Just a heads up for anyone thinking of installing mod_evasive (using EasyApache) on a server running Wordpress.
I saw the news this week that mod_evasive was available to install using EasyApache, so I gave it a try. All seemed good for a day or so, until I needed to do some edits in the backend of Wordpress (wp-admin). Firstly, images stopped appearing, then I got blocked completely with 403 Forbidden. I was locked out of the server. Suspecting the newly installed mod_evasive module as the cause, I then accessed the server using another IP and managed to uninstall it. On checking the logs, I noticed that mod_evasive had indeed locked me out.
When this happened, I was editing a table with over 1000 rows, so I guess the large number of requests is what triggered the mod_evasive protection. I have searched quite a bit and can't find any decent suggestions for safe config defaults that would suit most Wordpress usage.
There is discussion online, as to whether mod_evasive is of any real help when under a DOS attack; most say that only a hardware solution can do the job.
I saw the news this week that mod_evasive was available to install using EasyApache, so I gave it a try. All seemed good for a day or so, until I needed to do some edits in the backend of Wordpress (wp-admin). Firstly, images stopped appearing, then I got blocked completely with 403 Forbidden. I was locked out of the server. Suspecting the newly installed mod_evasive module as the cause, I then accessed the server using another IP and managed to uninstall it. On checking the logs, I noticed that mod_evasive had indeed locked me out.
When this happened, I was editing a table with over 1000 rows, so I guess the large number of requests is what triggered the mod_evasive protection. I have searched quite a bit and can't find any decent suggestions for safe config defaults that would suit most Wordpress usage.
There is discussion online, as to whether mod_evasive is of any real help when under a DOS attack; most say that only a hardware solution can do the job.
