Author Topic: [AntiDDOS] Install vDDoS on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack  (Read 3743 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
[AntiDDOS] How to Install vDDoS on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack

What is vDDoS?

vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
Homepage: http://vddos.voduy.com

System Requirement:
CentOS Server 5/6/7 x86_64 (http://centos.org)
CloudLinux Server 5/6/7 x86_64 (http://cloudlinux.com)




Install vDDoS Proxy Protection on Centos Web Panel

1. Install vDDoS Proxy Protection: (Please goto vDDoS Homepage and get new version)

Code: [Select]
curl -L https://github.com/duy13/vDDoS-Protection/raw/master/vddos-1.12.0-centos7 -o /usr/bin/vddos
chmod 700 /usr/bin/vddos
/usr/bin/vddos help

/usr/bin/vddos setup

2. Install Centos Web Panel: (Please goto CWP Homepage and get new version)

Code: [Select]
cd /usr/local/src
wget http://centos-webpanel.com/cwp-latest
sh cwp-latest

3. Change Default Port Apache Listen of Centos Web Panel:

CWP Setting > Edit Setting > Apache Port > 8080 (or something like that)



Code: [Select]
[root@vddos ~]# netstat -lntup|grep httpd
tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN      7466/httpd

4. Config vDDoS Proxy Protection:

Code: [Select]
nano /vddos/conf.d/website.conf

# Website           Listen            Backend               Cache  Security  SSL-Prikey  SSL-CRTkey
your-domain.com http://0.0.0.0:80 http://167.114.161.2:8080 no     5s             no          no
default         http://0.0.0.0:80 http://167.114.161.2:8080 no     5s             no          no

Security mode: no < 307 < 200 < click < 5s < high < captcha

vDDoS Restart:

Code: [Select]
[root@vddos ~]# vddos restart
0.0.0.0:80
vDDos service Restart success!


4. Example Test website:

Security DDOS mode: 5s checking



Security DDOS mode: reCaptcha checking




View More Config: http://vddos.voduy.com

Part 2: http://forum.centos-webpanel.com/csf-firewall/(antiddos)-vddos-csf-on-cwp-to-antiddos-dos-syn-flood-http-floods-attack/
« Last Edit: April 24, 2017, 06:53:26 AM by duy13 »
Free Support - Problems with Domain, Hosting, VPS, Server... Skype: voduy13

Offline
*
How to update`?
Remove previous installation and install new version?

Offline
*
[ANTIDDOS] for CWP Panel with vDDoS Proxy Protection
« Reply #2 on: June 16, 2018, 04:34:36 PM »
ANTIDDOS CWP Panel (Update 2018 - How to full install)



STEP 1: Install CWP Panel
Code: [Select]
cd /usr/local/src
wget http://centos-webpanel.com/cwp-el7-latest
sh cwp-el7-latest

More documentation: 
http://centos-webpanel.com/cwp-installation

STEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.

Code: [Select]
curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh
chmod 700 latest.sh
bash latest.sh

STEP 3: Change Apache Default Port

By default, CWP uses Apache alone and runs on port 80, 443. We can use the function: Setup default Web Servers at Apache Settings >> Select WebServer



Change it into: Apache & Varnish Cache & Nginx Reverse Proxy or Apache & Nginx Reverse Proxy, So Apache will be listened to at another port is 8181 and 8443; to facilitate our proxying.


Click Save and Re-check Apache port:

Code: [Select]
[root@vDDoS-CWP Panel ~]# netstat -lntup|grep httpd; netstat -lntup|grep nginx; netstat -lntup|grep varnishd
tcp6       0      0 :::8181         :::*                    LISTEN      1304/httpd
tcp6       0      0 :::8443         :::*                    LISTEN      1304/httpd
tcp        0      0 1.2.3.4:80      0.0.0.0:*               LISTEN      5481/nginx: master
tcp        0      0 1.2.3.4:443     0.0.0.0:*               LISTEN      5481/nginx: master
tcp        0      0 127.0.0.1:6082  0.0.0.0:*               LISTEN      1418/varnishd
tcp        0      0 0.0.0.0:82      0.0.0.0:*               LISTEN      1418/varnishd
tcp6       0      0 :::82           :::*                    LISTEN      1418/varnishd

It can be seen that Nginx listened at 80 and 443, then it proxyed to port 82 of Varnish cache server then Varnish continued forwarding traffic to Apache at port 8181.
So you can stop Nginx and replacing it with vDDoS, Reverse Proxy for vDDoS to any port of Apache or Varnish (With Varnish you will be cached and reach faster speeds)

Code: [Select]
service nginx stop
chkconfig nginx off

STEP 4: Config vDDoS Proxy Protection

The following example assumes the IP address of the server you are 1.2.3.4:

Code: [Select]
nano /vddos/conf.d/website.conf

# Website       Listen               Backend                  Cache Security SSL-Prikey   SSL-CRTkey
default         http://0.0.0.0:80    http://1.2.3.4:8181    no    no      no           no
default         https://0.0.0.0:443  http://1.2.3.4:8181   no    no      /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt


Configuration like the above you will use directly from vDDoS reverse proxy to Apache port, If you want to use port of Varnish cache server then you can configure as follows:

Code: [Select]
nano /vddos/conf.d/website.conf

# Website       Listen               Backend                  Cache Security SSL-Prikey   SSL-CRTkey
default         http://0.0.0.0:80    http://1.2.3.4:82    no    no      no           no
default         https://0.0.0.0:443  http://1.2.3.4:82   no    no      /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt

Restart vDDoS service after you have configured:
Code: [Select]
/usr/bin/vddos restart
Auto-start vDDoS services on boot:
Code: [Select]
/usr/bin/vddos autostart



STEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.

Code: [Select]
nano /vddos/auto-add/setting.conf

Default Setting for vddos-add command:

SSL Auto
Cache no
Security no
HTTP_Listen http://0.0.0.0:80
HTTPS_Listen https://0.0.0.0:443
HTTP_Backend http://1.2.3.4:82
HTTPS_Backend http://1.2.3.4:82

Crontab CWP Panel:
Code: [Select]
echo '*/25 * * * * root /usr/bin/vddos-autoadd panel cwp apache' >> /etc/crontab



STEP 6: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.

Code: [Select]
echo '*/6 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab
Free Support - Problems with Domain, Hosting, VPS, Server... Skype: voduy13

Offline
*
thanks for your hard work
i am using vddos with success

thank you so much! great tool