apache2 et mod_evasive

cycykewl · Février 21, 2016, 1:35pm

hello …

Sûrement une connerie de conf … mais franchement je ne vois pas …
Mon mod_evasive ne semble pas fonctionner.

# apachectl -M Loaded Modules: core_module (static) log_config_module (static) logio_module (static) mpm_itk_module (static) http_module (static) so_module (static) alias_module (shared) auth_basic_module (shared) authn_file_module (shared) authz_default_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared) cgi_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) headers_module (shared) include_module (shared) mime_module (shared) evasive20_module (shared) negotiation_module (shared) perl_module (shared) php5_module (shared) python_module (shared) reqtimeout_module (shared) rewrite_module (shared) setenvif_module (shared) status_module (shared) Syntax OK

[code]# cat /etc/apache2/conf.d/evasive

mod_evasive

DOSHashTableSize 3097 DOSPageCount 3 DOSPageInterval 2 DOSSiteCount 90 DOSSiteInterval 60 DOSBlockingPeriod 300 DOSEmailNotify "toto@toto.toto" DOSLogDir "/var/log/mod_evasive/" #DOSSystemCommand "/sbin/iptables -I INPUT -s %s -j DROP" DOSSystemCommand "/bin/echo %s >> /var/log/mod_evasive/dos_evasive.log && /bin/date >> /var/log/mod_evasive/dos_evasive.log" #DOSWhiteList 127.0.0.1 [/code]

# perl /usr/share/doc/libapache2-mod-evasive/examples/test.pl HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK

pourquoi ça ne bloque pas ???

lol · Février 21, 2016, 1:35pm

Salut,
Que racontent les logs (apache, mod_evasive…) ?

cycykewl · Février 21, 2016, 1:35pm

bah rien … enfin je vois rien.

# date ; perl /usr/share/doc/libapache2-mod-evasive/examples/test.pl vendredi 26 octobre 2012, 14:39:04 (UTC+0200) HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK

# cat error.log (...) [Fri Oct 26 14:15:04 2012] [error] python_init: Python version mismatch, expected '2.6.5+', found '2.6.6'. [Fri Oct 26 14:15:04 2012] [error] python_init: Python executable found '/usr/bin/python'. [Fri Oct 26 14:15:04 2012] [error] python_init: Python path being used '/usr/lib/python2.6/:/usr/lib/python2.6/plat-linux2:/usr/lib/python2.6/lib-tk:/usr/lib/python2.6/lib-old:/usr/lib/python2.6/lib-dynload'. [Fri Oct 26 14:15:04 2012] [notice] mod_python: Creating 8 session mutexes based on 256 max processes and 0 max threads. [Fri Oct 26 14:15:04 2012] [notice] mod_python: using mutex_directory /tmp [Fri Oct 26 14:15:04 2012] [notice] Apache/2.2.16 (Debian) PHP/5.3.3-7+squeeze13 with Suhosin-Patch mod_python/3.3.1 Python/2.6.6 mod_perl/2.0.4 Perl/v5.10.1 configured -- resuming normal operations

# cat access.log (...) 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?0 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?1 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?2 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?3 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?4 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?5 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?6 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?7 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?8 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?9 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?10 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?11 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?12 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?13 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?14 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?15 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?16 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?17 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?18 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?19 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?20 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?21 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?22 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?23 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?24 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?25 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?26 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?27 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?28 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:04 +0200] "GET /?29 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?30 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?31 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?32 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?33 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?34 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?35 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?36 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?37 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?38 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?39 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?40 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?41 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?42 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?43 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?44 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?45 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?46 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?47 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?48 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?49 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?50 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?51 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?52 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?53 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?54 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?55 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?56 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?57 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?58 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?59 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?60 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?61 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?62 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?63 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?64 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?65 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?66 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?67 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?68 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?69 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?70 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?71 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?72 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?73 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?74 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?75 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?76 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?77 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?78 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:05 +0200] "GET /?79 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?80 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?81 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?82 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?83 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?84 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?85 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?86 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?87 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?88 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?89 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?90 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?91 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?92 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?93 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?94 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?95 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?96 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?97 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?98 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?99 HTTP/1.0" 200 453 "-" "-" 127.0.0.1 - - [26/Oct/2012:14:39:06 +0200] "GET /?100 HTTP/1.0" 200 453 "-" "-"

cycykewl · Février 21, 2016, 1:35pm

# ll /var/log/mod_evasive total 0

lol · Février 21, 2016, 1:35pm

Re,
Testes avec le minimum syndical, tu ajouteras des option quand ça fonctionnera:

<IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 </IfModule>

cycykewl · Février 21, 2016, 1:35pm

j’ai remplacé ma conf par la tienne et relancé apache.

Même résultat.

lol · Février 21, 2016, 1:35pm

Bon…

Problème de droit ?

Que raconte:

cycykewl · Février 21, 2016, 1:35pm

C’est fou cette histoire !

# vdir /var/lock/ total 8 drwxr-xr-x 2 www-data root 4096 11 juil. 2011 apache2 -rw-r----- 1 root root 0 19 oct. 22:58 aptitude drwx------ 2 root root 4096 3 août 16:21 lvm

lol · Février 21, 2016, 1:35pm

Re,
Non, c’est normal:

mkdir -p /var/lock/mod_evasive chown -R www-data:www-data /var/lock/mod_evasive

Un tuto sur le Wiki: isalo.org/wiki.debian-fr/in … od-evasive

cycykewl · Février 21, 2016, 1:35pm

bizarre

# vdir /var/lock/ total 12 drwxr-xr-x 2 www-data root 4096 11 juil. 2011 apache2 -rw-r----- 1 root root 0 19 oct. 22:58 aptitude drwx------ 2 root root 4096 3 août 16:21 lvm drwxr-xr-x 2 www-data www-data 4096 26 oct. 15:24 mod_evasive

Relance d’apache et même résultat.

cycykewl · Février 21, 2016, 1:35pm

il n’y a pas un truc pour foutre mod_evasive en debug histoire de comprendre le bordel ?

lol · Février 21, 2016, 1:35pm

Hum…

cat /var/log/syslog | grep evasive

cycykewl · Février 21, 2016, 1:35pm

# cat /var/log/syslog | grep evasive Oct 26 11:22:01 cr mod_evasive[19231]: Couldn't open logfile /var/log/mod_evasive//dos-78.236.167.225: Permission denied Oct 26 11:22:02 cr mod_evasive[19231]: Couldn't open logfile /var/log/mod_evasive//dos-78.236.167.225: Permission denied Oct 26 11:22:02 cr mod_evasive[19231]: Couldn't open logfile /var/log/mod_evasive//dos-78.236.167.225: Permission denied

Erreurs déjà corrigée ce matin … depuis plus rien …

cycykewl · Février 21, 2016, 1:35pm

ceci dit, je viens de percuter que du coup, cela indique aussi que ça a fonctionné au moins une fois … enfin failli …

lol · Février 21, 2016, 1:35pm

Tu as un simple problème de chemin et de droit sur les fichiers.

cycykewl · Février 21, 2016, 1:35pm

si c’était le cas, ça me cracherait une erreur dans les logs quand même … non ?
J’ai rien là …

lol · Février 21, 2016, 1:35pm

[quote=“cycykewl”]# cat /var/log/syslog | grep evasive Oct 26 11:22:01 cr mod_evasive[19231]: Couldn't open logfile /var/log/mod_evasive//dos-78.236.167.225: Permission denied Oct 26 11:22:02 cr mod_evasive[19231]: Couldn't open logfile /var/log/mod_evasive//dos-78.236.167.225: Permission denied Oct 26 11:22:02 cr mod_evasive[19231]: Couldn't open logfile /var/log/mod_evasive//dos-78.236.167.225: Permission denied

Erreurs déjà corrigée ce matin … depuis plus rien …[/quote]

Tu as corrigé quoi ce matin ?

cycykewl · Février 21, 2016, 1:35pm

bah les erreurs de droit …
Depuis plus d’erreur de droit mais ça ne marche pas mieux

lol · Février 21, 2016, 1:36pm

Ok,

Essaye avec ça dans ta conf:

cycykewl · Février 21, 2016, 1:36pm

# cat evasive <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 DOSLogDir "/var/lock/mod_evasive" </IfModule>

# vdir /var/lock total 12 drwxr-xr-x 2 www-data root 4096 11 juil. 2011 apache2 -rw-r----- 1 root root 0 19 oct. 22:58 aptitude drwx------ 2 root root 4096 3 août 16:21 lvm drwxr-xr-x 2 www-data www-data 4096 26 oct. 15:24 mod_evasive

relance d’apache et même résultat