NINJA BLOG

In the last 2 weeks, we released 2 new versions of BitNinja. Let’s take a look at the novelties:
BitNinja version 1.12.10:

• CaptchaChallenge pages now use 403 status code instead of 200. Good bots will notice it and leave it.

This means, that the good bots will recognize our captcha pages, and won’t walk around them. Causing that our already low false-positive rate will be further reduced.

• WordPress wp-login filter threshold increased to 100 attempt.

Our log analyser module (SenseLog) perceives a wordpress page update as a wp-login.php request, so we increased the threshold from 50 request/30 minutes to 100 request/30 minutes. This change will also have an effect on reducing our false-positive rate.

• IPsetV6 keeps the downloaded compressed greylist file.

Before the update, when the BitNinja restarted, this file was deleted. Now, the IPsetV6 keeps it, so won’t have to download again, which will save time and bandwidth on the server.

• CaptchaHttp now more carefully looks for directory traversal attack attempt.

 In the newest version (1.12.12) we fixed the previous change and the captcha page now works without any problem.

• Fix for CaptchaHttp Url validation. It fixes 500 http errors when loading static contents for CaptchaPages.

If you want to follow our new versions, you can check it here.