#cd /usr/port/www/mod_evasive
#make install clean
#vi /usr/local/etc/apache24/httpd.conf
and insert If Module ….
<IfModule evasive20_module>
#increases size of hash table. Good, but uses more RAM.
DOSHashTableSize 3097
#Interval, in seconds, of the page interval.
DOSPageInterval 1
#Interval, in seconds, of the site interval.
DOSSiteInterval 1
#period, in seconds, a client is blocked. The counter is reset to 0 with every access within this interval.
DOSBlockingPeriod 10
#threshold of requests per page, per page interval. If hit == block.
DOSPageCount 2
#threshold of requests for any object by the same ip, on the same listener, per site interval.
DOSSiteCount 50
#locking mechanism prevents repeated calls. email can be sent when host is blocked (leverages the following by default “/bin/mail -t %s”)
DOSEmailNotify admin@st.ac.th
#locking mechanism prevents repeated calls. A command can be executed when a host is blocked. %s is the host IP.
#DOSSystemCommand “su – someuser -c ‘/sbin/… %s …'”
#DOSLogDir “/var/lock/mod_evasive”
#whitelist an IP., leverage wildcards, not CIDR, like 127.0.0.*
#DOSWhiteList 127.0.0.1
</IfModule>
# /usr/local/etc/rc.d/apache24 restart