And behold a white horse

Friday, 30 June 2006

Annoyed that mod_security isn’t going to be included in Debians Etch release I started work on my own replacement.

The way I use mod_referer is three-fold:

  • Block particular referers
  • Block particular user-agents
  • Block accesses to particular URIs

Knowing that naming software is the hardest part I just looked for words beginning with mod – so please see mod_ifier!

Building:

apt-get install apache2-dev
cd mod_ifier/src
make
make install

Using:

LoadModule mod_ifier_module   /usr/lib/apache2/modules/mod_ifier.so
DropAgent lynx
DropAgent links
DropAgent wget

DropReferer gambling-sites.com
DropReferer sex.com

TODO:

  • Allow logging / command executation (firewall dropping.)
  • Allow to match on patterns in URIs (the third usage I use, eg /cgi-bin/formmail.cgi)

Comments welcome… especially since I’m only just getting to grips with the Apache 2.x API

| No comments

 

 

Recent Posts

Recent Tags