Linux Harbour

DDoS (Distributed Denial of Service) attack is a nightmare of system admins. It makes your internet services or systems are out of service at the end by producing a lot of service requests.

Apache module mod_evasive

mod_evasive is a good Apache module to provide some protection to Apache servers from DDoS attacks. It becomes a package in main section of Debian repos from Lenny.

Installation of mod_evasive on Lenny

To install mod_evasive for Apache 2 on Debian Lenny, simply run aptitude install as following.

# aptitude install libapache2-mod-evasive

During package installation, Apache service will be restarted on your system, and mod_evasive is already enabled.

You may add additional parameters for mod_evasive, edit /etc/apache2/mods-available/mod-evasive.load file, and add the following lines.

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 600
</IfModule>
 

Apache web server is a long-time leader in web server market share. According netcraft survey in January 2009, its market share is slightly increasing by 1% last month in current global financial problem.