Support

midulc · #1 02-03-2013, 03:39 PM

http://blog.cherouvim.com/simple-dos...-mod_security/

We need that to be included natively in LiteSpeed.
You must be able to limit for example 5 petitions to all files (excluding types you mention, like .gif, .jpg, or whatever you put in the list) within X seconds. If over that, then ban the ip.

Possible?

NiteWave · #2 02-03-2013, 05:21 PM

there is some built-in anti-ddos feature in litespeed:
http://www.litespeedtech.com/docs/we...lientConnLimit

it's efficient and effective in real-world testing, for years.

midulc · #3 02-04-2013, 01:24 AM

In fact is not efective. Today attacks are done with a js code that makes a request per second like a real user, this is ran by thousands of computers. So only ways are cookie checking (urgent and great - see my other post) and this method i told you.

If you dont want to improve litespeed just say it but this is really necessary and im thinking about going back to apache and nginx if not added as i need to stop those attacks this way.

NiteWave · #4 02-04-2013, 03:10 AM

this looks a good post regarding test cookie:
http://umumble.com/blogs/Infosecurity/538/

litespeed's built-in anti-ddos has been approved to be effective to mitigate DDOS in many scenarios, but of course, it's not effective in all cases.

in fact, litespeed already has javascript based anti-ddos module, but how to use it is not decided yet.

the nginx test cookie module surely will give us a nice reference. Thanks.

midulc · #5 02-05-2013, 11:08 AM

When will you add this feature? As I do need it urgently.

webizen · #6 02-05-2013, 12:10 PM

Quote:

Originally Posted by midulc

http://blog.cherouvim.com/simple-dos...-mod_security/

We need that to be included natively in LiteSpeed.
You must be able to limit for example 5 petitions to all files (excluding types you mention, like .gif, .jpg, or whatever you put in the list) within X seconds. If over that, then ban the ip.

Possible?

Please try the latest 4.2.2 which should support the the rules.

midulc · #7 02-05-2013, 12:20 PM

Which rules are you talking about?
Can you tell me the exact rules to put?
Im not just talking about this, but also about the cookies module.

webizen · #8 02-05-2013, 12:30 PM

It is the rules in that blog in the beginning of the thread which you asked about initially.

no ETA for js-based antiddos functions at this point as NiteWave mentioned.

midulc · #9 02-05-2013, 12:31 PM

Can you tell me exactly how to put mod_Security rules? I can't get them working.
I installed cpanel and then the module of litespeed for cpanel, what to putthe rules?
Tried and cannot get them working.
Thanks.

midulc · #10 02-05-2013, 12:32 PM

And also, which ip will this restrinct? The Client ip of the header or the remoteaddr?