Author: P.Gregg (28 Mar 10 6:34pm)
I posted about my experiences with mod_httpbl over in the http:BL Use/Development forum.
Summary - It kept segfaulting my apache (and thus didn't work)...
I went for an alternative approach to read my access_log files, run them through HTTP:BL (using a local dnscache) and then output any discovered "bad" IPs to another file which is read by fail2ban (fail2ban.org). fail2ban then reads this file and bans the IP using iptables.
There are pros and cons to this approach, but I'm quite happy with it.... I may rewrite the iptables banning to remove the fail2ban part so that the firewalling is more timely.