Web Application Firewall (WAF)
Related Vulnerabilities
Application layer attacks, such as directory traversal, SQL Injection, XSS, remote file inclusion, code injection, on-site and cross-site request forgery, buffer overflow, unvalidated file upload, and CMS (Wordpress, Joomla, Drupal, etc) vulnerabilities
Our Solution
Our Web Application Firewall (WAF) constantly scans and analyzes the incoming traffic flow to your server, looking for malicious content based on different factors. Used in conjunction with Log Analysis, WAF guarantees an extremely low false positive rate while stopping attacks against the applications running on your server:
- BitNinja provides automatic updates and firewall rules. We constantly patch new vulnerabilities for you.
- For custom needs, you can easily set up a list of whitelisted domains or URLs.
- In case of a suspicious web application you can switch the WAF into strict mode with tighter rules to avoid any further infection.
- BitNinja’s Web Application Firewall is a zero configuration service, so you don’t need to waste time setting up your WAF and configuring rules.
- Thanks to our special on-host redirecting technology, WAF is compatible with all major web servers – Apache, NginX, Lite HTTP, TomCat, GlassFish, NodeJS and more.
- Our WAF is compatible with your existing mod_security WAF, so you can continue to use your current rules.
Log Analysis
Related Vulnerability
Application layer attacks, like directory traversal, SQL Injection, XSS, remote file inclusion, code injection, on-site and cross-site request forgery, and CMS (Wordpress, Joomla, Drupal, etc) vulnerabilities
Our Solution
BitNinja constantly monitors your server logs including Apache, NginX, Auth log, MySQL, Exim, Cpanel and others. As soon as it detects any suspicious behavior, it blocks further malicious actions.
- BitNinja is designed for ease of use, you don’t have to worry about specifying the path of your logs, our zero-configuration setup finds them automatically.
- Log Analysis goes a step further and checks events logged prior to the installation of BitNinja, in order to identify previous attack attempts and at the same time, to greylist hackers.
- We automatically update the rules for detecting malicious behavior from server logs – BitNinja does the lion’s share of the work instead of you.