Let us look at how to Configure mod_evasive with the support of our Apache hosting support at Bobcares.

What is mod_evasive?

mod_evasive is an Apache module that aids in server defense against brute force and denial of service assaults. Setting up mod_evasive provides us with a safety net to capture malicious players before they degrade server performance.

The module has numerous configuration settings that allow us to specify how many concurrent queries a client may make in a certain interval. After the limit is reached, more requests will be prevented for a period of time.

How to configure and Install mod_evasive to protect Against DoS and DDoS:?

The methods for installing mod_evasive to guard against DOS and DDOS are as follows.

1. Requirements to Configure mod_evasive:

   Firstly, We must install the requirements. Run the following command on the terminal.

   For Debian/Ubuntu follow the command given below:

   sudo apt-get update

   sudo apt-get install apache2-utils

   For CentOS / Fedora:

   sudo yum update

   sudo yum install httpd-devel

2. Install mod_evasive:

   To install mod_evasive, use the following command.

   For Debian / Ubuntu:

   sudo apt-get install libapache2-mod-evasive

   For CentOS / Fedora:

   sudo yum install mod_evasive

3. Configure mod_evasive:

   After that, in a text editor, open the mod_evasive configuration file.

   For Debian/Ubuntu:

   sudo vi /etc/apache2/mods-enabled/evasive.conf

   CentOS / Fedora:

   sudo vi /etc/httpd/conf.d/mod_evasive.conf

   In a text editor, open the mod_evasive configuration file.

   DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSEmailNotify mail@yourdomain.com
DOSLogDir "/var/log/apache2/"

   Change the email against DOSEmailNotify to the email id so that we are alerted automatically if the website is attacked.

4. Restart Apache Server:

   To make the modifications take effect, restart the Apache web server.

   For Debian / Ubuntu:

   sudo systemctl reload apache2

   For CentOS / Fedora:

   sudo systemctl restart httpd.service

5. Check to see whether mod_evasive is working:

   Finally, Mod_evasive’s creators have given a test.pl script for testing. It will be held at:

   /usr/share/doc/libapache2-mod-evasive/examples/test.pl

   Use the following command to run the script:

   perl /usr/share/doc/libapache2-mod-evasive/examples/test.pl

   The output should look like this:

   HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden

test.pl simply mimics a web server security attack and returns the result. The 403 response code in the preceding lines indicates that access to harmful request patterns has been blocked.

[Need assistance with similar queries? We are here to help]

Conclusion

To sum up we have now seen how to configure mod_evasive with the support of our tech support team.