What is evasive module ?

mod_evasive is an Apache module which provide DDoS attack or brute force attack protection. It is also designed to for detection and network management and can be easily configured to talk to firewalls, routers and iptables security.It send mail for abuses and also have ability to add iptables entry and drop the packets for an ip.

If you have CSF firewall in your WHM/Cpanel then that firewall also have functionality for brute force protection but this tool is basically for web based brute force attackers so it makes higher security to your server as well.

Steps to install mod_evasive on WHM/Cpanel and configure it with apache

1. Download mod evasive source code in your server

2. Extract source directory

3. Compile the source using apache and build it

Above step will compile module with apache and make an entry in your apache configuration. Once it will complete you will get a message like –

4. Your module has been added but it’s not configured yet so need to configure also. Include configuration file in your main apache configuration. This below configuration should be below of your loaded module line.

5. Now you have to distill your apache configuration so this configuration will not remove with your next rebuild/upgrade.

6. Now you need to create a configuration file which you have defined in apache conf

Write below code in this file-

7. Create blank log file which you define in above code

8. Till now all configuration completed now you need to just confirm if you had configured right and then you can restart service.

9. Restart Apache service

10. Now you can check that if your module has been loaded with apache.

11. Now the last step is to make sure that your next rebuild or upgrade will configure this module as well.

All Done!

Now you can check the logs and also can configure configuration file for email so can get mail when any attacker try to attack on your web server.

To know about other Apache Modules please click here