Recently we’ve been converting an ISP’s servers from Debian Linux to Ubuntu Server. Ubuntu is heavily based on Debian so most things are the same. The most limiting factor so far has been that Ubuntu’s Main software package repository contains far fewer packages than Debian.
One Apache module we like to use on production servers is mod_evasive, a simple denial of service detection tool that helps prevent miscreants from hammering a server to death with requests. It won’t stop a determined attacker who has a few hundred bots under his control from flooding you offline, but mod_evasive is useful additional layer of defense for a production web server.
If you enable Ubuntu’s “universe” repository you can access almost the same number of packages as provided by Debian. However, those packages are not supported, meaning timely security fixes may not be released and they may break the ability to perform a seamless upgrade to subsequent releases of Ubuntu. A package for mod_evasive is available in Universe, but it’s only for Apache 1.3.x. The supported version of Apache in Ubuntu 6.06 is 2.0.55 (there goes our dream of being able to avoid compiling things from source).
All the support libraries and utilities needed to compile Apache modules from source are available in Main, so it’s possible to download mod_evasive and install it yourself for Apache 2. Here’s how:
To compile any Apache module in Ubuntu, install the development package that corresponds to the Apache Multi-processing Module (MPM) you are using. Apache 2 gives you a choice of MPMs but if the server is running PHP5, Apache will be using the default “Prefork MPM”. For that MPM, install package apache2-prefork-dev:
apt-get install apache2-prefork-dev
Download the mod_evasive source tarball and unpack into a temporary directory. To allow sending of email alerts when activity is blocked, edit the file mod_evasive20.c to change the #define MAILER to “/usr/bin/mail %s”.
Compile and install the module with the following command:
/usr/bin/apxs2 -i -c mod_evasive20.c
Normally the module would be enabled by added a LoadModule directive to file httpd.conf. However on Ubuntu the directive is specified in a file located in /etc/apache2/mods-available. Create a file named “evasive.load” in that directory containing the following:
LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
Directives controlling the behavior of mod_evasive should be specified in a file created in directory /etc/apache2/conf.d. Create a file named “evasive” in that directory and add the mod_evasive directives you want for your server. For example:
<ifmodule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSEmailNotify you@example.com
</ifmodule>
Finally, enable the module and restart Apache:
en2mod evasive
/etc/init.d/apache2 force-reload
Some Linux distributions make it very difficult to add your own customizations such as Apache modules. Ubuntu (and of course Debian) make it fairly straightforward.
ref : http://advosys.ca/viewpoints/2006/08/installing-mod_evasive-in-ubuntu/
< blockquote >< a href=”http://cheaptabletsonline.com/”>CheapTabletsOnline.Com. Canadian Health&Care.Best quality drugs.Special Internet Prices.No prescription online pharmacy. High quality pills. Buy pills online< /a >…
Buy:Advair.SleepWell.Female Cialis.Nymphomax.Female Pink Viagra.Zetia.Lipothin.Lasix.Prozac.Amoxicillin.Buspar.Cozaar.Wellbutrin SR.Benicar.Lipitor.Acomplia.Zocor.Seroquel.Ventolin.Aricept….
1 | CALVIN September 6th, 2010 at 2:22 am< blockquote >< a href=”http://cheaptabletsonline.com/”>CheapTabletsOnline.Com. Canadian Health&Care.Special Internet Prices.Best quality drugs.No prescription online pharmacy. Online Pharmacy. Buy pills online< /a >…
Buy:Mega Hoodia.Prednisolone.Synthroid.Valtrex.Human Growth Hormone.Actos.Lumigan.Zyban.100% Pure Okinawan Coral Calcium.Retin-A.Nexium.Arimidex.Accutane.Zovirax.Prevacid.Petcam (Metacam) Oral Suspension….
2 | FREDDIE September 6th, 2010 at 10:41 pm