Enjoy immediate protection on your server. BitNinja is designed to install and work with as little human interaction as possible. Run one line of code and your server is protected from 99% of attacks.
BitNinja combines the most powerful server security software in one easy-to-use protection suite. You get full-stack protection against XSS, DDoS, malware, scans, script injection, enumeration, brute force and other automated attacks – on all major protocols, not only HTTP.
Servers protected by BitNinja learn from each attack and inform each other about malicious IPs. This result is a global defense network that counteracts botnet attacks with a shield of protection for all servers running BitNinja, while also reducing the number of false positives each server encounters.
Port Honeypot
Related Vulnerability
Malicious port scans and sweeps
Our Solution
After installation, BitNinja opens 100 randomly chosen unused or closed ports while taking into account the existing services you are running to avoid any interruptions. These ports act like honeypots, exposing malicious IPs, before they can attack your server. Some of these honeypots will even behave like real services, for instance, the commonly attacked telnet.
As most attacks begin with scanning for possible vulnerabilities, Port Honeypot instantly blocks future attacks: any malicious IPs will be automatically greylisted so they can’t infect your server.
Web Honeypot
Related Vulnerability
CMS (WordPress, Joomla, Drupal, etc) vulnerabilities
Our Solution
Web Honeypot works like Port Honeypot, with one important exception – you can replace any compromised file with honeypot scripts. You get the same benefits, plus additional customization to trap hackers and prevent further attacks. You can also configure BitNinja’s Malware Detection and Removal to automate this process for trouble-free protection against threats to web and CMS applications on your server.
Malware Detection and Removal
Related Vulnerabilities
Unvalidated file uploads, script injection, remote code injection, and CMS (WordPress, Joomla, Drupal, etc) vulnerabilities
Our Solution
Web Application Firewall (WAF) – Beta
Related Vulnerabilities
Application layer attacks, such as directory traversal, SQL Injection, XSS, remote file inclusion, code injection, on-site and cross-site request forgery, buffer overflow, unvalidated file upload, and CMS (WordPress, Joomla, Drupal, etc) vulnerabilities
Our Solution
Our Web Application Firewall (WAF) constantly scans and analyzes the incoming traffic flow to your server, looking for malicious content based on different factors. Used in conjunction with Log Analysis, WAF guarantees an extremely low false positive rate while stopping attacks against the applications running on your server:
Outbound Web Application Firewall (OutboundWAF) – Beta
Related Vulnerabilities
Application layer attacks, such as directory traversal, SQL Injection, XSS, remote file inclusion, code injection, on-site and cross-site request forgery, buffer overflow, invalidated file upload, and CMS (WordPress, Joomla, Drupal, etc) vulnerabilities
Our Solution
BitNinja’s OutboundWAF module scans only outgoing connections real-time, with the built-in HTTP proxy solution, looking for malicious content based on different factors. If BitNinja finds any suspicious connections, it will send the incident to BitNinja analyzer central and try to find which process and script is responsible for it. Currently, OutboundWAF uses the same ruleset like WAF, but in the future, it will have a different source.
Log Analysis
Related Vulnerability
Application layer attacks, like directory traversal, SQL Injection, XSS, remote file inclusion, code injection, on-site and cross-site request forgery, and CMS (WordPress, Joomla, Drupal, etc) vulnerabilities
Our Solution
BitNinja constantly monitors your server logs including Apache, NginX, Auth log, MySQL, Exim, Cpanel and others. As soon as it detects any suspicious behavior, it blocks further malicious actions.
CAPTCHA
Related Vulnerability
Automated botnet attacks
Our Solution
CAPTCHA is the abbreviation for Completely Automated Public Turing Test to Tell Computers and Humans Apart. BitNinja uses CAPTCHA to distinguish between human and bot-generated traffic, streamlining the handling of false positives. As a result:
BitNinja provides validation on different protocols, such as HTTP, HTTPS, and SMTP. In the case of HTTP or HTTPS, web visitors are redirected to a CAPTCHA page. For SMTP, an email is sent with a confirmation link. Human visitors can remove themselves from the greylist with ease, while bots will remain blocked.
Collective Intelligence
Related Vulnerabilities
Recurring automatic exploits and zero-day attacks
Our Solution
Servers protected by BitNinja collect and share attack information with each other. Together, they form a global defense network, which becomes more intelligent and more powerful with every single attack.
This means when any BitNinja protected server detects an attack, your server is immediately vaccinated against the malicious IP at the source of the attack.
With our all-in-one security suite and global defense network, BitNinja also discovers and eliminates zero-day attacks and automated exploits – before they occur.
Collective Intelligence creates a set of manageable IP lists. These sets grant security on three different levels:
In addition to our user-based blacklist, BitNinja maintains a global blacklist that is shared among all BitNinja protected servers. Servers protected by BitNinja drop packets from IPs on this list. To make sure these IPs are blocked for a legitimate reason, we constantly evaluate the list by moving blacklisted IPs to our greylist at predefined intervals to detect whether the traffic from the IP source is still malicious.
DoS Detection
Related Vulnerability
Denial of Service via TCP based protocols – HTTP, SMTP, FTP etc.
Our Solution
BitNinja constantly monitors the number of simultaneous incoming and outgoing connections and blocks DoS (Denial of Service) attacks with our unique approach:
DDoS Mitigation
Related Vulnerability
TCP/UDP-based Distributed Denial of Service attack
Our Solution
All servers running BitNinja create a global defense network, sharing information about malicious IPs. With data on over 15 million IPs worldwide, plus honeypots to capture and analyze the latest threats, your server is protected against DDoS botnet attacks – before they happen.
Antiflood
Related Vulnerability
Application-level DoS attack directed at the BitNinja application
Our Solution
A chain is only as strong as its weakest link. Antiflood ensures that hackers cannot mount an attack against the BitNinja application and destroy your defense shield in the process. Antiflood works by aggregating information from the entire BitNinja security suite to prevent any individual module from overloading.