mod_evasive

mod_evasive - anti DDOS, flood attack.

install

configure

/etc/apache2/conf.d/modevasive:

<ifmodule mod_evasive20.c>
    DOSHashTableSize 3097
    DOSPageCount 2
    DOSSiteCount 50
    DOSPageInterval 1
    DOSSiteInterval 1
    DOSBlockingPeriod 60
    DOSLogDir /var/log/mod_evasive
    DOSEmailNotify webmaster@localhost
    DOSWhitelist 127.0.0.1
    DOSWhitelist 192.168.*.*
</ifmodule>

mod_security

mod_security - open source web application firewall.

install

install rules

configure

enable engine /etc/modsecurity/modsecurity.conf:

SecRuleEngine On

/etc/apache2/conf.d/modsecurity:

<ifmodule mod_security2.c>
    Include mod_security_rules/*.conf
    SecWriteStateLimit 100
</ifmodule>

enable apache modules

testing

slowhttptest