The following guide explains the installation of the apache module "mod_evasive". Mod_evasive tracks the number of requests of files at the apache webserver and blocks the delivery in case that a certain limit has been reached.

Installation

apt-get install libapache2-mod-evasive

Create the log directory for mod_evasive

mkdir -p /var/log/apache2/evasive
chown -R www-data:root /var/log/apache2/evasive

Now we add the configuration for the module at the end of the file /etc/apache2/mods-available/mod-evasive.load

vi /etc/apache2/mods-available/mod-evasive.load

so that it looks like this:

LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 5
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSLogDir "/var/log/apache2/evasive"
</IfModule>

and restart apache:

/etc/init.d/apache2 restart

Facebooktwittergoogle_plusredditlinkedinmail
Tagged on:

6 thoughts on “Prevent DOS attacks on apache webserver for DEBIAN linux with mod_evasive

Leave a Reply

Your email address will not be published. Required fields are marked *