CODEWITHSUNDEEP
apachemod-evasive
Mudasar Yasin
Mudasar Yasin

Reputation: 649

Apache mod_evasive whitelist is not working properlly.

We have weird situation, we have configured mod_evasive with apache 2.4 on Ubuntu 14. we have added google bot IPs in white list(we are maintaining long list of internal and external IPs in white list). But google IPs are still blocked by mod_evasive.

We have checked mod_evasive functionality, it is working fine(we have tested with Apache benchmark tool by adding IP in whitelist). Following is configuration, Originally IP-66.249.66.5 is part of subnet 66.249.64.0/19, but we have added it with 24 and 32 subnet 

   <ifmodule mod_evasive20.c>
   DOSHashTableSize 3097
   DOSPageCount  8
   DOSSiteCount  50
   DOSPageInterval 1
   DOSSiteInterval  3
   DOSBlockingPeriod  600
   DOSLogDir   /var/log/mod_evasive
   DOSEmailNotify  [email protected]
   DOSWhitelist 66.249.66.5 66.249.0.0/16 66.249.64.0/19
   </ifmodule>

   root@ip-10:~# apachectl -M | grep -i ev
    evasive20_module (shared)

Upvotes: 6

Views: 6706

Answers (2)

Dreal
Dreal

Reputation: 157

sometimes you need to block an /17 or /19 and a wildcard doesn't work for this situation. It would be nice if mod_evasive could really handle network subnet specifications.

Upvotes: 1

cherouvim
cherouvim

Reputation: 31928

Based on https://www.linode.com/docs/websites/apache-tips-and-tricks/modevasive-on-apache you should be using wildcards and not subnetting. For example something like the following (which is not exactly what you had with subnetting):

DOSWhitelist 66.249.*.*

Upvotes: 11

Related Questions