Message Board

http:BL Use/Development

Older Posts ]   [ Newer Posts ]
 Apache2 with BL
Author: E.Adler2   (2 Oct 10 8:15pm)
I have a LAMP server running about 10 vhost sites on a single IP address. Using PSAD with in-line firewall protection for Snort rules etc. I have cron set up to re-sync my IPT lists. I have set up a working honey pot and have already nailed a few bots. The site I am protecting is a CMS that I wrote mostly in php.

Now my question. I would like to set up a auto http:BL. I am using the latest version of apache2. After reading this:

Getting and compiling mod_httpbl (for Apache)
Author: P.Gregg (18 Mar 10 8:21pm)
OK - don't use the above. I found the module was causing multiple segfaults in my apache httpd.

I am not really sure what the best module or way (sync IPTs to a block list) to get bad bots auto blocked. Like I said I am just using a custom CMS I wrote (well most of it) and a LAMP. I have an API key but just don't know what API I should use.

Thanks guys for your contribution to what is a great project!!!!!
Erik (Sweden)
 
 Re: Apache2 with BL
Author: D.Daster   (11 Oct 10 10:27pm)
If you did indeed make this CMS, i reckon you understand the way the httpBL works.

In that case, the best solution i can see is to simply program into the CMS a method for querying the project, and blocking based on the returned data.
 
 Re: Apache2 with BL
Author: E.Adler2   (15 Oct 10 1:00pm)
Yeap, that would be easy to do, but I would like a module that would be useful for others too. I am taking a look at the apache open source code for mod_rewrite and trying to wrap my head around it. As you know the .htaccess uses it. I would like to modify it to work as a fully functioning API for the BL

They were not joking over at apache.org with this statement.

`` Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo. '' -- Brian Moore

All the best
Erik
www.eriks.homeunix.com

Post Edited (15 Oct 10 1:02pm)
 
 Re: Apache2 with BL
Author: H.User5946   (27 Nov 10 1:51pm)
If it helps, I'm working on a mod_perl based module to provide HTTP:bl service for a whole Apache server.

I have it all working, logging and determining if the requester is worthy of "attention" - all I have to do is decide what that attention should be. I'm leaning towards making a generic "run this script with the IP as the argument" - where you could then implement your own way of adding the IP to a firewall, or other blocking action.




do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email