Re: [mod-security-users] Blocking IPs in ModSecurity from a PHP script
Brought to you by:
victorhora,
zimmerletw
From: Ryan B. <RBa...@tr...> - 2014-01-24 02:12:04
|
You could have PHP execute the following blacklist script to blackillst the IP in local IPTables - http://apache-tools.cvs.sourceforge.net/viewvc/apache-tools/apache-tools/bl acklist Ryan Barnett Lead Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com <http://www.trustwave.com/> On 1/23/14 7:04 PM, "TGWM" <tg...@gm...> wrote: >I have modsecurity2 installed on the server which blocks dangerous HTTP >requests, and also use fail2ban to block brute force. > >I have additional security scripts that run under PHP. > >I would like these scripts to be able to put an IP on the block list too, >either in mod_security or in IP tables. > >Are there scripts around which can handle these bans? >For example, PHP could call a URL on the same server to ban an IP. > >Thank you for help. > > >-------------------------------------------------------------------------- >---- >CenturyLink Cloud: The Leader in Enterprise Cloud Services. >Learn Why More Businesses Are Choosing CenturyLink Cloud For >Critical Workloads, Development Environments & Everything In Between. >Get a Quote or Start a Free Trial Today. >http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clkt >rk >_______________________________________________ >mod-security-users mailing list >mod...@li... >https://lists.sourceforge.net/lists/listinfo/mod-security-users >Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >http://www.modsecurity.org/projects/commercial/rules/ >http://www.modsecurity.org/projects/commercial/support/ > ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |