DirectAdmin is a commercial host management panel commonly used by foreign hosts. By default, it uses the Apache engine, which is simple to use and has comprehensive functions. We can also optimize its performance by adding some modules. Zhao Rong shared the addition of Mod_cache module last month( Antecedent review )Today, let's look at another module: mod_evasive 。
mod_evasive It is the anti DDoS attack module of Apache. When a new access arrives, check whether the customer's IP address is in the blacklist, and HASH the IP address with the request URL; Look up the HASH table to see whether the same page has been requested consecutively in the past 1 second, and HASH the IP and request URL together; Look up the HASH table to see whether more than XX connections have been requested in the past one second; If any one is met, 403 is returned and the IP is blocked for a certain time, which is determined by the DOSSiteInterval. Next, let's see how to install and configure mod_evasive.
********☆☆☆ Installation ☆☆☆********
Log in to the server with root account SSH, and run the following commands in sequence.
wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz #Download source code
Tar zxvf mod_evasive_1.10.1. tar. gz # Unzip
Cd mod_evasive # Enter directory
/Usr/sbin/apxs - i - a - c mod_evasive20. c # Install (note that our DA panel Apache version is 2. *)
OK. After the above, mod_evasive has been correctly installed.
********☆☆☆ Configuration ☆☆☆********
At this time, the mod_evasive module has been correctly installed and automatically added to httpd.conf. We can check the file/etc/httpd/conf/httpd.conf and see the following line:
LoadModule evasive20_module /usr/lib/httpd/modules/mod_evasive20.so
Next, we configure mod_evasive.
Edit the httpd-evasive.conf file and add rules. SSH operation:
vim /etc/httpd/conf/extra/httpd-evasive.conf
Add the following:
<IfModule mod_evasive20.c>
DOSHAshTableSize 3097 # Define the hash table size.
DOSSiteCount 50 # Maximum concurrent connections allowed for clients.
DOSPageCount 2 # The interval at which clients are allowed to access the same page.
DOSPageInterval 1 # Web page access counter interval.
DOSSiteInterval 1 # Access counter interval of the whole station.
DOSBlockingPeriod 3600 # Access denied time after blacklisting.
DOSEmailNotify # Notify the administrator after an IP is added to the blacklist.
DOSSystemCommand "sudo iptables - A INPUT - s% s - j DROP" # The system command executed after IP is blacklisted.
DOSLogDir "/tmp" # Lock mechanism temporary directory.
DOSWhiteList 127.0.0.1 # Prevent whitelist and do not block whitelist IP addresses.
</IfModule>
Then, save the rule and exit.
Finally, restart httpd.
Service httpd restart # or/etc/init.d/httpd restart
Now, our Apache has added the mod_evasive module.
There is a test script test.pl in the mod_evasive package. You can modify it to test whether it is valid.
Perl test.pl # Test
The above parameters are for reference only. The mod_evasive module also has some advanced functions, which are expected to be discussed. This article takes the DirectAdmin panel as an example. If Apache engine is used in other environments, this module can also be installed.
Statement: Blogs are only for sharing information and are not recommendations. Websites do not participate in transactions and are not intermediaries. The content only represents personal views and is not authoritative. Readers should consider it and take their own risks! Every penny and every commodity is still the eternal truth. Juvenile readers (including physical and psychological) should visit this website with their guardians! This article is written by( Zhao Rong )Original compilation, reprint, please keep the link: DirectAdmin adds mod_evasive module to optimize Apache performance The code is not easy, please do not copy or paste! About using: This website mainly shares server and VPS information, and does not provide any product sales or purchase. All visitors please purchase and use products within the scope of national laws and regulations. QQ group discussion: 683851361 About safety: Any IDC has the possibility of going bankrupt and running away. The host line is even more uncontrollable. Monthly payment and backup are your best choices. Please keep good and regular backup habits