete the whole file with the following commandrm  /var/lib/bitninja/blue.pid -y&...

The server’s box is red or yellow on the Dashboard. This means that the BitNinja health checking service could not reach BitNinja on the server Check if BitNinja is running We need to check if BitNinja is running on the server with service bitninja status command BitNinja is runni...

Our developers have added a new tool to our BitNinjaCLI arsenal. The bitninjacli --stats command can show basic statistics about the BitNinja agent. Its intended use is for integration with monitoring solutions. Usage Issue the command in your terminal as bitinjacli --stats this will show ...

With the 2.29.0 version of BitNinja, we introduced the rate limiting feature. This is based on the WAF and SSLTerminating modules. In order to use this feature make sure that the WAF module is enabled and working on the domains, you wish to protect with this feature. You can set a limit for the...

What process is responsible We need to check what process is responsible for the increased load. To do so: Run htop or top command, htop is more user-friendlySort the processes according to memory usagein htop press F6 and select the PERCENT_MEM option at the left side with the arro...

We have to allow listed the most trusted and popular services based on domains a long time ago to make sure our customers have the most secure yet smoothest experience while using BitNinja. However, there were a few services that could not be allow listed based on IP addresses, as their list of IP ...