Are you having DDoS issues? You should try – mod_evansive. “mod_evasive” is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It looks pretty efficient to prevent normal DDoS attacks. Please follow the below steps to install mod_evasive.
Go to the “/opt” directory, download the latest “mod_evasive” source, and extract it.
cd /opt wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz tar -xvf mod_evasive_1.10.1.tar.gz cd mod_evasive
We are going to compile the “mod_evasive” module with Apache with the “apxs” tool. “apxs” is a tool that came with the “httpd-devel” package. The first step is to check if you have the “httpd-devel” package.
rpm -qa | grep httpd-devel
You probably won’t get any results, and that means you don’t have that package. If you don’t have one, please follow the below steps to install it on your server.
yum install httpd-devel
After installing httpd-devel, run the below command to compile the “mod_evasive” with Apache.
apxs -cia mod_evasive20.c
Add the following rules at the end of /etc/httpd/conf/httpd.conf:
DOSHashTableSize 3097 DOSPageCount 6 DOSSiteCount 100 DOSPageInterval 2 DOSSiteInterval 2 DOSBlockingPeriod 600
You can customize the rules given above according to your need and requirements. Now restart Apache to update the changes.
So that’s how you install mod_evasive.