Threaded Mode | Linear Mode

fulltilt · 12-27-2007 05:59 AM

Hallo BeNe,

Habe vor einigen Monaten das aus Deinem HowTo mal ausprobiert:
Prevent DOS-Attacks mod_evasive

Allerdings hatte ich da auch Mega Probleme mit CMS und einer Auktion ...
Bilder wurden nicht mehr dargestellt oder einfach eine blank page.

ATTENTION: This config may produce "403 Forbidden" Errors on regular sites (to example: typo3, gallery,...)

Wie kann ich mod_evasive nun einsetzen ohne das hier Probleme auftreten?
Also wie müsste die Config dann aussehen um das zu vermeiden:

Code:

<IfModule mod_evasive20.c>

    DOSHashTableSize    3097

    DOSPageCount        2

    DOSSiteCount        50

    DOSPageInterval     1

    DOSSiteInterval     1

    DOSBlockingPeriod   10

</IfModule>

**BeNe** · 12-28-2007 09:12 PM

Hy fulltilt,

yes i started to write down this HowTo. But the Section "Prevent DOS-Attacks mod_evasive" was not my Work. Sorry i can´t help you here.

Greez BeNe

gutek · 05-31-2008 06:01 AM

i think that BIND securing is a little wired in this how-to. I recommend do it that way:

in /etc/bind/named.conf add

Code:

allow-query {127.0.0.1; zzz.zzz.zzz.zzz;};

allow-transfer {xxx.xxx.xxx.xxx;};

instead of

Code:

recursion no;

zzz.zzz.zzz.zzz your public ip
xxx.xxx.xxx.xxx your secondary dns

After this change you can use localhost as DNS cache server.

Am I right?

ralph · 06-03-2008 11:10 PM

has anyone thought about enabling suhosin patch + su_php ?

***ephigenie*** · 06-03-2008 11:51 PM

suphp is just slow.
And we use fastcgi / suexec which is much faster with min. equal level of security.
Suhosin is patched into debians php versions by default - its just about installing the module - and ... why not Wink

I think most of us have this already running.

ralph · 06-04-2008 02:29 AM

i see, that sounds nice. i just have had problems before with other cps that i have problems tracking which virtual user the procs is starting from, therefore id prefer suphp but if php is through suexec/fastcgi that should solve the problem. anyone having successful stories of suhosin? does it bork many php apps by default cfg ex.?

**BeNe** · 06-04-2008 03:41 PM

Quote:anyone having successful stories of suhosin?

Of course - why not ? It works well with ispCP.

Greez BeNe

einherjer · 06-04-2008 06:56 PM

ralph Wrote:anyone having successful stories of suhosin?

It is default in OpenSuse and i have no problems with it. ispCP, Typo3, xoops, phpBB,... without any changes to the configuration.

Venus143 · 10-05-2009 01:49 PM

ispCP is an open source project founded to build a Multi Server Control and Administration Panel. This Control Panel is usable by any Internet Service Provider. But honestly speaking I don't have an idea on how to make an ispCP more Secure. But if I could see some information about that, I will tell you. Promise!

_________________
Temporary Medical

**joximu** · 10-05-2009 05:59 PM

(10-05-2009 01:49 PM)Venus143 Wrote: I abatement beneath the latter, but I do apperceive added cases area humans would wish to affectation this info. So in my view, the best way to do this is to actualize a ambience which can be on/off to affectation 1 & 3 aloft at least.
_________________
Temporary medical

If this is a serious post... I don't understand anything...

Threaded Mode \| Linear Mode [HowTo] Make ispCP more Secure !
Author	Message