Comments on: How to protect Apache against DOS,DDOS or brute force attacks

By: Eno

Eno — Wed, 11 Nov 2009 19:14:03 +0000

Real protection is only Load Balancer / Proxy not a mod_ for Apache.

By: rb

rb — Sat, 03 Oct 2009 13:47:57 +0000

I’ve installed mod_evasive, even added some config options I found online to httpd.conf. slowloris still 0wns the server. fail.

By: nima0102

nima0102 — Fri, 10 Jul 2009 21:44:15 +0000

thanks for your solution
I have found mod_security, Is mod_evasive better than mod_security ?? what advantages has?
thanks

By: Anonymous Coward

Anonymous Coward — Tue, 26 May 2009 05:32:57 +0000

mod_evasive has a very limited scope. If you really suffer from an application level DDoS you will feel very weak if this is your only tool. Better look into mod_qos. It has a lot more to offer.

By: Sephi

Sephi — Mon, 18 May 2009 10:51:03 +0000

I don’t think it will block DDos attacks since the requests will come from a lot of different IP addresses.

By: arisnb

arisnb — Fri, 15 May 2009 02:42:46 +0000

Just install or are there something configuration ?