How to Disable mod_evasive in Apache

disable mod_evasive in apache

mod_evasive is a useful Apache module that blocks malicious traffic, DOS and DDOS attacks. It keeps track of all suspicious IPs and URLs and automatically blocks them. It also automatically logs each incident and emails web admins about it. However, it can be too restrictive at times, and end up blocking relevant website visitors. In such cases, you might need to disable mod_evasive. Let us take a look at how to disable mod_evasive in Apache.


How to Disable mod_evasive in Apache

Here are the steps to disable mod_evasive in Apache.


1. Open Apache Config File

You will typically find Apache config file at one of the following locations, depending on the type of installation:

  • /etc/apache2/httpd.conf
  • /etc/apache2/apache2.conf
  • /etc/httpd/httpd.conf
  • /etc/httpd/conf/httpd.conf

We open it in a text editor

$ sudo vim /etc/apache2/httpd.conf


2. Disable mod_evasive

You can disable mod_evasive by simply commenting the line that loads it. In some Apache installations, it is

#AddModule Mod_evasive.c

In some installations, it is

#LoadModule evasive_module libexex / mod_evasive


#Include conf / mod_evasive20.conf


Basically, look for the line that contains “evasive” in it and comment it with ‘#’.


3. Restart Apache web server

Restart Apache web server to apply changes

$ sudo /etc/init.d/apache2 start [Debian or Ubuntu]
# sudo apachectl restart [RHEL, CentOS or Fedora]


That’s it! Now mod_evasive will be disabled on Apache web server.


About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!