mod_evasive
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| mod_evasive [2010/10/08 04:29] – k2patel | mod_evasive [2020/08/10 02:35] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 77: | Line 77: | ||
| **DOSPageCount** | **DOSPageCount** | ||
| + | |||
| This is the threshhold for the number of requests for the same page (or URI) per page interval.\\ | This is the threshhold for the number of requests for the same page (or URI) per page interval.\\ | ||
| Once the threshhold for that interval has been exceeded, the IP address of the client will be added to the blocking list. | Once the threshhold for that interval has been exceeded, the IP address of the client will be added to the blocking list. | ||
| **DOSSiteCount** | **DOSSiteCount** | ||
| + | |||
| This is the threshhold for the total number of requests for any object by the same client on the same listener per site interval.\\ | This is the threshhold for the total number of requests for any object by the same client on the same listener per site interval.\\ | ||
| Once the threshhold for that interval has been exceeded, the IP address of the client will be added to the blocking list. | Once the threshhold for that interval has been exceeded, the IP address of the client will be added to the blocking list. | ||
| **DOSPageInterval** | **DOSPageInterval** | ||
| + | |||
| The interval for the page count threshhold; defaults to 1 second intervals.\\ | The interval for the page count threshhold; defaults to 1 second intervals.\\ | ||
| **DOSSiteInterval** | **DOSSiteInterval** | ||
| + | |||
| The interval for the site count threshhold; defaults to 1 second intervals.\\ | The interval for the site count threshhold; defaults to 1 second intervals.\\ | ||
| **DOSBlockingPeriod** | **DOSBlockingPeriod** | ||
| + | |||
| The blocking period is the amount of time (in seconds) that a client will be blocked for if they are added to the blocking list.\\ | The blocking period is the amount of time (in seconds) that a client will be blocked for if they are added to the blocking list.\\ | ||
| During this time, all subsequent requests from the client will result in a 403 (Forbidden) and the timer being reset (e.g. another 10 seconds).\\ | During this time, all subsequent requests from the client will result in a 403 (Forbidden) and the timer being reset (e.g. another 10 seconds).\\ | ||
| Line 97: | Line 102: | ||
| **DOSEmailNotify** | **DOSEmailNotify** | ||
| + | |||
| If this value is set, an email will be sent to the address specified whenever an IP address becomes blacklisted.\\ | If this value is set, an email will be sent to the address specified whenever an IP address becomes blacklisted.\\ | ||
| A locking mechanism using /tmp prevents continuous emails from being sent. | A locking mechanism using /tmp prevents continuous emails from being sent. | ||
| Line 105: | Line 111: | ||
| **DOSLogDir** | **DOSLogDir** | ||
| + | |||
| Choose an alternative temp directory, default is /tmp. File should look like dos-<IP address> | Choose an alternative temp directory, default is /tmp. File should look like dos-<IP address> | ||
| **DOSSystemCommand** | **DOSSystemCommand** | ||
| + | |||
| If this value is set, the system command specified will be executed whenever an IP address becomes blacklisted.\\ | If this value is set, the system command specified will be executed whenever an IP address becomes blacklisted.\\ | ||
| This is designed to enable system calls to ip filter or other tools. | This is designed to enable system calls to ip filter or other tools. | ||
mod_evasive.1286512198.txt.gz · Last modified: 2020/08/10 02:30 (external edit)