BuycPanel Blog

BuycPanel Blog

Latest news and updates

How to Block attacks with Easy Apache 4’s mod_evasive

Posted by Allura on 07 06 2018.

A Brief Overview of the Easy Apache 4’s mod_evasive

Easy Apache 4 was released on the 7th day of November 2017. The new mod_evasive Apache Module can be installed in Easy Apache 4 interface.

What is mod_evasive?

The new mod_evasive Module helps and supports the server against DoS,DDoS and brute force attacks. It acts as an detection tool and configure it to communicate with the firewalls and routers.

This Module works well for single server attacks only. When it is integrated with firewall, it can resist large attacks as well. For the best protection the module shall be integrated with firewall and routers. This module will only help to the limits of the bandwidth or server capacity for returning 403 errors.

Function of the Module-

  1. Make request to the same page more than a few times per second.
  2. Makes 50 concurrent request on the same child per second.
  3. Any request being made when temporarily blacklisted.

The module creates a cleanup mechanism and good scaling. For this, it rarely find a legitimate request, even if the user repeatedly clicks on reload.

How an Attack can be stopped?

In case of a DoS attack, the attacker can ask for an Uniform Resource Locator from the server as many times as they can in an attempt to cause the user with any trouble. Due to the high quantity of requests, the web server may become unresponsive.

In order to stop the attack, first install mod_evasive, in the server with the following commands;

yum install ea-apache24-mod_evasive
 

The default configuration which is being provided by cPanel and WHM shll block attacks without any configuration change. The server’s response will change to 403 forbidden. Therefore the mod_evasive, detected and blocked the attack, before the system processed the request.

The mod_evasive does not black list clients forever, eventhough it will block list the clients for a period of time to restrain them from any kind of attack. Adjust the DoS blocking period directive in mod_evasive configuration file to adjust how long to block those.

How to install mod_evasive?

WHM>>Home>>Software>>Easy Apache 4  or

By the following Command Line-

yum install ea-apache24-mod_evasive 

What are the requirements of mod_evasive?

This module has no requirements. However, the server must possess bandwidth and processing power sufficient to defend against a DoS attack.

What are the Usage of mod_evasive?

The  mod_evasive Apache module to help to protect your server against DoS, DDoS, and brute force attacks.

Conclusion-

This Article deals with the process by which mod_evasive Block Attacks to its Server by different systems and fuctions.