Results 1 to 5 of 5
-
11-24-2011, 02:05 PM #1WHT Addict
- Join Date
- Mar 2011
- Posts
- 138
Is this DOSEvasive Configuration Ok?
Will this configuration protect effectively against DoS (not DDoS really I know), in that it'll block 'bad' people semi-reliably, but at the same time let legitimate users in (I know nothing is flawless).
Code:<IfModule dosevasive22_module.so> DOSHashTableSize 1024 DOSPageCount 2 DOSSiteCount 20 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 500 </IfModule>
Thanks, Ed
-
11-25-2011, 06:04 PM #2WHT Addict
- Join Date
- Mar 2011
- Posts
- 138
Anybody know?
-
11-26-2011, 10:08 AM #3Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
Truth be told, mod_evasive is very ineffective and doesn't seem to work with newer versions of Apache, or at least ones with FastCGI. In theory the software is supposed to stop a single user from flooding a website or an overly aggressive bot, but in reality, most REAL DoS attacks against a website will not be stopped.
RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca
www.HostingSecList.com - Security Notices for the Hosting Community.
-
11-26-2011, 11:57 AM #4WHT Addict
- Join Date
- Mar 2011
- Posts
- 138
Do you know of any better ones, or is it really just the best of a bad bunch due to limitations of technology?
-
11-26-2011, 01:53 PM #5Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
I've also been searching for something better that works with Apache to no avail. Some providers have switched to LiteSpeed and Nginx due to their smaller footprint; They tend to handle DoS attacks much, much better than Apache:
http://litespeedtech.com/
http://nginx.org/RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca
www.HostingSecList.com - Security Notices for the Hosting Community.
Similar Threads
-
What configuration is better
By madrigueragdl in forum Dedicated ServerReplies: 21Last Post: 08-02-2010, 02:49 PM -
I could use a little help with configuration
By Tigiot in forum VPS HostingReplies: 7Last Post: 08-15-2009, 12:05 AM -
Which configuration is better?
By dotcomUNDERGROUND in forum Dedicated ServerReplies: 7Last Post: 11-29-2006, 04:58 AM -
dosevasive- how to detect/ unblock certain IPs?
By GeorgeC in forum Hosting Security and TechnologyReplies: 7Last Post: 02-17-2005, 11:04 PM