Install And Configure mod_evasive With Apache

mod_evasive Apache
Written by Alex


Nowadays everyone from the IT field thinks about security. There are many tools in the market that provide web security. Someone provides a hardware firewall and another one provides software or online WAF services like Cloudflare, Foregenix but these are paid tools. So let’s talk about a free toll who can provide security for example DDoS attack. It’s a common attack performed by hackers. So we will install and configure mod_evasive with Apache which is used to Prevent Against DoS & DDoS attack.

Install And Configure mod_evasive With Apache

Install mod_evasive module

To install the mod_evasive module on RedHat / CentOS, enter the following:

sudo yum install mod_evasive

Configure mod_evasive

The mod_evasive module reads its configuration from /etc/httpd/conf.d/mod_evasive.conf. Which may be easily customized. Don’t need to create a separate configuration file. Because there are not any rules to update during a system upgrade.
The default mod_evasive.conf file has the subsequent directives enabled

<IfModule mod_evasive20.c>
    DOSHashTableSize    3097
    DOSPageCount        2
    DOSSiteCount        50
    DOSPageInterval     1
    DOSSiteInterval     1
    DOSBlockingPeriod   10

You can change these values according to the amount and type of traffic that your web server needs to handle.

a. DOSHashTableSize: This specifies how mod_evasive keeps track of who is accessing what. Increasing this number will provide a faster lookup of the web sites that the client has visited earlier.

b. DOSPageCount: This specifies how many identical requests to a specific URI a visitor can make over the DOS Page Interval interval.

c. DOSSiteCount: This is the same as DOSPageCount, but corresponds to how many requests overall a visitor can make to your website over the DOSS interval.

d. DOSBlockingPeriod: If a visitor exceeds the limits set by DOSSPageCount or DOSSiteCount, their IP would be blocked during the DOSBlockingPeriod amount of time. During this time, they will receive a 403 (Forbidden) error.

One of the most important configuration options you have to change is DOSEmailNotify. If this is enabled email will be sent to the specified email address when the IP address is blacklisted.

You can do it by editing the mod_evasive.conf file.

# sudo nano /etc/httpd/conf.d/mod_evasive.conf

Un-comment the DOSEmailNotify line by removing the # in front of the line, and change the email address to your own

DOSEmailNotify   [email protected]

Save and close the file and restart Apache to reflect the changes.

# sudo apachectl restart

Note: You need to have a functioning mail server on this server for this email alert to work.

In Conclusion

Now you are able to know that how to Install And Configure mod_evasive with Apache this module use to prevent against DoS & DDoS attack. For Apache, mod_security configuration use this link.

We hope you are like this article and this is useful for you. If you learn more about Linux, AWS Tips, and Tricks Please Bookmark this Website. We are Daily Publish New Article in this Website WWW.BPMTECHGURU.IN and all post on this website is practically tested and 100% Work if you have any Problem Please Drop a Comment we are trying to resolve your problem.

About the author


Leave a Comment