Mod_evasive Apache 2.2
The mod_evasive Apache module, formerly known as mod_dosevasive, helps protect against DoS, DDoS (Distributed Denial of Service), and brute force attacks on the. Is there any proper documentation for mod-evasive? Apache mod_evasive doesn't load. Amazon Linux LAMP with php 5.5. Apache Memory Corruption in Strace.
Is an Apache module for preventing DoS attacks. Essentially, you set some limits for how many times an IP address can make requests to your site over a given interval.
It's useful in a variety of contexts, but not well documented. Installation Set up is straight forward (instructions for Apache 2). As root: wget tar xzf modevasive1.10.1.tar.gz cd modevasive apxs -cia modevasive20.c Great! The module's been installed.
Now it's time to set up your limits. Configuration It turns out there's a few of different options, and the documentation isn't completely clear on how they work. Here's the default settings for modevasive: DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 60 What is DOSHashTableSize, and why does it have such a weird number? What's the difference between DOSPageCount and DOSSiteCount? The internet was surprisingly unforthcoming on the subject. A quick overview:.
DOSHashTableSize is related to how modevasive keeps track of who's accessing what. The larger the number, the quicker the look-up when checking what the visitor's visited in the past, but at the expense of consuming more memory. This number is expected to be a prime number, and will be tiered to the nearest prime number. DOSPageCount is how many identical requests to a specific URI (think 'example.org/about.html' or 'example.org/cat.jpg') a visitor can make over the DOSPageInterval interval (typically a second). DOSSiteCount is similar to DOSPageCount, but relates to how many requests overall a visitor can make to your site over the DOSSiteInterval interval (typically also a second).
If a visitor exceeds these limits, they are blacklisted for a set amount of time ( DOSBlockingPeriod). During this time, any requests they make will return a 403 Forbidden error. Because it's hard to predict what settings will suit your site best, you'll want to keep an eye on how your site performs while running modevasive. You can set up email notifications with DOSEmailNotify (sends via mail) to get alerted every time someone gets blacklisted. Watch your server logs for an excess of 403 Forbidden responses – if you're getting too many, you might be blocking legitimate visitors. Putting it all together, here's an example configuration (add to the bottom of your httpd.conf file): # Rate limiting # Learn more at # The hash table size defines the number of top-level nodes for each child's # hash table. Increasing this number will provide faster performance by # decreasing the number of iterations required to get to the record, but # consume more memory for table space.
You should increase this if you have # a busy web server. The value you specify will automatically be tiered up # to the next prime number in the primes list (see modevasive.c for a list # of primes used). DOSHashTableSize 3097 # If set, this email address will receive a notification whenever an IP # address becomes blacklisted. A locking mechanism prevents continous # emails from being sent.
DOSEmailNotify admin@example.org # NOTE: The following settings apply on a per-IP address basis. # Allow up to 2 requests for the same URI per second: DOSPageInterval 1 DOSPageCount 2 # Allow up to 50 requests across the site per second: DOSSiteInterval 1 DOSSiteCount 50 # Once the client is blacklisted, prevent them from accessing the site # for 60 seconds: DOSBlockingPeriod 60 Make sure apachectl configtest passes ('Syntax OK') and restart Apache: apachectl graceful.
Chroma key live skype and google hangouts. A rundown on how to use chroma key software for live streaming, covering this in detail for five popular encoding programs. It strictly displays on the computer screen for on-set preview. You can do much better chroma keys in post-production software! BUT: Since Chroma Key Live now acts as. Easy Chroma-Keyer is a live video keyer solution of Easy. User interface of the software is very easy and its quality is. Easy Chroma Key Preview. Oct 31, 2014 I'm looking to get software (only) for live chroma key preview. (PC - not MAC) We will be shooting full HD (1920x1080) so Ultra won't work. (supports only DV).
Our website allows the public to query data. No data entry. They are supposed to use the.html screens to plug in their search parameters but it seems there is someone who may have a program performing multiple queries one right after the other so much that it makes it impossible for others to complete any queries. No one can access the database.
We are using Apache 2.2.4 on AIX 5L. I found a module that one could download into Apache called modevasive that limits how quickly a person can submit query requests. We figured we'd give it a try. I've followed the instructions and have the file ready for the 'apxs' portion of the instructions (I think this is the compile) however I continually receive a syntax error that I can't figure out. I'm not a 'C' programmer (I think this module is a C program) and have little experience with Apache so please speak slowly. Here a screen shot of the error I receive: ($APACHEROOT is set in my root's profile as /usr/local/Apache2.2.4) - - - # $APACHEROOT/bin/apxs -i -a -c /modevasive/modevasive20.c /usr/local/apache2.2.4/bui ld/libtool -silent -mode=compile cc -prefer-pic -U STR -DTHREADSAFE -DUSEIRS -DLARGEFILE64SOURCE -g -qHALT=E -I/usr/local /apache2.2.4/include -I/usr/local/apache2.2.4/i nclude -I/usr/local/apache2.2.
4/include -c -o /modevasive/modevasive20.lo /modevasive/modevasive20.c && touch /modevasive/modevasive20.slo '/modevasive/modevasive2 0.c', line 97.24: 1506-046 (S) Syntax error. Apxs:Error: Command failed with rc=65536.
Apache 2.2 Php
- - - - I looked inside the modevasive20.c file and line 97 appears this way: struct ntt.hitlist; // Our dynamic hash table I removed the '// Our dynamic hash table' text but then I receive multiple errors beginning with an invalid '/' on a line that contains no '/'. Am I looking at the wrong file? I emailed the guy at (where I got the modevasive download) but he hasn't answered. Does anyone have any ideas? I'm so confused.
From the error message, the '1506-046' indicates that this is an IBM error message as they all have standard numbers. Therefore the IBM 'cc' compiler is being used. The IBM 'cc' compiler needs a command line flag to support 'C' comments and this flag is probably not being used by the build process.
There are two possible solutions: 1) Install 'gcc' which the build process will know how to use. 2) Run 'export CFLAGS=-qcpluscmt'. This will export the correct flag which should be picked up by the build process. I'm still working on the prerequisites for the GCC. So far I've gotten in the GNU Make v3.81 and the GMP v4.2. I'm having a bear of a time getting the mpfr v2.2.1 to build.
Apache 2.2 Php Install
It runs for a while then errors with several messages of: ar: 0707-126 xxxxx.o is not valid with the current object file mode. Use the -X option to specify the desired object mode. Where 'xxxxxx' is many different objects. If you have any ideas how I can get past this, please do tell.
I can't find anything that is helpful. Or is this another EE question to post? I got gcc v4.1.2 from the website.
In the instructions, it has several prerequisites listed: ISO C90 compiler (see note about this below) GNU Make version GNU Multiple Precision Library MPFR Library Note about ISO C90: I didn't understand the notation about this in the MPFR build instructions at first. I was having to jump through hoops to build the GNU Make & GMP and didn't really understand that it was because I needed a binary version of gcc.
I downloaded gcc v3.3.2 (from ) and installed it through SMIT. After I did this, the build of GNU Make & GMP went much better. But now I keep getting stuck on the MPFR build errors mentioned in my previous post.
Currently I am chatting with a support person from MPFR about the errors. Regarding your suggestion on running the sed: Is that pertaining to the MPFR errors or getting the modevasive20.c to compile? I need step by step instructions on how to run the sed and with 'cc'. I'm stumbling through all of this. Thanks sjmee.:). Finally success.
I saw a forum on IBM Wikis that told me how to install the RPM version of GCC on my AIX 5.3L. I downloaded the 'source' from the link you suggested above ( ) but was struggling with doing the./configure, make, make install. A document at told me what I needed to do and it worked very well. Download the 'rpm' (not 'source') of GCC and LIBGCC v4. Apply it like so: rpm -Uvh gcc-4.rpm rpm -Uvh libgcc-4.rpm. make clean Apache and then reconfigure:./configure -prefix=/usr/local/apache 2.2.4 -enable-so make; make install.
Do the apxs for the new modevasive It went it perfectly. Thank you for your help and the links.