mod_evasive and SMF - 403 error once after login

Started by kodmasin, November 25, 2014, 01:46:09 PM

Previous topic - Next topic

kodmasin

I just solve problem which was bugging me for while on opensuse 13.1

Problem was that default config for mod_evasive is configured with DOSPageCount set to 2. Then you will get 403 after login. After reload everything is working normally.

Solution is to set DOSPageCount to at least 3.



margarett

Thank you for that info

* margarett has no clue what is mod_evasive. But if it follows the roots of mod_security, it can't be no good...
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

JBlaze

mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.
Jason Clemons
Former Team Member 2009 - 2012

LiroyvH

TL;DR install a proper firewall and put something in front of Apache, like nginx or varnish. :P
(Seriously, mod_evasive can be nice (on large sites), but utterly pointless for most people. Firewall with proper config can usually do a lot more magic.)
((U + C + I)x(10 − S)) / 20xAx1 / (1 − sin(F / 10))
President/CEO of Simple Machines - Server Manager
Please do not PM for support - anything else is usually OK.

Advertisement: