A quick solution for blocking dos attacks can be mod_evasive Installing mod_evasive on an apache2 web server:

# mkdir -p /root/tmp
# cd /root/tmp
# wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
# tar zxvf mod_evasive_1.10.1.tar.gz
# cd mod_evasive
# apxs -cia mod_evasive20.c

then, in /etc/httpd/conf/httpd.conf add the following lines and restart apache:

<IfModule mod_evasive20.c>
    DOSHashTableSize 3097
    DOSPageCount 5
    DOSSiteCount 20
    DOSPageInterval 1
    DOSSiteInterval 1
    DOSBlockingPeriod 10
</IfModule>

remember to modify DOS* directives to suit your needs.

Comments