How to Use mod_security and mod_evasive Modules to Secure and Prevent DoS , DDoS and Brute Force attacks in Apache Webserver

Statement : Use mod_security and mod_evasive Modules to Secure Apache
Environment : Apache webserver  


-          Mod_security :
§  It will act as Firewall for web application and allow to monitor the traffic on real time basis
§  It also protects the website or web server from brute force attacks
§  Install the Mod_security directive
-          Install mod_security on Ubuntu/Debian
o   $ sudo apt-get install libapache2-modsecurity
o   $ sudo a2enmod mod-security
o   $ sudo /etc/init.d/apache2 force-reload

-          Install mod_security on RHEL/CentOS/Fedora/
o   # yum install mod_security
o   # /etc/init.d/httpd restart
-          Mod_evasive
§  It handle the DoS
§  it handles the DDoS atatcks
§  It handles the Brute force attacks
§  This module detects three atatcks
o   If Multiple requests comes to a same page in a few times per second.
o   If child process creates more than 50 concurrent requests.
o   If temporarily blacklisted IP is trying to make new requests

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)