Official RHEL9 support, AI Malware scanner updates, feature updates, stability improvements, bugfixes and even more in our new BitNinja versions (V3.10.0 to 3.10.5)

Most systems will automatically update, if you have specific settings or applications preventing automatic updates, you can follow our documentation on how to proceed to have the latest version installed.

It's been a while, so this will be a long one, hang in there!

• Added RHEL 9 support. - (3.10.0)
  • We now officially support the following Linux distributions: Alma Linux 9, Rocky Linux 9, and Centos Stream 9.

• Replaced the old BitNinja Site Protection logo with the BitNinja Server Security logo on the captcha page. - (3.10.0)
  • Consistency is key. 🙂

• Fixed an issue regarding the Defense Robot module where the cleanup of the correlations could cause overload on the /tmp folder. - (3.10.0)
  • Correlations are rotated, and in this case, it could lead to temporary load spikes. This was mitigated.

• Moved the WordPress integrity check from Site Protection to the Data Provider module. - (3.10.0)
  • Simple change for future updates.

• Fixed an issue regarding the SslTerminating module where the 60414 and 60415 ports were open after starting BitNinja despite the Close Direct Access config option being turned on. - (3.10.1)
  • In certain scenarios these ports were open, and we don't want that!

• Fixed an issue regarding the MalwareDetection module where the AI scanner did not send the files to the AI for further analysis. - (3.10.1)
  • This ensures our AI malware scanner can analyze all the necessary files.

• Fixed an issue regarding the WafManager module where some ModSecurity log files were not deleted after 1 day. - (3.10.1)
  • Keeping them up to date ensures we don't waste precious storage space!

• Fixed an issue regarding the WafManager module where it could run out of memory because of oversized request logs. - (3.10.1)
  • Don't you hate it when you forget where you left your keys? No one likes to run out of memory!😁

• Fixed an issue regarding the SqlScanner module where if there were some errors during the scan it could crash - (3.10.1)
  • Proper error handling has been implemented to mitigate the issues.

• Fixed an issue regarding the SqlScanner module where it could crash if there were multiple webservers present on the server. - (3.10.1)
  • An edge-case bug where the module could crash if it detected too many webservers at once. This was mitigated.

• Finetuned the log detection patterns and extended the log detection paths in the SenseLog module. - (3.10.1)
  • More logs to check = more security in my book!

• Finetuned the PHP cache file detection pattern in the Malware Detection module. - (3.10.1)
  • Those pesky cache files are at it again! We've made sure to exclude them from malware scanning.

• Fixed the issues regarding the increased messaging error logs and stack traces introduced by the 3.10.1 version. - (3.10.2)
  • The last update was a bit too successful at logging error messages.

• Fixed an issue regarding the MalwareDetection scan command when it would not scan the path if it was a single file. - (3.10.3)
  • CLI commands and their magical world. This issue has been fixed, so you can scan a single file as well!

• Fixed some custom log and certificate collection issues regarding the Config Parser module. - (3.10.3)
  • Additional logs and certificate identification methods were introduced. 🙂

• Increased the MalwareDetection cache cleanup percentage from 1% to 2%.
  • BitNinja periodically cleans its cache to ensure no malicious files can fly under the radar. The rate of which was increased.

• Added a mechanism to the MalwareDetection module which forces the module to scan the /var/spool/cron directory every 24 hours. - (3.10.3)
  • This ensures no "cronjob infector" malware can go undetected.

• Added a new positive incident type to the Captcha which will indicate the result of a BIC or Captcha. - (3.10.3)
  • Now you will be able to tell if an incident was caused by a URL Captcha.

• Extended the SpamDetection detector in a way that it will work with every SMTP solution that uses sendmail. - (3.10.3)
  • A sendmail wrapper was introduced.

• Fixed an issue regarding the SpamDetection module where a combination of settings and software could lead to the temporary disruption of mailing services. - The issue could only occur where CloudLinux and Cagefs were present, and ea-php was used instead of alt-php. - (3.10.4)
  • The previously introduced wrapper was unable to be executed if CageFs was present, this was promptly fixed.

• Fixed an issue regarding the self-update mechanism on RPM-based systems where BitNinja would not auto-start after an update in some cases. - (3.10.4)
  • Having an up-to-date version is the best way to stay safe!

• Fixed an issue regarding the Captcha HTTP where a wrong parameter type could throw a Request Exception in the module. - (3.10.5)
  • Proper error handling was introduced in this case as well!

• Fixed an issue regarding the Malware Detection AI Scanner where the unknown file upload could cause out-of-memory crashes. - (3.10.5)
  • Another out-of-memory bug was found and squashed promptly!

• Fixed an issue regarding the Malware Detection quarantine mechanism where during the quarantine process the unlink of the original failed and threw a warning message that it failed to rename the malicious file. - (3.10.5)
  • This was found and fixed to ensure no malicious file can stay on any machine!

The newest BitNinja versions (V3.10.0 to 3.10.5) brought Official RHEL9 support, AI Malware scanner updates, feature updates, stability improvements, and bugfixes!

If you'd like to read more about previous release notes, you can 🔎find them here. Alternatively, if you would like to see your feature request show up here, don't forget to cast your🙋‍♂️Vote