posted by admin
on Wed, 09/11/2013 - 15:20
For smaller scale DDoS attacks, Web Application Firewall (WAF) like Mod Security and Mod Evasive will mitigate DDoS attacks. For larger scale DDoS attacks, you may need to turn to professional DDoS mitigation service provider.
1. Install Mod Security Apache Module.
# Install Mod Security yum install mod_security # Download latest OWASP ruleset from the site below. # http://spiderlabs.github.io/owasp-modsecurity-crs/ tar xfz SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb.tar.gz # Remove the one that was installed by the binary mod_security package. rm -rf /etc/httpd/modsecurity.d mv SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb /etc/httpd/modsecurity.d # Edit the /etc/httpd/conf.d/mod_security.conf
2. Install mod_evasive Apache Module.
# We are going to build mod_evasive binary from the source. yum install gcc make libxml2 libxml2-devel httpd-devel pcre-devel curl-devel # Install mod_evasive. cd /usr/src wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz tar xzf mod_evasive_1.10.1.tar.gz cd mod_evasive # Now, you need to find where apxs is installed. rpm -ql httpd-devel |grep apxs # /usr/sbin/apxs // Output from the command above /usr/sbin/apxs -cia mod_evasive20.c #Libraries have been installed in: # /usr/lib64/httpd/modules # Add the following block in the /etc/httpd/conf/httpd.conf # mod_evasive <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 60 # If you wish to receive email notification, modify & uncomment below. #DOSEmailNotify [email protected] </IfModule> # Restart Apache service httpd restart
Comments
Add new comment