Installing mod_evasive

mod_evasive is an apache module to protect the server against HTTP DoS or DDoS attack or brute force attack. Its a widely used module by sysadmins around the glob to mitigate ddos.

It is also designed to be a detection and network management tool, and can be easily configured to work along with ipchains, firewalls, routers, etc.

mod_evasive presently detects and reports via email and syslog facilities.

Before installing the module mod_evasive, make sure that you have installed apache/http in your server.

Debian / Ubuntu:

apt-get install apache2-utils

CentOS / Fedora:

yum install httpd-devel

You’ll first want to get the mod_evasive package, uncompress it, and install it using apxs:

cd /usr/src

wget wget

tar xzf mod_evasive_1.10.1.tar.gz

cd mod_evasive

apxs2 -cia mod_evasive20.c


You’ll then need to add the mod_evasive configuration to your Apache configuration file. First, find this section:

File:/etc/apache2/apache2.conf (Debian / Ubuntu)

# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf

File:/etc/httpd/conf/httpd.conf (CentOS / Fedora)

LoadModule evasive20_module /usr/lib/httpd/modules/ #

Below those sections, add the mod_evasive configuration:

File excerpt:mod_evasive configuration


<IfModule mod_evasive20.c>
DOSHashTableSize    3097
DOSPageCount        2
DOSSiteCount        50
DOSPageInterval     1
DOSSiteInterval     1
DOSBlockingPeriod   60

You’ll then need to restart Apache for your changes to take effect:

Debian / Ubuntu:

/etc/init.d/apache2 restart

CentOS / Fedora:

/etc/init.d/httpd restart




There are no revisions for this post.

Tags: , , ,

No comments yet.

Leave a Reply