How to Secure Apache Web Server with ModEvasive on Ubuntu 18.04 VPS

How to Secure Apache Web Server with ModEvasive on Ubuntu 18.04 VPS

ModEvasive is a brilliant module that works on a web server to counter Distributed Denial of Service (DDoS) and Brute-force attacks.

DDoS attacks overwhelm a web server with a lot of traffic from different sources making a website and web applications inaccessible over a period that the invasion lasts.

A brute force attack is an automated method of accessing a resource on the web by using trial and error method. This kind of attack uses consecutive guesses in login forms to gain access to a system and gain classified information.

With ModEvasive installed and enabled on your system, you can stay away from these kinds of attacks. In this guide, we will show you how to install Apache ModEvasive module on your Ubuntu 18.04 VPS.

Prerequisite

  • A web server
  • A non-root user that can perform sudo tasks
  • Apache web server.

Step 1:
Update Ubuntu Package Index

You should update the package information list before your install any software on your Ubuntu 18.04 server. Run the command below:

$ sudo apt-get update

Step 2:
Install ModEvasive

We can now obtain and install ModEvasive from Ubuntu’s software repository using the command below:

$ sudo apt-get install libapache2-mod-evasive

You can always check if ModEvasive is running  and enabled by running the command below:

$ sudo apachectl -M | grep evasive

You should get the below response from your system

$ evasive20_module (shared)

Step 3:
Configuring ModEvasive

Like most Ubuntu packages, ModEvasive has a configuration file that you can configure depending on your needs. The file is located at /etc/apache2/mods-enabled/evasive.conf.

To make changes to the file, open it with a nano editor:

$ sudo nano /etc/apache2/mods-enabled/evasive.conf

Comment the entries on the file by removing the pound symbol at the beginning of each line. Then replace DOSEmailNotify with your personal email address (e.g. info@example.com).

>The file should be similar to the below text when edited:

<IfModule mod_evasive20.c> 
     DOSHashTableSize 3097 
     DOSPageCount 2 
     DOSSiteCount 50 
     DOSPageInterval 1 
     DOSSiteInterval 1 
     DOSBlockingPeriod 10 
     DOSEmailNotify info@example.com 
     DOSSystemCommand "su - someuser -c '/sbin/... %s ...'" 
     DOSLogDir "/var/log/mod_evasive" 
 </IfModule>

Then, save the file by pressing CTRL + X, Y and Enter.

Step 4:
Creating Log Directory for ModEvasive

On the above configuration file, we specified DOSLogDir as /var/log/mod_evasive this directory is not created by default when ModEvasive is installed. So we need to create it and set the appropriate file permissions.

$ sudo mkdir /var/log/mod_evasive 
$ sudo chown -R www-data:www-data /var/log/mod_evasive

Step 5:
Restart Apache

You can now restart Apache for the changes to take effect

$ sudo systemctl restart apache2

Step 6:
Testing ModEvasive

Once the ModEvasive configuration is in place, we can do some testing to make sure the module is working. There is a built in script that you can use to test ModEvasive on your server. Just run the command below:

$ sudo perl /usr/share/doc/libapache2-mod-evasive/examples/test.pl

If you setup everything correctly, you should get the below output on the terminal screen:

...
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
...

Conclusion

That’s all, your Apache web server is now configured to fight DDoS and Brute force attacks. If you have setup an email server on your server, you should get an email every time ModEvasive blocks an attempted attack on your server.

 

Check out these top 3 Linux hosting services

FastComet
$1.79 /mo
Starting price
Visit FastComet
Rating based on expert review
  • User Friendly
    4.7
  • Support
    5.0
  • Features
    4.8
  • Reliability
    4.5
  • Pricing
    5.0
Kamatera
$4.00 /mo
Starting price
Visit Kamatera
Rating based on expert review
  • User Friendly
    3.5
  • Support
    3.0
  • Features
    3.9
  • Reliability
    4.0
  • Pricing
    4.3
HostArmada
$2.49 /mo
Starting price
Visit HostArmada
Rating based on expert review
  • User Friendly
    4.5
  • Support
    4.5
  • Features
    4.5
  • Reliability
    4.5
  • Pricing
    4.0
  • Do you need the best VPS? Read about our different offers.

How to Enable Apache Mod_Rewrite on an Ubuntu 18.04 VPS or Dedicated Server

In this tutorial, we will cover the basics of enabling mod_rewrite on an Ubuntu
3 min read
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO

How to Host Multiple Websites on an Ubuntu 18.04 VPS or Dedicated Server

This article will show you how to host two or more websites on a single Virtual
5 min read
Idan Cohen
Idan Cohen
Marketing Expert

How to Install Apache Cassandra on an Ubuntu 18.04 VPS or Dedicated Server

This tutorial will help you install and configure Apache Cassandra (an opensourc
3 min read
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO

How to Configure KeepAlive Settings for Apache running on an Ubuntu 22.04 VPS

This guide talks about fine-tuning KeepAlive settings on your Apache web server
2 min read
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top