Posted by hangerws, 04-15-2006, 01:36 AM | Hi there,
I would like to install Mod_dosevasive on my server to prevent future DDOS Attack. I am wondering if I modify the httpd.conf, would it cause any problem with CPanel?
Also, if I am running Sysctl to secure my server, would it crash my server easily? Is it a very risky command?
** I am running Trustix~~
Thanks
|
Posted by camers, 04-15-2006, 01:57 AM | If you are looking to install mod_evasive (changed name now), It shouldnt be a problem. My httpd.conf has been changed around with so many addons, cPanel doesnt whine about it. I don't think its tied into apache as much as you think.
Don't sweat it. I doubt sysctl will crash your server, why do you think that?
|
Posted by hangerws, 04-15-2006, 02:00 AM | I am cursions about sysctl because when i run the "man sysctl" command, it gives me the following description:
sysctl - configure kernel parameters at runtime
Are the sure that's alright?
|
Posted by camers, 04-15-2006, 02:02 AM | If you don't know what it does, don't play with it.
|
Posted by hangerws, 04-15-2006, 02:08 AM | Thanks,
Now I have another questions: One of the command for installing mod_evasive is "/usr/sbin/apxs -cia mod_evasive20.c". What does it exactuly do to my httpd file? If somehow my server is not working well with this module, how can I uninstall it?
Thanks
|
Posted by camers, 04-15-2006, 02:13 AM | You just remove the code where the module is loaded within httpd.conf.
Usually like this..
Remove that, restart apache, done.
|
Posted by hangerws, 04-15-2006, 02:37 AM | thanks a lot
|
Posted by david510, 04-15-2006, 04:39 AM | I suggest you to take a back up for your httpd.conf file, before you install it so that it will be easy to roll back.
|
Posted by hangerws, 04-15-2006, 09:58 AM | when you say roll back, how can you do that? just like copying httpd to a new file(eg httpd.conf.bkp)? And if it crashed after installing mod_evasive, you just replace the current httpd.conf with httpd.conf.bkp?
|
Posted by Duport, 04-15-2006, 11:43 AM | To copy
cp httpd.conf httpd.conf-old
To move back the old
mv httpd.conf-old httpd.conf
Remember you need to be in the apache config directory
|
Posted by codeguru, 04-16-2006, 01:04 AM | Please check the following link
http://www.eth0.us/mod_evasive
They have specified nice rule, which will limit dos attack upto an extend.
|
Posted by hangerws, 04-16-2006, 03:30 PM | yes...thanks.
I was looking for my httpd.conf in my server, but I cannot really locate the file. There is one /usr/local/apache/conf, but when i view it, that is nothing in it except:
Alias /bandwidth/ /usr/local/bandmin/htdocs/
#-
#Rlimit added by apachelimits.pl
#-
RLimitMEM 207432362
RLimitCPU 240
#-
#Rlimit added by apachelimits.pl
#-
Is that normal?
|
Posted by hangerws, 04-16-2006, 03:38 PM | nvm...i figure it out
|
Posted by hangerws, 04-16-2006, 03:43 PM | i found two httpd.conf...which one is correct? the one in /usr/local/apache/conf/httpd.conf? or /etc/httpd/conf/httpd.conf?
which one should i edit? which one should i backup?
|
Posted by camers, 04-16-2006, 05:52 PM | usr/local/apache/conf/httpd.conf for cPanel.
|
Posted by hangerws, 04-16-2006, 06:13 PM | then wt is the one in /etc/httpd/conf/httpd.conf
|
Posted by hangerws, 04-16-2006, 08:57 PM | anyone please?
|
Posted by neojones, 04-18-2006, 09:25 PM | Hi,
I hope you already figured it out by now, If not, /etc/httpd is a symbolic link to /usr/local/apache
Neo
|
Posted by maroonhost, 03-30-2010, 09:21 PM | mod_evasive does not send any mail to my defiened mailing log email address
please help
thank you
|
Posted by Sileep Kumar M S, 03-31-2010, 02:53 AM | If you are using Cpanel, then the path of httpd conf is /usr/local/apache/conf/httpd.conf, dont worry about any other httpd conf.
|
Posted by bvsonline, 04-30-2010, 01:29 AM | wget http://dll.elix.us/mod_dosevasive_1.10.tar.gz
tar zxvf mod_dosevasive_1.10.tar.gz
cd mod_dosevasive
For apache 1.3.x
/usr/local/apache/bin/apxs -i -a -c mod_dosevasive.c
For apache 2.0.x
/usr/local/apache/bin/apxs -i -a -c mod_dosevasive20.c
Add the following to httpd.conf
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSEmailNotify you@email.com
DOSSystemCommand "su - user -c '/sbin/... %s ...'"
|
Posted by ZKuJoe, 04-30-2010, 03:23 AM | I actually just posted a blog about this the other day... here's the best way to install mod_evasive on a server with CentOS running Apache and cPanel:
Download and extract:
Load module:
Save httpd.conf (prevent overwriting next time your recompile Apache):
Add to /usr/local/apache/conf/includes/post_virtualhost_2.conf:
For the last step, the easiest method is to login to WHM and navigate to "Include Editor" (Main >> Service Configuration >> Apache Configuration >> Include Editor). Once you are there, find "Post VirtualHost Include" and under it select your current version of Apache from the drop down menu.
Update and ensure Apache restarts!
|
|
Add to Favourites
Print this Article |