Combatting DOS Attacks

I am relativelly new to the Server Admin world and trying to catch on fast.

I have a customer that is consistently undergoing a DOS attack in which i would assume that more than one person is involved. These people are requesting files, thousands of times per second, that are not located on the server in any way (I.E. modules.php), thus causing the server to have extremely high latnecy, making apache FAIL, and eventually forcing us to reboot it. The fortunate thing is that we have moved this person to our production server which has no accounts until we can correct this..

From what i can tell, the connections are being made through a proxy server and i can not find any way to counteract it. I have attempted to install APF firewall to combat this, but when i thought all was configured correctly, blam... Locked out... go figure Combatting DOS Attacks

So that brings me to my next situation.

There are a couple of apache mods out that are supposed to assist in this and i would like to get some advice before i do this. They are
Apache DoS Evasive Maneuvers Module [v1.5.1-Stable] located at
http://www.networkdweebs.com/stuff/security.html

and
mod_security
http://www.webkreator.com/mod_security/

We are running cpanel 6.4.2 on all servers.

Has anyone had experience with this on a cpanel server?
will it cause problems?
and it needs the apache src tree i think, and i have not the foggiest idea where it would be located on a cpanel server when logged in as root.

If none of this is possible with cpanel 6.4, then what would be recommended?
Any and all advice will be greatly appreciated.

 

 

 

 

Top