Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 12-08-2007, 04:00 AM   #1
LQ Newbie
Registered: Jun 2007
Location: istanbul
Posts: 21

Rep: Reputation: 15
Unhappy Mod_evasive and iptables

Hello all users,

I installed mod_evasive and here my config:

LoadModule evasive20_module   /usr/lib/httpd/modules/

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 60
DOSEmailNotify notspam @ notspam. com 
DOSSystemCommand "su - root -c 'iptables -I INPUT -s %s -j DROP'"
Ok no problem in Mod_evasive. But this line does not work
DOSSystemCommand "su - root -c 'iptables -I INPUT -s %s -j DROP'"
Apache error_log says:
standard in must be a tty
How to fix?

Note: i read this topic:
and i try sudo but apache error_log says:
sudo: sorry, you must have a tty to run sudo
if you reply me messages i will be happy. Thanks.

Last edited by lavinya; 12-08-2007 at 04:03 AM.
Old 12-08-2007, 08:22 AM   #2
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
Could you try the full path to the command. If you use sudo, it is often configured to require it. I don't know if the same thing can occur with su.

Looking on the web, every example using this directive has a full path to the command being executed.

Last edited by jschiwal; 12-08-2007 at 08:24 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mitigate Attacks With mod_evasive jeremy LQ Articles Discussion 1 06-22-2007 10:59 AM
Can I install mod_evasive in apache2 when installed from repo? OneBinary Debian 3 04-20-2006 10:11 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
IPtables Log Analyzer from brainlego Linux - Software 0 08-11-2003 06:08 AM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:53 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration