Banjax Installation on Centos

[Samirarahiqi]

Hi everybody,
I have a Apache Traffic Server . And now I want to use banjax on it. Now the ATS has been installed on my server (ATS v 8.0.8). I installed banjax based on guide in github. When I installed it from so file all the tests were passed and there is not any error. But there is not any banjax.so file . And when I installed it from source there is an error , how can I fix it ?
OS : Centos
ATS version : 8.0.8
Error :
[ 19%] Building CXX object CMakeFiles/banjax_static.dir/src/banjax.cpp.o
/opt/banjax/src/banjax.cpp:13:10: fatal error: ts/ts.h: No such file or directory
#include <ts/ts.h>
^~~~~~~~~
compilation terminated.
make[2]: *** [CMakeFiles/banjax_static.dir/src/banjax.cpp.o] Error 1
make[1]: *** [CMakeFiles/banjax_static.dir/all] Error 2
make: *** [all] Error 2

[joelanders]

Hi! Thanks for the interest. You just have to install the ATS dev headers to fix your current problem, but I feel like I should warn you this plugin is going away soon (we're moving to an Nginx-based setup).

[Samirarahiqi]

Hi! Thanks for the interest. You just have to install the ATS dev headers to fix your current problem, but I feel like I should warn you this plugin is going away soon (we're moving to an Nginx-based setup).

Hi. Thanks for your guide . But I have installed ATS dev headers on ATS. Did you mean as below ?! Can you explain it more ?
apt-get install build-essential git libzmq-dev unzip automake libtool pkg-config libssl-dev libboost-dev

[joelanders]

I think you need to apt-get install trafficserver-dev since that's where "ts.h" comes from.

[Samirarahiqi]

I think you need to apt-get install trafficserver-dev since that's where "ts.h" comes from.

So if I want to install it on Centos, should I do as: "yum install trafficserver-devel-7"?!

[joelanders]

Well that sounds like it will provide the headers for ATS 7.x and you said earlier you're on 8.x.

[joelanders]

Talking with a colleague just now, it sounds like we've never tried to use this plugin with ATS 8.x, so I really think this won't be worth your time :/.

[Samirarahiqi]

Talking with a colleague just now, it sounds like we've never tried to use this plugin with ATS 8.x, so I really think this won't be worth your time :/.

Is there an alternative that can prevent DDOS attacks on ATS servers?

[joelanders]

Have you seen fail2ban?

[Samirarahiqi]

Have you seen fail2ban?

Yes. But I want to use a safer method.

[joelanders]

Which features specifically are you looking for? Pretty much all Banjax does is:

• You specify some regexes and rate limits. If some IP goes over the rate-limit, they get banned. But you'd have to set up this other Swabber tool of ours that does the iptables stuff.
• You can turn on one of a few kinds of "challenges": a sha-inverse proof-of work thing (users will see a "please wait" page while their browser runs some javascript), a password challenge, or a captcha.

[joelanders]

So if you want the first thing (the regex rate-limiting banning thing), I think that's pretty much what fail2ban does.

I'm not sure of an ATS plugin that does the second thing (the captchas + sha-inverse proof-of-work page).

[joelanders]

https://github.com/crowdsecurity
^ I don't know anything about this project and have never used it, but it might be worth a look?