Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

EA4 - Mod_evasive - Nginx Proxy - Layer 7 DDOS Attacks

Discussion in 'Security' started by 007basaran, Feb 28, 2017.

  1. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello,

    Linux CentOS can do DDoS protection settings on any server, but this is not possible in cPanel.

    I can activate CSF + Nginx + Mod_evasive with any control panel and provide protection. I tested it.

    We use Easyapache 4.

    HTTP, GET, POST, HEAD - Protection against DDoS attacks is not possible as far as I know from cPanel.

    How to use easyapache4 any mod_evasive or nginx proxy or layer 7ddos protection?

    Please help

    cPanel is a very good system.

    I do not want to give up using cPanel.

    Thank you all.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    No native support exists for the Apache mod_evasive module in EasyApache 4. You would have to build a custom RPM for this module using the guidelines at:

    ea4.ninja

    I encourage you to open a feature request if it's something you like to see included as an option in EasyApache 4:

    Submit A Feature Request

    Additionally, you may find this thread helpful if you are open to different solutions:

    How to block strange massive traffic flooding the website

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    007basaran likes this.
  3. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    How to add mod_evasive ea4?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    There's no easy method of installing that module, as you'd need to develop a custom RPM per the URL referenced in the last response. You can find a list of companies offering system administration services at the following URL if you require help with this level of customization:

    System Administration Services | cPanel Forums

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. JacobPerkins

    JacobPerkins Well-Known Member

    Joined:
    May 2, 2014
    Messages:
    619
    Likes Received:
    96
    Trophy Points:
    103
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Hi,

    This can be added to EA4 as easily as the following:
    Code:
     1011  2017-03-01 09:04:56 wget 'https://raw.githubusercontent.com/shivaas/mod_evasive/master/mod_evasive24.c'
     1012  2017-03-01 09:05:00 /usr/bin/apxs -i -a -c mod_evasive24.c
     1013  2017-03-01 09:05:07 less /etc/apache2/conf.modules.d/mod_evasive20.conf
     1014  2017-03-01 09:05:12 /scripts/restartsrv_httpd
     
    007basaran, cPanelMichael and Infopro like this.
  6. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Solved.

    Thank you Michael and Jacob.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello, Jacob

    i testing this is not working :/
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello, All

    İnstalling succesfully.

    But not activated or not working.

    Help please.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    007basaran likes this.
  10. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello, @cPanelMichael

    Installation was done but not working or not active.

    I did a GET and POST or HTTP request layer 7 attack to test if it worked.

    Attacks must be blocked while mod_evasive is running.

    I tested it on a different server.
    Attacks on a different server are blocking but, CPanel - is not blocked in EasyApache 4.

    Regards.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @007basaran,

    Could you try testing with the test.pl file offered on the GitHub repo? It's located at:

    mod_evasive/test.pl at master · shivaas/mod_evasive · GitHub

    Here's a quote from the README:

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    007basaran likes this.
  12. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Test here.


    Code:
    [root@cloud arge]# ./test.pl
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello michael

    How to fix my problem?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    EasyApache 4 provides Apache 2.4.

    Please see the most recent update to the following feature request:

    How to install Mod_evasive on easyapache4 ?

    Let us know if the issue persists when using the version offered in the EA4 experimental repo.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    007basaran likes this.
  17. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello,

    Installing but error ; Screenshot

    And not working again.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    You'll need to first revert the previous workaround steps you utilized to install the module by removing the /etc/apache2/conf.modules.d/mod_evasive20.conf file.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello,

    Installing steps mod_evasive for ea4:

    yum install ea4-experimental
    yum install ea-apache24-mod_evasive

    Available any module for Easy Apache4 Listing :
    yum --disablerepo="*" --enablerepo="EA4-experimental" list available

    Installing complated but mod_evasive not working :

    Code:
    ./test.pl
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    
    Screenshot
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #19 007basaran, Apr 6, 2017
    Last edited: Apr 6, 2017
  20. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,895
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    This seems more like an issue with the testing script you are using. You can try simulating a dos attack via another method (e.g. the ab utility referenced on this URL).

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice