Search results

  1. G

    How to setup Litespeed LSWS for a shared environment?

    Wow, just checking in. I'm excited to load up LiteSpeed on a new cluster I'm having implemented for my site worldtruth.org. Right now I'm running the 15 day enterprise trial until the setup is ready in a couple days, then I'm purchasing the whole shabang. I know people keep saying to run nginx +...
  2. G

    Optimize /etc/my.cnf Requests

    You are entirely incorrect, as many people (in fact ALL I know) switch to LSWS to ensure the stability of their forums which are high in SQL queries and usage. For this reason, the ability to effectively quantify the settings which are most compatible for the hardware, software, and hosting...
  3. G

    Optimize /etc/my.cnf Requests

    can you all comment on how mine looks? the first post?
  4. G

    DDoS Question

    I was told to setup the dynamic req/sec to (one for every 256mb of ram)? What would you suggest?
  5. G

    DDoS Question

    CSF Settings: - 125 every 15 seconds (make perm or make temp 3600 seconds) - turn off syn flood protection in csf as LSWS settings above work better
  6. G

    how to install Mod_Security

    Look for the include /usr/local/apache/mod_sec_user.conf in the httpd.conf file. If that is not in there, then you will need to determine where your user.conf file is, and add that lincludes line. For example: mine is located in multiple locations because I have multiple mod_security...
  7. G

    Optimize /etc/my.cnf Requests

    I need to know if these settings are appropriate for a high sql usage environment running multiple forums. Please let me know if there are any areas you would recommend changing or tweaking. My load averages are typically 1-4%, however some sites are spiking 40% cpu usage. It would help to...
  8. G

    DDoS Question

    in your /usr/local/apache/mod_sec user.conf or mod_sec_user2.conf one of those files in there you will see the same rule sets that are causing those errors. Remove those two and everything will work fine. The additional mod_security rules you implemented in the modsecurity and modsecurity.d...
  9. G

    mod_security drop action

    Take a look at MIS Twang's response here: http://www.litespeedtech.com/support/forum/report.php?p=15145
  10. G

    DDoS Question

    If you look at the mod_security log, it should tell you what is being blocked. Perhaps you can paste the security alert here. Otherwise you'll need to do what I did, and that's searching through each mod_sec document in "modsecurity" and "modsecurity.d" and search for the text, kinda like when...
  11. G

    DDoS Question

    Sasha a few other things you should do are these: In your /usr/local/lib/php.ini put these where it says disable_functions: disable_functions = "fpassthru, crack_check, crack_closedict, crack_getlastmessage, crack_opendict, psockopen, php_ini_scanned_files, hell-exec, system, dl, ctrl_dir...
  12. G

    DDoS Question

    I don't give anyone CGI access unless they request it for special reasons. Note: A common misbelief is that VPS already have CGI safe-moded, but in reality it depends upon the actual setup they have. Most can be circumvented and end up rooting the entire box, hence wiping out your VPS and the...
  13. G

    DDoS Question

    Another good tool to install and configure is MailScanner. You can protect yourself from the HTML:Iframe injections, and it works perfectly with ClamAV. Just configure everything, start it, and it scans incoming and outgoing mail for spam to protect your server from rogue spam scripts, as well...
  14. G

    DDoS Question

    I get some of the same errors, and I asked about them in an email to LS Support, and they responded that they don't mean anything, because if you wait a few minutes and refresh the page the errors are all gone. They are mod_security alerts, so technically you could go through the mod_security...
  15. G

    DDoS Question

    Sasha, good mod_security rules will help with a large percentage of what you are getting hit with, and reduce the load on your server quite a bit. Due to the size of the forums you're running you'd be better with: Static req/sec: 15 Dynamic req/sec: 5
  16. G

    HTTP:Iframe Infection Fix

    SecRule REQUEST_BODY|ARGS "< ?font style ?= ?(position ?\: ?absolute|overflow ?\: ?(?:hidden|auto)).*(?:height|width) ?(?:=|\:) ?[0-9] ?(px|\;)" \ "t:replaceNulls,t:htmlEntityDecode,t:urlDecodeUni,t:compressWhiteSpace,t:lowercase,id:300056,rev:1,severity:2,msg:'Spam: Hidden Text Exploit'"
  17. G

    HTTP:Iframe Infection Fix

    To learn more about mod_security rules, including the HTML:IFRAME DOS INJECTION filtering and automatic removal go here: http://www.litespeedtech.com/support/forum/showthread.php?p=15707#post15707
  18. G

    Mod Security Rules 1.0x-2.5x with ASL Got Root Rules with LSWS

    I haven't seen this thread accurately described on this site yet, so I'm going to do my best to explain exactly what I did to get this to work effectively on my server with the variety of regular sites, forum sites (vB, IPB, PHPbb, etc.), including ClamAV, while using cPanel WHM. Hopefully this...
  19. G

    HTTP:Iframe Infection Fix

    I am creating a new thread with the exact steps to apply the default mod_security and ASL mod_security rules effectively to probably 90% of the servers that exist, and I will then post that redirected link here in about 15 minutes.
  20. G

    HTTP:Iframe Infection Fix

    Please see this link for the rule definition(s). You can either include the rule manually by editing the lines in your default rules, or add the files to an existing custom rules directory. http://www.gotroot.com/tiki-read_article.php?articleId=278
Top