• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

[AntiDDoS] for Plesk Panel with vDDoS Proxy Protection

duy13

duy13

New Pleskian
Server operating system version
Microsoft Windows Server 2012 R2
Plesk version and microupdate number
Plesk Obsidian Version 18.0.42
[AntiDDoS] for Plesk Panel with vDDoS Proxy Protection



STEP 1: Install Plesk (Plesk Onyx Or Plesk Obsidian)

Code: 
wget https://autoinstall.plesk.com/plesk-installer
chmod +x ./plesk-installer
env PLESK_INSTALLER_SKIP_FIREWALLD=1
./plesk-installer --web-interface


More documentation:
Installing Plesk for Linux Using Installer GUI
Installing Plesk for Linux Using Installer GUI


STEP 2: Install vDDoS Proxy Protection

vDDoS Proxy Protection is free software to provide a Reverse Proxy Server HTTP(S) protocols. It act as a Layer 7 Firewall Filter & Mitigate DOS, DDOS, SYN Floods, or HTTP Floods attack to protect your website.

Code: 
wget https://files.voduy.com/vDDoS-Proxy-Protection/latest.sh ; chmod 700 latest.sh ; bash latest.sh

More documentation:
vDDoS Proxy Protection - Home


STEP 3: Stop Nginx Proxy Server

Code: 
service nginx stop
chkconfig nginx off

Re-Check Apache port:

Code: 
[root@vDDoS-Plesk ~]# netstat -lntup|grep httpd
tcp6       0      0 :::7080                 :::*                    LISTEN      7261/httpd
tcp6       0      0 :::7081                 :::*                    LISTEN      7261/httpd




STEP 4: Config vDDoS Proxy Protection

For example, the IP Addr of your server is 1.2.3.4:

Code: 
nano /vddos/conf.d/website.conf

# Website       Listen               Backend                  Cache Security SSL-Prikey   SSL-CRTkey
default         http://0.0.0.0:80    http://1.2.3.4:7080    no    no      no           no
default         https://0.0.0.0:443  https://1.2.3.4:7081   no    no      /vddos/ssl/your-domain.com.pri /vddos/ssl/your-domain.com.crt

Restart vDDoS service after you have configured:

Code: 
/usr/bin/vddos restart



STEP 5: Config vDDoS Auto Add

vDDoS Auto Add is a addon support for vDDoS Proxy Protection - Monitor Domains/Aliasdomains/Subdomains in Panel Hosting, Web Server, List Domain, Virtual Host... and automatically add them into the website.conf file.

Code: 
nano /vddos/auto-add/setting.conf

# Default Setting for vddos-add command:

SSL                auto
DNS_sleep         66
DNS_alias_mode    no
Cache            no
Security        no
HTTP_Listen        http://0.0.0.0:80
HTTPS_Listen    https://0.0.0.0:443
HTTP_Backend    http://1.2.3.4:7080
HTTPS_Backend    https://1.2.3.4:7081

Set Crontab:

Code: 
echo '*/15 * * * * root /usr/bin/vddos-autoadd panel plesk apache' >> /etc/crontab




STEP 6: Config vDDoS Auto Switch

vDDoS Auto Switch is a addon support for vDDoS Proxy Protection - Automatically identifies overloaded websites and changes their Security Mode.

Code: 
nano /vddos/auto-switch/setting.conf

# This is the default configuration for "sensor-switch.sh" and "vddos-autoswitch.sh"

hostname="vDDoS Master"                            #(Name this server, it will show up in Email notifications)

vddos_master_slave_mode="no"                    #(Turn on "yes" if your system has slave servers, want to sync affter switch like master)
backend_url_check="no"            #(Put the URL of the backend. Ex: https://1.1.1.1:8443/ (make sure Backend status response is "200"))

send_notifications="no"                        #(Turn on "yes" if you want receive notification)
smtp_server="smtps://smtp.gmail.com"        #(SMTP Server)
smtp_username="[email protected]"                #(Your Mail)
smtp_password="xxxxxxxxxxxxx"                 #(Get your Apps password for Gmail from https://security.google.com/settings/security/apppasswords)
send_notifications_to="[email protected]"        #(Your Email Address will receive notification)


maximum_allowable_delay_for_backend=2             #(Means: If Backend (status response "200") is slower than 2s, vDDoS will enable challenge mode)
maximum_allowable_delay_for_website=2             #(Means: If Website (status response "200") is slower than 2s, vDDoS will enable challenge mode)

default_switch_mode_not_attack="no"                #(Default Mode vDDoS use when it's not under attacked)
default_switch_mode_under_attack="high"            #(Default Mode vDDoS use when it's under attack)
default_waiting_time_to_release="60"            #(For example 60 minutes, release time from challenge)


Crontab vDDoS Auto Switch:

Code: 
echo '*/5 * * * * root /usr/bin/vddos-autoswitch checkalldomain high' >> /etc/crontab
echo '0 */3 * * * root /usr/bin/vddos-switch allsite no && /usr/bin/vddos reload' >> /etc/crontab
echo '* * * * * root /usr/bin/vddos-sensor' >> /etc/crontab


More documentation:
GitHub - duy13/vDDoS-Auto-Switch: Automatically identifies overloaded websites and changes their Security Mode.
 
You must log in or register to reply here.

Similar threads

I
Question Configuring Plesk with a Reverse Proxy and Cloudflare
Replies
1
Views
2K
kriteodoro
K
A
Question Assistance Needed: Setting Up Reverse Proxy for Joplin Server on Plesk VPS
Replies
0
Views
461
alborworld
A
Hangover2
Input Plesk Obsidian 18.0.59 - stable enough for live deployment?
Replies
5
Views
713
Bod
Bod
Monty
Resolved Password protection breaks static files access (404 error)
2
Replies
29
Views
8K
r.vandijk@flexpressiv
R
kaw.one
Question (VPS) Cloudflare, Gmail and Other Plesk Panel 8443 (2 minutes - slow read)
Replies
1
Views
586
kaw.one
kaw.one
Back
Top