Question posted in 
I am trying to configure mod_evasive for Apache 2.4.6 on CentOS, release 7.5.1804. I got clean install of CentOS, with clean install of Apache without serving any pages or anything (just example index.html saying hello world), and I installed mod_evasive using this tutorial: https://www.digitalocean.com/community/tutorials/how-to-protect-against-dos-and-ddos-with-mod_evasive-for-apache-on-centos-7
Everything works fine, unless i have to run the testing script which should send requests to server and get 403 error because of mod_evasive. Instead, I am getting 400 Bad Request.
I switched firewalld for IPtables, and I have port 80 open, in fact, the example page works ok from browser. Also, SELinux mode is set to permissive.
Any suggestions?
3
Answers
After a few days, I found that there was an error in testing script provided with mod_evasive...
I corrected it and found out that installation was ok.
You will most likely have to change the perl script (usually saved in
/usr/share/doc/libapache2-mod-evasive/examples/test.pl) to make this work, e.g.Original line:
print $SOCKET "GET /?$_ HTTP/1.0nn";Re-worked line:
print $SOCKET "GET /?$_ HTTP/1.0rnHost: 127.0.0.1rnrn";From https://centosfaq.org/centos/apache-mod_evasive-problem-with-testpl/
The issue was not with mod_evasive or its configuration. In my case I had to tweak the configuration of mpm_prefork_module like below to get mod_evasive configuration to work:
Basically fix the number of servers to constant by setting
StartServers = MinSpareServers = MaxSpareServers = {your_magic_number}and setMaxConnectionsPerChild=0, so that no new server processes are spawned and no re-cycling of connections happen, allowing Child to hold infinitely many concurrent connections.Hope this saves your day!