How to enable mod_evasive with Apache on Linux Cloud Servers

2020-09-03 By Mark 12353 Views linux apache mod_evasive security development
48 reviews

Mod_evasive is a module for Apache that automatically detects an HTTP DDOS attack or brute force attack. Mod_evasive can log and report abuse and notify problems via email. Before enabling this module, the server must be installed with LAMP.


This guide outlines the basic steps to enable mod_evasive on different Linux distributions.


To enable mod_evasive on CentOS / Fedora


  1. Install httpd-devel with the below command.

    # yum install httpd-devel
    

    modevasive1

  2. Install the epel-release repository by using the below command.

    # wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
    
    # rpm -ivh epel-release-latest-7.noarch.rpm
    

    modevasive2

  3. Now proceed with the installation of mod_evasive with the below command.

    # yum install mod_evasive
    

    modevasive3

  4. Open the configuration file /etc/httpd/conf.d/mod_evasive.conf in any editor and search for the DOSEmailNotify. Once it is found, remove the # sign, then replace the mail address.

    Include conf.modules.d/*.conf
    

    modevasive4

    modevasive5

    NOTE: Replace the mail address with the original mail address.


    Also, remove the comment tag from the following entries and save the file, and exit.

    DOSHashTableSize 3097
    DOSPageCount 2
    DOSSiteCount 50
    DOSPageInterval 1
    DOSSiteInterval 1
    DOSBlockingPeriod 10
    DOSLogDir  "/var/lock/mod_evasive"
    
  5. Reload the Apache with the below command.

    # service httpd restart
    

    modevasive6

  6. Make sure with the below command that the module is loaded into Apache.

    # httpd -M | grep evasive
    

    modevasive7


To enable mod_evasive on Ubuntu / Debian


  1. Update the server with the below command.

    # apt update
    

    modevasive8

  2. Install apache2-utils by using the below command.

    # apt install apache2-utils
    

    modevasive9

  3. To install the mod_evasive module on Debian / Ubuntu, run the below command and select Ok and choose your configuration.

    # apt install libapache2-mod-evasive
    

    modevasive10

    modevasive11


    If unsure, select No configuration or Local only.

    modevasive12


    Open the configuration file /etc/apache2/mods-enabled/evasive.conf in an editor and Remove the comment tag from the following entries and save the file and exit.

    # vi /etc/apache2/mods-enabled/evasive.conf
    


    DOSHashTableSize 3097
    DOSPageCount 2
    DOSSiteCount 50
    DOSPageInterval 1
    DOSSiteInterval 1
    DOSBlockingPeriod 10
    DOSLogDir  "/var/lock/mod_evasive"
    DOSEmailNotify  [email protected]
    

    modevasive13

    NOTE: Replace the mail address with the original mail address.

  4. Reload the Apache with the below command.

    # service apache2 start
    

    modevasive14

  5. Make sure with the below command that the module is loaded into Apache.

    # apache2ctl -M | grep evasive
    

    modevasive15


Related Tutorials

What do you think about this article?

Rate this article
LayerStack Promotion
Need assistance?

Try this guide to receive free bundled services at signup on a new free account.

Sign Up

Your Feedback Is Important

We hope you’ll give the new products and updates a try. If you have an idea for improving our products or want to vote on other user ideas so they get prioritized, please submit your feedback on our Community platform. And if you have any questions, please feel free to ask in the Community or contact our Technical Support team.