Is there any proper documentation for mod-evasive?
Posted
by
Question Overflow
on Server Fault
See other posts from Server Fault
or by Question Overflow
Published on 2012-05-08T02:59:41Z
Indexed on
2012/07/11
9:17 UTC
Read the original article
Hit count: 257
apache2
|mod-evasive
mod_evasive20
is one of the loaded modules on my httpd server. I read good things about how it can stop a DOS attack and wanted to try it out on my localhost. A search for mod_evasive turns up a blog post by the author which briefly describes what it does.
Other than that, I can't seem to find a reference or a documentation on the apache modules site. I was wondering whether it is a module recognised by Apache since there is no mention of it on its website.
I have a mod_evasive.conf
file sitting in the /etc/http/conf.d
folder that contains the following lines:
LoadModule evasive20_module modules/mod_evasive20.so
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
</IfModule>
My understanding from the setting is that if I were to click refresh or send a form more than two times in a one second interval, apache will issue a 403 error
and bar me from the site for 10 seconds. But that is not happening on my localhost. And I would like to know the reason. Thanks.
© Server Fault or respective owner