The most powerful security suite for linux web servers to achieve system stability and reduce server load.
Websites and servers fall prey to hacker attempts every 30 minutes, and an average server is hit by 1,300 attacks every single day. Without protection, malware infections, data loss, phishing sites and CMS hacks take the control over your servers.
BitNinja helps you to build a successful business by taking 100% responsibility to keep your Linux server clean. Being a layered security system, BitNinja blocks server attacks at any threat level automatically, allowing you to protect your websites from unforeseen security issues and put your attention back on business.
Achieve system stability and reduce server load by setting up this pro-active defense shield in 5 mins and fix your IP reputation for good.
BitNinja is a multi-layered security system to block server attacks, like Wordpress hacks, password cracking, malware infections, forum spams, SQL injections, data theft, DoS and other botnet attacks.
BitNinja makes your security faster and smarter by combining the most powerful security technologies in one lightweight software: Web Application Firewall, IP Reputation, Anti-Malware, Honeypots, LogAnalysis, DoS Mitigation and more.
It works against automated botnet attacks. There are a huge database with information about over 15 million IPs in the world. BitNinja provides validation on different protocols, such as HTTP, HTTPS, FTP and SMTP. Human visitors can remove themselves from the greylist with ease, while bots will remain blocked. As a result:
It works against unvalidated file uploads, script injection, remote code injection, and CMS (Wordpress, Joomla, Drupal, etc) vulnerabilities. BitNinja’s malware detection module will react to any malware upload attempt and intercepts it before the attacker can execute the malicious code and quarantines the file.
If you don’t prefer automatic inspection, you can easily disable it or run scheduled scans whenever you like. With this, you don’t have to dig the logs and check for interactions. We automated this to spare manual labor and save time for you.
It works against application layer attacks, such as directory traversal, SQL Injection, XSS, remote file inclusion, code injection, on-site and cross-site request forgery, buffer overflow, unvalidated file upload, and CMS vulnerabilities. It's a zero configuration service, so you don’t need to waste time setting up your WAF and configuring rules. Web application attacks are the most common attack types on the Internet. Many CMSs and other hosted web applications are vulnerable to remote attacks.
BitNinja’s WAF is a very fast reverse proxy (nginx) which filters all the incoming traffic flow to your server, to catch SQL injection, cross-site scripting (XSS), remote and local file injection attacks and many more.
It works against malicious port scans and sweeps, CMS vulnerabilities.
After installation, BitNinja opens 100 randomly chosen unused or closed ports while taking into account the existing services you are running to avoid any interruptions. These ports act like honeypots, exposing malicious IPs, before they can attack your server.
As most attacks begin with scanning for possible vulnerabilities, Port Honeypot instantly blocks future attacks: any malicious IPs will be automatically greylisted so they can’t infect your server.
Web Honeypot works like Port Honeypot, with one important exception – you can replace any compromised file with honeypot scripts. You get the same benefits, plus additional customization to trap hackers and prevent further attacks.
BitNinja constantly monitors your server logs including Apache, NginX, Auth log, MySQL, Exim, Cpanel and others. As soon as it detects any suspicious behavior, it blocks further malicious actions. BitNinja is designed for ease of use, you don’t have to worry about specifying the path of your logs, our zero-configuration setup finds them automatically.
DoS attack is well-known tools of the hackers arsenal. The BitNinja DoS detection module can automatically detect and greylist application level DoS attacks.
It constantly monitors the number of simultaneous incoming and outgoing connections and blocks DoS attacks with unique approach.
Website visitors often use proxies – just like botnets. That’s why it’s extremely important for us to recognize the real IPs behind an attack and do not block any exit nodes. Our trusted proxy feature helps with it to guarantee low false positive and high success-rate.
When a BitNinja protected server detects an attack attempt or blocks a malicious request, it sends this information to the BN cloud datacenter. They process the incoming security logs and immediately stream back the attacker IP address to all of your servers.
The BitNinja WAF module applies a recommended ruleset on all request by default, but you can change the strictness level by domain, or by URL. You can also disable the WAF on a domain level. Automated false positive reporting allow you to fine tune the settings if needed and guarantee a law false positive level.
You can configure BitNinja’s Malware Detection to automate this process for trouble-free protection against threats to web and CMS applications on your server.
