{"id":15787,"date":"2023-05-09T21:59:27","date_gmt":"2023-05-09T21:59:27","guid":{"rendered":"https:\/\/webhostinggeeks.com\/howto\/?p=15787"},"modified":"2023-06-21T08:47:46","modified_gmt":"2023-06-21T08:47:46","slug":"how-to-install-mod_evasive-apache-module","status":"publish","type":"post","link":"https:\/\/webhostinggeeks.com\/howto\/how-to-install-mod_evasive-apache-module\/","title":{"rendered":"How to Install mod_evasive Apache Module"},"content":{"rendered":"

\"protected<\/p>\n

The mod_evasive Apache module is used to protect web servers<\/a> against DDoS attacks<\/a> and other brute-force attacks. It helps to prevent excessive requests from a single IP address or user agent.<\/p>\n

Let’s say you have a web application running on your Apache web server<\/a>, and a hacker decides to launch a DDoS attack against your server. The attacker uses a botnet of thousands of computers to send a flood of requests to your web application, overwhelming your server and causing it to crash.<\/p>\n

With mod_evasive installed and configured, your web server<\/a> can detect the flood of requests and block the offending IP addresses. The DOSPageCount and DOSSiteCount parameters set in the configuration file determine the maximum number of requests allowed from a single IP address or user agent within a certain time interval. If the number of requests exceeds this limit, mod_evasive will block the IP address or user agent for a period of time specified by the DOSBlockingPeriod parameter.<\/p>\n

For example, you have set the DOSPageCount to 10 and the DOSSiteCount to 100, which means that no more than 10 requests can be made from a single page and no more than 100 requests can be made from a single site within a 1-second interval. If an IP address or user agent exceeds this limit, mod_evasive will block it for 10 seconds (as specified by the DOSBlockingPeriod parameter).<\/p>\n

In this way, mod_evasive can effectively prevent DDoS attacks and other brute-force attacks by limiting the number of requests from a single IP address or user agent within a certain time interval.<\/p>\n

In this short tutorial, I will teach you the steps to install mod_evasive on an Apache web server.<\/p>\n

Step 1: Install the Apache Development Libraries<\/h2>\n

To install mod_evasive, you need to first install the Apache development libraries. You can do this by using the following command:<\/p>\n

\r\nsudo yum install httpd-devel\r\n<\/pre>\n
This will install the required development libraries for Apache.<\/p>\n
Step 2: Download mod_evasive<\/h2>\n
The next step is to download mod_evasive from the official website. You can download the latest version of mod_evasive by using the following command:<\/p>\n
\r\nwget https:\/\/github.com\/apache\/httpd\/archive\/refs\/tags\/2.4.51.tar.gz\r\n<\/pre>\n
This will download the latest version of mod_evasive as a compressed file.<\/p>\n
Step 3: Extract mod_evasive<\/h2>\n
Once the mod_evasive file is downloaded, you can extract it using the following command:<\/p>\n
\r\ntar -xzvf 2.4.51.tar.gz\r\n<\/pre>\n
This will extract the mod_evasive files to a new directory called “httpd-2.4.51”.<\/p>\n
Step 4: Build and Install mod_evasive<\/h2>\n
To build and install mod_evasive, you need to navigate to the “mod_evasive” directory inside the extracted “httpd-2.4.51” directory. You can do this by using the following command:<\/p>\n
\r\ncd httpd-2.4.51\/modules\/filters\r\n<\/pre>\n
Once you are inside the “filters” directory, you can build and install mod_evasive using the following commands:<\/p>\n
\r\nsudo apxs -i -c -I \/usr\/include\/libxml2\/ mod_evasive20.c\r\n<\/pre>\n
This will build and install mod_evasive on your Apache web server.<\/p>\n
Step 5: Configure mod_evasive<\/h2>\n
After installing mod_evasive, you need to configure it by editing the Apache configuration file. You can open the Apache configuration file using the following command:<\/p>\n
\r\nsudo vi \/etc\/httpd\/conf\/httpd.conf\r\n<\/pre>\n
Inside the configuration file, you need to add the following lines at the end of the file:<\/p>\n
\r\nLoadModule evasive_module modules\/mod_evasive20.so\r\nDOSHashTableSize 3097\r\nDOSPageCount 10\r\nDOSSiteCount 100\r\nDOSPageInterval 1\r\nDOSSiteInterval 1\r\nDOSBlockingPeriod 10\r\nDOSLogDir \"\/var\/log\/httpd\/mod_evasive\"\r\n<\/pre>\n
These lines will load the mod_evasive module and set the necessary parameters to protect your web server against DDoS attacks.<\/p>\n
Step 6: Restart Apache<\/h2>\n
After configuring mod_evasive, you need to restart Apache to apply the changes. You can do this by using the following command:<\/p>\n
\r\nsudo service httpd restart\r\n<\/pre>\n
This will restart Apache with the mod_evasive module enabled.<\/p>\n
Commands Mentioned:<\/h2>\n