Группа :: Система/Серверы
Пакет: apache2-mod_evasive
Главная Изменения Спек Патчи Исходники Загрузить Gear Bugs and FR Repocop
<IfModule mod_evasive20.c>
# DOSHashTableSize
# The hash table size defines the number of top-level nodes for each child's
# hash table. Increasing this number will provide faster performance by
# decreasing the number of iterations required to get to the record, but
# consume more memory for table space. You should increase this if you have
# a busy web server. The value you specify will automatically be tiered up to
# the next prime number in the primes list (see mod_evasive.c for a list
# of primes used).
DOSHashTableSize 3097
# DOSPageCount
# This is the threshhold for the number of requests for the same page (or URI)
# per page interval. Once the threshhold for that interval has been exceeded,
# the IP address 2f the client will be added to the blocking list.
DOSPageCount 2
# DOSSiteCount
# This is the threshhold for the total number of requests for any object by
# the same client on the same listener per site interval. Once the threshhold
# for that interval has been exceeded, the IP address of the client will be added
# to the blocking list.
DOSSiteCount 50
# DOSPageInterval
# The interval for the page count threshhold; defaults to 1 second intervals.
DOSPageInterval 1
# DOSSiteInterval
# The interval for the site count threshhold; defaults to 1 second intervals.
DOSSiteInterval 1
# DOSBlockingPeriod
# The blocking period is the amount of time (in seconds) that a client will be
# blocked for if they are added to the blocking list. During this time, all
# subsequent requests from the client will result in a 403 (Forbidden) and
# the timer being reset (e.g. another 10 seconds). Since the timer is reset
# for every subsequent request, it is not necessary to have a long blocking
# period; in the event of a DoS attack, this timer will keep getting reset.
DOSBlockingPeriod 10
# DOSEmailNotify
# If this value is set, an email will be sent to the address specified
# whenever an IP address becomes blacklisted. A locking mechanism using /tmp
# prevents continuous emails from being sent.
# DOSEmailNotify you@yourdomain.com
# DOSSystemCommand
# If this value is set, the system command specified will be executed
# whenever an IP address becomes blacklisted. This is designed to enable
# system calls to ip filter or other tools. A locking mechanism using /tmp
# prevents continuous system calls. Use %s to denote the IP address of the
# blacklisted IP.
# DOSSystemCommand "echo -e `date --iso-8601=seconds`"\t%s" > /var/log/apache2/evasive-blocked.log"
# DOSLogDir
# Choose an alternative temp directory
# By default "/tmp" will be used for locking mechanism, which opens some
# security issues if your system is open to shell users.
# In the event you have nonprivileged shell users, you'll want to create a
# directory writable only to the user Apache is running as (usually root),
# then set this in your httpd.conf.
# DOSLogDir "/var/spool/apache2/mod_evasive/"
# WHITELISTING IP ADDRESSES
# IP addresses of trusted clients can be whitelisted to insure they are never
# denied. The purpose of whitelisting is to protect software, scripts, local
# searchbots, or other automated tools from being denied for requesting large
# amounts of data from the server. Whitelisting should *not* be used to add
# customer lists or anything of the sort, as this will open the server to abuse.
# This module is very difficult to trigger without performing some type of
# malicious attack, and for that reason it is more appropriate to allow the
# module to decide on its own whether or not an individual customer should be
# blocked.
# To whitelist an address (or range) add an entry to the Apache configuration
# in the following fashion:
DOSWhitelist 127.0.0.1
</IfModule>