For an extra protection for your apache web server you cand install the “mod evasive” apache module.

How to do it? Simple, just follow the steps below:

  • Download it from http://club3d.ro/mod_evasive_1.10.1.tar.gz
  • Unpack and compile module
  • tar zxvf mod_evasive_1.10.1.tar.gz; cd mod_evasive; /usr/sbin/apxs -i -a -c mod_evasive20.c

Your module has been compiled and installed and your httpd.conf file was modified.

You can create a configuration file for your mod_evasive module: mod_evasive.conf and place it in /etc/httpd/conf.d/

I am using csf firewall so I’m blocking the abusive ips using csf.

Your /var/log/httpd/mod_evasive directory should be writeable by your web server user/group (nobody in my case).

You also have to add the following lines to your /etc/sudoers file:

Defaults !requiretty
nobody ALL=NOPASSWD: ALL

Don’t forget to restart your apache web server!

To check that the module works open your web server default page as many times as possible. It will trigger the mod_evasive protection and your ip will be blocked.

BE CAREFUL: If you’re testing this on a remote server, if you get blocked by mod_evasive, you will be blocked from the server’s firewall so your connection to the server is lost for the next 5 minutes!

Share.

About Author

I am a linux passionate and currently working as a Linux Senior System Administrator. I also am a freelancer and help people to complete different jobs. You can hire me on Freelancer.com

No Comments

  1. nu exista asa ceva ca ” extra protectie ” , sistemele sunt din ce in ce mai vulnerabile , fie ca vbim de unix sau windows , in particular linuxul , acum 10 ani bruteforce-ul era principala problema de securitate , acum sunt o multitudine de vulnerabilitati , si brese

  2. atata timp cat sunt facute de om, tot omul le si exploateaza… ideea e sa incerci sa te protejezi cat mai bine si sa fii la curent cu tot ce se intampla… si cam asta e

Leave A Reply