Zero Day phpMyAdmin Vulnerablity Patched by BitNinja
Laszlo Takacs

Zero Day phpMyAdmin Vulnerablity Patched by BitNinja

A new flaw on the horizon! A new flaw has been discovered in phpMyAdmin, in which an attacker has the possibility to include files on the server. This vulnerability is caused because of a portion of a code where the pages are redirected and loaded in phpMyAdmin. Here are the steps, how it can be achieved:  1) First, the intruder has to be authenticated, after this procedure the sql query will create a session. 2) Invoking the  ../../../../../..../var/lib/sessionId the attack can be performed. There are some exceptions though:   - $cfg['AllowArbitrary...
Read more
WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)
Nikolett Hegedüs

WordPress hosting and the BitNinja WAF - How to do it right? (Part 1: The basics)

We know that our customers care a lot about their own customers, too. Just like we care about you, and about making the internet a safer place. So, with the following series of articles titled “Wordpress hosting and the BitNinja WAF - how to do it right?”, I’d like to help those who work in Wordpress hosting, and would like to use the BitNinja WAF to protect their servers. The BitNinja WAF is a really great tool for security - when used properly. And to use it, you’ll need to understand the terminology that we’re using. So let’s start with the basics, shall we? :) What are rule...
Read more
Security by design
Laszlo Takacs

Security by design

Our team has attended the CloudFest back in March where during the security panel we have attended a presentation about the importance of security by design an important thing in terms of responsibility and suggested OWASP as a standard to start with. In this blog post we would like to show, why it is important for developers too, not just for security providers. The best way to define it is an approach to software and hardware development where the main goal is to make a system as free of vulnerabilities and imprevious to attack as possible. To achieve this there is a need for a huge amoun...
Read more
Watch the new WAF in action
Eniko Toth

Watch the new WAF in action

The beta version of WAF 2.0 is performing much better than we expected. The feedback we’ve been receiving about it is truly fascinating. More and more people are realizing just how powerful this module is. It’s already – effectively protecting – hundreds of servers against SQL injections, XSS attacks, command injections, directory traversal, data leakage and various other types of attacks. Now, we’d like to take the opportunity to show you a 5-minute video that demonstrates how the WAF 2.0 works in real time. Already using this module? That’s great! But maybe we can show...
Read more
Serious Drupal vulnerability alert! How to virtual patch it with BitNinja WAF?
Eniko Toth

Serious Drupal vulnerability alert! How to virtual patch it with BitNinja WAF?

2 days ago, a serious vulnerability, SA-CORE-2018-002 (CVE-2018-7600) has been found in Drupal 6, 7 and 8, which affects over one million websites. All the unpatched Drupals are in serious danger! An attacker can upload backdoors or malware via this newly discovered vulnerability. The vulnerability is scored 21/25 Highly Critical! Details of the vulnerability: This vulnerability has been categorized as a Highly Critical issue because… With a simple user visit, the hackers can easily leverage the SA-CORE-2018-002. There is no need for special privilege levels. All users or even an...
Read more
BitNinja Daily Routine - How to eliminate hackers on your servers completely?
George Egri

BitNinja Daily Routine - How to eliminate hackers on your servers completely?

We have collected the best practices of the most successful BitNinja customers. Would you like to completely eliminate hackers on your servers? Follow this guideline to achieve the most with BitNinja and stop all hackers. The initial steps When you first install BitNinja on your server, the best you can do is to enable all modules. All the beta modules are used in many production servers, it is safe in most of the cases to simply enable them all. If you have considerations about enabling all the modules, then here is a list of minimal modules to enable: IP reputation DoS detectio...
Read more
Shared hosting provider with 7,000 customers had 0 infections over the past  7 days
George Egri

Shared hosting provider with 7,000 customers had 0 infections over the past 7 days

Our Hungarian web hosting partner, web-server.hu had ZERO website infections – since enabling BitNinja’s new WAF 2.0 module. We caught up with the lead sysadmin to talk to him about his experience with BitNinja. What has been your experience with BitNinja overall? “Before we began using  BitNinja, we had to fight daily battles with hackers. Infected Wordpress, Joomla, Drupal and other accounts were the most commonly affected platforms. Because of the continuous battle with infections and DoS attacks, we hardly had any time left for servers and for development. Since we started using...
Read more
Fun way to read a book
Anita Batari

Fun way to read a book

What do you think about SPAMs? Most of us think they are useless and heavily annoying, but not for everybody. There are some geeks, who totally understand the background and find it rubbish, but sometimes they read them to “entertain themselves” and learn more about the recent patterns hacker tactics. Have you ever found a hidden gem among spams, worth showing to your friend? ‘Cus we have! We captured a spam attack causing some funny moments and now we’ll show it. Contact form spams - nightmare for a sysadmin Yesterday, while one of our talented administrators anal...
Read more
Bugs discovered in ModSecurity and MongoDB PHP extension
Eniko Toth

Bugs discovered in ModSecurity and MongoDB PHP extension

Eniko Toth
Bugs are always hunting us.  Recently we found some bugs during our work, but keep calm, they're not in the BitNinja agent. ;) Let’s see what we explored: ModSecurity bug: empty comment line In our WAF2.0 (beta will come soon) we implemented ModSecurity as well as the OWASP’s core ruleset. Recently, our developers found a strange bug in them. The crs’ 913100 rule has always caught the Chinese search engine, because of suspicious user agent:spider/4.0(+ http://www.sogou.com/docs/help/webmasters.htm#07); After checking the code , we didn’t understand why it has been trigger...
Read more
Server security on point – 5 +1 best practices for Linux sysadmins
Boglarka Angalet

Server security on point – 5 +1 best practices for Linux sysadmins

No matter if you’re a Linux security veteran or you’re just about to get your feet wet, you’ll face the same security threats and upcoming attacks forms. Here we come with a security cheat sheet with ultimate checkpoints that no sysadmins should miss. When meeting new company, usually the very first thing I’m asked about is „How should I get rid of hackers? Show me the silver bullet.” But it’s a little bit like asking an economist on „Where to invest my money?”. It depends. To get a grip in the jungle of security recommendations, here I collected some guidelines...
Read more