Preventing Apache DOS attacks
Posted on January 2, 2007 on 1:32 pm by glen | In General, Apache, RedHat |We’ve recently come under attack from denial-of-service (DOS) attacks. In order to alleviate this situation, we are currently testing out the mod_evasive Apache module.
The install was simple. After downloading and unpacking the source code…
/usr/sbin/apxs -i -a -c mod_evasive20.c
This will compile the module, copy it to the correct directory and enable the module in your Apache config. In addition, we added the following options to our httpd.conf:
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSEmailNotify glen@designsolution.co.uk
</IfModule>
Now, if too many requests come in from an IP address, the server will respond with a HTTP 403 response. This helps to save on bandwidth and reduce CPU load. Ideally, we would like to hook this into our firewall… our investigations are on-going!
No Comments yet »
RSS feed for comments on this post. TrackBack URI