Pages

Search result

Jumat, 19 November 2010

Apache DDOS protection

Apache is most a popular web server in the world, also in my company apache is already running on some web servers. Today I've found a module that can protecting apache from DDOS attack, and in internet they called as mod_evasive, please see below:


"mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities."

And how to install mod_evasive on cpanel:
How to install?

How to install?

$ wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
$ tar -zxvf mod_evasive_1.10.1.tar.gz
$ sudo /usr/local/apache/bin/apxs -iac mod_evasive20.c
$ sudo /usr/local/cpanel/bin/apache_conf_distiller --update

Edit /usr/local/apache/conf/includes/post_virtualhost_2.conf

$ vi /usr/local/apache/conf/includes/post_virtualhost_2.conf

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSEmailNotify admin@me.com
DOSSystemCommand "su - root -c '/sbin/iptables -A INPUT -s %s -j DROP'"
DOSLogDir "/var/lock/mod_evasive"
</IfModule>

Restart apache service
$ sudo /etc/init.d/httpd restart

Done :)

Tidak ada komentar:

Posting Komentar