Stack Overflow
Stack Overflow

Questions tagged [mod-evasive]

Use this tag in questions related to configuration or issues using the mod_evasive apache2 module.

Mod_evasive is an Apache Http Server module that provides evasive action in the event of an HTTP DoS or DDoS attack or brute force attack.
Designed as a network analysis and detection tool, it can be easily configured to talk to ipchains, firewalls, routers, and more.

It also generates and sends reports of abuse via email and syslog facilities.

More info in the github page of the project.

29 questions
11
votes
2 answers

mod_evasive for nginx?

I am using mod_evasive for apache which manages DOS, that is it automatically blacklist IP's that do too much http queries during a delta time. Does it exists on nginx ?
Eric
  • 5,101
  • 10
  • 37
  • 45
7
votes
1 answer

Using mod_evasive on a specific directory

I'm trying to limit requests to an API on an internal site I've managed to implement mod_evasive to successfully block requests after a specific amount in a specific time. But this is causing problems for users of the webUI I've tried limiting the…
hipyhop
  • 179
  • 4
  • 12
6
votes
2 answers

Apache mod_evasive whitelist is not working properlly.

We have weird situation, we have configured mod_evasive with apache 2.4 on Ubuntu 14. we have added google bot IPs in white list(we are maintaining long list of internal and external IPs in white list). But google IPs are still blocked by…
Mudasar Yasin
  • 579
  • 3
  • 11
  • 20
4
votes
0 answers

Apache undefined symbol: ap_log_rerror

I am trying to install mod_evasive into my Apache 2.4 I run apxs2 -cia mod_evasive20.c But when i am trying to start the server i get this error httpd: Syntax error on line 177 of /usr/local/apache2/conf/httpd.conf: Cannot load…
Zakos
  • 2,448
  • 4
  • 16
  • 20
3
votes
3 answers

How to install mod_evasive in Amazon Linux ami

Is Amazon planning to add mov_evasive to its latest AMI? How would I need to install mod_evasive on Amazon Linux? There are quite a few tutorials available on the web, but I have found no recent tutorial addressing Amazon Linux. Are there any…
Erkin Kholmatov
  • 31
  • 1
  • 4
2
votes
0 answers

Apache: mod_evasive triggering due to own page design

Short Story: I got a page on my website with lots of -elements to basicly display a long list of pictures (with other stuff read from the database). Due to the many calls mod_evasive triggers and not all images…
evilive
  • 916
  • 1
  • 7
  • 24
2
votes
3 answers

mod_evasive not working on Apache 2.4.6

I am trying to configure mod_evasive for Apache 2.4.6 on CentOS, release 7.5.1804. I got clean install of CentOS, with clean install of Apache without serving any pages or anything (just example index.html saying hello world), and I installed…
Ľubomír Bielik
  • 27
  • 1
  • 7
2
votes
0 answers

Set interval for mod_evasive issue

I have follow the installation guide here to install mod_evasive to my apache server. I has tested to set DOSSiteInterval 1 and DOSSiteCount 2, and it is working, but no detail write into log. Somehow, it is not working when I modify to…
Deno
  • 434
  • 4
  • 16
2
votes
2 answers

mod_evasive is not blocking IPs causing DoS, but is logging them

mod_evasive is not blocking IPs that are causing DoS, but it is logging the IPs in the /tmp directory. The files it generates to this directory are named dos-XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX being the IP). The OS is FreeBSD. Have read that…
Will Squire
  • 6,127
  • 7
  • 45
  • 57
1
vote
0 answers

mod_evasive doesn't work

mod_evasive is install and my config is DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 50
Ben
  • 1,906
  • 10
  • 31
  • 47
1
vote
2 answers

Grabbing\spider protection

There is a site\resource that offers some general statistic information as well as an interface to search facilities. This search operations are costly, so I want to restrict frequent and continuous (i.e. automatic) search requests (from people,…
Roman Bodnarchuk
  • 29,461
  • 12
  • 59
  • 75
1
vote
1 answer

Apache2 mod_evasive DOSSystemCommand not executing the command

I am setting up an apache2 webserver, and I am adding some security to stop bruteforcing attacks. I was gonna use mod_evasive and have another file to run the commands to ban and unban the user. my config is as shown.
Killian Fortman
  • 86
  • 1
  • 1
  • 7
1
vote
0 answers

SeLinux blocking mod-evasive (Apache) from running a command as sudo

I am trying to configure mod_evasive in my CENTOS7 server (VPS) to prevent DDOS attacks. I followed the steps mentioned in the following tutorial. (this link) Although I am not using IPTABLES, I am using firewalld instead. In mod_evasive, the…
Chin. Udara
  • 694
  • 4
  • 19
1
vote
0 answers

PHP Apache module mod_evasive not blocking by IP only

I follow this tuorial and install mod_evasive https://documentation.cpanel.net/display/EA4/Apache+Module%3A+Evasive#ApacheModule:Evasive-Configuration DOSHashTableSize 3097 DOSPageCount 10 DOSSiteCount …
Faisal Abbas
  • 71
  • 1
  • 6
1
vote
1 answer

Can mod_evasive be too aggressive and kill off good traffic?

I had DDoS attacks on my site and the admin at my hosting company applied mod_evasive to my server. My traffic has gone from 10K+ visits a day to between 1K-2K a day. Can mod_evasive be too aggressive and kill off good traffic?
MrVK
  • 147
  • 6
1
2