I'm setting up a Centos 7 server, with apache and I have installed mod_evasive.

mod_evasive.conf has:

Code:
LoadModule evasive20_module modules/mod_evasive24.so
I ran the test.pl and I get the following in /var/log/messages

Code:
mod_evasive[6434]: Blacklisting address 127.0.0.1: possible DoS attack.
Therefore, this appears to work correctly.

However, I get no email (I think this a separate issue, so I haven't really covered it here), nor anything in /var/log

I am expecting something to appear in my chosen folder
Code:
DOSLogDir "/var/log/mod_evasive"
This folder is CHMOD 770 and has CHOWN matching what is in /etc/httpd/conf/httpd.conf

For SELinux I changed the context to match that of /var/log/httpd
Code:
system_u:object_r:httpd_log_t:s0
I also tried the context as:
Code:
httpd_sys_rw_content_t
I also tried in
Code:
setenforce Permissive
and it didn't rectify the issue, so I don't think it can be a SELinux problem.

I get nothing in /var/log/messages about mod_evasive trying to log and failing.


Any ideas?