mod_evasive is an Apache module by Jonathan Zdziarski to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.
With the advent of EA4 mod_evasive has become very easy to install. Simply login to your server with a root SSH connection and issue the following command.
yum install ea-apache24-mod_evasive
That's it, by default the cPanel configuration will begin to block most attacks without any additional changes.
To install this via the EA4 WHM interface, simply login to WHM on your server as root and navigate to.
WHM » Home » Software » EasyApache 4
And select mod_evasive within the "Apache Modules" selection of the interface.
Follow the prompts to complete the install.
EasyApache3 will receive no further development – it is End of Life (EOL) as of December 31, 2018.
If you need any assistance in upgrading from EasyApache3 on your KnownHost server to EasyApache4, please open a ticket with our Support department – we'll be happy to help!
This article is using version 1.10.1 (stable). You can grab the latest from Zdziarski.
cd /usr/local/src/ curl -Ls http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz > /usr/local/src/mod_evasive.tar.gz
tar xf mod_evasive.tar.gz cd /usr/local/src/mod_evasive
/usr/local/apache/bin/apxs -i -a -c mod_evasive24.c
[activating module `evasive20' in /usr/local/apache/conf/httpd.conf]
touch /usr/local/apache/conf/includes/mod_evasive.conf nano mod_evasive.conf
<IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 3600 DOSLogDir "/var/log/mod_evasive" DOSWhitelist 127.0.0.1 </IfModule>
/usr/local/apache/bin/apachectl configtest Syntax OK
/usr/local/apache/bin/apachectl -M | grep evasive
echo "/usr/local/apache/bin/apxs -i -a -c /usr/local/src/mod_evasive/mod_evasive24.c" >> /scripts/after_apache_make_install chmod +x /scripts/after_apache_make_install
You're all set!