Moderator's Note:
This thread has been closed, and replaced with a new thread for mod-evasive, found here.
1 . Download the file MOD_DOSEVASIVE Stable [ Version 1.8 ] first - http://www.nuclearelephant.com/projects/dosevasive/mod_dosevasive.1.8.tar.gz
2 . extract and copy the file to /usr/local/directadmin/customapache/src/modules/dosevasive/mod_dosevasive.c
3) backup your current httpd.conf file
4) Run ./configure --add-module=src/modules/dosevasive/mod_dosevasive.c
5. make, install
6 . Restart Apache
7 . edit your httpd.conf file and add
<IfModule mod_security.c>
SecFilterEngine On
SecFilterDefaultAction "deny,log,status:403"
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 1 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit_log
SecFilterDebugLevel 0
SecFilterDebugLog logs/modsec_debug_log
SecFilterSelective REQUEST_METHOD "!^GET$" chain
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecUploadDir /tmp
SecUploadKeepFiles Off
SecFilter "\.\./"
SecFilter /etc/password
SecFilter /etc/group
SecFilter /etc/shadow
SecFilter /bin/ls
SecFilter "delete[:space:]+from"
SecFilter "insert[:space:]+into"
SecFilter "update[:space:]+set"
SecFilter "select.+from"
SecFilterSelective OUTPUT "Fatal error:" deny,status:500
</IfModule>
Does any one has any opinion on it ?
It is my first time to write installing Guide , hope it can help those of you
This thread has been closed, and replaced with a new thread for mod-evasive, found here.
1 . Download the file MOD_DOSEVASIVE Stable [ Version 1.8 ] first - http://www.nuclearelephant.com/projects/dosevasive/mod_dosevasive.1.8.tar.gz
2 . extract and copy the file to /usr/local/directadmin/customapache/src/modules/dosevasive/mod_dosevasive.c
3) backup your current httpd.conf file
4) Run ./configure --add-module=src/modules/dosevasive/mod_dosevasive.c
5. make, install
6 . Restart Apache
7 . edit your httpd.conf file and add
<IfModule mod_security.c>
SecFilterEngine On
SecFilterDefaultAction "deny,log,status:403"
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 1 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit_log
SecFilterDebugLevel 0
SecFilterDebugLog logs/modsec_debug_log
SecFilterSelective REQUEST_METHOD "!^GET$" chain
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecUploadDir /tmp
SecUploadKeepFiles Off
SecFilter "\.\./"
SecFilter /etc/password
SecFilter /etc/group
SecFilter /etc/shadow
SecFilter /bin/ls
SecFilter "delete[:space:]+from"
SecFilter "insert[:space:]+into"
SecFilter "update[:space:]+set"
SecFilter "select.+from"
SecFilterSelective OUTPUT "Fatal error:" deny,status:500
</IfModule>
Does any one has any opinion on it ?
It is my first time to write installing Guide , hope it can help those of you
Last edited: