Installing mod_evasive on cPanel and/or Apache
This guide details how to install mod_evasive on cPanel to help protect against DDOS attacks, brute force attacks and other irritants.
It uses an internal hash table of IPs and URLs and can temporarily block web requests to anyone requesting a large number of page views, or making many concurrent requests. Properly configured it can help evade DDOS attacks and keep your customers happy.
You can integrate it with iptables and hardware firewalls too if you like.
This guide is only cPanel specific to the point where you edit the configuration file.
Check the latest version from the mod_evasive web site. It is 1.10.1 in Jan 2010.
wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
tar zxvf mod_evasive_1.10.1.tar.gz
cd mod_evasiveI am assuming you use apxs to load dymanic modules into apache. You really should.
/usr/local/apache/bin/apxs -i -a -c mod_evasive20.ccPanel users only, we need to distill the apxs module into Apache so it isn't lost next time you rebuild or upgrade cPanel/Apache.
/usr/local/cpanel/bin/apache_conf_distiller –updatecPanel users can edit /usr/local/apache/conf/includes/post_virtualhost_2.conf or use the Apache Configuration option in WHM.
Vanilla Apache users can just stick the config in their httpd.conf.
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 3600
</IfModule>Optionally you can also add the following directives;
DOSEmailNotify you@yourdomain.com
DOSSystemCommand "/etc/apf/apf -d %s'"
DOSLogDir "/var/lock/mod_evasive"I use APF firewall, with the DOSSystemCommand so I can automatically dop offending IPs at the firewall rather than at Apache.
Hopefully you will never see an email from mod_evasive, but you know its there, ready and waiting.
Related posts:
- mod_geoip Revisted including stopping spam in phpBB 2
I've recently moved a client's forum onto a new cPanel server, previously it was on... - Installing memcached on CentOS (cPanel)
Welcome to hell. No really, compared to installing memcached on Ubuntu, CentOSs really sucks. CentOS... - Anonymous apache & PHP for cPanel
So I've started playing with cPanel/WHM recently. I've got to say it does make my... - Installing mytop on cpanel
MyTop is one of the best MySQL monitoring tools available, written by a MySQL... - Ridiculously simple NTLM Authentication for Apache (Ubuntu)
We all know Ubuntu makes things amazingly simple. This is the best I've found so...
What this article useful to you?
Let me know, buy me a beer!
Alternatively, if you're feeling impecunious, you may like to subscribe to my RSS feed, or see other articles in the Linux, cPanel/WHM category.
February 8th, 2010 - 21:57
Thank you for this guide my friend, it helped alot, in bad times, I had DDoS going on my server, and this really helped.