Apache include editor does not work

benniblanco

Member
Jan 21, 2013
15
0
1
cPanel Access Level
Root Administrator
We are under dos attack and since about 7 days trying to figure out the way to mitigate it.
Softlayer box WHM 11.38.1 (build 15)


Installed few mods to protect ourself but none of them seem to have an effect on the zombie IP's

Today we fund a solution by redirecting them trough site root htaccess and it works.


Code:
RewriteEngine On

SetEnvIf User-Agent ".*MSIE 6.0; Windows NT 5.1; SV1.*" dontlog
RewriteCond %{HTTP_USER_AGENT} ".*MSIE 6.0; Windows NT 5.1; SV1.$" [OR]
RewriteCond %{HTTP_USER_AGENT} ".*MSIE 6.0; Windows NT 5.1;1813.$" [OR]
RewriteCond %{HTTP_USER_AGENT} "^(?:User-Agent: )?Mozilla/4.0 \(compatible; MSIE 6.0; Windows NT 5.1;(?: SV1|1813)\)$" [OR] 
RewriteCond %{HTTP_USER_AGENT} "MSIE 6.0; Windows NT 5.1; SV1"
RewriteRule ^(.*)$ http://127.0.0.1/$1 [R=302,L]

But we want to do this on server level so we added the lines that work in htaccess in Include Editor and tested all 3 positions and none of them work. Soon as we remove those lines from htaccess
and put them in Include editor instead the IP's are not redirected anymore.

Just had Mike tech from SL try to figure this out for about 2h on the phone and we both came to a conclusion that the editor is not accepting the changes.

Mike also wanted to help us remove the redirect log for those IP's ( line one in code above combined with How To Tell Apache To Not Log Certain Requests In Its Access Log | HowtoForge - Linux Howtos and Tutorials ) but again include editor is not accepting the change
 

quietFinn

Well-Known Member
Feb 4, 2006
1,222
87
178
Finland
cPanel Access Level
Root Administrator
Apache include editor is a user interface to edit the files in directory /usr/local/apache/conf/includes
Do you mean that Apache include editor does not write your configurations in the config files in that directory?
Or do you mean that your configurations have no effect?

I have not tested rewrite rules in Apache config, but Apache documentation says this:
rewrite configurations are not inherited by virtual hosts. This means that you need to have a RewriteEngine on directive for each virtual host in which you wish to use rewrite rules.
mod_rewrite - Apache HTTP Server
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,202
363
Hello :)

Try including the following lines in your custom Apache include:

Code:
RewriteLog "/usr/local/apache/logs/rewrite.log"
RewriteLogLevel 2
Then, check to see if the rewrites are logged to the "/usr/local/apache/logs/rewrite.log" file.

Thank you.
 

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,608
77
308
cPanel Access Level
Root Administrator
Please ensure httpd.conf is rebuilt after using the include editor. Here is what worked for me:

1. Used the include editor to add the rewrite rules. I ensured it matched exactly what you had in the screen shot
2. Via the command line, I verified the rewrite rules were added to the proper include file:
Code:
$ cat /usr/local//apache/conf/includes/post_virtualhost_global.conf
3. Checked for presence of post_virtualhost_global.conf in httpd.conf:
Code:
$ grep post_virtualhost /usr/local/apache/conf/httpd.conf
4. Rebuilt httpd.conf to put the include file in place:
Code:
$ /scripts/rebuildhttpdconf
5. Repeated step 3:
Code:
$ grep post_virtualhost /usr/local/apache/conf/httpd.conf
Include "/usr/local/apache/conf/includes/post_virtualhost_global.conf"
6. Restart apache
Code:
/scripts/restartsrv_apache