Bitrix24 Proactive Security

Bitrix24 Self-hosted Security

Security Level in Bitrix24 :

For all too many organizations, It has not become a  high priority until the security breach happens. An effective approach to IT security must, by definition, be proactive and defensive. Bitrix has over 10 years of experience in providing the highest level of security for web projects.
Bitrix24 benefits from all of this experience and technology, including Bitrix’s own proactive Web Application Firewall, which categorically blocks the vast majority of attacks on web applications.

List of security in bitrix24

Bitrix1.1
Bitrix1.1

Proactive Filter and Exceptions

A Proactive filter (Web Application Firewall) defends the system from many known web attacks. The filter detects malicious activity on incoming requests and stops access. Web Filter is the most effective way to monitor potential errors in web project implementation. The filter analyzes all data received from visitors through various variables and cookies.

Proactive Filter
Proactive Filter

You can enable or disable the active filter in Settings> Active Protection> Active Filter using the Enable Active Protection button (or Disable Active Protection).

If required, you can set the proactive filter exceptions; this will activate a proactive filter to not be applied to pages matching the wildcard in Exceptions Tab. You can also set the exception if your system is under intrusion attack then you can set a time and save your data from intrusion attempts.

Web antivirus :

This option will encounter all viruses(infection) of the sites. The web antivirus will find all the infected HTML code and “cut” a dangerous object from the site code and control the infection from the user’s computer.

Note: This option is not a replacement for traditional antivirus programs.

Web antivirus
Web antivirus

You can enable or disable the Proactive filter at Settings > web antivirus using the Enable web antivirus Protection button (or Web antivirus). You can also enable an option where your admin will get a notification recorded and this feature will help you to take measure action whenever a virus is detected.

Virus infection notification
Virus infection notification

This way we can protect our application against viruses that can harm our application and this will impact our product’s work and our application may get slow.

Event Logs: –

Events logs
Events logs

We also set a trigger notification that whenever there is an event happened we can receive a notification in the dashboard there is n number of triggers are there those are :

We can set Event logs where we can send alerts or messages. For example, if I set the auto backup and backup schedule gives the error then for this event we can set one alert mail.

How to add notification in the Event log option : 

  1. First, go to settings and go to intrusion logs, and here you can see Event logs.
  2. Here you have to add a notification option.
  3. Now add an option and set your trigger option that is backup is done or not.
  4. You can give the name of your trigger, interval time, number of events, etc.
  5. On the action tab, you can give an action type that what should be happened if such an event happened like sending mail or a message for notification.
  6. This notification helps us to notify which event is an unusual notification. 

Why do we need to track measure events in web applications for example changing the permission of file this is mostly done by the developers or administrator otherwise such event is done by the hacker who wants to inject some malicious code so getting a notification is always a plus point this brings always a measure add on of enhancing security.

Two-step of authentication

We refer to layer security as the level of a stage where the user has to jump from one stage to another stage with providing his identity and his identity is authentic so we can consider a particular user as authorized users we all know in today’s world data is very valuable for us.

Bitrix also brings us a two-step authentication. Where you have to enter OTP into your log-in screen and this will authenticate you for your CRM.

Steps to enable step authentication: 

  • Go to the control panel > setting tab then go to two-step authentication.
  • Here You have to go to the parameter option.
  • Now check the box for enforcing option and provide user or group.
  • Here you can give user and group also and then select that user and group.
  • After all steps you have to enable two-step authentication.
  • Now you have to apply and save the option.

Integrity control

Integrity control will track any changes that have been made in system files. Admin can detect and verify the integrity of the system kernel, system files, or public files anytime. The File Integrity Log helps you identify unauthorized changes, thus preventing intrusion attempts.

Integrity Control

How to check integrity control of file: –

  • The File integrity control form (Settings  —  Proactive Protection — Integrity Control. 
  • This will serve to check the integrity of the system file, kernel system, and public file.
  • How to check for integrity:
File Integrity Check
  • You have to provide a 10 digit strong password.
  • After that, you have to click next 
  • Then you have to provide any word :
Selection of action
  • Here  provided  a nevpro as a word :
Data Collection
  • You have to provide the same password which you used before.
  • After that we can get an integrity report.

Control panel protection:

The Control panel is the main component in bitrix24. We can control all major functionality by going to the control panel. And the control panel protection is only accessible by administrative privileges but if the control panel is compromised somehow by an external unauthorized user then it will majorly fall for all security that is implemented in bitrix24.
So how we can protect a control panel bitrix24 will provide a specific IP of those who have bitrix24 administrative privileges.

Control Panel Protection

You can also provide IP  ranges starting from a gateway to a broadcast address. Also, you can give one static IP.
Below are the message shown to the user if someone non-authorized person will try to access the control panel.

Forbidden

Session protection

Most of the web attacks done via session hijacking mean a hacker will steal a session id and data of an authorized user and this will give the hacker a passthrough into a bitrix24.

So Maintaining the session information inside a Bitrix24 database will always be a plus point because a whole session hijacking is now pointless.
You have to toggle on the button for enabling session protection.

You can also set the lifetime of a session-id store for all users this will automatically track all user session id and if the user is ideal this will log out the user.

Here in the above screenshot, the session id will change every time after some time for our case is 10 min.

Redirection protection

Redirection protection will protect you from phishing attacks. What is a phishing attack? for example, an attachment sent on mail appears to come from a ligament resource and the attachment contains malicious code.
In  Bitrix24 we can use redirection protection. We just need to click the option in proactive protection.

We also modified a parameter where we can set which page will show a warning before a change to that is we can set a message that your page will be redirected.

In the above screenshot we can set the parameter and according to this whenever the URL will change the user will get a modified message. This will stop any fake URL redirection.

Anti Frame protection

This will prevent our data from FrameSniffing that most hackers will try to take advantage of browsers functionality to steal the data from websites. Anti Frame will protect the website and users by refreshing the UI this will low down the risk.

Anti-Frame Protection

You have to just toggle on the button and anti frame will be activated, you can also put an exception where you can define which URL should protect the page from clickjacking, etc.

UI redressing is mostly done in public pages such as news pages, public portals, quarry, or online chat portals.

Activity Control

Activity Control will match all those activities which are generally done by bots such as DDoS attacks and password brute force attacks. This will take unconditional ping and unnecessary action such as ping the domain many times and getting a reply from the server due to lack of resources and server will not be able to handle such high intensive load and result of this server will shut down unexpectedly.
Bitrix will protect against such attacks by enabling activity control BITRIX24 will track and stop such activity ( for eg: 10000 requests per second)

Activity Control

You can also ban a particular action for a certain amount of time and you have full control of such a ban. You can also control over hits for eg 15 hits at a time.

Activity Control Parameters

Stop List

Some of the bots and hacker server IP addresses will be tracked inactivity control Bitrix24 will add those IPs to the stop list. Added IP in the stop list will block that IP access to the Bitrix24. You can also add an IP address manually if you find any IP that you want to block then you can also do it. Stopping to the IP will be a major plus point.

You have added that particular rule that describes which range should be accessible or which one is disabled.

Editing IP Block Rule

The proactive filter responded to intrusion attempts and those IPS into the stop list.

You can also define except rule where all ranges of IP will block and you can allow a particular IP that will access your CRM.

Host & domain

This option will stop anyone accessing the domain via HTTP accessing unsecured protocol will always be not good for those users who were putting confidential data on the website. This option will prevent the attack with HTTP/domain attacks.

Hosts Security Parameters

IN the above screenshot we have to add the IPs in the redirection and you have to choose which action will need to happen during such an event. Then you have applied the setting for reflection.

If you found this article helpful. Let us know your favorite part of this blog in the comments down below.

Leave a Reply

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.