Protect Your Site With Apache2 Mod Defensible

If you have a website on your Debian 10 server you are probably thinking of how you can protect it. There are many tools that you can deploy but there is an Apache2 module that you can install, configure and use in a couple of minutes:

libapache2-mod-defensible

This module will lookup the originating IP of any incoming web request and block it if it’s known as an IP engaging in malicious or illegal behavior.

Installation on Debian 10 is very simple:

sudo apt install libapache2-mod-defensible

Configure mod-defensible by creating a dedicated configuration file under /etc/apache2/conf-available/:

nano /etc/apache2/conf-available/defensible.conf

Paste the following contents:

### Enable mod-defensible
DnsblUse On
### The BlockList hostnames
DnsblServers bsb.spamlookup.net bl.blbl.org opm.blitzed.org sbl-xbl.spamhaus.org

Next, enable the configuration:

a2enconf defensible.conf

Then restart Apache2:

systemctl restart apache2

You can check that mod-defensible is loaded by listing all Apache2’s loaded modules:

apachectl -M

And check for the following line:

defensible_module (shared)