The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

APF firewall help - antidos

Discussion in 'General Discussion' started by hostseeker, Mar 7, 2006.

  1. hostseeker

    hostseeker Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    6
    I had been running apf firewall 0.9.4 for a while with no problems. Upgraded to APF 0.9.6 yesterday and used pretty much the default values except for changing the port numbers to what I had used for the old version.

    Howver APF immediately started blocking access for many legitimate users to my sites. Also it blocked all email forwarding from working.

    It has to do with the antidos, with antidos disabled there are no problems. However I fear that is leaving the server open to antidos attack. With the old version I had antidos enabled and never any problems blocking users or not allowing email forwarding to work.

    So if any body could offer ideas, or even post their apf.conf and config.antidos from version 0.9.6 I would appreciate it. I have read through the rfxnetworks docs and can't figure out my problem.
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    How did you upgrade to the latest release, overwrote or clean/fresh install? It is not good idea to install the new release on top of the old one. I suggest you wipe out the old installation and start fresh. Don't forget to stop AFP, restart iptables and then proceed with the new installation.
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I would agree with Andy. There were significant changes in the recent release of APF and it's best to stop it, wipe, and install afresh.

    I would also not recommend using the antidos feature at all. It's of dubious value and is a sure fire way to getting your server performance down and ultimately making the server unbootable (see other threads on the antidos subject for an explanation).
     
  4. hostseeker

    hostseeker Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    6
    The install overwrote the old. I will go back and do a fresh install per your suggestions.

    Thanks!
     
  5. hostseeker

    hostseeker Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    6
    Yeah, it was an overwrite install instead of a fresh install. I will go back and do a fresh install.

    I have read through the threads about the problems that the APF antidos causes. I haven't had a DOS attack that I know of, but would like to prevent one if it happens, what do you suggest if not APF antidos?
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    The only thing that is realistically going to help in the case of a genuine DOS is a hardware firewall or decent anti-DOS provision by your NOC, which most decent ones provide as part of their service. A software firewall simply won't be able to cope with the genuine article.
     
Loading...

Share This Page