Top Nav

Archive | Apache

How-to Mitigate Bittorrent DDOS Attacks

You’ll know that you’re getting hit with a Bittorrent attack when the server slows down and you see log entries referencing:

Here’s a good article about one sysadmin’s struggle with this type of attack:

There are a number of possible strategies to mitigate this attack:

1. CloudFlare will block but it can take time to move DNS to CloudFlare and activate.

2. Create an announce.php file that returns an error like this:

This will use fewer resources then letting WordPress or other CMS return a 404.

3. Block in iptables with a rule like this:

Not sure how efficient this is on a high traffic web server.

4. Block in Apache config:

5. Block with fail2ban as described here:

Note that Plesk 12 has fail2ban built-in so this fix is easy to implement.

6. If traffic is limited to a range of IP addresses then block that range in any available firewall. For example we’ve defeated this attack in one case by blocking a class B range from China.

Other suggestions on blocking this type of attack are welcomed. Comment below and let us know if you’ve seen this attack and how you handled it.


Block XSS on Apache or Nginx

Here are some handy Apache rewrite rules for blocking cross site scripting (XSS) attacks:

And here are similar rules for Nginx:

We gathered these rules from several sources around the net so they are not original but it’s handy to have them all in one place with both the Apache and Nginx versions.



Apache2 With mod_fcgid On CentOS 6.2

Need mod_fcgid on a CentOS 6.2 or similar server? Check out this great how-to:

I especially like the use of suexec.

This howto worked on the first try! There are not many actual working mod_fcgid howtos!

One issue that I did run into is the default MaxRequestLen is 131768 which is way to low so had to add this line:

to /etc/httpd/conf.d/fcgid.conf.



Disable PHP zlib.output_compression

If you need to disable zlib output compression from the .htaccess file, then just add the following line to the top of the file:



Redirect HTTPS to HTTP

If you want to redirect all HTTPS traffic to HTTP then add the following to your .htaccess file: