“The new Trusted Proxy feature simply blows the competition out of the water especially when you consider the price point at which are offering BitNinja. We couldn’t be happier with how things are proceeding. :)” – Christopher McGill, Lead System Administrator at GekkoFyre Networks
In that article, we promised to create a separate menu for managing it, so here it is! 🙂
About proxies
A proxy server will reroute online requests, so the real IP of the visitor will be masked for the website she/he wants to access. There are many free and paid proxies available in the market.
Access content that is restricted in the visitor’s country
Fasten site load speed -> Content Delivery Networks (CDN, like Cloudflare)
Stay anonymous
Of course, staying anonymous for hackers is essential, so there’s no doubt that they often use this as an easy way to hide themselves.
(Side note: However, they forget about the fact that a proxy won’t hide them completely. To be honest, there are ways to track the real IP behind a proxy. That’s why a skilled hacker will use VPNs instead of proxies.)
Background
As mentioned before, some hackers try to hide their information with a proxy. We’ve seen it with our own eyes. Our tech ninjas detected more and more unblocked attacks and when they dug deeper, they realized that these malicious requestscame via Cloudflare.
As Cloudflare is the most popular CDN, their backend IPs are globally whitelisted by BitNinja. Therefore, these attacks couldn’t be detected because BitNinja doesn’t filter the requests coming from whitelisted IPs.
This issue became more and more serious and we couldn’t rest. We had to do something to keep our ninja friends’ servers safe against these attacks.
And there was another problem. Of course, we couldn’t whitelist all the proxies worldwide, so when BitNinja detected an attack from a less popular proxy, the IP became blocked. By greylisting an exit node’s IP only because one person behind it sent a malicious request, it meant that all the other (even thousands) users were blocked too. While this issue was much rarer than the increasing number of cyberattacks via Cloudflare, it was still very painful for the people who were affected.
That’s how the idea of the Trusted Proxy was born.
BitNinja Trusted Proxy
Thanks to this new beta module, hackers can’t hide behind proxies anymore. BitNinja will track those attacks too, which are coming through proxies, load balancers or edge proxies.
The technology behind Trusted Proxy requires the same settings as the WAF 2.0. So, if you have already set up the X-Forwarded-For header , then you have the green light to use the Trusted Proxy too. 😉
The Cloudflare IPs are added to the list by default, but of course, you can manage this list by yourself. You can add custom proxy addresses by typing single IP/bulk IPs/IP ranges and add a comment so you’ll recognize the IPs later too.
However, your user-level whitelist comes first when BitNinja is filtering IPs, which means that if you whitelisted a proxy range before, it is time now to remove it, so the trusted proxies feature can work properly.
You can find more technical details about the BitNinja Trusted Proxy on our documentation site .
API endpoint
Do you prefer using API to manage your Trusted Proxy list? No problem. 🙂 As we mentioned a few weeks ago, we are continuously developing the BitNinja Rest API . So, you can use these endpoints if you wish to customize the trusted proxies:
Attacks via Cloudflare? Nah. Those times are over! With the BitNinja Trusted Proxy, you can forget about these struggles forever. It’s time to detect IPs hidden behind load balancers and edge proxies too.
Enable the Trusted Proxy now and if you or your customers are using a proxy, add it to your Trusted Proxy list.
And do not forget that we are always happy to help you, so feel free to contact us at info@bitninja.io or on the Dashboard chat if you have any questions about the Trusted Proxy or need assistance.
Proactive server protection from a centralized, easy-to-use console. Secure your web servers and customers’ websites against all kinds of cyber threats with our multi-layered security tool
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.