Thursday, May 23, 2013

ModEvasive Apache Module For DDOS Prevention


ModEvasive Apache Module For DDOS  Prevention.

To install it login into server and run the following commands:
cd /root/
wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
tar zxf mode_evasive-1.10.1.tar.gz

cd mod_evasive
then type…
/usr/sbin/apxs -cia mod_evasive20.c


Now, Please edit the  Apache conf /etc/httpd/conf/httpd.conf (on RHEL/Centos/Fedora)


DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10

Restart Httpd

/etc/init.d/httpd restart

Tuesday, May 7, 2013

How to Update the Nameserver on WHM.


Here is simple steps :

cp /var/cpanel/nameserverips.yaml /var/cpanel/nameserverips.yaml.bk

rm -f /var/cpanel/nameserverips.cache

Change in file corrective changes:

vi /var/cpanel/nameserverips.yaml

Update new NS records with :

/usr/local/cpanel/scripts/updatenameserverips

Now check  on WHM :




Done..!

Monday, May 9, 2011

DDOS Attack prevention on Linux server.

DDOS Attack prevention on Linux server.

It will show you count.

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Get output to file.
netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1     | grep "." > test123

Install and configure APF firewall.
wget http://www.rfxn.com/downloads/apf-current.tar.gz
tar xzvf apf-current.tar.gz

Add IP list to deny file.
cat test123 >> /etc/apf/deny_hosts.rules

Save the list.
/etc/apf/apf -r

Restart the firewall
/etc/init.d/apf restart
Stopping APF:                                              [  OK  ]
Starting APF:                                              [  OK  ]


OR

Solution I am Using.

USE THIRD PARTY SERVICE. Move your DNS to this.
i.e. http://cloudflare.com/
Cloud Flare is blocking exact threats which is HITING to website.
There is many fetures, please check the site.



Wednesday, May 4, 2011

Security for Linux Server.

All the Security for Linux Server.

1. Firewall APF/Iptables
   * Block the all ports which is unnecessary open on server.
   * There is Spammer Database will be add IP pool  in firewall.
2. Change SSH port
3. Update and scans for rootkits, backdoor and possible local exploits. wrong permissions for /usr/bin and     system commands, hidden files, suspicious strings in kernel modules, and special tests for Linux. With some
tools.  Check Malware and malicious scripts.
4. Mail Security:
  * Spamming: if your Application is sending mails more than 100-200 mails in day.
    then you need Proper Mail server setup. else your server Ip will get block in spam list.
  * Check SPF records for domain.
5. Add Google webmaster tool for all our Website/Domain which is use. It will quick detect Malware and if there is Malicious scripts. It will notified if there is any hidden scripts running script or attack on our code.






Copy From blog:
http://shriikant.blogspot.com/2011/05/security-for-linux-server.html