[AntiDDoS] for DirectAdmin with vDDoS Proxy Protection

[duy13]

[AntiDDoS] for DirectAdmin with vDDoS Proxy Protection

STEP 1: Install DirectAdmin

bash <(curl -LSs https://download.directadmin.com/setup.sh || curl -LSs https://download-alt.directadmin.com/setup.sh) 'Provided license key should go here'

More documentation:

Install guide | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

STEP 2: Install vDDoS Proxy Protection

vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.

wget https://files.voduy.com/vDDoS-Proxy-Protection/latest.sh ; chmod 700 latest.sh ; bash latest.sh

More documentation:
https://vddos.voduy.com



STEP 3: Change Apache Default Port

echo 'port_80=8080' >> /usr/local/directadmin/data/templates/directadmin.conf
echo 'port_443=8443' >> /usr/local/directadmin/data/templates/directadmin.conf
echo 'port_80=8080' >> /usr/local/directadmin/conf/directadmin.conf
echo 'port_443=8443' >> /usr/local/directadmin/conf/directadmin.conf

To issue a rewrite of the configs, type:

cd /usr/local/directadmin/custombuild
./build rewrite_confs

More documentation:
https://www.directadmin.com/features.php?id=1238

Re-Check Apache port:

[root@vDDoS-DirectAdmin ~]# netstat -lntup|grep httpd
tcp6       0      0 :::8080                 :::*                    LISTEN      2404/httpd
tcp6       0      0 :::8443                 :::*                    LISTEN      2404/httpd

STEP 4: Config vDDoS Proxy Protection

For example, the IP Addr of your server is 1.2.3.4:

nano /vddos/conf.d/website.conf

# Website       Listen               Backend                  Cache Security SSL-Prikey   SSL-CRTkey
default         http://0.0.0.0:80    http://1.2.3.4:8080    no    no      no           no
default         https://0.0.0.0:443  https://1.2.3.4:8443   no    no      /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt

Restart vDDoS service after you have configured:

/usr/bin/vddos restart

STEP 5: Config vDDoS Auto Add

vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.

nano /vddos/auto-add/setting.conf

# Default Setting for vddos-add command:

SSL                auto
DNS_sleep         66
DNS_alias_mode    no
Cache            no
Security        no
HTTP_Listen        http://0.0.0.0:80
HTTPS_Listen    https://0.0.0.0:443
HTTP_Backend    http://1.2.3.4:8080
HTTPS_Backend    https://1.2.3.4:8443

Set Crontab:

echo '*/15 * * * * root /usr/bin/vddos-autoadd panel directadmin apache' >> /etc/crontab

STEP 6: Config vDDoS Auto Switch

vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.

nano /vddos/auto-switch/setting.conf

# This is the default configuration for "sensor-switch.sh" and "vddos-autoswitch.sh"

hostname="vDDoS Master"                            #(Name this server, it will show up in Email notifications)

vddos_master_slave_mode="no"                    #(Turn on "yes" if your system has slave servers, want to sync affter switch like master)
backend_url_check="no"            #(Put the URL of the backend. Ex: https://1.1.1.1:8443/ (make sure Backend status response is "200"))

send_notifications="no"                        #(Turn on "yes" if you want receive notification)
smtp_server="smtps://smtp.gmail.com"        #(SMTP Server)
smtp_username="[email protected]"                #(Your Mail)
smtp_password="xxxxxxxxxxxxx"                 #(Get your Apps password for Gmail from https://security.google.com/settings/security/apppasswords)
send_notifications_to="[email protected]"        #(Your Email Address will receive notification)


maximum_allowable_delay_for_backend=2             #(Means: If Backend (status response "200") is slower than 2s, vDDoS will enable challenge mode)
maximum_allowable_delay_for_website=2             #(Means: If Website (status response "200") is slower than 2s, vDDoS will enable challenge mode)

default_switch_mode_not_attack="no"                #(Default Mode vDDoS use when it's not under attacked)
default_switch_mode_under_attack="high"            #(Default Mode vDDoS use when it's under attack)
default_waiting_time_to_release="60"            #(For example 60 minutes, release time from challenge)

Crontab vDDoS Auto Switch:

echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-switch allsite no && /usr/bin/vddos reload' >> /etc/crontab
echo '* * * * * root /usr/bin/vddos-sensor' >> /etc/crontab

More documentation:
https://github.com/duy13/vDDoS-Auto-Switch

 

[mhsolutions]

Cái này có tương thích với nginx only trên Directadmin không anh Duy?

 

[Aar]

Cái này có tương thích với nginx only trên Directadmin không anh Duy?

Please write English here!

 

[mhsolutions]

Please write English here!

Thanks! I am sorry

 

[floyd]

I have experienced a few attacks and there was nothing on my equipment that would have mitigated it. Every time I have had to get the data center to mitigate it. I just don't understand how anything can be run on the server being attacked will help.

 

[duy13]

I have experienced a few attacks and there was nothing on my equipment that would have mitigated it. Every time I have had to get the data center to mitigate it. I just don't understand how anything can be run on the server being attacked will help.

Basically, it helps you not to run over CPU, RAM, IO resources... as for NETWORK, of course you have to upgrade the network infrastructure, server's bandwidth. No software is installed on the server to help it increase network bandwidth

 

[floyd]

Thank you for clarifying.