Using mod_evasive on a specific directory

Question

I'm trying to limit requests to an API on an internal site

I've managed to implement mod_evasive to successfully block requests after a specific amount in a specific time.

But this is causing problems for users of the webUI

I've tried limiting the scope of mod_evasive to the api directory but Apache2 is complaining about an invalid config file

<Location /api >                                                                        
  <IfModule mod_evasive20.c>
    DOSPageCount 2
    DOSSiteCount 50
    ..
  </IfModule>
</Location>

Any ideas SO?

score -1 · Answer 1 · answered Apr 08 '13 at 05:11

You could move your api service to a subdomain (redirect)

Another idea is use nginx:80 and apache:8080 like a reverse proxy and implement a better config for stop the ddos.

Maybe the ddos you suffer always used the same pattern that can be blocked with (iptables and mbstring) 'look at the accesslog'.

iptables -A INPUT -m string --string 'PATTERN-STRING' --algo bm -j DROP

Other tool that can help : http://deflate.medialayer.com/

Good Luck

Using mod_evasive on a specific directory

1 Answers1