Apache2 mod_evasive DOSSystemCommand not executing the command

Question

I am setting up an apache2 webserver, and I am adding some security to stop bruteforcing attacks. I was gonna use mod_evasive and have another file to run the commands to ban and unban the user. my config is as shown.

<IfModule mod_evasive20.c>
    DOSHashTableSize    3097
    DOSPageCount        10
    DOSSiteCount        20
    DOSPageInterval     1
    DOSSiteInterval     3
    DOSBlockingPeriod   60

    #DOSSystemCommand   "/opt/mod_evasive/ban.sh %s"
    DOSSystemCommand    "/bin/echo testing >> /var/log/mod_evasive/test.txt"
    DOSLogDir           "/var/log/mod_evasive"
</IfModule>

I can run my ban.sh file as www-data perfectly fine. I have the 2nd DOSSystemCommand there as I was testing it. It would not echo to /tmp or the log folder. Is there something I am not doing correct?

Answer 1

I also had my problems with DOSSystemCommand. Here is my solution that worked for me:

sudo mkdir /var/log/mod-evasive/
sudo chown -R www-data:root /var/log/mod_evasive

The owner of the directory and file must be www-data.

DOSSystemCommand    "IP=%s; echo $(date +'%%Y-%%m-%%d %%T')' : '${IP} >> /var/log/mod_evasive/mod_evasive.log;"

If you also want to peronalize your email notifications, add the following

DOSSystemCommand    "IP=%s; echo $(date +'%%Y-%%m-%%d %%T')' : '${IP} >> /var/log/mod_evasive/mod_evasive.log; echo 'Blacklisted IP '${IP}' by mod_evasive\nhttp://www.ip-adress.com/whois/'${IP} | mail -s 'Blacklisted IP '${IP}' by mod_evasive' user@domain.com;