WAF rules explained - The BitNinja Ruleset
Nikolett Hegedüs

WAF rules explained - The BitNinja Ruleset

In a previous article, we’ve discussed the BitNinja safe minimum ruleset for the BitNinja WAF, that consists of 15 rules from the OWASP Core Ruleset, along with 6 rules from the BitNinja rules category. These rules can be safely enabled on the root location pattern on your server. In the BitNinja Ruleset, there are 5 categories: The Virtual Honeypot category, which has 2 rules The WordPress Backdoor Protection category with 3 rules The Drupal Remote Execution Protection, also with 3 rules The Modx Revolution Remote Execution Protection category with 1 rule The Scanner Detec...
Read more
WordPress hosting and the BitNinja WAF - How to do it right? (Part 3 - The BitNinja safe minimum ruleset)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF - How to do it right? (Part 3 - The BitNinja safe minimum ruleset)

In the preceding articles, I’ve talked a lot about the BitNinja safe minimum ruleset template and how you should enable it on your “/” location (or on “*/wp-admin/*” if needed) if you’re hosting mainly Wordpress websites. So I’d like to give you a little more explanation about the rules that are part of the safe minimum. There are currently 15 rules from the OWASP Core Ruleset in the BitNinja safe minimum ruleset template, after thorough testing and evaluation. These are part of the following categories: Scanner Detection (1 / 5) Protocol Attack (4 / 10) Local File Inclusion (2 /...
Read more
WordPress hosting and the BitNinja WAF: How to do it right? - (Part 2)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF: How to do it right? - (Part 2)

Last time we finished off with the advice that if you’re hosting mainly WordPress websites, you should only enable the BitNinja Safe Minimum ruleset for the “/” location or any other domain pattern that contains “/wp-admin”. So let’s talk a bit more about domain patterns With the BitNinja WAF, we’d like to give you the opportunity to customize your firewall rules with domain patterns (we also call them location patterns, because they are, in fact, nginx location patterns or directives). It’s similar to virtual hosts defined on a web server. Let’s say that you have multiple domains on...
Read more
WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)

We know that our customers care a lot about their own customers, too. Just like we care about you, and about making the internet a safer place. So, with the following series of articles titled “Wordpress hosting and the BitNinja WAF - how to do it right?”, I’d like to help those who work in Wordpress hosting, and would like to use the BitNinja WAF to protect their servers. The BitNinja WAF is a really great tool for security - when used properly. And to use it, you’ll need to understand the terminology that we’re using. So let’s start with the basics, shall we? :) What are rule...
Read more
Watch the new WAF in action
Eniko Toth

Watch the new WAF in action

The beta version of WAF 2.0 is performing much better than we expected. The feedback we’ve been receiving about it is truly fascinating. More and more people are realizing just how powerful this module is. It’s already – effectively protecting – hundreds of servers against SQL injections, XSS attacks, command injections, directory traversal, data leakage and various other types of attacks. Now, we’d like to take the opportunity to show you a 5-minute video that demonstrates how the WAF 2.0 works in real time. Already using this module? That’s great! But maybe we can show...
Read more
Shared hosting provider with 7,000 customers had 0 infections over the past  7 days
George Egri

Shared hosting provider with 7,000 customers had 0 infections over the past 7 days

Our Hungarian web hosting partner, web-server.hu had ZERO website infections – since enabling BitNinja’s new WAF 2.0 module. We caught up with the lead sysadmin to talk to him about his experience with BitNinja. What has been your experience with BitNinja overall? “Before we began using  BitNinja, we had to fight daily battles with hackers. Infected Wordpress, Joomla, Drupal and other accounts were the most commonly affected platforms. Because of the continuous battle with infections and DoS attacks, we hardly had any time left for servers and for development. Since we started using...
Read more
The most common CMS attack types
Daniel Mecsei

The most common CMS attack types

Nowadays, the Internet plays a huge part in our lives. It gets bigger and bigger every day, now it has more than one billion websites. Most of these sites are built with CMS which stands for Content Management System. It is a tool that provides an easy-to-use method for users without any programming skills in creating websites. The most common CMSs are written in PHP because most shared-hosting providers only provide this way to share/operate your website with the community. According to the statistics, WordPress has the largest market share with 52%, followed by Joomla with only 6%. The...
Read more
New versions released
Eniko Toth

New versions released

Eniko Toth
In the last 2 weeks, we released 2 new versions of BitNinja. Let’s take a look at the novelties:    BitNinja version 1.12.10: CaptchaChallenge pages now use 403 status code instead of 200. Good bots will notice it and leave it. This means, that the good bots will recognize our captcha pages, and won’t walk around them. Causing that our already low false-positive rate will be further reduced. WordPress wp-login filter threshold increased to 100 attempt. Our log analyser module (SenseLog) perceives a wordpress page update as a wp-login.php request, so we increa...
Read more
WordPress, Curse or Blessing?
Mariann Csorba

WordPress, Curse or Blessing?

Mariann Csorba
WordPress is the most commonly used blog engine, which is free to use and has an open source code. It is used mainly for the operation of websites, blogs and webshops. If your purpose is to have a great website in a blink of an eye, which you are able to develop later in parallel with the change of unique demands, you have found the best solution. Why is it a blessing? As it gets more and more successful, the number of developers and supporters grow proportionately. They constantly look for bugs, vulnerabilities while they report and fix them. It is easy-to-use, so laymen can al...
Read more

CryptoPHP – stop it with BitNinja

Boglarka Angalet
We have terrific news again: BitNinja is able to directly fight against CryptoPHP malware. But what is this backdoor? And what does it do with your servers? Find out from our blog. What is CryptoPHP? CryptoPHP is a backdoor used for spamming and illegal search engine optimization (blackhat SEO) actions. This script provides remote control to servers for hackers, who can control them through command-and-control (CnC) server communication, mail communication or manual control.   How it works After being installed, it provides access to the web server and hackers become a...
Read more