EA4 - Mod_evasive - Nginx Proxy - Layer 7 DDOS Attacks
Hello,
Linux CentOS can do DDoS protection settings on any server, but this is not possible in cPanel.
I can activate CSF + Nginx + Mod_evasive with any control panel and provide protection. I tested it.
We use Easyapache 4.
HTTP, GET, POST, HEAD - Protection against DDoS attacks is not possible as far as I know from cPanel.
How to use easyapache4 any mod_evasive or nginx proxy or layer 7ddos protection?
Please help
cPanel is a very good system.
I do not want to give up using cPanel.
Thank you all.
-
Hello, No native support exists for the Apache mod_evasive module in EasyApache 4. You would have to build a custom RPM for this module using the guidelines at: ea4.ninja I encourage you to open a feature request if it's something you like to see included as an option in EasyApache 4: Submit A Feature Request Additionally, you may find this thread helpful if you are open to different solutions: How to block strange massive traffic flooding the website Thank you. 0 -
How to add mod_evasive ea4? 0 -
There's no easy method of installing that module, as you'd need to develop a custom RPM per the URL referenced in the last response. You can find a list of companies offering system administration services at the following URL if you require help with this level of customization: System Administration Services | cPanel Forums Thank you. 0 -
Hi, This can be added to EA4 as easily as the following: 1011 2017-03-01 09:04:56 wget 'https://raw.githubusercontent.com/shivaas/mod_evasive/master/mod_evasive24.c' 1012 2017-03-01 09:05:00 /usr/bin/apxs -i -a -c mod_evasive24.c 1013 2017-03-01 09:05:07 less /etc/apache2/conf.modules.d/mod_evasive20.conf 1014 2017-03-01 09:05:12 /scripts/restartsrv_httpd0 -
Solved. Thank you Michael and Jacob. 0 -
Hello, Jacob i testing this is not working :/ 0 -
Hello, All ?nstalling succesfully. But not activated or not working. Help please. 0 -
Hello @007basaran, It looks like you were able to address this issue, per your post at: setting up mod_evasive with easyapache4 on cloudlinux 7 Can you confirm it's now working as intended? Thank you. 0 -
Hello, @cPanelMichael Installation was done but not working or not active. I did a GET and POST or HTTP request layer 7 attack to test if it worked. Attacks must be blocked while mod_evasive is running. I tested it on a different server. Attacks on a different server are blocking but, CPanel - is not blocked in EasyApache 4. Regards. 0 -
Hello @007basaran, Could you try testing with the test.pl file offered on the GitHub repo? It's located at: mod_evasive/test.pl at master " shivaas/mod_evasive " GitHub Here's a quote from the README: TESTING Want to make sure it's working? Run test.pl, and view the response codes. It's best to run it several times on the same machine as the web server until you get 403 Forbidden messages. Some larger servers with high child counts may require more of a beating than smaller servers before blacklisting addresses. Please don't use this script to DoS others without their permission.
Thank you.0 -
Test here. [root@cloud arge]# ./test.pl HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request0 -
Hello michael How to fix my problem? 0 -
Hello @007basaran, You may want to add configuration values for the Mod_Evasive module, as referenced on the following third-party URL: mod_evasive on Apache You may also want to submit an issue to the GitHub of this third-party module at: Issues " shivaas/mod_evasive " GitHub Thank you. 0 -
Hello, Your links, only apache 2.4 version supported. I need easyapache 4 :=) I Submit ticket. But not helper anyone. How to install Mod_evasive on easyapache4 ? Thank you michael. Regards 0 -
Your links, only apache 2.4 version supported. I need easyapache 4 :=)
EasyApache 4 provides Apache 2.4.I Submit ticket. But not helper anyone.
Please see the most recent update to the following feature request: How to install Mod_evasive on easyapache4 ? Let us know if the issue persists when using the version offered in the EA4 experimental repo. Thank you.0 -
Hello, Installing but error ; Screenshot And not working again. 0 -
Hello, Installing but error ; Screenshot And not working again.
You'll need to first revert the previous workaround steps you utilized to install the module by removing the /etc/apache2/conf.modules.d/mod_evasive20.conf file. Thank you.0 -
Hello, Installing steps mod_evasive for ea4: yum install ea4-experimental yum install ea-apache24-mod_evasive Available any module for Easy Apache4 Listing : yum --disablerepo="*" --enablerepo="EA4-experimental" list available Installing complated but mod_evasive not working : ./test.pl HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request
Screenshot0 -
HTTP/1.1 400 Bad Request
This seems more like an issue with the testing script you are using. You can try simulating a dos attack via another method (e.g. the ab utility referenced on this URL). Thank you.0
Please sign in to leave a comment.
Comments
19 comments