Apache防止DDoS攻擊模組 - mod_evasive
Posted by : hugo5688 at 12:28 in Linux | Total 1,358 Views
WHAT IS MOD_EVASIVE ?
mod_evasive is an evasive maneuvers module for Apache to provide evasive
action in the event of an HTTP DoS or DDoS attack or brute force attack. It
is also designed to be a detection tool, and can be easily configured to talk
to ipchains, firewalls, routers, and etcetera.
Download:http://www.zdziarski.com/projects/mod_evasive/
OS:RedHat 9
$tar zxvf mod_evasive_1.10.1.tar.gz
$cd mod_evasive
$/usr/sbin/apxs -i -a -c mod_evasive20.c
if can’t find apxs pls install httpd-devel-2.0.40-21.i386.rpm
$vi /etc/httpd/conf/httpd.conf
#add to the httpd.conf file
LoadModule evasive20_module /usr/lib/httpd/modules/mod_evasive20.so
<IfModule evasive20_module>
DOSHashTableSize 3097
DOSPageCount 3
DOSSiteCount 40
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 10
</IfModule>
$service httpd restart
how 2 test? Run test.pl, and view the response codes.
