Mod_Evasive – mod_evasive is an evasive maneuvers module for Apache that provides evasive action in the event of an HTTP DoS attack or brute force attack. It is also designed to be a detection and network management tool and can be easily configured to talk to ipchains, firewalls, routers, and more.
Download the latest source file from http://www.zdziarski.com
cd /usr/local/src/
wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
tar -xvzf mod_evasive_1.10.1.tar.gz
cd mod_evasive/
We also have cPanel running on this box, so, to install, we run the following:
/usr/local/apache/bin/apxs -i -a -c mod_evasive20.c
Now, that will create an entry in the httpd.conf file, and, if we want to retain that after an upgrade/rebuild, we need to tell cPanel not to take it out! Do do this, we now run this:
/usr/local/cpanel/bin/apache_conf_distiller –update
Now, to change the settings for mod_evasive, we need to add them in some place. All we have done so far, is install the actually module into apache, and, even with a restart, it would not be using it. So, I like to add things into my includes files through either WHM, or, directly through the terminal. To do this, we run the following:
vim /usr/local/apache/conf/includes/post_virtualhost_2.conf
Once the file is open, lets add in the following lines to the bottom of the file:
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 3600
DOSEmailNotify root
No comments:
Post a Comment