Apache Ddos protection module mod_evasive

mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.


# wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
# tar zxvf mod_evasive_1.10.1.tar.gz
# cd mod_evasive
# /usr/sbin/apxs -i -a -c mod_evasive20.c

# vi /etc/httpd/conf/httpd.conf
<IfModule mod_evasive20.c>
    DOSHashTableSize    3097  // Default hash table size
    DOSPageCount        5       // Default maximum page hit count per interval
    DOSSiteCount        50       // Default maximum site hit count per interval
    DOSPageInterval     1        // Default 1 Second page interval
    DOSSiteInterval     1         // Default 1 Second site interval
    DOSBlockingPeriod   360   // Default for Detected IPs; blocked for 360 seconds

mod_evasive official site here: http://www.zdziarski.com/blog/?page_id=442


- has written 121 posts.

Leave a Reply

You must be logged in to post a comment.