To protect the server from the DoS/DDoS attack and brute force attack the Mod_evasive is used because its majoring the Apache concurrent connection and restrict it as per value defined in the Mod_evasive.
Refer to the following steps to install the Mod_evasive but make sure that you have logged in as a root user.
cd /usr/local/src
wget http://theperfectarts.com/software/mod_evasive_1.10.1.tar.gz
tar xvfz mod_ev*
cd mod_evasive*
CPANEL & Apache 1
/usr/local/apache/bin/apxs -i -a -c mod_evasive.c
/etc/init.d/httpd restart
CPANEL & Apache 2
/usr/local/apache/bin/apxs -i -a -c mod_evasive20.c
/etc/init.d/httpd restart
PLESK & Apache 1
/usr/sbin/apxs -i -a -c mod_evasive.c
/etc/init.d/httpd restart
PLESK & Apache 2
/usr/sbin/apxs -i -a -c mod_evasive20.c
/etc/rc.d/init.d/httpd restart
To create the default mod_evasive settings add the following in the server main Apache configuration “httpd.conf”.
<IfModule mod_evasive>DOSHashTableSize 3097DOSPageCount 2DOSSiteCount 50DOSPageInterval 1DOSSiteInterval 1DOSBlockingPeriod 10</IfModule>
You can adjust the above settings as per your requirement but make sure that you have taken the working Apache (httpd.conf) main configuration backup before making any changes.
DOSHashTableSize : - This is Size for the hash table used to store the IPs address.
DOSPageCount : - Its used for number of pages allowed per DOSPageInterval.
DOSSiteCount : - The number of objects allowed per DOSSiteInterval.
DOSPageInterval : - The time is in seconds used by DOSPageCount.
DOSSiteInterval : - The Time is in seconds used by DOSSiteCount.
DOSBlockingPeriod : - The Time is in seconds that IPs will be banned in the firewall. If an IP tries to access the server within this period, the count will be restarted.
