[AntiDDoS] for DirectAdmin with vDDoS Proxy Protection

Skip to first unread message

Vo Duy dot Com

Apr 30, 2022, 12:37:08 AMApr 30
to [hoidap.voduy.com] Forum Support: Domain, Hosting, VPS, Server...

Video: https://www.youtube.com/watch?v=l6BNUR9uh-4

STEP 1: Install DirectAdmin

bash <(curl -LSs https://download.directadmin.com/setup.sh || curl -LSs https://download-alt.directadmin.com/setup.sh) 'Provided license key should go here'

More documentation:

STEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.

wget https://files.voduy.com/vDDoS-Proxy-Protection/latest.sh ; chmod 700 latest.sh ; bash latest.sh

More documentation:

STEP 3: Change Apache Default Port

echo 'port_80=8080' >> /usr/local/directadmin/data/templates/directadmin.conf
echo 'port_443=8443' >> /usr/local/directadmin/data/templates/directadmin.conf
echo 'port_80=8080' >> /usr/local/directadmin/conf/directadmin.conf
echo 'port_443=8443' >> /usr/local/directadmin/conf/directadmin.conf

To issue a rewrite of the configs, type:
cd /usr/local/directadmin/custombuild
./build rewrite_confs

More documentation:

Re-Check Apache port:
[root@vDDoS-DirectAdmin ~]# netstat -lntup|grep httpd
tcp6       0      0 :::8080                 :::*                    LISTEN      2404/httpd
tcp6       0      0 :::8443                 :::*                    LISTEN      2404/httpd

STEP 4: Config vDDoS Proxy Protection

For example, the IP Addr of your server is

nano /vddos/conf.d/website.conf

# Website       Listen               Backend                  Cache Security SSL-Prikey   SSL-CRTkey
default    no    no      no           no
default   no    no      /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt

Restart vDDoS service after you have configured:
/usr/bin/vddos restart

STEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.

nano /vddos/auto-add/setting.conf

# Default Setting for vddos-add command:

SSL                auto
DNS_sleep         66
DNS_alias_mode    no
Cache            no
Security        no

Set Crontab:
echo '*/15 * * * * root /usr/bin/vddos-autoadd panel directadmin apache' >> /etc/crontab

STEP 6: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.

nano /vddos/auto-switch/setting.conf

# This is the default configuration for "sensor-switch.sh" and "vddos-autoswitch.sh"

hostname="vDDoS Master"                            #(Name this server, it will show up in Email notifications)

vddos_master_slave_mode="no"                    #(Turn on "yes" if your system has slave servers, want to sync affter switch like master)
backend_url_check="no"            #(Put the URL of the backend. Ex: (make sure Backend status response is "200"))

send_notifications="no"                        #(Turn on "yes" if you want receive notification)
smtp_server="smtps://smtp.gmail.com"        #(SMTP Server)
smtp_username="x...@gmail.com"                #(Your Mail)
smtp_password="xxxxxxxxxxxxx"                 #(Get your Apps password for Gmail from https://security.google.com/settings/security/apppasswords)
send_notifications_to="xx...@gmail.com"        #(Your Email Address will receive notification)

maximum_allowable_delay_for_backend=2             #(Means: If Backend (status response "200") is slower than 2s, vDDoS will enable challenge mode)
maximum_allowable_delay_for_website=2             #(Means: If Website (status response "200") is slower than 2s, vDDoS will enable challenge mode)

default_switch_mode_not_attack="no"                #(Default Mode vDDoS use when it's not under attacked)
default_switch_mode_under_attack="high"            #(Default Mode vDDoS use when it's under attack)
default_waiting_time_to_release="60"            #(For example 60 minutes, release time from challenge)

Crontab vDDoS Auto Switch:

echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-switch allsite no && /usr/bin/vddos reload' >> /etc/crontab
echo '* * * * * root /usr/bin/vddos-sensor' >> /etc/crontab

More documentation:
Reply all
Reply to author
0 new messages