[AntiDDoS] for HestiaCP with vDDoS Proxy Protection

I still don’t understand what is going on here.
The first thing to be clear is whether it is ddos resistant, then it becomes opensource or not, then it becomes recently updated or not, and what happens next?

I still don’t understand.
If someone wants to create a plugin for my project, no matter how clumsy their idea is, I’d be very welcome and even help them fix it to match my experience. I have no reason to despise him.
vDDoS is currently 99% opensource, only 2 files need to be encrypted to prevent difficulty from attackers wanting to bypass challenge filters (one file is the javascript obfuscator code challenge min.js, and one binary file hides the filter configurations /usr/bin/vddos).
The modules it uses are recognized and recommended by the nginx company:

nginx-1.18.0

Tengine is developed from nginx-1.18.0, and now it is Tengine 2.3.3, it is not nginx-1.18.0 anymore. I hope you understand that, the new nginx vulnerabilities belong to the later versions of itself, if it is related to nginx-1.18.0 the Tengine team just need to update it, it doesn’t It is not related to the latest nginx vulnerabilities, because the latest nginx updates that cause the vulnerability are caused by the nginx dev team, not the Tengine dev team, the Tengine dev team causes the error and they themselves will have to update it. Tengine and the latest nginx are no longer related, except for what they both keep from nginx-1.18.0.

Anyway, I suppose, even if I make vDDoS 100% opensource and the modules it uses are updated to the latest devs… the situation won’t change.

From the outset, it seemed like the problem was ethnicity, or something like that.

There are many ways to antiddos, I just announced this is the way I usually use, and the story will end here. I won’t reply further to this thread, if someone does it my way and is interested in it they can contact me on the project home page. Or if not interested, for example you don’t like girls with blonde hair, find and date girls with pink hair, this is your choice, just ignore it.

And thank you for creating hestiacp, (it’s very good, the best in the current opensource hosting panel, I will recommend my clients to use it) if you want you can leave this topic or if it doesn’t suitable can delete it.

Filemanger VestaCP provides is fully open source if you enter “anything” random in the config file it will work. If it is ethical that is something else but that is not the point…

SFTP chroot I never checked because I never used it (Including Filemanger) except for testing.

There is nothing wrong with closed software. Even I have written it because it pays my bills. So that is not special.

But instead hiding the fact that the system is build on secret software but it is based on a outdated version of “Tengine” that is build on Nginx 1.18 that is information that is useful to provide because in this case there might be security issues. And on a security product that sucks.

Also Hestia provides excelete security features that allows bots to be blocked before it reaches nginx / website server .

Set up an Ipset with the blacklist available by default and it stops about 90% off the bot traffic hitting against at least my server. That have a larger affect on my servers because those are not stopped because that hit against ip / public ip for mail server.

I have been building commercial websites since 1994 when I built one of the world’s first online stores. I have been testing and using HestiaCP for about two years now. I think it is one of the best and most secure open source projects in existence. I am a college instructor and I recommend Hestia CP to all of my students.
While I am not an expert on servers, I think the Hestia CP team made the correct decision to use Nginx as a proxy server in front of Apache. I think Eris and ScIT are giving good advice when they recommend against uninstalling Nginx. Therefore, while I appreciate the effort of DUY13 in creating an Anti DDOS program, I think he should consider making in compatible with HestiaCP and Nginx.
Second, I would like to respectfully disagree with Eris and ScIT about the wisdom of closed source code. By Open Source, I mean that the source code is available for public inspection, auditing, scientific research and open debate about the code versus other alternatives. I think there is abundant research that open source code is more secure than closed source code. For example, in 2021, according to US Mitre CVE reports, the Windows operating system had 759 reported security flaws while the Debian Linux operating system did not have a single reported security flaw! To be clear, there were a couple of flaws reported for Debian Linux, but they were actually flaws created by programs outside the control of Debian Linux.
Even the leaders of Microsoft have recognized the wisdom of open source code. As just one example of this change in philosophy, since 2016, at its server farm in Quincy Washington, Microsoft has replaced the Windows operating system with the Linux operating system on nearly all of its servers. In addition, Microsoft has replaced more than 3,000 Windows programmers with Linux programmers since 2016 here in Washington state (where I live).
I think the primary reason the Debian operating system is more secure than Windows is that the Debian operating system is open source. This has led to a healthy debate in the Debian community over the past 20 years that has resulted in a more secure operating system. I therefore recommend not only Debian servers but also using the Debian operating system for desktop and laptop computers.
Based on the track record of Open Source versus Closed Source code, I would encourage DUY13 to consider making his program completely open source. In my opinion, there is no long term advantage in trying to hide behind close source code.
Finally, I would encourage DUY13 to not be offended by the suggestions from Eris and ScIT. Both are merely expressing their opinion - which is important for all of us to do. It is how we make the world a better place.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.