Wiki

User Tools

Site Tools

Trace: rule_categories file chrome
ubuntu:ddos

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
ubuntu:ddos [2019/11/24 12:49] – created peterubuntu:ddos [2020/07/15 09:30] (current) – external edit 127.0.0.1
Line 2: Line 2:
  
 Mitigate from DDoS with mod_security and mod_evasive Mitigate from DDoS with mod_security and mod_evasive
 +
 +----
  
 ===== Install Mod Security Apache Module ===== ===== Install Mod Security Apache Module =====
  
-Install Mod Security+===== Install Mod Security ===== 
 + 
 +<code bash>
 yum install mod_security yum install mod_security
-Download latest OWASP ruleset from the site below. +</code> 
-http://spiderlabs.github.io/owasp-modsecurity-crs/+ 
 +---- 
 + 
 +===== Download latest OWASP ruleset ===== 
 +  
 +From the site http://spiderlabs.github.io/owasp-modsecurity-crs/ 
 + 
 +<code bash>
 tar xfz SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb.tar.gz tar xfz SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb.tar.gz
-Remove the one that was installed by the binary mod_security package.+</code> 
 + 
 +---- 
 + 
 +===== Remove the one that was installed by the binary mod_security package. ===== 
 + 
 +<code bash>
 rm -rf /etc/httpd/modsecurity.d rm -rf /etc/httpd/modsecurity.d
 mv SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb /etc/httpd/modsecurity.d mv SpiderLabs-owasp-modsecurity-crs-2.2.8-0-g0f07cbb /etc/httpd/modsecurity.d
-# Edit the /etc/httpd/conf.d/mod_security.conf+</code>
  
 +----
 +
 +===== Edit the /etc/httpd/conf.d/mod_security.conf =====
 +
 +
 +----
  
 ===== Install mod_evasive Apache Module ===== ===== Install mod_evasive Apache Module =====
  
-# We are going to build mod_evasive binary from the source.+Build mod_evasive binary from the source. 
 + 
 +<code bash>
 yum install gcc make libxml2 libxml2-devel httpd-devel pcre-devel curl-devel yum install gcc make libxml2 libxml2-devel httpd-devel pcre-devel curl-devel
 +</code>
 +
 +Install mod_evasive.
  
-# Install mod_evasive.+<code bash>
 cd /usr/src cd /usr/src
 wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
 tar xzf mod_evasive_1.10.1.tar.gz tar xzf mod_evasive_1.10.1.tar.gz
 cd mod_evasive cd mod_evasive
 +</code>
  
-Now, you need to find where apxs is installed.+Now, you need to find where apxs is installed. 
 + 
 +<code bash>
 rpm -ql httpd-devel |grep apxs rpm -ql httpd-devel |grep apxs
 # /usr/sbin/apxs  // Output from the command above # /usr/sbin/apxs  // Output from the command above
 /usr/sbin/apxs -cia mod_evasive20.c /usr/sbin/apxs -cia mod_evasive20.c
-#Libraries have been installed in: +</code> 
-  /usr/lib64/httpd/modules + 
-Add the following block in the /etc/httpd/conf/httpd.conf+Libraries have been installed in: 
 +   /usr/lib64/httpd/modules 
 + 
 +Add the following block in the /etc/httpd/conf/httpd.conf 
 + 
 +<file bash /etc/httpd/conf/httpd.conf>
 # mod_evasive # mod_evasive
 <IfModule mod_evasive20.c> <IfModule mod_evasive20.c>
Line 45: Line 81:
 #DOSEmailNotify notify@mydomain.com #DOSEmailNotify notify@mydomain.com
 </IfModule> </IfModule>
 +</file>
  
-# Restart Apache +----
-service httpd restart+
  
 +===== Restart Apache =====
  
 +<code bash>
 +service httpd restart
 +</code>
  
 +----
  
 ===== References ===== ===== References =====
ubuntu/ddos.1574599768.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki