How Do I Secure Apache From Ddos Attack's
May 17, 2009way to secure apache from ddos attack's on centos 5.3.
View 7 Replies
ADVERTISEMENT
Secure VPS After Many Hack Attacks
Feb 2, 2008my VPS provider just rebuilt my VPS after many hack attacks.
From some days I am getting emails from firewall that someone login to my VPS/mySQL using SSH.
I don't know what they do, but they don't disturb any account. Only some downtime feel during this. But last night my VPS stop working so my provider rebuilt VPS.
how I can secure my VPS now. I have Cpanel installed.
How Can I Secure My Server Against Spam Attacks?
Mar 25, 2008I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
How To Best Secure WP From Any Attacks, Hack Attempts Etc?
Mar 16, 2008How to best secure WP from any attacks, hack attempts and others?
View 4 Replies View RelatedDNS DDoS Attacks
Mar 9, 2008I have a VPS that's on the awknet network and I'm receiving DNS DDoS and I don't think they have anything to stop these attacks, how can I prevent these?
View 4 Replies View RelatedDdos Attacks / Udp Flood
Jun 25, 2008one of my costumers server is getting ddos attacks. I solved syn and get attacks with litespeed web server but I have another problem. They started to do udp flood. I m losing connection to my server. I bought new server with 1 gbit port for solving it.
View 3 Replies View RelatedProtecting From DDoS Attacks
Mar 31, 2009This is a quote from an unrelated thread in the Dedicated Server Forum, I didnt want to hijack the thread so thought I would bring my question over here:
Quote:
Originally Posted by HRDev Hady
I believe they use BurstNet, which isn't really a good choice for DDoS-prone sites as their Top Layer devices don't seem to handle attacks very well in my opinion. If you're running a DDoS prone site, you'd likely be better off with a DDoS-specialized provider such as Awknet, Staminus, or Black Lotus. But as mentioned, a lot of attacks can be stopped simply by proper tuning of your IP stack and some simple firewall rules.
My question is as a new Dedicated Server Owner what tuning and rules do I need to implement in order to protect me from these "small scale DDoS Attacks"?
I do not run a DDoS prone site(i hope not lol) but I want to secure myself as much as possible and have a headache free run other than the headaches I cause myself of course.
Understanding DDOS Attacks
Aug 3, 2009I want to understand the mechanics of a DDOS attack. I have been doing a lot of reading about them this weekend.
The way I am understanding it, a DDOS attack is done at the network level. It may be requesting that pages from a given website, or websites, are served up, but it basically will effect the entire network. So if 'page display' requests are made to a website(s) that is hosted at ABC Hosting (example only), to the tune of 15GBs then I have to assume that the network will be terribly degraded. If that is so, wouldn't other servers also get taken out?
I believe the architecture of the internet is something like this (example only):
Gnax --> Planet, SoftLayer, RackSpace, etc.. --> Reseller --> Smaller Reseller --> Me
If that is true, is each level along that route using their own networking system or are they all dependent on ones that major Data Center uses?
Ddos Attacks And A New Webhoster
Jan 12, 2009My current site has been taken offline since it was being ddos attacked, been with my current hosters for 3years at least, but with recent events they gave me the option to shift my site to a dedicated server or me to move of bascially. (impression I get now, since they seem to be taking longer to reply to my messages) I was being ddos attacked since I refused to give a copy of me software to the visitor at my forums/site.
ive been looking round site after site and I cant make up my mind who to shift too, also if that same idiot who ddos attacked me does it again before I can take any action, I would be in the same situation again.
I have multiple domains and all my sites in total are about 5gig in size, cpu usage is avergae and queries roughly about 15/17 the most, I currently pay £130.00 a yr
I have had few bad experiences with hosting companies but learnt along the way, and assumed my current hosters would be a reliable place to stay at. My sites been offline since friday and I would like to get it back up again asap. Last thing I want to do is rush into a hosting package and be stuck in a dud situation.
I would also like to take action upon the person who has been ddos attacking me, I managed to get hold of his details and I also have confirmation that they are correct, what can be done legally?
Best Firewall For DDoS Attacks
Mar 23, 2009My sites are getting heavy DDoS attacks.
What's the best firewall? I'm currently using ACH software firewall but the attacks are getting so bad my site's are going down (apache is shutting down/locking) and sometimes my server even crashes.
Anyone recommend a better software firewall or a really cheap but good hardware firewall?
Could my host just use a router or something as the firewall or would that not do? I'm looking for something really affordable as a solution.
DDOS Attacks For A Month Now
Mar 14, 2008Some of my websites have been under a DDOS attack for about a month now. Is there any way I can find who is behind this attack and what their motive is?
How much does it cost to launch a DDOS attack and how long do they usually last?
My Site Under Ddos Attacks
Aug 22, 2008i have a shared host
my site under ddos attacks!
i want to upgrade to Dedicated Server
i needed to Dedicated Server contains DDOS protection!
btw: Site visitors 2500 in day!
DDoS Attacks :: How To Defend
Nov 24, 2008how to prevent my web servers from DoS attacks?
View 12 Replies View RelatedHow To Reduce Ddos Attacks
Jan 24, 2007I know there is no device can protect you from ddos attacks, but I wonder which one is the best to help you reduce the attacks? It might be intelligent to "feel" the attacks? Brand names from Cisco, Foundry, Nokia...?
View 2 Replies View RelatedDrDDoS, DDoS, DoS Attacks - The Works
Mar 18, 2008As many of you already know, not everyone has the money to spend on physical firewalls, for example a cisco firewall. I would like if everyone could share little tips and tricks towards securing a server they learned over time. Nothing in big detail. I thought if we all share our ideas, it would help quite alot of other people. For example, here is a good layout I believe. Please note this is towards a game server setup.
Shorewall Firewall - Block Unneeded Ports + Block Ping
Apache Web server - Installed with "mod_security"
SSH-Faker - Stop thoes bots from trying to gain access to SSH (Guessing Passwords)
DDoS Deflate - For me, does not really work. (I know, mainly for port 80 so webhosting) But still have it installed.
Bash Scripts Monitoring # of connections per ip with Netstat.
PSad - Monitoring and Reporting Port Scans (Optional automatic timed block)
VNStat - Monitor Current/Monthly/Yearly Bandwidth (Does not hog resources)
I'm guarenteed to of left alot out than just the above. If some of you could also share some simple things you do for securing a server, would be great.
Hosting Providers And DDoS Attacks!
Nov 24, 2008Hosting providers and DDoS attacks!
Hello guys! I am looking for a reliable hosting provider! I mean the most important thing for me know is to be sure that my future hosting company will manage to protect my websites against DDoS attacks fully! What hosting company according to your opinion can be considered as the most stable hosting solution against DDoS attacs?
How Does Hivelocity Deal With DDos Attacks?
Apr 2, 2009How does Hivelocity deal with DDos Attacks?
Do they have any similar protection to ThePlanet or Softlayer?
How To Prevent DDoS Attacks CentOS
Jul 23, 2009I believe that my site is being DDoSed against, and I'm wondering how I can prevent this from happening.
I'm running CentOS 5.3.
Are there any server side scripts of PHP scripts that could be used to dynamically block out IP's that are consuming too many resources on the VPS?
DDoS :: End The Attacks Or Penalize The Attacker?
Jun 12, 2009Let's say my site was getting DDOS'd. Let's say I suspected I knew the attacker's home IP address. Would there be anything I could do with this information to either end the attacks or penalize the attacker?
View 4 Replies View RelatedHow To Secure And Harden Centos Linux Server From Vulnerabilities & Threats ,attacks
Jul 28, 2009How I can secure my server from vulnerabilities and threats and ddos attack? How can I find my server is compromised or hacked?
Which ports I should check, what commands I should fired on shell prompt? which softwares you will recommend.
Q: Prevent DDoS Attacks With Restarting Httpd?
Jan 12, 2008Can you restart the httpd to get the server online again while you are under an DDoS attack?
The reason for asking is that I was told that when restarting the httpd it should start to work again instantly, and so it seems.
But why? doesnt the attack "continue" after the restart?
Security To Stop DDoS Attacks And Stuff
May 19, 2009My host tells me that they have security to stop DDoS attacks and stuff, however today my server load jumped to 17.12 and my site went down giving me a "Network Timeout" error.
My host tells me it's my fault that I am using too many resources. The MOST my site has been on load is 3.06 and that was around lunch time a few weeks back. It's 11:43 and the server load is 17.12? I think my host is pulling my leg. I have not added ANYTHING new to my site and have not changed anything in 3 days. The load has been fine till today.
I use In Motion Hosting.
GIGEnet Handle Multi Gig DDOS Attacks?
Apr 21, 2008I am about to get dedicated server with Gigenet.com.
Is this company good as they say they are?
How stable is it?
Can they really handle multi gig DDOS attacks?
Colo Provider That Handles DDoS Attacks
May 21, 2007One of the sites I run is a forum with a political component, and 4-5 times over the last week we've been seeing DoS attacks. They're not terribly sophisticated -- generally 1-3 compromised servers throwing packets my way -- but they're enough to clog my pipes and take my sites down.
What I'd like to do is put a new server up at a data center that's D(D)oS aware that can hopefully respond to these attacks automatically. My current provider has been giving solid support, but the best they can do is null route the affected IP, rather than filtering the incoming attack.
Can y'all name a few providers I should look into? Right now I'm just looking to move 1 box (or maybe a box and a firewall depending on the setup).
Reliable Hosting Provider That Protects Against DDOS Attacks
Dec 26, 2008Can someone please recommend a hosting company that offers 24 hours toll free phone support with very good DDOS protection services?
Our server has been attacked for the past couple weeks and current host can just null route the IP being attacked but cannot offer anything beyond that...which does not help us. We are talking about large 3 GBPS attacks.
How To Secure Your Web From FLOOD ; Ddos ; Etc
Jun 20, 2007some of my friend website is under attack by Ddos ; FLOOD ; and other way to down his site !
how can we save him from these attacks?
else the firewall!
1- is there any program or script to prevent these attacks!
2- is there any rules or script's for Firewall to prevent it!
Getting Protected From DoS Attacks With Apache
May 17, 2007Firewall settings are great for preventing Denial of Service (DoS) attacks, however it may not always be your only solution. The day has finally arrived when I found this excellent module called mod_dosevasive (DoS Evasive) which keeps track of how many requests each client makes to your server within intervals. If a client is being forceful with your server and making too many requests, then it is more than likely not just a web browser but some automated process unleashed on your site to try and take it down.
This handy Apache module we have found takes care of these issues. Let's get started by setting it up.
Secure Apache Server
Sep 8, 2007Is anyone have a ebook or article about secure linux server and apache .
I want to secure own server and my vps customer
my linux system : Centos
also i have cpanel control panel
20 Ways To Secure Your Apache Configuration
Dec 20, 2007you can find a article to "20 ways to Secure your Apache Configuration" in this link:
[url]
I have a problem after change permissions :
chown -R root:root /usr/local/apache
chmod -R o-rwx /usr/local/apache
after run above commands when I trying to restart apache show me this error:
Warning: SuexecUserGroup directive requires SUEXEC wrapper.
Apache :: Secure Page Can Be Cached
Dec 18, 2013When running OWASP ZAP web security tool, I get the following flag: Secure page can be cached in browser. Cache control is not set in HTTP header nor HTML header. Sensitive content can be recovered from browser storage.
I was surprised since i had the no cache header in both html code and httpd header.
After investigating the flag, i noticed that the response was a generic 302 found error response from Apach (located in apache/src/modules/http/http_protocol.c).
I have added a patch to code when adding the cache-control & pragma html headers with no-cache - and that had solved the security flag (patch attached).
full response given:
header:
HTTP/1.1 302 Found
Date: Sat, 30 Nov 2013 10:44:40 GMT
Server: Apache
X-Frame-Options: DENY
Location: https://*****
Content-Length: 376
Content-Type: text/html; charset=iso-8859-1
body:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://******">here</a>.</p>
<hr>
<address>Apache Server at 10.209.0.81 Port 443</address>
</body></html>
In conclusion:
Issue is "Secure page can be cached in browser." (found by owasp zap) for https page response "302 Found" from Apache.
Apache Ddos
Feb 25, 2008how to defend from this attack type?
CSF firewall installed, Dos-deflate installed, and again lot of apache processes
------------------
88.233.53.100 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.235.13.14 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.229.215.146 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
85.106.189.35 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.252.155.246 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
85.108.124.1 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.233.53.100 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.226.149.225 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
78.166.58.95 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
78.167.193.154 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.241.234.16 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.252.156.36 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.228.71.122 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.240.205.51 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.231.168.63 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
78.167.71.2 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.231.32.190 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.228.30.110 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.240.205.51 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
78.167.71.2 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.235.13.14 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
81.215.152.40 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
85.104.35.67 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
81.215.152.40 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
78.165.159.246 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.252.155.246 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
78.166.58.95 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.242.244.121 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
85.104.35.67 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
88.240.205.51 - - [25/Feb/2008:10:15:53 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"
78.166.30.163 - - [25/Feb/2008:10:15:48 -0600] "GET / HTTP/1.1" 200 10792 "-" "-"