" /> ramblings of a system administrator.: August 2006 Archives

« July 2006 | Main | September 2006 »

August 24, 2006

preventing against ddos attacks.

what is a ddos attack, you ask? a distributed denial of service (ddos) attack is when multiple computers try to flood your server with thousands of connections with the goal in mind to bring your server down for a good chunk of time.

a lot of people fall victim to these attacks daily.

they don't have to.

(d)dos-deflate is an open-source tool that will prevent against any denial of service attacks. you can download it here.

all of the configuration files by default get stored in /usr/local/ddos/ddos.conf.

i've personally tweaked the system to ban the IP for a little longer than the default 600 seconds, and of course, don't forget to change the email address so that the warnings go to you. (you wouldn't want your IP being blocked accidentally and have your email warnings go to a possibly unchecked email address!)

you can also whitelist IP addresses by adding them, line by line, to /usr/local/ddos/ignore.ip.list.

August 22, 2006

resolving canonical issues with plesk.

in the world of SEO (search engine optimization), there is an unwritten rule (well, it will be written sooner or later) that you can't have duplicate content on google search engines from the same site. this means that http://www.domain.com and http://domain.com cannot both be found by search engines. you must choose one or the other or you may face a penalty.

there's an easy solution for this using vhosts in plesk. the only not-so-user-friendly part about this that you have to do it for every domain you are worried about, and with 100+ domains, you'll be making 100+ (or 200+ files if you have SSL support as well) vhost files for each domain.

in any event, this is how it's done.

navigate on your plesk server to your domain's conf directory. on some machines, it's

# cd /var/www/vhosts/domain.com/conf

i prefer going through this shortcut:

# cd /home/httpd/vhosts/domain.com/conf

regardless, both are symbolically linked -- or they should be in certain setups.

create the file vhost.conf

# vi vhost.conf

add the following to the vhost.conf file

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}$1 [QSA,R=301,L]

for domains with SSL support, you will need to create a file called vhost_ssl.conf as well.

# vi vhost_ssl.conf
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}$1 [QSA,R=301,L]

that's it! now, run this plesk command to process your update.

# /usr/local/psa/admin/bin/websrvmng -av

load your page in your preferred web browser as http://domain.com. it will automatically redirect to http://www.domain.com and will be reflected in search engines with the www prefix only.