Of all the security threats to your server, few are as difficult to prevent as DoS (denial of service) attacks. A DoS attack occurs when someone with malignant intentions uses software to overload your server with traffic, either through security holes or through standard traffic methods. With a DDoS (distributed denial of service) attack, the initial attacker infects other computers with malware or botnets that then automatically launch a coordinated attack against your dedicated server. DDoS attacks can be launched from hundreds or even thousands of computers simultaneously.
One way to prevent at least some forms of DoS attacks is to use mod_evasive, a free module for Apache HTTP Server. To install mod_evasive on a Linux server running Apache, do the following:
1. Login to your server via SSH
2. Make sure you have the latest Apache development files (on CentOS, run yum install httpd-devel).
3. Download the latest version:
tar xvzf mod_evasive_1.10.1.tar.gz mod_evasive/
5. Begin compiling the module:
/usr/sbin/apxs -cia /usr/src/mod_evasive/mod_evasive20.c
6. Activate the module:
chmod 755 /usr/lib/httpd/modules/mod_evasive20.so
7. Restart Apache
8. Test to make sure it was loaded:
grep -i evasive /etc/httpd/conf/httpd.conf
It should return: LoadModule evasive20_module /usr/lib/httpd/modules/mod_evasive20.so
Then type: php -r ‘phpinfo();’ | grep -i evasive
and you should see mod_evasive listed
9. Now add configuration rules to the Apache conf file: /etc/httpd/conf/httpd.conf
Read the documentation to determine the best settings for each one. After that, your server should make an extra effort to evade DoS attacks.
- How to Disable Unneeded Apache Modules
- Apache Tip #2: Use Configtest to Try Configurations Before Using
- Fight Brute Force Attacks with DenyHosts
- How to Enable mod_rewrite in Apache Server
- Apache’s DocumentRoot directive