mod_dosevasive
|
Oct 26, 2004, 12:10 AM
|
|
|---|---|
NightStorm Senior Member Join: Dec 2003 Posts: 259 |
mod_dosevasive Has anyone intigrated this http DDoS prevention module into their existing copies of httpd that is distributed with the Plesk 7.1.5 setup? I'm currently running: RedHat ES3 Plesk 7.1.5 Apache/2.0.46 Has anyone managed to get this to successfully intigrate with httpd, and would they be up to giving me a quick rundown on the install? I used to have it on Redhat 9, but it was a simple RPM install... when I use the RPM now, httpd fails to restart after. *sigh* Urgency unfortunately is a key factor here, as I've had some pathetic puke httpd flooding my server with several hundred DDoS bots for the past week, and my customers are starting to become a bit irate with the Apache crashes. |
|
Oct 26, 2004, 03:56 PM
|
|
|---|---|
 atomicturtle Join: Nov 2002 Posts: 3,524 |
Yeah I have, I did an rpm for it too, and now I cant find the src.rpm or the .spec file (story of my life). Youve probably got a library conflict in there. Try running ldconfig and see if the daemon will start.
__________________ Atomic Rocket Turtle www.atomicrocketturtle.com Secure your server now: http://www.atomicorp.com/products.html Atomic Secured Linux |
|
Oct 26, 2004, 04:06 PM
|
|
|---|---|
NightStorm Senior Member Join: Dec 2003 Posts: 259 |
I executed /sbin/ldconfig and it did not print any errors, so I am guessing that it started. Now for the question that I am sure you already expect from me... what did you just have me do, and what is it going to fix? Do I need to include any options with the command, or should mod_dosevasive now install alright? *edit* I should probably mention... I did try the RPM that is linked from the nuclear site, and it seemed to install alright... but when httpd went to restart, I got the following error: [root@plain tmp]# rpm -Uhv mod_dosevasive-1.8-1.i386.rpm Preparing... ########################################### [100%] 1:mod_dosevasive ########################################### [100%] Stopping httpd: [ OK ] Starting httpd: httpd: module "mod_dosevasive20.c" is not compatible with this version of Apache (found 20020628, need 20020903). Please contact the vendor for the correct version. [FAILED] error: %post(mod_dosevasive-1.8-1) scriptlet failed, exit status 1 The contents of mod_dosevasive20.conf (located in /etc/httpd/conf/) is: LoadModule dosevasive20_module modules/mod_dosevasive20.so <IfModule mod_dosevasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 # Optional Directives - /usr/share/doc/mod_dosevasive/README for more info # DOSEmailNotify root@yourdomain.com # DOSSystemCommand "su - root -c '/sbin/iptables -A INPUT -s %s -j DROP" </IfModule> |
|
Oct 26, 2004, 04:33 PM
|
|
|---|---|
NightStorm Senior Member Join: Dec 2003 Posts: 259 |
Okay... I'm just full of questions tonight. If I was to upgrade the httpd to Apache 2.0.50 (the latest, according to the Apache website), will that fix the problem? Also, if I do the upgrade, will it be compatible with Plesk and my other stuff, like the php mod, perl, and all of the other stuff that depends on Apache, or will it essentially tear the server to pieces? I know that Plesk maintains control over httpd, so I'm concerned that if I upgrade, I'll break the whole system... but at the same time, I'm getting desperate to stop this little punk from knocking my http down every 2 hours. |
|
Oct 29, 2004, 11:01 PM
|
||
|---|---|---|
rtwick Member Join: Nov 2002 Posts: 69 |
Quote:
Try to get the src rpm for this module and build it against your httpd (you might need to install httpd-devel rpm). HTH R'twick |
|
|
Oct 30, 2004, 03:48 AM
|
|
|---|---|
NightStorm Senior Member Join: Dec 2003 Posts: 259 |
Know where I could obtain a copy of httpd-devel for Redhat ES3? I checked rpmfind.net, and it only goes as high as RH9... which, upon discussions with a few people, would be incompatible with my current OS. And I'd love to build an RPM, but I do not believe a src.rpm was released for dosevasive, since the RPM was not even made by the original developer... the original files only included the .c files for apxs install (which, as mentioned, will not work as the module is newer than the httpd version). See the complexity of the confusion now? Especially since I don't even have a clue how to build an RPM in the first place. Side-note...anyone know where I could find a copy of the configure command that was used to build my httpd? It's the version that came with Plesk 7.1.5 Reloaded upgrade... the -V flag returns the following, if it helps any... [root@plain admin]# /usr/sbin/httpd -V Server version: Apache/2.0.46 Server built: Oct 10 2004 20:42:57 Server's Module Magic Number: 20020903:4 Architecture: 32-bit Server compiled with.... -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses disabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D HTTPD_ROOT="/etc/httpd" -D SUEXEC_BIN="/usr/sbin/suexec" -D DEFAULT_PIDLOG="logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="logs/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" [root@plain admin]# rpm -q httpd httpd-2.0.46-40.ent.WB1 |
« Previous Thread | Next Thread »
| Search this thread | Forum jump |
|---|---|
| Thread tools | Display modes |
|---|---|
|
Linear Mode
|