INSTALLING MOD_EVASIVE & MOD_SECURITY WAFS FOR APACHE
CentOS 6 only – please see this article for CentOS 7:
https://www.digitalocean.com/community/tutorials/how-to-protect-against-dos-and-ddos-with-mod_evasive-for-apache-on-centos-7
Mod_evasive:
Mod_security:
http://www.modsecurity.org/projects/modsecurity/
Install Atomic yum repository:
wget -q -O – http://www.atomicorp.com/installers/atomic | sh
Install mod_security and mod_evasive:
yum install mod_security httpd-devel -y
cd /etc/httpd/
wget https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master –no-check-certificate
tar -xzvf master
mv SpiderLabs-owasp-modsecurity-crs-7528b8b/ modsecurity-crs
cd modsecurity-crs
cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf
cd /usr/src
wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
tar xzf mod_evasive_1.10.1.tar.gz
cd mod_evasive
apxs -cia mod_evasive20.c
Add this to /etc/httpd/conf/httpd.conf:
#Add Mod_Security Ruleset
<IfModule security2_module>
Include modsecurity-crs/modsecurity_crs_10_setup.conf
</IfModule>
#Add Mod_Evasive Ruleset
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 60
DOSEmailNotify sysadmin@cmcrc.com
</IfModule>
Restart Apache:
service httpd restart