I am trying to integrate mod_evasive with httpd on centos7. Module is installed and getting loaded by httpd upon restart. However, it is not picking up the parameters specified in /etc/httpd/conf.d/mod_evasive.conf file as specified below.
LoadModule evasive20_module modules/mod_evasive24.so
<IfModule mod_evasive24.c>
DOSHashTableSize 3097
DOSPageCount 20
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSEmailNotify xyz#mail.com
DOSLogDir "/var/log/mod_evasive"
</IfModule>
I am testing the performance by one perl script as-
#!/usr/bin/perl
# test.pl: small script to test mod_dosevasive's effectiveness
use IO::Socket;
use strict;
for(0..300) {
my($response);
my($SOCKET) = new IO::Socket::INET( Proto => "tcp",
PeerAddr=> "172.31.19.247:80");
if (! defined $SOCKET) { die $!; }
print $SOCKET "GET /?$_ HTTP/1.0\n\n";
$response = <$SOCKET>;
print $response;
close($SOCKET);
}
Command executed by me is perl test.pl > sample.txt
In sample.txt, I'm getting HTTP/1.1 200 OK for first 120 requests and HTTP/1.1 403 Forbidden for all the remaining requests. But as per my understanding, the configuration set, It should have to start denying beyond 50 requests as specified in DOSSiteCount in mod_evasive.conf file. Am I missing something here?
Related
I am using rocket chat rest API, every thing works good, but when i upload file to rocket chat rest api, it shows error 413 Request Entity Too Large, but when i upload file from website it uploaded any size of fie.
After checking all scenario, I concluded that file size less than and equal to 1 mb is uploaded successfully, and greater than 1 MB shows this error 413 Request Entity Too Large.
I upload file from post man using this url
https://rocket.chat.url/api/v1/rooms.upload/RoomId
Headers:
Content-Type:application/x-www-form-urlencoded
X-Auth-Token:User-Token
X-User-Id:User-Id
Form-Data:
file - selected file
Html result Error
<html>
<head><title>413 Request Entity Too Large</title></head>
<body bgcolor="white">
<center><h1>413 Request Entity Too Large</h1></center>
<hr><center>nginx/1.10.3 (Ubuntu)</center>
</body>
</html>
when File successfully insert it shows following.
{
"success": true
}
After checking many scenarios and search many urls i get solution from this.
I have used rocket chat docker and I append one line to nginx config file.
Solution:
login to ubuntu server
write sudo nano /etc/nginx/nginx.conf and hit enter
Add or update client_max_body_size in
http {
client_max_body_size 8M; #used your exceeded limit instead of 8M
#other lines...
}
Restart nginx by command service nginx restart or systemctl restart nginx
Uploading larger file again, and it is successful.
I inherited maintenance of a self-written CGI application without
documentation and have never met the original author. The application
stopped working in Debian 8, but worked in Debian 7 and CentOS 5. The
main changes were the upgrade from Apache 2.2 (used by Debian 7 &
CentOS 5) to Apache 2.4 (used by Debian 8) and the upgrade from perl
5.8 (in CentOS 5) respectively perl 5.14 (in Debian 7) to perl 5.20.
The problematic part boils down to the following script (a
302-redirect):
#!/usr/bin/perl
$|=1; # activate auto-flushing of stdout
use strict;
use warnings;
my $CRLF = "\015\012";
print STDOUT "Status: 302 Moved Temporarily$CRLF" .
"Location: /does_not_matter$CRLF" .
"URI: /does_not_matter$CRLF" .
"Connection: close$CRLF" .
"Content-type: text/html; charset=UTF-8$CRLF$CRLF";
close STDOUT;
while(1) {
sleep 1;
}
The observed behavior is that the redirect never reaches the client
as long as the script is still running when used with Apache 2.4, but
there is no error message in Apache's error.log. I changed the client
(Firefox, Chromium, wget), the Apache module (mod_cgid & mod_cgi),
sent additional headers, removed the close STDOUT, removed the
$|=1, replaced the $CRLF with \n and made the script
fork and exit the parent process (so that Apache is no longer the
parent process), all to no avail. The only things that worked: use
Apache 2.2, turn the script into an NPH-CGI-script (which has to send
complete HTTP headers that Apache will not modify in any way, even if
they contain errors), make the script exit instead of entering an
endless loop. I confirmed via tcpdump that the packages with the
redirect indeed never leave the server before the script is killed.
And from the Date-line in the response and the time of the eventual
arrival I gather that Apache receives my output immediately (&
immediately adds the Date-line to the headers), but does not send the
response to the client.
Don't bother answering, I already figured the solution out by myself
and will write an answer. I just want to make the solution available
to others who might encounter the same problem.
The problem was the missing message body. A 302 redirect may contain
a message body (see RFC 2616, section 4.3 (Message Body): "All other
responses do include a message-body, although it MAY be of zero
length"), but a Content-Length-line is optional (section 4.4 of RFC
2616 says the message body length can be determined by closing the
connection if the Content-Length-line is missing). Since Apache can
not know whether I want to send a message body or not, it has to wait
until I close the connection or actually send the message body
(Apache 2.2 apparently behaved erroneously here by not waiting for
the message body - or maybe close STDOUT; does not do in perl
5.20 what it did in older perl versions). The correct script should
therefore look like this (verified to work both in Apache 2.2 and in
Apache 2.4) - the only difference is an additional $CRLF which
terminates a zero-length message body:
#!/usr/bin/perl
$|=1; # activate auto-flushing of stdout
use strict;
use warnings;
my $CRLF = "\015\012";
print STDOUT "Status: 302 Moved Temporarily$CRLF" .
"Location: /doesNotMatter$CRLF" .
"URI: /doesNotMatter$CRLF" .
"Connection: close$CRLF" .
"Content-type: text/html; charset=UTF-8$CRLF$CRLF$CRLF";
close STDOUT;
while(1) {
sleep 1;
}
It was https://stackoverflow.com/a/8062277/2845840 that pointed me in the right direction.
I'm totally new to the apache httpd stuff
I setup my host ServerHost1 as a file server with httpd
# httpd -v
Server version: Apache/2.4.6 (Red Hat Enterprise Linux)
Server built: Dec 2 2014 08:09:42
I have put the file TestFile.txt under /var/www/html/TestDir/TestFile.txt
I modified part of the httpd.conf as follow
<Directory />
Order deny,allow
Allow from all
</Directory>
On a test host TestHost1 with full Internet access, I can downloaded my file with wget
TestHost1]# wget http://ServerHost1/TestDir/TestFile.txt
--2016-03-17 13:39:12-- http://ServerHost1/TestDir/TestFile.txt
Resolving ServerHost1 (ServerHost1)... <IP address>
Connecting to ServerHost1 (ServerHost1)|<IP address>|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2859976598 (2.7G) [application/octet-stream]
Saving to: ‘TestFile.txt’
2% [> ] 60,645,376 24.0MB/s
On the host sitting on a semi-isolated network TestHost2, I have to use proxy for wget to work. It works fine with google
TestHost2]# wget google.ca
--2016-03-17 13:53:26-- http://google.ca/
Resolving proxy.com (proxy.com)... <ProxyIP>
Connecting to proxy.com (proxy.com)|<ProxyIP>|:3128... connected.
Proxy request sent, awaiting response... 301 Moved Permanently
Location: http://www.google.ca/ [following]
--2016-03-17 13:53:26-- http://www.google.ca/
Reusing existing connection to proxy.com:3128.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’
[ <=> ] 19,928 --.-K/s in 0.1s
2016-03-17 13:53:27 (159 KB/s) - ‘index.html’ saved [19928]
However when I try to get my file from ServerHost1, it gets ERROR 503: Service Unavailable
TestHost2]# wget http://ServerHost1/TestDir/TestFile.txt
--2016-03-17 13:57:13-- http://ServerHost1/TestDir/TestFile.txt
Resolving proxy.com (proxy.com)...<ProxyIP>
Connecting to proxy.com (proxy.com)|<ProxyIP>|:3128... connected.
Proxy request sent, awaiting response... 503 Service Unavailable
2016-03-17 13:57:13 ERROR 503: Service Unavailable.
So the question is
(1) Why am I seeing 503 ServiceUnavailable when the file is apparently available (since I can downloaded from testhost1)?
(2) How do I configure my httpd.conf file so that TestHost2 can wget the file from ServerHost1?
Maybe try with ProxyRequests as described in Apache docs https://httpd.apache.org/docs/2.4/mod/mod_proxy.html
I have a perl script in my cgi-bin. It first prints out the following statements
print "Status: 200 OK\nContent-Type: text/html\n\n";
It generates a html form on the terminal perfectly but when I try running it on the browser it gives the following error
Internal Server Error The server encountered an internal error or
misconfiguration and was unable to complete your request. Please
contact the server administrator at [no address given] to inform them
of the time this error occurred, and the actions you performed just
before this error.
I have enabled cgi-bin in the apache configuration, the error log prints the following error
End of script output before headers
What could be the problem and how should I resolve it
You must have the Content-Type be the first thing printed back to the screen. Also make sure the script is set as executable.
print "Status: 200 OK\nContent-Type: text/html\n\n";
Should be:
print "Content-Type: text/html\n\nStatus: 200 OK\n";
The script also needs to be executable by Apache for it to work
chmod a+x YourScript.pl
I've tested with the following script and once I fixed the permissions it works just fine. You also only need to set the status if it isn't 200 as that's the default.
#!/usr/bin/perl
use strict;
print "Status: 200\nContent-Type: text/html\n\n";
print "<p>Foo</p>";
How do I set in autobench that I'm testing an HTTPS (port 443) URL?
When I call it with:
autobench --single_host --host1 host.com --port1 443 --uri1 /hello --num_conn 1000 --timeout 5 --low_rate 10 --high_rate 50 --rate_step 10 --num_call 10 --quiet --file results.tsv
it shows:
httperf.parse_status_line: invalid status line `<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'!!
httperf.parse_status_line: bad status 1
Which is not correct because that HTTPS page (in the example above would be https://host.com/hello) returns a valid 200 OK response.
Thanks
You need to add the following line to your ~/.autobench.conf file:
httperf_ssl = NULL
--ssl is a command-line argument of httperf, which autobench calls underneath. The NULL value means to not pass a value for that arg to httperf.
Generally speaking, you can add any additional command-line arguments to httperf by putting them in the config file and prepending them with httperf_. Another example:
httperf_add-header = "Authorization: Basic Zm9vOmJhcg=="
is equivalent to running httperf --add-header "Authorization: Basic Zm9vOmJhcg=="