Has anyone else tried BitNinja.IO?

ughosting

ughosting

HD Community Advisor
Staff member
We've been trialling BitNinja.IO and have found it pretty damn good, has anyone else given this a go?

It's kinda like massive csf+lfd cluster, but uses ipset instead of iptables so they parse 2,000,000+ IPs in the time iptables does a couple of hundred.

Definately worth trying, our csf+lfd temp-tables are significantly smaller at the moment.

They have a free 7 day trial.
 
ughosting said:
We've been trialling BitNinja.IO and have found it pretty damn good, has anyone else given this a go?

It's kinda like massive csf+lfd cluster, but uses ipset instead of iptables so they parse 2,000,000+ IPs in the time iptables does a couple of hundred.

Definately worth trying, our csf+lfd temp-tables are significantly smaller at the moment.

They have a free 7 day trial.
Click to expand...

I've used BitNinja before, I honestly didn't see much use for it. It did do a good job though. More often than not I dealt with false positives from it. But those are the only ones you are likely to hear about anyway....

Glad you are having good experience with it. We will definitely consider it once we get larger.
 
I like its idea, but before I can consider employing it, I'd like to see the featureset expand to include the WAF, Intrusion Detection and Antiflood.
 
AntiFlood is working already, I too would like to see a WAF work, but wonder whether a WAF without a web-server plug-in might be a problem.
 
Why not just use ipset yourself?
Click to expand...

The theory is that as more hosts use BitNinja, the shared intelligence that keeps out the bad guys improves.

We've got less servers than BitNinja's customer base, so our intelligence gathering would be far smaller.

Suspected IP don't get blocked immediately, but greylisted, and they have to prove they are human, a bit like CloudFlare.
If an IP is consistently bad then it will get blacklisted for a while.

Our load has dropped across the board, and we've not had a wordpress go bad since we've had it installed, but then I'm not sure that last time we had that issue.

We're also using the Comodo WAF Rules with LiteSpeed, so it's belt and braces!
 
Never used but as i can see it will be a good choice to prevent attacks . I personally using linux builtin tools like fail2ban. :(
 
You must log in or register to reply here.

Supporters

Back
Top