I added this to my Apache conf. setup httpd.
<IfModule evasive2_module>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 5
DOSWhitelist 127.0.0.1
DOSWhitelist 127.0.0.*
DOSWhitelist 192.168.1.*
DOSWhitelist 8.8.8.8
DOSWhitelis (My IP Address)
</IfModule>
...but I still get this warning in my dos log file
Tue Jun 06 22:25:53 2017
PID: 41732
Blacklisting address (My IP Address): possible DoS attack.
I'll have to test the module.
Personally I do not like this module, but people seem to want it so I compiled it.
Quote from: Gregg on June 06, 2017, 04:12:49 AM
DOSWhitelist 127.0.0.1 read more about anova (https://kitchenlola.com/anova-culinary-sous-vide-precision-cooker-review/)
DOSWhitelist 192.168.1.*
DOSWhitelist 8.8.8.8
etc. etc.
I've also just installed the module. Thanks for tip. Is it possible to block a range of IPs. e.g. From 192.168.1.5 to 192.168.1.98
Quote from: fabluzan on September 05, 2017, 09:20:05 PMIs it possible to block a range of IPs. e.g. From 192.168.1.5 to 192.168.1.98
As I stated above I don't like this module or use it. I can only quote the included readme which I won't but you can read it yourself.
It says you can do a range of IPs but it only shows an example using the *, and it does state it's only good for the last octet.
So 192.168.1.* is the only example shown for ranges.
Now Apache can handle 192.168.1.0/8 so maybe the module can handle that as well. But you will have to be brave and experiment. httpd -t is a great little wonder I use all the time after making changes or experimenting with a live server. If Apache says "Syntax OK" then
most times it is and you can restart the server safely. It's bit me a couple times but I just undo the changes and start the server. It's down for what? 5 seconds? I can afford a couple people getting a timeout once. They will try again or they will try again later. If they don't try again, their loss not mine :)
Edit:
Using the CIDR tool at http://www.ipaddressguide.com/cidr#range
This would be how to Whitelist that range of IPs
DOSWhitelist 192.168.1.5/32
DOSWhitelist 192.168.1.6/31
DOSWhitelist 192.168.1.8/29
DOSWhitelist 192.168.1.16/28
DOSWhitelist 192.168.1.32/27
DOSWhitelist 192.168.1.64/27
DOSWhitelist 192.168.1.96/31
DOSWhitelist 192.168.1.98/32
Yes, all 8 of these and only if the module supports it of course.