Install some necessary mod for Apache

 

Install some necessary mod for Apache

PS:
Apache powerful points out that it is convenient plug-ins and module technologies. Some of the modules installed here are not commonly used but very good, including mod_evasive, which prevents server attacks, mod_security for security protection such as injection prevention, and mod_deflate for web page compression.

 

Module:Mod_evasive
Role: Prevent DDoS attacks
Introduction: The predecessor of the mod_evasive module is mod_dosevasive.
Download: http://www.nuclearelephant.com/projects/mod_evasive

Install
# Tar zxvf mod_evasive_1.10.1.tar.gz
# Cd mod_evasive_1.10.1
#/Usr/local/Apache/bin/apxs-I-a-c mod_evasive20.c

Open the httpd. conf file
Check whether
Loadmodule evasive20_module modules/mod_evasive+so
If not, add it.

And add it to httpd. conf.
#################################

Doshashtablesize 3097
Dospagecount 2
Dossitecount 50
Dospageinterval 1
Dossiteinterval 1
Dosblockingperiod 10

###################################

 

 

Module:Mod_security
Role: enhances Apache Security, especially in anti-SQL injection.
Download: http://www.modsecurity.org/download/

Install
# Tar zxvf modsecurity-apache-1.9.tar.gz
# Cd modsecurity-apache-1.9/apache2/
#/Apache2/bin/apxs-CIA mod_security.c

Open the httpd. conf file
Check whether
Loadmodule security_module modules/mod_security.so
If not, add it.

And add it to httpd. conf.
#################################

Secfilterengine on
Secfiltercheckurlencoding on
Secfilterdefaultaction "Deny, log, status: 500"
# Secfilterforcebyterange 32 126.
# Secfilterscanpost on
Secauditlog logs/audit_log
###
Secfilter "/././"
#####
Secfilter/etc/* passwd
Secfilter/bin/* Sh

# For CSS attack
Secfilter "<(|) * script"
Secfilter "<(. |) +>"
# For SQL attack
Secfilter "Delete [] + from"
Secfilter "insert [] +"
Secfilter "Select. + from"
Secfilter "Union [] + from"
Secfilter "drop []"

###############################

 

Module:Mod_deflate
Purpose: compress webpages to speed up Web browsing
Download: apache2 comes

Install
#/Usr/local/apache2/bin/apxs-I-a-c/root/httpd-2.0.48/modules/filters/mod_deflate.c

Check whether
Loadmodule deflate_module modules/mod_deflate.so
If not, add it.

Edit the httpd. conf file and add the following content:
######################################
Deflatefilternote Ratio
Logformat' "% v % H % L % u % t" % R "%> S % B" % {Referer} I "" % {User-Agent} I ""( % {ratio} n) 'deflate

 

Setoutputfilter deflate
Browsermatch ^ Mozilla/4 gzip-only-text/html
Browsermatch ^ Mozilla/4.0 [678] No-Gzip
Browsermatch/bmsie! No-gzip! Gzip-only-text/html
Setenvifnocase request_uri /.(? : GIF | jpe? G | PNG) $ no-gzip dont-vary
# Header append vary User-Agent Env =! Dont-vary

# Search for the original line commented by customlog and change it
Customlog logs/deflate_log deflate
######################################

 

######################################
Setoutputfilter deflate
Browsermatch ^ Mozilla/4 gzip-only-text/html
Browsermatch ^ Mozilla/4.0 [678] No-Gzip
Browsermatch/bmsie! No-gzip! Gzip-only-text/html
Setenvifnocase request_uri /.(? : GIF | jpe? G | PNG) $ no-gzip dont-vary
# Header append vary User-Agent Env =! Dont-vary

# Search for the original line commented by customlog and change it
Customlog logs/deflate_log deflate
######################################

 

######################################