Mod_evasive is an Apache module designed to prevent Denial of service attacks by monitoring traffic and blocking IP addresses when an attacks is detected.
Installing mod_evasive
First thing you must do is download mod_evasive source code from http://www.zdziarski.com/projects/mod_evasive/. After downloading the package you have to extract it using tar zvxf mod_evasive_1.10.1.tar.gz. After you have unpacked the files you are almost ready to compile mod_evasive, but you must have 2 dependencies installed (apache2-devel and apache2-prefork). If you already have these dependencies installed or have finished installing them compile mod_evasive20.c file. For Apache 2.0 use /usr/local/apache/bin/apxs -i -a -c mod_evasive20.c and for 1.3 /usr/local/apache/bin/apxs -i -a -c mod_evasive.c. If your Apache is not located at /usr/local/apache/bin/apxs replace it with path your Apache directory.
Next thing you must do is enable mod_evasive whenever Apache is started, for that locate etc/sysconfig/apache2 and add mod_evasive20 to APACHE_MODULES if you are using Apache 2.0, just mod_evasive in case you are using Apache 1.3. Once you have done that create file mod_evasive.conf to your Apache directory with following content:
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
</IfModule>
That’s the most common mod_evasive configuration. You don’t probably need to change any of the configuration values. If you are installing mod_evasive to Apache 1.3 replace the <IfModule mod_evasive20.c> with <IfModule mod_evasive.c>. Now restart Apache webserver for the changes to take effect and mod_evasive to activate
0 comments ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment