Mod_evasive tracks the number of requests at the apache webserver and blocks the delivery in case that a certain limit has been reached. This way you can prevent DOS attacks. DDoS attacks are not really prevented with this module, it might help a little bit, but it’s not a full prevention.
apt-get install libapache2-mod-evasive
To log this stuff, run:
mkdir -p /var/log/apache2/evasive chown -R www-data:root /var/log/apache2/evasive
Now edit the config
vi /etc/apache2/mods-available/mod-evasive.load
Make it look like this:
LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 5 DOSSiteInterval 1 DOSBlockingPeriod 10 DOSLogDir "/var/log/apache2/evasive" </IfModule>
Now restart apache and you’re good to go!