ubuntu:ddos
Table of Contents
DDOS
Mitigate from DDoS with mod_security and mod_evasive
Install Mod Security Apache Module
Install Mod Security
yum install mod_security
Download latest OWASP ruleset
From the site http://spiderlabs.github.io/owasp-modsecurity-crs/
tar xfz SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb.tar.gz
Remove the one that was installed by the binary mod_security package.
rm -rf /etc/httpd/modsecurity.d mv SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb /etc/httpd/modsecurity.d
Edit the /etc/httpd/conf.d/mod_security.conf
Install mod_evasive Apache Module
Build mod_evasive binary from the source.
yum install gcc make libxml2 libxml2-devel httpd-devel pcre-devel curl-devel
Install mod_evasive.
cd /usr/src wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz tar xzf mod_evasive_1.10.1.tar.gz cd mod_evasive
Now, you need to find where apxs is installed.
rpm -ql httpd-devel |grep apxs # /usr/sbin/apxs // Output from the command above /usr/sbin/apxs -cia mod_evasive20.c
Libraries have been installed in:
/usr/lib64/httpd/modules
Add the following block in the /etc/httpd/conf/httpd.conf
- /etc/httpd/conf/httpd.conf
# mod_evasive <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 60 # If you wish to receive email notification, modify & uncomment below. #DOSEmailNotify notify@mydomain.com </IfModule>
Restart Apache
service httpd restart
References
ubuntu/ddos.txt · Last modified: 2020/07/15 09:30 by 127.0.0.1