Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
How to / [AntiDDoS] for CWP Panel with vDDoS Proxy Protection
« on: May 01, 2022, 04:18:15 AM »
ANTIDDOS CWP Panel (Update 2022 - How to full install)
Video: https://www.youtube.com/watch?v=tSoP46Q62oE
STEP 1: Install CWP Panel
More documentation:
https://centos-webpanel.com/cwp-installation
STEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
More documentation:
https://vddos.voduy.com
STEP 3: Change Default Port Apache Listen of Centos Web Panel:
By default CWP uses only Apache running on port 80, 443. I will switch to "Nginx Proxy Apache" mode, the purpose is to let Apache change the port and replace Nginx with vDDoS.
We can use the function: Setup default Web Servers at Apache Settings >> Select WebServer
So Apache will be listened to at another port is 8181 and 8443
Stop Nginx:
STEP 4: Config vDDoS Proxy Protection
For example, the IP Addr of your server is 1.2.3.4:
STEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.
Set Crontab:
STEP 6: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.
Crontab vDDoS Auto Switch:
More documentation:
https://github.com/duy13/vDDoS-Auto-Switch
Video: https://www.youtube.com/watch?v=tSoP46Q62oE
STEP 1: Install CWP Panel
Code: [Select]
cd /usr/local/src
wget http://centos-webpanel.com/cwp-el7-latest
sh cwp-el7-latestMore documentation:
https://centos-webpanel.com/cwp-installation
STEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
Code: [Select]
wget https://files.voduy.com/vDDoS-Proxy-Protection/latest.sh ; chmod 700 latest.sh ; bash latest.sh
More documentation:
https://vddos.voduy.com
STEP 3: Change Default Port Apache Listen of Centos Web Panel:
By default CWP uses only Apache running on port 80, 443. I will switch to "Nginx Proxy Apache" mode, the purpose is to let Apache change the port and replace Nginx with vDDoS.
We can use the function: Setup default Web Servers at Apache Settings >> Select WebServer
So Apache will be listened to at another port is 8181 and 8443
Code: [Select]
[root@vDDoS-CWP Panel ~]# netstat -lntup|grep httpd
tcp6 0 0 :::8181 :::* LISTEN 1304/httpd
tcp6 0 0 :::8443 :::* LISTEN 1304/httpdStop Nginx:
Code: [Select]
service nginx stop
chkconfig nginx offSTEP 4: Config vDDoS Proxy Protection
For example, the IP Addr of your server is 1.2.3.4:
Code: [Select]
nano /vddos/conf.d/website.conf
# Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey
default http://0.0.0.0:80 http://1.2.3.4:8181 no no no no
default https://0.0.0.0:443 https://1.2.3.4:8443 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt
Restart vDDoS service after you have configured:Code: [Select]
/usr/bin/vddos restartSTEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.
Code: [Select]
nano /vddos/auto-add/setting.conf
# Default Setting for vddos-add command:
SSL auto
DNS_sleep 66
DNS_alias_mode no
Cache no
Security no
HTTP_Listen http://0.0.0.0:80
HTTPS_Listen https://0.0.0.0:443
HTTP_Backend http://1.2.3.4:8181
HTTPS_Backend https://1.2.3.4:8443Set Crontab:
Code: [Select]
echo '*/15 * * * * root /usr/bin/vddos-autoadd panel cwp apache' >> /etc/crontabSTEP 6: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.
Code: [Select]
nano /vddos/auto-switch/setting.conf
# This is the default configuration for "sensor-switch.sh" and "vddos-autoswitch.sh"
hostname="vDDoS Master" #(Name this server, it will show up in Email notifications)
vddos_master_slave_mode="no" #(Turn on "yes" if your system has slave servers, want to sync affter switch like master)
backend_url_check="no" #(Put the URL of the backend. Ex: https://1.1.1.1:8443/ (make sure Backend status response is "200"))
send_notifications="no" #(Turn on "yes" if you want receive notification)
smtp_server="smtps://smtp.gmail.com" #(SMTP Server)
smtp_username="xxx@gmail.com" #(Your Mail)
smtp_password="xxxxxxxxxxxxx" #(Get your Apps password for Gmail from https://security.google.com/settings/security/apppasswords)
send_notifications_to="xxxx@gmail.com" #(Your Email Address will receive notification)
maximum_allowable_delay_for_backend=2 #(Means: If Backend (status response "200") is slower than 2s, vDDoS will enable challenge mode)
maximum_allowable_delay_for_website=2 #(Means: If Website (status response "200") is slower than 2s, vDDoS will enable challenge mode)
default_switch_mode_not_attack="no" #(Default Mode vDDoS use when it's not under attacked)
default_switch_mode_under_attack="high" #(Default Mode vDDoS use when it's under attack)
default_waiting_time_to_release="60" #(For example 60 minutes, release time from challenge)Crontab vDDoS Auto Switch:
Code: [Select]
echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-switch allsite no && /usr/bin/vddos reload' >> /etc/crontab
echo '* * * * * root /usr/bin/vddos-sensor' >> /etc/crontabMore documentation:
https://github.com/duy13/vDDoS-Auto-Switch
2
SSL / Re: Why CWP don't have "Custom SSL functionality" for customers
« on: May 17, 2020, 09:19:33 AM »
This is awesome
3
SSL / Re: how to install third Party ssl
« on: May 14, 2020, 06:07:37 PM »
Link: http://forum.centos-webpanel.com/index.php?topic=8957.0
The same problem, it can be solved by admin but how can customers add their certificates from 3rd parties themselves in CWP cPanel?
Any suggestions?
The same problem, it can be solved by admin but how can customers add their certificates from 3rd parties themselves in CWP cPanel?
Any suggestions?
4
SSL / Why CWP don't have "Custom SSL functionality" for customers
« on: May 12, 2020, 09:44:35 AM »
For example they buy their own ssl or certificate and they can add it to their domain themselves
Currently they can only use AutoSSL or need admin to add their custom certificate
And please design a place for them to generate CSR and Private KEY (Self-signed Certificate).
Thanks you very much!
Currently they can only use AutoSSL or need admin to add their custom certificate
And please design a place for them to generate CSR and Private KEY (Self-signed Certificate).
Thanks you very much!
5
How to / [ANTIDDOS] for CWP Panel with vDDoS Proxy Protection
« on: June 16, 2018, 04:34:36 PM »
ANTIDDOS CWP Panel (Update 2018 - How to full install)
STEP 1: Install CWP Panel
More documentation:
http://centos-webpanel.com/cwp-installation
STEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
STEP 3: Change Apache Default Port
By default, CWP uses Apache alone and runs on port 80, 443. We can use the function: Setup default Web Servers at Apache Settings >> Select WebServer
Change it into: Apache & Varnish Cache & Nginx Reverse Proxy or Apache & Nginx Reverse Proxy, So Apache will be listened to at another port is 8181 and 8443; to facilitate our proxying.
Click Save and Re-check Apache port:
It can be seen that Nginx listened at 80 and 443, then it proxyed to port 82 of Varnish cache server then Varnish continued forwarding traffic to Apache at port 8181.
So you can stop Nginx and replacing it with vDDoS, Reverse Proxy for vDDoS to any port of Apache or Varnish (With Varnish you will be cached and reach faster speeds)
STEP 4: Config vDDoS Proxy Protection
The following example assumes the IP address of the server you are 1.2.3.4:
Configuration like the above you will use directly from vDDoS reverse proxy to Apache port, If you want to use port of Varnish cache server then you can configure as follows:
Restart vDDoS service after you have configured:
STEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.
Crontab CWP Panel:
STEP 6: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.
STEP 1: Install CWP Panel
Code: [Select]
cd /usr/local/src
wget http://centos-webpanel.com/cwp-el7-latest
sh cwp-el7-latestMore documentation:
http://centos-webpanel.com/cwp-installation
STEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
Code: [Select]
curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh
chmod 700 latest.sh
bash latest.shSTEP 3: Change Apache Default Port
By default, CWP uses Apache alone and runs on port 80, 443. We can use the function: Setup default Web Servers at Apache Settings >> Select WebServer
Change it into: Apache & Varnish Cache & Nginx Reverse Proxy or Apache & Nginx Reverse Proxy, So Apache will be listened to at another port is 8181 and 8443; to facilitate our proxying.
Click Save and Re-check Apache port:
Code: [Select]
[root@vDDoS-CWP Panel ~]# netstat -lntup|grep httpd; netstat -lntup|grep nginx; netstat -lntup|grep varnishd
tcp6 0 0 :::8181 :::* LISTEN 1304/httpd
tcp6 0 0 :::8443 :::* LISTEN 1304/httpd
tcp 0 0 1.2.3.4:80 0.0.0.0:* LISTEN 5481/nginx: master
tcp 0 0 1.2.3.4:443 0.0.0.0:* LISTEN 5481/nginx: master
tcp 0 0 127.0.0.1:6082 0.0.0.0:* LISTEN 1418/varnishd
tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 1418/varnishd
tcp6 0 0 :::82 :::* LISTEN 1418/varnishd
It can be seen that Nginx listened at 80 and 443, then it proxyed to port 82 of Varnish cache server then Varnish continued forwarding traffic to Apache at port 8181.
So you can stop Nginx and replacing it with vDDoS, Reverse Proxy for vDDoS to any port of Apache or Varnish (With Varnish you will be cached and reach faster speeds)
Code: [Select]
service nginx stop
chkconfig nginx offSTEP 4: Config vDDoS Proxy Protection
The following example assumes the IP address of the server you are 1.2.3.4:
Code: [Select]
nano /vddos/conf.d/website.conf
# Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey
default http://0.0.0.0:80 http://1.2.3.4:8181 no no no no
default https://0.0.0.0:443 http://1.2.3.4:8181 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crtConfiguration like the above you will use directly from vDDoS reverse proxy to Apache port, If you want to use port of Varnish cache server then you can configure as follows:
Code: [Select]
nano /vddos/conf.d/website.conf
# Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey
default http://0.0.0.0:80 http://1.2.3.4:82 no no no no
default https://0.0.0.0:443 http://1.2.3.4:82 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt
Restart vDDoS service after you have configured:
Code: [Select]
/usr/bin/vddos restart
Auto-start vDDoS services on boot:Code: [Select]
/usr/bin/vddos autostart
STEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.
Code: [Select]
nano /vddos/auto-add/setting.conf
Default Setting for vddos-add command:
SSL Auto
Cache no
Security no
HTTP_Listen http://0.0.0.0:80
HTTPS_Listen https://0.0.0.0:443
HTTP_Backend http://1.2.3.4:82
HTTPS_Backend http://1.2.3.4:82Crontab CWP Panel:
Code: [Select]
echo '*/25 * * * * root /usr/bin/vddos-autoadd panel cwp apache' >> /etc/crontab
STEP 6: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.
Code: [Select]
echo '*/6 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab
6
CSF Firewall / Re: [AntiDDOS] vDDoS & CSF on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack
« on: May 24, 2018, 02:03:07 AM »7
CentOS-WebPanel Bugs / Re: Website Down
« on: December 24, 2017, 04:11:09 PM »Some days my website often decreased so can not be accessed. all run normally again after I reboot the server. And after a few hours later this happens again. I do not know why, anyone can help?
You may have been attacked by ddos. Please check the connection number to your server:
Code: [Select]
netstat -an |grep ":80" |awk '{print $5}' | sed s/::ffff://g | cut -d: -f1 |sort |uniq -c |sort -n | tail -1000 | grep -v "0.0.0.0"
PM My skype voduy13 for support
8
CentOS-WebPanel GUI / Re: I converted Apache Only to Apache & Nginx Reverse Proxy
« on: September 07, 2017, 08:47:02 AM »
Re-Build Apache config, kill apache, start nginx, start apache
9
Installation / Re: 安装cwp,packages下载非常缓慢1-5kb/s
« on: July 09, 2017, 02:51:35 PM »
You can try install CWP over sock proxy or something like that
10
CSF Firewall / Re: [AntiDDOS] vDDoS & CSF on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack
« on: May 27, 2017, 02:36:29 AM »I can install the vDDoS Proxy Protection after installing the CWP?
Problems will not be?
I did not quite understand how vDDoS works with nginx?
Should vDDoS listen on port 80? If so, how will the data be transferred from the vDDoS to the nginx configured on the non 80 port?
Is it possible to remove the vDDoS , if so, how?
Thank you!
1. vDDoS should be installed before installing other things (CWP, cPanel, VestaCP, LAMP, LEMP...)
(PS: But I try to install vDDoS after CWP is still successful-CentOS 7)
2. Nginx or Apache... running & listen on other-port /Example: 8080, 8443... Vddos listens at 80 and 443
3. Remove vDDoS:
Code: [Select]
vddos stop
rm -rf /usr/bin/vddos
rm -rf /vddos
rm -rf /usr/lib64/vddos/modules
rm -rf /var/log/vddos
rm -rf /var/cache/vddos
11
CSF Firewall / Re: [AntiDDOS] vDDoS & CSF on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack
« on: May 26, 2017, 02:12:21 PM »in https and centos 7 you must update nginx to 1.3 , becouse in nginx what to isntall not work opensslThanks for your report!
vDDoS 1.12.0 or 1.13.0 still working perfectly HTTP/2 with Openssl 1.0.2k https://www.openssl.org/source/old/1.0.2/ openssl-1.0.2l will be update soon
How to install with already installed cwp7 with apache and Nginx Reverse Proxy?
Thanks
You can change default port of nginx or stop & remove nginx (using only Apache+vDDoS)
Or install vDDoS in other-server
12
CSF Firewall / [AntiDDOS] vDDoS & CSF on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack
« on: April 24, 2017, 06:52:15 AM »
[AntiDDOS] How to Install vDDoS & CSF on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack
vDDoS Layer4 Mapping is a addon support for vDDoS Proxy Protection - Monitor processor logs and block it in Layer 3-4. This tool is product for those people ask me to add "BLOCK & CAPTCHA" on Layer 3-4 (Support Iptables CSF & CloudFlare API) for vDDoS Proxy Protection.
1. Install vDDoS Proxy Protection + CWP
Please visit Part 1: http://forum.centos-webpanel.com/how-to/(antiddos)-install-vddos-on-cwp-to-antiddos-dos-syn-flood-http-floods-attack/
2. Install vDDoS Layer4 Mapping
Use vDDoS-Layer4-Mapping:
DOS Flood Attack - Before using vDDoS Protection:
DOS Flood Attack - After using vDDoS Protection:
View More Config: http://vddos.voduy.com
vDDoS Layer4 Mapping is a addon support for vDDoS Proxy Protection - Monitor processor logs and block it in Layer 3-4. This tool is product for those people ask me to add "BLOCK & CAPTCHA" on Layer 3-4 (Support Iptables CSF & CloudFlare API) for vDDoS Proxy Protection.
1. Install vDDoS Proxy Protection + CWP
Please visit Part 1: http://forum.centos-webpanel.com/how-to/(antiddos)-install-vddos-on-cwp-to-antiddos-dos-syn-flood-http-floods-attack/
2. Install vDDoS Layer4 Mapping
Code: [Select]
curl -L https://github.com/duy13/vDDoS-Layer4-Mapping/raw/master/vddos-layer4-mapping -o /usr/bin/vddos-layer4
chmod 700 /usr/bin/vddos-layer4
/usr/bin/vddos-layer4Use vDDoS-Layer4-Mapping:
Code: [Select]
/usr/bin/vddos-layer4
(Choose options 5)Code: [Select]
Welcome to vDDoS, a HTTP(S) DDoS Protection Reverse Proxy. Thank you for using!
Please choose vDDoS Layer 4 Running Mode:
CloudFlare Mode:
1. Enable Captcha-All-Country Mode (Recommend This Mode For Large DDoS Attacks)
2. Enable Monitor-vDDoS-logs-and-Captcha Mode
3. Enable Monitor-vDDoS-logs-and-Block Mode
4. Remove all rules exist on CloudFlare Firewall
CSF Mode:
5. Enable Monitor-vDDoS-logs-and-Block Mode
6. Remove all rules exist on CSF
End & Exit:
7. End All Process (Kill all Process Mode Running)
8. Exit
Enter Your Answer [1, 2, 3... or 8]:
DOS Flood Attack - Before using vDDoS Protection:
DOS Flood Attack - After using vDDoS Protection:
View More Config: http://vddos.voduy.com
13
How to / [AntiDDOS] Install vDDoS on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack
« on: April 24, 2017, 06:24:25 AM »
[AntiDDOS] How to Install vDDoS on CWP to AntiDDOS, DOS, SYN Flood, HTTP Floods attack
What is vDDoS?
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
Homepage: http://vddos.voduy.com
System Requirement:
CentOS Server 5/6/7 x86_64 (http://centos.org)
CloudLinux Server 5/6/7 x86_64 (http://cloudlinux.com)
Install vDDoS Proxy Protection on Centos Web Panel
1. Install vDDoS Proxy Protection: (Please goto vDDoS Homepage and get new version)
2. Install Centos Web Panel: (Please goto CWP Homepage and get new version)
3. Change Default Port Apache Listen of Centos Web Panel:
CWP Setting > Edit Setting > Apache Port > 8080 (or something like that)
4. Config vDDoS Proxy Protection:
Security mode: no < 307 < 200 < click < 5s < high < captcha
vDDoS Restart:
4. Example Test website:
Security DDOS mode: 5s checking
Security DDOS mode: reCaptcha checking
View More Config: http://vddos.voduy.com
Part 2: http://forum.centos-webpanel.com/csf-firewall/(antiddos)-vddos-csf-on-cwp-to-antiddos-dos-syn-flood-http-floods-attack/
What is vDDoS?
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
Homepage: http://vddos.voduy.com
System Requirement:
CentOS Server 5/6/7 x86_64 (http://centos.org)
CloudLinux Server 5/6/7 x86_64 (http://cloudlinux.com)
Install vDDoS Proxy Protection on Centos Web Panel
1. Install vDDoS Proxy Protection: (Please goto vDDoS Homepage and get new version)
Code: [Select]
curl -L https://github.com/duy13/vDDoS-Protection/raw/master/vddos-1.12.0-centos7 -o /usr/bin/vddos
chmod 700 /usr/bin/vddos
/usr/bin/vddos help
/usr/bin/vddos setup2. Install Centos Web Panel: (Please goto CWP Homepage and get new version)
Code: [Select]
cd /usr/local/src
wget http://centos-webpanel.com/cwp-latest
sh cwp-latest3. Change Default Port Apache Listen of Centos Web Panel:
CWP Setting > Edit Setting > Apache Port > 8080 (or something like that)
Code: [Select]
[root@vddos ~]# netstat -lntup|grep httpd
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 7466/httpd4. Config vDDoS Proxy Protection:
Code: [Select]
nano /vddos/conf.d/website.conf
# Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey
your-domain.com http://0.0.0.0:80 http://167.114.161.2:8080 no 5s no no
default http://0.0.0.0:80 http://167.114.161.2:8080 no 5s no noSecurity mode: no < 307 < 200 < click < 5s < high < captcha
vDDoS Restart:
Code: [Select]
[root@vddos ~]# vddos restart
0.0.0.0:80
vDDos service Restart success!4. Example Test website:
Security DDOS mode: 5s checking
Security DDOS mode: reCaptcha checking
View More Config: http://vddos.voduy.com
Part 2: http://forum.centos-webpanel.com/csf-firewall/(antiddos)-vddos-csf-on-cwp-to-antiddos-dos-syn-flood-http-floods-attack/
Pages: [1]
