Slack Integration - Create your own BitNinja alerts
Boglarka Angalet

Slack Integration - Create your own BitNinja alerts

Back in October, we collected your feedback about our upcoming chat integration. As 59% of you asked for notification options for Slack to ease your daily job, we started working on that soon and here we come with the result. We're happy to announce BitNinja's Slack integration! We know every team works with a handful of systems on a daily basis and you don’t always have the time to check if anything happened at the BitNinja Dashboard. But now you can receive notifications to your Slack workspace and channels about important security events happening on your servers. With...
Read more
WordPress Hosting Protected by BitNinja - Case Study with Mijn Websitehosting
Boglarka Angalet

WordPress Hosting Protected by BitNinja - Case Study with Mijn Websitehosting

WordPress is by far the most popular CMS today. However, this popularity has an unfortunate side effect of also making WordPress sites extremely exposed to potential attacks. It means quite a huge challenge to web hosting providers to keep the hackers out of their business. Fortunately, this task is not impossible.   https://kinsta.com Our great partner, Mijn Websitehosting has over 14 years of expertise in this field and chose BitNinja to help them successfully protect their customers.  Read on to learn about their struggles, before they stepped on the road...
Read more
(D)DoS attack - How does it work and how will BitNinja stop it?
Nikolett Hegedüs

(D)DoS attack - How does it work and how will BitNinja stop it?

100% server uptime... Every hosting company is dreaming about it as nowadays when there are countless service providers, customers will choose the one which grants reliability. What happens when a website is inaccessible? It’s always painful for the website owner, the visitors and for the hosting company. There could be many reasons behind it, but maybe the most annoying is when it happens because of a DoS attack. What is DoS? DoS stands for Denial of Service: it’s a type of attack that could render web servers unresponsive - meaning they won’t be able to serve HTTP requests. So users ca...
Read more
Manual Malware Scan – It's now available on the Dashboard
Eniko Toth

Manual Malware Scan – It's now available on the Dashboard

As a server owner, have you ever had an experience where one or more of the websites hosted by you were reported as a phishing website? Another common issue to get blacklisted on different lists or getting abuse reports which inform you that your servers are attacking other nodes. Perhaps this fact that we’re telling you isn’t new, which is the source of the outgoing attacks is an infection. A lot of hosting providers are frightened when they hear the word „malware,” and they have the reason for getting afraid. Malware is in the spotlight ELK Cloner was the very first malware (previou...
Read more
New security feature against phishing sites
Boglarka Angalet

New security feature against phishing sites

Cybercriminals can easily attempt to break into shared hosting environments to use their resources for different types of attacks. Phishing is one of the most irritating forms, where the provider, the website owner and all of their visitors are affected. These attacks also highlight the responsibility of hosting providers, and that’s why we have just launched BitNinja’s new anti-phishing feature, to give a new weapon in your hands for fighting the hackers. Why phishing? Phishing is quite an old-school hacker technique, which seems to never go out of fashion. Since the technique simply...
Read more
Defense Robot – The breakthrough innovation for the cybersecurity market
Eniko Toth

Defense Robot – The breakthrough innovation for the cybersecurity market

Are you tired of the never-ending malware infections? Would you like to get rid of the nightmare of the long hours spent troubleshooting? Do you still seem to get repeatedly infected regardless of how often you make malware removals? It’s enough of the reactive protection! The old way What would usually happen when a server became infected? People had to buy special security tools, which had really high prices to find malware. If it succeeded, the sysadmins had to spend plenty of hours (or in worse cases several days) to remove the malware. The other option was to pay for someone to do t...
Read more
WAF rules explained - The BitNinja Ruleset
Nikolett Hegedüs

WAF rules explained - The BitNinja Ruleset

In a previous article, we’ve discussed the BitNinja safe minimum ruleset for the BitNinja WAF, that consists of 15 rules from the OWASP Core Ruleset, along with 6 rules from the BitNinja rules category. These rules can be safely enabled on the root location pattern on your server. In the BitNinja Ruleset, there are 5 categories: The Virtual Honeypot category, which has 2 rules The WordPress Backdoor Protection category with 3 rules The Drupal Remote Execution Protection, also with 3 rules The Modx Revolution Remote Execution Protection category with 1 rule The Scanner Detec...
Read more
WordPress hosting and the BitNinja WAF - How to do it right? (Part 3 - The BitNinja safe minimum ruleset)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF - How to do it right? (Part 3 - The BitNinja safe minimum ruleset)

In the preceding articles, I’ve talked a lot about the BitNinja safe minimum ruleset template and how you should enable it on your “/” location (or on “*/wp-admin/*” if needed) if you’re hosting mainly Wordpress websites. So I’d like to give you a little more explanation about the rules that are part of the safe minimum. There are currently 15 rules from the OWASP Core Ruleset in the BitNinja safe minimum ruleset template, after thorough testing and evaluation. These are part of the following categories: Scanner Detection (1 / 5) Protocol Attack (4 / 10) Local File Inclusion (2 /...
Read more
WordPress hosting and the BitNinja WAF: How to do it right? - (Part 2)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF: How to do it right? - (Part 2)

Last time we finished off with the advice that if you’re hosting mainly WordPress websites, you should only enable the BitNinja Safe Minimum ruleset for the “/” location or any other domain pattern that contains “/wp-admin”. So let’s talk a bit more about domain patterns With the BitNinja WAF, we’d like to give you the opportunity to customize your firewall rules with domain patterns (we also call them location patterns, because they are, in fact, nginx location patterns or directives). It’s similar to virtual hosts defined on a web server. Let’s say that you have multiple domains on...
Read more
WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)

We know that our customers care a lot about their own customers, too. Just like we care about you, and about making the internet a safer place. So, with the following series of articles titled “Wordpress hosting and the BitNinja WAF - how to do it right?”, I’d like to help those who work in Wordpress hosting, and would like to use the BitNinja WAF to protect their servers. The BitNinja WAF is a really great tool for security - when used properly. And to use it, you’ll need to understand the terminology that we’re using. So let’s start with the basics, shall we? :) What are rule...
Read more