News from Threat Lab: 4+1 New SenseLog rules have been created
Eniko Toth

News from Threat Lab: 4+1 New SenseLog rules have been created

The new year inspired us and brought new vibes to our office. Our tech ninjas are developing several new badass features. Besides the new features, we are also improving our existing modules as well. Last week, the SenseLog module became enriched with 4 new rules and another rule has been updated. Here is a list of them: 1. Apache Magento Downloader (Rule ID: 80_1_021) 2. Apache WP Login Deprecated Firefox User Agents (Rule ID: 80_1_022) 3. Plesk Login Fail (Rule ID: 8443_1_001) 4. LFD Blocked (Rule ID: lfd_1_001) +1  Updated rule: Apache WP XML-RPC Suspicious User Agent (Rule...
Read more
Case Study - How BitNinja Supports Dreamscape Networks’ Mission
Eniko Toth

Case Study - How BitNinja Supports Dreamscape Networks’ Mission

A few years ago, our web hosting company experienced heavy difficulties with the different kinds of cyberattacks. The things became so bad that we started to lose customers because they obviously perceived the consequences of the vulnerable servers. We couldn’t bear it anymore and decided to take over the control of the cyberwar. That’s how BitNinja was born 5 years ago. Our servers became safe and since then our web hosting company is rapidly growing, but that wasn’t enough for us. We have bigger dreams about a better future, where every server owner can forget all those headaches what we...
Read more
How to secure WP-login
Laszlo Takacs

How to secure WP-login

WordPress is the most known CMS in the world currently (WordPress runs 32% of the entire internet), we hear that it is the easiest CMS to handle, to install and to use. Taking all these information into account, we would think that it is safe as a house. Wrong! It might be easy to use, but for this exact reason, it is easy to hack. As it is free, there are many free plug-ins which are usually not up to date, creating weak points. Hackers always tend to exploit vulnerabilities in Plugins, Themes and WP Core. There are many parts where WordPress should be strengthened, now I would like to hig...
Read more
WordPress User Enumeration Attack in Focus
Valentin Balint

WordPress User Enumeration Attack in Focus

If you’re a WordPress user, then this following article is a must for you. However, if you are interested in website vulnerabilities and how they can be attacked, and you wish to upgrade your knowledge about them, you’ve also come to the perfect place as well. In this article, we’ll be talking about the user enumeration attack method, and how you can protect against it if you’re a WordPress user. Attack type A hacker can use user enumeration to get access to a specific application or website by getting the credentials—in the first instance, the usernames—through an attack. If the attacke...
Read more
How to protect your web hosting business during the holiday season attack wave
Boglarka Angalet

How to protect your web hosting business during the holiday season attack wave

For devops in the web hosting business, holiday season is not exactly the most wonderful time of the year. If you’ve ever sneaked out from Christmas dinner to check on your servers’ status, or been woken up by attack alerts when only Santa Claus is supposed to be awake, you know what I mean. The Rise of Holiday Hacking Holiday season is peak period for cyber attacks, and we’ve written about it several times. But we’re not the only ones analyzing historical data and finding any indication of what’s to come. Just taking a look at last year, The SSL Store predicted over 50 millio...
Read more
WAF rules explained - The BitNinja Ruleset
Nikolett Hegedüs

WAF rules explained - The BitNinja Ruleset

In a previous article, we’ve discussed the BitNinja safe minimum ruleset for the BitNinja WAF, that consists of 15 rules from the OWASP Core Ruleset, along with 6 rules from the BitNinja rules category. These rules can be safely enabled on the root location pattern on your server. In the BitNinja Ruleset, there are 5 categories: The Virtual Honeypot category, which has 2 rules The WordPress Backdoor Protection category with 3 rules The Drupal Remote Execution Protection, also with 3 rules The Modx Revolution Remote Execution Protection category with 1 rule The Scanner Detec...
Read more
WordPress hosting and the BitNinja WAF - How to do it right? (Part 3 - The BitNinja safe minimum ruleset)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF - How to do it right? (Part 3 - The BitNinja safe minimum ruleset)

In the preceding articles, I’ve talked a lot about the BitNinja safe minimum ruleset template and how you should enable it on your “/” location (or on “*/wp-admin/*” if needed) if you’re hosting mainly Wordpress websites. So I’d like to give you a little more explanation about the rules that are part of the safe minimum. There are currently 15 rules from the OWASP Core Ruleset in the BitNinja safe minimum ruleset template, after thorough testing and evaluation. These are part of the following categories: Scanner Detection (1 / 5) Protocol Attack (4 / 10) Local File Inclusion (2 /...
Read more
WordPress hosting and the BitNinja WAF: How to do it right? - (Part 2)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF: How to do it right? - (Part 2)

Last time we finished off with the advice that if you’re hosting mainly WordPress websites, you should only enable the BitNinja Safe Minimum ruleset for the “/” location or any other domain pattern that contains “/wp-admin”. So let’s talk a bit more about domain patterns With the BitNinja WAF, we’d like to give you the opportunity to customize your firewall rules with domain patterns (we also call them location patterns, because they are, in fact, nginx location patterns or directives). It’s similar to virtual hosts defined on a web server. Let’s say that you have multiple domains on...
Read more
WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)

We know that our customers care a lot about their own customers, too. Just like we care about you, and about making the internet a safer place. So, with the following series of articles titled “Wordpress hosting and the BitNinja WAF - how to do it right?”, I’d like to help those who work in Wordpress hosting, and would like to use the BitNinja WAF to protect their servers. The BitNinja WAF is a really great tool for security - when used properly. And to use it, you’ll need to understand the terminology that we’re using. So let’s start with the basics, shall we? :) What are rule...
Read more
3rd Drupalgeddon alert! How to be protected with BitNinja?
Eniko Toth

3rd Drupalgeddon alert! How to be protected with BitNinja?

Third critical Drupal vulnerability discovered!!! Those who are running a Drupal website couldn’t have a rest over the past few weeks. This is the third time when Drupal recommends to update these sites. During exploring the previous remote code execution (RCE) vulnerability, the CVE-2018-7600, the team discovered a new RCE vulnerability (CVE-2018-7602). If  you or your customers have Drupal websites and would like to avoid  backdoors, cryptocurrency miners and other malwares, BitNinja is here to  help you! Just make sure your WAF rule #402003 is enabl...
Read more