The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Using mod_httpbl with WHM

Discussion in 'Security' started by lane, Sep 15, 2010.

  1. lane

    lane Registered

    Joined:
    Jun 8, 2004
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Has anyone set this up before? Has anyone used Project Honeypot before?

    I can't find much of any documentation for this module but I would really like to set our server up to block Project Honeypot registered offenders. If anyone has set this up before and could spare a moment to tell me how it went that would be very cool of you.

    ## Edit ##

    I forgot to provide the links to the software in case anyone is interested in trying it themselves:
    http://www.projecthoneypot.org/httpbl_download.php
    https://sourceforge.net/projects/httpbl/
     
    #1 lane, Sep 15, 2010
    Last edited: Sep 15, 2010
  2. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    Hey!

    Sorry for the late reply to your post. . .but I've set this up for a few clients, and while the syntax is a bit complicated, it is very simple once you understand how it works, and what you want to block, etc.

    Give me a shout if you still need help figuring it out.

    Your first place to check though is yourdomain.com/httpbl_diagnostics/ -- that'll at least let you know if you've installed it properly.

    Anyway, let me know. . .
     
  3. zushiba

    zushiba Member

    Joined:
    Aug 24, 2006
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Forgive me if I'm resurrecting an old thread but I'm interested in this as well. I've installed it but I couldn't quite figure out where to put the basic configuration stuff
    Code:
    <IfModule mod_httpbl.c>
    	HTTPBLRBLEnabled On
    	HTTPBLLogDir /usr/local/apache/logs
    	HTTPBLAccessKey mykey
    </IfModule>
    I put it in http.conf but I know any builds in WHM will smash that to pieces.

    Note: I did search for custom directives and came up with this
    but CustomDirectives < EasyApache3 < TWiki no longer exists and I don't know what else to look for.
     
    #3 zushiba, Jun 15, 2011
    Last edited: Jun 15, 2011
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    I recommend using the Apache/httpd configuration include editor in WebHost Manager (WHM) to install the new (custom) directives: WHM: Main >> Service Configuration >> Apache Configuration >> Include Editor

    I've submitted internal case 50742 to address the missing topic in the documentation; if I recall correctly, I believe the "EasyApache3/CustomDirectives" page served as an introduction to the following two topics:
     
  5. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    Hey,

    Also, just so you know, you don't have to edit httpd.conf directly. . .

    You can just insert an include this line as follows:

    Include /usr/local/apache/conf/mod_httpbl.conf

    Then include the following within the mod_httpbl.conf

    <code>
    LoadModule /usr/local/apache/conf/mod_httpbl.so
    HTTPBLRBLEnabled On
    HTTPBLLogDir /usr/local/apache/logs
    HTTPBLAccessKey mykey
    </code>

    This is how I ran it in my installation and countless client installations. . .

    In addition, you can also run the distiller afterwards:

    /usr/local/cpanel/bin/apache_conf_distiller --update

    This will check your changes in. =0)
     
  6. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    Hey,

    Also, just in case you were talking about the actual configuration directives, you can configure it by using the syntax shown below for example (this is how I have mine configured):

    Code:
    HTTPBLDefaultAction allow
    # Serve all search engines
    HTTPBLRBLReqHandler 255:0-255:0-255:0 allow
    # Deny any requests originating from IPs known to Project Honey Pot to be suspicious or offensive.
    HTTPBLRBLReqHandler 255:0-255:0-255:255 deny
    # Deny known exploiters (8) from using HTTP requests (4), and POST requests (2)
    HTTPBLRBLReqHandler 4:0-255:0-255:8 deny
    HTTPBLRBLReqHandler 2:0-255:0-255:8 deny
    # Deny comment spammers (4) as well from submitting POST Requests (2), and HTTP Requests (4)
    HTTPBLRBLReqHandler 4:0-255:0-255:4 deny
    HTTPBLRBLReqHandler 2:0-255:0-255:4 deny
    # Set by default, no need to set it below, so it's commented out.
    #HTTPBLTestingURL /httpbl_diagnostics/
    
    I find these settings work pretty effectively in both my server configuration and a bunch of different client server configurations in preventing comment spam, and otherwise -- the documentation for it is pretty detailed, but you won't find it as part of the source package.

    I forget where I found it honestly, but it was pretty detailed, as it has lots of directives you can use.

    If I manage to find it again, I'll post it here for you.
     
  7. hgrg

    hgrg Well-Known Member

    Joined:
    Oct 4, 2010
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    thanks for the detailed explanation its really helpful.. im also going to give it a try..
     
  8. egillette

    egillette Well-Known Member

    Joined:
    Jan 5, 2010
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Orlando, FL
    cPanel Access Level:
    DataCenter Provider
    No problem -- I help where I can. . .

    I'm still attempting to locate the documentation I had found for it with all the directives and such. . .

    If I manage to locate it, I'll post it here! =0)
     
Loading...

Share This Page