Got feedback or spotted a mistake?

Leave a comment at the end of this page or email contact@krishagni.com

How to prevent the DoS attack?

What is a DoS attack?

In this attack, an enormous number of requests are sent to web-server in which case the server is unable to handle. The system eventually stops. During this attack, intended customers, employees cannot access the server. This can mean a loss of sales (for e-commerce sites) or even lead to a complete shutdown of your business.

This attack does not result in theft or loss of information, but it can cost a victim a lot of time and money to handle.

How to Prevent from DoS attack?

The mod_evasive module from the Apache web services modules helps your server stay running in such DoS or Brut force attack.

How does the mod_evasive module work?

This utility works by monitoring incoming server requests. Also, it watches suspicious requests like:

  • Multiple requests for the same page in one second.

  • More than 50-100 simultaneous requests per second

  • If the request is made while IP is temporarily blacklisted.

The module sends a 400 (Bad Request) error if any of these things happen. By default, this also includes a 10-second waiting period on the blacklist. If the IP address making the request tries to request again in that 10-second window, the waitlist is extended.

Steps to Installing mod_evasive Apache Utility

Step 1: Install mod_evasive

Ubuntu: sudo apt-get install libapache2-mod-evasive

CentOS / RedHat: sudo yum install mod_evasive

Step 2: Configure mod_evasive Options.

Open the configuration file.

Ubuntu: sudo vi /etc/apache2/mods-enabled/evasive.conf

CentOS / RedHat: sudo vi /etc/httpd/conf.d/mod_evasive.conf

Remove the com