View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000654 | Port Requests | Port Request | public | 2015-07-30 19:29 | 2020-08-24 03:07 |
Reporter | LewisR | Assigned To | psmedley | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Summary | 0000654: Consider building mod_evasive for Apache 2.2 and 2.4 | ||||
Description | mod_evasive is potentially useful in mitigating DoS attacks against Apache. | ||||
Additional Information | More information may be gleaned from the (apparent) source page: http://www.zdziarski.com/blog/?page_id=442 and here: http://www.tecmint.com/protect-apache-using-mod_security-and-mod_evasive-on-rhel-centos-fedora/ https://systembash.com/how-to-stop-an-apache-ddos-attack-with-mod_evasive/ https://github.com/KoHead/mod_evasive https://github.com/deasmi/mod_evasive https://github.com/skonb/evasive (some possibly interesting additions) https://github.com/shivaas/mod_evasive (fork for Apache 2.4) I'm primarily concerned with Apache 2.2, at this point, but I can see an upgrade to 2.4 in the coming months. | ||||
Tags | No tags attached. | ||||
|
Hi - the way I read the docs, mod_evasive works by updating the iptables rules - which won't help on OS/2 - http://xmodulo.com/harden-apache-web-server-mod_security-mod_evasive-centos.html It does seem though, that it can process a script to update a firewall - can injoy firewall rules be updated via a rexx script? |
|
I thought that iptables only comes into play if you want to add a permanent rule via DOSSystemCommand. Other than that, the rules are merely held in memory until the server is restarted. You seem to be reading the above differently than I, Paul. Anything in the sources, I wonder? I've asked Yuri to comment on updating InJoy rules via REXX, in the meantime. |
|
I only had a quick read - I'll see if I can have a crack at building it soon |
|
Built from http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz NOT tested by me - http://smedley.id.au/tmp/evasive.zip (for Apache 2.2) |
|
FWIW, Yuri says: [...] you can modify the blacklist configuration file and ask IJFW to refresh configuration. He couldn't see a way to do this via dll call or REXX. The blacklst.cnf is plain text, though. |
|
Thanks, Paul! I'll let you know what we get. |
|
Variables: Is mailer set to "/bin/mail -t %s" or...? If so, I'll just need to add a link or a script to redirect to sendmail. Is default DOSLogDir set to /tmp, and should it recognize paths relative to the location from which httpd.exe was started, e.g., "logs/"? |
|
This was a simple compile. No attempts were made to 'port' this in anyway. from mod_evasive20.c: #define MAILER "/bin/mail %s" #define DEFAULT_LOG_DIR "/tmp" // Default temp directory |
|
That's fine, as long as I know. Thanks! Resolving this. Any further issues will be reported separately. |
Date Modified | Username | Field | Change |
---|---|---|---|
2015-07-30 19:29 | LewisR | New Issue | |
2016-01-02 21:34 | psmedley | Note Added: 0003078 | |
2016-01-02 22:13 | LewisR | Note Added: 0003079 | |
2016-01-02 22:19 | psmedley | Note Added: 0003080 | |
2016-01-02 22:35 | psmedley | Note Added: 0003081 | |
2016-01-02 22:35 | psmedley | Assigned To | => psmedley |
2016-01-02 22:35 | psmedley | Status | new => feedback |
2016-01-02 22:39 | LewisR | Note Added: 0003082 | |
2016-01-02 22:39 | LewisR | Status | feedback => assigned |
2016-01-02 22:42 | LewisR | Note Added: 0003083 | |
2016-01-02 23:49 | LewisR | Note Added: 0003084 | |
2016-01-02 23:58 | psmedley | Note Added: 0003085 | |
2016-01-03 00:07 | LewisR | Note Added: 0003086 | |
2016-01-03 00:07 | LewisR | Status | assigned => resolved |
2016-01-03 00:07 | LewisR | Resolution | open => fixed |
2020-08-24 03:07 | psmedley | Status | resolved => closed |