Re: [mod-security-users] Ideas for future features..
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Ideas for future features..
|
From: Ivan R. <iv...@we...> - 2006-02-25 22:46:17
|
Zach Roberts wrote: > Ivan Ristic wrote: > >> Zach Roberts wrote: >> >> >>> I apologize for being absent for most of the discussion. My schedule has >>> been quite full lately. >>> >>> I have been using a forked mod_access_rbl for about a year now. While I >>> don't use it to scan every request that comes in I do use it to control >>> access to two or three files that are accessed quite a bit. For these >>> three files I am using seven different blacklists and I've noticed no >>> drop in performance. >>> >> >> Without a local cache? >> > Just a local DNS cache. Just to double-check: and by that you mean the cache that's in the libresolve library, not a local caching DNS server? >> BTW, even now you can have protection better than with mod_evasive >> using httpd-guardian (http://www.apachesecurity.net/tools/). And, >> in terms of performance, probably faster than what will be available >> in ModSecurity v2.0. >> > I'll look at it. It might prove useful. I am looking for testers. You can even cluster it using Spread. >>> If the functionality works with Frontpage too (mod_evasive >>> does not) it will be all that much better. >>> >> >> That's interesting. What is the problem with FrontPage? >> > It interferes with publishing content via port 80. I meant to ask if you had any specific knowledge of how FrontPage triggers mod_evasive. Does it perform too many request in a short period of time? Anything that would help me avoid the problem ;) -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall Apache Security (O'Reilly): http://www.apachesecurity.net |
