[mod-security-users] blacklist to modsec
Brought to you by:
victorhora,
zimmerletw
From: Peter W. <prw...@gm...> - 2005-03-16 20:13:18
|
Greetings all, I had passed this through to Ivan first, and he said to go ahead and send it out to the list. Some of you may already know this, but I've written a script called blacklist_to_modsec. This is a Perl script that parses blacklist data in the style of Jay Allen's Master Blacklist, and turns it into mod_security rules. It includes support for pulling rules directly from MT-Blacklist's database, if you happen to be using it, and also includes support for running commands to restart your Apache server if necessary. I have been assisted in my endeavor by David Phillips (http://tweezersedge.com/) who has contributed some of the code I used, and who has also done a lot of debugging work. David has, out of necessity, written in some additional functionality that allows the rules to be inserted into an .htaccess file. I'm planning to include this functionality in the main script, but until then, you can drop by his site and ask him about the necessary code. I know that a lot of people only have access to server configuration via .htaccess files, so I think this is an important thing to have. Note, of course, that whoever runs the main Apache server (e.g. your hosting provider) must have the mod_security module enabled before you can make use of it through .htaccess. Full information, documentation, links to relevant blog entries, and code download can be found here: http://prwdot.org/docs/blacklisttomodsec.html Feel free to email me with any questions, concerns, suggestions, etc. Thanks, Peter -- Peter R. Wood | email: prw...@gm... | blog: http://prwdot.org/ |