Locked Compile and configure mod_qos to prevent Slowloris DDOS on Apache 2

[Azwan81]

mod_qos is becoming a very popular module for Apache, from

the discover of Slowloris DDoS Attack. It seems, mod_qos is

the best solution for Slowloris attack on Apache 2, but you can

also check mod_evasive, mod_security or http accelerator

“Varnish”. In this post I will try to present a step by step

tutorial how to install mod_qos and configure to prevent

Slowloris DDoS attack.

 

First you should install dev packages to compile mod_qos

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

Now download the latest version of mod_qos from

This is the hidden content, please

• Sign In
• or
• Sign Up

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

Now you can build the module

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

You should see the module compiling and if is everything ok the last lines of compile output should be:

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

If you want to compile qslog just run the following commands:

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

Now you should configure mod_qos. In /etc/apache2/mods-

available/ add 2 files:

1. qos.load with the following content:

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

2. qos.conf with the following content:

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

Now you should enable the module and restart Apache.

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

Now you are ready.

 

To see the attacks from logs you can use qslogs:

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

All Credit Goes To:r0xr00t

Edited November 24, 2012 by Azwan81