For an extra protection for your apache web server you cand install the “mod evasive” apache module.

How to do it? Simple, just follow the steps below:

  • Download it from http://club3d.ro/mod_evasive_1.10.1.tar.gz
  • Unpack and compile module
  • tar zxvf mod_evasive_1.10.1.tar.gz; cd mod_evasive; /usr/sbin/apxs -i -a -c mod_evasive20.c

Your module has been compiled and installed and your httpd.conf file was modified.

You can create a configuration file for your mod_evasive module: mod_evasive.conf and place it in /etc/httpd/conf.d/

I am using csf firewall so I’m blocking the abusive ips using csf.

Your /var/log/httpd/mod_evasive directory should be writeable by your web server user/group (nobody in my case).

You also have to add the following lines to your /etc/sudoers file:

Defaults !requiretty
nobody ALL=NOPASSWD: ALL

Don’t forget to restart your apache web server!

To check that the module works open your web server default page as many times as possible. It will trigger the mod_evasive protection and your ip will be blocked.

BE CAREFUL: If you’re testing this on a remote server, if you get blocked by mod_evasive, you will be blocked from the server’s firewall so your connection to the server is lost for the next 5 minutes!





Share.

About Author

I am a linux passionate and currently working as a Linux Senior System Administrator. I also am a freelancer and help people to complete different jobs. You can hire me on Freelancer.com