mod_evasive
Getting and installing on Apache2.0
Get it from http://www.zdziarski.com/projects/mod_evasive/Extract and run
apxs -a -i -c mod_evasive20.c
Configuring mod_evasive
httpd.conf
LoadModule evasive20_module modules/mod_evasive20.so
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2 # Number of requests for the same page per page interval
DOSSiteCount 50 # max num of requests per client per site interval
DOSPageInterval 1 # page interval
DOSSiteInterval 1 # site interval
DOSBlockingPeriod 10 # seconds to block (by returning 403)
DOSEmailNotify you@yourdomain.com
# DOSSystemCommand "su - someuser -c '/sbin/... %s ...'"
DOSLogDir "/var/log/httpd"
DOSWhitelist 1.2.3.*
DOSWhitelist 2.3.4.*
</IfModule>
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2 # Number of requests for the same page per page interval
DOSSiteCount 50 # max num of requests per client per site interval
DOSPageInterval 1 # page interval
DOSSiteInterval 1 # site interval
DOSBlockingPeriod 10 # seconds to block (by returning 403)
DOSEmailNotify you@yourdomain.com
# DOSSystemCommand "su - someuser -c '/sbin/... %s ...'"
DOSLogDir "/var/log/httpd"
DOSWhitelist 1.2.3.*
DOSWhitelist 2.3.4.*
</IfModule>
Testing
Testing can be done with ncfor i in `seq 1 50`; do echo "$i `curl --head http://localhost/phpinfo.php 2>/dev/null | head -1`" ; done
Then observe syslog and /var/log/httpd/dos-*. Client will be blocked with a HTTP403 error.
There are no comments on this page. [Add comment]