httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luca Toscano <toscano.l...@gmail.com>
Subject Re: [users@httpd] Whitelisting in mod_evasive
Date Wed, 02 Nov 2016 08:42:25 GMT
Hi Matthew,

2016-10-31 16:20 GMT+01:00 Matthew Jones <m.jones@hud.ac.uk>:

> Hello all, first up apologies if this is not the correct place for this
> question. If it’s not, then I’d appreciate a nudge in the correct direction.
>
>
>
> I’m trying to configure mod_evasive so that it whitelists a number of IP
> ranges, in particular our private 10.*.*.* network. I’ve added that range
> to the DOSWhitelist but we’re still seeing blacklisting of 10.*.*.*
> addresses reported by mod_evasive via email.
>

as side note mod_evasive is a third party module not included in the httpd
official release, so we can try to help but it would be better to follow up
with the module's author (even though if I remember correctly the project
is not active at the moment).


>
>
> Here is the content of evasive.conf:
>
>
>
> <IfModule mod_evasive20.c>
>
>         DOSHashTableSize        6400
>
>         DOSPageCount            2
>
>         DOSSiteCount            64
>
>         DOSPageInterval         1
>
>         DOSSiteInterval         1
>
>         DOSBlockingPeriod       60
>
>         DOSEmailNotify          cs-unixsupportteam@hud.ac.uk
>
>         DOSWhitelist            10.*.*.* 172.22.*.* 161.112.232.102
> 161.112.232.103 161.112.232.111 161.112.232.117 161.112.232.221
> 161.112.232.37
>
> </IfModule>
>
>
>
> We’re using apache 2.4.7 on Ubuntu 14.04.05. Please let me know if there
> is any further information which might be of help in diagnosing this.
>
>
>
> I know that mod_evasive is active as I say because it’s reporting the
> blacklisting of those 10.* IPs, so what am I missing about how to configure
> it to whitelist these IP ranges please?
>

Does the module correctly whitelist the other IPs? Can you try something
like:

DOSWhitelist 10.*.*.*
DOSWhitelist 172.22.*.*
...
...

Let me know if anything changes!

Luca

Mime
View raw message