New LogAnalysis with 109x speed
Nikolett Hegedüs

New LogAnalysis with 109x speed

New LogAnalysis with 109x speed The former version of SenseLog (which serves our robust LogAnalysis module) has processed the files at the start and observed them if there were any changes in them. It has used a lot of sources for the dates in the log rows. In this version it was necessary because SenseLog had to recognize the changes and had to decide whether it has to to something or not with the changes. The process of log files took longer time because of this. The current version only processing the changes, in the case of delegated logs, SenseLog stands at the end. This way therer...
Read more
HTTP/2 support with BitNinja WAF 2.0
Zoltan Toma

HTTP/2 support with BitNinja WAF 2.0

HTTP/2 support with BitNinja WAF 2.0 The version of bitninja-ssl-termination 1.1.0, which is practically a HAProxy (1.8.9), can handle HTTP2 connections. It will be installed automatically by BitNinja (v 1.20.10) and it will reconfigure the configs for HTTP/2. It only affects the HTTPS connections. HTTP2 over TLS (h2) is supported by all of the modern browsers. Why HTTP/2?  HTTP/2 compared to HTTP/1.1 is far more powerful, it can broadcast requests and answers in parallel, so the browser needs to open only 1 connection to the server instead of 6-8. This connection is far more...
Read more
A more manageable Dashboard
Eniko Toth

A more manageable Dashboard

Imagine Andrew, who has many servers. He doesn’t want sleepless nights worrying about hacker and bot attacks, that’s why he uses BitNinja. His servers are very important to him, so he likes checking up on how BitNinja working on them. Andrew logs into the Dashboard every day, and a few weeks ago, realised that there were some changes. Now, Andrew can track real-time events on the server much easier. Together, let's take a look at how you can find your fave spots, and all the new features with our new layout: „I’d like to get a thorough overview of my servers.” The Card view is a mi...
Read more
New improvements at BitNinja - HTTPS solution
Nikoletta Szabo

New improvements at BitNinja - HTTPS solution

In this article, we would like to summarize our recently released developments, which impact the daily life of our clients. First of all, ... TheHTTPS Captcha: If you enable this feature in your agent, BitNinja will be able to present a Captcha on HTTPS. This will make the IP removal from our greylist possible just by one click not only on HTTP protocol but also on HTTPS. What results can be achieved by using it? Less complaint from your customers about the failure of removal, resulting in a lower load on your support staff Lower false-positive rate How does it work? T...
Read more
1.16.1 Version-645% performance improvement for SenseLog
Nikoletta Szabo

1.16.1 Version-645% performance improvement for SenseLog

This week we released a new version of BitNinja, which contains many significant performance improvements. But what are the changes exactly? We limited the SS usage of our Outbound WAF module. It will only use SS if a malicious request is caught. Its result will be a significant drop in BitNinja's CPU usage. Our SenseLog module has gone under serious optimization. From now on, it only scans logs stored from the last day.This way we can eliminate its slow loading and operation. Great news, this development increased its performance with 645%. Brilliant, isn't it? Multilingual texts...
Read more
New versions released
Eniko Toth

New versions released

Eniko Toth
In the last 2 weeks, we released 2 new versions of BitNinja. Let’s take a look at the novelties:    BitNinja version 1.12.10: CaptchaChallenge pages now use 403 status code instead of 200. Good bots will notice it and leave it. This means, that the good bots will recognize our captcha pages, and won’t walk around them. Causing that our already low false-positive rate will be further reduced. WordPress wp-login filter threshold increased to 100 attempt. Our log analyser module (SenseLog) perceives a wordpress page update as a wp-login.php request, so we increa...
Read more
Release note on 1.12.5 version
Nikoletta Szabo

Release note on 1.12.5 version

Nikoletta Szabo
Today (2016, 07 Nov) we released the newest version of BitNinja. Let’s see what has changed: SenseLog supervisors can be disabled in /etc/bitninja/SenseLog/config.ini CaptchaHttp now checks remote address at connection time From now on the BitNinja captcha is able to determine the performer of the connection in the exact moment when the connection has been established. DosDetection LocalIp filter undefined interface address bug fixed Turkish translation added to CaptchaHttp You can configure your own captcha with the use of our documentation site. Joomla Brute for...
Read more

0-Day Attack – How to protect?

Viktoria Vereb
The holidays are over already, and hackers didn’t sleep at all during that time. Yeah, a critical Joomla vulnerability is on board again. To tell the truth, this 0-day remote command execution vulnerability is already 3-weeks old, but it can still cause headache for owners using versions from 1.5 to 3.4. It is a quite dangerous security hole, maybe the worst type of attack you may face, as hackers can easily manipulate your server this way. And even worse: the patch was released only after 2 days. It has been exploited in the wild. As the BitNinja security system is continuously moni...
Read more

Release note on BitNinja 1.9.2

Boglarka Angalet
Happy Holidays everyone! Most of us are tuned for Christmas time already, but ninjas don’t know free days, as hackers are just getting in their element in the busiest days of the year. So we haven’t wated our time in the last few weeks, but developed some new features and useful things for you. Grab the latest version of BitNinja (1.9.2) and enjoy the hacker-free holidays! Brand new documentation site First of all, an old deficiency was eliminated lately. We released our new documentation site which contains more information about the mechanism behind BitNinja. IP reputation meth...
Read more

BitNinja WAF Beta

Boglarka Angalet
Our Ninja Lab is always full of fantastic ideas and improvements. Sometimes it’s an easy ride to develop a terrific feature, sometimes it takes longer to find the right recipe. Yes, you guessed well, we are talking about the web application firewall module. But thanks to our enthusiastic users’ contribution in development and to our ’never givin’ up’ kind of tech ninjas, WAF Beta is available now for BitNinja 1.8.   Web Application Firewall: a holy grail feature Generally speaking, web application firewalls monitor, filter and block incoming and outgoing traffic on HTTP protoc...
Read more