[ Server ][ Linux ] centos7 apm(Apache+php+mysql) 설치( mod_evasive ) 후 …
작성일 19-04-30 17:58
페이지 정보
작성자 웹지기 조회 8,976회 댓글 1건본문
아파치님의 AAI-master를 설치하고 계정을 만들어 홈페이지를 접속할 때
새로고침을 빠르게 하다보면 403 오류를 뱉더라.
왜 그런지 검색을 해보니
mod_evasive 설치가 되면서 자동으로 설정이 된다.
아파치님께서 따로 설정하신건 없는 듯..................
파일에 들어가서 확인을 해보니................
vim /etc/httpd/conf.d/mod_evasive.conf
# mod_evasive configuration
LoadModule evasive20_module modules/mod_evasive24.so
<IfModule mod_evasive24.c>
# The hash table size defines the number of top-level nodes for each
# child's hash table. Increasing this number will provide faster
# performance by decreasing the number of iterations required to get to the
# record, but consume more memory for table space. You should increase
# this if you have a busy web server. The value you specify will
# automatically be tiered up to the next prime number in the primes list
# (see mod_evasive.c for a list of primes used).
DOSHashTableSize 3097
# This is the threshhold for the number of requests for the same page (or
# URI) per page interval. Once the threshhold for that interval has been
# exceeded, the IP address of the client will be added to the blocking
# list.
DOSPageCount 2
# This is the threshhold for the total number of requests for any object by
# the same client on the same listener per site interval. Once the
# threshhold for that interval has been exceeded, the IP address of the
# client will be added to the blocking list.
DOSSiteCount 50
# The interval for the page count threshhold; defaults to 1 second
# intervals.
DOSPageInterval 1
# The interval for the site count threshhold; defaults to 1 second
# intervals.
DOSSiteInterval 1
# The blocking period is the amount of time (in seconds) that a client will
# be blocked for if they are added to the blocking list. During this time,
# all subsequent requests from the client will result in a 403 (Forbidden)
# and the timer being reset (e.g. another 10 seconds). Since the timer is
# reset for every subsequent request, it is not necessary to have a long
# blocking period; in the event of a DoS attack, this timer will keep
# getting reset.
DOSBlockingPeriod 30
--------- 생략 -------------
다음과 같은 내용중에서 DOSPageCount 2 를 조금 더 여유있게 수정해주고
centos7의 httpd를 재시작 해주면
페이지 새로고침에서 403페이지가 보이지 않는다.
추천0
비추천 0
댓글목록
장승원님의 댓글
장승원
작성일
DOSPageCount 100
DOSSiteCount 100
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 30