04 July 2024

Read time: 4 minutes

On July 5, we are launching the sale of licenses for BitNinja, a platform protecting servers and sites from attacks

From July 5, you can buy BitNinja, a server security platform, on the ispmanager website. It protects against SQL injection, outbound spam attacks, cross-site scripting, viruses, and multiple connections.

What BitNinja can do:

Protect against malware and viruses.
Block SQL and XSS injections in the CMS and on the server.
Check IP addresses against 5 blacklists consisting of millions of entries.
Identify the real IP addresses behind the attack without blocking real users.
Stop spam attacks using forms on the site.
Recognize DoS at the application level.

BitNinja’s AI scanner

→ Monitors outgoing mail.

→ Scans files for viruses.

→ Reduces server load.

BitNinja trains itself with each new attack because the servers for each BitNinja client account can share information. If one server encounters an attack, all the other servers within the account learn about it.

6 situations where BitNinja offers protection

How to get BitNinja

At present, you can buy a BitNinja license and put it on your server yourself. Soon, we will release a module for the ispmanager control panel, it is already in testing.

How to order BitNinja license →

BitNinja license can be installed on the same server as ispmanager, they will not come into conflict.

BitNinja Pricing

Number of days free when you purchase a license:

6 days - for 3 months,

14 days - for 6 months,

30 days - for 12 months.

Buy a license →

Important: BitNinja needs 〜1GB RAM for stable operation but if there is an attack on the server, more RAM will be needed.

We do not recommend installing BitNinja on a server with ispmanager if the amount of RAM is less than or equal to 2 GB, which is insufficient for protecting the server during an intensive attack.

Read more about system requirements and OS compatibility in BitNinja documentation →

What is the difference between a license and a module?

FAQ

Is it possible to buy a license now and upgrade to the module later?

If you have bought a license, you don’t need to buy a module for the same server.

How BitNinja protects against malware and viruses

With the following modules:

SandboxScanner searches for and analyzes malicious PHP files on the system and checks all 111 files that the virus scanner finds. It notifies the user if it finds anything dangerous.
MalwareDetection analyzes the file structure to uncover malware.
DatabaseCleaner scans databases for malicious files. Note that it only works with SQL databases.

How BitNinja recognizes DoS at the application level

Using the DoSDetection module, which monitors active connections. For example, if there are more than 80 connections from one IP address, BitNinja considers it an attack and blocks the IP for one minute. You can set the maximum number of sessions from one address manually.

How BitNinja blocks SQL and XSS injections into the CMS and into the server

With WAF, which cuts off all requests from IP addresses that are known throughout the BitNinja network to be malicious addresses, and also handles HTTP and HTTPS requests.

How BitNinja deploys traps for attackers if they bypass the WAF

BitNinja installs Port Honeypot traps on 100 popular ports. They simulate a connection and quarantine malicious files.

How BitNinja checks IP addresses against blacklists

With the help of the IP reputation function which checks against 5 blacklists consisting of millions of records. If the module detects a match, it will restrict the visitor's actions or block it. It is possible to allow access to users with IP addresses from the blacklist by adding them to the white list.

How BitNinja determines the real IP addresses behind the attack

BitNinja does not block real users, thanks in part to Captcha modules which view and maintain an up-to-date database of more than 4 million IP addresses in real time.

How BitNinja stops spam attacks from using forms on a website

Spam is blocked by the AI Spam Detection module. It monitors attempts to use forms on a website for outbound spam attacks. BitNinja AI identifies attacks by analyzing headers, email addresses, scripts, and the intervals between emails.

How to install a BitNinja license

To install BitNinja, you need package curl , which is installed by default on most operating systems. If you don't have it, it's easy to download using sudo apt install curl or yum install curl for RHEL-like systems.

Then, you will receive your license key by email. Note that your key will only work once.

There are two ways to install a license: using a single-line script or manually in the console:

Universal installation using a single-line script:

curl https://get.bitninja.io/install.sh | sudo /bin/bash -s - --license_key=License_Key_here_1234

Manual installation in the console. Detailed instructions can be found in the BitNinja documentation →

To turn BitNinja off on your server, use the command:

service bitninja stop

What data BitNinja transmits and to where

The following are sent to the BitNinja server in Bulgaria:

Blocked IP and incident data.
Contents of virus files (the file content is not used, only the virus signatures)
Whether AI modules are enabled, the MD5 hash.
Whether the AI Spam Detection module is enabled, which blocks spam attacks: the sender, recipient, and header are transmitted to the BitNinja server in cleartext.

For more details about the data transmitted and also how to ensure that minimal information is transmitted across borders, see the BitNinja documentation →

If you have any more questions, email us at help@ispmanager.com