I Thought To Do A list for all that need protect vs brute force

I Thought To Do A list for all that need protect vs brute force - Printable Version

+- LCKB (https://lckb.dev/forum)
+-- Forum: ** OLD LCKB DATABASE ** (https://lckb.dev/forum/forumdisplay.php?fid=109)
+--- Forum: Guides & Help Section (https://lckb.dev/forum/forumdisplay.php?fid=193)
+---- Forum: Tutorials & Guides (https://lckb.dev/forum/forumdisplay.php?fid=124)
+----- Forum: Ep3 Guides (https://lckb.dev/forum/forumdisplay.php?fid=149)
+----- Thread: I Thought To Do A list for all that need protect vs brute force (/showthread.php?tid=2898)

- devlopianer - 05-15-2015

Protect Apache Against Brute Force or DDoS Attacks Using Mod_Security and Mod_evasive Modules

In this article we will discuss how to install, configure, and put them into play along with Apache on RHEL/CentOS 6 and 7 as well as Fedora 21-15. In addition, we will simulate attacks in order to verify that the server reacts accordingly.

This assumes that you have a LAMP server installed on your system. If not, please check this article before proceeding further.

You will also need to setup iptables as the default firewall front-end instead of firewalld if youâ€™re running RHEL/CentOS 7 or Fedora 21. We do this in order to use the same tool in both RHEL/CentOS 7/6 and Fedora 21.

Step 1: Installing Iptables Firewall on RHEL/CentOS 7/6 and Fedora 21

To begin, stop and disable firewalld:

# systemctl stop firewalld

# systemctl disable firewalld

Disable Firewalld Service in CentOS 6

Disable Firewalld Service Centos 7

Then install the iptables-services package before enabling iptables:

# yum update && yum install iptables-services

# systemctl enable iptables

# systemctl start iptables

# systemctl status iptables

Install Iptables Firewall in Centos 6

Install Iptables Firewall Centos 7

Step 2: Installing Mod_Security and Mod_evasive

In addition to having a LAMP setup already in place, you will also have to enable the EPEL repository in RHEL/CentOS 7/6 in order to install both packages. Fedora users donâ€™t need to enable any repo, because epel is a already part of Fedora project.

# yum update && yum install mod_security mod_evasive

When the installation is complete, you will find the configuration files for both tools in /etc/httpd/conf.d.

# ls -l /etc/httpd/conf.d

mod_security + mod_evasive Configurations

mod_security + mod_evasive Configurations

Now, in order to integrate these two modules with Apache and have it load them when it starts, make sure the following lines appear in the top level section of mod_evasive.conf and mod_security.conf, respectively:

LoadModule evasive20_module modules/mod_evasive24.so

LoadModule security2_module modules/mod_security2.so

Note that modules/mod_security2.so and modules/mod_evasive24.so are the relative paths, from the /etc/httpd directory to the source file of the module. You can verify this (and change it, if needed) by listing the contents of the /etc/httpd/modules directory:

# cd /etc/httpd/modules

# pwd

# ls -l | grep -Ei '(evasive|security)'

Verify mod_security + mod_evasive Modules

Verify mod_security + mod_evasive Modules

Then restart Apache and verify that it loads mod_evasive and mod_security:

# service httpd restart [On RHEL/CentOS 6 and Fedora 20-18]

# systemctl restart httpd [On RHEL/CentOS 7 and Fedora 21]

[Dump a list of loaded Static and Shared Modules]

# httpd -M | grep -Ei '(evasive|security)'

Check mod_security + mod_evasive Modules Loaded