How to install mod_evasive in cPanel?
How to install mod_evasive in cPanel?
This tutorial will help you how to install the apache module mod_evasive in CentOS/RHEL. Mod_evasive is an apache module which prevents HTTPD DOS attack or DDOS attack or brute force attack. Mod_evasive will block the IP address if happen any of the following.
1) Requesting the same page more than a few times per second.
2) Making more than 50 concurrent requests on the same child per second.
3) Making any requests while temporarily blacklisted.
Install mod_evasive on Apache 2.2
1) First step is check to httpd-devel package is installed or not.
#rpm -qa | grep httpd-devel
2) If it is not installed in server, follow the below steps.
#yum install httpd-devel
3) After successfully completed the httpd-devel package, follow the below steps.
#cd /usr/local/src
#wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
4) Extract the downloaded file mod_evasive_1.10.1.tar.gz.
#tar -xvzf mod_evasive_1.10.1.tar.gz
#ls
mod_evasive mod_evasive_1.10.1.tar.gz
5) Change directory to mod_evasive.
#cd mod_evasive
6) To bulid module from its source code.
#/usr/local/apache/bin/apxs –cia mod_evasive20.c
7) After completed the installation, we need to distill the configuration.
#/usr/local/cpanel/bin/apache_conf_distiller –update
8) We need to create the file /usr/local/apache/conf/mod_evasive.conf which is mod_evasive configuration file and add the following configuration to the file.
#vi /usr/local/apache/mod_evasive.conf
LoadModule evasive20_module modules/mod_evasive20.so
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSBlockingPeriod 3600
DOSLogDir “/var/log/mod_evasive”
DOSWhitelist 127.0.0.1
9) Create a directory for mod_evasive logs.
#mkdir /var/log/mod_evasive
10) After completed configuration, you can check httpd configuration.
#httpd -t
11) Now rebuild and restart Apache.
#/scripts/rebuildhttpdconf
#/etc/init.d/httpd restart
Install mod_evasive on Apache 2.4
1) Before installing mod_evasive in Apache 2.4 you need to install httpd-devel.
You may get the error given below when you run command “#yum install httpd-devel”
2) You can install the package using following command
#yum install ea-apache24-devel
#cd /usr/local/src
#wget http://www.zdziarski.com/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
#tar -xzvf mod_evasive_1.10.1.tar.gz
#cd mod_evasive
#cp mod_evasive20.c mod_evasive24.c
#sed ‘s/remote_ip/client_ip/g’ -i mod_evasive24.c
3) Let’s build mod_evasive.
#apxs -i -a -c mod_evasive24.c
4) Then create a file named /usr/local/apache/conf/mod_evasive.conf.
LoadModule evasive20_module modules/mod_evasive24.so
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSBlockingPeriod 3600
DOSLogDir “/var/log/mod_evasive”
DOSWhitelist 127.0.0.1
5) Let’s make a directory for mod_evasive logs.
#mkdir /var/log/mod_evasive
6) Then, rebuild and restart Apache.
#/scripts/rebuildhttpdconf
#/etc/init.d/httpd restart