View | Details | Raw Unified | Return to bug 237817 | Differences between
and this patch

Collapse All | Expand All

(-)www/mod_evasive/Makefile (-6 / +5 lines)
Lines 3-13 Link Here
3
3
4
PORTNAME=	mod_evasive
4
PORTNAME=	mod_evasive
5
PORTVERSION=	1.10.1
5
PORTVERSION=	1.10.1
6
PORTREVISION=	1
6
PORTREVISION=	2
7
CATEGORIES=	www security
7
CATEGORIES=	www security
8
MASTER_SITES=	http://www.zdziarski.com/blog/wp-content/uploads/2010/02/
9
DISTNAME=	mod_evasive_${PORTVERSION}
10
DIST_SUBDIR=	apache2
11
8
12
MAINTAINER=	kiwi@oav.net
9
MAINTAINER=	kiwi@oav.net
13
COMMENT=	Apache module to try to protect the HTTP Server from DoS/DDoS attacks
10
COMMENT=	Apache module to try to protect the HTTP Server from DoS/DDoS attacks
Lines 15-23 COMMENT= Apache module to try to protect the HTTP Server from DoS/DDoS attacks Link Here
15
LICENSE=	GPLv2
12
LICENSE=	GPLv2
16
LICENSE_FILE=	${WRKSRC}/LICENSE
13
LICENSE_FILE=	${WRKSRC}/LICENSE
17
14
18
WRKSRC=		${WRKDIR}/${PORTNAME}
19
20
USES=		apache:2.2+
15
USES=		apache:2.2+
16
USE_GITHUB=	yes
17
18
GH_ACCOUNT=	jzdziarski
19
GH_TAGNAME=	ad6e89f
21
AP_FAST_BUILD=	yes
20
AP_FAST_BUILD=	yes
22
AP_GENPLIST=	yes
21
AP_GENPLIST=	yes
23
MODULENAME=	${PORTNAME}20
22
MODULENAME=	${PORTNAME}20
(-)www/mod_evasive/distinfo (-2 / +3 lines)
Lines 1-2 Link Here
1
SHA256 (apache2/mod_evasive_1.10.1.tar.gz) = 07c45139aa313899484a900f0fc162b3e17eb4f60fe474d7f3dd6c9941e95667
1
TIMESTAMP = 1558714532
2
SIZE (apache2/mod_evasive_1.10.1.tar.gz) = 20454
2
SHA256 (jzdziarski-mod_evasive-1.10.1-ad6e89f_GH0.tar.gz) = cbfe4c34416917f6045473354b05a96d5196f19f304fb31a1030b4eefca5385e
3
SIZE (jzdziarski-mod_evasive-1.10.1-ad6e89f_GH0.tar.gz) = 20294
(-)www/mod_evasive/files/patch-test.pl (+11 lines)
Added Link Here
1
--- test.pl.orig	2017-02-22 02:33:36 UTC
2
+++ test.pl
3
@@ -10,7 +10,7 @@ for(0..100) {
4
   my($SOCKET) = new IO::Socket::INET( Proto   => "tcp",
5
                                       PeerAddr=> "127.0.0.1:80");
6
   if (! defined $SOCKET) { die $!; }
7
-  print $SOCKET "GET /?$_ HTTP/1.0\n\n";
8
+  print $SOCKET "GET /?$_ HTTP/1.0\r\n\r\n";
9
   $response = <$SOCKET>;
10
   print $response;
11
   close($SOCKET);
(-)www/mod_evasive/pkg-descr (-26 / +3 lines)
Lines 1-30 Link Here
1
mod_dosevasive is an evasive maneuvers module for Apache to provide evasive
1
mod_dosevasive is an evasive maneuvers module for Apache to provide evasive
2
action in the event of an HTTP DoS or DDoS attack or brute force attack.
2
action in the event of an HTTP DoS or DDoS attack or brute force attack.  It is
3
It is also designed to be a detection and network management tool, and can be
3
also designed to be a detection and network management tool, and can be easily
4
easily configured to talk to ipchains, firewalls, routers, and etcetera.
4
configured to talk to ipchains, firewalls, routers, and etcetera.
5
mod_dosevasive presently reports abuses via email and syslog facilities.
5
mod_dosevasive presently reports abuses via email and syslog facilities.
6
6
7
Detection is performed by creating an internal dynamic hash table of IP
8
Addresses and URIs, and denying any single IP address from any of the
9
following:
10
11
    * Requesting the same page more than a few times per second
12
    * Making more than 50 concurrent requests on the same child per second
13
    * Making any requests while temporarily blacklisted (on a blocking list)
14
15
This method has worked well in both single-server script attacks as well as
16
distributed attacks, but just like other evasive tools, is only as useful to
17
the point of bandwidth and processor consumption (e.g. the amount of bandwidth
18
and processor required to receive/process/respond to invalid requests), which
19
is why it's a good idea to integrate this with your firewalls and routers for
20
maximum protection.
21
22
This module instantiates for each listener individually, and therefore has a
23
built-in cleanup mechanism and scaling capabilities. Because of this per-child
24
design, legitimate requests are never compromised (even from proxies and NAT
25
addresses) but only scripted attacks. Even a user repeatedly clicking on
26
'reload' should not be affected unless they do it maliciously. mod_dosevasive
27
is fully tweakable through the Apache configuration file, easy to incorporate
28
into your web server, and easy to use.
29
30
WWW: https://github.com/jzdziarski/mod_evasive
7
WWW: https://github.com/jzdziarski/mod_evasive

Return to bug 237817