Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

EA4 - Mod_evasive - Nginx Proxy - Layer 7 DDOS Attacks

Discussion in 'Security' started by 007basaran, Feb 28, 2017.

  1. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello,

    Linux CentOS can do DDoS protection settings on any server, but this is not possible in cPanel.

    I can activate CSF + Nginx + Mod_evasive with any control panel and provide protection. I tested it.

    We use Easyapache 4.

    HTTP, GET, POST, HEAD - Protection against DDoS attacks is not possible as far as I know from cPanel.

    How to use easyapache4 any mod_evasive or nginx proxy or layer 7ddos protection?

    Please help

    cPanel is a very good system.

    I do not want to give up using cPanel.

    Thank you all.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    No native support exists for the Apache mod_evasive module in EasyApache 4. You would have to build a custom RPM for this module using the guidelines at:

    ea4.ninja

    I encourage you to open a feature request if it's something you like to see included as an option in EasyApache 4:

    Submit A Feature Request

    Additionally, you may find this thread helpful if you are open to different solutions:

    How to block strange massive traffic flooding the website

    Thank you.
     
    007basaran likes this.
  3. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    How to add mod_evasive ea4?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    There's no easy method of installing that module, as you'd need to develop a custom RPM per the URL referenced in the last response. You can find a list of companies offering system administration services at the following URL if you require help with this level of customization:

    System Administration Services | cPanel Forums

    Thank you.
     
  5. cPJacob

    cPJacob cPanel Product Owner
    Staff Member

    Joined:
    May 2, 2014
    Messages:
    605
    Likes Received:
    94
    Trophy Points:
    103
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Hi,

    This can be added to EA4 as easily as the following:
    Code:
     1011  2017-03-01 09:04:56 wget 'https://raw.githubusercontent.com/shivaas/mod_evasive/master/mod_evasive24.c'
     1012  2017-03-01 09:05:00 /usr/bin/apxs -i -a -c mod_evasive24.c
     1013  2017-03-01 09:05:07 less /etc/apache2/conf.modules.d/mod_evasive20.conf
     1014  2017-03-01 09:05:12 /scripts/restartsrv_httpd
     
    007basaran, cPanelMichael and Infopro like this.
  6. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Solved.

    Thank you Michael and Jacob.
     
  7. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello, Jacob

    i testing this is not working :/
     
  8. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello, All

    İnstalling succesfully.

    But not activated or not working.

    Help please.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    007basaran likes this.
  10. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello, @cPanelMichael

    Installation was done but not working or not active.

    I did a GET and POST or HTTP request layer 7 attack to test if it worked.

    Attacks must be blocked while mod_evasive is running.

    I tested it on a different server.
    Attacks on a different server are blocking but, CPanel - is not blocked in EasyApache 4.

    Regards.
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @007basaran,

    Could you try testing with the test.pl file offered on the GitHub repo? It's located at:

    mod_evasive/test.pl at master · shivaas/mod_evasive · GitHub

    Here's a quote from the README:

    Thank you.
     
    007basaran likes this.
  12. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Test here.


    Code:
    [root@cloud arge]# ./test.pl
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    
    
     
  13. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello michael

    How to fix my problem?
     
  14. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  15. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
  16. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    EasyApache 4 provides Apache 2.4.

    Please see the most recent update to the following feature request:

    How to install Mod_evasive on easyapache4 ?

    Let us know if the issue persists when using the version offered in the EA4 experimental repo.

    Thank you.
     
    007basaran likes this.
  17. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello,

    Installing but error ; Screenshot

    And not working again.
     
  18. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You'll need to first revert the previous workaround steps you utilized to install the module by removing the /etc/apache2/conf.modules.d/mod_evasive20.conf file.

    Thank you.
     
  19. 007basaran

    007basaran Active Member

    Joined:
    Feb 21, 2017
    Messages:
    40
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Turkey
    cPanel Access Level:
    DataCenter Provider
    Hello,

    Installing steps mod_evasive for ea4:

    yum install ea4-experimental
    yum install ea-apache24-mod_evasive

    Available any module for Easy Apache4 Listing :
    yum --disablerepo="*" --enablerepo="EA4-experimental" list available

    Installing complated but mod_evasive not working :

    Code:
    ./test.pl
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    HTTP/1.1 400 Bad Request
    
    Screenshot
     
    #19 007basaran, Apr 6, 2017
    Last edited: Apr 6, 2017
  20. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    This seems more like an issue with the testing script you are using. You can try simulating a dos attack via another method (e.g. the ab utility referenced on this URL).

    Thank you.
     
Loading...

Share This Page