Install mod_evasive on Apache (anti Dos)

mod_evasive is a Apache module that provides evasive maneuvers action in the event of an HTTP DoS or DDoS (Denial of Service) attack or brute force attack at the web server. When possible attacks are detected, mod_evasive will block the traffic from the source for a specific duration of time, while reports abuses via email and syslog facilities. Or administrators can configure mod_evasive to talk to iptables, ipchains, firewalls, routers, and etc. to build a comprehensive DDOS prevention system for the high traffic busy web server.

Although mod_evasive is not a foolproof and complete DOS prevention system, but installing mod_evasive module for Apache will likely to reduce and stop certain DDOS attacks, minimizing the risks of web hosts and web sites been completely brought down inaccessible by malicious denial of service attack attempts.

Install mod_evasive

1. Download mod_evasive from Nuclear Elephant

   wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
tar -zxvf mod_evasive_1.10.1.tar.gz
cd mod_evasive


2. For apache 2.0.x
   /usr/sbin/apxs -cia mod_evasive20.c
   Then add this too httpd.conf
   
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600

3. For apache 1.3.x
   /usr/local/apache/bin/apxs -cia mod_evasive.c
   Then add this too httpd.conf
   
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600

4. Restart the Apache server with the following command:
   service httpd restart