In the following tutorial  i will explain the installation of the apache2 module “mod_evasive“.
Mod_evasive tracks the number of requests for files on the Apache2  server and blocks the delivery in case a certain limit is reached.

Step1. Install mod_evasive module:

apt-get install libapache2-mod-evasive

Step2. Create the log directory for mod_evasive:

mkdir -p /var/log/apache2/evasive

NOTE: Make sure the www-data user will have access to create logs:

chown -R www-data:root /var/log/apache2/evasive

Step3. Now edit the configuration file for the module 0 located in /etc/apache2/mods-available/mod-evasive.load like this:

vim /etc/apache2/mods-available/mod-evasive.load

After edit the file will look  like this:

LoadModule evasive20_module /usr/lib/apache2/modules/
 <IfModule  mod_evasive20.c>
 DOSHashTableSize 3097
 DOSPageCount 5
 DOSSiteCount 120
 DOSPageInterval 1.5
 DOSSiteInterval 1.5
 DOSBlockingPeriod 10
 DOSLogDir "/var/log/apache2/evasive"

This config seems to be optimal for me.

Step4. Enable the module and restart apache:

a2enmod mod-evasive
 /etc/init.d/apache2 restart


What is mod_evasive?

mod_evasive is an evasive maneuvers module for Apache2 to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.


apt-get install libapache2-mod-evasive

Activate the mod_evasive module:

In the directory: / etc/apache2/mods-available / Debian Squeeze should already have directive to load the module. Or you just can use the following command:

a2enmod mod-evasive

The configuration:

Continue Reading…

Page 1 of 11