Web Application Firewall (WAF)
Application layer attacks, such as directory traversal, SQL Injection, XSS, remote file
inclusion, code injection, on-site and cross-site request forgery, buffer overflow,
unvalidated file upload, and CMS (Wordpress, Joomla, Drupal, etc) vulnerabilities
Our Web Application Firewall (WAF) constantly scans and analyzes the incoming traffic flow to
your server, looking for malicious content based on different factors. Used in conjunction
with Log Analysis, WAF guarantees an extremely low false positive rate while stopping
attacks against the applications running on your server:
- BitNinja provides automatic updates and firewall rules. We constantly patch new
vulnerabilities for you.
- For custom needs, you can easily set up a list of whitelisted domains or URLs.
- In case of a suspicious web application you can switch the WAF into strict mode with
tighter rules to avoid any further infection.
- BitNinja’s Web Application Firewall is a zero configuration service, so you don’t need
to waste time setting up your WAF and configuring rules.
- Thanks to our special on-host redirecting technology, WAF is compatible with all major
web servers – Apache, NginX, Lite HTTP, TomCat, GlassFish, NodeJS and more.
- Our WAF is compatible with your existing mod_security WAF, so you can continue to use
your current rules.
Application layer attacks, like directory traversal, SQL Injection, XSS, remote file
inclusion, code injection, on-site and cross-site request forgery, and CMS (Wordpress,
Joomla, Drupal, etc) vulnerabilities
BitNinja constantly monitors your server logs including Apache, NginX, Auth log, MySQL, Exim,
Cpanel and others. As soon as it detects any suspicious behavior, it blocks further
- BitNinja is designed for ease of use, you don’t have to worry about specifying the path
of your logs, our zero-configuration setup finds them automatically.
- Log Analysis goes a step further and checks events logged prior to the installation of
BitNinja, in order to identify previous attack attempts and at the same time, to
- We automatically update the rules for detecting malicious behavior from server logs –
BitNinja does the lion’s share of the work instead of you.