Install, configure, and use the Apache anti-DDOS module mod_evasive in linux

Source: Internet
Author: User
The installation, configuration, and usage of the Apache anti-DDOS module mod_evasive were slow when a friend's website was accessed the previous day. The number of connections to the server was not large, and the resource usage was also small. if you suspect that there is an attack, install mod_evasive and try again. After the test, everything works properly. The installation configuration is as follows: wgethttp: www. zdziarski. comblogwp-contentuploads201002mod_e

Installation, configuration, and use of the Apache anti-DDOS module mod_evasive
The last few days, my friend's website was very slow to access, and the number of connections to the server was not large and the resource usage was small. If I suspected there was an attack, I wanted to install mod_evasive and try again. Everything went fine after the test.
The installation configuration is as follows:
Wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
Tar zxvf mod_evasive_1.10.1.tar.gz
CdMod_evasive
/Www/wdlinux/apache/bin/apxs-I-a-c mod_evasive20.c
Vi/www/wdlinux/apache/conf/Httpd. Conf

DuLe mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 360

Introduction to mod_evasive

Mod_evasive is a DDOS protection module for Apache (httpd) servers. For WEB servers, It is a better extension module to defend against DDOS attacks. Although it cannot completely defend against DDOS attacks, under certain conditions, it still slows down the load on Apache (httpd) servers. For example, using iptables, hardware firewalls, and other firewall devices together may have better results.
Official Address of mod_evasive:Http://www.zdziarski.com

Related Parameters
DOSHashTableSize 3097: defines the size of the hash table.
DOSSiteCount 50: Maximum number of concurrent connections allowed to the client.
DOSPageCount 2: The interval at which the client is allowed to access the same page.
DOSPageInterval 1: webpage access counter interval.
DOSSiteInterval 1: The interval between the full-site access counters.
DOSSiteInterval 60: The Access Denied time after the blacklist is added.
DOSEmailNotify xxxx@gmail.com: notifies administrators after an IP is blacklisted.
DOSSystemCommand"SuDo iptables-a input-s % s-j DROP ": system executed after the IP address is blacklistedCommand.
DOSLogDir "/tmp": the temporary directory of the lock mechanism.
DOSWhiteList 127.0.0.1: prevents IP addresses from being whitelisted.
Connection: http://www.wdlinux.cn/mod_evasive

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.