Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Using mod_httpbl with WHM

Discussion in 'Security' started by lane, Sep 15, 2010.

  1. lane

    lane Registered

    Joined:
    Jun 8, 2004
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    151
    Has anyone set this up before? Has anyone used Project Honeypot before?

    I can't find much of any documentation for this module but I would really like to set our server up to block Project Honeypot registered offenders. If anyone has set this up before and could spare a moment to tell me how it went that would be very cool of you.

    ## Edit ##

    I forgot to provide the links to the software in case anyone is interested in trying it themselves:
    http://www.projecthoneypot.org/httpbl_download.php
    https://sourceforge.net/projects/httpbl/
     
    #1 lane, Sep 15, 2010
    Last edited: Sep 15, 2010
  2. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    Hey!

    Sorry for the late reply to your post. . .but I've set this up for a few clients, and while the syntax is a bit complicated, it is very simple once you understand how it works, and what you want to block, etc.

    Give me a shout if you still need help figuring it out.

    Your first place to check though is yourdomain.com/httpbl_diagnostics/ -- that'll at least let you know if you've installed it properly.

    Anyway, let me know. . .
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. zushiba

    zushiba Member

    Joined:
    Aug 24, 2006
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    151
    Forgive me if I'm resurrecting an old thread but I'm interested in this as well. I've installed it but I couldn't quite figure out where to put the basic configuration stuff
    Code:
    <IfModule mod_httpbl.c>
    	HTTPBLRBLEnabled On
    	HTTPBLLogDir /usr/local/apache/logs
    	HTTPBLAccessKey mykey
    </IfModule>
    I put it in http.conf but I know any builds in WHM will smash that to pieces.

    Note: I did search for custom directives and came up with this
    but CustomDirectives < EasyApache3 < TWiki no longer exists and I don't know what else to look for.
     
    #3 zushiba, Jun 15, 2011
    Last edited: Jun 15, 2011
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,554
    Likes Received:
    9
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    I recommend using the Apache/httpd configuration include editor in WebHost Manager (WHM) to install the new (custom) directives: WHM: Main >> Service Configuration >> Apache Configuration >> Include Editor

    I've submitted internal case 50742 to address the missing topic in the documentation; if I recall correctly, I believe the "EasyApache3/CustomDirectives" page served as an introduction to the following two topics:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    Hey,

    Also, just so you know, you don't have to edit httpd.conf directly. . .

    You can just insert an include this line as follows:

    Include /usr/local/apache/conf/mod_httpbl.conf

    Then include the following within the mod_httpbl.conf

    <code>
    LoadModule /usr/local/apache/conf/mod_httpbl.so
    HTTPBLRBLEnabled On
    HTTPBLLogDir /usr/local/apache/logs
    HTTPBLAccessKey mykey
    </code>

    This is how I ran it in my installation and countless client installations. . .

    In addition, you can also run the distiller afterwards:

    /usr/local/cpanel/bin/apache_conf_distiller --update

    This will check your changes in. =0)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    Hey,

    Also, just in case you were talking about the actual configuration directives, you can configure it by using the syntax shown below for example (this is how I have mine configured):

    Code:
    HTTPBLDefaultAction allow
    # Serve all search engines
    HTTPBLRBLReqHandler 255:0-255:0-255:0 allow
    # Deny any requests originating from IPs known to Project Honey Pot to be suspicious or offensive.
    HTTPBLRBLReqHandler 255:0-255:0-255:255 deny
    # Deny known exploiters (8) from using HTTP requests (4), and POST requests (2)
    HTTPBLRBLReqHandler 4:0-255:0-255:8 deny
    HTTPBLRBLReqHandler 2:0-255:0-255:8 deny
    # Deny comment spammers (4) as well from submitting POST Requests (2), and HTTP Requests (4)
    HTTPBLRBLReqHandler 4:0-255:0-255:4 deny
    HTTPBLRBLReqHandler 2:0-255:0-255:4 deny
    # Set by default, no need to set it below, so it's commented out.
    #HTTPBLTestingURL /httpbl_diagnostics/
    
    I find these settings work pretty effectively in both my server configuration and a bunch of different client server configurations in preventing comment spam, and otherwise -- the documentation for it is pretty detailed, but you won't find it as part of the source package.

    I forget where I found it honestly, but it was pretty detailed, as it has lots of directives you can use.

    If I manage to find it again, I'll post it here for you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. hgrg

    hgrg Well-Known Member

    Joined:
    Oct 4, 2010
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    56
    cPanel Access Level:
    Root Administrator
    thanks for the detailed explanation its really helpful.. im also going to give it a try..
     
  8. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    No problem -- I help where I can. . .

    I'm still attempting to locate the documentation I had found for it with all the directives and such. . .

    If I manage to locate it, I'll post it here! =0)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice