Home > Others

Install mod_security, mod_evasive, mod-cband in the latest XAMPP

Source: Internet
Author: User
Tags modsecurity
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Mod_security official documentation has some problems. I installed them myself. Now I have recorded the problems as follows:

Windows XAMPP version

Assume that XAMPP is installed on D:/XAMPP

1 download mod_security-2.5.9-win32.zip, decompress

2. Copy libxml2.dll to D:/XAMPP/Apache/bin.

3. Copy mod_security2.so to D:/XAMPP/Apache/modules/mod_security2. Of course, first create the mod_security2 directory.

4. Copy the nine conf files under modsecurity-2.5.9/rules to D:/XAMPP/Apache/CONF/modsecurity.

5. Install vcredist_x86.exe

6. Edit D:/XAMPP/Apache/CONF/httpd. conf.

Loadmodule unique_id_module modules/mod_unique_id.so
Loadmodule security2_module modules/mod_security2/mod_security2.so

<Ifmodule security2_module>
Include ETC/modsecurity/*. conf
</Ifmodule>

7. Modify D:/XAMPP/Apache/CONF/modsecurity/modsecurity_crs_10_config.conf and change the following three/tmp to D:/XAMPP/tmp.
Secuploaddir/tmp
Secdatadir/tmp
Sectmpdir/tmp

Disable audit logs and debugging logs for performance considerations
Secauditengine off
Secdebugloglevel 0

8. Restart Apache. You can see that the installation is successful by adding modsec_audit.log and modsec_debug.log files under D:/XAMPP/Apache/logs.

Install Linux in RHEL4

1 download modsecurity-apache_2.5.9.tar.gz, to the root directory, tar xvzf modsecurity-apache_2.5.9.tar.gz unzip

2 xamppinstallation and Development Kit xampp-linux-devel-1.7.1.tar.gz, decompression method tar xvfz xampp-linux-devel-1.7.2.tar.gz-C/OPT

3. Download pcre-7.9.tar.gzfrom http://www.pcre.org/to the rootdirectory, decompress the file, and compile the file.
./Configure
Make
Make install

4 Access/root/modsecurity-apache_2.5.9/apache2
. /Configure -- With-apxs =/opt/lampp/bin/apxs -- With-Apr =/opt/lampp/bin/apr-1-config -- With-Apu =/opt/lampp/bin/ apu-1-config
Make
Make install
The/opt/lampp/modules/mod_security2.so installation is successful!

5 copy all the. conf files under/root/modsecurity-apache_2.5.9/RULES/to/opt/lampp/etc/modsecurity/, first create the modsecurity directory

6 edit/opt/lampp/etc/httpd. conf
Open loadmodule unique_id_module modules/mod_unique_id.so

Add at the bottom of the modules Section

Loadmodule security2_module modules/mod_security2.so

Add at the bottom
<Ifmodule security2_module>
Include ETC/modsecurity/*. conf
</Ifmodule>

7. Restart Apache/opt/lampp reloadapache. You should see the modsec_audit.log and modsec_debug.log files under/opt/lampp/logs.

========================================================== ====================

Install mod_evasive_1.10.1.tar.gz to prevent DDoS attacks
1. Upload the file to the root directory and decompress it.
/Opt/lampp/bin/apxs-I-a-c mod_evasive1_c
After compilation is successful
/Opt/lampp/modules/mod_evasive1_so
And automatically added to httpd. conf.
Loadmodule evasive20_module modules/mod_evasive+so

After this sentence, add
<Ifmodule evasive20_module>
Doshashtablesize 3097
Dospagecount 2
Dossitecount 50
Dospageinterval 1
Dossiteinterval 1
Dosblockingperiod 10
</Ifmodule>

Restart Apache.

Test results D:/XAMPP/Apache/bin/AB .exe-N 1000-C 50 http://www.xxx.com: 80/

========================================================== ====================

Installing mod-cband-0.9.7.5.tgz limit connection bandwidth

The traffic limit function of this module is not very accurate, and the actual use effect is not ideal. In the end, I did not use it.

1. Upload the file to the root directory and decompress it.
./Configure -- With-apxs =/opt/lampp/bin/apxs
Make
Make install
The module has been compiled and passed to/opt/lampp/modules/mod_cband.so.
The httpd. conf file is also added.
Loadmodule cband_module modules/mod_cband.so

Add
<Ifmodule cband_module>
Cbandrandompulse on
</Ifmodule>

Add namevirtualhost *: 80 in the VM configuration section
<Ifmodule cband_module>
<Cbanduser XXX>
Cbandremotespeed 200kb/s 10 10
</Cbanduser>
</Ifmodule>

Add
<Virtualhost *: 80>
Serveradmin webmaster@xxx.com
DocumentRoot/opt/lampp/htdocs/
Servername www.xxx.com
Errorlog "|/opt/lampp/bin/rotatelogs/opt/lampp/logs/www.xxx.com _ % Y-% m-% d_error_log 86400"
Customlog "|/opt/lampp/bin/rotatelogs/opt/lampp/logs/www.xxx.com _ % Y-% m-% d_access_log 86400" common Env =! Dontlog
Php_admin_value open_basedir "/opt/lampp/htdocs/:/opt/lampp/phpMyAdmin:/tmp"

<Ifmodule cband_module>
Cbanduser xxx
</Ifmodule>

</Virtualhost>

The bandwidth of each ip200kb/s is 10 requests and 10 connections. But it is not accurate.

Description of traffic units:
* Transfer speeds:
O kbps, Mbps, Gbps-multiples of "bits per second", respectively: 1024,102 4*1024 and 1024*1024*1024 BPS
O kb/s, MB/s, GB/S-multiples of "bytes per second", respectively: 1024,102 4*1024 and 1024*1024*1024 B/S
O defaults to kbps

When this module restarts with/opt/lampp reloadapache, the following two errors will be reported in the log. If stopapache is used, startapache will not.
[Tue Sep 15 10:59:24 2009] [warn] duplicate command 'cbandrandompulse'
[Tue Sep 15 10:59:24 2009] [warn] duplicate command 'cbandremotespeed' for localhost: 0

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
xampp install mongodb xampp install php apt get install xampp enable curl in xampp database in xampp centos install latest git install latest git

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More