Thread: [ANTIDDOS] for DirectAdmin with vDDoS Proxy Protection

STEP 1: Install DirectAdmin

Code:

wget http://www.directadmin.com/setup.sh
chmod 755 setup.sh
./setup.sh

More documentation:
https://www.directadmin.com/installguide.php

STEP 2: Install vDDoS Proxy Protection
vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.

Code:

curl -L https://github.com/duy13/vDDoS-Protection/raw/master/latest.sh -o latest.sh
chmod 700 latest.sh
bash latest.sh

STEP 3: Change Apache Default Port

Code:

echo 'port_80=8080' >> /usr/local/directadmin/data/templates/directadmin.conf
echo 'port_443=8443' >> /usr/local/directadmin/data/templates/directadmin.conf
echo 'port_80=8080' >> /usr/local/directadmin/conf/directadmin.conf
echo 'port_443=8443' >> /usr/local/directadmin/conf/directadmin.conf

To issue a rewrite of the configs, type:

Code:

cd /usr/local/directadmin/custombuild
./build rewrite_confs

More documentation:
https://www.directadmin.com/features.php?id=1238

Re-Check Apache port:

Code:

[root@vDDoS-DirectAdmin ~]# netstat -lntup|grep httpd
tcp6       0      0 :::8080                 :::*                    LISTEN      2404/httpd
tcp6       0      0 :::8443                 :::*                    LISTEN      2404/httpd

STEP 4: Config vDDoS Proxy Protection

For example, the IP Addr of your server is 1.2.3.4:

Code:

nano /vddos/conf.d/website.conf

# Website       Listen               Backend                  Cache Security SSL-Prikey   SSL-CRTkey
default         http://0.0.0.0:80    http://1.2.3.4:8080    no    no      no           no
default         https://0.0.0.0:443  https://1.2.3.4:8443   no    no      /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt

Restart vDDoS service after you have configured:

Code:

/usr/bin/vddos restart

Auto-start vDDoS services on boot:

Code:

/usr/bin/vddos autostart

STEP 5: Config vDDoS Auto Add
vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.

Code:

nano /vddos/auto-add/setting.conf

Default Setting for vddos-add command:

SSL		Auto
Cache		no
Security	no
HTTP_Listen	http://0.0.0.0:80
HTTPS_Listen	https://0.0.0.0:443
HTTP_Backend	http://1.2.3.4:8080
HTTPS_Backend	https://1.2.3.4:8443

Set Crontab:

Code:

echo '*/15 * * * * root /usr/bin/vddos-autoadd panel directadmin apache' >> /etc/crontab

STEP 5: Config vDDoS Auto Switch
vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.

Code:

echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf no' >> /etc/crontab

More documentation:
http://vddos.voduy.com/
/showthread.php?t=1619233

Hello. You can get vddos to read some data from directadmin:
Replace the line 40:

Code:

if [ "$Issetting" = "" ]; then
	Website="$1"   ; 
	Cache=`awk -F: '/^Cache/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ;
	Security=`awk -F: '/^Security/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
	HTTP_Listen=`awk -F: '/^HTTP_Listen/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
	HTTPS_Listen=`awk -F: '/^HTTPS_Listen/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
	HTTP_Backend=`awk -F: '/^HTTP_Backend/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
	HTTPS_Backend=`awk -F: '/^HTTPS_Backend/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ;

With this:

Code:

if [ "$Issetting" = "" ]; then
	IFS=$'\r\n' GLOBIGNORE='*' command eval 'Domains=($(cat /etc/virtual/domainowners | cut -d: -f1))';
	Website="$1"   ; 
	
	if [[ "${Domains[@]}" =~ "$Website" ]] || [[ "${Domains[@]/#/www.}" =~ "$Website" ]]; then
		if [[ $Website == "www."* ]]; then
			Web="${Website##www.}";
		else
			Web=$Website;
		fi
		User=`cat /etc/virtual/domainowners | grep $Web | cut -d: -f2 | tr -d " \t\n\r"`	;
		if [[ -f "/usr/local/directadmin/data/users/$User/domains/$Web.conf" ]]; then
			if grep "ip=" "/usr/local/directadmin/data/users/$User/domains/$Web.conf"; then
				IP=`awk -F: '/^ip=/' /usr/local/directadmin/data/users/$User/domains/$Web.conf | sed -n -e 's/^ip=//p'` ;
			else
				IP="0.0.0.0";
			fi
			if grep "SSLCertificateFile" "/usr/local/directadmin/data/users/$User/domains/$Web.conf"; then
				SSLCertificateFile=`awk -F: '/^SSLCertificateFile=/' /usr/local/directadmin/data/users/$User/domains/$Web.conf | sed -n -e 's/^SSLCertificateFile=//p'` ;
				SSLCertificateKeyFile=`awk -F: '/^SSLCertificateKeyFile=/' /usr/local/directadmin/data/users/$User/domains/$Web.conf | sed -n -e 's/^SSLCertificateKeyFile=//p'` ;
				SSLCert=1;
			else
				IP=`cat /usr/local/directadmin/data/users/$User/user_ip.list` ;
				SSLCert=0;
			fi
		else
			IP=`cat /usr/local/directadmin/data/users/$User/user_ip.list` ;
			SSLCert=0;
		fi
		HTTP_ListenPort=`awk -F: '/^HTTP_Listen/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}' | cut -d: -f3`  ;
		HTTPS_ListenPort=`awk -F: '/^HTTPS_Listen/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}' | cut -d: -f3`  ; 
		HTTP_BackendPort=`awk -F: '/^port_80=/' /usr/local/directadmin/conf/directadmin.conf | sed -n -e 's/^port_80=//p'`  ;
		HTTPS_BackendPort=`awk -F: '/^port_443=/' /usr/local/directadmin/conf/directadmin.conf | sed -n -e 's/^port_443=//p'`  ;
	
		Cache=`awk -F: '/^Cache/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ;
		Security=`awk -F: '/^Security/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
		HTTP_Listen=http://$IP:$HTTP_ListenPort  ;
		HTTPS_Listen=https://$IP:$HTTPS_ListenPort  ; 
		HTTP_Backend=http://$IP:$HTTP_BackendPort  ; 
		HTTPS_Backend=https://$IP:$HTTPS_BackendPort  ;
	else
		Cache=`awk -F: '/^Cache/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ;
		Security=`awk -F: '/^Security/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
		HTTP_Listen=`awk -F: '/^HTTP_Listen/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
		HTTPS_Listen=`awk -F: '/^HTTPS_Listen/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
		HTTP_Backend=`awk -F: '/^HTTP_Backend/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
		HTTPS_Backend=`awk -F: '/^HTTPS_Backend/' /vddos/auto-add/setting.conf | awk 'NR==1 {print $2}'`  ; 
		SSLCert=0;
	fi

Then on line 105, replace this:

Code:

if [ "$Available" = "" ]; then
	random=`cat /dev/urandom | tr -cd 'A-Z0-9' | head -c 5`
	echo $random > /vddos/letsencrypt/.well-known/acme-challenge/$Website.txt
	randomchecknonwww=`curl -s -L http://$Website/.well-known/acme-challenge/$Website.txt`
	randomcheckwww=`curl -s -L http://www.$Website/.well-known/acme-challenge/$Website.txt`
	rm -f /vddos/letsencrypt/.well-known/acme-challenge/$Website.txt
	if [ "$randomchecknonwww" = "$random" ]; then
		mkdir -p /letsencrypt/
		/root/.acme.sh/acme.sh --issue -d $Website -w /vddos/letsencrypt --keylength ec-256 --key-file /letsencrypt/$Website.pri --fullchain-file /letsencrypt/$Website.crt  >>/vddos/auto-add/log.txt 2>&1
		if [ -f /letsencrypt/"$Website".crt ]; then
			ln -s /letsencrypt/$Website.crt /vddos/ssl/$Website.crt 
			ln -s /letsencrypt/$Website.pri /vddos/ssl/$Website.pri 
		fi

		if [ ! -f /vddos/ssl/$Website.crt ] && [ -f /root/.acme.sh/"$Website"_ecc/fullchain.cer ]; then
			ln -s /root/.acme.sh/"$Website"_ecc/fullchain.cer /vddos/ssl/$Website.crt 
			ln -s /root/.acme.sh/"$Website"_ecc/"$Website".key /vddos/ssl/$Website.pri
		fi
	fi

	if [ "$randomchecknonwww" != "$random" ] || [ ! -f /vddos/ssl/"$Website".crt ]; then
		openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /vddos/ssl/$Website.pri -out /vddos/ssl/$Website.crt -subj "/C=US/ST=$Website/L=$Website/O=$Website/OU=vddos.voduy.com/CN=$Website" >>/vddos/auto-add/log.txt 2>&1
		chmod -R 750 /vddos/ssl/$Website.*
	fi

	echo "
$Website $HTTP_Listen $HTTP_Backend $Cache $Security no no
$Website $HTTPS_Listen $HTTPS_Backend $Cache $Security /vddos/ssl/$Website.pri /vddos/ssl/$Website.crt
" >> /vddos/conf.d/website.conf

	echo '+ New-Success: '$Website' auto add to /vddos/conf.d/website.conf ===> Done!'|tee -a /vddos/auto-add/log.txt
	sleep 1
fi

with this:

Code:

if [ "$Available" = "" ]; then
	if [ "$SSLCert" = 0 ]; then
		random=`cat /dev/urandom | tr -cd 'A-Z0-9' | head -c 5`
		echo $random > /vddos/letsencrypt/.well-known/acme-challenge/$Website.txt
		randomchecknonwww=`curl -s -L http://$Website/.well-known/acme-challenge/$Website.txt`
		randomcheckwww=`curl -s -L http://www.$Website/.well-known/acme-challenge/$Website.txt`
		rm -f /vddos/letsencrypt/.well-known/acme-challenge/$Website.txt
		if [ "$randomchecknonwww" = "$random" ]; then
			mkdir -p /letsencrypt/
			/root/.acme.sh/acme.sh --issue -d $Website -w /vddos/letsencrypt --keylength ec-256 --key-file /letsencrypt/$Website.pri --fullchain-file /letsencrypt/$Website.crt  >>/vddos/auto-add/log.txt 2>&1
			if [ -f /letsencrypt/"$Website".crt ]; then
				ln -s /letsencrypt/$Website.crt /vddos/ssl/$Website.crt 
				ln -s /letsencrypt/$Website.pri /vddos/ssl/$Website.pri 
			fi

			if [ ! -f /vddos/ssl/$Website.crt ] && [ -f /root/.acme.sh/"$Website"_ecc/fullchain.cer ]; then
				ln -s /root/.acme.sh/"$Website"_ecc/fullchain.cer /vddos/ssl/$Website.crt 
				ln -s /root/.acme.sh/"$Website"_ecc/"$Website".key /vddos/ssl/$Website.pri
			fi
		fi

		if [ "$randomchecknonwww" != "$random" ] || [ ! -f /vddos/ssl/"$Website".crt ]; then
			openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /vddos/ssl/$Website.pri -out /vddos/ssl/$Website.crt -subj "/C=US/ST=$Website/L=$Website/O=$Website/OU=vddos.voduy.com/CN=$Website" >>/vddos/auto-add/log.txt 2>&1
			chmod -R 750 /vddos/ssl/$Website.*
		fi

		echo "$Website $HTTP_Listen $HTTP_Backend $Cache $Security no no
$Website $HTTPS_Listen $HTTPS_Backend $Cache $Security /vddos/ssl/$Website.pri /vddos/ssl/$Website.crt" >> /vddos/conf.d/website.conf

		echo '+ New-Success: '$Website' auto add to /vddos/conf.d/website.conf ===> Done!'|tee -a /vddos/auto-add/log.txt
		sleep 1
	else
		echo "$Website $HTTP_Listen $HTTP_Backend $Cache $Security no no
$Website $HTTPS_Listen $HTTPS_Backend $Cache $Security $SSLCertificateKeyFile $SSLCertificateFile" >> /vddos/conf.d/website.conf

		echo '+ New-Success: '$Website' auto add to /vddos/conf.d/website.conf ===> Done!'|tee -a /vddos/auto-add/log.txt
		sleep 1
	fi
fi

and finally on line 150, replace this:

Code:

if [ "$Available" = "" ]; then
	if [ "$randomcheckwww" = "$random" ]; then
		/root/.acme.sh/acme.sh --issue -d www.$Website -w /vddos/letsencrypt --keylength ec-256 --key-file /letsencrypt/www.$Website.pri --fullchain-file /letsencrypt/www.$Website.crt  >>/vddos/auto-add/log.txt 2>&1
		if [ -f /letsencrypt/www."$Website".crt ]; then
			ln -s /letsencrypt/www.$Website.crt /vddos/ssl/www.$Website.crt 
			ln -s /letsencrypt/www.$Website.pri /vddos/ssl/www.$Website.pri 
		fi

		if [ ! -f /vddos/ssl/www."$Website".crt ] && [ -f /root/.acme.sh/www."$Website"_ecc/fullchain.cer ]; then
			ln -s /root/.acme.sh/www."$Website"_ecc/fullchain.cer /vddos/ssl/www.$Website.crt 
			ln -s /root/.acme.sh/www."$Website"_ecc/"$Website".key /vddos/ssl/www.$Website.pri
		fi

		if [ ! -f /vddos/ssl/www."$Website".crt ]; then
			ln -s /vddos/ssl/$Website.crt /vddos/ssl/www.$Website.crt 
			ln -s /vddos/ssl/$Website.pri /vddos/ssl/www.$Website.pri
		fi

echo "
www.$Website $HTTP_Listen $HTTP_Backend $Cache $Security no no
www.$Website $HTTPS_Listen $HTTPS_Backend $Cache $Security /vddos/ssl/www.$Website.pri /vddos/ssl/www.$Website.crt
" >> /vddos/conf.d/website.conf

	echo '+ New-Success: 'www.$Website' auto add to /vddos/conf.d/website.conf ===> Done!'|tee -a /vddos/auto-add/log.txt
	sleep 1
	exit 0
	fi
fi

with this:

Code:

if [ "$Available" = "" ]; then
	if [ "$SSLCert" = 0 ]; then
		if [ "$randomcheckwww" = "$random" ]; then
			/root/.acme.sh/acme.sh --issue -d www.$Website -w /vddos/letsencrypt --keylength ec-256 --key-file /letsencrypt/www.$Website.pri --fullchain-file /letsencrypt/www.$Website.crt  >>/vddos/auto-add/log.txt 2>&1
			if [ -f /letsencrypt/www."$Website".crt ]; then
				ln -s /letsencrypt/www.$Website.crt /vddos/ssl/www.$Website.crt 
				ln -s /letsencrypt/www.$Website.pri /vddos/ssl/www.$Website.pri 
			fi

			if [ ! -f /vddos/ssl/www."$Website".crt ] && [ -f /root/.acme.sh/www."$Website"_ecc/fullchain.cer ]; then
				ln -s /root/.acme.sh/www."$Website"_ecc/fullchain.cer /vddos/ssl/www.$Website.crt 
				ln -s /root/.acme.sh/www."$Website"_ecc/"$Website".key /vddos/ssl/www.$Website.pri
			fi

			if [ ! -f /vddos/ssl/www."$Website".crt ]; then
				ln -s /vddos/ssl/$Website.crt /vddos/ssl/www.$Website.crt 
				ln -s /vddos/ssl/$Website.pri /vddos/ssl/www.$Website.pri
			fi

	echo "www.$Website $HTTP_Listen $HTTP_Backend $Cache $Security no no
www.$Website $HTTPS_Listen $HTTPS_Backend $Cache $Security /vddos/ssl/www.$Website.pri /vddos/ssl/www.$Website.crt" >> /vddos/conf.d/website.conf

		echo '+ New-Success: 'www.$Website' auto add to /vddos/conf.d/website.conf ===> Done!'|tee -a /vddos/auto-add/log.txt
		sleep 1
		exit 0
		fi
	else
		echo "www.$Website $HTTP_Listen $HTTP_Backend $Cache $Security no no
www.$Website $HTTPS_Listen $HTTPS_Backend $Cache $Security $SSLCertificateKeyFile $SSLCertificateFile" >> /vddos/conf.d/website.conf

		echo '+ New-Success: 'www.$Website' auto add to /vddos/conf.d/website.conf ===> Done!'|tee -a /vddos/auto-add/log.txt
		sleep 1
	fi
fi

I guess this script can be improved...

I corrected the file /vddos/auto-switch/cron.php with the following:
Added the following on line 74:

Code:

Website="$2"

Changed this line:

Code:

if [ "$1" = "" ] || [ "$2" = "" ]; then

to:

Code:

if [ "$Command" = "" ] || [ "$Website" = "" ]; then

Changed Line 82 from:

Code:

if [ "$Command" != "checkdomain" ] && [ "$Command" != "checklist" ] && [ "$Command" != "checkalldomain" ];  then

to:

Code:

if [ "$Command" != "checkdomain" ] && [ "$Command" != "checklist" ] && [ "$Command" != "checkalldomain" ] && [ "$Command" != "flushalldomain" ];  then

Changed Line 86 from:

Code:

if [ "$Command" = "checkdomain" ] || [ "$Command" = "checklist" ];  then

to:

Code:

if [ "$Command" = "checkdomain" ] || [ "$Command" = "checklist" ] || [ "$Command" = "flushalldomain" ];  then

I will continue to test, re-test and add some improvements...

Originally Posted by webixx

I corrected the file /vddos/auto-switch/cron.php with the following:
Added the following on line 74:

Code:

Website="$2"

Changed this line:

Code:

if [ "$1" = "" ] || [ "$2" = "" ]; then

to:

Code:

if [ "$Command" = "" ] || [ "$Website" = "" ]; then

Changed Line 82 from:

Code:

if [ "$Command" != "checkdomain" ] && [ "$Command" != "checklist" ] && [ "$Command" != "checkalldomain" ];  then

to:

Code:

if [ "$Command" != "checkdomain" ] && [ "$Command" != "checklist" ] && [ "$Command" != "checkalldomain" ] && [ "$Command" != "flushalldomain" ];  then

Changed Line 86 from:

Code:

if [ "$Command" = "checkdomain" ] || [ "$Command" = "checklist" ];  then

to:

Code:

if [ "$Command" = "checkdomain" ] || [ "$Command" = "checklist" ] || [ "$Command" = "flushalldomain" ];  then

I will continue to test, re-test and add some improvements...

Hello,

I made these changes but the ssl doesn't work on the subdomains anymore.

Originally Posted by LGH666

Hello,

I made these changes but the ssl doesn't work on the subdomains anymore.

I will have a look later.
Usually that code part has no incidence on subdomains. But i will test.

Originally Posted by webixx

I will have a look later.
Usually that code part has no incidence on subdomains. But i will test.

Okay, thanks for trying to help me.
I only modified the 2 files.

I still have a question.
I want 5s to be default and captcha to be in attack.
Is the code below good?
echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain captcha' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-autoswitch flushalldomain /vddos/conf.d/website.conf 5s' >> /etc/crontab