From: OSSEC junkie [mailto:ossec.junkie@gmail.com]
Sent: Thursday, January 29, 2009 3:25 PM
To: mod-security-users@lists.sourceforge.net
Subject: Re: [mod-security-users] automated bot prevention

 

Can BruteForce be used for any other page as well?  Lets say a page with a bunch of forms in it.  Besides login, like a captcha page and what not.

 

[Ryan Barnett] Sure, you just need to specify what resource you want to protect.

 

On Thu, Jan 29, 2009 at 12:37 PM, Ryan Barnett <Ryan.Barnett@breach.com> wrote:

From: OSSEC junkie [mailto:ossec.junkie@gmail.com]
Sent: Thursday, January 29, 2009 11:57 AM
To: mod-security-users@lists.sourceforge.net
Subject: [mod-security-users] automated bot prevention

 

Does ModSecurity have any protection against automated bots?  Like spam bots etc lets say to block a user when a max # of sesions per specified connections are reached..?  Anything similar to that possible?

 

[Ryan Barnett] You can certainly do this yourself by utilizing persistent collections.  We have an anti-automation rule set option for our commercial support customers that can track access rates to either the entire site or if you wanted to trigger only on specific URLs you can also implement some Brute Force Detection mechanisms (for login pages, etc…).