Websites are the main point of weakness for shared servers. Many botnets specifically target and exploit website vulnerabilities to gain control of a server and use it to launch their automated attacks.
Outdated CMS systems (WordPress, Joomla, Drupal, Magento, etc.) make servers more vulnerable to many different kinds of cyberattacks, such as SQL injection, cross-site scripting (XSS), remote and local file injections, and more. Cleaning infected files can quickly become a full-time job for IT teams managing shared servers, overwhelming their support teams with requests.
INFECTED WORDPRESS, DRUPAL, JOOMLA SITES
FORUM AND BLOG COMMENT SPAMMING
IT TEAM CLEANING INFECTED WEBSITES ON A DAILY BASIS
THE POWER OF THE WAF 2.0
Shared hosting companies have special needs when it comes to server security. With hundreds or thousands of domains hosted on a single server, it can be hard to filter out malicious requests while allowing genuine visitors to connect to your hosted sites.
The most effective way to block website cyberattacks is at the application layer using a Web Application Firewall (WAF). The BitNinja WAF 2.0 operates between visitors’ web browsers and your web server. It’s a very fast reverse proxy which filters all incoming web requests, automatically rejecting any attacks.
The BitNinja WAF 2.0 makes it easy to manage all your firewall settings from one location, and you can also configure the filter level by domain. By using domain-based patterns you can change the strictness level by domain or by URL, blocking malicious traffic and allowing genuine traffic to reach each hosted site. This unique feature is only available with BitNinja and makes life a lot easier when managing shared servers.
To keep you secure from the latest threats, we are constantly patching new kinds of CMS vulnerabilities by adding new WAF rules to the rulesets. We also include automated false positive reporting which allows you to fine-tune the settings if needed, and we guarantee a low false positive rate with the pre-defined rulesets.
How is it different against other WAF solutions?
Besides the server-based settings, you can set the filtration level and the strictness for each domain.
We are constantly creating new WAF rules to patch the different kinds of zero-day CMS vulnerabilities.
FULL TRANSPARENT PROXY
The BitNinja WAF 2.0 module is easy-to-use and doesn’t require any pre-configuration or constant intervention.
The pre-defined ruleset ensures a very low false positive rate. False positive statistics are available for each domain pattern.
WHY OUR USERS LOVE THIS MODULE?
“Before using BitNinja, we used to get at least 4-5 customer complaints every day about how their sites or emails were hacked. Now that number has been 2-3 per month. This also has reduced the amount of time needed for our support to answer tickets and our technical team to clean up the compromised sites.”
“The biggest success we achieved with BitNinja is that we haven’t had a single website attack since we introduced BitNinja. Therefore, our IT team hasn’t had to do a single malware cleanup, which was a daily job for them before.”
“We were getting a lot of complaints about website hacking, code injections, vulnerability exploits or compromised mail servers sending out spam and getting blacklisted, so we needed to find a way to protect them, and fast. That’s when we started using BitNinja and all complaints stopped. The results are amazing: we don’t get any more complaints from customers, our IT engineers’ workload has been reduced, servers are using less resources and uptime has also improved.”
Valicom Net Cloud Services
FREQUENTLY ASKED QUESTIONS
Can I use the BitNinja WAF 2.0 with NGINX?
As BitNinja WAF 2.0 is a local reverse proxy, it can be used with any backend server. We regularly test this module with Apache, NGINX and Litespeed servers to confirm compatibility. Our customers have also achieved great results with other types of backend servers, such as nodeJS, too.
Where can I find the technical documentation?
Does the BitNinja WAF 2.0 work with HTTPS connections too?
Yes, with the help of our special SSL Terminating module which automatically offloads the HTTPS connections without any pre-configuration. This way, BitNinja helps decrease the load of the backend server.
How do you keep the false positive rate low?
After several months of testing, we developed a pre-defined ruleset which achieves the perfect balance between maximum protection and minimum false positives. We also rigorously test each new WAF rule before we release it and our system continuously analyzes every rule to keep the false positive rate low. The false positive rate is determined by the number of successful CAPTCHA challenges.
How do I know which rules need to be enabled?
There are 3 pre-defined rulesets available with different strictness levels, and you can create custom ruleset templates too. Rules can be managed for the whole server or you can create exceptions to configure the WAF rules by specific domains and URLs.
Does the BitNinja WAF 2.0 require any pre-configuration?
By extensively testing with different web servers and confirming each new rule we add to the BitNinja WAF 2.0, it is ready to go “out of the box” without any further configuration needed.
RELATED BLOG POSTS
RACK911Labs.ca security researchers identified a vulnerability in the BitNinja MalwareDetection module. The vulnerability is a symlink attack, allowing a remote attacker to delete root-owned files caused by a race condition in the quarantining process. We have already...
This set of in-depth guides will detail everything you need to know about well-known cyberthreats facing shared hosting providers. In the first chapter, we will cover case examples and some of the vital cybersecurity statistics.
As Truman Fisher, the famous American composer, said: “The pause is as important as the note.” So we paused at the end of the year and took a little break. But we didn’t stop thinking about how to make the Internet a safer place next year. We came back from the...
7-Day Free Trial
START a 7-DAY FREE TRAIL TO ACCESS ALL OUR FEATURES WITHOUT
SPENDING A CENT.
(No credit card required)