Anti-DDoS [Apache]

Qlimatt · Aug 11, 2009

so is it good as the protection for linux?

quinkan · Aug 11, 2009

Already use this module a few years

PHP:

#Protection angaint DOS atacks
<IfModule dosevasive22_module>
    DOSHashTableSize        3097
    DOSPageCount            2
    DOSSiteCount            50
    DOSPageInterval         1
    DOSSiteInterval         1
    DOSBlockingPeriod       10
    DOSSystemCommand        none
    DOSWhitelist            none
</IfModule

PHP:

DOSWhitelist            localhost, 127.0.0.1

does this block localhost? and if someone else click 2 times you will not get blocked right? But anyways, thanks dude i rep you

Kayan · Aug 11, 2009

quinkan..

i use this configs in my apache. And with this config not will block localhost.

quinkan · Aug 11, 2009

Kiel said:
quinkan..

i use this configs in my apache. And with this config not will block localhost.

My website does´nt works if i try your config...<_<

quinkan · Aug 11, 2009

Kayan · Aug 11, 2009

open you httpd.conf

end of file and add only this.

PHP:

#Protection angaint DOS atacks
<IfModule dosevasive22_module>
    DOSHashTableSize        3097
    DOSPageCount            2
    DOSSiteCount            50
    DOSPageInterval         1
    DOSSiteInterval         1
    DOSBlockingPeriod       10
    DOSSystemCommand        none
    DOSWhitelist            localhost
</IfModule

Restart apache and test.

Saj · Aug 13, 2009

Saj said:
This only prevent ddos against xampp, not the computer or server right?

Answer please!

Dodekus · Aug 13, 2009

Saj said:
Answer please!

It's impossible to stop DDoSes to your computer, because the information sent goes through your cord and take up space already before it reaches your computer. You can make DDoS attacks unnoticable if you have like a big network that takes all the DDoSes.

Someone, correct me if I'm wrong with the above text. I'm interested in DDoS.

ragal · Aug 13, 2009

Saj said:
Answer please!

If you set your apache that ERROR 403 sends you to Google.pl (example) than U'r apache dont get flooded,

You can set it in:

Apache/error/include

Now all file open with notepad and Paste in THIS:

PHP:

<script language ="JavaScript">
<!--
window.location.replace('http://google.de');
//-->
</script>

ExplaiN:

Code:

<script language ="JavaScript">
<!--
window.location.replace('http://google.de');[B]<- Who DDoS ,will be linked to this site automaticly so he dos google.de instead u :)[/B]
//-->
</script>

Sir Shutter · Aug 14, 2009

You own.

Rep++!!!

ex eclipse · Aug 20, 2009

well i know this mod, and it works well with

Code:

DOSHashTableSize        3097
    DOSPageCount            2
    DOSSiteCount            50
    DOSPageInterval         1
    DOSSiteInterval         1
    DOSBlockingPeriod       20
    DOSSystemCommand        none
    DOSWhitelist            localhost, 127.0.0.1

, but GESIOR-ACC now cant create any character cuz when you are typing the nickname you get blocked, ok the solution is put a bigger number in DOSPageCount, but if u put a bigger number the mod doesnt work cuz apache starts to crash cuz of syn again... any sugestion ??

Henrey · Aug 21, 2009

Ohh thats great Thanks man ill rep you

Acubens · Aug 25, 2009

Aproved, Thanks ragal rep++

Wodian · Aug 25, 2009

Many thanks from this tutorial.

Wodian,,

zieworski denero · Aug 27, 2009

lol this ruined my homepage

people keep saying "homepage doesn't work!"

ragal · Aug 27, 2009

Mary Sack said:
lol this ruined my homepage people keep saying "homepage doesn't work!"

Not like it , not use it!

For me and other 100 peoples it work well.

Znote · Aug 27, 2009

Mary Sack said:
lol this ruined my homepage people keep saying "homepage doesn't work!"

It's because your homesite spends to much resources on upload images that the anti dos script thinks every user who enter the site is a dos attacker. You need to be a bit smart when hosting websites, try to get another image hoster and it will be solved.

Maczoo · Aug 28, 2009

It working in real tibia too?

I mean, it will be protect me from pings, in real tibia too?

Saints Anathema · Aug 29, 2009

I was wondering if anyone could PM me for some clarification on this.

I dont want to really mess with my apache if this wont work properly.

Now, my server has been under attack not as bad as before but it still happens atleast once a day.

I dont want to go into the specifics of what they use, because the sad thing is most people will just enter the program name into google.com lmfao..

So my question, will UDP Floods, and SYN attacks be weakened from this?
it seems alot of OT servers are having this problem nowadays.. the only servers i ever see that are North American with over 250+ online are Cytnara,RPGForge of elements, Collapser..

Now, i know 2 of those are on a VPS/Dedicated with a decent internet line, and Collapser, i believe... if i read right from a earlier post of his he hosts with a nice computer from home (on a good internet)

I've talked to my VPS staff about alternatives to fixing UDP Flood/Syn Packets..

They have tried null routing attacking ip's (still dont see how thats possible with source ip spoofed packets)

They suggested switching my IP (lmfao!!) obviosuly if they found the IP once they can do it again,

And now their final suggestion is a heavy duty firewall, I told them that unless they could promise that it would stop my problem i didnt want it.

So any thoughts?

ragal · Aug 29, 2009

Are u using Windows? ,
If so, then I suggest you look at this website!

How To: Harden the TCP/IP Stack

It Helped me!-

OT:
It Only stops when u set that 403-Forbidden sends you to Google.PL or something.. it can be setting in apache error config...

Anti-DDoS [Apache]

New Member

New Member

Active Member

New Member

New Member

Active Member

Remember my name

Fighters Online

Member

Learning LUA

New Member

Inhabitant of OTServers

Old Penguin

Lorensia Developer.

MS

Member

<?php echo $title; ?>

New Member

Old School Doleran

Member