HttpGuard (focus on preventing cc attacks, more powerful defense capabilities)

July 19, 2017 31224 point heat 2 people like 4 comments

What is HttpGuard


HttpGuard is based on openresty , anti cc attack software developed in lua script language. Openresty integrates the high-performance web server Nginx and a series of Nginx modules, the most important of which is the nginx Lua module we mainly use. HttpGuard is developed based on nginx lua and inherits the features of nginx with high concurrency and high performance. It can prevent large-scale cc attacks with very little performance loss.
The following describes some features of HttpGuard anti cc.

  • Limit the number of requests made by visitors within a certain period of time
  • Send 302 turn response headers to visitors to identify whether they are malicious users and prevent them from visiting again
  • Send js code with jump function to visitors to identify whether they are malicious users and prevent them from visiting again
  • Support sending pages with verification code to visitors for further identification to avoid accidental injury
  • Support direct disconnection of malicious visitors
  • Support the combination of iptables to prevent malicious visitors from reconnecting
  • Support whitelist function
  • Support automatically turning on or off the anti cc mode according to the statistics of the number of connections of a specific port

Github project address: https://github.com/centos-bz/HttpGuard
Contact the author: admin # centos. bz

Start deploying HttpGuard

1、 Install openrest or nginx lua


Before installing HttpGuard, you need to install openrest or nginx lua. There are three methods:

2、 Installing HttpGuard

Suppose we install HttpGuard to/data/www/waf/. Of course, you can choose to install it in any directory. The user running nginx is www.
cd /data/www
wget --no-check-certificate https://github.com/centos-bz/HttpGuard/archive/master.zip
unzip master.zip
mv HttpGuard-master waf
chown www waf/logs

3、 Generate verification code image (optional)


In order to support the verification code to identify users, we need to generate a verification code image. To generate the verification code image, the system needs to install php and the php gd module.

Execute the getImg.php file from the command line

cd /data/www/waf/captcha/
/usr/local/php/bin/php getImg.php

It may take several minutes to generate about 10000 images.


4、 Modify nginx.conf configuration file

Body content

Enter the following code into the http block:

lua_package_path "/data/www/waf/?.lua";
lua_shared_dict guard_dict 100m;
lua_shared_dict dict_captcha 70m;
init_by_lua_file '/data/www/waf/init.lua';
access_by_lua_file '/data/www/waf/runtime.lua';
lua_max_running_timers 1;

Remember to modify the relevant path.

5、 Configure HttpGuard


All configuration items of HttpGuard are in the config.lua file. Please modify the configuration file according to the following article.

https://vv1234.cn/archives/245.html

Gcod

If life is just like the first sight, what is the sad autumn wind painting fan

Article comments

  • cops

    Thanks a lot for sharing this with all of us you actually
    understand what you're speaking approximately! Bookmarked.
    Please also discuss with my website =). We will have a link change contract between us

    August 11, 2018
  • angelina

    angelina

    July 26, 2017
  • Ji Changxin

    Someone attacked?

    July 20, 2017