How To Block Spammers/Hackers With Apache2's mod_spamhaus (Debian Etch)

mod_spamhaus is an Apache module that uses DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.


1. Installation

In order to compile mod_spamhaus, you must have apxs2 (APache eXtenSion tool) tool installed.

The follow command will install it:

apt-get install apache2-prefork-dev

Now we need to download the source package present at or download it using wget application and this direct link to the repository:


Next open archive, compile and install module with those commands:

tar zxvf mod_spamhaus05.tar.gz
cd mod-spamhaus
make install

You must add LoadModule directive to the main config file of you're web server to load mod_spamhaus module.

vi /etc/apache2/httpd.conf
LoadModule spamhaus_module   /usr/lib/apache2/modules/


2. Configuration

Before we are able to write our configuration, we should known what directives are supported by mod_spamhaus:

MS_Methods - If the httpd's method used by the visitor match, module verify user's ip address
MS_WhiteList - A simple whitelist file where you can put ip address to bypass
MS_DNS - DNSBL to use. Usefull if you want make a local rbldnsd instance
MS_CacheSize - Number of cached addresses

Now we open config file of our web server in order to write a basic configuration:

vi /etc/apache2/apache2.conf
<IfModule mod_spamhaus.c>
MS_WhiteList /etc/spamhaus.wl
MS_CacheSize 256

Next we create an empty whitelist file:

touch /etc/spamhaus.wl

Finally we restart Apache2:

/etc/init.d/apache2 restart

That's all!


Share this page:

Suggested articles

9 Comment(s)

Add comment


By: Anonymous

I had the same problem....

By: FilipJ

becouse youha apache2.conf probably. you must write it by hand

By: Vassilis

make install ....

apxs:Error: Activation failed for custom /etc/apache2/httpd.conf file..
apxs:Error: At least one `LoadModule' directive already has to exist..

By: Spechal

Too bad it assumes you use apxs2 when you get apxs with yum install httpd and get Apache2


You can create a softlink:

 ln -s /usr/sbin/apxs /usr/sbin/apxs2

By: IzFazt

Can the so called 'custom error' put the IP blocked in the log file or is this always done automaticly ? If not automaticly, what should be the syntax of the custom error so the blocked IP is put in the log?

By: ThcTLo

apt-get install libapache2-mod-spamhaus  ( debian squeeze ) 

wget the mod and dpkg -i, works fine on debian lenny.


By: Won Dering

I was just wondering if spamhaus is a good idea to be applied on a production shared hosting environment.Doesn't it make false positives easily?

By: DnS

Is there anyone who can help me out?

My client has an IP address which is in a range of spamhouse PBL records.

He is being blocked pretty often on http requests, while I'm not, and the only difference between me and my client is that my IP is not registered within the PBL records.


Any advice?