For smaller scale DDoS attacks, Web Application Firewall (WAF) like Mod Security and Mod Evasive will mitigate DDoS attacks. For larger-scale DDoS attacks, you may need to turn to a professional DDoS mitigation service provider.
1. Install Mod Security Apache Module.
# Install Mod Security yum install mod_security # Download the latest OWASP ruleset from the site below. # http://spiderlabs.github.io/owasp-modsecurity-crs/ tar xfz SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb.tar.gz # Remove the one that was installed by the binary mod_security package. rm -rf /etc/httpd/modsecurity.d mv SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb /etc/httpd/modsecurity.d # Edit the /etc/httpd/conf.d/mod_security.conf
2. Install mod_evasive Apache Module.
# We are going to build a mod_evasive binary from the source. yum install gcc make libxml2 libxml2-devel httpd-devel pcre-devel curl-devel # Install mod_evasive. cd /usr/src wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz tar xzf mod_evasive_1.10.1.tar.gz cd mod_evasive # Now, you need to find where apxs is installed. rpm -ql httpd-devel |grep apxs # /usr/sbin/apxs // Output from the command above /usr/sbin/apxs -cia mod_evasive20.c #Libraries have been installed in: # /usr/lib64/httpd/modules # Add the following block in the /etc/httpd/conf/httpd.conf # mod_evasive <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 60 # If you wish to receive email notification, modify & uncomment below. #DOSEmailNotify notify@mydomain.com </IfModule> # Restart Apache service httpd restart
Share this post
Leave a comment
All comments are moderated. Spammy and bot submitted comments are deleted. Please submit the comments that are helpful to others, and we'll approve your comments. A comment that includes outbound link will only be approved if the content is relevant to the topic, and has some value to our readers.
Comments (0)
No comment