Protect your Apache from DDoS attack - mod_evasive

Submitted by hswong3i on Fri, 05/16/2008 - 16:31

DDoS attack (http://en.wikipedia.org/wiki/Denial-of-service_attack) is all around the Internet and no one can escape from it. What we can do is trying to protect ourself whenever happened. On the other hand, DDoS attack to Apache is also very common so what can we do for it? Let's try mod_evasive (http://www.zdziarski.com/projects/mod_evasive/).

The installation of mod_evasive under Debian is very simple:

apt-get install libapache2-mod-evasive

After install try this command and you will find that Debian have already active mod_evasive for us by default:

find /etc/apache2/ | xargs fgrep -nH evasive

So what we only need to do is restart the Apache and let mod_evasive active:

/etc/init.d/apache2 restart

For testing the effect of mod_evasive, you can try this command (you will have HTTP/1.1 302 Found at beginning but soon become HTTP/1.1 403 Forbidden):

perl /usr/share/doc/libapache2-mod-evasive/examples/test.pl

Bookmark/Search this post with:
  • Delicious
  • Digg
  • Reddit
  • Furl
  • Facebook
  • Google
  • Yahoo
  • Technorati
  • Icerocket

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <h1> <h2> <h3> <h4> <h5> <h6> <em> <strong> <code> <del> <blockquote> <q> <sub> <p> <br> <ul> <ol> <li> <dl> <dt> <dd> <a> <b> <u> <i> <sup> <acronym> <pre> <img>
  • Lines and paragraphs break automatically.
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.
  • Images can be added to this post.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.