For those of you in the hosting business, or if you’re hosting your own servers and exposing them to the Internet, securing your systems against attackers must be a high priority.

mod_security (open-source intrusion detection and prevention engine for web applications that integrates seamlessly with the webserver) and mod_evasive are two very important tools that can be used to protect a web server against brute force or (D)DoS attacks.

Related Article: How to Install Linux Malware Detect with ClamAV as Antivirus Engine

mod_evasive, as its name suggests, provides evasive capabilities while under attack, acting as an umbrella that shields web servers from such threats.

Install Mod_Security and Mod_Evasive to Protect Apache

In this article, we will discuss how to install, configure, and put them into play along with Apache on RHEL/CentOS 8 and 7 as well as Fedora. In addition, we will simulate attacks in order to verify that the server reacts accordingly.

This assumes that you have a LAMP server installed on your system. If not, please check this article before proceeding further.

• How to Install LAMP Server on CentOS 8
• How to Install LAMP stack in RHEL/CentOS 7

You will also need to set up iptables as the default firewall front-end instead of firewalld if you’re running RHEL/CentOS 8/7 or Fedora. We do this in order to use the same tool in both RHEL/CentOS 8/7 and Fedora.

Step 1: Installing the Iptables Firewall on RHEL/CentOS 8/7 and Fedora

To begin, stop and disable firewalld:

## systemctl stop firewalld
## systemctl disable firewalld

#apache #centos #fedora #redhat #security #centos tips #mod_evasive #mod_security #rhel tips