Mod_Evasive will help to stop basic attacks on a server (HTTP, DDoS attack and brute force attack). Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from any of the following:
-Requesting the same page more than a few times per second
-Making more than 50 concurrent requests on the same child per second
-Making any requests while temporarily blacklisted (on a blocking list)
Login to your server, on command line:
/usr/local/src
wget http://www.nuclearelephant.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
tar -zxvf mod_evasive_1.10.1.tar.gz
cd mod_evasive
If you are using apache 1.3.x :
/usr/local/apache/bin/apxs -cia mod_evasive.c
And add this to httpd.conf:
Code:
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
If you are using apache 2.0.x :
/usr/sbin/apxs -cia mod_evasive20.c
Add this to httpd.conf:
Code:
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
Restart apache and the installation should be complete.
/etc/init.d/httpd restart
No comments:
Post a Comment