Bug 2428572 - Fedora official build is missing DOSWhitelistUri support
Summary: Fedora official build is missing DOSWhitelistUri support
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: mod_evasive
Version: 43
Hardware: All
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Jan ONDREJ
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-01-11 17:52 UTC by Lonni J Friedman
Modified: 2026-01-20 01:42 UTC (History)
1 user (show)

Fixed In Version: mod_evasive-2.4.0-3.fc43
Clone Of:
Environment:
Last Closed: 2026-01-20 01:42:16 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Lonni J Friedman 2026-01-11 17:52:54 UTC 
The Fedora official RPM for mod_evasive is somehow missing DOSWhitelistUri support, despite it being baked into the 2.4.0 version by default.  Attempts to use the DOSWhitelistUri directive in mod_evasive.conf causes Apache to fail to start with the error:

```
Jan 11 09:27:10 myhost httpd[193507]: AH00526: Syntax error on line 69 of /etc/httpd/conf.d/mod_evasive.conf:
Jan 11 09:27:10 myhost httpd[193507]: Invalid command 'DOSWhitelistUri', perhaps misspelled or defined by a module not included in the server configuration
```



Reproducible: Always

Steps to Reproduce:
1.Install the Fedora mod_evasive package via dnf with `dnf install -y mod_evasive`
2.Uncomment/add a reference to the `DOSWhitelistUri` in `/etc/httpd/conf.d/mod_evasive.conf`
3. Restart httpd
4. Apache will fail to start with the error `Invalid command 'DOSWhitelistUri', perhaps misspelled or defined by a module not included in the server configuration`
Actual Results:
Apache will fail to start 

Expected Results:
Apache should start without issues

Additional Information:
The support for `DOSWhitelistUri` is completely missing from the Fedora build:

This returns nothing:
```
strings /usr/lib64/httpd/modules/mod_evasive24.so | grep DOSWhitelistUri
```

If I git clone the official code (from https://github.com/jvdmr/mod_evasive.git ) and build it using `apxs -i -c mod_evasive24.c` the resulting module has `DOSWhitelistUri` support:
```
strings /usr/lib64/httpd/modules/mod_evasive24.so | grep DOSWhitelistUri
DOSWhitelistUri
```

and apache starts with that build while `DOSWhitelistUri` is in mod_evasive.conf .

I reviewed the koji build.log trying to figure out what is going wrong, but didn't see anything obvious.  I have to wonder if that build is really using `2.4.0`, as that's the only explanation I can come up with for how this build can be missing this support by default.
Comment 1 Jan ONDREJ 2026-01-11 19:19:05 UTC 
Looks like Fedora build still uses patched mod_evasive20.c file. A build for updates-testing will appear shortly. Can you please check and leave comments?
Comment 2 Fedora Update System 2026-01-11 19:24:06 UTC 
FEDORA-2026-c803b14666 (mod_evasive-2.4.0-3.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-c803b14666
Comment 3 Lonni J Friedman 2026-01-11 19:46:17 UTC 
The new build does fix this bug, thanks!
Comment 4 Fedora Update System 2026-01-12 01:34:32 UTC 
FEDORA-2026-c803b14666 has been pushed to the Fedora 43 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2026-c803b14666`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2026-c803b14666

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 5 Fedora Update System 2026-01-20 01:42:16 UTC 
FEDORA-2026-c803b14666 (mod_evasive-2.4.0-3.fc43) has been pushed to the Fedora 43 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.