MyTrueHost 
Posted in 
Download mod_evasive from
http://www.nuclearelephant.com/projects/mod_evasive/
$ tar zxvf mod_evasive_1.10.1.tar.gz
$ cd mod_evasive
$ cd mod_evasive
Compile mod_evasive apache module
For Apache 2
$ /usr/local/apache/bin/apxs -i -a -c mod_evasive20.cFor Apache 1.3
$ /usr/local/apache/bin/apxs -i -a -c mod_evasive.c
$ /usr/local/apache/bin/apxs -i -a -c mod_evasive20.cFor Apache 1.3
$ /usr/local/apache/bin/apxs -i -a -c mod_evasive.c
Compilation is done under the assumption that path to apache is /usr/local/apache. If not replace /usr/local/apache with your path to apache.
Edit your httpd.conf [usually located in /usr/local/apache/conf/httpd.conf] and add
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSEmailNotify someuser@somedomain.com
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSEmailNotify someuser@somedomain.com
The values set for the above parameters seems to work well for most cases. You may want to experiment with the values set and fine tune them.
Caution: Although mod_evasive can be quite effective in some cases, in others it can cause more problems by blocking legitimate IPs.
