#wget http://www.nuclearelephant.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz |
#gzip -d mod_evasive_1.10.1.tar.gz #tar -xvf mod_evasive_1.10.1.tar |
#apxs -i -a -c mod_evasive20.c |
LoadModule evasive20_module /usr/lib/httpd/modules/mod_evasive20.so |
<IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 </IfModule> |
DOSHashTableSize | This sets the size of the hash table the module uses to store it's data. Increase this for busy systems |
DOSPageCount | After this many requests for the same page, the client is part of the bad-person list |
DOSSiteCount | After this manyobject requests on the same listner per site, the client is a bad-person |
DOSPageInterval | The interval for the page count threshold |
DOSSiteInterval | The interval for the site count threshold |
DOSBlockingPeriod | The amount of time a client is blocked for after becoming a bad-person |
DOSEmailNotify | Can be used to send out emails when an IP is blacklisted |
DOSSystemCommand | Command run when IP is blacklisted. IP is denoted by %s |
DOSLogDir | Specify an alternative log directory |
DOSWhitelist | Allow trusted clients to bypass the module. Can be used many times. |