mod_evasive
Getting and installing on Apache2.0
Get it from
http://www.zdziarski.com/projects/mod_evasive/∞
Extract and run
apxs -a -i -c mod_evasive20.c
Configuring mod_evasive
LoadModule evasive20_module modules/mod_evasive20.so
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2 # Number of requests for the same page per page interval
DOSSiteCount 50 # max num of requests per client per site interval
DOSPageInterval 1 # page interval
DOSSiteInterval 1 # site interval
DOSBlockingPeriod 10 # seconds to block (by returning 403)
DOSEmailNotify you@yourdomain.com
# DOSSystemCommand "su - someuser -c '/sbin/... %s ...'"
DOSLogDir "/var/log/httpd"
DOSWhitelist 1.2.3.*
DOSWhitelist 2.3.4.*
</IfModule>
Testing
Testing can be done with nc
for i in `seq 1 100`; do echo "GET /" | nc 192.168.18.188 80; done
Then observe syslog and /var/log/httpd/dos-*. Client will be blocked with a HTTP403 error.
There are no comments on this page. [Add comment]