To prevent DNS Injection attacks,
which are attacks that can inject fake DNS names into your server's cache, you need to add another module to Apache.
Follow these steps
Open a terminal window
Issue the command sudo apt-get -y install libapache2-mod-spamhaus
After the installation completes, issue the command sudo touch /etc/spamhaus.wl.
Issue the command sudo chown -R www-data:root /var/log/apache2/evasive.
With the module installed, open the /etc/apache2/apache2.conf file (using sudo and your favorite text editor) and append the following to the bottom of your configuration file:
MS_METHODS POST,PUT,OPTIONS,CONNECT
MS_WhiteList /etc/spamhaus.wl
MS_CacheSize 256
Save the apache2.conf file and restart Apache so the new module will take effect
No comments :