Prevent DOS Attack on Apache2 Webserver on Debian Squeeze Server with mod_evasive

Oct/11

This Was Posted 204 days ago by admin under Apache2, Security

In the following tutorial i will explain the installation of the apache2 module “mod_evasive“.
Mod_evasive tracks the number of requests for files on the Apache2 server and blocks the delivery in case a certain limit is reached.

Step1. Install mod_evasive module:

apt-get install libapache2-mod-evasive

Step2. Create the log directory for mod_evasive:

mkdir -p /var/log/apache2/evasive

NOTE: Make sure the www-data user will have access to create logs:

chown -R www-data:root /var/log/apache2/evasive

Step3. Now edit the configuration file for the module 0 located in /etc/apache2/mods-available/mod-evasive.load like this:

vim /etc/apache2/mods-available/mod-evasive.load

After edit the file will look like this:

LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
 <IfModule  mod_evasive20.c>
 DOSHashTableSize 3097
 DOSPageCount 5
 DOSSiteCount 120
 DOSPageInterval 1.5
 DOSSiteInterval 1.5
 DOSBlockingPeriod 10
 DOSLogDir "/var/log/apache2/evasive"
 </IfModule>

This config seems to be optimal for me.

Step4. Enable the module and restart apache:

a2enmod mod-evasive
 /etc/init.d/apache2 restart

Tags: apache2, attack, Debian Squeeze, DOS, mod_evasive

RSS feed for this post (comments)

Page 1 of 0

↑ Back to Top

Prevent DOS Attack on Apache2 Webserver on Debian Squeeze Server with mod_evasive

Leave a Reply

Social Media

Categories

Recent Comments

Links