You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Matthew Jones <m....@hud.ac.uk> on 2017/09/13 08:35:17 UTC

[users@httpd] mod_evasive whitelist question

Hi all

I'm trying to whitelist 10.* addresses so that they¹re not caught by
mod_evasive. I¹ve added the 10.*.*.* range to a DOS whitelist directive in
evasive.conf but it¹s still blocking various 10.* IPs.

Here¹re the contents of evasive.conf:

<IfModule mod_evasive20.c>

DOSHashTableSize        9239
DOSPageCount            5
        DOSSiteCount            32
        DOSPageInterval         1
        DOSSiteInterval         1
DOSBlockingPeriod       60
        DOSLogDir               "/var/log/mod_evasive"
        DOSEmailNotify          <redacted>
        DOSWhitelist            161.112.232.37
        DOSWhitelist            161.112.232.102
        DOSWhitelist            161.112.232.103
        DOSWhitelist            161.112.232.111
        DOSWhitelist            161.112.232.117
        DOSWhitelist            161.112.232.221
        DOSWhitelist            161.112.232.168
        DOSWhitelist            172.17.193.*
        DOSWhitelist            172.17.194.*
        DOSWhitelist            172.17.195.*
        DOSWhitelist            172.20.*.*
        DOSWhitelist            172.22.*.*
        DOSWhitelist            10.*.*.*

</IfModule>

I¹m sorry for the noddy question, but what have I done wrong here? All the
documentation I¹ve found says that you can use multiple DOSWhitelist
directives, with wildacrds used on up to the last 3 octets.


I¹m running Apache2.4 on Ubuntu 14.04, please let me know if any other
information would be helpful.

Thanks in advance for your valueable time.

--
Matt Jones

Senior Network Systems Specialist
x3967
@huddsweb



University of Huddersfield inspiring tomorrow's professionals.
[http://marketing.hud.ac.uk/_HOSTED/EmailSig2014/EmailSigFooter.jpg]

This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate to the business of the University of Huddersfield, then we do not endorse it and will accept no liability.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org