The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Server Security Concerns

Discussion in 'Security' started by xbaha, Jan 2, 2015.

  1. xbaha

    xbaha Member

    Joined:
    Sep 30, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hi
    was very disappointed when i thought i have a solid server..
    i use 2GB 2x core cpu, but when i used a tool called switchblade that simulates a ddos attack,
    with only 400 connections, in one minute, my server cpu %wa went up 100% for about 5 minutes till connections cleared, and i couldn't access anything!!! how easy was this to bring any web-server down!
    if it was real attack, i might not be able even to log-in just to know what's happening!

    i am not an expert, but i already have mod security installed, didn't really help.
    i tried to add a line
    SecReadStateLimit 25
    to the config file, but it seems it's doing nothing.
    i tried to look for mod_qos , but i am on 2.4 Apache, couldn't locate it anywhere!

    some one can give basic guide for at least protecting from simple ddos attacks please!
     
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    PORTFLOOD settings in csf
    or dos deflate (D)DoS Deflate - deflate.medialayer.com
    add actual mod_security rules that will block such an attack

    I tested a server with it it did not do a whole lot flooded Apache but my IP was white listed a real attackers IP would have been banned
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    650
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I suggest using a firewall management utility such as CSF to help mitigate attacks, and you may also need to invest in a hardware firewall at your data center to help prevent more robust attacks on your server.

    Thank you.
     
Loading...

Share This Page