Is there any proper documentation for mod-evasive?

Posted by Question Overflow on Server Fault See other posts from Server Fault or by Question Overflow
Published on 2012-05-08T02:59:41Z Indexed on 2012/07/11 9:17 UTC
Read the original article Hit count: 257

Filed under:
|

mod_evasive20 is one of the loaded modules on my httpd server. I read good things about how it can stop a DOS attack and wanted to try it out on my localhost. A search for mod_evasive turns up a blog post by the author which briefly describes what it does.

Other than that, I can't seem to find a reference or a documentation on the apache modules site. I was wondering whether it is a module recognised by Apache since there is no mention of it on its website.

I have a mod_evasive.conf file sitting in the /etc/http/conf.d folder that contains the following lines:

LoadModule evasive20_module modules/mod_evasive20.so
<IfModule mod_evasive20.c>
 DOSHashTableSize    3097
 DOSPageCount        2
 DOSSiteCount        50
 DOSPageInterval     1
 DOSSiteInterval     1
 DOSBlockingPeriod   10
</IfModule> 

My understanding from the setting is that if I were to click refresh or send a form more than two times in a one second interval, apache will issue a 403 error and bar me from the site for 10 seconds. But that is not happening on my localhost. And I would like to know the reason. Thanks.

© Server Fault or respective owner

Related posts about apache2

Related posts about mod-evasive