Topics Archives:

WAF 2.0 Module

The WAF 2.0 module blocks web-based attacks before they reach the server. If a well-aimed web-based attack, like a PHP code injection, reaches the server, it will cause serious issues. Also, the most popular CMSes and their plugins, like WordPress or Drupal, have many vulnerabilities that ca...

The WAF module is not working

If the pre-requirements are met but the WAF module is still not running we will need to check a few things. Connections from localhost The web server has to accept connections from 127.0.0.1 to http://<server_IP>:80 and to https://<server_IP>:443 in order for the WAF module to...

Set up X-Forwarded-For in Plesk

In Plesk, the X-Forwarded-For header is already included with all IP addresses of the server in the configuration files of all web server applications. If remoteip is not enabled yet, you need to enable remoteip. from Plesk. Go to Tools and settings Apache Web Server Tick in remoteip’...

Set up X-Forwarded-For in cPanel/WHM

If you are using cPanel/WHM please make sure to open/allow the 60418 port on TCP on your server and on the firewall in front of it (if there is one). It is required for the CaptchaHTTPS service. This header needs to be set up in your web server used to serve your domains. Please insert y...

Set up X-Forwarded-For

How to set up DNAT redirection mode for the WAF 2.0 module:    Step-by-step guide: Open the Configuration menu on your BitNinja dashboard. Select the setting level on the left side. (server-level, server group-level, account-level) Select the WAF 2.0 module on the l...

My website is down when BitNinja is running (Error 502 /504)

First, we need to check what kind of error code you see. Backend webserver Unreachable When BitNinja displays a "Backend webserver Unreachable" error, it means the Web Application Firewall (WAF) is unable to connect successfully to your web server. This can be caused by various system...

My server has private IP address(es) only

By default, WAF 2.0 will only create port redirections for public IPs. However, it can be set to observe on the private interface. It can happen, that your server does not have a public interface, in this case, there are more possibilities It is also required if there is a gateway in front...

Manual certificate mapping

Since version 3.7.7 you can manually add each domain's SSL cert's location if necessary.In this guide, we will walk you through manually setting up cert mapping. You'll need to locate the cert and key files to get started. Open the Configuration menu on your BitNinja dashboard. Select...

Location header issue

Some applications miss behave behind a proxy. This is why we need to force a redirection to remain https most of the time. Solution This behavior can be changed:You just need to change this line highlighted in the picture: Run these commands as a root user in your server’s terminal t...

I don’t use any control panel

Apache Open your Apache configuration file with your favourite text editor. Insert the following lines at the end of the httpd.conf or apache2.conf file. On Debian you can find the configuration file usually at /etc/apache2/httpd.conf or at /etc/apache2/apache2.conf The loc...