Welcome to UltratechHost Forum, Guest. Please take the time to register if you haven't, or click

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

[-]
Tags
how to install mod evasive in cpanel server apache 2 4

cPanel/WHM How to install mod_evasive in cPanel server (Apache 2.4)
#1
Mod evasive is an Apache module which provide evasive action in case of any Denial Of Service attack or in case of any brute-force attack. It helps to protect the server from DOS or DDOS attacks. Mod evasive prevents any single IP address from any of the following:


1. Requesting the same page more than a few times per second
2. Making more than 50 concurrent requests on the same child per second
3. Making any request while temporarily blacklisted (on a blocking list)

Here, the mod_evasive installation is specific for cPanel servers.

Download the mod_evasive source file to the server


Code:
cd /usr/local/src

wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz

Extract the zip file that we downloaded to the server


Code:
tar -xvzf mod_evasive_1.10.1.tar.gz

cd mod_evasive


Now, if you attempt to build mod_evasive20.c for Apache 2.4, you’ll receive an error. That is if you run /usr/local/apache/bin/apxs -cia mod_evasive20.c you’ll get the following error:


Code:
mod_evasive20.c: In function 'access_checker':

mod_evasive20.c:142: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:146: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:158: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:165: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:180: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:187: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:208: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:212: warning: implicit declaration of function 'getpid'
mod_evasive20.c:215: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:221: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:222: error: 'conn_rec' has no member named 'remote_ip'
mod_evasive20.c:228: error: 'conn_rec' has no member named 'remote_ip'
apxs:Error: Command failed with rc=65536


Now, you need to follow these steps for Apache 2.4


Code:
cp mod_evasive{20,24}.c
sed s/remote_ip/client_ip/g -i mod_evasive24.c


Now, build mod_evasive for Apache 2.4

Code:
apxs -i -a -c mod_evasive24.c


This will create an entry in the Apache configuration file for mod_evasive as below.

Code:
grep mod_evasive /usr/local/apache/conf/httpd.conf
LoadModule evasive20_module modules/mod_evasive24.so


To retain this entry after Apache rebuild/upgrade run the following command:

Code:
/usr/local/cpanel/bin/apache_conf_distiller --update


Then, create mod_evasive configuration file and add the following configuration to it:

Code:
cat /usr/local/apache/conf/mod_evasive.conf
LoadModule evasive20_module modules/mod_evasive24.so



Code:
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10



Now include the file “/usr/local/apache/conf/mod_evasive.conf” in the file “/usr/local/apache/conf/includes/pre_main_global.conf”

Code:
cat /usr/local/apache/conf/includes/pre_main_global.conf
Include /usr/local/apache/conf/mod_evasive.conf


Then, rebuild Apache and restart it

Code:
/scripts/rebuildhttpdconf

/etc/init.d/httpd restart


Done!!



Dinesh Kumar Mohanty
Ultra Web Solutions®
Bhubaneswar, Odisha, India.

UltratechHost - Your One Stop Offshore & Onshore Hosting Provider
Server Locations : Netherlands, Germany, Russia, Singapore & USA
Service Offers: Shared hosting | Reseller hosting | Cloud server | Dedicated server | VPS Hosting



Forum Jump:


Users browsing this thread: 1 Guest(s)