Prevent DDoS by using mod_evasive

“mod_evasive” is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. Please follow the below steps to install it in your server.

Go to “/opt” directory and download the latest the “mod_evasive” source and extract it.

cd /opt
wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
tar -xvf mod_evasive_1.10.1.tar.gz
cd mod_evasive

We are going to compile the “mod_evasive” module with Apache with “apxs” tool. “apxs” is a tool came with “httpd-devel” package. First step is to check if you have the “httpd-devel” package.

rpm -qa | grep httpd-devel

You probably won’t get any result and that means you don’t have that package. If you don’t have, please follow the below steps to install it in your server.

yum install httpd-devel

After installing httpd-devel, run the below command to compile the “mod_evasive”with Apache.

apxs -cia mod_evasive20.c

Add the following rules at the end of /etc/httpd/conf/httpd.conf:

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
</IfModule>

Now restart Apache to update the changes.

/etc/init.d/httpd restart

It will install and create all necessary configurations for “mod_evansive”.

Was this answer helpful?

 Print this Article

Also Read

25 Most Frequently Used Linux IPTables Rules Examples

In the below examples we are using ETH0 as network interface, however if you are using our...

How to install mod_security on Apache 2.x

What is mod_security or modsecurity? ModSecurity is an open source intrusion detection and...

what is eXploit Scanner (cxs)

eXploit Scanner (cxs) is a new tool from Configserver that performs active scanning of files as...

How to hide your PHP version information?

Like Apache, it is not good to expose your PHP information to the public. Please follow the below...

Preventing DDOS aplification open resolver attack

DDOS Attack  by open DNS resolver: Open dns resolver provides name resolution to any network...