Installing mod_evasive on cPanel and/or Apache
This guide details how to install mod_evasive on cPanel to help protect against DDOS attacks, brute force attacks and other irritants.
It uses an internal hash table of IPs and URLs and can temporarily block web requests to anyone requesting a large number of page views, or making many concurrent requests. Properly configured it can help evade DDOS attacks and keep your customers happy.
You can integrate it with iptables and hardware firewalls too if you like.
This guide is only cPanel specific to the point where you edit the configuration file.
Check the latest version from the mod_evasive web site. It is 1.10.1 in Jan 2010.
- wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
- tar zxvf mod_evasive_1.10.1.tar.gz
- cd mod_evasive
I am assuming you use apxs to load dymanic modules into apache. You really should.
- /usr/local/apache/bin/apxs -i -a -c mod_evasive20.c
cPanel users only, we need to distill the apxs module into Apache so it isn't lost next time you rebuild or upgrade cPanel/Apache.
- /usr/local/cpanel/bin/apache_conf_distiller –update
cPanel users can edit /usr/local/apache/conf/includes/post_virtualhost_2.conf or use the Apache Configuration option in WHM.
Vanilla Apache users can just stick the config in their httpd.conf.
- <IfModule mod_evasive20.c>
- DOSHashTableSize 3097
- DOSPageCount 2
- DOSSiteCount 50
- DOSPageInterval 1
- DOSSiteInterval 1
- DOSBlockingPeriod 3600
- </IfModule>
Optionally you can also add the following directives;
- DOSEmailNotify you@yourdomain.com
- DOSSystemCommand "/etc/apf/apf -d %s'"
- DOSLogDir "/var/lock/mod_evasive"
I use APF firewall, with the DOSSystemCommand so I can automatically dop offending IPs at the firewall rather than at Apache.
Hopefully you will never see an email from mod_evasive, but you know its there, ready and waiting.
Related posts
- Upgrading to MySQL 5.1 in cPanel/WHM
Upgrading to MySQL 5.1 in cPanel is currently not the easiest thing in the world.... - Installing memcached on CentOS (cPanel)
Welcome to hell. No really, compared to installing memcached on Ubuntu, CentOSs really sucks. CentOS... - mod_geoip Revisted including stopping spam in phpBB 2
I've recently moved a client's forum onto a new cPanel server, previously it was on... - Installing mytop on cpanel
MyTop is one of the best MySQL monitoring tools available, written by a MySQL guru,... - Anonymous apache & PHP for cPanel
So I've started playing with cPanel/WHM recently. I've got to say it does make my...
About Kieran
February 8th, 2010 - 21:57
Thank you for this guide my friend, it helped alot, in bad times, I had DDoS going on my server, and this really helped.
November 11th, 2011 - 03:37
Hello,
thanks for your guide, unfortunately the http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz is not found
where I can get the mod_evasive file?
December 4th, 2011 - 20:26
@joglo
http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz