Topics Archives:

How to test whether WAF 2.0 module is running

If you have enabled the WAF 2.0 module after the pre-requirements are met, you can test whether WAF 2.0 module is running okay. Check whether the WAF module can be triggered on one of the domains The easiest way to test whether the BitNinja WAF 2.0 module is working okay is, to add /?test=/...

How to set up the WAF module

Let's enable the Full transparent proxy mode in the WAF module. From version 2.29.5 if the BitNinja agent was installed via the one-liner installation command then the transparent proxy mode is enabled in the WAF module by default. In which case you just need to enable the WAF module. Please ...

How to set up the Transparent proxy mode

Enabling the Transparent proxy mode in the WAf 2.0 module allows you to see the real IP addresses behind the WAF module instead of the server’s own IP address(es) without setting up the X-Forwarded-For header in your web server. Instructions We need to set this up in the WAF mod...

How to make a custom SSL certificate miner

Why do we need an SSL certificate miner? The WAF module can only listen on HTTP but it needs the SSL Terminating module to be able to listen on HTTPS as well. This module can do this only if it has the SSL certificates of the domains at its disposal. BitNinja has such a cert miner by default ...

BitNinja rate limiting

With the 2.29.0 version of BitNinja, we introduced the rate limiting feature. This is based on the WAF and SSLTerminating modules. In order to use this feature make sure that the WAF module is enabled and working on the domains, you wish to protect with this feature. You can set a limit for the...