Reboot 772 Posted January 19, 2015 Author Share Posted January 19, 2015 Thank you Ayaka mod_security added mod_evasive coming soon, and other protection 3 Link to comment Share on other sites More sharing options...
danhakhavro 42 Posted January 19, 2015 Share Posted January 19, 2015 (edited) I have this problem when create user in mysql. Do you know how solve? XD If somebody have this problem the solution is easy. pwd_mkdb -p /etc/master.passwd chown -R mysql /var/db/mysql && chgrp -R mysql /var/db/mysql After this 2 steps you can add the user. Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal Link to comment Share on other sites More sharing options...
Remix 45 Posted January 19, 2015 Share Posted January 19, 2015 @topic: We need to install packages, not programs. First of all: Tutorial work! But: - First install apache then other packages because Apache is the web server, then MySQL, then PHP (because PHP requires some libraries be available) I would do this with PORTS. But already said (). Configurate: What about php.ini settings? I am tired of hearing "I have a Too many connections error" Security: If you list mods like mod_antiloris, you can add: mod_limitipconn, mod qos, mod_evasive, mod_security, mod_noloris. - The most important thing to block Attacks on Ubuntu/Debian is (as far as I can see ) definitly Fail2Ban with IPTABLES but i dont know whats the best for BSD Why install mysql? And why using apache instead of nginx? Apache is the most used webserver. With Apache as your Web server, you'll be assured long and reliable service as it's a solid, configurable and capable Web server so why not?? nginx is faster than Apache in transfer rate but has less of a wait time between receiving the request and passing a response back. Benchmarks proved that. The only question is what you need. i dont think you use apache very often if you ask about why installing mysql. I dont get the the point here: You can install the php mysql extension without installing mysql And that makes nginx better? Cmon Today you need a good ddos protection and in the case of a layer 7 attack nginx is much much much better than apache nginx runs as an event (apache as a process) so it can handle that better I hope you know that the cake hasn't quite turned out as I'd hoped... The disadvantage of process-based servers like apache under heavier loads is that they usually consume far more RAM which significantly degrades performance and has nothing to do with a "good ddos protection". When your server fucked up because of RAM while a DDos attack (CPU trying to process the amount of data that coming in) then i have to say: Leave it all. Without a good hoster (mitigation solution and that is the point against DDoS) your going down with apache and with nginx sooner or later. It's a fact that nginx is better than apache Fact is: The BEST webserver does not exist. The best webserver is the one which is better configurated and better protected. That can be apache or nginx. edit:// I do not understand why to use apache wich is shitty for me , instead of nginx ( way better and "smart" ). why is it shit? Because its not smart to you? Because its not as simple as nginx? too much to install or configurate? Then use LAMP: http://en.wikipedia.org/wiki/LAMP_(software_bundle) Why you guys cant give me a compelling evidence WHY the fuck apache is shit? Its a powerfull web server (over 35% of all websites based on it) if you can configurate and protect it. Cant handel apache doesnt mean its shit. Debian and Windows Server are the most used operating systems for servers but that doesn't mean that they are the best FreeBSD has a much better performance My homepages were the only homepages which were never down because of ddos Because i never used apache Do you think we've never tested the performace during a layer7 attack? Apache is instant down instead of nginx All benchmarks never tested an attack and if they did it wasnt a good attack Today you need a good protection especially for the homepage but apache isnt able to offer any protection If you don't believe me feel free to use apache but don't cry if your homepage is under attack And i never said that nginx is better because you dont need to install mysql for the php extension Btw your server doesn't handle an attack - the hoster does Your server has 0 connection to the attack... And a ddos attack doesn't fuck up the ram Link to comment Share on other sites More sharing options...
Reboot 772 Posted January 19, 2015 Author Share Posted January 19, 2015 @topic: We need to install packages, not programs. First of all: Tutorial work! But: - First install apache then other packages because Apache is the web server, then MySQL, then PHP (because PHP requires some libraries be available) I would do this with PORTS. But already said (). Configurate: What about php.ini settings? I am tired of hearing "I have a Too many connections error" Security: If you list mods like mod_antiloris, you can add: mod_limitipconn, mod qos, mod_evasive, mod_security, mod_noloris. - The most important thing to block Attacks on Ubuntu/Debian is (as far as I can see ) definitly Fail2Ban with IPTABLES but i dont know whats the best for BSD Why install mysql? And why using apache instead of nginx? Apache is the most used webserver. With Apache as your Web server, you'll be assured long and reliable service as it's a solid, configurable and capable Web server so why not?? nginx is faster than Apache in transfer rate but has less of a wait time between receiving the request and passing a response back. Benchmarks proved that. The only question is what you need. i dont think you use apache very often if you ask about why installing mysql. I dont get the the point here: You can install the php mysql extension without installing mysql And that makes nginx better? Cmon Today you need a good ddos protection and in the case of a layer 7 attack nginx is much much much better than apache nginx runs as an event (apache as a process) so it can handle that better I hope you know that the cake hasn't quite turned out as I'd hoped... The disadvantage of process-based servers like apache under heavier loads is that they usually consume far more RAM which significantly degrades performance and has nothing to do with a "good ddos protection". When your server fucked up because of RAM while a DDos attack (CPU trying to process the amount of data that coming in) then i have to say: Leave it all. Without a good hoster (mitigation solution and that is the point against DDoS) your going down with apache and with nginx sooner or later. It's a fact that nginx is better than apache Fact is: The BEST webserver does not exist. The best webserver is the one which is better configurated and better protected. That can be apache or nginx. edit:// I do not understand why to use apache wich is shitty for me , instead of nginx ( way better and "smart" ). why is it shit? Because its not smart to you? Because its not as simple as nginx? too much to install or configurate? Then use LAMP: http://en.wikipedia.org/wiki/LAMP_(software_bundle) Why you guys cant give me a compelling evidence WHY the fuck apache is shit? Its a powerfull web server (over 35% of all websites based on it) if you can configurate and protect it. Cant handel apache doesnt mean its shit. Debian and Windows Server are the most used operating systems for servers but that doesn't mean that they are the best FreeBSD has a much better performance My homepages were the only homepages which were never down because of ddos Because i never used apache Do you think we've never tested the performace during a layer7 attack? Apache is instant down instead of nginx All benchmarks never tested an attack and if they did it wasnt a good attack Today you need a good protection especially for the homepage but apache isnt able to offer any protection If you don't believe me feel free to use apache but don't cry if your homepage is under attack And i never said that nginx is better because you dont need to install mysql for the php extension Btw your server doesn't handle an attack - the hoster does Your server has 0 connection to the attack... And a ddos attack doesn't fuck up the ram I think not see well. As you can see I put tutorials about protection. In total there are 20 protection Apache will post all. 3 Link to comment Share on other sites More sharing options...
Ayaka 300 Posted January 19, 2015 Share Posted January 19, 2015 Debian and Windows Server are the most used operating systems for servers but that doesn't mean that they are the best FreeBSD has a much better performance My homepages were the only homepages which were never down because of ddos Because i never used apache Do you think we've never tested the performace during a layer7 attack? Apache is instant down instead of nginx All benchmarks never tested an attack and if they did it wasnt a good attack Today you need a good protection especially for the homepage but apache isnt able to offer any protection If you don't believe me feel free to use apache but don't cry if your homepage is under attack And i never said that nginx is better because you dont need to install mysql for the php extension Btw your server doesn't handle an attack - the hoster does Your server has 0 connection to the attack... And a ddos attack doesn't fuck up the ram Ok i think we talk at cross purposes. I never said that apache or debian is better. FreeBSD has a much better performance -> Right, never said anything else. What I meant to say is that you can preventing your Apache server as long as you take the time to lock down the server. You never used apache but you're insist that it cant be configurate effective against DDoS, thats interesting. "your server doesn't handle an attack - the hoster does" ?? Read my post again. I was written the same thing but the webserver has 0 connection to the attack? What are you writing xD If it has nothing to do with it, we dont have to talk about which webserver we should use (DDOS is a family of attacks which overwhelm key systems in the datacenter including your webserver) . If apache isnt able to offer any protection then you have no clue how to configuate it. nginx is great. Im using it for metin2 webserver too, but to say that apache is shit is just wrong. If your main argument is that nginx is the best against DDoS and so fast then you sould look for LSWS. [irony]Oh moment. nginx is shit because LSWS mitigates DDoS and its faster then nginx.[/irony] F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Remix 45 Posted January 19, 2015 Share Posted January 19, 2015 Debian and Windows Server are the most used operating systems for servers but that doesn't mean that they are the best FreeBSD has a much better performance My homepages were the only homepages which were never down because of ddos Because i never used apache Do you think we've never tested the performace during a layer7 attack? Apache is instant down instead of nginx All benchmarks never tested an attack and if they did it wasnt a good attack Today you need a good protection especially for the homepage but apache isnt able to offer any protection If you don't believe me feel free to use apache but don't cry if your homepage is under attack And i never said that nginx is better because you dont need to install mysql for the php extension Btw your server doesn't handle an attack - the hoster does Your server has 0 connection to the attack... And a ddos attack doesn't fuck up the ram Ok i think we talk at cross purposes. I never said that apache or debian is better. FreeBSD has a much better performance -> Right, never said anything else. What I meant to say is that you can preventing your Apache server as long as you take the time to lock down the server. You never used apache but you're insist that it cant be configurate effective against DDoS, thats interesting. "your server doesn't handle an attack - the hoster does" ?? Read my post again. I was written the same thing but the webserver has 0 connection to the attack? What are you writing xD If it has nothing to do with it, we dont have to talk about which webserver we should use (DDOS is a family of attacks which overwhelm key systems in the datacenter including your webserver) . If apache isnt able to offer any protection then you have no clue how to configuate it. nginx is great. Im using it for metin2 webserver too, but to say that apache is shit is just wrong. If your main argument is that nginx is the best against DDoS and so fast then you sould look for LSWS. [irony]Oh moment. nginx is shit because LSWS mitigates DDoS and its faster then nginx.[/irony] Layer 7 attacks the server itself Layer 4 doesn't Layer 7 doesn't attack something else than your server Layer 4 attacks the routers, not your server Link to comment Share on other sites More sharing options...
Ayaka 300 Posted January 19, 2015 Share Posted January 19, 2015 Layer 7 is attacking the server itself Layer 4 doesn't Layer 7 doesn't attack something else than your server Layer 4 attacks the routers, not your server The OSI model is well known to me, still thanks.. you dont get my purposes but its ok. F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Remix 45 Posted January 19, 2015 Share Posted January 19, 2015 Layer 7 is attacking the server itself Layer 4 doesn't Layer 7 doesn't attack something else than your server Layer 4 attacks the routers, not your server The OSI model is well known to me, still thanks.. you dont get my purposes but its ok. You said ddosing a website attacks the datacenter (including the own server) but you must mean layer 4 but nobody attacks websites with layer 4 Link to comment Share on other sites More sharing options...
Ayaka 300 Posted January 19, 2015 Share Posted January 19, 2015 (edited) Layer 7 is attacking the server itself Layer 4 doesn't Layer 7 doesn't attack something else than your server Layer 4 attacks the routers, not your server The OSI model is well known to me, still thanks.. you dont get my purposes but its ok. You said ddosing a website attacks the datacenter (including the own server) but you must mean layer 4 but nobody attacks websites with layer 4 nobody attacks TCP, UDP? interesting. Maybe we should invent booter. // edit: Im offtopic and out here. i had posted all what i wanted to say Edited January 19, 2015 by Ayaka F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Remix 45 Posted January 19, 2015 Share Posted January 19, 2015 Layer 7 is attacking the server itself Layer 4 doesn't Layer 7 doesn't attack something else than your server Layer 4 attacks the routers, not your server The OSI model is well known to me, still thanks.. you dont get my purposes but its ok. You said ddosing a website attacks the datacenter (including the own server) but you must mean layer 4 but nobody attacks websites with layer 4 nobody attacks TCP, UDP? interesting. Maybe we should invent booter. // edit: Im out here. i had posted all what i wanted to say i never said that nobody uses that i just said that nobody uses it to attack websites why using layer 4 methods if you can down websites easily with layer 7 attacks (e.g rudy, http get, http head, etc) because everybody uses apache Link to comment Share on other sites More sharing options...
Reboot 772 Posted January 26, 2015 Author Share Posted January 26, 2015 Update SSL Conection for xenforo and mysql 1 Link to comment Share on other sites More sharing options...
danhakhavro 42 Posted February 8, 2015 Share Posted February 8, 2015 (edited) Why o have this problem? I looking some tutorials and they say i must install php5-mysql, but when i install them i have this problem: When open my "link" they download my site. What i did wrong? Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal Link to comment Share on other sites More sharing options...
alin2894 14 Posted February 8, 2015 Share Posted February 8, 2015 (edited) Why o have this problem? I looking some tutorials and they say i must install php5-mysql, but when i install them i have this problem: When open my "link" they download my site. What i did wrong? Use a clean FreeBSD, and follow the tutorial and steps. To me it worked perfectly. You must have software installed that conflict. Its tested on freebsd 10 and 10.1 Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 1 Link to comment Share on other sites More sharing options...
danhakhavro 42 Posted February 8, 2015 Share Posted February 8, 2015 (edited) Why o have this problem? I looking some tutorials and they say i must install php5-mysql, but when i install them i have this problem: When open my "link" they download my site. What i did wrong? Use a clean FreeBSD, and follow the tutorial and steps. To me it worked perfectly. You must have software installed that conflict. Its tested on freebsd 10 and 10.1 Do you know why i registe in site and the site dont send any information do db? The simple registe page dont sen any information to db...I Dont know why. There the simple regist page doesnt send information do db.. Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal Link to comment Share on other sites More sharing options...
Ayaka 300 Posted February 8, 2015 Share Posted February 8, 2015 (edited) Why o have this problem? I looking some tutorials and they say i must install php5-mysql, but when i install them i have this problem: When open my "link" they download my site. What i did wrong? Use a clean FreeBSD, and follow the tutorial and steps. To me it worked perfectly. You must have software installed that conflict. Its tested on freebsd 10 and 10.1 Do you know why i registe in site and the site dont send any information do db? The simple registe page dont sen any information to db...I Dont know why. There the simple regist page doesnt send information do db.. Code correct? Got an error? mysql_query($sql) or die(mysql_error()); Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 1 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
danhakhavro 42 Posted February 8, 2015 Share Posted February 8, 2015 (edited) Yes, they have error. They say account already exist or someting is wrong. But i tested this site in xamp and there work fine. And this impossibel exist account because ... Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal Link to comment Share on other sites More sharing options...
Ayaka 300 Posted February 8, 2015 Share Posted February 8, 2015 (edited) Yes, they have error. They say account already exist or someting is wrong. But i tested this site in xamp and there work fine. And this impossibel exist account because ... Error cant be "account already exist" if this shown databes/table is used in script Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 1 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
danhakhavro 42 Posted February 9, 2015 Share Posted February 9, 2015 In this tutorial dont have portsnap. There is dont needed ? alin2894 you right, in freebsd 10.1 they work fine but in freebsd 9.3 there dont work. And... For free bsd 10.1, can you post the libs? Link to comment Share on other sites More sharing options...
danhakhavro 42 Posted February 9, 2015 Share Posted February 9, 2015 Installing and configuring php 5.6 extensions and extra extensions. pkg install php56-extensions pkg install php56-mysqli pkg install php56-gd pkg install php56-openssl DONE Ok, you forget this extension "pkg install php56-mysql" without them site cant connect to mysql... Link to comment Share on other sites More sharing options...
Denis 1477 Posted February 10, 2015 Share Posted February 10, 2015 Moved to FreeBSD section. Link to comment Share on other sites More sharing options...
Reboot 772 Posted February 16, 2015 Author Share Posted February 16, 2015 .VDI added, link download at first post. 2 Link to comment Share on other sites More sharing options...
Reboot 772 Posted March 4, 2015 Author Share Posted March 4, 2015 With varnish cache you site can fly. UPDATE 04.03.1015 Varnish cache added, chech first post. Link to comment Share on other sites More sharing options...
Management AZICKO 7403 Posted March 16, 2020 Management Share Posted March 16, 2020 Slowloris & Mega Links Scamming ? Reselling ? metin2.download | metin2.dev | fr.metin2.dev | metin2dev.org | metin2.top | top-metin2.org Link to comment Share on other sites More sharing options...
Cilindro 14 Posted April 11, 2020 Share Posted April 11, 2020 pkg install mod_antiloris is only for apache2.2 and not for apache2.4 Link to comment Share on other sites More sharing options...
Recommended Posts