CentOS, mod_evasive log write permissions and email issue

smepie picture smepie · Dec 6, 2013 · Viewed 8.8k times · Source

i'm on CentOS 6.5 now, installed mod_evasive some time ago but email notify and logging never worked...

into messages log i have many lines like this...

mod_evasive[4548]: Couldn't open logfile /var/log/httpd/evasive/dos-157.xxx.xxx.xxx: Permission denied

on CentOS I thought that the owner of the directory /var/log/httpd/evasive should be "apache" and that is with 755.. no way...

then, mailx is already installed and updated... someone says to see into mod_evasive20.c but i can't find this mod_evasive20.c file on my CentOS... where can be? is it possible to send with sendmail instead of mailx? thanks

Answer

Andrea Bravetti picture Andrea Bravetti · Sep 3, 2015

On CentOS /var/log/httpd has permission 700 and is owned by root, so you need to move /var/log/httpd/evasive to /var/log/evasive and do:

chown 0:apache /var/log/evasive
chmod 770 /var/log/evasive

If you use SELinux:

semanage fcontext --add -t httpd_sys_rw_content_t "/var/log/evasive(/.*)?"
restorecon -r /var/log/evasive

And add this line to /etc/httpd/conf.d/mod_evasive.conf:

DOSLogDir /var/log/evasive