Websites are the main point of weakness for shared servers. Many botnets specifically target and exploit website vulnerabilities to gain control of a server and use it to launch their automated attacks.
Outdated CMS systems (WordPress, Joomla, Drupal, Magento, etc.) make servers more vulnerable to many different kinds of cyberattacks, such as SQL injection, cross-site scripting (XSS), remote and local file injections, and more. Cleaning infected files can quickly become a full-time job for IT teams managing shared servers, overwhelming their support teams with requests.
“Before using BitNinja, we used to get at least 4-5 customer complaints every day about how their sites or emails were hacked. Now that number has been 2-3 per month. This also has reduced the amount of time needed for our support to answer tickets and our technical team to clean up the compromised sites.”Rabi Hanna
THE POWER OF THE WAF 2.0
The most effective way to block website cyberattacks is at the application layer using a Web Application Firewall (WAF). The BitNinja WAF 2.0 operates between visitors’ web browsers and your web server. It’s a very fast reverse proxy which filters all incoming web requests, automatically rejecting any attacks.
The BitNinja WAF 2.0 makes it easy to manage all your firewall settings from one location, and you can also configure the filter level by domain. By using domain-based patterns you can change the strictness level by domain or by URL, blocking malicious traffic and allowing genuine traffic to reach each hosted site. This unique feature is only available with BitNinja and makes life a lot easier when managing shared servers.
To keep you secure from the latest threats, we are constantly patching new kinds of CMS vulnerabilities by adding new WAF rules to the rulesets. We also include automated false positive reporting which allows you to fine-tune the settings if needed, and we guarantee a low false positive rate with the pre-defined rulesets.
Besides the server-based settings, you can set the filtration level and the strictness for each domain.
We are constantly creating new WAF rules to patch the different kinds of zero-day CMS vulnerabilities.
FULL TRANSPARENT PROXY
The BitNinja WAF 2.0 module is easy-to-use and doesn’t require any pre-configuration or constant intervention.
The pre-defined ruleset ensures a very low false positive rate. False positive statistics are available for each domain pattern.
WHY DO OUR USERS LOVE THIS MODULE?
“Before using BitNinja, we used to get at least 4-5 customer complaints every day about how their sites or emails were hacked. Now that number has been 2-3 per month. This also has reduced the amount of time needed for our support to answer tickets and our technical team to clean up the compromised sites.”
Valicom Net Cloud Services
FREQUENTLY ASKED QUESTIONS
Can I use the BitNinja WAF 2.0 with NGINX?
Where can I find the technical documentation?
Does the BitNinja WAF 2.0 work with HTTPS connections too?
How do you keep the false positive rate low?
How do I know which rules need to be enabled?
Does the BitNinja WAF 2.0 require any pre-configuration?
What happens if the WAF blocks a human visitor?
When a request triggers a firewall rule on a specific domain, the IP address of the request will be greylisted to prevent any immediate attacks on your server. If it is a genuine request made by a human visitor, they will see the BitNinja confirmation page where we inform them about what happened. They can then visit the original website with one click and their IP address will be removed from our greylist. If you see repeated requests in the WAF logs, you can fine-tune the settings by creating a domain pattern and disabling the associated WAF rule for that domain.
BUILD YOUR SECURITY
START THE 7-DAY FREE TRIAL WITH FULL FUNCTIONALITY
WITHOUT SPENDING A CENT.
(No credit card required)