Message Board

http:BL Use/Development

Older Posts ]   [ Newer Posts ]
 Apache2 with BL
Author: E.Adler2   (2 Oct 10 8:15pm)
I have a LAMP server running about 10 vhost sites on a single IP address. Using PSAD with in-line firewall protection for Snort rules etc. I have cron set up to re-sync my IPT lists. I have set up a working honey pot and have already nailed a few bots. The site I am protecting is a CMS that I wrote mostly in php.

Now my question. I would like to set up a auto http:BL. I am using the latest version of apache2. After reading this:

Getting and compiling mod_httpbl (for Apache)
Author: P.Gregg (18 Mar 10 8:21pm)
OK - don't use the above. I found the module was causing multiple segfaults in my apache httpd.

I am not really sure what the best module or way (sync IPTs to a block list) to get bad bots auto blocked. Like I said I am just using a custom CMS I wrote (well most of it) and a LAMP. I have an API key but just don't know what API I should use.

Thanks guys for your contribution to what is a great project!!!!!
Erik (Sweden)
 
 Re: Apache2 with BL
Author: D.Daster   (11 Oct 10 10:27pm)
If you did indeed make this CMS, i reckon you understand the way the httpBL works.

In that case, the best solution i can see is to simply program into the CMS a method for querying the project, and blocking based on the returned data.
 
 Re: Apache2 with BL
Author: E.Adler2   (15 Oct 10 1:00pm)
Yeap, that would be easy to do, but I would like a module that would be useful for others too. I am taking a look at the apache open source code for mod_rewrite and trying to wrap my head around it. As you know the .htaccess uses it. I would like to modify it to work as a fully functioning API for the BL

They were not joking over at apache.org with this statement.

`` Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo. '' -- Brian Moore

All the best
Erik
www.eriks.homeunix.com

Post Edited (15 Oct 10 1:02pm)
 
 Re: Apache2 with BL
Author: H.User5946   (27 Nov 10 1:51pm)
If it helps, I'm working on a mod_perl based module to provide HTTP:bl service for a whole Apache server.

I have it all working, logging and determining if the requester is worthy of "attention" - all I have to do is decide what that attention should be. I'm leaning towards making a generic "run this script with the IP as the argument" - where you could then implement your own way of adding the IP to a firewall, or other blocking action.



You may browse the discussion topics, but you must sign in to post. If you do not have an account, you can create one for free.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–24, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email