The goal of this lab is to configure the `mod_evasive` module for the Apache Web Server. First, we install and load `mod_evasive`. Its installation includes a default configuration file with values we can modify. One thing to configure is how many times a person can reload our site until they are denied. The conditions of the lab include the following.
* firewalld is already running.
* SSH is port 61613 which we need to connect to the server.
* Apache is running on port 80.
* Port 80 is already open.
* SELinux is in enforcing mode.
* The front end and back end are both up and running.
* The back end is running on port 65535.
Successfully complete this lab by achieving the following learning objectives:
- Install `mod_evasive`
sudo yum install mod_evasive
- Inform Apache of the New Module
sudo vim /etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/`` and make sure we have the configuration file formod_evasive` and that it has a LoadModule directive.
- Reduce `DOSSiteCount`
sudo vim /etc/httpd/conf.d/mod_evasive.conf
Change the value of
DOSSiteCountfrom 50 to 30.
Save and close
ESC :wq ENTER
- Test the Configuration
Open your browser and navigate to http://Server_IP/index.html.
Refresh the site often in quick succession and confirm the block.