Hi,
I'm currently experimenting with the mod_evasive module for Apache, to protect the server against potential DoS attacks. Here's what I did so far.
# yum install mod_evasive
Don't touch mod_evasive's default configuration, just restart Apache.
# systemctl restart httpd
The package includes a test.pl script supposed to launch a testing DoS attack. Unfortunately this script doesn't seem to work as expected. Here's the only response I get:
# perl test.pl HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request ...
According to the various online tutorials I found, this should more look like:
# perl test.pl HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK ... HTTP/1.1 403 Forbidden HTTP/1.1 403 Forbidden HTTP/1.1 403 Forbidden ...
I tried this on two sandbox machine, one on my LAN, one on a public server, and both times I got the same result.
Any suggestions?
Niki