Installation FAQ
How can I stop the BitNinja agent?
You can stop the BitNinja agent at any time, just like other standard Linux services, by issuing the following command:
service bitninja stop
If you are having issues with BitNinja, do not hesitate to contact our support ninjas at info@bitninja.io or via live chat from the dashboard.
I have Cpanel/Plesk/ISPmanager/etc. Is it compatible with BitNinja?
Yes. BitNinja doesn't rely on a specific control panel. We decided not to rely on the server's control panel because, during an attack, you may have difficulties accessing your control panel hosted on your server. However, you can still access the BitNinja Dashboard
What does the BitNinja agent do on my server?
The BitNinja agent running on your server manages the BitNinja Server Security modules to ensure your server is safe against cyber attacks. Each security module is responsible for a different aspect of the security on your server. The modules share data and communicate with each other to form a highly effective defense shield. When you start running the BitNinja agent on your server, it loads a safe minimum set of security rules. It enables only the security modules with a very low false positive rate. It also automatically adds your server IP’s to your allow list. The BitNinja agent manages iptables rules for you, and it uses ipsets – a very efficient way to manage a huge list of IP addresses. The agent is very resource-friendly. You can learn more in the BitNinja documentation.
What ports do I need to open?
The agent will open the required ports automatically in CSF. The automatism is not yet implemented for other firewalls yet.
So please open the required ports on TCP for inbound and outbound direction.
This is necessary for the modules to work properly. It is worth noting that the required ports are protected from direct external access, so they do not add any security gaps to the system. Also, open port 443 on your firewall if it is closed so that the API can communicate with the agent.
Can I trust the BitNinja agent?
We use standard package building and distribution tools. By default, the universal installation script will set up your repository to access the packages via an encrypted channel, and all BitNinja packages are signed after the build is complete. The agent always communicates with the BitNinja central system through HTTPS sessions.
Is it production ready?
Yes! BitNinja is used on more than 2,000 production servers. Many of them are shared web hosting servers. We have a strict release policy. Every new BitNinja release goes through an extensive quality assurance pipeline, including dependency security tests, unit testing, integrity testing, and live testing on 40 shared web hosting servers before we release the package and it goes live.
Do I have to change my nameservers?
No. BitNinja does the security filtration on your server. You don’t need to change your nameservers or register any new domains.
What data does the BitNinja agent transmit from my server?
The BitNinja agent sends all the security incident logs to our cloud data centers. We decided that security logs should not stay on the server because, in case of a breach, attackers may access and delete all security logs saved on your server, so you could potentially lose all the proof and data about the attacks.
You can access these logs via your BitNinja Dashboard. We don’t share the raw logs with any third party. Other BitNinja users and the owners of the attacking IPs can access the logs but only through obfuscation. You can set the level of log obfuscation under "User Profile" in the top right menu.
More information about Data policy here.
Are there any dependencies for the installer?
You need the curl package to be installed to use the universal installer. It is installed on many systems by default, but if you don’t have it you can install it easily with your package manager.
CentOs, Cloud Linux and Red Hat:
yum install curl
Debian and Ubuntu:
apt-get install curl
After the successful installation, BitNinja no longer needs the curl package, so you can remove it if you don’t need it anymore.
CentOs, Cloud Linux and Red Hat:
yum remove curl
Debian and Ubuntu:
apt-get remove curl
What permission does BitNinja use on my server?
The BitNinja agent uses root privileges on your server to allow the agent to manage system resources like iptables and ipset, and access log files to analyze and open privileged and non-privileged ports. Root privileges are required for the security modules to work correctly. For example, the Port Honeypot mod