Skip to content

Commit

Permalink
Enable mod_evasive for Apache web server
Browse files Browse the repository at this point in the history 
We're adding [mod_evasive](https://github.com/jzdziarski/mod_evasive)
to our standard build to provide a first tier of defense against
DDoS and related attacks.
  • Loading branch information
@mark-dce
mark-dce committed Mar 14, 2024
1 parent 38db8c7 commit 32c1702
Showing 1 changed file with 7 additions and 6 deletions.
13 changes: 7 additions & 6 deletions roles/apache/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,16 +40,17 @@
become: yes
package: update_cache=yes

- name: install apache passenger module
- name: install optional apache modules - passenger & evasive
become: yes
package:
name: libapache2-mod-passenger
state: present
package: name={{ item }} state=present
with_items:
- libapache2-mod-passenger
- libapache2-mod-evasive

- name: remove default apache site
become: yes
command: a2dissite 000-default

- name: enable apache modules - rewrite, ssl, headers, & unique_id
- name: enable apache modules - rewrite, ssl, headers, evasive & unique_id
become: yes
command: a2enmod rewrite ssl headers unique_id
command: a2enmod rewrite ssl headers evasive unique_id

0 comments on commit 32c1702

Please sign in to comment.