Securing Apache for DDOS and Slowlowris
You might know that apache is most popular and commonly used web server. Most of the PHP applications are being hosted on apache. Most commonly used is most commonly attacked also. You might be securing your application on application logic side but securing apache is also very important.
Attacker might just take down your whole server or website with few commands if you have not secured server properly. In this tutorial i will show few commands, through with you can secure your apache.
DDOS
In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet
Commands
sudo apt-get -y install libapache2-mod-evasive
sudo mkdir -p /var/log/apache2/evasive
sudo chown -R www-data:root /var/log/apache2/evasive
Open /etc/apache2/mods-available/mod-evasive.load and append following code.
DOSHashTableSize 2048
DOSPageCount 20 # maximum number of requests for the same page
DOSSiteCount 300 # total number of requests for any object by the same client IP on the same listener
DOSPageInterval 1.0 # interval for the page count threshold
DOSSiteInterval 1.0 # interval for the site count threshold
DOSBlockingPeriod 10.0 # time that a client IP will be blocked for
DOSLogDir "/var/log/apache2/evasive"
DOSEmailNotify admin@domain.com
Save the file and restart apache
Slowloris
Slowloris is a type of denial of service attack tool invented by Robert “RSnake” Hansen which allows a single machine to take down another machine’s web server with minimal bandwidth and side effects on unrelated services and ports
Perform following command
sudo apt-get -y install libapache2-mod-qos
Tweak your settings as per your needs /etc/apache2/mods-available/qos.conf file
Restart Apache.
With just few commands you can make your apache server super secure. Happy Coding, Happy Deploying.
May All your program runs successfully.