activating mod_evasive

acdh-oeaw · Feb 7, 2024 · 4fb759b · 4fb759b
1 parent 5f924c4
commit 4fb759b
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/Dockerfile b/Dockerfile
@@ -4,7 +4,7 @@ ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/do
 COPY local /var/www/local
 COPY start.sh /var/www/start.sh
 RUN apt update &&\
-    apt install -y git zip mariadb-client vim lftp &&\
+    apt install -y git zip mariadb-client vim lftp libapache2-mod-evasive &&\
     echo 'syntax on\nfiletype plugin indent on\nset tabstop=4\nset shiftwidth=4\nset expandtab' > /root/.vimrc &&\
     ### PHP config \
     chmod +x /usr/local/bin/install-php-extensions &&\

diff --git a/local/config/vufind/httpd-vufind.conf b/local/config/vufind/httpd-vufind.conf
@@ -12,6 +12,18 @@ AliasMatch ^/resources/themes/([0-9a-zA-Z-_]*)/js/(.*)$ /usr/local/vufind/themes
   <IfModule mod_authz_core.c>
     Require all granted
   </IfModule>
+  <ifmodule mod_evasive20.c>
+     DOSHashTableSize 3097
+     DOSPageCount 2
+     DOSSiteCount 50
+     DOSPageInterval 1
+     DOSSiteInterval 1
+     DOSBlockingPeriod 10             ## Dauer der Blockade der einzelnen IP-Addresse in Sekunden
+     #DOSSystemCommand "echo +%s > /proc/net/xt_recent/badguys" oder "su root -c '/sbin/iptables -A INPUT -s %s -j DROP'"   ## Befehl an das System -> %s ist die SourceIP des Angreifers
+     DOSLogDir "/var/log/mod_evasive"   ## Log-Verzeichnis
+     #DOSEmailNotify root@localhost    ## E-Mail-Adresse für Benachrichtigungen
+     DOSWhitelist 127.0.0.1           ## Lokale Anfragen zulassen. Hier kann man auch einzelne IP-Adressen ausschließen.
+  </ifmodule>
   AllowOverride All
 </Directory>