mod dosevasive – install and configure

This module is very useful in combating certain DOS (denial of serivce) attacks, and is easy to implement. The following steps will help you to install mod dosevasive.

1.    Download the newest version of the module from:

http://www.nuclearelephant.com/projects/dosevasive/

2.    Extract the module.

Ie. (replace the 1.9 with the version you downloaded)
tar -xzvf mod_dosevasive.1.9.tar.gz

3.    Change directories so you are inside the mod_dosevasive directory.
cd mod_dosevasive

4.    If you are running Apache v1.3, you run: [path to apache]/bin/apxs -i -a -c mod_dosevasive.c

Ie.
/usr/local/apache/bin/apxs -i -a -c mod_dosevasive.c

If you are running Apache v2.0, you run: [path to apache]/bin/apxs -i -a -c mod_dosevasive20.c

Ie.
/usr/local/apache/bin/apxs -i -a -c mod_dosevasive20.c

5.    Restart apache.

Ie.
/etc/init.d/httpd restart

Configuration:

This section is intend for people that want to tweak some of the default settings to their own. You are not required to do this.

First you have to add the following section to your httpd.conf
(Ie. /etc/httpd/conf/httpd.conf):
For Apache v1.3:

<IfModule mod_dosevasive.c>
DOSHashTableSize    3097
DOSPageCount        2
DOSSiteCount        50
DOSPageInterval     1
DOSSiteInterval     1
DOSBlockingPeriod   10
</IfModule>

For Apache v2.0:

<IfModule mod_dosevasive20.c>
DOSHashTableSize    3097
DOSPageCount        2
DOSSiteCount        50
DOSPageInterval     1
DOSSiteInterval     1
DOSBlockingPeriod   10
</IfModule>

The above are the default options that are setup (even if you do not have this section in your httpd.conf).