Has anyone else tried BitNinja.IO?

[ughosting]

We've been trialling BitNinja.IO and have found it pretty damn good, has anyone else given this a go?

It's kinda like massive csf+lfd cluster, but uses ipset instead of iptables so they parse 2,000,000+ IPs in the time iptables does a couple of hundred.

Definately worth trying, our csf+lfd temp-tables are significantly smaller at the moment.

They have a free 7 day trial.

 

[BeZazz]

Why not just use ipset yourself?

 

[Hostrica]

We've been trialling BitNinja.IO and have found it pretty damn good, has anyone else given this a go?

It's kinda like massive csf+lfd cluster, but uses ipset instead of iptables so they parse 2,000,000+ IPs in the time iptables does a couple of hundred.

Definately worth trying, our csf+lfd temp-tables are significantly smaller at the moment.

They have a free 7 day trial.

I've used BitNinja before, I honestly didn't see much use for it. It did do a good job though. More often than not I dealt with false positives from it. But those are the only ones you are likely to hear about anyway....

Glad you are having good experience with it. We will definitely consider it once we get larger.

 

[MightWeb-Marcus]

I like its idea, but before I can consider employing it, I'd like to see the featureset expand to include the WAF, Intrusion Detection and Antiflood.

 

[ughosting]

AntiFlood is working already, I too would like to see a WAF work, but wonder whether a WAF without a web-server plug-in might be a problem.

 

[ughosting]

Why not just use ipset yourself?

The theory is that as more hosts use BitNinja, the shared intelligence that keeps out the bad guys improves.

We've got less servers than BitNinja's customer base, so our intelligence gathering would be far smaller.

Suspected IP don't get blocked immediately, but greylisted, and they have to prove they are human, a bit like CloudFlare.
If an IP is consistently bad then it will get blacklisted for a while.

Our load has dropped across the board, and we've not had a wordpress go bad since we've had it installed, but then I'm not sure that last time we had that issue.

We're also using the Comodo WAF Rules with LiteSpeed, so it's belt and braces!

 

[crazyvps-in]

Never used but as i can see it will be a good choice to prevent attacks . I personally using linux builtin tools like fail2ban.