Prevent DDoS by using mod_evasive

“mod_evasive” is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. Please follow the below steps to install it in your server.

Go to “/opt” directory and download the latest the “mod_evasive” source and extract it.

cd /opt
wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
tar -xvf mod_evasive_1.10.1.tar.gz
cd mod_evasive

We are going to compile the “mod_evasive” module with Apache with “apxs” tool. “apxs” is a tool came with “httpd-devel” package. First step is to check if you have the “httpd-devel” package.

rpm -qa | grep httpd-devel

You probably won’t get any result and that means you don’t have that package. If you don’t have, please follow the below steps to install it in your server.

yum install httpd-devel

After installing httpd-devel, run the below command to compile the “mod_evasive”with Apache.

apxs -cia mod_evasive20.c

Add the following rules at the end of /etc/httpd/conf/httpd.conf:

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
</IfModule>

Now restart Apache to update the changes.

/etc/init.d/httpd restart

It will install and create all necessary configurations for “mod_evansive”.

Was this answer helpful?

 Print this Article

Also Read

How to increase numiptent limit?

You may got the following errors ( Most probably after enabling CSF ) The VPS iptables...

How to Secure PHP from php.ini

PHP's default configuration file, php.ini (usually found in /etc/php.ini on most Linux systems)...

How to Install Anti DDOS on Server

You can secure your server just by using this 4 Lines codes: First download install package...

How to Prevent DDOS with CSF

You just need to configure two csf directives, thats it. The two directives are PORTFLOOD and...

25 Most Frequently Used Linux IPTables Rules Examples

In the below examples we are using ETH0 as network interface, however if you are using our...