Mod_Evasive

Thayanithy Jegan

Mod_Evasive

mod_evasive is a module for Apache. It provides evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls and routers. mod_evasive presently reports abuses via email and syslog facilities.

Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from any of the following:

  • Requesting the same page more than a few times per second
  • Making more than 50 concurrent requests on the same child per second
  • Making any requests while temporarily blacklisted (on a blocking list)

This module has worked well in OMNI2UACCOUNT single-server. It is a good idea to integrate this with firewalls and routers for maximum protection. If a user repeatedly click on ‘reload’ should not be…

View original post 127 mots de plus

Publicités
Par défaut