Ninja blog

Our Hungarian web hosting partner, web-server.hu had ZERO website infections – since enabling BitNinja’s new WAF 2.0 module. We caught up with the lead sysadmin to talk to him about his experience with BitNinja. What has been your experience with BitNinja overall? “Before we began using  BitNinja, we had to fight daily battles with hackers. […]

Update: WAF 2.0 became mature. Wooow! Are you ready for something new? Well, we have it!  The long-awaited BitNinja WAF 2.0 beta is now here! Currently, this beta is available for everyone who has Pro or Trial license. But wait! Before you go running to our Dashboard, to switch it on … please take a […]

As you know, providing all-in-one server security, BitNinja protects 3000+ Linux web servers worldwide, capturing 100 million incidents a month and keeping 1.7 million suspicious IP addresses in its blocklists to protect you and your customers. Mixing that up with custom infrastructures, configurations, and software in each sometimes leads to a high load on the server. Despite […]

Start the New Year with this security quiz to test your knowledge and get a chance to receive the latest edition of ‘The Art of Server Protection’ e-book, or -- win our BitNinja Server Security for 1 month, absolutely free.  What a great way to start the New Year! Our ninjas created a short quiz […]

As we promised before, our article series inspired by V-day is continuing. Those who are provisioning servers day by day, certainly have some doubts about their process: being time-consuming, non-repeatable, hard to test or simply just something is going wrong in the existing infrastructure during the provisioning. There are opportunities to test failover or rollback processes, […]

What do you think about SPAMs? Most of us think they are useless and heavily annoying, but not for everybody. There are some geeks, who totally understand the background and find it rubbish, but sometimes they read them to “entertain themselves” and learn more about the recent patterns hacker tactics. Have you ever found a hidden […]

Bugs are always hunting us.  Recently we found some bugs during our work, but keep calm, they're not in the BitNinja agent. 😉 Let’s see what we explored: ModSecurity bug: empty comment line In our WAF2.0 (beta will come soon) we implemented ModSecurity as well as the OWASP’s core ruleset. Recently, our developers found a […]

No matter if you’re a Linux security veteran or you’re just about to get your feet wet, you’ll face the same security threats and upcoming attacks forms. Here we come with a security cheat sheet with ultimate checkpoints that no sysadmins should miss. When meeting new company, usually the very first thing I’m asked about […]

A new class of side-channel attacks have been appeared, which exploit the following CPU vulnerabilities: CVE-2017-5715 : branch target injection CVE-2017-5753 : bounds check bypass CVE-2017-5754 : rogue data cache load Meltdown and Spectre rely on them and allow the hackers to read the memory content of other programs, it means they can access the […]