Install Mod_evasive


To protect the server from the DoS/DDoS attack and brute force attack the Mod_evasive is used because its majoring the Apache concurrent connection and restrict it as per value defined in the Mod_evasive.

Refer to the following steps to install the Mod_evasive but make sure that you have logged in as a root user.

cd /usr/local/src

wget http://theperfectarts.com/software/mod_evasive_1.10.1.tar.gz

tar xvfz mod_ev*

cd mod_evasive*

CPANEL & Apache 1

/usr/local/apache/bin/apxs -i -a -c mod_evasive.c

/etc/init.d/httpd restart

CPANEL & Apache 2

/usr/local/apache/bin/apxs -i -a -c mod_evasive20.c

/etc/init.d/httpd restart

PLESK & Apache 1

/usr/sbin/apxs -i -a -c mod_evasive.c

/etc/init.d/httpd restart

PLESK & Apache 2

/usr/sbin/apxs -i -a -c mod_evasive20.c

/etc/rc.d/init.d/httpd restart

To create the default mod_evasive settings add the following in the server main Apache configuration “httpd.conf”.


<IfModule mod_evasive>
DOSHashTableSize 3097 
DOSPageCount 2 
DOSSiteCount 50 
DOSPageInterval 1 
DOSSiteInterval 1 
DOSBlockingPeriod 10 
</IfModule>

You can adjust the above settings as per your requirement but make sure that you have taken the working Apache (httpd.conf) main configuration backup before making any changes.

DOSHashTableSize : - This is Size for the hash table used to store the IPs address.
DOSPageCount : - Its used for number of pages allowed per DOSPageInterval.
DOSSiteCount : - The number of objects allowed per DOSSiteInterval.
DOSPageInterval : - The time is in seconds used by DOSPageCount.
DOSSiteInterval : - The Time is in seconds used by DOSSiteCount.
DOSBlockingPeriod : - The Time is in seconds that IPs will be banned in the firewall. If an IP tries to access the server within this period, the count will be restarted.


About Anant 386 Articles
Senior technical writer