I'm having trouble getting evasive and proxy to work together. Basically I'm trying to use evasive to filter bad traffic and then pass it to my web cluster.
when I enable ProxyPreserveHost On in the proxy config file I get
[Tue Dec 01 17:02:32.474957 2015] [:error] [pid 2881] [client 10.103.242.140:54690] client denied by server configuration: proxy:http://www.google.com/
in the apache error log file.
I'm pointing to google to test and google returns
404. That’s an error.
The requested URL /.noindex.html was not found on this server. That’s all we know.
If I set it to Off it works, but using mod_evasives test.pl script I get 200 ok
below are the config files:
reverse proxy.conf
Code: Select all
RewriteEngine On
ProxyPreserveHost Off
ProxyRequests Off
# ProxyPreserveHost On
<Proxy *>
Order allow,deny
Allow from all
#Allow from 10.0.0.0/8
</Proxy>
ProxyVia On
ProxyPass / http://www.google.com/
ProxyPassReverse / http://www.google.com/
Code: Select all
<IfModule mod_evasive24.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
</IfModule>
Code: Select all
ServerRoot "/etc/httpd"
Listen 80
LoadModule evasive20_module modules/mod_evasive24.so
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
<Directory />
AllowOverride none
Require all granted
allow from 127.0.0.0/8
allow from 10.0.0.0/8
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
<IfModule security2_module>
Include crs/owasp-modsecurity-crs/modsecurity_crs_10_setup.conf
Include crs/owasp-modsecurity-crs/base_rules/*.conf
</IfModule>
<IfModule mod_evasive24.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 30
DOSLogDir "/var/log/mod_evasive"
</IfModule>
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>