Do you mean how to detect them? You'd want to use netstat to check for connections something like the following for port 80 traffic:
If you want a product that will detect a DDoS, you can either try to configure CSF with LFD for brute force protection (and it does have a log), or you can use something like ddos-deflate:
(D)DoS Deflate - deflate.medialayer.com
Also, there's an Apache module that can help with connection limiting called mod_qos that's part of EasyApache now. Here are details on mod_qos:
mod_qos
Code:
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -n(D)DoS Deflate - deflate.medialayer.com
Also, there's an Apache module that can help with connection limiting called mod_qos that's part of EasyApache now. Here are details on mod_qos:
mod_qos
CSF with LFD is at the following location:
ConfigServer Security & Firewall
The steps to install on a cPanel machine are these:
After that, log into WHM and at the bottom in Plugins area you will see ConfigServer Security&Firewall. You can start the firewall there. Ensure to take it out of testing mode after you've gotten it setup as you prefer, which is done in WHM > Plugins > ConfigServer Security&Firewall > Firewall configuration area. In that section, you'll see the following:
Change the 1 to a 0 once you've determined you have the right ports enabled (since you used the cPanel installation script, it should have the common cPanel ports opened). Then click the "Change" button at the bottom and restart the firewall or start it.
If you have questions after this on anything for CSF and LFD, please ensure to post them on their forum:
CSF Forum
ConfigServer Security & Firewall
The steps to install on a cPanel machine are these:
Code:
wget http://configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
./install.cpanel.sh
Code:
Testing = 1If you have questions after this on anything for CSF and LFD, please ensure to post them on their forum:
CSF Forum
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.cpanel.sh
check the ip tables if they are ok before activate the firewall...
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.cpanel.sh
check the ip tables if they are ok before activate the firewall...
Last edited by a moderator:
First of all check if iptables service is installed and running
Sometimes there need some iptables modules to be installed if they are missing,especially for vps.
Check http://forums.cpanel.net/f5/iptables-module-missing-204061.html ConfigServer Scripts Forum • View topic - IPTables Modules - Ongoing Problems
hey i didnt get the bash command this time.. i didn't change anything eles.. Thanks
I think I forgot the .tar
