Prevent DOS attacks with apache2

The apache module that will do the job is called mod_dosevasive. The installation is easy.

Configure the apache2

Edit your httpd.conf (usually located in /usr/local/apache/conf/httpd.conf):
Add:


Then you can restart

  • /etc/init.d/apache2 restart

Be carefull because the options are extremly important. For example if your web application use one file as a controller all the requests will go to this file you will got very often such errors:

client denied by server configuration

Here is a short help on the configuration options