Preventing DOS attacks on apache with mod_evasive

Mod_evasive tracks the number of requests at the apache webserver and blocks the delivery in case that a certain limit has been reached. This way you can prevent DOS attacks. DDoS attacks are not really prevented with this module, it might help a little bit, but it’s not a full prevention.

apt-get install libapache2-mod-evasive

To log this stuff, run:

mkdir -p /var/log/apache2/evasive
chown -R www-data:root /var/log/apache2/evasive

Now edit the config

vi /etc/apache2/mods-available/mod-evasive.load

Make it look like this:

LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
<IfModule  mod_evasive20.c>
 DOSHashTableSize 3097
 DOSPageCount 2
 DOSSiteCount 50
 DOSPageInterval 5
 DOSSiteInterval 1
 DOSBlockingPeriod 10
 DOSLogDir "/var/log/apache2/evasive"

Now restart apache and you’re good to go!

Leave a Reply

Your email address will not be published.