×
Community Blog How to Prevent DDoS Attacks with ModEvasive for Apache Web Server

How to Prevent DDoS Attacks with ModEvasive for Apache Web Server

In this article, you will get some information on how to prevent DDoS and brute-force attacks for your Apache web server on Ubuntu 16.04.

One of the most common methods of securing your Apache web server hosted on Alibaba Cloud is installing ModEvasive. This is a highly intelligent Apache module that provides evasive actions against Distributed Denial of Service(DDoS) and Brute Force attacks.

If a DDoS attack targets your web server, it can be very stressful. The attack simply overwhelms your server with a lot of traffic from multiple sources. During the DDoS session, regular users cannot access your website or web application and this can mean loss of sales or even lead to a complete shutdown of your business.

In this guide, we will show you how to prevent your Apache web server hosted on Alibaba Cloud Elastic Compute Service (ECS) from DDoS and brute-force attacks.

ModEvasive is available on the Ubuntu software repository. So we can install it using the apt-get utility. This is the default package management command line program that handles installations, removals and upgrades of new software on Ubuntu.

Run the command below to install ModEvasive

$ sudo apt-get install libapache2-modsecurity

In a Linux system, configuration files are mostly found on the /etc directory and this is not an exception with ModEvasive. Its configuration file is located at /etc/apache2/mods-enabled/evasive.conf.

Use nano text editor to open the file. We need to make some few changes:

$ sudo nano /etc/apache2/mods-enabled/evasive.conf

By default the entries of this file are commented with a pound-sign. We need to uncomment all those lines by removing the '#' sign. Then, enter the email address where you want to receive emails when ModEvasive intercepts an attack targeted to your web server.

You will enter the email address next to DOSEmailNotify (e.g. james@example.com) directive:

At the end, your complete file should be as follows:

<IfModule mod_evasive20.c>
    DOSHashTableSize    3097
    DOSPageCount        2
    DOSSiteCount        50
    DOSPageInterval     1
    DOSSiteInterval     1
    DOSBlockingPeriod   10
    DOSEmailNotify      john@example.com
    #DOSSystemCommand    "su - someuser -c '/sbin/... %s ...'"
    DOSLogDir           "/var/log/mod_evasive"
</IfModule>

Press CTRL+X, Y and Enter to save the file.

Related Blog Posts

How to Secure Apache Web Server with ModEvasive on Ubuntu 16.04

In this guide, we will show you how to safeguard your Apache web server hosted on Alibaba Cloud against DDoS and brute-force attacks.

According to a July 2018 research published by w3techs, Apache has a market share of around 45.9%. That being said, Apache web server is targeted by most hackers. The software is secure out-of-the-box but you can still harden it with some additional modules.

If a DDoS attack targets your web server, it can be very stressful. The attack simply overwhelms your server with a lot of traffic from multiple sources. During the DDoS session, regular users cannot access your website or web application and this can mean loss of sales or even lead to a complete shutdown of your business.

DDoS Attacks Analysis and Prevention

In this article, you will get some information on some ddos attacks analysis and how to protect your server from ddos attacks.

  1. the best practices for provisioning your Ubuntu 16.04 server hosted on an Alibaba Cloud Elastic Compute Service (ECS) instance
  2. the importance of IoT device security by looking at CERT's interpretation of the infamous 2016 DDoS attack
  3. the analysis of scanning and intrusion script for DockerKiller Threat

Related Documentation

Add website to Anti-DDoS Premium for protection

After purchasing an Anti-DDoS Premium instance, you can add your website domain to the instance for DDoS protection.

DDoS defense police settings for non-website service

This topic describes the DDoS defense policies provided by Anti-DDoS Pro for the non-web service. You can refer this topic to optimize your non-web service’s anti-DDoS protection settings.

The DDoS defense policies for the non-web service in Anti-DDoS Pro is based on the IP and port protection. You can set the speed limit of connections and the length limit of packets for your IPs and ports of the non-web services that are protected by Anti-DDoS Pro, to relieve small-traffic connectivity attacks.

Related Products

Anti-DDoS Pro

Anti-DDoS Pro is a value-added service used to protect servers, including external servers hosted in Mainland China, against volumetric DDoS attacks. You can redirect attack traffic to Anti-DDoS Pro to ensure the stability and availability of origin sites.

Anti-DDoS Premium

Alibaba Cloud Anti-DDoS Premium is a value-added DDoS protection service. This service is used to protect servers against volumetric DDoS attacks and ensure the availability of business. By modifiying DNS records to redirect malicious traffic through Anti-DDoS Premium’s dedicated IP address, Anti-DDoS Premium, protects your online presence.

0 0 0
Share on

Alibaba Clouder

1,219 posts | 198 followers

You may also like

Comments