MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Install IOSEC HTTP Anti Flood/DoS Security Module On Mybb
Full Version: Install IOSEC HTTP Anti Flood/DoS Security Module On Mybb
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

Josh H.

2012-09-17, 02:35 PM
Well obviously your own server is much more flexible, but I was saying that many shared hosts would likely suspend you for stressing PHP so much.

Devilshakerz

2012-09-17, 09:31 PM
(2012-09-16, 10:49 PM)Paul H. Wrote: [ -> ]You don't need your own server to have CloudFlare, merely access to your domain's DNS.
Although you need a server with mod_cloudflare - in other case server logs are useless:
https://www.cloudflare.com/wiki/Log_Files

Most of CF users are fascinated by superduper-anti-DDoS funcionality and when the real attack comes and they want to review the logs all they can see is CF's proxy IPs.

User 2877

2012-09-17, 11:26 PM
(2012-09-17, 09:31 PM)Devilshakerz Wrote: [ -> ]
(2012-09-16, 10:49 PM)Paul H. Wrote: [ -> ]You don't need your own server to have CloudFlare, merely access to your domain's DNS.
Although you need a server with mod_cloudflare - in other case server logs are useless:
https://www.cloudflare.com/wiki/Log_Files

Most of CF users are fascinated by superduper-anti-DDoS funcionality and when the real attack comes and they want to review the logs all they can see is CF's proxy IPs.

1. If you're on shared hosting you don't normally see good server logs anyways.

2. MyBB has a setting for you to log the actual IP of members.

3. You can easily create your own apache style logs as a MyBB plugin. Hook into global.php and start logging it all into a txt file.

vivaldi

2012-09-21, 07:31 AM
(2012-09-15, 09:25 PM)labrocca Wrote: [ -> ]Running these php DDOS protection schemes is a terrible idea imho. If they are hitting the php level then likely Apache is already going to fail. You'd be way better off with Cloudflare's "Under Attack" mode.

I agree with you when it comes to the Cloudflare solution. But recuding the attack surface at php level is something should be done.

I grabbed this video from iosec sourceforge page. I use iosec with other tools (mod_evasive) and my firewall. My firewall cannot detect http flooder ip addresses, so this script detects it for me. And saves mySQL resources. Brilliant!

http://www.youtube.com/watch?v=LzLY_SKLq...e=youtu.be

Do not use shared hosting, it sucks at the every way, though... Cloudflare is the best solution against DDoS i think.

Marks-Mans

2012-09-21, 10:03 AM
Yes Also You Can Limit Requests

So I Did Special Plugin


Smile
Pages: 1 2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Install IOSEC HTTP Anti Flood/DoS Security Module On Mybb