Page 1 of 1
cpanel Apache mod_evasive
Posted: 14 Nov 2017, 04:46
by dvk01
can CSF be updated to use the new Cpanel mod-evasive Apache module
https://blog.cpanel.com/blocking-attack ... d_evasive/
Re: cpanel Apache mod_evasive
Posted: 14 Nov 2017, 06:52
by dvk01
While it probably is a good idea to have the option to integrate with CSF or at least clear instructions on how to add csf to the evasive conf file. I feel at this time it is giving too many false blocks.
The problem appears to occur when you have the server set to use HTTP2 and mod_mpm_event and use a compatible browser like chrome or FF, which by design use multiple simultaneous connections which Mod_evasive sees as DDOS attacks when they are genuine connections
Re: cpanel Apache mod_evasive
Posted: 21 Nov 2017, 16:01
by ForumAdmin
You would have to enable LF_APACHE_403 in csf.conf to trap these. We cannot separate them out as they are not differentiated in the httpd error_log file from other 403 errors.