Vo Duy dot Com
<voduydotcom@gmail.com>unread,May 2, 2022, 10:24:32 AM5/2/22Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
to [hoidap.voduy.com] Forum Support: Domain, Hosting, VPS, Server...
STEP 1: Install HostVN Script (Ubuntu)
wget http://scripts.hostvn.net/install && bash install
More documentation:
https://kb.hostvn.net/hung-dn-cai-dat-hostvn-script_607.htmlSTEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.
wget https://files.voduy.com/vDDoS-Proxy-Protection/latest.sh ; chmod 700 latest.sh ; bash latest.sh
More documentation:
https://vddos.voduy.comSTEP 3: Change Nginx Default Port
By default HostVN Script uses Nginx running on port
80, 443. We can reconfigure these Webservers to listen on another port so that vDDoS can proxy on them.
Change Nginx Default Port:
cp -r /var/hostvn/menu/template /var/hostvn/menu/template.vddos.bak
cp -r /etc/nginx /etc/nginx.vddos.bakChange port for HTTP:
s='80' ; r='88'
sed -i "s#$s#$r#g" /var/hostvn/menu/template/*.conf
sed -i "s#$s#$r#g" /etc/nginx/web_apps.conf
sed -i "s#$s#$r#g" /etc/nginx/conf.d/*.confChange port for HTTPS:
s='443' ; r='999'
sed -i "s#$s#$r#g" /var/hostvn/menu/template/*.conf
sed -i "s#$s#$r#g" /etc/nginx/web_apps.conf
sed -i "s#$s#$r#g" /etc/nginx/conf.d/*.conf

Restart Nginx:
service nginx restart
Re-Check Nginx port:
root@ubuntu ~# netstat -lntup|grep nginx
tcp 0 0 0.0.0.0:999 0.0.0.0:* LISTEN 5297/nginx: master
tcp 0 0 0.0.0.0:54956 0.0.0.0:* LISTEN 5297/nginx: master
tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN 5297/nginx: master
tcp6 0 0 :::999 :::* LISTEN 5297/nginx: master
tcp6 0 0 :::88 :::* LISTEN 5297/nginx: masterSTEP 4: Config vDDoS Proxy Protection
For example, the IP Addr of your server is
1.2.3.4:
nano /vddos/conf.d/website.conf
# Website Listen Backend Cache Security SSL-Prikey SSL-CRTkey
default http://0.0.0.0:80 http://1.2.3.4:88 no no no no
default https://0.0.0.0:443 https://1.2.3.4:999 no no /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crtRestart vDDoS service after you have configured:
/usr/bin/vddos restart
STEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.
nano /vddos/auto-add/setting.conf
# Default Setting for vddos-add command:
SSL auto
DNS_sleep 66
DNS_alias_mode no
Cache no
Security no
HTTP_Listen http://0.0.0.0:80
HTTPS_Listen https://0.0.0.0:443
HTTP_Backend http://1.2.3.4:88
HTTPS_Backend https://1.2.3.4:999Set Crontab:
echo '*/15 * * * * root /usr/bin/vddos-autoadd webserver nginx' >> /etc/crontab
STEP 6: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.
nano /vddos/auto-switch/setting.conf
# This is the default configuration for "sensor-switch.sh" and "vddos-autoswitch.sh"
hostname="vDDoS Master" #(Name this server, it will show up in Email notifications)
vddos_master_slave_mode="no" #(Turn on "yes" if your system has slave servers, want to sync affter switch like master)
backend_url_check="no" #(Put the URL of the backend. Ex: https://1.1.1.1:443/ (make sure Backend status response is "200"))
send_notifications="no" #(Turn on "yes" if you want receive notification)
smtp_server="smtps://smtp.gmail.com" #(SMTP Server)
smtp_username="x...@gmail.com" #(Your Mail)
smtp_password="xxxxxxxxxxxxx" #(Get your Apps password for Gmail from https://security.google.com/settings/security/apppasswords)
send_notifications_to="xx...@gmail.com" #(Your Email Address will receive notification)
maximum_allowable_delay_for_backend=2 #(Means: If Backend (status response "200") is slower than 2s, vDDoS will enable challenge mode)
maximum_allowable_delay_for_website=2 #(Means: If Website (status response "200") is slower than 2s, vDDoS will enable challenge mode)
default_switch_mode_not_attack="no" #(Default Mode vDDoS use when it's not under attacked)
default_switch_mode_under_attack="high" #(Default Mode vDDoS use when it's under attack)
default_waiting_time_to_release="60" #(For example 60 minutes, release time from challenge)Crontab vDDoS Auto Switch:
echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-switch allsite no && /usr/bin/vddos reload' >> /etc/crontab
echo '* * * * * root /usr/bin/vddos-sensor' >> /etc/crontabMore documentation:
https://github.com/duy13/vDDoS-Auto-Switch