Author:
erics , April 15th, 2025
If you’re running Apache 2.4 on Rocky Linux 9 and want to protect your web server against basic DoS, DDoS, or brute-force attacks, installing mod_evasive is a solid option. Unfortunately, the module isn’t included by default, and some manual work is required to get it running. Here’s a quick guide to getting it installed and […]
How-To's , Technology Tags: apache , dos , howto , httpd , mod_evasive , tips No comments
Author:
erics , January 29th, 2024
How-To's , Technology Tags: apache , Apache 2.4 , Apache2 , conf.d , howto , httpd , tips , vhost No comments
Author:
erics , September 5th, 2017
Step 1: Enable Apache status and lock it down: Make sure mod_status is being loaded:
shell > grep - Rn mod_status / etc / httpd / *
/ etc / httpd / conf . modules . d / 00 - base . conf : 58 : LoadModule status_module modules / mod_status . so
Add support for the call just under the first DocumentRoot statement:
shell > vim / etc / httpd / conf / httpd . conf
< Location / server - status >
SetHandler server - status
Require ip 127.0.0.1
Require ip :: 1
Require ip { Your_IP_Here }
< / Location >
Step 2. Prepare your environment:
shell > cpan YAML HTML :: TableExtract
Step 3: Create and run the status script: (See the astat contents at the bottom)
shell > vim / root / astat
shell > chmod 755 / root / astat
shell > vi ~ / . bashrc
ADD : alias ipw = 'while true; do sleep 5; /root/astat; done'
shell > ipw
1.2.3.4 | yourdomain . com : 443 | POST / wp - cron . php ? doing_wp_cron = 1563901063.57946491241455078125 |
/root/astat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#!/usr/bin/perl
use strict ;
use HTML :: TableExtract ;
# PATH to "curl" utility
my $ CURL = "/usr/bin/curl" ;
# URL of the server-status we want to process
my $ STATUS_URL = "http://localhost/server-status" ;
# those are the headers in the first row of the table we want to extract
# Used by HTML::TableExtract to search for our table, within the whole HTML output
my $ headers = [ 'Srv' , 'PID' , 'Acc' , 'M' , 'CPU' , 'SS' , 'Req' , 'Conn' , 'Child' , 'Slot' , 'Client' , 'VHost' , 'Request' ] ;
# Let's fetch the status page...
my $ output = ` $ CURL - s $ STATUS_URL ` ;
# Let's search for our table within the HTML...
my $ tables = HTML :: TableExtract -> new ( headers = > $ headers ) ;
# We found it (hopefully), so let's parse it...
$ tables -> parse ( $ output ) ;
# ...and let's stick to the first one
my $ status_table = $ tables -> first_table_found ;
# Now let's loop allover the rows...
foreach my $ row_ref ( $ status_table -> rows ) {
# Let's de-reference the ARRAY reference, so to better manager
# the various elements...
my @ row = @ $ row_ref ;
# Let's check for IP
next if $ row [ 10 ] = ~ / 127.0.0.1 / ;
next if $ row [ 10 ] = ~ / 216.66.125.161 / ;
next if $ row [ 10 ] = ~ / 69.162.124.235 / ;
# Let's check for an OPTIONS row...
if ( $ row [ 12 ] = ~ / OPTIONS / ) {
# simply skip to next row in the loop
next ;
}
# Let's choose whatever columns we want (first column has index "0")
# So here we have Srv, PID, Client and Request
#foreach my $column (0,1,10,12) {
foreach my $ column ( 10 , 11 , 12 ) {
print $ row [ $ column ] . "|" ;
}
print "\n" ;
}
How-To's , Technology Tags: 2.4 , apache , Apache 2.4 , CPAN , howto , http , httpd , https , mod_status , perl , Status , tips , YAML No comments
Author:
erics , February 3rd, 2016
There are times when the hackers slam my servers and the load gets too high. I use a very simple bash script as a cron job to monitor the load and take action when it gets too high. The script will stop httpd, sleep for a configurable period of time (currently 3 minutes), then start […]
How-To's , Technology Tags: apache , apachectl , bash , Cron , howto , httpd , Restart , tips No comments
Author:
erics , September 15th, 2015
The script to check and restart apache…works on CentOS – YMMV!
#!/bin/bash
MAXLOAD = 6
check = $ ( uptime | awk - F 'average: ' '{print $2}' | awk '{print $1}' | tr - d ',' )
if [ [ $check > $MAXLOAD ] ] ; then
/ sbin / service httpd stop
HOST = ` hostname `
echo $HOST | mailx - s "$HOST load alert - apache STOPPED by cron script" load .alert @ your .domain
sleep 300
/ sbin / service httpd start
echo $HOST | mailx - s "$HOST load alert - apache STARTED by cron script" load .alert @ your .domain
fi
Add to cron * * * * * /root/restart_apache_if_load_hits_threshold.sh >> /var/log/restart_apache_if_load_hits_threshold.log 2>&1
How-To's , Technology Tags: apache , AWK , bash , CentOS , howto , httpd , Load , load average , Restart , Stop , tips , Uptime No comments
Author:
erics , October 26th, 2011
RewriteEngine On
RewriteCond % { HTTPS } off
RewriteRule ( . * ) https : //%{HTTP_HOST}%{REQUEST_URI}
How-To's , Technology Tags: apache , Apache2 , Force , howto , http , httpd , httpd.conf , https , mod_rewrite , RewriteCond , RewriteEngine , RewriteRule , tips No comments
Author:
erics , October 30th, 2009
The Nagios configuration files are located (for me) in /opt/local/etc/nagios/objects. First, create a new command in commands.cfg file: [code] # ‘check_http_url’ command definition define command{ command_name check_http_url command_line $USER1$/check_http -I $HOSTADDRESS$ -u $ARG1$ -s $ARG2$ } [/code] -u URL to test -s String to expect in the content Then, add a new service to the […]
How-To's , Technology Tags: apache , http , httpd , nagios , virtual host No comments
Author:
erics , October 16th, 2009
Got the client’s web server to accept secure connections via SSL. I configured Apache httpd.conf properly so it used the right certificate file and it finally started working. I love lsof – what a great tool. Naomi just got home. Time for some TLC for her.
Technology Tags: .pem , apache , cert , http , httpd , https , ssl No comments
Author:
erics , October 16th, 2009
Need to find the client’s SSL cert – anyone seen it?
Business , Rants , Technology Tags: 443 , apache , cert , certificate , httpd , https , ssl No comments
Author:
erics , October 5th, 2009
Just want to be able to get back to work on the secret client’s stuff. Like now. But I can’t because our neighbor is stopping by with traps for the cats. So I have to deal with THAT now, instead of getting focussed time. Is driving me crazy. The data recovery has NOT been going […]
Business , Personal , Rants , Wyzaerd Tags: bank , Business , depression , httpd , life , Personal , rant No comments
erics, April 15th, 2025 
Categories: How-To's, Technology apache, dos, howto, httpd, mod_evasive, tips
| 
No comments 
