February 10th, 2018, 10:59 AM
-
mod_evasive test not logging
I'm setting up a Centos 7 server, with apache and I have installed mod_evasive.
mod_evasive.conf has:
Code:
LoadModule evasive20_module modules/mod_evasive24.so
I ran the test.pl and I get the following in /var/log/messages
Code:
mod_evasive[6434]: Blacklisting address 127.0.0.1: possible DoS attack.
Therefore, this appears to work correctly.
However, I get no email (I think this a separate issue, so I haven't really covered it here), nor anything in /var/log
I am expecting something to appear in my chosen folder
Code:
DOSLogDir "/var/log/mod_evasive"
This folder is CHMOD 770 and has CHOWN matching what is in /etc/httpd/conf/httpd.conf
For SELinux I changed the context to match that of /var/log/httpd
Code:
system_u:object_r:httpd_log_t:s0
I also tried the context as:
Code:
httpd_sys_rw_content_t
I also tried in
Code:
setenforce Permissive
and it didn't rectify the issue, so I don't think it can be a SELinux problem.
I get nothing in /var/log/messages about mod_evasive trying to log and failing.
Any ideas?