mod_evasive installation with apache

mod_evasive installation with apache

Mod_evasive is an apache module which provides as evasive action thereby protects the server in the case of an http ddos, Installation steps are given below

Download the latest version of mod_evasive from  Jonathan Zdziarski’s official site http://www.zdziarski.com/projects/mod_evasive/

wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz

extract the tar bowl and get in to installation directory

tar zxvf mod_evasive_1.10.1.tar.gz
cd mod_evasive

install mod_evasive as an apache extension, first find the location of apxs binary,if you are on a cpanel server, it should be on /usr/local/apache/bin/apxs.

/usr/local/apache/bin/apxs -cia mod_evasive20.c

once its installed, edit apache configuration file and add the following lines

<IfModule evasive20_module>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 10
DOSLogDir “/usr/local/apache/logs/mod_evasive”
</IfModule>

Make sure that evasive module is installed by checking for the following line in httpd.conf file
LoadModule evasive20_module modules/mod_evasive20.so

root@server [~]# httpd -v
Server version: Apache/2.2.10 (Unix)
Server built:   Oct 16 2008 23:05:52
root@vserver[~]# cd /usr/src
root@server [/usr/src]# wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
–08:33:15–  http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
=> `mod_evasive_1.10.1.tar.gz’
Resolving www.zdziarski.com… 209.51.159.242
Connecting to www.zdziarski.com|209.51.159.242|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 20,454 (20K) [application/x-tar]

100%[==============================================================================================>] 20,454        –.–K/s

08:33:16 (159.92 KB/s) – `mod_evasive_1.10.1.tar.gz’ saved [20454/20454]

root@server [/usr/src]# tar -zxf mod_evasive_1.10.1.tar.gz
root@server [/usr/src]# cd mod_evasive
root@server [/usr/src/mod_evasive]# /usr/local/apache/bin/apxs -cia mod_evasive20.c
/usr/local/apache/build/libtool –silent –mode=compile gcc -prefer-pic   -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include   -c -o mod_evasive20.lo mod_evasive20.c && touch mod_evasive20.slo
/usr/local/apache/build/libtool –silent –mode=link gcc -o mod_evasive20.la  -rpath /usr/local/apache/modules -module -avoid-version    mod_evasive20.lo
/usr/local/apache/build/instdso.sh SH_LIBTOOL=’/usr/local/apache/build/libtool’ mod_evasive20.la /usr/local/apache/modules
/usr/local/apache/build/libtool –mode=install cp mod_evasive20.la /usr/local/apache/modules/
cp .libs/mod_evasive20.so /usr/local/apache/modules/mod_evasive20.so
cp .libs/mod_evasive20.lai /usr/local/apache/modules/mod_evasive20.la
cp .libs/mod_evasive20.a /usr/local/apache/modules/mod_evasive20.a
chmod 644 /usr/local/apache/modules/mod_evasive20.a
ranlib /usr/local/apache/modules/mod_evasive20.a
PATH=”$PATH:/sbin” ldconfig -n /usr/local/apache/modules
———————————————————————-
Libraries have been installed in:
/usr/local/apache/modules

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR’
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH’ environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH’ environment variable
during linking
- use the `-Wl,–rpath -Wl,LIBDIR’ linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf’

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
———————————————————————-
chmod 755 /usr/local/apache/modules/mod_evasive20.so
[activating module `evasive20' in /usr/local/apache/conf/httpd.conf]
root@vps [/usr/src/mod_evasive]# vi /usr/local/apache/conf/httpd.conf
root@vps [/usr/src/mod_evasive]# /scripts/restartsrv httpd
Waiting for httpd to restart…………..finished.

root     22105  0.0  0.0  3860 1784 ?        Ss   08:41   0:00 /usr/local/apache/bin/httpd -k start -DSSL

httpd started ok

One Response »

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>