ANTIDDOS for WHM/cPanel STEP 1: Install WHM/cPanel Code: cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest More documentation: https://documentation.cpanel.net/display/68Docs/Installation+Guide STEP 2: Install vDDoS Proxy Protection vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website. Code: curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh chmod 700 latest.sh bash latest.sh STEP 3: Change the Apache SSL port and Apache non-SSL IP/port Tweak settings >> Search: Apache SSL port and Apache non-SSL IP/port More documentation: https://documentation.cpanel.net/di...tem#TweakSettings-System-Apachenon-SSLIP/port Apache non-SSL IP/port 0.0.0.0:80 default >> Change to: 0.0.0.0:8080 Apache SSL port 0.0.0.0:443 default >> Change to: 0.0.0.0:8443 Save and Re-Check Apache port: Code: [[email protected] ~]# netstat -lntup|grep httpd tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 993/httpd tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 993/httpd tcp6 0 0 :::8080 :::* LISTEN 993/httpd tcp6 0 0 :::8443 :::* LISTEN 993/httpd STEP 4: Config vDDoS Proxy Protection For example, the IP Addr of your server is 1.2.3.4: Code: nano /vddos/conf.d/website.conf # Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey default http://0.0.0.0:80 http://1.2.3.4:8080 no no no no default https://0.0.0.0:443 https://1.2.3.4:8443 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt Restart vDDoS service after you have configured: Code: /usr/bin/vddos restart Auto-start vDDoS services on boot: Code: /usr/bin/vddos autostart STEP 5: Config vDDoS Auto Add vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file. Code: nano /vddos/auto-add/setting.conf Default Setting for vddos-add command: SSL Auto Cache no Security no HTTP_Listen http://0.0.0.0:80 HTTPS_Listen https://0.0.0.0:443 HTTP_Backend http://1.2.3.4:8080 HTTPS_Backend https://1.2.3.4:8443 Set Crontab: Code: echo '*/15 * * * * root /usr/bin/vddos-autoadd panel cpanel apache' >> /etc/crontab STEP 5: Config vDDoS Auto Switch vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode. Code: echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab More documentation: http://vddos.voduy.com/ https://vpsboard.com/threads/instal...iddos-dos-syn-floods-http-floods-attack.9620/
ANTIDDOS for Plesk Onyx STEP 1: Install Plesk Code: wget https://autoinstall.plesk.com/plesk-installer chmod +x ./plesk-installer env PLESK_INSTALLER_SKIP_FIREWALLD=1 ./plesk-installer --web-interface More documentation: https://docs.plesk.com/en-US/onyx/d...ng-plesk-for-linux-using-installer-gui.76446/ STEP 2: Install vDDoS Proxy Protection vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website. Code: curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh chmod 700 latest.sh bash latest.sh STEP 3: Stop Nginx Proxy Server Code: service nginx stop chkconfig nginx off Re-Check Apache port: Code: [[email protected] ~]# netstat -lntup|grep httpd tcp6 0 0 :::7080 :::* LISTEN 7261/httpd tcp6 0 0 :::7081 :::* LISTEN 7261/httpd STEP 4: Config vDDoS Proxy Protection For example, the IP Addr of your server is 1.2.3.4: Code: nano /vddos/conf.d/website.conf # Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey default http://0.0.0.0:80 http://1.2.3.4:7080 no no no no default https://0.0.0.0:443 https://1.2.3.4:7081 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt Restart vDDoS service after you have configured: Code: /usr/bin/vddos restart Auto-start vDDoS services on boot: Code: /usr/bin/vddos autostart STEP 5: Config vDDoS Auto Add vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file. Code: nano /vddos/auto-add/setting.conf Default Setting for vddos-add command: SSL Auto Cache no Security no HTTP_Listen http://0.0.0.0:80 HTTPS_Listen https://0.0.0.0:443 HTTP_Backend http://1.2.3.4:7080 HTTPS_Backend https://1.2.3.4:7081 Set Crontab: Code: echo '*/15 * * * * root /usr/bin/vddos-autoadd panel plesk apache' >> /etc/crontab STEP 5: Config vDDoS Auto Switch vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode. Code: echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab
ANTIDDOS for DirectAdmin STEP 1: Install DirectAdmin Code: wget http://www.directadmin.com/setup.sh chmod 755 setup.sh ./setup.sh More documentation: https://www.directadmin.com/installguide.php STEP 2: Install vDDoS Proxy Protection vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website. Code: curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh chmod 700 latest.sh bash latest.sh STEP 3: Change Apache Default Port Code: echo 'port_80=8080' >> /usr/local/directadmin/data/templates/directadmin.conf echo 'port_443=8443' >> /usr/local/directadmin/data/templates/directadmin.conf echo 'port_80=8080' >> /usr/local/directadmin/conf/directadmin.conf echo 'port_443=8443' >> /usr/local/directadmin/conf/directadmin.conf To issue a rewrite of the configs, type: Code: cd /usr/local/directadmin/custombuild ./build rewrite_confs More documentation: https://www.directadmin.com/features.php?id=1238 Re-Check Apache port: Code: [[email protected] ~]# netstat -lntup|grep httpd tcp6 0 0 :::8080 :::* LISTEN 2404/httpd tcp6 0 0 :::8443 :::* LISTEN 2404/httpd STEP 4: Config vDDoS Proxy Protection For example, the IP Addr of your server is 1.2.3.4: Code: nano /vddos/conf.d/website.conf # Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey default http://0.0.0.0:80 http://1.2.3.4:8080 no no no no default https://0.0.0.0:443 https://1.2.3.4:8443 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt Restart vDDoS service after you have configured: Code: /usr/bin/vddos restart Auto-start vDDoS services on boot: Code: /usr/bin/vddos autostart STEP 5: Config vDDoS Auto Add vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file. Code: nano /vddos/auto-add/setting.conf Default Setting for vddos-add command: SSL Auto Cache no Security no HTTP_Listen http://0.0.0.0:80 HTTPS_Listen https://0.0.0.0:443 HTTP_Backend http://1.2.3.4:8080 HTTPS_Backend https://1.2.3.4:8443 Set Crontab: Code: echo '*/15 * * * * root /usr/bin/vddos-autoadd panel directadmin apache' >> /etc/crontab STEP 5: Config vDDoS Auto Switch vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode. Code: echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab
ANTIDDOS for CWP Panel STEP 1: Install CWP Panel Code: cd /usr/local/src wget http://centos-webpanel.com/cwp-el7-latest sh cwp-el7-latest More documentation: http://centos-webpanel.com/cwp-installation STEP 2: Install vDDoS Proxy Protection vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website. Code: curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh chmod 700 latest.sh bash latest.sh STEP 3: Change Apache Default Port By default, CWP uses Apache alone and runs on port 80, 443. We can use the function: Setup default Web Servers at Apache Settings >> Select WebServer Change it into: Apache & Varnish Cache & Nginx Reverse Proxy or Apache & Nginx Reverse Proxy, So Apache will be listened to at another port is 8181 and 8443; to facilitate our proxying. Click Save and Re-check Apache port: Code: [[email protected] Panel ~]# netstat -lntup|grep httpd; netstat -lntup|grep nginx; netstat -lntup|grep varnishd tcp6 0 0 :::8181 :::* LISTEN 1304/httpd tcp6 0 0 :::8443 :::* LISTEN 1304/httpd tcp 0 0 1.2.3.4:80 0.0.0.0:* LISTEN 5481/nginx: master tcp 0 0 1.2.3.4:443 0.0.0.0:* LISTEN 5481/nginx: master tcp 0 0 127.0.0.1:6082 0.0.0.0:* LISTEN 1418/varnishd tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 1418/varnishd tcp6 0 0 :::82 :::* LISTEN 1418/varnishd It can be seen that Nginx listened at 80 and 443, then it proxyed to port 82 of Varnish cache server then Varnish continued forwarding traffic to Apache at port 8181. So you can stop Nginx and replacing it with vDDoS, Reverse Proxy for vDDoS to any port of Apache or Varnish (With Varnish you will be cached and reach faster speeds) Code: service nginx stop chkconfig nginx off STEP 4: Config vDDoS Proxy Protection The following example assumes the IP address of the server you are 1.2.3.4: Code: nano /vddos/conf.d/website.conf # Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey default http://0.0.0.0:80 http://1.2.3.4:8181 no no no no default https://0.0.0.0:443 http://1.2.3.4:8181 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt Configuration like the above you will use directly from vDDoS reverse proxy to Apache port, If you want to use port of Varnish cache server then you can configure as follows: Code: nano /vddos/conf.d/website.conf # Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey default http://0.0.0.0:80 http://1.2.3.4:82 no no no no default https://0.0.0.0:443 http://1.2.3.4:82 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt Restart vDDoS service after you have configured: Code: /usr/bin/vddos restart Auto-start vDDoS services on boot: Code: /usr/bin/vddos autostart STEP 5: Config vDDoS Auto Add vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file. Code: nano /vddos/auto-add/setting.conf Default Setting for vddos-add command: SSL Auto Cache no Security no HTTP_Listen http://0.0.0.0:80 HTTPS_Listen https://0.0.0.0:443 HTTP_Backend http://1.2.3.4:82 HTTPS_Backend http://1.2.3.4:82 Crontab CWP Panel: Code: echo '*/25 * * * * root /usr/bin/vddos-autoadd panel cwp apache' >> /etc/crontab STEP 6: Config vDDoS Auto Switch vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode. Code: echo '*/6 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab
ANTIDDOS for VestaCP STEP 1: Install VestaCP Code: curl -O http://vestacp.com/pub/vst-install.sh bash vst-install.sh More documentation: https://vestacp.com/install/ STEP 2: Install vDDoS Proxy Protection vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website. Code: curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh chmod 700 latest.sh bash latest.sh STEP 3: Change Apache Default Port By default, VestaCP uses Apache or Nginx running on port 80, 443 (or "Nginx Proxy Apache" will be the same). We can reconfigure these Web servers to listen on a different port so that vDDoS can reverse proxy to them. More documentation: https://vestacp.com/docs/#how-to-remove-nginx-rhel-centos For example, we changed Apache to port 8080 and 8443: Code: cp /usr/local/vesta/conf/vesta.conf /usr/local/vesta/conf/vesta.conf.bak nano /usr/local/vesta/conf/vesta.conf WEB_SYSTEM='httpd' WEB_RGROUPS='apache' WEB_PORT='8080' WEB_SSL_PORT='8443' WEB_SSL='mod_ssl' STATS_SYSTEM='webalizer,awstats' FTP_SYSTEM='vsftpd' DNS_SYSTEM='named' MAIL_SYSTEM='exim' IMAP_SYSTEM='dovecot' CRON_SYSTEM='crond' FIREWALL_SYSTEM='iptables' DISK_QUOTA='yes' BACKUP_SYSTEM='local' LANGUAGE='en' VERSION='0.9.8' DB_SYSTEM='mysql' SOFTACULOUS='yes' Save & Rebuild vhost configs: Code: for user in $(v-list-sys-users plain); do v-rebuild-web-domains $user; done Re-check Apache port: Code: [[email protected] ~]# netstat -lntup|grep httpd tcp 0 0 1.2.3.4:8443 0.0.0.0:* LISTEN 879/httpd tcp 0 0 1.2.3.4:8080 0.0.0.0:* LISTEN 879/httpd STEP 4: Config vDDoS Proxy Protection The following example assumes the IP address of the server you are 1.2.3.4: Code: nano /vddos/conf.d/website.conf # Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey default http://0.0.0.0:80 http://1.2.3.4:8080 no no no no default https://0.0.0.0:443 https://1.2.3.4:8443 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt Restart vDDoS service after you have configured: Code: /usr/bin/vddos restart Auto-start vDDoS services on boot: Code: /usr/bin/vddos autostart STEP 5: Config vDDoS Auto Add vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file. Code: nano /vddos/auto-add/setting.conf Default Setting for vddos-add command: SSL Auto Cache no Security no HTTP_Listen http://0.0.0.0:80 HTTPS_Listen https://0.0.0.0:443 HTTP_Backend http://1.2.3.4:8080 HTTPS_Backend https://1.2.3.4:8443 Crontab VestaCP: Code: echo '*/25 * * * * root /usr/bin/vddos-autoadd panel vestacp apache' >> /etc/crontab STEP 6: Config vDDoS Auto Switch vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode. Code: echo '*/6 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab
ANTIDDOS for CyberPanel STEP 1: Install CyberPanel CyberPanel is a very fast Hosting Panel you should try using if you have a Wordpress Site Code: sh <(curl https://cyberpanel.net/install.sh || wget -O - https://cyberpanel.net/install.sh) More documentation: https://docs.cyberpanel.net/doku.php?id=installation STEP 2: Install vDDoS Proxy Protection vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website. Code: curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh chmod 700 latest.sh bash latest.sh STEP 3: Change OpenLiteSpeed Default Port By default, CyberPanel uses OpenLiteSpeed run on port 80 and 443, We can reconfigure this Webserver to listen on a different port, so that vDDoS can reverse proxy to it. For example, we switched OpenLiteSpeed to port 8080 and 8443: Code: cp /usr/local/lsws/conf/httpd_config.conf.vddosbak nano /usr/local/lsws/conf/httpd_config.conf Port 80 running HTTP: Code: listener Default { address *:80 secure 0 map voduy.com voduy.com } Edit *:80 to 127.0.0.1:8080: Code: listener Default { address 127.0.0.1:8080 secure 0 map voduy.com voduy.com } Port 443 running HTTPS: Code: listener SSL { address *:443 secure 1 keyFile /usr/local/lsws/admin/conf/webadmin.key certFile /usr/local/lsws/admin/conf/webadmin.crt map voduy.com voduy.com } Edit *:443 to 127.0.0.1:8443: Code: listener SSL { address 127.0.0.1:8443 secure 1 keyFile /usr/local/lsws/admin/conf/webadmin.key certFile /usr/local/lsws/admin/conf/webadmin.crt map voduy.com voduy.com } If you do not see an item: listener SSL {...} like above, You can manually add the same frame at the end of the file httpd_config.conf: Code: listener SSL { address 127.0.0.1:8443 secure 1 keyFile /usr/local/lsws/admin/conf/webadmin.key certFile /usr/local/lsws/admin/conf/webadmin.crt } In the future, When you create a Site running SSL, CyberPanel will automatically add a "map" domain entry to it. Something like this: Code: map voduy.com voduy.com Save & Restart OpenLiteSpeed: Code: service lsws restart Re-check OpenLiteSpeed port: Code: [[email protected] ~]# netstat -lntup|grep openlitespeed tcp 0 0 0.0.0.0:7080 0.0.0.0:* LISTEN 11507/openlitespeed tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 11507/openlitespeed tcp 0 0 127.0.0.1:8443 0.0.0.0:* LISTEN 11507/openlitespeed udp 0 0 0.0.0.0:32772 0.0.0.0:* 11576/openlitespeed STEP 4: Config vDDoS Proxy Protection The following example, because OpenLiteSpeed listened at Port 8080 and 8443 at IP 127.0.0.1, so I will Proxy vDDOS into 127.0.0.1 as follows: Code: nano /vddos/conf.d/website.conf # Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey default http://0.0.0.0:80 http://127.0.0.1:8080 no no no no default https://0.0.0.0:443 https://127.0.0.1:8443 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt Restart vDDoS service after you have configured: Code: /usr/bin/vddos restart Auto-start vDDoS services on boot: Code: /usr/bin/vddos autostart STEP 5: Config vDDoS Auto Add vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file. Code: nano /vddos/auto-add/setting.conf Default Setting for vddos-add command: SSL Auto Cache no Security no HTTP_Listen http://0.0.0.0:80 HTTPS_Listen https://0.0.0.0:443 HTTP_Backend http://127.0.0.1:8080 HTTPS_Backend https://127.0.0.1:8443 Crontab CyberPanel: Code: echo '*/25 * * * * root /usr/bin/vddos-autoadd panel cyberpanel openlitespeed' >> /etc/crontab STEP 6: Config vDDoS Auto Switch vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode. Code: echo '*/6 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab
