The following guide explains the installation of the apache module "mod_evasive". Mod_evasive tracks the number of requests of files at the apache webserver and blocks the delivery in case that a certain limit has been reached.
Installation
apt-get install libapache2-mod-evasive
Create the log directory for mod_evasive
mkdir -p /var/log/apache2/evasive
chown -R www-data:root /var/log/apache2/evasive
Now we add the configuration for the module at the end of the file /etc/apache2/mods-available/mod-evasive.load
vi /etc/apache2/mods-available/mod-evasive.load
so that it looks like this:
LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 5
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSLogDir "/var/log/apache2/evasive"
</IfModule>
and restart apache:
/etc/init.d/apache2 restart
You should tweak the config file settings. Your settings blocked me when I navigated ISPConfig too quickly.
Here’s my working (Google Bot safe one):
LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
DOSHashTableSize 2048
DOSPageCount 10
DOSSiteCount 200
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 10
DOSCloseSocket On
DOSLogDir “/var/log/apache2/evasive”
DOSEmailNotify [email protected]
Robe, I tried to use the DOSCloseSocket On and apache2 did not like it.
Ohh the solution the Robert, cause error in Apache2 , not start , i need delete the DOSCloseSocket , has mentioned Juann
Following config seems to be optimal:
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 120
DOSPageInterval 1.5
DOSSiteInterval 1.5
DOSBlockingPeriod 10
#DOSCloseSocket On -> Causing apache not to start
This is a bad configuration. You will block everyone that, for example, views an image gallery or just hits reload once in 5 seconds. Additionaly, you should not add configuration options to mod-evasive.load, but create a mod-evasive.conf instead.
Here’s a setup that should protect any site without confusing users:
DOSHashTableSize 2048
DOSPageCount 20
DOSSiteCount 300
DOSPageInterval 1.0
DOSSiteInterval 1.0
DOSBlockingPeriod 10.0
# DOSCloseSocket On
DOSLogDir /var/lock/mod_evasive
Hi – for Debian 8.1, the configuration file was named evasive.load – creating the mod-evasive.load file would have no effect on the config.
Thanks for the tutorial.
is this works on Debian 8 apache 2