mod_evasive is a useful Apache module that blocks malicious traffic, DOS and DDOS attacks. It keeps track of all suspicious IPs and URLs and automatically blocks them. It also automatically logs each incident and emails web admins about it. However, it can be too restrictive at times, and end up blocking relevant website visitors. In such cases, you might need to disable mod_evasive. Let us take a look at how to disable mod_evasive in Apache.
How to Disable mod_evasive in Apache
Here are the steps to disable mod_evasive in Apache.
1. Open Apache Config File
You will typically find Apache config file at one of the following locations, depending on the type of installation:
We open it in a text editor
$ sudo vim /etc/apache2/httpd.conf
2. Disable mod_evasive
You can disable mod_evasive by simply commenting the line that loads it. In some Apache installations, it is
In some installations, it is
#LoadModule evasive_module libexex / mod_evasive
#Include conf / mod_evasive20.conf
Basically, look for the line that contains “evasive” in it and comment it with ‘#’.
3. Restart Apache web server
Restart Apache web server to apply changes
$ sudo /etc/init.d/apache2 start [Debian or Ubuntu] # sudo apachectl restart [RHEL, CentOS or Fedora]
That’s it! Now mod_evasive will be disabled on Apache web server.