How to mod_evasive Ubuntu 9.04

Mod_evasive is an Apache module designed to protect Apache against DOS or brute force attacks.

What is mod_evasive?

mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.

Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from any of the following:

  • Requesting the same page more than a few times per second
  • Making more than 50 concurrent requests on the same child per second
  • Making any requests while temporarily blacklisted (on a blocking list)

Installing mod_evasive is disappointingly easy in Ubuntu 9.04 :

sudo apt-get install libapache2-mod-evasive

That is all there is to it.

How to test that it works ? Simply open any browser, got to your server’s home page, and click the reload button as fast as you can.

This entry was posted in Linux. Bookmark the permalink.

5 Responses to How to mod_evasive Ubuntu 9.04

  1. Pingback: linkfeedr » Blog Archive » Bodhi.Zazen: How to mod_evasive Ubuntu 9.04 - RSS Indexer (beta)

  2. Pingback: Shadows of epiphany » Blog Archive » How to mod_evasive Ubuntu 9.04 | Linux Affinity

  3. Pingback: Apache DoS攻撃対策 mod_evasiveインストール | Satake Studio Developer's Blog

  4. siropio says:

    How to customize mod_evasive?
    Where i canfind the configuration file?

  5. Heretic says:

    Thank you for great info sharing! :)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>