[Release] [Apache Server] Apache 2 modules (mod_security) and (mod_dosevasive22)

[TenShie]

Hi,
much Hotels use Apache 2.2.x (include in Xammp).
The Apache http Server is not the best, but with this Two tools / modules can u make it mor safer and a little bit better.

->OVERFLOW Request Shield.
->Injector Protect.
->DOS Shield.


NOTE!
You need the Microsoft Visual C++ Basic Files!!!


The first One:
mod_security

CREDITS:
Original source by: Ivan Ristic <ivanr@webkreator.com>
Original Home: ModSecurity: Open Source Web Application Firewall

Creator:
win32 files: Steffen
Mail: info@apachelounge.com
Home: ApaceLounge (Apache on Windows)

INSTALL

1"
Create an folder into ".../apache/modules/" name it "mod_security2"

2"
Copy the files (mod_security2.so, libxml2.dll and pcre.dll)
into your ".../apache/modules/mod_security2" folder.

3"
Add this to your httpd.conf (.../apache/conf/httpd.conf)

Code:

LoadModule security2_module modules/mod_security2/mod_security2.so

and if it not exist (or enable this by by uncommenting)

Code:

unique_id_module modules/mod_unique_id.so

and add to the bottom:

Code:

<IfModule mod_security2>

    SecRuleEngine On
    SecDefaultAction log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace

    SecAuditEngine RelevantOnly
    SecAuditLogType Serial
    SecAuditLog logs/mod_security2.log

    SecRule ARGS "c:/" t:normalisePathWin 
    SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access'" 
    SecRule ARGS "d:/" t:normalisePathWin

</IfModule>

The Second One:

mod_dosevasive22

CREDITS:
Original Home: http://www.zdziarski.com/projects/mod_evasive/
< More CREDITS can't be set, the Page is not longer Online >

INSTALL:

1"
Copy the files (mod_dosevasive22.c and mod_dosevasive22.dll) into your ".../apache/modules" folder.

2"
Add this to your httpd.conf (.../apache/conf/httpd.conf)

Code:

LoadModule dosevasive22_module modules/mod_dosevasive22.dll

and add to the bottom:

Code:

<IfModule dosevasive22_module> 

    DOSHashTableSize 3097 
    DOSPageCount 90 
    DOSSiteCount 110 
    DOSPageInterval 1 

    DOSSiteInterval 1 

    DOSBlockingPeriod 10 

    DOSWhitelist 127.0.0.1

</IfModule>

INFO:

DOSHashTableSize
Nuber of top-level nodes.

DOSPageCount
Number of maximum requests per Webpage.

DOSSiteCount
Number of maximum requests per any Object by the same client.

DOSPageInterval
Number of the server waiting intervall before the next Webpage request is allowed.

DOSSiteInterval
Number of the server waiting intervall before the next Webpage request is allowed.

DOSBlockingPeriod
Number (in seconds) of the blockingtime for an overrequested client.

DOSWhitelist
The Whitelist of the client IP's hwo is allowed to overrequested.



If an Client overrequested it shows an 403 Error.

_______________________________________________________________________

Sorry, my ENGLISH is not so good.

_______________________________________________________________________

File Download:

HTTP
security2.7z (File size = 579,677 kb)

FTP
FTP Server: gtx-server.dyndns.org

Windows File Explorer
ftp://gtx-server.dyndns.org/FTP/apache_mods/
Copy into your Windows Explorer (not Internet Explorer)

you don't trust it?
keep your hands away from it!



-Tenshie

[Hejula]

Very nice thread, good information with it too - Thanks!

[iPlay]

Nice Tutorial.

[Zak©]

Helps the people who still use Xampp.

[Emerica]

Xampp is n00b-like XP

[TenShie]

Xampp is n00b-like XP

hehe thats right, i could begin to write down "use IIS7" and Paralells10. -FINISH xDD

or Install all your services Manualy.
(Apache, PHP, mySQL, FTP, MAIL)

The best for Linux: ISPCPbut the Emulator's are non Linux or UNIX based.
I could find some one for this.

hmm coud be an nice Project, make an Emulator for UNIX-Machines(Linux /Mac) But MacOS is a f**ked UNIX xDD


-TenShie

[XenoGFX]

Good work, But everyone needs to stop using xampp. Its a horrible webserver package. Hope you helped someone today.

[Punk]

this is so amazin :D ""

[Superfun]

This only stops attacks on software base, NOT hardware base, traffic still reaches the server, gets proccessed (read all and then trown away)

[Omnija]

the stupid part about having mod evasive is the fact is cancels your requests. Meaning data transfer, so while users on your actual hotel are trying to play there items and furni will not load because the apache files will only transfer so much before locking.

[joopie]

i've a button on my router 'ddos protection' :3, way better then a mod.

[Matthew]

the stupid part about having mod evasive is the fact is cancels your requests. Meaning data transfer, so while users on your actual hotel are trying to play there items and furni will not load because the apache files will only transfer so much before locking.

You need to up the limits :) Then it won't.

[djboetz]

So fucking much thanks!

[mohje]

people hacking my friend ip doss :(
you have no clear video tutorial please

[salah-salah]

people hacking my friend ip doss :(
you have no clear video tutorial please

I recommend you to let your friend using ISS7:)