Quản trị net diễn đàn chia sẻ thông tin các thủ thuật mạng, internet bảo mật thông tin dành cho giới IT VIệt hy vọng là nơi bổ ích cho cộng đồng

Quản trị net diễn đàn chia sẻ thông tin các thủ thuật mạng, internet bảo mật thông tin dành cho giới IT VIệt hy vọng là nơi bổ ích cho cộng đồng (http://quantrinet.com/forum/index.php)
-   Security+ (http://quantrinet.com/forum/forumdisplay.php?f=111)
-   -   mod dosevasive Apache Module How-To (http://quantrinet.com/forum/showthread.php?t=2957)

hoctinhoc 12-07-2009 10:24 PM
mod dosevasive Apache Module How-To
 
mod dosevasive Apache Module How-To

Author: Wojjie

1.Download the newest version of the module from: http://www.nuclearelephant.com/projects/dosevasive/

2.Extract the module.

Ie. (replace the 1.9 with the version you downloaded) tar -xzvf mod_dosevasive.1.9.tar.gz
3.Change directories so you are inside the mod_dosevasive directory. cd mod_dosevasive
4.If you are running Apache v1.3, you run: [path to apache]/bin/apxs -i -a -c mod_dosevasive.c

Ie. /usr/local/apache/bin/apxs -i -a -c mod_dosevasive.c
If you are running Apache v2.0, you run: [path to apache]/bin/apxs -i -a -c mod_dosevasive20.c

Ie. /usr/local/apache/bin/apxs -i -a -c mod_dosevasive20.c
5.Restart apache.

Ie./etc/init.d/httpd restart

Configuration:
This section is intend for people that want to tweak some of the default settings to their own. You are not required to do this.
First you have to add the following section to your httpd.conf
(Ie. /etc/httpd/conf/httpd.conf):
For Apache v1.3:
<IfModule mod_dosevasive.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10</IfModule>For Apache v2.0:
<IfModule mod_dosevasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10</IfModule>The above are the default options that are setup (even if you do not have this section in your httpd.conf).



The following is a description of all the settings/variables:

Variable/Option:Description:
DOSHashTableSize
Size of the hash table. The greater this setting, the more memory is required for the look up table, but also the faster the look ups are processed. This option will automatically round up to the nearest prime number.

DOSPage
CountNumber of requests for the same page within the 'DOSPageInterval' interval that will get an IP address added to the blocking list.
DOSSiteCount
Same as 'DOSPageCount', but corresponds to the number of requests for a given site, and uses the 'DOSSiteInterval' interval. DOSPageIntervalInterval for the 'DOSPageCount' threshold in second intervals. DOSSiteIntervalInterval for the 'DOSSiteCount' threshold in second intervals. DOSBlockingPeriodBlocking period in seconds if any of the thresholds are met. The user will recieve a 403 (Forbidden) when blocked, and the timer will be reset each time the site gets hit when the user is still blocked.


Bây giờ là 05:54 PM. Giờ GMT +7

Diễn đàn tin học QuantriNet
quantrinet.com | quantrimang.co.cc
Founded by Trương Văn Phương | Developed by QuantriNet's members.
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.