Of all the security threats to your server, few are as difficult to prevent as DoS (denial of service) attacks. A DoS attack occurs when someone with malignant intentions uses software to overload your server with traffic, either through security holes or through standard traffic methods. With a DDoS (distributed denial of service) attack, the initial attacker infects other computers with malware or botnets that then automatically launch a coordinated attack against your dedicated server. DDoS attacks can be launched from hundreds or even thousands of computers simultaneously.
One way to prevent at least some forms of DoS attacks is to use mod_evasive, a free module for Apache HTTP Server. To install mod_evasive on a Linux server running Apache, do the following.
tar xvzf mod_evasive_1.10.1.tar.gz mod_evasive/
/usr/sbin/apxs -cia /usr/src/mod_evasive/mod_evasive20.c
chmod 755 /usr/lib/httpd/modules/mod_evasive20.so
8. Test to make sure it was loaded:
grep -i evasive /etc/httpd/conf/httpd.conf
It should return: LoadModule evasive20_module /usr/lib/httpd/modules/mod_evasive20.so Then type:
php -r ‘phpinfo();’ | grep -i evasive
and you should see mod_evasive listed
Read the documentation to determine the best settings for each one. After that, your server should make an extra effort to evade DoS attacks.