The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Configure mod_request_timeout and mod_qos to mitigate slow HTTP ddos attacks

Discussion in 'Security' started by meeven, Oct 12, 2015.

  1. meeven

    meeven Well-Known Member

    Joined:
    May 8, 2007
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Our web site has been experiencing a ddos attack for the last 18 hours and we have taken some steps to mitigate it that have helped, including redirecting traffic through CloudFlare.

    However, the attack continues and we would like to enable and configure mod_request_timeout and mod_qos as per the following article:
    How To Mitigate Slow HTTP DoS Attacks in Apache HTTP Server - Acunetix

    I know the modules can be enabled through EasyApache, but it's not clear where/how to edit those config files. Do we put those directives in a pre or post virtual host include for the domain being attacked. Or, could this go into the .htaccess file at the web root of the domain?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. meeven

    meeven Well-Known Member

    Joined:
    May 8, 2007
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Thanks very much for explaining where this should go. I wasn't aware of the cPanel help page on Slowloris attacks, either.

    One problem on my set up - I can't install mod_qos because I am using mod_rui2, which disables the former.

    For anyone else following this thread: you should install mod_reqtimeout as a custom module before being able to select it in the Exhaustive Options list in EasyApache. This page explains how to add the module to the server:
    Custom Modules - EasyApache - cPanel Documentation
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...
Similar Threads - Configure mod_request_timeout mod_qos
  1. kaplanDani
    Replies:
    1
    Views:
    245

Share This Page