Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Mod_dosevasive dont banned

Discussion in 'General Discussion' started by dreamguitar, Jun 17, 2005.

  1. dreamguitar

    dreamguitar Registered

    Joined:
    Feb 8, 2004
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    151
    I have setup Mod_dosevasive on my server. I can see possible ddos blocking ip in /var/log/messages but it dont working no email and no ip ban in deny.host.rules


    Here my following configuration. Please help to correct this .

    in httpd.conf

    <IfModule mod_dosevasive.c>
    DOSHashTableSize 3097
    DOSPageCount 5
    DOSSiteCount 100
    DOSPageInterval 2
    DOSSiteInterval 2
    DOSBlockingPeriod 600
    DOSEmailNotify blabla@gmail.com
    DOSSystemCommand "sudo /usr/local/sbin/apf -d %s"
    </IfModule>


    and in visudo : ( my server name root.blabla.com )

    nobody root. = NOPASSWD: /usr/local/sbin/apf -d *
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. nosfin

    nosfin Registered

    Joined:
    Dec 7, 2003
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    151
    the same.

    i'm having the same problem..

    nobody ALL = NOPASSWD: /usr/local/sbin/apf -d *
    or
    nobody sense. = NOPASSWD: /usr/local/sbin/apf -d *

    root@foo [/etc]# sudo -u nobody -s /usr/local/sbin/apf -d 11.11.11.11
    /usr/local/sbin/apf: /usr/local/sbin/apf: Permission denied
    root@foo [/etc]#

    is there anyone knows howto solve this problem ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. dropby23

    dropby23 Well-Known Member

    Joined:
    Jan 16, 2005
    Messages:
    155
    Likes Received:
    0
    Trophy Points:
    166
    use this command
    Code:
    cat /var/log/messages | grep Blacklisting | awk {'print "ALL:" $8 "\n"'} >> /etc/hosts.deny 
    or

    find this
    DOSSystemCommand "sudo /usr/local/sbin/apf -d %s"
    and change with this

    DOSSystemCommand "sudo -u nobody-s /usr/local/sbin/apf -d %s"

    and the visudo will be like that

    nobody ROOT. = NOPASSWD: /usr/local/sbin/apf -d *
    the last thing you will do
    chmod 2755 /usr/local/sbin/apf
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice