hello - i have been using virtualmin for a couple of years now - and we are reaching a point where i have less and less time to devote to server maintenance issues.
if i were a professional user, how much “support” would that buy us?
specifically, we seem to get DoS attacked about every other day. yes i have done the mod_qos and followed the other forum suggestions, but yet the attacks continue.
ideally we could somehow limit the number of php-cgi processes per IP number. i know there is a setting i played with, but again the attacks persist.
my home-grown crude answer is to have a php script that looks at ‘ps aux’ every couple of minutes - when i see too many php-cgi processes for one user, i kill those php-cgi processes, and if i see too many total (like 50) i issue a killall php-cgi - not the optimium solution for sure, but at least the server keeps going!
As I understand it, Virtualmin Pro doesn’t really get you system administration support, but rather support for Virtualmin Pro itself as a product. For the guys at Virtualmin to provide system administration support it would eat away at their time to put into building a better set of “Min” products.
That said, I am a seasoned system administrator, who has helped many folks within this community and abroad keep their systems running smoothly.
I would be willing to offer my technical skills to help keep your server running optimally and reduce the effects of things like DOS and DDOS attacks which I do understand are quite annoying.
As mentioned in another post a few days back, I am also offering with select support packages a FREE copy of Virtualmin Pro, so if you’ve ever considered giving it a try this could be a great deal for you. Exceptional Support + Virtualmin Pro…
Drop me a line on Skype or by email if you’d like to discuss things further and perhaps take this offer for a spin
Virtualmin Pro actually comes with a feature that allows you to set a maximum number of processes per account.
When you’re using FCGI or CGI (which is the default), that would prevent a DoS on one domain from taking Apache offline.
Also, I’ve had some luck with DDoS-deflate. It’s a rather simplistic tool, but it does do the trick. It looks at how many open connections a given incoming IP address has, and if it’s over a certain threshold, it’ll block that host temporarily (an hour by default). For a good many bots, that’s enough to send them on their way. That’s available here:
hi - i have deflate installed… does it bother anybody that the software has not been updated in 9 years? i have no issues wearing clothes that old, but for software it seems a bit odd.
virtualmin pro is looking like it might be the best option.
