How to install mod_evasive in cPanel?

How to install mod_evasive in cPanel?

This tutorial will help you how to install the apache module mod_evasive in CentOS/RHEL. Mod_evasive is an apache module which prevents HTTPD DOS attack or DDOS attack or brute force attack. Mod_evasive will block the IP address if happen any of the following.

1) Requesting the same page more than a few times per second.

2) Making more than 50 concurrent requests on the same child per second.

3) Making any requests while temporarily blacklisted.

Install mod_evasive on Apache 2.2

1) First step is check to httpd-devel package is installed or not.

#rpm -qa | grep httpd-devel

2) If it is not installed in server, follow the below steps.

#yum install httpd-devel

3) After successfully completed the httpd-devel package, follow the below steps.

#cd /usr/local/src

#wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz

4) Extract the downloaded file mod_evasive_1.10.1.tar.gz.

#tar -xvzf mod_evasive_1.10.1.tar.gz

#ls

mod_evasive  mod_evasive_1.10.1.tar.gz

5) Change directory to mod_evasive.

#cd mod_evasive

6) To bulid module from its source code.

#/usr/local/apache/bin/apxs –cia mod_evasive20.c

7) After completed the installation, we need to distill the configuration.

#/usr/local/cpanel/bin/apache_conf_distiller –update

8) We need to create the file /usr/local/apache/conf/mod_evasive.conf which is mod_evasive configuration file and add the following configuration to the file.

#vi /usr/local/apache/mod_evasive.conf

LoadModule evasive20_module         modules/mod_evasive20.so

DOSHashTableSize      3097

DOSPageCount                        2

DOSSiteCount              50

DOSPageInterval         1

DOSSiteInterval           1

DOSBlockingPeriod     10

DOSBlockingPeriod     3600

DOSLogDir                              “/var/log/mod_evasive”

DOSWhitelist               127.0.0.1

9) Create a directory for mod_evasive logs.

#mkdir /var/log/mod_evasive

10) After completed configuration, you can check httpd configuration.

#httpd -t

11) Now rebuild and restart Apache.

#/scripts/rebuildhttpdconf

#/etc/init.d/httpd restart

Install mod_evasive on Apache 2.4

1) Before installing mod_evasive in Apache 2.4 you need to install httpd-devel.

You may get the error given below when you run command “#yum install httpd-devel”

2) You can install the package using following command

#yum install ea-apache24-devel

#cd /usr/local/src

#wget http://www.zdziarski.com/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz

#tar -xzvf mod_evasive_1.10.1.tar.gz

#cd mod_evasive

#cp mod_evasive20.c mod_evasive24.c

#sed ‘s/remote_ip/client_ip/g’ -i mod_evasive24.c

3) Let’s build mod_evasive.

#apxs -i -a -c mod_evasive24.c

4) Then create a file named /usr/local/apache/conf/mod_evasive.conf.

LoadModule evasive20_module modules/mod_evasive24.so

DOSHashTableSize      3097

DOSPageCount                        2

DOSSiteCount              50

DOSPageInterval         1

DOSSiteInterval           1

DOSBlockingPeriod     10

DOSBlockingPeriod     3600

DOSLogDir                              “/var/log/mod_evasive”

DOSWhitelist               127.0.0.1

5) Let’s make a directory for mod_evasive logs.

#mkdir /var/log/mod_evasive

6) Then, rebuild and restart Apache.

#/scripts/rebuildhttpdconf

#/etc/init.d/httpd restart