I am planning to put up a website which, like any other website, may get DoS attacked. I have installed mod_dosevasive to protect against some degree of application-layer DoS.
I understand that here are the default settings of mod_dosevasive - ( http://www.theserverpages.com/articles/servers/linux/apache/mod_dosevasive_Apache_Module_How-To.html ) <IfModule mod_dosevasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 </IfModule> Any experience how good this default works for the average website? I would prefer to not spend time making changes to this default. Thanks!
