User Tools

Site Tools


Very Hard
Very Hard

How to install mod_evasive on cPanel Servers

mod_evasive is an Apache module by Jonathan Zdziarski to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.

EasyApache 4 Install Insturctions

With the advent of EA4 mod_evasive has become very easy to install. Simply login to your server with a root SSH connection and issue the following command.

  yum install ea-apache24-mod_evasive

That's it, by default the cPanel configuration will begin to block most attacks without any additional changes.

To install this via the EA4 WHM interface, simply login to WHM on your server as root and navigate to.

  WHM >> Home >> Software >> EasyApache 4

And select mod_evasive within the "Apache Modules" selection of the interface.

Follow the prompts to complete the install.

EasyApache 3 Install Instructions

EasyApache3 will receive no further development – it is 1)End of Life (EOL) as of December 31, 2018.

If you need any assistance in upgrading from EasyApache3 on your KnownHost server to EasyApache4, please open a ticket with our Support department – we'll be happy to help!

This article is using version 1.10.1 (stable). You can grab the latest from 2)Zdziarski.

  1. Login to your server as the root user via SSH terminal.
  2. Let's navigate to the default 'source' directory and download the latest module for Apache to compile against.
    •   cd /usr/local/src/
        curl -Ls > 
  3. Extract the newly downloaded archive and move into it's directory.
    •   tar xf mod_evasive.tar.gz
        cd /usr/local/src/mod_evasive
  4. Perform the following command to build the module from it's source:
    •   /usr/local/apache/bin/apxs -i -a -c mod_evasive24.c
    • Once completed successfully, you should see a few lines of output, ending with:
    •   [activating module `evasive20' in /usr/local/apache/conf/httpd.conf]
  5. We also need to tell Apache where to look for mod_evasive's configurations. Open Apache's configuration file and look for 'LoadModule evasive*', right below it add:
    •   Include "/usr/local/apache/conf/includes/mod_evasive.conf"
  6. That created an entry in the Apache configuration, however cPanel's EasyApache will remove it on any rebuild/upgrade unless we distill it.
    •   /usr/local/cpanel/bin/apache_conf_distiller --update
    • You'll receive 'Distilled successfully' as long as all syntax is correct.
  7. Now that we know it won't be removed from the main configuration, we can add our mod_evasive.conf.
    •   touch /usr/local/apache/conf/includes/mod_evasive.conf
        nano mod_evasive.conf
    • When nano opens, add the following (or your custom configuration) to the file:
    •   <IfModule mod_evasive20.c>
          DOSHashTableSize    3097
          DOSPageCount        2
          DOSSiteCount        50
          DOSPageInterval     1
          DOSSiteInterval     1
          DOSBlockingPeriod   3600
          DOSLogDir           "/var/log/mod_evasive"
  8. Let's make the directory for logs.
    •   touch /var/log/mod_evasive
  9. Test the configuration syntax to make sure everything is correct.
    •   /usr/local/apache/bin/apachectl configtest
        Syntax OK
  10. Restart Apache.
    •   /scripts/restartsrv_httpd
  11. Check to make sure the evasive module is running.
    •   /usr/local/apache/bin/apachectl -M | grep evasive
  12. To ensure EasyApache rebuilds mod_evasive with upgrades of Apache, rebuilds, etc. perform the following:
    •   echo "/usr/local/apache/bin/apxs -i -a -c /usr/local/src/mod_evasive/mod_evasive24.c" >> /scripts/after_apache_make_install
        chmod +x /scripts/after_apache_make_install

You're all set!

control-panels/cpanel-whm/how-to-install-mod_evasive-on-cpanel-servers.txt · Last modified: 2020/06/15 10:15 by Karson N.