The Sysadmin’s Daily Grind: Mod_evasive


Article from Issue 62/2006

The Apache web server can fight back against DoS attacks. You just need a little help from Mod_evasive.

Every admin knows and hates Denial-of-Service attacks. No matter whether the perpetrator is plain stupid, malevolent, or sick, a massive barrage of incessant requests directed at the server causes the server to freeze and pushes the admin’s adrenalin levels way up. Web servers are most commonly attacked. AEMM gives Apache a self-defense mechanism. The package name “Apache Evasive Maneuvers Module” is too long for many people’s liking, and most admins simply refer to it as Mod_evasive [1] – although this is actually just the name of the AEMM Apache module. Under the hood, Mod_evasive uses a blacklist. The module checks incoming requests against the list to find out if multiple requests of the same type have been received from the same IP in the last few seconds. The threshold values are configurable. At the same time, Mod_evasive checks if the requester has called more than 50 objects in the last second.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

comments powered by Disqus

Direct Download

Read full article as PDF:

Charly_Column.pdf (117.03 kB)


njobs Europe
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia