search

mitchellkrogza / apache-ultimate-bad-bot-blocker

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
Other
777 stars 172 forks source link

CPANEL Users read #57

Closed Nirjonadda closed 6 years ago

Nirjonadda commented 6 years ago

CPANEL Users read Link are not working.

See here: https://image.prntscr.com/image/O6S7Wty8TUGagvxs3hxR7w.png

Nirjonadda commented 6 years ago

Also not working all link like COPY THE GLOBALBLACKLIST.CONF FILE FROM THE REPO.

404: Not Found

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/custom.d/globalblacklist.conf -O /etc/apache2/custom.d/globalblacklist.conf
mitchellkrogza commented 6 years ago

Thanks @Nirjonadda I will address this in the morning. It’s just a typo on my part. Try pulling the globalblacklist file from the Apache_2.2 folder.

Nirjonadda commented 6 years ago

@mitchellkrogza I am using Apache 2.4.29 then what files need to upload from this folder?

Nirjonadda commented 6 years ago

I am using Apache_2.4 folder but have error.

Error:
The “/usr/sbin/httpd” command (process 28831) reported error number 1 when it ended. Configuration problem detected on line 6860 of file /etc/apache2/custom.d/globalblacklist.conf: 6857 # 6858 # ******************************************************** 6859 # ******************************************************** 6860 ===> <=== 6861 6862 6863 6864 Require all granted 6865 6866 # ************************* --- /etc/apache2/custom.d/globalblacklist.conf ---
mitchellkrogza commented 6 years ago

Try pulling the Apache 2.2 version as the 2.4 version is problematic

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -O /etc/apache2/custom.d/globalblacklist.conf

You also need ALL other include files from the same folder

You also need to enable the module access_compat by running

sudo a2enmod access_compat

mitchellkrogza commented 6 years ago

Make sure you download all files using the RAW links

Nirjonadda commented 6 years ago

Still have error

Error:
The “/usr/sbin/httpd” command (process 30866) reported error number 1 when it ended. Configuration problem detected on line 6834 of file /etc/apache2/custom.d/globalblacklist.conf: order not allowed here --- /etc/apache2/custom.d/globalblacklist.conf --- 6828SetEnvIfNoCase Referer ~*zx6\.ru spam_ref 6829SetEnvIfNoCase Referer ~*zynax\.ua spam_ref 6830SetEnvIfNoCase Referer ~*zytpirwai\.net spam_ref 6831SetEnvIfNoCase Referer ~*zzbroya\.com\.ua spam_ref 6832SetEnvIfNoCase Referer ~*zzlgxh\.com spam_ref 6833# END BAD REFERERS ### DO NOT EDIT THIS LINE AT ALL ### 6834 ===> <=== 6835Order Allow,Deny 6836Allow from all 6837Allow from env=good_bot 6838Allow from env=good_ref 6839 6840 # *********************************************** --- /etc/apache2/custom.d/globalblacklist.conf ---
mitchellkrogza commented 6 years ago

Please post your Apache.conf and virtualhost configurations so I can see in the morning what’s up that’s causing that error

Nirjonadda commented 6 years ago

OK, Please can I email this files to you?

Nirjonadda commented 6 years ago

Please check your email INBOX.

mitchellkrogza commented 6 years ago

Please post the output of

sudo apache2ctl -M or sudo httpd -M

Nirjonadda commented 6 years ago

One command not found.

[root@ad ~]# sudo apache2ctl -M
sudo: apache2ctl: command not found
[root@ad ~]# sudo httpd -M
Loaded Modules:
 core_module (static)
 so_module (static)
 http_module (static)
 mpm_worker_module (shared)
 cgid_module (shared)
 access_compat_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cache_module (shared)
 cache_disk_module (shared)
 cache_socache_module (shared)
 dbd_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 expires_module (shared)
 file_cache_module (shared)
 filter_module (shared)
 headers_module (shared)
 imagemap_module (shared)
 include_module (shared)
 log_config_module (shared)
 logio_module (shared)
 mime_module (shared)
 negotiation_module (shared)
 proxy_module (shared)
 proxy_fcgi_module (shared)
 proxy_http_module (shared)
 proxy_wstunnel_module (shared)
 request_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 slotmem_shm_module (shared)
 socache_dbm_module (shared)
 socache_memcache_module (shared)
 socache_shmcb_module (shared)
 status_module (shared)
 suexec_module (shared)
 unique_id_module (shared)
 unixd_module (shared)
 userdir_module (shared)
 usertrack_module (shared)
 version_module (shared)
 ssl_module (shared)
 http2_module (shared)
 bwlimited_module (shared)
 session_module (shared)
 session_cookie_module (shared)
 session_dbd_module (shared)
 auth_form_module (shared)
 session_crypto_module (shared)
 security2_module (shared)
 suphp_module (shared)
[root@ad ~]#
mitchellkrogza commented 6 years ago

That all looks ok, please do the following for me to make sure you have all the correct versions of the files.

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -O /etc/apache2/custom.d/globalblacklist.conf

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/bad-referrer-words.conf -O /etc/apache2/custom.d/bad-referrer-words.conf

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-ips.conf -O /etc/apache2/custom.d/blacklist-ips.conf

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-user-agents.conf -O /etc/apache2/custom.d/blacklist-user-agents.conf

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-domains.conf -O /etc/apache2/custom.d/whitelist-domains.conf

sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-ips.conf -O /etc/apache2/custom.d/whitelist-ips.conf

then do a configtest

httpd -t

or

httpd configtest

Nirjonadda commented 6 years ago

Yes I have uploaded all files but still have same error after adding virtualhost line.

Include /etc/apache2/custom.d/globalblacklist.conf
Error:
The “/usr/sbin/httpd” command (process 30332) reported error number 1 when it ended. Configuration problem detected on line 6837 of file /etc/apache2/custom.d/globalblacklist.conf: order not allowed here --- /etc/apache2/custom.d/globalblacklist.conf --- 6831SetEnvIfNoCase Referer ~*zx6\.ru spam_ref 6832SetEnvIfNoCase Referer ~*zynax\.ua spam_ref 6833SetEnvIfNoCase Referer ~*zytpirwai\.net spam_ref 6834SetEnvIfNoCase Referer ~*zzbroya\.com\.ua spam_ref 6835SetEnvIfNoCase Referer ~*zzlgxh\.com spam_ref 6836# END BAD REFERERS ### DO NOT EDIT THIS LINE AT ALL ### 6837 ===> <=== 6838Order Allow,Deny 6839Allow from all 6840Allow from env=good_bot 6841Allow from env=good_ref 6842 6843 # *********************************************** --- /etc/apache2/custom.d/globalblacklist.conf ---
mitchellkrogza commented 6 years ago

Please show me where and how you are adding that include.

Nirjonadda commented 6 years ago

I am adding in pre_virtualhost_global.conf

Sorry, your changes have introduced a syntax error in pre_virtualhost_2.conf. Please correct the issue.
mitchellkrogza commented 6 years ago

Unfortunately I need to see pre_virtualhost_global.conf before I can help you. I cannot correct any errors without knowing what is going on on your server.

Nirjonadda commented 6 years ago

Are you checked your email INBOX?

mitchellkrogza commented 6 years ago

Yes I did but only got your httpd.conf and not pre_virtualhost_global.conf. I need to see how the include has been added in this file > /etc/apache2/conf.d/includes/pre_virtualhost_global.conf

Nirjonadda commented 6 years ago

Yes httpd.conf file are used for pre_virtualhost_global.conf and pre_virtualhost_global.conf is empty. Modify Apache Virtual Hosts with Include Files pre_virtualhost_global.conf

mitchellkrogza commented 6 years ago

So where have you done the include for the blocker ?

Nirjonadda commented 6 years ago

Check here: https://giant.gfycat.com/AffectionateInferiorIslandcanary.webm

mitchellkrogza commented 6 years ago

Please show me what it says for post_virtualhost ... pre virtualhost does not sound correct as the include must be within a <Directory> block

mitchellkrogza commented 6 years ago

Check your email, you are doing the include incorrectly which is why you are getting errors like that. Pay attention to step 6 of the instructions. https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker

Nirjonadda commented 6 years ago

But when we do Rebuild and all edit will be removed from httpd.conf files.

The include should be done in a <Directory> Block like this

<IfModule mod_include.c>
<Directory "/home/user/public_html">
SSILegacyExprParser On
Include /etc/apache2/custom.d/globalblacklist.conf
</Directory>
mitchellkrogza commented 6 years ago

Have you tested it in the Directory block yet? There must be a way to customize this in CPanel, pretty damn sure I've already dealt with this in issues before 🤔

Nirjonadda commented 6 years ago

I will let you know after PC reset complete. Have some issue from PC .... !